{"id":16358,"date":"2016-11-12T14:47:47","date_gmt":"2016-11-12T19:47:47","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=16358"},"modified":"2016-11-12T14:47:47","modified_gmt":"2016-11-12T19:47:47","slug":"ios-forensics-trace-leakage","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2016\/11\/12\/ios-forensics-trace-leakage\/","title":{"rendered":"iOS Forensics Trace Leakage"},"content":{"rendered":"<p><a href=\"http:\/\/www.zdziarski.com\/blog\/?p=5993\">Jonathan Zdziarski<\/a>:<\/p>\n<blockquote cite=\"http:\/\/www.zdziarski.com\/blog\/?p=5993\">\n<p>Apple has worked very hard to reduce the iPhone&rsquo;s attack surface, but they haven&rsquo;t yet fully addressed the underlying motivations of an attacker (specifically, the device&rsquo;s forensic value), and that&rsquo;s left the iPhone a very high value target. This is the oldest, and hardest challenge in the book: making sure that deleted data actually gets deleted. Conversations are ephemeral, but the traces of these conversations are not; this directly impacts how and why search warrants are executed and why mobile devices are targeted by attackers. If the user of the device believes their conversation to be deleted, it&rsquo;s breaking their trust by keeping forensic traces of those conversations, and ultimately the device&rsquo;s design can lead to a betrayal of the user&rsquo;s&nbsp;privacy if data is stolen or a forensic image is made. Ephemeral conversations (or other exchanges) should also mean ephemeral data.<\/p>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Jonathan Zdziarski: Apple has worked very hard to reduce the iPhone&rsquo;s attack surface, but they haven&rsquo;t yet fully addressed the underlying motivations of an attacker (specifically, the device&rsquo;s forensic value), and that&rsquo;s left the iPhone a very high value target. This is the oldest, and hardest challenge in the book: making sure that deleted data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[31,1137,141,355,425],"class_list":["post-16358","post","type-post","status-publish","format-standard","hentry","category-technology","tag-ios","tag-ios-9","tag-messages","tag-privacy","tag-sqlite"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/16358","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=16358"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/16358\/revisions"}],"predecessor-version":[{"id":16359,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/16358\/revisions\/16359"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=16358"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=16358"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=16358"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}