iOS 8 – Apple Can Not Recovery Device Data

icon_overview_ios8_hero_large

A PDF surfaced titled “Legal Process Guidelines, U.S. Law Enforcement”.  The PDF outlines the process and procedures for Law Enforcement (LE) for contacting Apple. The document, with respect to iOS 8 says “For all devices running iOS 8.0 and later versions, Apple will no longer be performing iOS data extractions as the data sought will be encrypted and Apple will not possess the encryption key.”

For iOS 7 and earlier, “Apple can perform this data extraction process on iOS devices running iOS 4 through iOS 7. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, iMessage, MMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party app data. ”

All that said, data privacy on the iOS devices seem to be moving in the right direction. However, there are other ways to attack the data. iOS backups, iCloud, weak pass phrases and/or security questions, and do not forget about rogue base stations and access points, can yield the data without having to crack the encryption.

Want to read the Apple guidelines? Here you go!