Discussion:
iPhone/iPad preferred over Android by businesses
(too old to reply)
Alan Browne
2012-10-19 20:35:14 UTC
Permalink
Despite Android's overall lead as a mobile OS for smartphones, Apple is
the preferred choice where business is concerned:

http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/

or http://tinyurl.com/7o845ac
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Your Name
2012-10-19 21:17:10 UTC
Permalink
Despite Android's overall lead as a mobile OS for smartphones, Apple is=20
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/
or http://tinyurl.com/7o845ac
Not really surprising, especially with the latest news story being
reported everywhere that the FBI are issuing warnings about Android
malware. :-)




"iPhones are Barbie Dolls for grown men. You carry them round,
dress them up in little outfits, accessories, and get a new
one every year."
- Ricky Gervais
Alan Browne
2012-10-20 14:34:48 UTC
Permalink
Post by Your Name
Despite Android's overall lead as a mobile OS for smartphones, Apple is=20
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/
or http://tinyurl.com/7o845ac
Not really surprising, especially with the latest news story being
reported everywhere that the FBI are issuing warnings about Android
malware. :-)
No, no, no! It's "goodware!". It's finfisher.

It's for the government to use for the good of people. Otherwise why
would the government use it?
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Todd Allcock
2012-10-21 03:20:22 UTC
Permalink
Post by Alan Browne
Post by Your Name
Despite Android's overall lead as a mobile OS for smartphones, Apple is=20
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-
technology/
Post by Alan Browne
Post by Your Name
or http://tinyurl.com/7o845ac
Not really surprising, especially with the latest news story being
reported everywhere that the FBI are issuing warnings about Android
malware. :-)
No, no, no! It's "goodware!". It's finfisher.
It's for the government to use for the good of people. Otherwise why
would the government use it?
Actually, the government is using it because they can alter it. The Feds
are creating their own forks of the Android OS for security reasons.
It's the next best thing to creating your OS from the ground-up:

http://www.tech-faq.com/pentagon-goes-mobile-without-apple.html

(Ironically, they wanted to use iOS, but Apple wouldn't give them access
to the source code.)
Alan Browne
2012-10-21 17:44:15 UTC
Permalink
Browne
Post by Alan Browne
Post by Your Name
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple
is=20
Post by Alan Browne
Post by Your Name
Post by Alan Browne
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-
technology/
Post by Alan Browne
Post by Your Name
Post by Alan Browne
or http://tinyurl.com/7o845ac
Not really surprising, especially with the latest news story being
reported everywhere that the FBI are issuing warnings about Android
malware. :-)
No, no, no! It's "goodware!". It's finfisher.
It's for the government to use for the good of people. Otherwise why
would the government use it?
Actually, the government is using it because they can alter it. The Feds
are creating their own forks of the Android OS for security reasons.
http://www.tech-faq.com/pentagon-goes-mobile-without-apple.html
(Ironically, they wanted to use iOS, but Apple wouldn't give them access
to the source code.)
I mentioned that elsewhere yesterday - and many months ago when similar
issues arose.
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Todd Allcock
2012-10-20 07:33:42 UTC
Permalink
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/
or http://tinyurl.com/7o845ac
While that's certainly possible and even plausible, the problem with that
data us that it comes from Good, a secure corporate mail vendor (sort of
a Blackberry-like setup for non-Blackberries.)

It's possible that the Good software for iOS is so much better than the
Android version that Good's clients choose iPhones for the better
experience.

It's sort of like getting phone market share data from Rovio, the makers
of Angry Birds, based on what percentage of their sales is to users of
each platform.

Their sample is large enough that the data would *probably* be accurate,
but it requires making assumptions about the platforms' users, like
assuming they're equally as likely to buy particular apps and games.
JF Mezei
2012-10-20 13:16:32 UTC
Permalink
Post by Todd Allcock
It's sort of like getting phone market share data from Rovio, the makers
of Angry Birds, based on what percentage of their sales is to users of
each platform.
Such statistics may be self selecting since certain portions of
population won't buy Angry birds (okder people, business users etc).

And if you look at trends, it is also a bit unfair if Angry Birds came
to android later which means that market share changes would be caused
by angry birds appearing on android as opposed to android market share
increasing.
Alan Browne
2012-10-20 13:38:58 UTC
Permalink
Post by Todd Allcock
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/
or http://tinyurl.com/7o845ac
While that's certainly possible and even plausible, the problem with that
data us that it comes from Good, a secure corporate mail vendor (sort of
a Blackberry-like setup for non-Blackberries.)
That has its value (as a stat) as they have a very accurate (license
count) view of the land.
Post by Todd Allcock
It's possible that the Good software for iOS is so much better than the
Android version that Good's clients choose iPhones for the better
experience.
I just compared Good T. services for 4 devices on US networks (iPhone 4
v Galaxy II and iPhone 5 v Galaxy III). Samsung had more supported
carrier services than iPhone for the older generation and the same (and
fewer) for the later generation smartphones. (I did the two checks -
the combinations are endless and Good cover a LOT of Android phones).

I doubt there is a difference between their iOS/Android products in
terms of functionality. Indeed, due to Apple's restrictions in
programmer access to the bones of iOS, it's more likely that the most
clever implementations of anything can be done on Android. (A major
reason why the US DoD cannot do highly secure deployments with iPhone,
only Android is approved for that in COTS devices).

What -is- plausible is that the support costs of the smaller Android
market (per their numbers) is very high (all those models and OS
variants) v. the lean ecosystem of iOS. So it's to their advantage that
companies go to iOS and leave Android out - so getting these stats out
may in time cause enough lean to iOS so that Good can winnow down the
number of supported Android OS' variants and models.
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Davoud
2012-10-20 17:41:46 UTC
Permalink
Post by Todd Allcock
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
the preferred choice where business is concerned...
While that's certainly possible and even plausible, the problem with that
data us that it comes from Good, a secure corporate mail vendor (sort of
a Blackberry-like setup for non-Blackberries.)
If you want your own, anecdotal evidence, go where business people do
business. Ride an Amtrak commuter train on the NE Corridor (especially
DC-NYC) any business day. Any class will do--regular, business, or
Acela. Count iPhones (and iPads) compared to other platforms.

When you get to NY, observe the number of people in business dress who
are using iPhones compared to other platforms (remembering when it was
virtually 100% Blackberry) and, in a restaurant or coffee shop, iPads.
I could be naïve in my assumption that a high percentage of suits on
the streets of NY represent persons engaged in some sort of business,
but I don't think that I am. I perceive that the average New Yorker out
for a stroll and the average tourist is wearing comfort clothing, as I
am, and not business apparel.

This is a non-scientific survey. A plausible scientific survey that
might show interesting, if predictable, results, would focus not just
on how many people use iOS, but /who/ uses iOS. It would be a
comparison of education and income levels between iOS users and users
of off-brand phones. Historically, Apple customers have always come out
on top in such surveys.

A few years ago this was reported by MSN (The *Microsoft* Network):
"Those who surf the Web using a Mac tend to be better educated and make
more money than their PC-using counterparts, according to a report from
Nielsen/NetRatings. The study also said Mac users tend to be more Web
savvy, with more than half having been online for at least five years.
And the Mac faithful are 58 percent more likely than the overall online
population to build their own Web page and also slightly more likely to
buy goods online, according to the report."

It is likely, but not proven, that something analogous to that would be
found in an iOS-versus-the-competition survey.

It's worth noting how the iPhone, which was designed with consumers in
mind, without much of a nod to enterprise users, has put RIM on the
rocks. All those Blackberry users /saw/ the iPhone, maybe tried it out,
and became Believers. They went to their IT departments and said "I
want an iPhone." The IT department said "You can't have an iPhone
because they're made by Apple and company policy is that Apple makes
only toys suitable for left-wing, business-hating communists. Then one
day the IT department got a call from the CEO. They had been wondering
why they never heard from him. Upon entering the sanctum sanctorum they
were shocked and appalled to see that the CEO had an iPhone /and/ an
iMac (and now an iPad, as well). The really scary part for the IT guys
was that the CEO had installed the iMac without their help. You know
the rest of the story.
--
I agree with almost everything that you have said and almost everything that
you will say in your entire life.

usenet *at* davidillig dawt cawm
Todd Allcock
2012-10-21 02:43:39 UTC
Permalink
Post by Davoud
Post by Todd Allcock
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
the preferred choice where business is concerned...
While that's certainly possible and even plausible, the problem with that
data us that it comes from Good, a secure corporate mail vendor (sort of
a Blackberry-like setup for non-Blackberries.)
If you want your own, anecdotal evidence, go where business people do
business. Ride an Amtrak commuter train on the NE Corridor (especially
DC-NYC) any business day. Any class will do--regular, business, or
Acela. Count iPhones (and iPads) compared to other platforms.
An excellent point, though I might suggest any of our perceptions might
be skewed by the iPhone's design. I recognize an iPhone instantly, but I
couldn't identify 98 of 100 Android phones in a lineup (recent lawsuit
findings notwithstanding), so the comparison would be iPhones vs. not-an-
iPhone. vs. "OMG, do Blackberries still look like that?" If the train car
were large enough, with maybe 100 phone users, I could add the "hey, I'm
not the only guy on the planet with a Windows Phone" category.

It's much like how after you buy a new car, more people suddenly seem to
be driving the same model because you just never recognized them before.
Now they've become a distinct "category" in your mind.
Post by Davoud
When you get to NY, observe the number of people in business dress who
are using iPhones compared to other platforms (remembering when it was
virtually 100% Blackberry) and, in a restaurant or coffee shop, iPads.
I could be naïve in my assumption that a high percentage of suits on
the streets of NY represent persons engaged in some sort of business,
but I don't think that I am. I perceive that the average New Yorker out
for a stroll and the average tourist is wearing comfort clothing, as I
am, and not business apparel.
True, and I had a similar discussion with some virtual friends recently
who were trying to claim Android tablets were becoming popular, and I
mentioned that I still can't recall *ever* seeing a single Android tablet
that wasn't a Nook or Kindle in the wild. From my unscientific
observances there are only two kinds of tablets- iPads and ebook readers.
Post by Davoud
This is a non-scientific survey. A plausible scientific survey that
might show interesting, if predictable, results, would focus not just
on how many people use iOS, but /who/ uses iOS. It would be a
comparison of education and income levels between iOS users and users
of off-brand phones. Historically, Apple customers have always come out
on top in such surveys.
True, but I'm not sure if that would apply to iOS users in the post-
Walmart era. iOS has become the modern consumer equivalent of the old
business axiom "nobody ever got fired for buying IBM". Smartphones and
tablets are a confusing market, and Apple offers a safe harbor by virtue
of its popularity and relatively limited options. With Android, there
are a myriad of chances to buy the "wrong" device. First by choosing
Android in the first place, then by selecting the wrong brand, then wrong
model, wrong variant, wrong color, etc.

There something comforting in the sales "flowchart" for the iPhone: black
or white? 16, 32, or 64GB? Will that be cash or charge?
Post by Davoud
"Those who surf the Web using a Mac tend to be better educated and make
more money than their PC-using counterparts, according to a report from
Nielsen/NetRatings. The study also said Mac users tend to be more Web
savvy, with more than half having been online for at least five years.
And the Mac faithful are 58 percent more likely than the overall online
population to build their own Web page and also slightly more likely to
buy goods online, according to the report."
Of course we can interpret that data to mean that the better-educated and
the well-heeled select Apple as an educated decision, but we can also
interpret it to mean Apple has priced itself out of the low-priced market
flooded with $250-400 entry level desktop PCs and laptops.

I'll wager every one of those correlations, right down to "more likely to
build their own web page" is probably also true of BMW and Lexus car
owners vs. owners of Hyundais and Chevys as well. Or wearers of Rolex vs.
Timex.

Apple, among its many attributes, is an affinity brand, and has a similar
client demographic to other affinity brands, even in unrelated industries.
Post by Davoud
It is likely, but not proven, that something analogous to that would be
found in an iOS-versus-the-competition survey.
Maybe, but carrier subsidies have allowed iPhones to penetrate the Honey
Boo Boo market. (Sorry, television reference- insert an image of any
convenient inbred Appalachian stereotype from more high-fallutin' forms
of media...)

Besides, Apple dominates most of the markets inhabited by iOS (tablets
and media players) and is a major player in the other (phones) that more
people use iOS than don't. An OS user has become the "average" user by
default.
Post by Davoud
It's worth noting how the iPhone, which was designed with consumers in
mind, without much of a nod to enterprise users, has put RIM on the
rocks. All those Blackberry users /saw/ the iPhone, maybe tried it out,
and became Believers. They went to their IT departments and said "I
want an iPhone." The IT department said "You can't have an iPhone
because they're made by Apple and company policy is that Apple makes
only toys suitable for left-wing, business-hating communists. Then one
day the IT department got a call from the CEO. They had been wondering
why they never heard from him. Upon entering the sanctum sanctorum they
were shocked and appalled to see that the CEO had an iPhone /and/ an
iMac (and now an iPad, as well). The really scary part for the IT guys
was that the CEO had installed the iMac without their help. You know
the rest of the story.
Yes, businesses rejected the security of Blackberry because their CEOs
are distracted by bright shiny objects.

