Posted by Megalith 11:10 AM (CDT)
Tuesday September 12, 2017
Russian forensics software firm ElcomSoft has shown how it’s about to get tougher for police to get at your iPhone’s data: they dove into iOS 11’s new security measures and found that a passcode is now required even after a handset is connected to an unfamiliar computer. That means even if forensic analysts do seize a phone while it's unlocked or use its owner's finger to unlock it, they still need a passcode to offload its data to a program where it can be analyzed wholesale (suspects may plead the Fifth and refuse to offer a password or passcode in some situations).
Prior to iOS 11, it was possible to perform logical acquisition of an iOS device by unlocking the device with Touch ID. The new pairing procedure requires the use of device passcode in order to establish trust between the device and the computer, thus making logical acquisition possible only if you know the passcode. This change is very important from the legal standpoint. While in certain cases the user may be compelled to unlock their device using their fingerprint, obtaining the passcode from the user may be challenging and, in many jurisdictions, not legally possible.