Sure, but the decryption keys are also on the iDevice, otherwise it wouldn't work. Which means that a competent cracker can get access to your data. Not a big issue if all you have is personal stuff (but then, how bad is it if your personal data is compromised), but the gains for bug business espionage could justify the expense of a crack... So yes, the battle is already lost if an attacker physically has your iDevice in their hands. Don't do that.
Still, the default setting for the smart cover is clearly a bad security error by Apple - I trust it will be quickly fixed.
How many competent crackers vs opportunistic snatchers do you think there are? I'd be willing to bet that most would just wipe the thing if they can't get in easily enough - the data is less valuable than the device. That is, in anything but a targeted data-stealing attempt, but you're really hosed if you're a target of skilled hackers/crackers.
> The attacker has physical access to your device ... you have bigger problems to worry about.
I don't have bigger problems to worry about (or maybe I do - what are they?)
Perhaps 1% of thieves can get at my encrypted data, but probably all of them will be able to perform the few steps necessary to bypass the lock screen.
Look, the thing is, if you're worried about a casual thief, they probably don't care about your data anyway, they're going to wipe the device clean and resell it. If it is someone that actually stole the device to get the data, then I would expect your '1%' (plucked out of the air, or is there a reference for this kind of statistic - honest question, I'm not snarking) is actually going to be a much higher number, in which case the encryption isn't going to save you. It's pretty much game over once the attacker has their hands on the physical device, afterwards it's just a question of time.
My point is this: physical access to the device does not normally mean Game Over.
Most theft is going to be opportunist. For most thefts my data is going to be protected by the encryption. So in most cases, I don't have anything bigger to worry about.
Which is usually a four digit code, since you have to type it in so often? That's about 10,000 combinations. It's trivial to go through all the combinations. Even if it took a second per combination, it'd be cracked under three hours.
A more sensible way to encrypt a device is to use a separate long code that only has to be typed in at boot. Using a screen lock as an encryption key is just not effective.
Someone can probably manually access this in about 8 hours. 4 seconds / attempt = 7,200 guesses ~72% chance to break in. (Assuming there is no built in lockout based on failed attempts.)
Sure, but the decryption keys are also on the iDevice, otherwise it wouldn't work. Which means that a competent cracker can get access to your data. Not a big issue if all you have is personal stuff (but then, how bad is it if your personal data is compromised), but the gains for bug business espionage could justify the expense of a crack... So yes, the battle is already lost if an attacker physically has your iDevice in their hands. Don't do that.
Still, the default setting for the smart cover is clearly a bad security error by Apple - I trust it will be quickly fixed.