{"id":990,"date":"2009-07-24T12:53:48","date_gmt":"2009-07-24T11:53:48","guid":{"rendered":"http:\/\/blog.intego.com\/?p=990"},"modified":"2012-12-12T13:49:03","modified_gmt":"2012-12-12T21:49:03","slug":"is-iphone-encryption-good-enough","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/","title":{"rendered":"Is iPhone Encryption Good Enough?"},"content":{"rendered":"<p><img src=\"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg\"><\/p>\n<p>In a <a href=\"https:\/\/www.intego.com\/mac-security-blog\/tidbits-looks-at-iphone-3gs-security-features\/\">recent article<\/a>, we discussed the iPhone&#8217;s hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that this hardware encryption was reliable. In his article, Mogull says, &#8220;Assuming you follow my other recommendations, it&#8217;s highly unlikely even a knowledgeable attacker could break into a lost phone and retrieve your data.&#8221;<\/p>\n<p>But it turns out that Mogull is wrong; or at least according to Jonathan Zdziarski, an iPhone developer and teacher of an <a href=\"http:\/\/www.zdziarski.com\/forensics_seminar\/\">iPhone forensics workshop<\/a>. In a <a href=\"http:\/\/www.wired.com\/gadgetlab\/2009\/07\/iphone-encryption\">Wired article<\/a>, Zdziarski is quoted as saying, \u201cI don\u2019t think any of us [developers] have ever seen encryption implemented so poorly before, which is why it\u2019s hard to describe why it\u2019s such a big threat to security.\u201d He also claims that it is as simple to get data from an iPhone 3G as it was on previous models, and that simple, free software allows malicious users to quickly access data. &#8220;Live data can be extracted in as little as two minutes, and an entire raw disk image can be made in about 45 minutes.&#8221;<\/p>\n<p>Well, we&#8217;re not going to choose sides and get involved in this debate: one security researcher says that the iPhone is secure, and another doesn&#8217;t. Like in many areas, people do disagree. Perhaps the best advice we can give is not to store any truly confidential data on your iPhone; for example, don&#8217;t keep credit card numbers there, because if you lose the phone, whether it takes minutes or hours, a hacker might be able to find that number. Getting physical access to any device, be it a cellphone or a computer, greatly increases the possibility that a hacker will access your data. So don&#8217;t lose your phone, and don&#8217;t leave anything sensitive on it.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a recent article, we discussed the iPhone&#8217;s hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that this hardware encryption was reliable. In his article, Mogull says, &#8220;Assuming you follow my other recommendations, it&#8217;s highly unlikely even a knowledgeable attacker could break into a lost phone and [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[7,13],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"In a recent article, we discussed the iPhone&#039;s hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Is iPhone Encryption Good Enough?  - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"In a recent article, we discussed the iPhone&#039;s hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2009-07-24T11:53:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2012-12-12T21:49:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/\",\"name\":\"Is iPhone Encryption Good Enough? - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage\"},\"datePublished\":\"2009-07-24T11:53:48+00:00\",\"dateModified\":\"2012-12-12T21:49:03+00:00\",\"description\":\"In a recent article, we discussed the iPhone's hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Is iPhone Encryption Good Enough?\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Is iPhone Encryption Good Enough?\",\"datePublished\":\"2009-07-24T11:53:48+00:00\",\"dateModified\":\"2012-12-12T21:49:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage\"},\"wordCount\":301,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg\",\"articleSection\":[\"Apple\",\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"In a recent article, we discussed the iPhone's hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/","og_locale":"en_US","og_type":"article","og_title":"Is iPhone Encryption Good Enough?  - The Mac Security Blog","og_description":"In a recent article, we discussed the iPhone's hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that","og_url":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/","og_site_name":"The Mac Security Blog","article_published_time":"2009-07-24T11:53:48+00:00","article_modified_time":"2012-12-12T21:49:03+00:00","og_image":[{"url":"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/","name":"Is iPhone Encryption Good Enough? - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage"},"datePublished":"2009-07-24T11:53:48+00:00","dateModified":"2012-12-12T21:49:03+00:00","description":"In a recent article, we discussed the iPhone's hardware encryption. Linking to an article on TidBITs, written by Rich Mogull, we relayed his belief that","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Is iPhone Encryption Good Enough?"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Is iPhone Encryption Good Enough?","datePublished":"2009-07-24T11:53:48+00:00","dateModified":"2012-12-12T21:49:03+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#webpage"},"wordCount":301,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/is-iphone-encryption-good-enough\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/images\/iphone.jpg","articleSection":["Apple","Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-fY","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/990"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=990"}],"version-history":[{"count":0,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/990\/revisions"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=990"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=990"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=990"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}