My Photo Hangout

Mark's Other Hangouts
Mark's Photo Hangout
Syndicated RSS Feed
Entries by Category

Entries in security (2)

Wednesday
May042011

Excellent Reason to Encrypt iOS Backups

iTunes offers the ability to encrypt your iOS backups that are stored on your computer.  Turning this feature on or off is done via a simple checkbox on the iOS device's summary page in iTunes.

(click image to expand)

Encrypting the iOS backup on your computer helps protect your personal data in the event someone gets their hands on your computer or hard drive.  But, according to Josh Sunshine at gigaom.com, there's another excellent reason to encrypt your iOS device backups:

There are other, non-security related reasons to encrypt your backups, too. If you restore a new iOS device from a backup of an old one, usually passwords such as mail account passwords aren’t stored, and you’ll have to enter them again on the new device. However, if your backup was encrypted, the passwords will be kept, making the transition to a new device that much easier.

Now that is terrific news!  Every time I've upgraded to the latest iPhone I've had to reenter all of my email passwords.  It's nice to know that checking a little box can not only provide better security on my computer, but also prevent excessive hassle when upgrading to the latest and greatest iOS device!

Thursday
Apr212011

iPhone 4 Tracking Brouhaha

Yesterday, a pair of security researchers (Alasdair Allan and Pete Warden) announced the discovery that the iPhone 4 and iPad 3G are regularly recording the position of the device to a hidden consolidated.db cache file.  Their "discovery" spawned a whirlwind of controversy, including this morning's news of a letter sent to Apple CEO Steve Jobs by Senator Al Franken (D-MN).

Today, network security and forensics expert Alex Levinson stepped forward to explain that the hidden consolidated.db cache file is neither new nor secret.  In fact, the existence of the file was mentioned in iOS Forensic Analysis: for iPhone, iPad and iPod touch, a book to which Levinson was a contributor.  The book was released on December 5, 2010.

For me, it's much ado about nothing.  Anyone carrying any sort of mobile phone can be tracked by their mobile provider.  I guess if I was engaged in criminal activity or I was cheating on my spouse, I might have more reason to be concerned.  But the moment I started carrying a mobile device that relies on cellular towers or WiFi hotspots, and features a GPS chip to determine its position, it was pretty easy to figure out that my movements could be tracked.

By the way, Android OS device owners should take note that their devices are tracking position into a similar cache file.  Though, it appears the Android OS does not keep a very long record.