603.881.9191
Eric Sun
The celebrity photo leak last month brought the issue of cloud and device security center stage. If these high profile celebrities could have their private material compromised, is the platform safe for anyone? Let’s talk about how the “hacking” happened, how Apple has responded, and its effects on both sides of the law enforcement coin.
 
How It Happened
iCloud automatically backs up photos taken from iOS devices. A group of individuals specifically targeted the iCloud accounts of these high profile celebrities, and gained access to the media inside. Therefore, the hack did not indicate a widespread vulnerability, but instead holes in the “Lost My Password” feature on iCloud and Find My iPhone, which allowed the hackers to brute force these accounts by trying thousands of passwords. In response, Apple has closed these vulnerabilities as well as added a bevy of new encryption features in its latest mobile operating system, iOS 8.
 
How can you protect yourself? Choose a stronger password with capital letters and numbers, and make sure your main e-mail account also has a robust password. There is also the ability to add 2-factor authentication, which requires a user to enter “something they know”, such as a password, along with “something they have”, which can be a text message to another device you own or your fingerprint, which can be read by the fingerprint sensor in new iPhones and next generation iPad and iPad Minis.

Apple Updates in iOS 8
What did iOS 8 bring to the table? Here's the full list of updates that weren't spotlighted during the launch event.
iOS 8 Privacy Updates
 
1. Data Encryption
Feature: Secures user data by encrypting it when it is stored on the device, and again whenever it is transmitted.
Purpose: Data is protected from unauthorized access by the use of encryption keys and passcodes that cannot by accessed by anyone other than the user - including Apple.
 
2. Two-Factor Authentication
Feature: Requires users to verify their identity via SMS or an additional Apple device before being able to make changes to Apple ID account information, log into iCloud on a different device, or make purchases.
Purpose: After the user turns on this feature, there is no way for anyone to access and manage an account other than by using the password and verification codes sent to the noted trusted devices.
 
3. Push Notification Alerts for Suspicious Activity
Feature: When changes are made to a user’s account (new device login, password change, iCloud use, etc.) the user will receive an alert directly to their phone.
Purpose: If a user receives a notification of activity that was not performed by them, it could be an indication that the user’s account was wrongfully accessed.
PublicEye Police Phone

How Does this Affect Law Enforcement?
Today’s powerful smartphones have become an integral part of people’s personal and professional lives. The importance of security has been brought to the forefront with the recent Supreme Court ruling on searching mobile phones that requires law enforcement to obtain a warrant to access an individual’s information on their mobile phone. In the past, law enforcement could go to Apple with a search warrant in order to extract data from a device. With the updated security features on iOS 8, Apple itself will not have access to unencrypted user data.
 
Although this may create hurdles in police investigations, it also offers benefit in two ways: (1) devices are now more secure from unauthorized access by “bad guys”, and (2) law enforcement deploying iOS devices in the field have bolstered security. A key point: any backdoor to a phone or tablet that can be used by law enforcement can also be exploited by hackers.
 
Today, law enforcement officials are using powerful software like PublicEye to mobilize their operations through phones and tablets. This improves productivity and response times while reducing department costs. As the face of crime continues to modernize and involve sophisticated technology, undercover agents, detectives, and the many police departments deploying mobile devices are parrying back through state-of-the art solutions providing them anywhere, anytime access to critical data.

PublicEye Software facilities in iPad
 
Moving Forward
As smartphones continue to mobilize industries, such as finance, education, medicine, and now public safety, the security of these devices has continued to improve, bringing them in line with laptop and desktop security. Since Apple’s announcement, Google has also followed suit, announcing that Android Lollipop would also come with encryption on by default. As law enforcement continues to mobilize with these powerful devices, these updates help fuel a complete solution that has a direct positive impact on lives and property.

The article has no comments  |  Tags: icloud hack, icloud photos, icloud safety, icloud hack police, law enforcement icloud, icloud hack public safety, icloud app, Push Notification Alerts

Leave a comment





 Security code