mercredi 29 janvier 2020

Forensics detective says Android phones are now harder to crack than iPhones

USB C ports stack

The United States government, as well as US law enforcement agencies, care a lot about iOS and Android encryption. Smartphone data can reveal a lot about terrorists, people who conduct mass shootings, and even general criminals. If officials conduct investigations properly, that data can be used in court as evidence.

That's why there have been lots of headlines recently about the US government trying to convince companies such as Apple to hand over so-called "backdoor" access to our smartphone data.

However, critics argue that the government having easy access to your private data pretty much defeats the purpose of encrypted data in the first place, and Apple (among other companies) have mostly refused to cooperate. According to a new exposé from Vice, though, the government appears to be doing fine with cracking smartphone encryption, with or without help from the smartphone's creators.

At least, that's the case when it comes to most iPhones. When it comes to Android encryption, the job is reportedly getting increasingly more difficult for investigators.

'We can't get into a lot of the Androids.'

Detective Rex Kiser, who conducts digital forensic examinations for the Fort Worth Police Department, had this to say to Vice: "A year ago we couldn't get into iPhones, but we could get into all the Androids. Now we can't get into a lot of the Androids."

Vice's investigation into the matter shows that Cellebrite — one of the most prominent companies that government agencies hire to crack smartphones — has a cracking tool that can break into any iPhone made up to and including the iPhone X. The tool pulls data such as GPS records, messages, call logs, contacts, and even data from specific apps such as Instagram, Twitter, LinkedIn, etc., all of which could be incredibly helpful in prosecuting criminals.

However, that same Cellebrite cracking tool is much less successful with Android encryption on prominent handsets. For example, the tool could not extract any social media, internet browsing, or GPS data from devices such as the Google Pixel 2 and Samsung Galaxy S9. In the case of the Huawei P20 Pro, the cracking software literally got nothing.

"Some of the newer operating systems are harder to get data from than others," Kiser told Vice. "I think a lot of these [phone] companies are just trying to make it harder for law enforcement to get data from these phones … under the guise of consumer privacy."

Android encryption appears better but it isn't foolproof

If you own one of those Android phones just mentioned or even newer phones from those same companies, don't think that your phone is uncrackable. Just because Cellebrite's tool doesn't work doesn't mean investigators can't extract the data they need. The process just becomes more labor-intensive and takes more time and resources. Even a brand new phone, such as the iPhone 11 Pro Max, can be cracked, according to Vice's sources. It just isn't as easy as hooking it up to a cracking tool and watching the data flow.

Related: How does encryption work? Gary explains!

Either way, Vice's article heavily suggests that Android phones are the safer alternative as compared to iPhones if your main concern is security and privacy. After all, law enforcement organizations aren't the only people after your data: criminal enterprises could use the same tools to get your information illegally. For now, this article makes it seem that Android encryption is the way to go to best avoid those situations.

More posts about Android Security



from Android Authority https://ift.tt/36FQDvE
via IFTTT

Aucun commentaire:

Enregistrer un commentaire