There are significant security issues with most non-Blackberry phones,
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
Alan Browne
2012-10-21 17:34:03 UTC
Permalink
Post by Todd Allcock
who were trying to claim Android tablets were becoming popular, and I
mentioned that I still can't recall *ever* seeing a single Android tablet
that wasn't a Nook or Kindle in the wild. From my unscientific
observances there are only two kinds of tablets- iPads and ebook readers.
I've seen several non-iPad/non-ebook tablets out there. OTOH, I have no
idea what brand they were.
Post by Todd Allcock
Post by Davoud
This is a non-scientific survey. A plausible scientific survey that
might show interesting, if predictable, results, would focus not just
on how many people use iOS, but /who/ uses iOS. It would be a
comparison of education and income levels between iOS users and users
of off-brand phones. Historically, Apple customers have always come out
on top in such surveys.
Of course we can interpret that data to mean that the better-educated and
the well-heeled select Apple as an educated decision, but we can also
interpret it to mean Apple has priced itself out of the low-priced market
flooded with $250-400 entry level desktop PCs and laptops.
I see a lot of students and people with constrained means with Apple
devices and laptops. Where there's a will ...
Post by Todd Allcock
Yes, businesses rejected the security of Blackberry because their CEOs
are distracted by bright shiny objects.
There are significant security issues with most non-Blackberry phones,
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
Secure VPN, secure MS Exchange Server access, etc. has been common with
iPhone for a couple years or more. As well there are 3rd party
offerings. There may be some things about those that IT don't like, but
generally iOS satisfies all but some government/military level security
needs.

Indeed Apple refused to grant the DoD access to iOS internals - as such
there is a wide domain of military secure document/communications that
cannot be done on iPhones. Android - no issue as the pertinent s/w is
open source and the military can compile their own code into the OS proper.
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Lewis
2012-10-22 06:34:55 UTC
Permalink
Post by Todd Allcock
True, and I had a similar discussion with some virtual friends recently
who were trying to claim Android tablets were becoming popular, and I
mentioned that I still can't recall *ever* seeing a single Android tablet
that wasn't a Nook or Kindle in the wild. From my unscientific
observances there are only two kinds of tablets- iPads and ebook readers.
I've seen *one*. There's a guy at my coffee shop who has some sort of 7"
tablet that is not a Kindle or a nook. Well, it could be a jailbroken
nook.
Post by Todd Allcock
Maybe, but carrier subsidies have allowed iPhones to penetrate the Honey
Boo Boo market. (Sorry, television reference- insert an image of any
convenient inbred Appalachian stereotype from more high-fallutin' forms
of media...)
You had to drag Honey Boo Boo into this? ugh. If the Vulcans come by any
time soon and see that show, they will surely destroy the planet rather
than risk letting us infect the rest of the galaxy.
Post by Todd Allcock
Besides, Apple dominates most of the markets inhabited by iOS (tablets
and media players) and is a major player in the other (phones) that more
people use iOS than don't. An OS user has become the "average" user by
default.
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are. Mobile browsing? iOS. App purchases? iOS. An android
phone is much more likely to be used as a basic 'feature' phone than an
iPhone is.
Post by Todd Allcock
Yes, businesses rejected the security of Blackberry because their CEOs
are distracted by bright shiny objects.
The "security" of Blackberry. The quotes are critical, because it is
illusory security.
Post by Todd Allcock
There are significant security issues with most non-Blackberry phones,
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-security-threshold/>
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
Post by Todd Allcock
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
An iPhones are much more secure that a Blackberry device since *no one*
can break the security, as opposed to RIM which has access to all the
'secure' data and has given that access to many others.
--
Ahahahahaha! Ahahahaha! Aahahaha! BEWARE!!!!! Yrs sincerely The Opera
Ghost
nospam
2012-10-22 08:38:54 UTC
Permalink
Post by Lewis
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-secur
ity-threshold/>
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
what you didn't quote, was this:
The iPhone and iPad do keep a copy of the encryption key deeper in
flash memory‹otherwise there would be no way for the device to
recover data when it was turned back on. But that encryption key is
itself protected by the user's "PIN lock," a code that must be
entered before the device can be used.

in other words, all you need to do is crack the pin code, which is
usually just 4 digits. once you do that, you have the encryption key
and game over.

what's even worse is that a lot of apps don't encrypt their own data
(or do so very weakly), so once you've gotten past the pin code,
getting that personal data is cake. some apps even transmit it over the
air unencrypted too, which means a packet sniffer can get all sorts of
information (something that isn't just iphones either), without needing
to crack a thing.
Post by Lewis
An iPhones are much more secure that a Blackberry device since *no one*
can break the security,
you don't seriously believe that, do you?

no one can break iphone security? no one at all? bolded, even???

according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.

some people don't use any pin, making the process 0 minutes.

longer passphrases are obviously safer, but very few people enable that
because it's a pain to type it in each time. if they did, chances are
whatever passphrase they picked is in a dictionary, making it fairly
easy to crack even though it's longer.

read the comments. they're enlightening.
Lewis
2012-10-22 16:24:16 UTC
Permalink
Post by nospam
Post by Lewis
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-secur
ity-threshold/>
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
The iPhone and iPad do keep a copy of the encryption key deeper in
flash memory‹otherwise there would be no way for the device to
recover data when it was turned back on. But that encryption key is
itself protected by the user's "PIN lock," a code that must be
entered before the device can be used.
in other words, all you need to do is crack the pin code, which is
usually just 4 digits.
Perhaps. I don't know anyone who uses a 4 number pin (not even my kids).
Most people don't use a password at all, of course, but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
Post by nospam
Post by Lewis
An iPhones are much more secure that a Blackberry device since *no one*
can break the security,
you don't seriously believe that, do you?
Yes, and the evidence is pretty compelling that it is the case. The
police taking a day or two to un-encrypt a suspect's hard drive is a
piece of absurdist fiction, and does not happen in the real world. There
have been recent cases where the police have tried to get the courts to
compel suspects to give up their passcodes for their phone and laptops.
Post by nospam
no one can break iphone security? no one at all? bolded, even???
OK, No one has.
Post by nospam
according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.
You can't use a faster system, that's the whole point. You *have* to do
the crack on the iPhone.
Post by nospam
some people don't use any pin, making the process 0 minutes.
No security is no security. If there's no security, then security isn't
a question. I was at the movies this weekend and during the preview the
woman sitting next to me got a text message and unlocked her phone. She
had to unlock it and she did so not with a numeric pin (since that would
only show the numeric 10-key) but with an actual password using the
keyboard. At least once they keyboard changed to the symbols/numbers, so
she had a 'real' password. This was just a random stranger sitting in a
movie theatre.

<1> Weak on a computer, as all 8 character passwords can be cracked in under a day.
--
'We get that in here some nights, when someone's had a few. Cosmic
speculation about whether the gods exist. Next thing, there's a bolt of
lightning through the door with a note wrapped round it saying, "Yes, we
do" and a pair of sandals with smoke coming out.' (Small Gods)
nospam
2012-10-22 18:37:10 UTC
Permalink
Post by Lewis
Post by nospam
Post by Lewis
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-se
cur
ity-threshold/>
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
The iPhone and iPad do keep a copy of the encryption key deeper in
flash memory?otherwise there would be no way for the device to
recover data when it was turned back on. But that encryption key is
itself protected by the user's "PIN lock," a code that must be
entered before the device can be used.
in other words, all you need to do is crack the pin code, which is
usually just 4 digits.
Perhaps.
no perhaps about it. all you need to do is crack the pin code and game
over.
Post by Lewis
I don't know anyone who uses a 4 number pin (not even my kids).
well that must mean nobody uses a 4 digit pin code.

i keep forgetting that whatever exists in your little fantasy world is
how it is in the rest of the world.
Post by Lewis
Most people don't use a password at all, of course,
even easier.
Post by Lewis
but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.

most people want convenience, which is why they use the same passwords
on multiple sites, and easy to guess ones, such as 'password' or
'123456', two of the most common passwords, and 1234 and 0000, two of
the most common 4 digit pins:

<http://blog.eset.com/2012/06/07/passwords-and-pins-the-worst-choices>

even more interesting is this article:
<http://danielamitay.com/blog/2012/8/6/most-common-iphone-passcodes>
Formulaic passwords are never a good idea, yet 15% of all passcode
sets were represented by only 10 different passcodes (out of a
possible 10,000). The implication? A thief (or just a prankster)
could safely try 10 different passcodes on your iPhone without
initiating the data wipe. With a 15% success rate, about 1 in 7
iPhones would easily unlock--even more if the intruder knows the
users¹ years of birth, relationship status, etc.
Post by Lewis
Post by nospam
Post by Lewis
An iPhones are much more secure that a Blackberry device since *no one*
can break the security,
you don't seriously believe that, do you?
Yes, and the evidence is pretty compelling that it is the case.
wow. you are very ignorant, dangerously so, in fact.
Post by Lewis
The
police taking a day or two to un-encrypt a suspect's hard drive is a
piece of absurdist fiction, and does not happen in the real world. There
have been recent cases where the police have tried to get the courts to
compel suspects to give up their passcodes for their phone and laptops.
what does that have to do with cracking an iphone? nothing at all!!

moving the goalposts again i see.

plus, they don't have to compel suspects to give up their passcodes for
their phones because they can get past it.
Post by Lewis
Post by nospam
no one can break iphone security? no one at all? bolded, even???
OK, No one has.
wrong. many people have. it's not that tough to do.
Post by Lewis
Post by nospam
according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.
You can't use a faster system, that's the whole point. You *have* to do
the crack on the iPhone.
wrong. you can use a faster system, and iphones themselves get faster.

that 13 minute figure was done before the iphone 5, which in some
benchmarks is well over twice as fast as an iphone 4s (geekbench: 1601
v. 629). that means cracking the pin could take as little as 5 minutes,
*on the phone*.
Post by Lewis
Post by nospam
some people don't use any pin, making the process 0 minutes.
No security is no security. If there's no security, then security isn't
a question. I was at the movies this weekend and during the preview the
woman sitting next to me got a text message and unlocked her phone. She
had to unlock it and she did so not with a numeric pin (since that would
only show the numeric 10-key) but with an actual password using the
keyboard. At least once they keyboard changed to the symbols/numbers, so
she had a 'real' password. This was just a random stranger sitting in a
movie theatre.
well then, if random moviegoers are using more than a 4 digit pin, then
everyone must be doing that!
Post by Lewis
<1> Weak on a computer, as all 8 character passwords can be cracked in under a day.
even assuming that was the case for an iphone, it can still be cracked.
Lewis
2012-10-23 02:51:10 UTC
Permalink
Post by nospam
Post by Lewis
Post by nospam
Post by Lewis
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-se
cur
ity-threshold/>
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
The iPhone and iPad do keep a copy of the encryption key deeper in
flash memory?otherwise there would be no way for the device to
recover data when it was turned back on. But that encryption key is
itself protected by the user's "PIN lock," a code that must be
entered before the device can be used.
in other words, all you need to do is crack the pin code, which is
usually just 4 digits.
Perhaps.
no perhaps about it. all you need to do is crack the pin code and game
over.
The perhaps was in reference to the '4 digits'.
Post by nospam
Post by Lewis
I don't know anyone who uses a 4 number pin (not even my kids).
well that must mean nobody uses a 4 digit pin code.
No, but it means it's probably a damn low percentage.
Post by nospam
i keep forgetting that whatever exists in your little fantasy world is
how it is in the rest of the world.
No, sorry, that's YOU.
Post by nospam
Post by Lewis
Most people don't use a password at all, of course,
even easier.
Post by Lewis
but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Post by nospam
most people want convenience, which is why they use the same passwords
on multiple sites, and easy to guess ones, such as 'password' or
'123456', two of the most common passwords, and 1234 and 0000, two of
what does that have to do with cracking an iphone? nothing at all!!
Please learn to read.
Post by nospam
plus, they don't have to compel suspects to give up their passcodes for
their phones because they can get past it.
No they cannot.
Post by nospam
Post by Lewis
Post by nospam
no one can break iphone security? no one at all? bolded, even???
OK, No one has.
wrong. many people have. it's not that tough to do.
You are a liar.
Post by nospam
Post by Lewis
Post by nospam
according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.
You can't use a faster system, that's the whole point. You *have* to do
the crack on the iPhone.
wrong.
Not wrong. The crack program must be run on the phone because the key is
in the phone's hardware. Please do the least effort research before
embarrassing yourself.
Post by nospam
that 13 minute figure was done before the iphone 5, which in some
benchmarks is well over twice as fast as an iphone 4s (geekbench: 1601
v. 629). that means cracking the pin could take as little as 5 minutes,
*on the phone*.
You are talking about a 4 digit PIN and pretending *anyone* would think
that was secure. Stop being an idiot for once.
Post by nospam
even assuming that was the case for an iphone, it can still be cracked.
It is trivial to create a password on iOS that is extremely secure. Far
more secure than the identical password on a computer.
--
He was Igor, son of Igor, nephew of several Igors, brother of Igors and
cousin of more Igors than he could remember without checking up in his
diary. Igors did not change a winning formula. {Footnote: Especially if
it was green, and bubbled.}
Todd Allcock
2012-10-23 03:20:38 UTC
Permalink
At 23 Oct 2012 02:51:10 +0000 Lewis
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
Post by Lewis
Post by nospam
most people want convenience, which is why they use the same passwords
on multiple sites, and easy to guess ones, such as 'password' or
'123456', two of the most common passwords, and 1234 and 0000, two of
what does that have to do with cracking an iphone? nothing at all!!
Please learn to read.
Post by nospam
plus, they don't have to compel suspects to give up their passcodes
for their phones because they can get past it.
No they cannot.
Post by nospam
Post by nospam
no one can break iphone security? no one at all? bolded, even???
OK, No one has.
wrong. many people have. it's not that tough to do.
You are a liar.
Post by nospam
Post by nospam
according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.
You can't use a faster system, that's the whole point. You *have* to
do the crack on the iPhone.
wrong.
Not wrong. The crack program must be run on the phone because the key is
in the phone's hardware. Please do the least effort research before
embarrassing yourself.
Post by nospam
that 13 minute figure was done before the iphone 5, which in some
benchmarks is well over twice as fast as an iphone 4s (geekbench: 1601
v. 629). that means cracking the pin could take as little as 5 minutes,
*on the phone*.
You are talking about a 4 digit PIN and pretending *anyone* would think
that was secure. Stop being an idiot for once.
Post by nospam
even assuming that was the case for an iphone, it can still be cracked.
It is trivial to create a password on iOS that is extremely secure. Far
more secure than the identical password on a computer.
Am I missing something? Set the phone to erase itself after 10 incorrect
attempts and a four digit pin is more than sufficient. Heck, even a two
digit pin has a 90% chance of thwarting the miscreant. ;)

