this post was submitted on 03 Mar 2024
456 points (83.1% liked)

Memes

45704 readers
1078 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 

I don't care if anyone has a Xiaomi, Oneplus, Samsung, etc. Each brand is using a modified version of Android, and they chose to be compatible with each other. But for example the "blue vs green bubble" drama is a thing specifically because of Apple locking their unsuspecting users into a closed ecosystem. And it sure isn't Android's fault for not being compatible with it.

The more power a company like this gains, the worse will it be for the whole industry.

you are viewing a single comment's thread
view the rest of the comments
[–] xor@infosec.pub -2 points 8 months ago (5 children)

cops can't crack my iphone, but they can pop most androids instantly...

end of discussion

[–] smileyhead@discuss.tchncs.de 2 points 8 months ago* (last edited 8 months ago) (1 children)

Shows cop a PinePhone with main partition encrypted with LUKS

[–] xor@infosec.pub 1 points 8 months ago

i'm a big fan of pinephone and pine64...

[–] Mahonia@lemmy.world 1 points 8 months ago (1 children)

Much of your data can just be subpoenaed and then provided to law enforcement without physical access however. Apple complies 90% of the time.

https://www.theguardian.com/technology/2022/sep/23/apple-user-data-law-enforcement-falling-short

Also, there are ways that LE can bypass your iphone's encryption. Just doesn't work all the time.

https://www.vice.com/en/article/4ag5yj/unlock-apple-iphone-database-for-police

GrapheneOS, based on AOSP, is really the only truly private and secure option. Android offering interoperability is not a downside and Apple having a walled garden does not mean it provides increased security. Apple is decidedly not transparent and this is ultimately not a good thing.

[–] bloodfart@lemmy.ml 4 points 8 months ago

You’re talking about data stored in the apple cloud (I think without the account recovery turned off, but I’m not 100% on that). The same is true of googles cloud services.

Agencies haven’t been focusing on getting the actual texts that say “here I go, doing something you don’t like!” For quite a while because of the amount of variability involved. What I hear spooks talking about is building enough pc for a rubber hose interrogation with unsecured parallel data streams like push notifications.

[–] BCsven@lemmy.ca 1 points 8 months ago* (last edited 8 months ago) (1 children)

Only if user isn't using encryption ( which is standard these days ) or has developer mode usb debugging left open

[–] xor@infosec.pub 0 points 8 months ago (1 children)
[–] BCsven@lemmy.ca 2 points 8 months ago

So I see a company thay duplicates phones, with no source on cracking encryption, other than their own company got hacked. And if you have a GrapheneOS phone you can shut off external USB. like connecting a cord , headset to computer does nothing unless you can login to phone and turn the USB option on.

[–] Mango@lemmy.world 0 points 8 months ago* (last edited 8 months ago)

They don't need to. They have the keys.

NOW it's the end of discussion.

[–] Honytawk@lemmy.zip 0 points 8 months ago (1 children)
[–] xor@infosec.pub 1 points 8 months ago

After months of claiming that Apple's privacy protections had stalled its investigation, the Justice Department said Monday that it had accessed a terrorism suspect's iPhone

it took "months" for the fbi to crack one iphone, that belonged to a terrorist...
and that was in 2020, those holes have long been patched.

so, no they can't.