In the past, were a law enforcement agency to approach Apple with a search warrant, the company would be able to break into an iPhone or iPad and access personal data. With the new operating system security measure, Apple cannot bypass the user password and therefore cannot access data. Essentially, what Apple seems to be trying to do is appease its customers with greater security while at the same time cleaning it’s hands of any potential disputes with law enforcement by creating a system that prevents them from accessing it directly. So were they presented with a warrant, they could essentially do nothing.
However, users may not be as safe from government intrusion as they think.
While media and privacy experts have applauded Apple on its new security measures, iOS forensics experts still offer users words of caution.
One such expert, Jonathan Zdziarski believes that law enforcement can still access devices operating on iOS 8 even without Apple’s help. All they need is for your phone to be powered on and access to a computer you previously used to move data. Zdziarski was able to run his own forensic software and pull from devices running iOS 8 by impersonating a trusted computer to which a user had previously connected their device. “I can do it. I’m sure the guys in suits in the government can do it,” says Zsziarski.
The data siphoning trick presented by Zsziarski does have several limitations however. Police officers or intelligence agents would have to either plant malware on a user’s machine or grab the individual’s computer along with their mobile devices. Additionally, the majority of the information that Zsziarski was able to pull from the devices came from photos and information from third-party applications such as Twitter and Facebook. The data siphoning did not compromise sensitive information such as emails, messages and phone numbers. However, data-dumping methods could potentially be used by law enforcement to gather this information. In order to combat this, Zsziarski recommends that users encrypt their hard drives and power down their devices when going through places such as airport checkpoints.