I've never used anything stronger than a 4-digit pin on a phone. It's a
deterrent, not NSA-level security.
Lewis
2012-10-23 03:41:57 UTC
Permalink
Post by Todd Allcock
At 23 Oct 2012 02:51:10 +0000 Lewis
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
YOu can do a lot with a device you have physical access too.
Post by Todd Allcock
Am I missing something? Set the phone to erase itself after 10 incorrect
attempts and a four digit pin is more than sufficient. Heck, even a two
digit pin has a 90% chance of thwarting the miscreant. ;)
It's not that simple when you are talking about people with a great deal
of resources to throw at trying to crack decryption. A 4 digit pin on an
iphone is good enough to keep a random thief from getting your data, it
is not enough to keep a police department from getting it.
Post by Todd Allcock
I've never used anything stronger than a 4-digit pin on a phone. It's a
deterrent, not NSA-level security.
Right, but NSA level security *IS* available for those who want it.
--
'Yes, but humans are more important than animals,' said Brutha. 'This
is a point of view often expressed by humans,' said Om. (Small Gods)
sbt
2012-10-23 03:48:42 UTC
Permalink
Post by Lewis
It's not that simple when you are talking about people with a great deal
of resources to throw at trying to crack decryption. A 4 digit pin on an
iphone is good enough to keep a random thief from getting your data, it
is not enough to keep a police department from getting it.
The point being forgotten here is that if you're using the 4-digit PIN,
you also have the "10 consecutive failed attempts erases the phone"
option. And that's 10 attempts without gaining access (which resets the
counter).
--
Spenser
Michelle Steiner
2012-10-23 04:05:02 UTC
Permalink
Post by sbt
The point being forgotten here is that if you're using the 4-digit PIN,
you also have the "10 consecutive failed attempts erases the phone"
option. And that's 10 attempts without gaining access (which resets the
counter).
And there's the lockout period between attempts. I found this on the web:

Failed Attempts Added Waiting Time Total Waiting Time
1 to 5 none none
6 1 minute 1 minute
7 5 minutes 6 minutes
8 15 minutes 21 minutes
9 60 minutes 81 minutes
10 60 minutes 141 minutes
11 black screen wiped device
--
I am Woman; watch me vote!
Todd Allcock
2012-10-23 05:54:31 UTC
Permalink
Post by Michelle Steiner
Post by sbt
The point being forgotten here is that if you're using the 4-digit PIN,
you also have the "10 consecutive failed attempts erases the phone"
option. And that's 10 attempts without gaining access (which resets the
counter).
Failed Attempts Added Waiting Time Total Waiting Time
1 to 5 none none
6 1 minute 1 minute
7 5 minutes 6 minutes
8 15 minutes 21 minutes
9 60 minutes 81 minutes
10 60 minutes 141 minutes
11 black screen wiped device
I gave up at eight when testing the feature.
nospam
2012-10-23 05:22:03 UTC
Permalink
Post by sbt
Post by Lewis
It's not that simple when you are talking about people with a great deal
of resources to throw at trying to crack decryption. A 4 digit pin on an
iphone is good enough to keep a random thief from getting your data, it
is not enough to keep a police department from getting it.
The point being forgotten here is that if you're using the 4-digit PIN,
you also have the "10 consecutive failed attempts erases the phone"
option. And that's 10 attempts without gaining access (which resets the
counter).
the point being forgotten here is that you don't try it from the
phone's display.

you plug in a cable and access it directly or use a dedicated device.

<http://www.cellebrite.com/mobile-forensics-products/solutions/ios-foren
sics.html>
Michelle Steiner
2012-10-23 19:39:35 UTC
Permalink
Post by nospam
<http://www.cellebrite.com/mobile-forensics-products/solutions/ios-foren
sics.html>
It's interesting that the video at that page conveniently skips over what
to do if the iDevice is passcode protected.
--
I am Woman; watch me vote!
nospam
2012-10-23 05:22:00 UTC
Permalink
Post by Lewis
Post by Todd Allcock
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
YOu can do a lot with a device you have physical access too.
but you said 'no one can crack it', so why would physical access matter?

changing your story?
Post by Lewis
Post by Todd Allcock
Am I missing something? Set the phone to erase itself after 10 incorrect
attempts and a four digit pin is more than sufficient. Heck, even a two
digit pin has a 90% chance of thwarting the miscreant. ;)
It's not that simple when you are talking about people with a great deal
of resources to throw at trying to crack decryption. A 4 digit pin on an
iphone is good enough to keep a random thief from getting your data, it
is not enough to keep a police department from getting it.
but you said 'no one can crack it.'

if a police department can get at it, then it's not 'no one', is it?
Post by Lewis
Post by Todd Allcock
I've never used anything stronger than a 4-digit pin on a phone. It's a
deterrent, not NSA-level security.
Right, but NSA level security *IS* available for those who want it.
not with an iphone.
Lewis
2012-10-23 14:41:48 UTC
Permalink
Post by nospam
Post by Lewis
Post by Todd Allcock
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
YOu can do a lot with a device you have physical access too.
but you said 'no one can crack it', so why would physical access matter?
If you have a 4 digit pin, that can be cracked easily. If you have a 8
character password, someone could crack it in about a year. If you have
a 12 character password, then you are looking at centuries, at least.
Post by nospam
but you said 'no one can crack it.'
Stop being an idiot.
Post by nospam
Post by Lewis
Right, but NSA level security *IS* available for those who want it.
not with an iphone.
Yes, with an iPhone you gibbering fool. The iPhone uses AES, which is
definitionally NSA level security.
--
The fact is that camels are far more intelligent than dolphins.
Footnote: Never trust a species that grins all the time. It's up to
something. --Pyramids
Todd Allcock
2012-10-23 05:47:03 UTC
Permalink
Post by Lewis
Post by Todd Allcock
At 23 Oct 2012 02:51:10 +0000 Lewis
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
YOu can do a lot with a device you have physical access too.
Sounds like vague paranoia.
Post by Lewis
Post by Todd Allcock
Am I missing something? Set the phone to erase itself after 10 incorrect
attempts and a four digit pin is more than sufficient. Heck, even a two
digit pin has a 90% chance of thwarting the miscreant. ;)
It's not that simple when you are talking about people with a great deal
of resources to throw at trying to crack decryption. A 4 digit pin on an
iphone is good enough to keep a random thief from getting your data, it
is not enough to keep a police department from getting it.
If I set the phone to wipe after 10 incorrect attempts, how is our
hypothetical Sgt. Friday going to get in without strapping me in a chair
and whipping out Le Chiffre's carpet beater to convince me to give him
the PIN?
Post by Lewis
Post by Todd Allcock
I've never used anything stronger than a 4-digit pin on a phone. It's a
deterrent, not NSA-level security.
Right, but NSA level security *IS* available for those who want it.
Yes, on Android :)
<http://eweek.com/c/a/Security/NSA-Releases-SE-Android-With-Better-
Sandboxing-Access-Control-Policies-324639/>
nospam
2012-10-23 06:14:55 UTC
Permalink
Post by Todd Allcock
If I set the phone to wipe after 10 incorrect attempts, how is our
hypothetical Sgt. Friday going to get in without strapping me in a chair
and whipping out Le Chiffre's carpet beater to convince me to give him
the PIN?
by plugging it into a computer or dedicated device.
Todd Allcock
2012-10-23 17:25:27 UTC
Permalink
Post by nospam
Post by Todd Allcock
If I set the phone to wipe after 10 incorrect attempts, how is our
hypothetical Sgt. Friday going to get in without strapping me in a chair
and whipping out Le Chiffre's carpet beater to convince me to give him
the PIN?
by plugging it into a computer or dedicated device.
That sort of makes the whole "security" issue moot then, doesn't it?

Well, I'm off to scrounge up three large for the President's phone, I
guess...
<http://www.gdc4s.com/sectera-edge-(sme-ped)-
proddetail.html?taxonomyCat=141>
Todd Allcock
2012-10-23 19:32:08 UTC
Permalink
Post by nospam
Post by Todd Allcock
If I set the phone to wipe after 10 incorrect attempts, how is our
hypothetical Sgt. Friday going to get in without strapping me in a chair
and whipping out Le Chiffre's carpet beater to convince me to give him
the PIN?
by plugging it into a computer or dedicated device.
After looking over Cellebright's website (apparently the leading vendor
of mobile forensic devices and software), I'm beginning to conclude that
the iPhone is actually one of the least secure "smart" devices around if
it falls into the hands of law enforcement.

Dumbphones and old Symbian/Nokia devices melt like butter in
Cellebright's hands, but most smartphones are a little tougher. The
iPhone and some Androids straddle the middle.

Their website is a bit vague about what useful data will be recoverable
from the extraction of each device. (Not surprising, since the website is
trying to sell their devices to law-enforcement agencies, not frankly
discuss the products' limitations!)

Some phones, particularly Blackberries, seem essentially impervious to
extraction, despite the website's pronouncements. (The front page brags
how their devices are the first to extract all data from Blackberries,
but only when you drill down to the support pages' manuals and FAQs, does
it bother to mention "Password locked devices are supported when the
password is known (the UFED requests the password during the extraction
process)..."

Hell, I can "extract" data from a Blackberry if I know the password,
without a pricey device.

Windows Phones (old and new) seem equally as immune, since the extraction
device can only connect via Bluetooth (or IR, if the phone is REALLY old!),
and you can't pair with the device BT (or start an IR transfer) unless
it's unlocked. Again, law enforcement doesn't need an expensive device
to "read" an unlocked phone!

*Most* Androids are safe unless the phone had the "USB Debugging Mode"
activated (activating is done using a menu only accessible when the phone
is unlocked) which is typically off unless the phone belongs to a
developer, or the phone is being rooted (after which you usually turn the
debugger off.) USB Debugging apparently allows the Cellebright UFED
device to upload an app to read the entire phone from under the lock.
(Ooops.)

iPhones and some Androids (mostly Motorola and Samsung) seem particularly
vulnerable because the reader seems to be able to extract their contents
at boot by using DFU-mode (they don't call it that, but that seems likely
from the vague description: "The extraction application does not load
iOS, but instead loads a special forensic utility to the device. This
utility is loaded to the device's memory (RAM) and runs directly from
there. Therefore, it does not modify the device's storage and does not
leave any footprints...")

Simple PINs can be brute forced, but complex passwords aren't even
attempted (Lewis for the win!) To get the complex password, Sgt. Friday
has to "extract" the password not from the phone with the Cellebright
device, but from the owner using the carpet beater and enter the password
into the Cellebright. Unfortunately, however, the passwords don't really
seem to be needed for most data! From the iPhone extraction FAQ, iOS
encryption seems woefully incomplete:
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...

Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
brute force the password:
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.


Overall, it would seem that Blackberry is still the secure weapon of
choice for both Government and criminals! ;) (So much for Lewis'
statements "iPhones are as secure as Blackberries" and Blackberry
security is "illusory".)
Lewis
2012-10-23 19:45:45 UTC
Permalink
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
That also seems like it is outdated information, but I'm not sure since
I've never heard of this. Maybe it assumes a complete backup on the
computer and unencrypted backup?
Post by Todd Allcock
Overall, it would seem that Blackberry is still the secure weapon of
choice for both Government and criminals! ;) (So much for Lewis'
statements "iPhones are as secure as Blackberries" and Blackberry
security is "illusory".)
RIM has given the keys to several governments around the world,
including the US, India, and Pakistan. This means there is, for all
intents and purposes, *no* security on Blackberry devices.
--
I think it's the duty of the comedian to find out where the line is
drawn and cross it deliberately.
Todd Allcock
2012-10-23 20:46:08 UTC
Permalink
Post by Lewis
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
That also seems like it is outdated information, but I'm not sure since
I've never heard of this. Maybe it assumes a complete backup on the
computer and unencrypted backup?
Post by Todd Allcock
Overall, it would seem that Blackberry is still the secure weapon of
choice for both Government and criminals! ;) (So much for Lewis'
statements "iPhones are as secure as Blackberries" and Blackberry
security is "illusory".)
RIM has given the keys to several governments around the world,
including the US, India, and Pakistan. This means there is, for all
intents and purposes, *no* security on Blackberry devices.
I'm certainly no expert, but AFAIK, those keys only work for folks using
Blackberry Internet Server (essentially the consumer/small business
version of Blackberry, where your data lives on the Blackberry servers.
Corporate/Gummit users use Blackberry Enterprise Server, where the
Blackberry server is in-house under the orgs control. Not much different
than Exchange, where large users own the server, and small ones rent
hosted accounts from other firms who operate the server for them.

I guess the real moral of the story is Big Brother *is* watching you, or
at least they could be whenever they they decide they want to... :(
nospam
2012-10-23 22:21:45 UTC
Permalink
Post by Lewis
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
ios 5 doesn't change anything.

keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.

at that point, much of the file system is available for exploration.
you just need a cable, a computer and some software.

however, some stuff will require decryption, such as email. a lot of
stuff doesn't, though.
Post by Lewis
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
That also seems like it is outdated information, but I'm not sure since
I've never heard of this. Maybe it assumes a complete backup on the
computer and unencrypted backup?
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
DevilsPGD
2012-10-24 01:28:10 UTC
Permalink
Post by nospam
Post by Lewis
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
ios 5 doesn't change anything.
keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.
at that point, much of the file system is available for exploration.
you just need a cable, a computer and some software.
however, some stuff will require decryption, such as email. a lot of
stuff doesn't, though.
The data is encrypted, however it's not encrypted using your PIN or
other security tool. Rather, the key is stored in hardware which (in
theory) verifies that the OS bootloader is signed before unlocking,
similar to TPM.

