For the presentation of new Smartphones, it comes down to megapixels, processors, and artificial intelligence. But new luxury-class models are usually also improved with new functions for more safety and privacy. Some of them are embedded in the Hardware, else in system, others in the service Ecosystem of the manufacturer. This is especially true for Apple and Google, whose products combine all three levels.
what is striking about these protection features is that they look like direct reactions to police tactics. Four current examples are:
The most striking in this regard, a illustrate, for the user, but rarely noticeable new feature Apple has in July, with the iOS Update 11.4.1 and now with iOS 12 a step further. The so-called USB Restricted Mode is to prevent that somebody connects to an iPhone or iPad via a USB cable with a forensics-how of the US company gray shift to criminal tracker is sold.
GrayKey the device, the authorities for some months as a bestseller among American police. It should be able to unlock current iPhones and read – provided that it is connected to the confiscated device of a Suspect, and can exchange data with it.
of The USB Restricted fashion but ensures that iOS devices compared to USB devices, such as a Computer, headphones or a GrayKey “stupid”, unless they are unlocked with the Passcode. Electricity is not, for the most part still allowed, however, making the GrayKey forced Unlocking and the subsequent IT-forensics impossible.
Since iOS 12, there are four scenarios in which the limited mode kicks in:
When the iPhone or iPad for more than an hour long-not unlocked or to a USB-connected device when the emergency function is called via the SOS button combination (power button and volume down button at the same time press and hold), if a Passcode entry is required to activate the biometric authentication by Face ID or Touch ID, if three days is not a USB-connected device and the screen lock is active.
Completely without a chance, the law enforcers not, write to the IT forensics Elcomsoft . But their work is more difficult. The official Apple Statement reads: “We have pursuers the greatest respect for the criminal, and we develop our security features, to frustrate their efforts”. The company points out, however, that even Criminals could try to crack stolen i-devices. And that the authorities in less rule of law countries rely on tools such as the gray shift.
Apple wants more
The next new security feature from Apple to encrypt the end-to-end encryption of FaceTime group chats . Up to 32 users can be according to Apple’s information “in a nutshell” video chat, without anyone else listening in, including Apple. So far, there is no possibility to use FaceTime with more than two participants.
The announcement was made immediately after the publication of a letter from Apple to the Australian Parliament, in which the company argued against the planned law on “Assistance and Access Bill”. It would force telecommunications providers to far-reaching cooperation with the authorities, to the development of Surveillance backdoors for the own services.
Apple says: “This is the time, in order to weaken encryption. There is a large risk that we make it easier for Criminals so that the work would not be difficult. (……) It would be wrong, the safety of millions of law-abiding citizens to mitigate, to the few to determine the pose a threat.” So, Apple is increasing its use of encryption technology rather.
Google lock himself out
Also, Google seems to want to with police authorities all over the world to create. In a blog post, Google describes how it comes Android-Back-ups is now encrypted in , even in the backed-up data.
This applies at least for devices with the current Android operating system 9 Pie, such as, for example, the new Pixel 3. A user wants to backup their photos, Videos or text files to Google’s Cloud, generates be device a special key. Which is in turn encrypted with the individual access code (PIN, password or unlock pattern) and then to Google’s Server, where he, with Google’s self-developed “Titan”security chip is secured.
Each access to the key to the release of the Backups, must be authorized by the titanium Chip, using a code derived from the PIN or the password / pattern of the user. Because Google does not know the PINs and passwords for the device user, and exclude it thus from access to the Back-ups.
tens of Thousands of authorities requests
Officially to prevent an unauthorized access by “criminal Google employee or other malicious Insider”. But if Google can not access the user data, can’t give it out to law enforcement officers, even if the a judicial decision is required.
this is Exactly what happens with Cloud Back-ups of Smartphones on a regular basis. Apple has to Pay to the Council of Europe Alone, the US government has made in the group since 2013, more than 55,000 requests for the iCloud data of a total of a total of 203,000 units.
encryption Chip in the Google-phone
“Titan M” comes from Google’s security chip to Smartphones. Initially, however, only on the Pixel 3 and the Pixel 3 XL. And this is the fourth example: The Titan M protects the credentials to Unlock the smartphone and App data in the Background storage of encryption, and the integrity of the operating system code.
for Details, Google has published on Wednesday evening in a blog post, the purpose of the measures is obvious: The Installation of non-genuine versions of Android, Breaking the access barrier due to frequent Try of PINs or passwords, as well as the reading of sensitive data with IT-forensic means to be difficult. Because everything is protected here, is only for someone of interest who has physical access to the device. Whether it is a thief or a COP.
Update : The note on Google’s blog post on Titan-M-Chip was inserted.