Quick question: if a user is under camera based surveillance and they type in their PIN, does that allow someone holding their data to decrypt it?
Because apparently China is putting cameras everywhere, and it stands to reason they could have a module that monitors for PIN entry and records it. Even at my workplace in the US I try to avoid entering my PIN near security cameras.
The answer to this used to be no, but iOS 11 made a number of changes that I don't fully understand yet; I think the answer is still no unless you have the device then you may be able to get an iCloud reset token.. but don't take my word for it. (at that point they already have your device though eh?)
As a side note I think people vastly underestimate how easy it is to capture you typing your password on a phone screen.. especially when you put it in the context of complaining about minor security implications of TouchID or FaceID. I would suggest it's typically much easier to watch you typing a password than to clone your TouchID .
I could not help but notice the dissonance between Laura Poitras arriving at 'Newark Liberty International Airport' and how she was treated there. For small values of Liberty I guess.
It's simply harassment, the kind that I would have expected in former Eastern Germany, Poland, Russia or any other state like that.
According to this (1) since iOS 11 update PIN code is now a single point of failure, if know PIN and have access to device (or probably Apple made data dump on Chinese servers) you can have everything.
Was curious about this as well. It would be a huge oversight if the encrypted blobs could be decrypted with a 4 - 6 digit pin. Couldn’t it be brute forced?
My amateur understanding is the pin unlocks a hardware “safe” on the device which contains the actual decryption key, requiring physicAl access to the device even if the pin was caught on security cam.
Because apparently China is putting cameras everywhere, and it stands to reason they could have a module that monitors for PIN entry and records it. Even at my workplace in the US I try to avoid entering my PIN near security cameras.