DFU mode bypasses the OS, but also limits access to the encryption key,
making it somewhat complicated to access the data. The strength of your
PIN doesn't matter in this situation, but rather, the strength of the
encryption system used internally.
--
The nice thing about standards, there is enough for everyone to have their own.
nospam
2012-10-24 02:19:06 UTC
Permalink
Post by DevilsPGD
Post by nospam
Post by Lewis
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
ios 5 doesn't change anything.
keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.
at that point, much of the file system is available for exploration.
you just need a cable, a computer and some software.
however, some stuff will require decryption, such as email. a lot of
stuff doesn't, though.
The data is encrypted, however it's not encrypted using your PIN or
other security tool. Rather, the key is stored in hardware which (in
theory) verifies that the OS bootloader is signed before unlocking,
similar to TPM.
DFU mode bypasses the OS, but also limits access to the encryption key,
making it somewhat complicated to access the data. The strength of your
PIN doesn't matter in this situation, but rather, the strength of the
encryption system used internally.
there's more to it than just that.

the problem is that the keys to decrypt the data are on the phone. with
the right tools, data can be extracted.
Michael Eyd
2012-10-24 07:54:20 UTC
Permalink
Post by nospam
Post by Lewis
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
That is way out of date. That hasn't been true since iOS 5 was
introduced. If there is a passcode set in iOS post 5.0, *everything* on
the phone is protected by the passcode.
ios 5 doesn't change anything.
keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.
Which *personal information* is necessary for the boot process?
(Almost?) all information needed up to that point is not related to the
person using the iPhone, but is part of the OS - no encryption needed up
to here.
Post by nospam
at that point, much of the file system is available for exploration.
you just need a cable, a computer and some software.
Even if that was true (which I don't know), if the data is encrypted
(correctly) just copying the encrypted files is only the small first
step towards access to the data.
Post by nospam
however, some stuff will require decryption, such as email. a lot of
stuff doesn't, though.
Post by Lewis
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
That also seems like it is outdated information, but I'm not sure since
I've never heard of this. Maybe it assumes a complete backup on the
computer and unencrypted backup?
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)

So, perhaps you better think about the difference of 'getting access to
files' and 'getting access to the data in such files', especially
considering encryption... ;-)

And yes, breaking the encryption on a PC *is* much easier than on the
iPhone itself, no doubt.

Best regards,

Michael
Todd Allcock
2012-10-24 14:57:10 UTC
Permalink
Am 24.10.2012 00:21, schrieb nospa
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)
Because iTunes sync is two-way. To sync your contacts, etc. between your
computer and your phone, the computer has to be able to read the phone
data. If it can do that with your password protected, encrypted phone
without prompting you each time, it either "knows" your password, or can
authenticate itself to your phone to the phone's satisfaction.

In either case, that's something that can be exploited, apparently by
copying certain files from the iTunes folder if these Cellebrite folks
are to be believed.
So, perhaps you better think about the difference of 'getting access to
files' and 'getting access to the data in such files', especially
considering encryption... ;-)
Again, only going by Cellebrite's claims, very little encryption is going
on in an iPhone- mostly just email and passwords. Most everything else
is wide open.

Obviously, however, Cellebrite has a vested interest in making the
extraction of phone content seem essentially foolproof for law enforcement.
The truth may be very different.
nospam
2012-10-24 18:21:45 UTC
Permalink
Post by Michael Eyd
Post by nospam
keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.
Which *personal information* is necessary for the boot process?
(Almost?) all information needed up to that point is not related to the
person using the iPhone, but is part of the OS - no encryption needed up
to here.
i didn't say personal information was needed for the boot process.

what i said was that not all personal information is protected. some
apps are pretty bad about this and even store data in plaintext. all
you need is a text editor.

you can also boot a custom image via recovery mode to poke around. i
saw john zdziarski do that at a talk last year and watched him pull all
sorts of stuff off a locked phone. it's really not that hard.
Post by Michael Eyd
Post by nospam
at that point, much of the file system is available for exploration.
you just need a cable, a computer and some software.
Even if that was true (which I don't know),
it is.
Post by Michael Eyd
if the data is encrypted
(correctly) just copying the encrypted files is only the small first
step towards access to the data.
some data is encrypted and some isn't.
Post by Michael Eyd
Post by nospam
however, some stuff will require decryption, such as email. a lot of
stuff doesn't, though.
Post by Lewis
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
That also seems like it is outdated information, but I'm not sure since
I've never heard of this. Maybe it assumes a complete backup on the
computer and unencrypted backup?
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)
the point is that when you plug a locked phone into your computer,
itunes happily reads and writes to it, without you needing to unlock
it.
Post by Michael Eyd
So, perhaps you better think about the difference of 'getting access to
files' and 'getting access to the data in such files', especially
considering encryption... ;-)
i have.
Post by Michael Eyd
And yes, breaking the encryption on a PC *is* much easier than on the
iPhone itself, no doubt.
yes it is.
Michael Eyd
2012-10-25 06:59:02 UTC
Permalink
Post by nospam
Post by Michael Eyd
Post by nospam
keep in mind that the iphone will boot up to the passcode screen,
without any passcode needed. that means a lot of stuff is *not*
protected by any passcode.
Which *personal information* is necessary for the boot process?
(Almost?) all information needed up to that point is not related to the
person using the iPhone, but is part of the OS - no encryption needed up
to here.
i didn't say personal information was needed for the boot process.
what i said was that not all personal information is protected. some
apps are pretty bad about this and even store data in plaintext. all
you need is a text editor.
Which is in general not Apple's fault... :-( If the programmers of the
apps are too lazy to just tell iOS to store the data encrypted, who can
help them? And AFAIK there really isn't that much to program to store
data encrypted.
Post by nospam
you can also boot a custom image via recovery mode to poke around.
AFAIK (never seen it though) this image must be signed correctly, at
least with Apple's key, possibly even with a device specific key - but I
have to admit that I might be wrong here...
Post by nospam
i
saw john zdziarski do that at a talk last year and watched him pull all
sorts of stuff off a locked phone. it's really not that hard.
It becomes everything but easy if my assumption about this custom image
needing to be signed properly is correct. ;-)
Post by nospam
Post by Michael Eyd
Post by nospam
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)
the point is that when you plug a locked phone into your computer,
itunes happily reads and writes to it, without you needing to unlock
it.
Which can still be cryptographically secured, e.g. using
challenge-response procedures. And for these to work the two devices
need to be paired once (so that they 'know' each other), but the actual
conversation needs more than just the correct pretending to be an
already paired PC (e.g.), additionally both partners have to generate
correct answers to questions sent by the partner. If these answers don't
match the expectations - connection blocked.

And if this is done properly, part of the response calculation is data
that cannot be (easily) replicated to any other PC... :-)

Best regards,

Michael
nospam
2012-10-25 13:21:51 UTC
Permalink
Post by Michael Eyd
Post by nospam
what i said was that not all personal information is protected. some
apps are pretty bad about this and even store data in plaintext. all
you need is a text editor.
Which is in general not Apple's fault... :-( If the programmers of the
apps are too lazy to just tell iOS to store the data encrypted, who can
help them? And AFAIK there really isn't that much to program to store
data encrypted.
it doesn't matter whose fault it is. the reality is that a lot of apps
leave data in the clear and someone wanting to get at that data won't
have a whole lot of difficulty.
Post by Michael Eyd
Post by nospam
you can also boot a custom image via recovery mode to poke around.
AFAIK (never seen it though) this image must be signed correctly, at
least with Apple's key, possibly even with a device specific key - but I
have to admit that I might be wrong here...
Post by nospam
saw john zdziarski do that at a talk last year and watched him pull all
sorts of stuff off a locked phone. it's really not that hard.
It becomes everything but easy if my assumption about this custom image
needing to be signed properly is correct. ;-)
jailbreak tools get around that.
Post by Michael Eyd
Post by nospam
Post by Michael Eyd
Post by nospam
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)
the point is that when you plug a locked phone into your computer,
itunes happily reads and writes to it, without you needing to unlock
it.
Which can still be cryptographically secured, e.g. using
challenge-response procedures. And for these to work the two devices
need to be paired once (so that they 'know' each other), but the actual
conversation needs more than just the correct pretending to be an
already paired PC (e.g.), additionally both partners have to generate
correct answers to questions sent by the partner. If these answers don't
match the expectations - connection blocked.
And if this is done properly, part of the response calculation is data
that cannot be (easily) replicated to any other PC... :-)
there are a number of things that could be improved but it's not
completely horrible. the iphone is reasonably secure, it's just not as
secure as some might believe. claims that 'no one' can access data is
flat out wrong. very wrong.
Michael Eyd
2012-10-25 16:02:05 UTC
Permalink
Post by nospam
Post by Michael Eyd
Post by nospam
what i said was that not all personal information is protected. some
apps are pretty bad about this and even store data in plaintext. all
you need is a text editor.
Which is in general not Apple's fault... :-( If the programmers of the
apps are too lazy to just tell iOS to store the data encrypted, who can
help them? And AFAIK there really isn't that much to program to store
data encrypted.
it doesn't matter whose fault it is. the reality is that a lot of apps
leave data in the clear and someone wanting to get at that data won't
have a whole lot of difficulty.
IF the way you described is (still) possible...
Post by nospam
Post by Michael Eyd
Post by nospam
you can also boot a custom image via recovery mode to poke around.
AFAIK (never seen it though) this image must be signed correctly, at
least with Apple's key, possibly even with a device specific key - but I
have to admit that I might be wrong here...
Post by nospam
saw john zdziarski do that at a talk last year and watched him pull all
sorts of stuff off a locked phone. it's really not that hard.
It becomes everything but easy if my assumption about this custom image
needing to be signed properly is correct. ;-)
jailbreak tools get around that.
Now, how do you JB a locked device? That's a serious question as I never
JBed a device...
Post by nospam
Post by Michael Eyd
Post by nospam
Post by Michael Eyd
Post by nospam
syncing with itunes does not need your passcode to read and write to
anything on the device. think about it.
Why would I have to think about it? If the data on the device is
encrypted iTunes is welcome to copy all this encrypted stuff to my PC.
Just that doesn't help you much in trying to read it on the PC... ;-)
the point is that when you plug a locked phone into your computer,
itunes happily reads and writes to it, without you needing to unlock
it.
Which can still be cryptographically secured, e.g. using
challenge-response procedures. And for these to work the two devices
need to be paired once (so that they 'know' each other), but the actual
conversation needs more than just the correct pretending to be an
already paired PC (e.g.), additionally both partners have to generate
correct answers to questions sent by the partner. If these answers don't
match the expectations - connection blocked.
And if this is done properly, part of the response calculation is data
that cannot be (easily) replicated to any other PC... :-)
there are a number of things that could be improved but it's not
completely horrible. the iphone is reasonably secure, it's just not as
secure as some might believe. claims that 'no one' can access data is
flat out wrong. very wrong.
Here I agree. However, I still feel that the access protection of the
iPhone is really not all that bad compared to other devices/manufacturers.

Best regards,

Michael
Todd Allcock
2012-10-25 17:22:25 UTC
Permalink
Post by Michael Eyd
Now, how do you JB a locked device? That's a serious question as I
never JBed a device...
You boot the device in recovery mode, which was designed to allow
reloading the firmware in case an update went terribly wrong and bricked
the device. The device starts but doesn't load the presumably corrupt OS
to let a computer load a utility to prepare it to accept a firmware update.
This mode is what jailbreak utilities (and, apparently, the data
extractors sold to law-endowment officials) use to interact with the
device. The OS hasn't loaded yet, so the device lock isn't yet an issue.
Savageduck
2012-10-26 01:06:43 UTC
Permalink
Post by Todd Allcock
Post by Michael Eyd
Now, how do you JB a locked device? That's a serious question as I
never JBed a device...
You boot the device in recovery mode, which was designed to allow
reloading the firmware in case an update went terribly wrong and bricked
the device. The device starts but doesn't load the presumably corrupt OS
to let a computer load a utility to prepare it to accept a firmware update.
This mode is what jailbreak utilities (and, apparently, the data
extractors sold to law-endowment officials) use to interact with the
device. The OS hasn't loaded yet, so the device lock isn't yet an issue.
What on Earth is a "law-endowment official"?

