Hi, this is Wayne again with a topic “$900,000 to unlock your iPhone”.
Thank you to LastPass for sponsoring a portion in this article. We all like to think this is us that the information on our phones are so important that everybody’s out to get it and for the most part that isn’t true, but that’s not to say that security isn’t important. The FBI saying it is now hacked into that iPhone. A tense fight is playing out between Apple and the FBI. Over security, the FBI said it has to retrieve the data, but so far has not offered any specifics.
Can you imagine spending almost a million dollars to unlock your phone? It’S revealed that the FBI paid nine hundred thousand dollars to get access to a locked iphone. This is something that we knew existed. We thought it was limited to older generation, iPhones five, six and seven, but then enter a device called grey key that recently unlocked and gave governmental access to an iPhone 11 pro one of the newest generation of phones with the most cutting-edge security available. So the way this grey key works, it’s not using any sort of biometrics or it’s not hacking the secure enclaves using passcode to get access to that locked information and, prior to iOS 12, there was an exploit where you know you enter your code a few times Wrong because your phone’s locked for a year there was a way to get around that and that’s what grey key was exploiting that was patched. Naya was 12 and we thought those brute force exploits would go away with it, but it turns out there are still ways to get past it. So if you’re wondering what the secure Enclave is modern Apple products, so those that have either touch ID or face ID have a secure Enclave. Essentially a separate processor that boots completely separately from your device keeps all your information secure. Essentially, what that’s gon na do the tiny bit of storage for megabytes, allegedly that encrypts and decrypts all of information, so all of your stuff stays on your phone.
It never goes to Apple, it’s not accessible by any third-party apps or first-party apps on your phone and it’s all going to stay completely encrypted and secure on your device. So the government has essentially gone on the record, asking Apple to put backdoors into their software ways. The government can sort of have access to someone’s phone and they feel they need to criminal a terrorist whomever it might be in thus far Apple, as you mean really stalwart with a very firm.
No, we won’t put that into our devices. Think of a backdoor on the phone like a lock, and if you don’t have the key, then you can never go inside. But the idea here is that the government would have the key and they’d be the ones who could determine whether or not it’s appropriate to use set key to get into your phone and in ideal worlds. Perhaps it wouldn’t make sense. There’S a criminal who has some information on a terrorist cell on their phone.
It would make sense, get access to that crack. The cell keep everybody safe, that’s sort of an ideal world and I don’t want to get political here, but there’s potential that that could be misused and anytime there’s great power quote Uncle Ben comes great responsibility, and are we gon na trust the government to use that Judiciously – and I’m not here to answer that question but Apple thus far said no, we don’t want to give that power over to entity that we don’t have control over. We believe in security for our users, that’s why a lot of people are buying iPhones now, because that’s purana qila, if this information will theoretically be protected or as by other manufacturers potential at those backdoors may in fact exist, and I think the big problem with the Backdoor isn’t necessarily governmental, it’s that other people, nefarious folks, might get access to that key. Had the information that’s stored on your phone, my phone or anybody’s phone that they choose, so I’m not here to discuss politics or get political assimilation between Apple and a government.
But what is very clear from the story that the secure Enclave does work? The way that government got access to these phones, what’s your the passcode and fortunately that’s something that we can do something about so before we continue with the video. Let me tell you a bit about our sponsor LastPass, remembering passwords is a pain and then this age of security consciousness, it’s important to have longer more secure, passwords and LastPass is the perfect answer for that. It’Ll automatically generate passwords for you, it’ll keep track and store and encrypt your passwords automatically fill in passwords on your desktop or your mobile phone.
What it means is essentially only have to remember the password for your LastPass application and then it’ll do the work for you. So it lasts fast. You get unlimited password storage.
You can store as many passwords as you want. You get cross device syncing and you get free password sharing. If you want to share your pass or certificate other, you could send a link that would directly share just that password that you chose. So you get a lot of these awesome last pest features totally free. If you want more advanced features like multi-factor authentication options and emergency access, you can always upgrade to LastPass premium. So now you no longer have to have that same one password for everything.
