My phone was taken by a known party. It has since been returned, but I would like to determine if they made attempts (failed or successful) to access my personal information. Is there a log that I can access myself? This would be preferred. If not, is this something that can be done via apple or at the apple store?
iPhone 5c, iOS 8
I understood your question - and your concern. I had hoped the fact that the security feature is a tough nut to crack might be of some consolation. Passcodes are almost impossible to guess, unless the guessER has special knowledge of you. The PIN code has been industry standard in the financial world for decades - but alas, a lot of folks use their birthdate or the digits of their street address.
I searched (which I am pretty good at) and found nothing here in the World of Apple that indicates that there is a log file (which I agree that there MAY be) that is user accessible using the iOS features or any other method. Google was not forthcoming either in the time I devoted there.
It is possible that IF this file exists it may not be permanent so that is a running total of all attempts since one first turned on the phone. It could be like a cookie in a browser or somesuch that resets when one gets by the temporary lock out by correctly entering the passcode. Although robust, iOS is not OSX.
If I had an acquaintance that had possessed my phone for a period of time, I would probably rely on subtle interrogation methods. Most times people are terrible liars. Additionally, I would take actions AS IF the damage had occurred. Better safe than sorry.
best luck
ÇÇÇ
I understood your question - and your concern. I had hoped the fact that the security feature is a tough nut to crack might be of some consolation. Passcodes are almost impossible to guess, unless the guessER has special knowledge of you. The PIN code has been industry standard in the financial world for decades - but alas, a lot of folks use their birthdate or the digits of their street address.
I searched (which I am pretty good at) and found nothing here in the World of Apple that indicates that there is a log file (which I agree that there MAY be) that is user accessible using the iOS features or any other method. Google was not forthcoming either in the time I devoted there.
It is possible that IF this file exists it may not be permanent so that is a running total of all attempts since one first turned on the phone. It could be like a cookie in a browser or somesuch that resets when one gets by the temporary lock out by correctly entering the passcode. Although robust, iOS is not OSX.
If I had an acquaintance that had possessed my phone for a period of time, I would probably rely on subtle interrogation methods. Most times people are terrible liars. Additionally, I would take actions AS IF the damage had occurred. Better safe than sorry.
best luck
ÇÇÇ
Yes, I understand about the disable feature after multiple failed attempts. I would like, however, to know if they managed to guess my password and access my phone - or even attempted to access. If no attempt was made, I would feel better believing that it was an honest mistake, picked up accidentally. If, however, my phone was accessed or attempts were made to access, this was intentional and possibly criminal.
You could think of an encounter with this person as a poker game. Look for "tells" in their body language and voice. Inconsistencies in answers to the same question rephrased is a sure thing! No real need for direct accusation, just "feel 'em out". Wouldn't suggest it if your actions here didn't indicate intelligence level adequate for the task. If a cop can do it, why can't you? Worth a try?
Back to the FILE. Know an attorney? Private investigator? Attorney would know a PI. A PI would likely have the tools at hand.
Again, I would take action as if the worst had happened and 'tidy up' later. A shame how some folks are.
Note, I read in another online forum that I could download the iphone configuration utility and access the logs, but after downloading the software, I don't see anything relating to logs. I don't want to mess with it too much without specific instruction for fear of mistakenly changing the phone's settings.
As you know - after a certain number of incorrect attempts - the user is locked out for a period of time
Ergo it is logged somewhere since it is setting off another command
Not sure where that happens and not tech savvy enough to advise you
If 6 attempts are made the iOS device displays
and continue to prevent login
Thanks, ManSinHa, that's what I was thinking as well. The phone has to be storing the information somewhere. I'm just having no luck figuring out where or how to access it.
Thank you, ChitlinsCC. I've searched for a good while myself, hence my last ditch effort in hopes that someone here would have an answer. 😟 The user in this case does have personal knowledge and, although my password is not easily guessed, it comes down to a matter of criminality here. The phone was taken last night and then discreetly returned to a lost & found this morning. I know, if I were to question them, they would say they accidentally picked it up or something, but I have good reason to believe otherwise. If they made any log-in attempts (successful or failed), we have proof that their intent was to gain access to and/or use the information found on the phone and can pursue criminal charges. If not, we have little more than a gut feeling to go on.