I know what a law enforcement officer is, I have the retired Lt. badge
& ID to prove it.
--
Regards,

Savageduck
AaronL
2012-10-26 01:57:24 UTC
Permalink
Post by Savageduck
Post by Todd Allcock
Post by Michael Eyd
Post by Michael Eyd
Now, how do you JB a locked device? That's a serious question as I
never JBed a device...
Post by Michael Eyd
Post by Todd Allcock
You boot the device in recovery mode, which was designed to allow
reloading the firmware in case an update went terribly wrong and bricked
the device. The device starts but doesn't load the presumably corrupt OS
to let a computer load a utility to prepare it to accept a firmware update.
This mode is what jailbreak utilities (and, apparently, the data
extractors sold to law-endowment officials) use to interact with the
device. The OS hasn't loaded yet, so the device lock isn't yet an issue.
What on Earth is a "law-endowment official"?
My guess is an auto correct attack.
Post by Savageduck
I know what a law enforcement officer is, I have the retired Lt. badge & ID to prove it.
But I imagine you already knew that...

nospam
2012-10-23 22:21:47 UTC
Permalink
Post by Todd Allcock
After looking over Cellebright's website (apparently the leading vendor
of mobile forensic devices and software), I'm beginning to conclude that
the iPhone is actually one of the least secure "smart" devices around if
it falls into the hands of law enforcement.
you must be lying. lewis says that's not possible.
Post by Todd Allcock
iPhones and some Androids (mostly Motorola and Samsung) seem particularly
vulnerable because the reader seems to be able to extract their contents
at boot by using DFU-mode (they don't call it that, but that seems likely
from the vague description: "The extraction application does not load
iOS, but instead loads a special forensic utility to the device. This
utility is loaded to the device's memory (RAM) and runs directly from
there. Therefore, it does not modify the device's storage and does not
leave any footprints...")
Simple PINs can be brute forced, but complex passwords aren't even
attempted (Lewis for the win!)
don't be so quick to give him a win. getting information off the phone
doesn't necessarily need the complex passcode, as you note below, and
the cellebrite isn't the only tool in the toolbox.
Post by Todd Allcock
To get the complex password, Sgt. Friday
has to "extract" the password not from the phone with the Cellebright
device, but from the owner using the carpet beater and enter the password
into the Cellebright. Unfortunately, however, the passwords don't really
seem to be needed for most data!
exactly. many apps don't protect their data.
Post by Todd Allcock
From the iPhone extraction FAQ, iOS
http://www.cellebrite.com/mobile-forensics-products/ufed-support-
center/downloads/iphone-physical-extraction-faq.html,
only "some email files" and "keyring" password data is protected by
encryption, and virtually all app data and other info can be extracted
*without* using either the PIN or complex passcode. Hmmm...
that is true.
Post by Todd Allcock
Cellebright also offers Sgt. Friday another alternative- the iPhone
password can be bypassed by copying certain .plist files from the iTunes
computer the phone syncs with. You copy a few files to a thumbdrive,
plug it into the Cellebright, and it unlocks the iPhone without having to
http://www.cellebrite.com/images/stories/support%
20files/Apple_iPhone_Passcode_Bypass_instructions.pdf
Of course for this to work, you need access to both the phone AND the
suspect's computer.
that's because itunes doesn't need a passcode to sync data.

you can attach a phone *with* a passcode and itunes somehow manages to
read and write your data, without you needing to enter it in every time
you sync.

interestingly, xcode (apple's mac & ios app development environment)
sometimes asks that you unlock the device to work with it. sometimes it
doesn't and instead just gives a cryptic error.
Post by Todd Allcock
Overall, it would seem that Blackberry is still the secure weapon of
choice for both Government and criminals! ;) (So much for Lewis'
statements "iPhones are as secure as Blackberries" and Blackberry
security is "illusory".)
if someone wants to crack it, they will. fortunately, most thugs just
want to flip it for cash and don't care what's on it.
Michelle Steiner
2012-10-23 19:27:05 UTC
Permalink
Post by Todd Allcock
If I set the phone to wipe after 10 incorrect attempts, how is our
hypothetical Sgt. Friday going to get in without strapping me in a chair
and whipping out Le Chiffre's carpet beater to convince me to give him
the PIN?
Wow, talk about mixed genres!
--
I am Woman; watch me vote!
nospam
2012-10-23 05:22:08 UTC
Permalink
Post by Todd Allcock
Post by Lewis
Post by nospam
but people who care about security and take the time to enable it
use an actual password, not a numeric PIN. Because of the
restrictive nature of how the password can be cracked, even a
weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
Um, how are you going to run this mythical software on an iPhone that's
password locked? If you can install and run software on a locked iPhone,
the platform has bigger security issues than how many digits your
password is.
jailbreak is one way.

and you don't have to do it on the phone.
<http://www.cellebrite.com/mobile-forensics-products/solutions/ios-foren
sics.html>
Post by Todd Allcock
Post by Lewis
It is trivial to create a password on iOS that is extremely secure. Far
more secure than the identical password on a computer.
Am I missing something? Set the phone to erase itself after 10 incorrect
attempts and a four digit pin is more than sufficient. Heck, even a two
digit pin has a 90% chance of thwarting the miscreant. ;)
yes you are missing something.

you don't enter the pin code on the phone to crack it.
Post by Todd Allcock
I've never used anything stronger than a 4-digit pin on a phone. It's a
deterrent, not NSA-level security.
a deterrent only to honest people and those who just want to flip the
phone for quick cash.

those who want to crack it, will.
nospam
2012-10-23 05:22:10 UTC
Permalink
Post by Lewis
Post by nospam
Post by Lewis
I don't know anyone who uses a 4 number pin (not even my kids).
well that must mean nobody uses a 4 digit pin code.
No, but it means it's probably a damn low percentage.
based on what? more silly google searches?

given that you have to enable a longer pass code, it's probably in the
high percentages that people don't bother doing that and use a 4 digit
pin. plus, people are lazy and don't want to type in a long code.
Post by Lewis
Post by nospam
Post by Lewis
but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
that's why you do the cracking on a faster computer.
Post by Lewis
Post by nospam
plus, they don't have to compel suspects to give up their passcodes for
their phones because they can get past it.
No they cannot.
oh yes they can.
Post by Lewis
Post by nospam
Post by Lewis
Post by nospam
no one can break iphone security? no one at all? bolded, even???
OK, No one has.
wrong. many people have. it's not that tough to do.
You are a liar.
name calling again.
Post by Lewis
Post by nospam
Post by Lewis
Post by nospam
according to the link *you* gave, it will take about 13 minutes to
crack an iphone with a 4 digit pin, and that's when doing it on the
iphone. using a faster system will take less time.
You can't use a faster system, that's the whole point. You *have* to do
the crack on the iPhone.
wrong.
Not wrong. The crack program must be run on the phone because the key is
in the phone's hardware. Please do the least effort research before
embarrassing yourself.
i already have.

extract the contents of the iphone, then work on that image on a faster
computer.
Lewis
2012-10-23 14:46:18 UTC
Permalink
Post by nospam
Post by Lewis
Post by nospam
Post by Lewis
I don't know anyone who uses a 4 number pin (not even my kids).
well that must mean nobody uses a 4 digit pin code.
No, but it means it's probably a damn low percentage.
based on what? more silly google searches?
given that you have to enable a longer pass code, it's probably in the
high percentages that people don't bother doing that and use a 4 digit
pin. plus, people are lazy and don't want to type in a long code.
Post by Lewis
Post by nospam
Post by Lewis
but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
there are very few people who care that much about security and it
won't take years.
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
that's why you do the cracking on a faster computer.
You *cannot*. The cracking software must be run *on the phone*.
Post by nospam
extract the contents of the iphone, then work on that image on a faster
computer.
You can't because the private key is part of the phone's hardware.
--
I DO NOT HAVE DIPLOMATIC IMMUNITY Bart chalkboard Ep. 9F20
nospam
2012-10-24 00:18:57 UTC
Permalink
Post by Lewis
Post by nospam
Post by Lewis
It's pretty simple to do the math. It will take years to crack an 8
character password on an iphone.
that's why you do the cracking on a faster computer.
You *cannot*. The cracking software must be run *on the phone*.
Post by nospam
extract the contents of the iphone, then work on that image on a faster
computer.
You can't because the private key is part of the phone's hardware.
wrong.
Salgud
2012-10-22 19:11:35 UTC
Permalink
Post by Lewis
I don't know anyone who uses a 4 number pin (not even my kids).
And this piece of information indicates what?

I and one of my sons use a 4 digit code, so I know 2 people who use them. I
have two other sons that don't. So, based on your thinking, I can conclude
that 50% of iPhone users use 4 digit codes, and 50% use no code. Maybe I
can get an article published in some high-faluting science journal based on
my statistical analysis?
Wes Groleau
2012-10-23 05:04:05 UTC
Permalink
Post by Lewis
woman sitting next to me got a text message and unlocked her phone. She
had to unlock it and she did so not with a numeric pin (since that would
only show the numeric 10-key) but with an actual password using the
keyboard. At least once they keyboard changed to the symbols/numbers, so
she had a 'real' password. This was just a random stranger sitting in a
movie theatre.
"I gotta change my password. Some random stranger was watching me enter it"
--
Wes Groleau

What kind of smiley is C:\ ?
nospam
2012-10-23 05:22:11 UTC
Permalink
Post by Wes Groleau
"I gotta change my password. Some random stranger was watching me enter it"
you might be surprised how easy that is to learn people's passcodes
just by watching.
AaronL
2012-10-23 17:31:10 UTC
Permalink
Post by nospam
Post by Wes Groleau
"I gotta change my password. Some random stranger was watching me enter it"
you might be surprised how easy that is to learn people's passcodes
just by watching.
Could be. But what could a stranger do with a phone password he observed in
passing?
Michelle Steiner
2012-10-23 20:22:20 UTC
Permalink
In article
Post by AaronL
Post by nospam
Post by Wes Groleau
"I gotta change my password. Some random stranger was watching me enter it"
you might be surprised how easy that is to learn people's passcodes
just by watching.
Could be. But what could a stranger do with a phone password he observed
in passing?
Mug you and steal the phone?
--
I am Woman; watch me vote!
nospam
2012-10-23 22:21:50 UTC
Permalink
In article
Post by AaronL
Post by nospam
Post by Wes Groleau
"I gotta change my password. Some random stranger was watching me enter it"
you might be surprised how easy that is to learn people's passcodes
just by watching.
Could be. But what could a stranger do with a phone password he observed in
passing?
if you see a random person on the street it doesn't matter. you
probably won't see them again or their phone.

however, if you see the passcode of someone you do know, maybe at work
or a neighbor, you could remember their code for later use. then when
the owner steps away from their phone for a few minutes, you could pick
it up, unlock it and snoop.

is it a big risk? no, but it's not zero.
AaronL
2012-10-24 04:18:06 UTC
Permalink
Post by nospam
if you see the passcode of someone you do know, maybe at work
or a neighbor, you could remember their code for later use. then when
the owner steps away from their phone for a few minutes, you could pick
it up, unlock it and snoop.
IMO anyone who leaves their phone unattended anywhere (except perhaps
at home) has a much greater chance of data (and phone) loss than just
being careless the password.
DevilsPGD
2012-10-24 01:28:10 UTC
Permalink
Post by nospam
Post by Wes Groleau
"I gotta change my password. Some random stranger was watching me enter it"
you might be surprised how easy that is to learn people's passcodes
just by watching.
I occasionally tell people their bank card's PIN, and encourage them to
cover the keypad in the future. Mobile phones are easier, especially if
you know the person or have reason to be near them for more than a
handful of minutes.
--
The nice thing about standards, there is enough for everyone to have their own.
AaronL
2012-10-24 04:18:06 UTC
Permalink
Post by DevilsPGD
I occasionally tell people their bank card's PIN, and encourage them to
cover the keypad in the future.
Like a phone, the card PIN won't do you much good without the actual
physical card in your possession. Maybe better advice would be tell
them to avoid strangers who stand very close and make strange
suggestions.
DevilsPGD
2012-10-24 01:28:10 UTC
Permalink
Post by Lewis
Perhaps. I don't know anyone who uses a 4 number pin (not even my kids).
Most people don't use a password at all, of course, but people who care
about security and take the time to enable it use an actual password,
not a numeric PIN. Because of the restrictive nature of how the password
can be cracked, even a weak<1> 8 character password will take years to
crack on an iphone.
I suspect that my 4 digit PIN is secure enough to keep you and anyone
else out, short of someone with the capabilities to disassemble the
phone and access the chips directly (in which case the point is moot),
or a known jailbreak that doesn't require user-mode access.

You get 10 tries total, and it takes a couple hours to even get to the
10th try. When you hit try #10, the iPhone wipes the encryption key and
we're done for the day.

It's about balancing security vs convenience, since this is a code that
I enter dozens of times per day, single handed, often while moving when
I can't stop to pay attention to the phone.
--
The nice thing about standards, there is enough for everyone to have their own.
nospam
2012-10-24 02:19:03 UTC
Permalink
Post by DevilsPGD
I suspect that my 4 digit PIN is secure enough to keep you and anyone
else out, short of someone with the capabilities to disassemble the
phone and access the chips directly (in which case the point is moot),
or a known jailbreak that doesn't require user-mode access.
no need for disassembly. a 4 digit pin can be cracked in under 15
minutes with a cable and computer, and some data doesn't need for the
pin to be cracked.
Post by DevilsPGD
You get 10 tries total, and it takes a couple hours to even get to the
10th try. When you hit try #10, the iPhone wipes the encryption key and
we're done for the day.
true, if you use the front door. if you use the back door (see above),
you can try all 10,000 codes.
Post by DevilsPGD
It's about balancing security vs convenience, since this is a code that
I enter dozens of times per day, single handed, often while moving when
I can't stop to pay attention to the phone.
true.

a 4 digit pin code keeps out most people. it won't keep out all people.
AaronL
2012-10-22 17:11:22 UTC
Permalink
Post by nospam
longer passphrases are obviously safer,
The security on my Android phone is a bit of a joke. Course it's 2
years old now so the new phones may be better. The laugh is that even
using the longest password, and the phone being locked, all you have
to do is plug it into a PC, it turns into a drive, and the phone's 8GB
memory becomes open and available to you, no password required.

Course I also have a 32GB SD card plugged into the phone, and that
card would be available even with good security, but still...