You’D have to go through the arduous steps of resetting passwords, remembering your mom’s maiden name or your teacher’s name from kindergarten or your high school mascot. The LastPass just makes it easy for you, remember your one LastPass password and that’s it. So if LastPass sounds awesome to you want to give it a shot, hit the link down below and again a big thank you to last fast for sponsoring that portion of the video if these systems are using brute force, the best way to combat brute forces kinda With brute force yourself make your passcode as long as possible Apple gives you the option to set a six digit passcode. You can do that. If I don’t move in a step further, you could change that path, but every week or month you also setup an alphanumeric passcode. We could set up a word or a combination of letter symbols and numbers to make it even more secure. You have the tools built right in your phone to combat these brute force style attacks, if you just know where to look and how to set them up another way to serve combat theft in the physical theft of your device on the Apple side, turn on Find My iPhone, so you can remotely wipe your phone if somebody steals it. If somebody tries to activate your phone after they reset it, you can get alerted.
You can find where that phone is that, obviously you can do tracking on it. Just gives you a lot of control over your phone, even when it’s not physically your hand, and there are other things you can do things like two-factor authentication that is definitely not unique to Apple. It works on Android, a lot of third-party apps and website used to factor in different ways. You can do it if you want to log in you know the password it’ll text, you a code to your phone, another layer of security. You could use third-party authentication apps. We have a security key. You could have to use another device within Takai the second device. It just gives you another layer of protection. Another factor to keep your information secure so face ID and touch ID are really nice security measures, but there could be times where you’re worried that somebody, without your knowledge or permission, might unlock your phone with your face or your thumb, something very easy. You can do to eliminate that worry. Just go through the motions of turning off your phone essentially hold down the power button. The volume button until you get the screen that prompts you to slide to power off now, don’t power it off, but from this screen the only way to get back to your phone is with the passcode.
It turns off touch ID and face ID here, the general school of thought that the iPhone has been more secure than Android and that’s not to say that aren’t Android devices that are equally secure, but because there’s so many different variants of Android different manufacturers, different carriers, Different skins, different Android versions that are being supported, double of security, that Google can offer, isn’t as consistent as Apple and one of the Knox people give Apple sort of their walled garden. But the flip side of that argument is that they control everything and because they control everything. Theoretically, at least they have more control over the security or in sometimes lack thereof, so with Android having different manufacturers, making different phones having different phones or any different versions of the operating system. There’S different layers and different cracks for bugs to get through and exploits to be exploited more than you would have on an iPhone that was made by Apple, which were the updates are generally more consistent.
Now perhaps the exception to that would be something like the pixel who Google is regularly pushing out these security updates. Since, when you get these updates, they don’t seem like flashy new features, generally they’re, just security updates, but those do big things behind the scenes to keep your phone generally more secure, perhaps from the benefits of Android the openness of it that apps can be installed outside Of the Play Store sometimes is awesome and amazing and unlocks new features, but sometimes you don’t get the security of the apps being scanned by google and you could end up and a lot of security trouble. And none of this is to say that the iPhone is perfect. Clearly there are exploits and bugs that have been used to get access to phones and one thing that was interesting: that people don’t generally think about.
Well, you have the secure Enclave on your phone. Are you doing iCloud backups? Are you sending all your information to the cloud that secure Enclave doesn’t exist where Apple does have access to your data and they have given that information over to government agencies? If any of that sounds scary to you, like everything we’ve talked about, there are ways to protect yourself and ways around it. Don’T do iCloud backup, backup locally to your computer, where you have control over those backups, so you may want to turn off things like iMessage and, yes, I messages are encrypted, but again it’s on the device when you do that, iCloud backup those things get sent to The cloud and are visible by app or whomever Apple gives those backups to this may want to consider either turning off that part of iMessage or using a third-party messaging app that doesn’t backup into cloud and fully encrypted. I personally have chosen to use telegram. I switch to Android about a month ago and I’ve enjoyed using it. It had its issues at launch with security and howlite encryption might be on it, but it’s given me most of the functionality of iMessage completely cross-platform, so these are just ways to keep your information.
Secure giving you the power to decide what you want to do with the information you might for the school of thought that I have nothing to hide. Why do I care and that’s your prerogative, what you choose to do with the information? But if you are concerned and if you’re worried about somebody, you don’t want to have access to your information, the general thought is be wary of the cloud. Be aware of your information, be careful of your pass codes and just generally think about your information more than you. Perhaps you already do so. This whole story boils down to a question of trust.
Do you trust the manufacturer, your phone or operating system, to keep your information secure? We can open up an iphone you can see what’s inside, but we can’t access. That’S a cure Enclave. So do you have that level of trust with that manufacturer? That’S a question only you can answer. Perhaps a bigger level of concern is significant other or somebody unlocking your phone with their face or finger brap, Slayers sleeping or not paying attention, but your security information on your phone. It’S gon na come down to whether or not you believe the word of the manufacturer, whether you do or not, it’s a question that really only you can answer.
.