As I mentioned previously, I have found posts about using 3rd party developler/configuration software to gain access to information of this nature, but no real guidance on where to look within the programs. Being configuration software, I don't want to play with them too much. I found a video on one of the software programs that appears to possibly support your theory that it would only be a temporary file if it does, indeed, exist. I haven't found much yet on the other software, but will continue to look. I appreciate your input!
It really is, and quite frustrating. After a lengthy call to tech support and speaking with multiplr levels of support/security this morning, I was advised that a log exists on the phone, but no one had any ideas or suggestions as to how it might be accessed. It's a "developer" issue and beyond the scope of the Genius Bar. I've called every iPhone repair place in town, thinking a techy person might have the knowledge and software to do so. No luck. My service provider suggested law enforcement. LE said they don't know of a way to access the info, which I find hard to believe since they can access SO much info during major cases such as kidnappings and such. They were asking me to check Internet history. What the heck? I'm not concerned with whether or not someone was surfing the net on the phone, nor do I think that's where someone with malicious intent would spend their time. I don't want, necessarily, to have anyone tossed in jail, but I certainly want to know if our privacy has been breached or if an attempt to breach our privacy has been made. Ugh! 😟
Did you try posting this query in the developer section of these forums?
Well, at least one thing is cleared up - the file is there, Now to get at it.
When they say "developer" issue, they don't mean a repairman. They mean a programmer or an App 'developed' by an author that works on Apps that address iOS. If an App exists or can be made - a "Developer" is it. Odds are that one exists, but is for a "niche" market.
LE most CERTAINLY has it, but they are not in the business of just fishing for IF a crime has been committed. When they suggested 'internet history' , they were suggesting a low(er) tech way of checking to see if someone has been on your device. But sadly, you are not a wifey checking on her hubby's p*** practices.
I am still going to suggest a Private Investigator - who, like LE, likely have the technology, but aren't as picky about rules and regulations - I would ask one of my several attorney friends or my former FBI Special Agent pal for a referral.
don't be sad - or get mad - get EVEN
ÇÇÇ
Great idea (all this talk of developers, and such) - let's see what the OP thinks... if they want, maybe we could just get this one moved there?
Just to remind you, the OP has stated on more than one occasion that they really don't wanna do this themselves for fear of inadvertently harming the phone - which is why I am an advocate of a professional that has the tool in hand - which may well be a developer-PI-jack-of-all-trades?
Added advantage in the PI course of action is that it would then be seamlessly easy to take LE action with the chain of custody intact - 3rd party and all that. (Maybe I watched too much Magnum PI, et al )
It really IS a matter of Identity Theft as opposed to a true technical question (unless you count the now moot point of whether the file exists)
I doubt very many PIs are iOS developers. And, they're expensive in most areas. Someone in the dev forums may be able to recommend a method, applicatioin or third party service that actually knows how to do this.
Meg St._Clair wrote:
I doubt very many PIs are iOS developers. And, they're expensive in most areas. Someone in the dev forums may be able to recommend a method, applicatioin or third party service that actually knows how to do this.
Regarding your first point, my tongue was firmly in cheek, as yours may be as well(?).
PI pricing is not the issue, identity theft IS and THAT can be VERY expensive.
Yes, I agree with all points and said as much - BUT, my point about chain of custody in future legal proceedings is not only valid but critical - the only option you mention that fits that bill is 3rd-party service. This is no longer solely a tech question, as the OP has opined.
best regards, as always
ÇÇÇ
If someone untrustworthy has had physical access to your phone, it is safest to simply assume that it has been compromised. Restore the phone from a backup made prior to the incident and change any account passwords. If you have sensitive personal information - such as credit card numbers, social security numbers, bank account numbers, etc - in unencrypted form on your phone, those should be assumed to have been compromised as well and monitored carefully. (And, in the future, don't put this kind of information on your phone unless it is locked up in an encrypted file of some kind, such as in an app like 1Password.)
As to whether you can determine whether the phone was actually accessed... I think you're chasing your tail on that one. It certainly may be possible that the failed lockscreen login attempts are logged somewhere, but if so, what those logs might tell you doesn't necessarily mean anything. For example, with physical access, someone could connect the phone to a computer and use special software to download data, without unlocking the phone.
Is there a way to see list of log-in attempts on iphone?