However I do lock the phone on the theory that if lost or swiped it
may give me a little time to change sensitive passwords like email
ect.
Post by nospam
but very few people enable that
because it's a pain to type it in each time.
I have an app that automatically locks the phone only when I'm out
(away from my WiFi) and that cuts down on the pain a little.
nospam
2012-10-22 18:37:16 UTC
Permalink
Post by AaronL
Post by nospam
longer passphrases are obviously safer,
The security on my Android phone is a bit of a joke. Course it's 2
years old now so the new phones may be better. The laugh is that even
using the longest password, and the phone being locked, all you have
to do is plug it into a PC, it turns into a drive, and the phone's 8GB
memory becomes open and available to you, no password required.
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.

anyone who thinks data can't be hacked is delusional.
Post by AaronL
Post by nospam
but very few people enable that
because it's a pain to type it in each time.
I have an app that automatically locks the phone only when I'm out
(away from my WiFi) and that cuts down on the pain a little.
that sounds useful.

iphones have a timer, so it won't lock if you turn it back on within a
user specified time limit (and the choices are very limited), however
not having it lock based on location makes a lot more sense.
Charles
2012-10-22 20:57:02 UTC
Permalink
Post by nospam
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
You can encrypt the backup in iTunes if you back up your iPhone on a
computer.
--
Charles
nospam
2012-10-22 21:02:22 UTC
Permalink
Post by Charles
Post by nospam
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
You can encrypt the backup in iTunes if you back up your iPhone on a
computer.
you can, but most people don't.

i also forgot to mention that the data can be obtained via icloud.
Lewis
2012-10-23 02:55:01 UTC
Permalink
Post by nospam
Post by Charles
Post by nospam
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
You can encrypt the backup in iTunes if you back up your iPhone on a
computer.
you can, but most people don't.
Most users don't care about security. For people who care about
security, iOS is vastly superior to Blackberry.
Post by nospam
i also forgot to mention that the data can be obtained via icloud.
No it can't. You would have to know the Apple ID and then crack the
password. Good luck.
--
IT DOES NOT SUCK TO BE YOU Bart chalkboard Ep. AABF13
DevilsPGD
2012-10-24 01:28:10 UTC
Permalink
Post by Lewis
Post by nospam
Post by Charles
Post by nospam
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
You can encrypt the backup in iTunes if you back up your iPhone on a
computer.
you can, but most people don't.
Most users don't care about security. For people who care about
security, iOS is vastly superior to Blackberry.
Historically, this has not been true. How many iPhone OS versions have
been rooted through the browser giving full access to everything
including the keychain? (Hint: All of the JailbreakMe.com supported
versions)

There is a lot of negative things to say about BlackBerry smartphones,
and RIM in general, but security is one thing they have done right, at
least as long as you use BES. If you use BIS, all bets are off for the
data that passes through BIS.
--
The nice thing about standards, there is enough for everyone to have their own.
Lewis
2012-10-23 02:53:24 UTC
Permalink
Post by nospam
Post by AaronL
Post by nospam
longer passphrases are obviously safer,
The security on my Android phone is a bit of a joke. Course it's 2
years old now so the new phones may be better. The laugh is that even
using the longest password, and the phone being locked, all you have
to do is plug it into a PC, it turns into a drive, and the phone's 8GB
memory becomes open and available to you, no password required.
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
If you care about security, your backups are encrypted and then no one
can access the data.
Post by nospam
anyone who thinks data can't be hacked is delusional.
SOMEONE is delusional. If you check the bathroom mirror you'll see who it is.
Post by nospam
iphones have a timer, so it won't lock if you turn it back on within a
user specified time limit (and the choices are very limited),
One of the choices is "immediately" so no, there is not a delay in
locking for anyoen who wants security.
--
You came in that thing? You're braver than I thought!
nospam
2012-10-23 05:22:05 UTC
Permalink
Post by Lewis
Post by nospam
Post by AaronL
Post by nospam
longer passphrases are obviously safer,
The security on my Android phone is a bit of a joke. Course it's 2
years old now so the new phones may be better. The laugh is that even
using the longest password, and the phone being locked, all you have
to do is plug it into a PC, it turns into a drive, and the phone's 8GB
memory becomes open and available to you, no password required.
you can do that with an iphone. in fact, you don't even need the actual
phone to get the data! the contents of the phone are backed up on the
user's computer and there are several apps that can access the data in
the backup.
If you care about security, your backups are encrypted and then no one
can access the data.
except the police, like you said in another post.
Post by Lewis
Post by nospam
anyone who thinks data can't be hacked is delusional.
SOMEONE is delusional. If you check the bathroom mirror you'll see who it is.
what are you doing in my bathroom?
Post by Lewis
Post by nospam
iphones have a timer, so it won't lock if you turn it back on within a
user specified time limit (and the choices are very limited),
One of the choices is "immediately" so no, there is not a delay in
locking for anyoen who wants security.
you really think that gives you security?

it might stop a thug in need of a meth fix who really just wants to
flip it for cash and doesn't really care what's on it, but not someone
who *does* want to see what's on it.

you can slow someone down, maybe enough to make it not worth their
time, but you can't prevent it. if there's a good reason to find out
what's on the device, such as for a murder suspect, then they won't
give up all that easily.
Lewis
2012-10-23 14:44:15 UTC
Permalink
Post by nospam
it might stop a thug in need of a meth fix who really just wants to
flip it for cash and doesn't really care what's on it, but not someone
who *does* want to see what's on it.
If you have a strong password, then no, no one is getting a the data in
the backup or on the phone.
Post by nospam
you can slow someone down,
You can easily make it take centuries. You can make it take billions of
years, exceeding the expected lifespan of the universe.
--
Anybody who tells me what happens to me after I'm dead is either a liar
or a fool because they DON'T KNOW
Todd Allcock
2012-10-22 19:04:43 UTC
Permalink
Post by AaronL
Post by nospam
longer passphrases are obviously safer,
The security on my Android phone is a bit of a joke. Course it's 2
years old now so the new phones may be better. The laugh is that even
using the longest password, and the phone being locked, all you have
to do is plug it into a PC, it turns into a drive, and the phone's 8GB
memory becomes open and available to you, no password required.
Which phone is that? My (unrooted) Android only lets me access the SD
card like a drive.

App data on Android is sandboxes like in iOS, so that should be
inaccessible except on a rooted phone, but of course with a rooted phone
all bets are off where security is concerned! (as with jailbroken
iPhones.)
Post by AaronL
Course I also have a 32GB SD card plugged into the phone, and that
card would be available even with good security, but still...
Windows Mobile (old-school WinMo, not the new Windows Phones) had that
covered as well. There was an SD card encryption option that made the
card unreadable on PCs. You could only copy files to and from the card
using the device itself as the card reader, and only with the device
unlocked.
Post by AaronL
However I do lock the phone on the theory that if lost or swiped it
may give me a little time to change sensitive passwords like email
ect.
Post by nospam
but very few people enable that
because it's a pain to type it in each time.
I have an app that automatically locks the phone only when I'm out
(away from my WiFi) and that cuts down on the pain a little.
I use a 4-digit PIN (yeah, I know...) required every time the phone is
turned on. I realize it's not very secure comparatively, but I figure the
hassle of entering complex password would encourage me to increase the
auto lock time to 15 minutes or even more so I wouldn't ned to enter it
as often. I feel safer knowing my phone is always locked, even with a
relatively insecure password.

What I'd also like to see is a "wipe if SIM removed/changed" option.
There's probably an Android app like that, but the more locked-down OSes
like (new) Windows Phone and iOS don't give devs that level of access to
hardware. Switch the SIM and you get three strikes to enter the correct
password or the device wipes itself. That would cover the miscreants who
switch SIMs to thwart SMS-based wipe commands. I had an app on my old
WinMo phone that if the SIM was changed, it silently texted my wife's
phone (on the assumption that my phone was lost/stolen, of course!) with
the new SIM's number, and the phone's GPS location.
AaronL
2012-10-22 20:35:54 UTC
Permalink
Post by Todd Allcock
Post by AaronL
The security on my Android phone is a bit of a joke.
Which phone is that?
The original HTC Incredible (unrooted).
Post by Todd Allcock
My (unrooted) Android only lets me access the SD
card like a drive.
Mine shows up as 2 drives, phone memory and SD card.
Post by Todd Allcock
There was an SD card encryption option that made the
card unreadable on PCs.
I just keep photos and videos to bore people with (among other junk)
on the SD card, nothing too sensitive there.
Post by Todd Allcock
I use a 4-digit PIN (yeah, I know...)
I use a 4 digit pin too. My purpose isn't to stop a determined hacker.
It's to buy time so that I can change sensitive passwords.
Post by Todd Allcock
What I'd also like to see is a "wipe if SIM removed/changed" option.
Not a problem for me, no SIM card...
AaronL
2012-10-22 17:11:22 UTC
Permalink
On Mon, 22 Oct 2012 06:34:55 +0000 (UTC), Lewis
Post by Lewis
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are.
A "fact"? Really? Any data to back that up?
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Post by Lewis
App purchases? iOS
You been to the Google Play Store (weird name, huh) lately? Looks just
like the Apple store.
Post by Lewis
An android phone is much more likely to be used as a basic
'feature' phone than an iPhone is.
Why would anyone pay $200 for a smartphone and use it as a feature
phone when they could pay $30 for a feature phone? (Both prices are
recent Verizon subsidized prices from my local Best Buy store.)
Lewis
2012-10-22 17:52:20 UTC
Permalink
Post by AaronL
On Mon, 22 Oct 2012 06:34:55 +0000 (UTC), Lewis
Post by Lewis
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are.
A "fact"? Really? Any data to back that up?
Scads. There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
Post by AaronL
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Evidently. They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Post by AaronL
Post by Lewis
App purchases? iOS
You been to the Google Play Store (weird name, huh) lately? Looks just
like the Apple store.
And yet, iOS users buy far more software than android users do. Again,
google is your friend.
Post by AaronL
Why would anyone pay $200 for a smartphone and use it as a feature
phone when they could pay $30 for a feature phone? (Both prices are
recent Verizon subsidized prices from my local Best Buy store.)
A lot of Android devices are not very smart and are not $200.
--
The difference between science fiction and fantasy in this world is not any of
the elaborate rules that you hear. The difference is simply this: Science
Fiction has rivets, Fantasy has trees. -Orson Scott Card
nospam
2012-10-22 18:37:14 UTC
Permalink
Post by Lewis
Post by AaronL
Why would anyone pay $200 for a smartphone and use it as a feature
phone when they could pay $30 for a feature phone? (Both prices are
recent Verizon subsidized prices from my local Best Buy store.)
A lot of Android devices are not very smart and are not $200.
the popular ones are, such as the galaxy s iii. some are even more than
that.
Todd Allcock
2012-10-22 19:38:15 UTC
Permalink
Post by Lewis
Post by AaronL
On Mon, 22 Oct 2012 06:34:55 +0000 (UTC), Lewis
Post by Lewis
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are.
A "fact"? Really? Any data to back that up?
Scads. There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
That say the same thing. Many more people use Safari Mobile than the
stock Android browser. I'm not sure that's all that convincing that many
people don't use Android as a smartphone. For starters, virtually every
third-party browser on iOS is a wrapper adding features to, yep, safari
Mobile. There's essentially one browser for iOS. Android is more open.
While the stock Android browser is pretty good, there are much better
options- two versions of Opera (Mini and Mobile), Dolphin, an excellent
browser that includes user agent spoofing (I can set it to desktop IE9
and can watch Hulu for free instead of using the subscription-based Hulu
app.)

Anyone using any alternate browser on androids is dripping out of those
stats.

Besides, most petiole don't browse all that much on phones, they use
connected apps. Email, Facebook, CNN, ESPN, eBay, Twitter, etc.; almost
every website you'd browse on your desk is probably an app on your phone.
Post by Lewis
Post by AaronL
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Evidently. They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Which includes iPads and iPods, categories that virtually zero Android
penetration.
Post by Lewis
Post by AaronL
Post by Lewis
App purchases? iOS
You been to the Google Play Store (weird name, huh) lately? Looks just
like the Apple store.
And yet, iOS users buy far more software than android users do. Again,
google is your friend.
Giggle is your friend. Android users also use a ton of apps, but mostly
free ones. We could debate the reasons why, demographics, app quality,
piracy, who knows? In any case it's irrelevant to your supposition.
Android owners use apps, they just don't buy many.
Post by Lewis
Post by AaronL
Why would anyone pay $200 for a smartphone and use it as a feature
phone when they could pay $30 for a feature phone? (Both prices are
recent Verizon subsidized prices from my local Best Buy store.)
A lot of Android devices are not very smart and are not $200.
Show me a dumb Android phone. Many cheaper models have crappy, low-res
screens, limited memory and slow processors, but show me one that isn't
"smart".
Lewis
2012-10-23 03:00:47 UTC
Permalink
Post by Todd Allcock
Post by Lewis
Post by AaronL
On Mon, 22 Oct 2012 06:34:55 +0000 (UTC), Lewis
Post by Lewis
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are.
A "fact"? Really? Any data to back that up?
Scads. There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
That say the same thing. Many more people use Safari Mobile than the
stock Android browser. I'm not sure that's all that convincing that many
people don't use Android as a smartphone. For starters, virtually every
third-party browser on iOS is a wrapper adding features to, yep, safari
Mobile. There's essentially one browser for iOS. Android is more open.
While the stock Android browser is pretty good, there are much better
options- two versions of Opera (Mini and Mobile), Dolphin, an excellent
browser that includes user agent spoofing (I can set it to desktop IE9
and can watch Hulu for free instead of using the subscription-based Hulu
app.)
Anyone using any alternate browser on androids is dripping out of those
stats.
No, because the stats show that 2/3 of mobile browsing is iOS.
Post by Todd Allcock
Post by Lewis
Post by AaronL
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Evidently. They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Which includes iPads and iPods, categories that virtually zero Android
penetration.
The combined ipod and ipads are a blip compared to the hundreds of
millions of iPhones.
Post by Todd Allcock
Post by Lewis
Post by AaronL
Post by Lewis
App purchases? iOS
You been to the Google Play Store (weird name, huh) lately? Looks just
like the Apple store.
And yet, iOS users buy far more software than android users do. Again,
google is your friend.
Giggle is your friend. Android users also use a ton of apps, but mostly
free ones.
As I said, iOS user *buy far more software*. Ask any developer. Take
tenths of a second on Google. People make money on iOS's app store and
they do not make money on Android.
Post by Todd Allcock
We could debate the reasons why, demographics, app quality,
piracy, who knows? In any case it's irrelevant to your supposition.
Android owners use apps, they just don't buy many.
I said *buy*. Please learn to read and stop taking lessons from the nospam idiot.
Post by Todd Allcock
Post by Lewis
A lot of Android devices are not very smart and are not $200.
Show me a dumb Android phone. Many cheaper models have crappy, low-res
screens, limited memory and slow processors, but show me one that isn't
"smart".
I said not very smart.
--
"Don't be nice. It's Creepy."
nospam
2012-10-23 05:22:06 UTC
Permalink
Post by Lewis
Post by Todd Allcock
Post by Lewis
Post by AaronL
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Evidently. They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Which includes iPads and iPods, categories that virtually zero Android
penetration.
The combined ipod and ipads are a blip compared to the hundreds of
millions of iPhones.
a blip???

rough numbers: over 400 million ios devices, with about 100 million of
them ipads and 250 million iphones.

apple might announce up to date numbers tomorrow, or they might save
the numbers for the earnings call later in the week.

either way, ipads are much, much more than 'a blip', and that's
*without* combining them with ipod touches. if you combine the two,
it's close to *half* of all ios devices.
Todd Allcock
2012-10-23 06:03:34 UTC
Permalink
Post by Lewis
Post by Todd Allcock
Many more people use Safari Mobile than the
stock Android browser. I'm not sure that's all that convincing that
many people don't use Android as a smartphone. For starters,
virtually every third-party browser on iOS is a wrapper adding
features to, yep, safari Mobile. There's essentially one browser for
iOS. Android is more open. While the stock Android browser is pretty
good, there are much better options- two versions of Opera (Mini and
Mobile), Dolphin, an excellent browser that includes user agent
spoofing (I can set it to desktop IE9
and can watch Hulu for free instead of using the subscription-based
Hulu app.)
Anyone using any alternate browser on androids is dripping out of
those stats.
No, because the stats show that 2/3 of mobile browsing is iOS.
About 55% last I saw, but either way, a large number. As I said though,
that included iPads and iPod Touches, which have no significant Android
counterparts.
Post by Lewis
Post by Todd Allcock
Post by Lewis
They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Which includes iPads and iPods, categories that virtually zero Android
penetration.
The combined ipod and ipads are a blip compared to the hundreds of
millions of iPhones.
The Boston Globe reports 244 million iPhones sold from launch to
September 2012 worldwide:
<http://www.bostonglobe.com/business/2012/09/11/now-what-several-things-
with-your-old-iphone/qUdYPQzL7WxWSoYj4hnMPI/story.html>,
while Cnet reports Apple claims selling 365 million iOS devices through
June 2012, meaning at least a third or more if iOS devices aren't iPhones:
<http://www.cnet.com/news/apple-365-million-ios-devices-sold-80-percent-
running-ios-5/57450474>,
which is a pretty big "blip".

