A question to the tech savvy guys here.
I was wondering about encryption and smart phones.

Is all the information on I-Pads encrypted, or do you have to add an app or some other function to encrypt your info, Email, text, or tweets? Or is it 'all' just automatically encrypted, with an I-pad, and what about a Blackberry?
Can that info, Email, text...etc be encrypted if you pay for it, or add an app, how is that done?

I do believe you have to 'manually' encrypt your Email, and add purchased internet protection for info, with a PC.
And I'm not sure it's even close to being actually 'protected', like an encrypted I-Pad.

Just curious about the smart phones.

My understanding is that data stored on an iOS device is automatically encrypted when you set up a passcode, so anything stored on it - photos, email, text messages, etc. - are encrypted. However, if you send an email or text message to someone, that outgoing message is not encrypted, so it could be read by anyone on the receiving end. To send encrypted email, you would need to acquire an additional program, or use a web-based service.

For PCs, Windows has BitLocker ( more info here ) that can encrypt the Windows system volume. Other third party encryption tools are available as well. Like iOS, this only affects data stored on the PC, so outgoing emails, etc., would need some sort of encrypting program, such as PGP. For encrypting email, it gets complicated because it requires the recipients take action to be able to un-encrypt it.

No clue about Apple devices, but Blackberry encrypts all under BBM app.

PM me with specific question for Blackberry and I can get an answer..I used to work with them.

Naw Piper....I'm not thinking of, or even considering 'encryption', I'm just curious about it since it has come up with Apple, and seems to be a big deal now.

I could care less who reads my PC, I have nothing 'sensitive' on it, and I don't have a smart phone at all....lol.

Just want to be 'informed' a little more than I am right now.

Thanks Arthonon, very interesting.

I'm not an expert on encryption. This is all I know.

Generally, whatever you're using whether a PC, OSX, or Linux if you're on "https:" you're using ssl through port 443 and it is encrypted in a standard sense. Being encrypted doesn't mean secure though IIRC Comodo security certificates had an issue.

For emails, this is all I have to say, I have a provider with the option to use pgp to encrypt my messages. Of course, I must remember not to encrypt when sending messages to recipients who can't decrypt them (had friends complain about receiving unreadable messages from me). The said provider also gave an option to store the key off their servers so that they themselves cannot decrypt it.

For phone calls, there are apps that can encrypt your call like Redphone (there was a time I used this).

I just finished reading about this :P



that's just a bit of the article, but i guess they use to have a backdoor built into the iOS but don't anymore, or so they say. But yes, sounds like there is some auto encryption

http://www.msn.com/en-us/news/us/apple-u...ocid=spartandhp

I just remembered this but am too lazy to search for it or verify it.

IIRC Apple had an issue with the U.S. NSA or whatever security institution because they wittingly distributed an OS (macs and iphones) with an encryption that even the NSA may have a hard time decrypting. I think I read something about this years ago.

Interesting that you don't have to do a thing....it's just automatically encrypted.
Unreadable by anyone, hackers, or even government officials 'with a search warrant' signed by a Federal Judge.
Even when the owner of the phone 'is'....the government.

I wouldn't have thought that was possible!

Very interesting.
I think this is going to be a very complex subject.
Wonder how it will all turn out.

Yes, for some reason this is coming to my mind also... I was/am under the impression that laws are in place to require backdoor access for commercial encryption products. Could be wrong.

No, Apple uses AES encryption (like everyone else). This encryption scheme uses a variant of either 128, or 256 bits.
That gives the encryption key a possibility of 2^128, or 2^256 different combinations.

A supercomputer (or good gamer laptop) can brute force walking through every possible combination in a given period of time.
What Apple does is if the a "hacker" attempts to crack the security key it wipes the phone after a given number of attempts.
The Government wants Apple to disable that feature while they brute force the phone confiscated from that creep.

So that's the issue. Thanks for bringing that up and saving me a search. The limited attempts did cross my mind.

Wait, isn't that feature on the phone itself? Can't they just take out the SD or sim and crack that without the phone in the way threatening to delete it?

No, we're not gsm-like over here where you switch cell phone providers (countries) by simply replacing sim card. At least not an iPhone.

Yep, that's the issue. I didn't want to bring it up here, I just wanted to know the facts, and the mechanics of it.

It is interesting, from a legal standpoint.
I really don't see the problem with just opening up his phone, and returning it, without any info on how to do it.
But I suppose there are other factors to consider.

I hope we don't get into a political 'argument' here, I hope we stick to the mechanics of it.

it's a major ethical issue. it opens up the door to unconstitutional search and seizure problems, this IMO is one of the biggest threats to privacy we have seen in modern times. this is a huge issue happening right now. if the gov't gets what it wants this time, there will be no end to the privacy invasion.

that is why apple is resisting it so much.

I think they can already read anything they want and this is just a bit of subterfuge to make the abusers over confident. that's just how I roll...

believe me, it's not like that. the encryption is very, VERY difficult to break. there are no simple hacker tricks around it.

the current encryption standard is mathematically unbreakable for all practical purposes. it will be breakable at some point in the future when technology gets faster but with current computational power, even with linked computing, it's just not realistic.

I wasn't following the Apple vs FBI issue so I briefly went through some reports on it. From an article in Marketwatch





I think Apple doesn't have the capability to get into the phone and the issue is Apple creating something that can do it.

I agree, I don't think they can break it. Not even Apple.

But I do believe since they made the encryption, they (Apple) stand the best chance of breaking it.

So....here we are.

What's right, and what's wrong?
After all, these are terrorists, and they know fellow terrorists in this country, and they will kill other innocent people, maybe hundreds.
Makes it a very difficult problem

What's right, what's an invasion of our freedom and privacy?

Or is it all just so Apple can sell more smart phones, to every terrorist and pedophile in the world?

Yeah, what is it?
Tough question.....IMHO.

Very tough questions that even I myself will refrain from discussing them. Apologies if I helped steer it that way.

Anyway to try to get back to the technicalities. This is my opinion since I'm not a certified expert on the matter.

1. The first stumbling block is the threat of deletion after a number of tries.
2. I believe that they're focusing on the password because it uses the embedded key file to unlock the data.
3. I think the reason they want to do this is because if they take the raw data without the key file it will take them trillions or billions of years to decrypt it even with a super computer.

I don't believe for a second that it can't be done, and probably has. They just want it to become commonplace and part of an investigation and not covered up.
Apple is afraid that "if they develop the software to do this" that it will get leaked and people will have it.

I say, if you're so proud of your encryption and this super powerful software, then store it on one of your damned phones "no one can crack" and run it from there. Apparently they believe no one can crack the encryption without their help, so clearly it should be safe on just a phone, right? LOL Too bad they don't trust their programmers to not leak it or keep it secure.

Consider this: android phones are linux, which is open source. People can play with it if they want to. Why should iphones be given security other phones aren't? Indeed, more privacy than your own HOME that they can get a simple search warrant for. Too much importance is placed on these phones. If a terrorist is dumb enough to use it and get caught with it, pull the info.

Sorry, not trying to go PWEC, just pointing out it's getting overblown. I think it's more a marketing ploy to sell iphones because people will now believe they're uber-secure or something. And then will forget to put a passcode on it. LOL