Data from the Samsung trial reported by Ars:
<http://arstechnica.com/apple/2012/08/apple-lifts-curtain-on-ipod-touch-
sales-figures-for-the-first-time/>
says:

"Apple has sold 46.5 million iPod touch units in the US between the
device's introduction in 2007 and the second quarter of 2012. (That's in
addition to the nearly 86 million iPhones and 34 million iPads sold
during that time.)"

So, in the USA anyway, that "blip" of iPads and Touches account for
nearly half of all iOS devices sold. An even bigger blip.

Akamai data, which confirms the greater amount of iOS mobile browsing
overall, notes that if you only look at cellular data, not WiFi, iOS and
Android
are about even, with Android in a slight lead.
<http://www.akamai.com/html/io/io_dataset.html#stat=mobile_browser&top=5&t
ype=line&start=20120630&end=20120730&net=m>

That might be explained when you pull the "blip" of WiFI-only iOS devices
like Touches and WiFi iPads out of the mix.
Post by Lewis
Post by Todd Allcock
Post by Lewis
And yet, iOS users buy far more software than android users do. Again,
google is your friend.
Giggle is your friend. Android users also use a ton of apps, but
mostly free ones.
As I said, iOS user *buy far more software*. Ask any developer. Take
tenths of a second on Google. People make money on iOS's app store and
they do not make money on Android.
They make it in advertising, just like free iOS apps. Besides, who cares
if the apps are purchased or free? Your original premise was "even
though there are a lot more Android phones, they aren't being used the
way iOS phones are..."

Are apps only "being used" if they
cost $0.99?
Post by Lewis
Post by Todd Allcock
We could debate the reasons why, demographics, app quality,
piracy, who knows? In any case it's irrelevant to your supposition.
Android owners use apps, they just don't buy many.
I said *buy*. Please learn to read and stop taking lessons from the nospam idiot.
Again, how is that relevant to your premise? Presumably the browsing and
app "buying" data you tossed out was to support your point, and not just
offered as an interesting factoid.
Post by Lewis
Post by Todd Allcock
Post by Lewis
A lot of Android devices are not very smart and are not $200.
Show me a dumb Android phone. Many cheaper models have crappy, low-res
screens, limited memory and slow processors, but show me one that isn't
"smart".
I said not very smart.
Ok, show me one "not very smart..." How do *you* define smart?
nospam
2012-10-23 06:14:53 UTC
Permalink
Post by Todd Allcock
Post by Lewis
The combined ipod and ipads are a blip compared to the hundreds of
millions of iPhones.
The Boston Globe reports 244 million iPhones sold from launch to
<http://www.bostonglobe.com/business/2012/09/11/now-what-several-things-
with-your-old-iphone/qUdYPQzL7WxWSoYj4hnMPI/story.html>,
while Cnet reports Apple claims selling 365 million iOS devices through
<http://www.cnet.com/news/apple-365-million-ios-devices-sold-80-percent-
running-ios-5/57450474>,
which is a pretty big "blip".
this says 410 million as of june:
<http://betanews.com/2012/09/12/cumulative-android-device-sales-push-pas
t-ios-for-first-time/>

as i said, maybe they'll have some up to date numbers tomorrow. if not,
then on thursday.
David Empson
2012-10-23 07:17:11 UTC
Permalink
Post by Lewis
Post by Todd Allcock
Post by Lewis
Post by AaronL
On Mon, 22 Oct 2012 06:34:55 +0000 (UTC), Lewis
Post by Lewis
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are.
A "fact"? Really? Any data to back that up?
Scads. There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
That say the same thing. Many more people use Safari Mobile than the
stock Android browser. I'm not sure that's all that convincing that many
people don't use Android as a smartphone. For starters, virtually every
third-party browser on iOS is a wrapper adding features to, yep, safari
Mobile. There's essentially one browser for iOS. Android is more open.
While the stock Android browser is pretty good, there are much better
options- two versions of Opera (Mini and Mobile), Dolphin, an excellent
browser that includes user agent spoofing (I can set it to desktop IE9
and can watch Hulu for free instead of using the subscription-based Hulu
app.)
Anyone using any alternate browser on androids is dripping out of those
stats.
No, because the stats show that 2/3 of mobile browsing is iOS.
Post by Todd Allcock
Post by Lewis
Post by AaronL
Post by Lewis
Mobile browsing? iOS.
Verizon who sells millions of cell phones of both genders, iPhone and
Android (and Android definitely sounds like the masculine one, don't
you think... :) *requires* a data package with every smartphone they
sell. Do you think all those people pay that extra monthly fee and
then just ignore the Internet on their phones?
Evidently. They certainly aren't using it for browsing the web. 65% of
mobile browsing is from iOS devices.
Which includes iPads and iPods, categories that virtually zero Android
penetration.
The combined ipod and ipads are a blip compared to the hundreds of
millions of iPhones.
Acknowledged that you are talking about total devices sold, but I'd
hardly call iPad web usage a "blip".

Net Applications has total iPad web usage exceeding the iPhone, at 3.24%
of ALL web browsing for September (the iPad has been ahead of the iPhone
since February). For September, iPhone is 2.3%, iPod Touch ("iPod") is a
blip at 0.13%. For comparison, total Mac usage is 6.29% and total
Windows usage is 83.36%.

All versions of Android combined on all devices is 1.95%, not counting
Kindle Fire (0.04%). Android is getting close to catching up with the
iPhone, but only by counting Android tables, smartphones, and other form
factors.

This is my preferred view as it breaks down by OS version and iOS device
type, and combines desktop and mobile data into single set:

<http://marketshare.hitslink.com/operating-system-market-share.aspx?qpri
d=10&qpmr=50>

Public data available from Net Applications doesn't allow breaking down
Android numbers by screen size or device type, except for distinct OSes
like Kindle Fire.

Based on the iPad vs iPhone usage figures, it is clear that people
prefer browsing on devices with larger displays, but even excluding the
iPad, the iPhone alone beats all Android devices combined.

Your conclusion is still valid: since significantly more devices have
been sold running Android than total iPhone sales, web browsing is done
on a much lower proportion of Android devices than on iPhones.
--
David Empson
***@actrix.gen.nz
AaronL
2012-10-23 17:31:10 UTC
Permalink
Post by David Empson
significantly more devices have
been sold running Android than total iPhone sales, web browsing is done
on a much lower proportion of Android devices than on iPhones.
We're talking *phones* here, right? Still waiting for proof/link/stats that
there are more iPhone owners that browse the internet than Android phone
owners. Even if found that stat may be misleading since many, including
myself, often "browse" using site apps (like Pulse News, USA Today, etc.)
and thus no local browser is used or reported. Further many, including
myself, use other than the stock browser (Firefox, Opera, etc). Finally,
what logical reason would there be for such a disparity in the non-geek
general population for Internet use just because they're using a different
brand of phone?
David Empson
2012-10-23 18:32:52 UTC
Permalink
Post by AaronL
Post by David Empson
significantly more devices have
been sold running Android than total iPhone sales, web browsing is done
on a much lower proportion of Android devices than on iPhones.
We're talking *phones* here, right? Still waiting for proof/link/stats that
there are more iPhone owners that browse the internet than Android phone
owners.
I just did that in the previous post. According to Net Applications, in
September, iPhones were used for 2.3% of all web browsing. All Android
devices combined were used for 1.95% of of all web browsing.

<http://marketshare.hitslink.com/operating-system-market-share.aspx?qpri
d=10&qpmr=50>

The Android total includes both smartphones and tablets. Net
Applications doesn't let us tell them apart, but you could exclude
everything running Android 3.x to cut out some of the tablets: that
reduces the Android total to 1.85%, still including some tablets.

Therefore iPhones were used more for web browsing than Android.

A grey area is how many devices are out there in each category, but as
we keep hearing about how many Android devices are sold compared to
iPhones, it is clear that there are a lot more phones running Android
than there are iPhones.

For iPhone to achieve higher total web usage despite a smaller installed
base, the proportion of users doing web browsing must be much higher on
the iPhone than on Android devices.
Post by AaronL
Even if found that stat may be misleading since many, including
myself, often "browse" using site apps (like Pulse News, USA Today, etc.)
and thus no local browser is used or reported.
The same argument applies to the iPhone, where site-specific apps are
probably just as popular as on Android.
Post by AaronL
Further many, including myself, use other than the stock browser (Firefox,
Opera, etc).
That is not relevant, because the browser will normally report its host
operating system in the User Agent string, so usage of that browser is
still counted in the aforementioned stats against the appropriate
operating system.

Looking elsewhere on the Net Applications site, it is clear that a
somewhat higher proportion of Android users than iOS users are running a
browser other than the standard one.

<http://marketshare.hitslink.com/browser-market-share.aspx?qprid=0&qpcus
tomd=1>

<http://marketshare.hitslink.com/operating-system-market-share.aspx?qpri
d=8&qpcustomd=1>

OS usage stats would be "fooled" by custom User Agent strings which
pretend to be running on a different operating system, but I can't
imagine that a statistically significant number of users do that.
Post by AaronL
Finally, what logical reason would there be for such a disparity in the
non-geek general population for Internet use just because they're using a
different brand of phone?
That's getting into speculation territory, but I'd put it down to a
significant proportion of Android devices not actually being used as a
smartphone. The device happens to be running Android, but isn't being
used for web browsing.
--
David Empson
***@actrix.gen.nz
AaronL
2012-10-23 21:03:26 UTC
Permalink
Post by David Empson
Post by AaronL
We're talking *phones* here, right? Still waiting for proof/link/stats that
there are more iPhone owners that browse the internet than Android phone
owners.
I just did that in the previous post.
It appears you are quite correct. Here's a recent site that doesn't
require any guesswork calculations:

http://news.cnet.com/8301-1035_3-57534524-94/iphone-users-driving-nearly-half-of-smartphone-web-traffic/

But it still doesn't seem logical to me. Maybe the iPhone wastes lots
of data and Android is just more efficient... :)
AaronL
2012-10-22 20:35:53 UTC
Permalink
Post by Lewis
There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
I put in Google that "Lewis has no proof of what he posts" and got 55
million hits. Prove anything?
Post by Lewis
They [Android smartphone users] certainly aren't using it for browsing
the web. 65% of mobile browsing is from iOS devices.
How about just 5 links to substantiate this?
Post by Lewis
iOS users buy far more software than android users do.
Could be. Any sources?
Post by Lewis
A lot of Android devices are not very smart
My 2 year old Android is pretty smart. It does most everything my new
iPad3 will do and it doesn't even want to interface with iTunes... 8-O
Post by Lewis
and are not $200.
Some older Android *and* iPhone devices are a lot less than $200
($00.00). I was referring to current models.
nospam
2012-10-22 20:57:14 UTC
Permalink
Post by AaronL
Post by Lewis
There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
I put in Google that "Lewis has no proof of what he posts" and got 55
million hits. Prove anything?
hah!!

you just made my day! that is awesome!
Michelle Steiner
2012-10-22 22:30:16 UTC
Permalink
Post by AaronL
I put in Google that "Lewis has no proof of what he posts" and got 55
million hits. Prove anything?
When I put that in Google, I got 'No results found for "Lewis has no proof
of what he posts".'
--
I am Woman; watch me vote!
Todd Allcock
2012-10-23 02:53:10 UTC
Permalink
Post by Michelle Steiner
Post by AaronL
I put in Google that "Lewis has no proof of what he posts" and got 55
million hits. Prove anything?
When I put that in Google, I got 'No results found for "Lewis has no proof
of what he posts".'
Only if you leave it in quotes.

I just got 60,500,000 hits in Google, and 587,000,000 in Bing.
Michelle Steiner
2012-10-23 03:34:20 UTC
Permalink
Post by Todd Allcock
Post by Michelle Steiner
Post by AaronL
I put in Google that "Lewis has no proof of what he posts" and got
55 million hits. Prove anything?
When I put that in Google, I got 'No results found for "Lewis has no
proof of what he posts".'
Only if you leave it in quotes.
Which is the only logical way to do it. Without the quotes, it is
meaningless.
--
I am Woman; watch me vote!
Lewis
2012-10-23 03:05:11 UTC
Permalink
Post by AaronL
Post by Lewis
There are more android devices, but the majority of mobile
browsers are using iOS. 0.35 seconds on Google will give you hundreds of
thousands of links. Millions, perhaps.
I put in Google that "Lewis has no proof of what he posts" and got 55
million hits. Prove anything?
That you're a liar?
Post by AaronL
Post by Lewis
They [Android smartphone users] certainly aren't using it for browsing
the web. 65% of mobile browsing is from iOS devices.
How about just 5 links to substantiate this?
How about actual data:

<http://netmarketshare.com/browser-market-share.aspx?qprid=1&qpcustomb=1>
Post by AaronL
Post by Lewis
iOS users buy far more software than android users do.
Could be. Any sources?
lmgtfy.com should work very nicely for you.
--
You could save people. You could get there in the nick of time. And
something could snap its fingers and say, no , it has to be that way.
Let me tell you how it has to be. This is how the legend goes. --Soul
Music
Todd Allcock
2012-10-22 18:10:17 UTC
Permalink
Post by Lewis
Post by Todd Allcock
True, and I had a similar discussion with some virtual friends
recently who were trying to claim Android tablets were becoming
popular, and I mentioned that I still can't recall *ever* seeing a
single Android tablet that wasn't a Nook or Kindle in the wild. From
my unscientific
observances there are only two kinds of tablets- iPads and ebook readers.
I've seen *one*. There's a guy at my coffee shop who has some sort of 7"
tablet that is not a Kindle or a nook. Well, it could be a jailbroken
nook.
Post by Todd Allcock
Maybe, but carrier subsidies have allowed iPhones to penetrate the
Honey Boo Boo market. (Sorry, television reference- insert an image
of any convenient inbred Appalachian stereotype from more high-
fallutin' forms of media...)
You had to drag Honey Boo Boo into this? ugh. If the Vulcans come by any
time soon and see that show, they will surely destroy the planet rather
than risk letting us infect the rest of the galaxy.
And we would deserve it! ;)
Post by Lewis
Post by Todd Allcock
Besides, Apple dominates most of the markets inhabited by iOS
(tablets and media players) and is a major player in the other
(phones) that more people use iOS than don't. An OS user has become
the "average" user by default.
The other fact that people keep ignoring about Android is that even
though there are a lot more Android phones, they aren't being used the
way iOS phones are. Mobile browsing? iOS. App purchases? iOS. An android
phone is much more likely to be used as a basic 'feature' phone than an
iPhone is.
A feature phone is more likely to be used as a feature phone than either.

Android's stock browser is as good as iOS', the variety and quality of
apps is on a par, the only real problem with Android is that there's no
one controlling the hardware. Any OEM is perfectly free to make
stunningly bad hardware, and the competition to offer lower-cost devices
encourages this.

On the other hand, this makes answerphones accessible at price points
Apple wouldn't offer. Emerging markets that would never support a $650
phone can have Android. Apple doesn't market to "have-nots." ZTE and
Huawei are happy to.
Post by Lewis
Post by Todd Allcock
Yes, businesses rejected the security of Blackberry because their CEOs
are distracted by bright shiny objects.
The "security" of Blackberry. The quotes are critical, because it is
illusory security.
Not at all.
Post by Lewis
Post by Todd Allcock
There are significant security issues with most non-Blackberry phones,
<http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-
key-security-threshold/>
Post by Lewis
Enter the iPhone. Apple's security architecture is so sturdy, and so
tightly woven into its hardware and software, that it is both easy for
consumers to use encryption on their phones and very difficult for
someone else to steal the encrypted information.
Right, but the iPhone isn't as configurable. Virtually any feature on a
Blackberry can be disabled remotely, cameras, email, apps, etc. The
iPhone is partially configurable, but most of the higher security
features are ones individuals wouldn't put up with on a personal phone
anyway, especially the CEO's.

Blackberry security isn't just about securing the stored data on the
device, it's about restricting the user's access to getting it off
without a paper trail.

Say I email a sensitive document to your work email account on your iPhone.
I bet you can now think of fifteen different ways to get it to Mata Hari
without your employer knowing. Save it to a variety of cloud storage
apps, resend it via a personal email account, etc.

A Blackberry can disallow that file from being opened or viewed in any
app other than the email doc viewer. It can disable your ability to take
a screen shot of the document to send via a different email account, it
can prevent the use or installation of any app other then those pushed by
your employer. It can disable internet connectivity on a per-app basis.
The iPhone is plenty secure if it falls into the hands if your enemies.
Blackberries are also secure in the hands of you and your friends. ;)
Post by Lewis
Post by Todd Allcock
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
An iPhones are much more secure that a Blackberry device since *no one*
can break the security, as opposed to RIM which has access to all the
'secure' data and has given that access to many others.
Not corporate email, only their consumer service. Corporations running
their own email infrastructure gold the encryption keys to their kingdom.
the data passes through RIM's NOC, but they can't read it.

Certainly you have to trust your security vendor, but no device is truly
secure if it lets you comingle business and personal data. You're
looking at security from a personal standpoint: *your* data is perfectly
safe on *your* iPhone. Blackberries can do that as well, but more
importantly, they keep your employer's data safe from *you*.

Having said that, with iOS6 the iPhone can now be locked down to
Blackberry levels (but with *far* less granularity), but in that case you
wouldn't be able to also use it as a personal device. There's no
advantage for an organization to do this, though, since there are far
cheaper and easier to manage options if you're going to inconvenience
your workers by making them carry two devices.
Michael Eyd
2012-10-22 08:46:20 UTC
Permalink
Post by Todd Allcock
There are significant security issues with most non-Blackberry phones,
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
Do you know that RIM has had to open access to Blackberry servers to
local authorities in quite a number of countries around the world? At
least access to the (admittedly) less secure Blackberry Internet
Services (BIS?), that privateers and smaller companies (without the
option of setting up their own Blackberry Enterprise Server - BES) are
using.

So, if talking about Blackberry security, please always state which of
the two services you're actually talking about:

- BIS: Basically just a mail concentrator operated by RIM, where they
have full access to every information passing it. And they have given
local authorities access to it... Proper email configuration on an
iPhone (or Android, ...) should rather be safer than the BIS.

- BES: Is still (seems still to be? ;-) ) safe as these servers are
operated directly by the IT departments of the corresponding user
company. RIM has no (seems to have no) access to any information passing it.

Best regards,

Michael
Todd Allcock
2012-10-22 17:39:17 UTC
Permalink
Post by Michael Eyd
Post by Todd Allcock
There are significant security issues with most non-Blackberry phones,
that admittedly are irrelevant to a significant number of businesses, but
for those that require a higher level of security, using iPhones or
Androids is almost as smart as the CEO of UPS demanding their drivers use
Miatas for making delivery instead of those big brown trucks because the
CEO happens to be a rag-top man.
Do you know that RIM has had to open access to Blackberry servers to
local authorities in quite a number of countries around the world? At
least access to the (admittedly) less secure Blackberry Internet
Services (BIS?), that privateers and smaller companies (without the
option of setting up their own Blackberry Enterprise Server - BES) are
using.
Yes, although anyone can have a BES that wants one, for a price. If you
run your own Exchange server, you can certainly run a BES server.
Smaller businesses that rely on third-party email providers already have
that security problem (someone else holding their data that could be
required to turn it over to authorities.)
Post by Michael Eyd
So, if talking about Blackberry security, please always state which of
- BIS: Basically just a mail concentrator operated by RIM, where they
have full access to every information passing it. And they have given
local authorities access to it... Proper email configuration on an
iPhone (or Android, ...) should rather be safer than the BIS.
- BES: Is still (seems still to be? ;-) ) safe as these servers are
operated directly by the IT departments of the corresponding user
company. RIM has no (seems to have no) access to any information passing it.
Point taken.

I'm talking about BES, connected to an enterprise email system (MS
Exchange, Lotus, etc.) The type of organization that needs Blackberry
level security has the means to run BES.

BIS is really for consumers and small businesses who like Blackberries
(for whatever reason), but would probably be better served by something
else. I've never seen the point of BIS email aggregation myself- there
are too many good devices out there that handle email directly without a
middleman. The only advantage to BIS is the server-side data compression,
which might save some money on metered data plans (BIS also runs the
device browser through their servers, compressing that data as well.)

Honestly, the real power of Blackberry security is remote device
configuration and control, (which requires BES), and is still second to
none. Apple's iPhone Configurator and Microsoft Exchange have come a long
way, but neither offer the granularity of BES.

As I said, earlier, however, the number of organizations that require
that level is small enough that it won't hurt Apple our Android, and
won't save RIM's hardware business. RIM needs to go to plan B; partner
with phone OEMs and license BES clients on non-Blackberry phones and try
to save the server and software side of their business.

RIM did release a Blackberry Mail app for non-RIM devices several years
ago; one of my old AT&T Windows Mobile phones came with it pre-installed,
but RIM intentionally crippled it- it couldn't receive push email, but
instead only polled the server every 15 minutes, presumably so the
software wouldn't compete with RIM hardware.

I assume this software was supposed to be an alternative for lower-level
corporate wonks who didn't rate important enough to get a real
Blackberry. Silly and redundant since Windows Mobile already had full
Exchange support (including remote configuration, encryption, and wipe)
nearly equally secure as BES, and certainly more secure than the current
Windows Phones, Androids, and iPhones that many orgs have replaced
Blackberries with.
Alan Browne
2012-10-21 17:25:38 UTC
Permalink
Post by Davoud
Post by Todd Allcock
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
the preferred choice where business is concerned...
While that's certainly possible and even plausible, the problem with that
data us that it comes from Good, a secure corporate mail vendor (sort of
a Blackberry-like setup for non-Blackberries.)
If you want your own, anecdotal evidence, go where business people do
business. Ride an Amtrak commuter train on the NE Corridor (especially
DC-NYC) any business day. Any class will do--regular, business, or
Acela. Count iPhones (and iPads) compared to other platforms.
When you get to NY, observe the number of people in business dress who
are using iPhones compared to other platforms (remembering when it was
virtually 100% Blackberry) and, in a restaurant or coffee shop, iPads.
I could be naïve in my assumption that a high percentage of suits on
the streets of NY represent persons engaged in some sort of business,
but I don't think that I am. I perceive that the average New Yorker out
for a stroll and the average tourist is wearing comfort clothing, as I
am, and not business apparel.
This is a non-scientific survey. A plausible scientific survey that
might show interesting, if predictable, results, would focus not just
on how many people use iOS, but /who/ uses iOS. It would be a
comparison of education and income levels between iOS users and users
of off-brand phones. Historically, Apple customers have always come out
on top in such surveys.
I see iPhones everywhere. But I see a lot of Blackberries in business
(and other) settings as well. They haven't gone quietly into the
night. Some people just like the mechanical BB keyboard because they
send a lot of e-mails/messages while out and about - much easier than
the iPhone keyboard in most cases. (I still may get an iPhone keyboard
widget...)

But I do think conversion to iPhone is continuing to erode BB. I doubt
the sometime in the future (early 2013?) release of a new BB and OS will
stem the tide.
Post by Davoud
It's worth noting how the iPhone, which was designed with consumers in
mind, without much of a nod to enterprise users, has put RIM on the
rocks. All those Blackberry users /saw/ the iPhone, maybe tried it out,
Since the iPhone came out Apple have quietly improved its palatability
for IT. Amongst other things, iPhones interface very well with MS
Exchange Server and provide encryption for messages and mail (sometimes
with 3rd party add ons). VPN. Managing many devices. etc.

It's not as all encompassing as BB - but encompassing enough that the IT
dept. hasn't been able to say no for a couple years now...
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Brian
2012-10-21 10:45:14 UTC
Permalink
Post by Alan Browne
Despite Android's overall lead as a mobile OS for smartphones, Apple is
http://bits.blogs.nytimes.com/2012/04/27/android-iphone-good-technology/
or http://tinyurl.com/7o845ac
The Android and the Apple phone are both good phones.
I own iPod's and a iPad, the only reason I didn't buy an iPhone was that I
wanted to access the android apps as well as the iPad apps. Its kind of
like having the best of both worlds.
--
Regards Brian
Michelle Steiner
2012-10-21 13:53:18 UTC
Permalink
Post by Brian
The Android and the Apple phone are both good phones.
All Android phones are good phones?
Post by Brian
I own iPod's and a iPad, the only reason I didn't buy an iPhone was that
I wanted to access the android apps as well as the iPad apps. Its kind
of like having the best of both worlds.
What Apps are available for Android that are not available (either as the
same app or a different one that does the same thing) for the iPhone?
--
I am Woman; watch me vote!
nospam
2012-10-21 16:39:00 UTC
Permalink
Post by Michelle Steiner
Post by Brian
The Android and the Apple phone are both good phones.
All Android phones are good phones?
some android phones definitely are, such as the galaxy s iii, which is
easily as good and even better in some ways.
Post by Michelle Steiner
Post by Brian
I own iPod's and a iPad, the only reason I didn't buy an iPhone was that
I wanted to access the android apps as well as the iPad apps. Its kind
of like having the best of both worlds.
What Apps are available for Android that are not available (either as the
same app or a different one that does the same thing) for the iPhone?
field trip. it's coming 'soon' for iphone. wifi scanners were banned by
apple but are available on android. google voice works a *lot* better
on android. widgets. google maps. apps that can configure the phone
based on location.
Michelle Steiner
2012-10-21 16:52:07 UTC
Permalink
Post by nospam
Post by Michelle Steiner
Post by Brian
The Android and the Apple phone are both good phones.
All Android phones are good phones?
some android phones definitely are, such as the galaxy s iii, which is
easily as good and even better in some ways.
No doubt that some Androids are good phones, but your sentence implied that
all of them are, and that's what I questioned.
--
I am Woman; watch me vote!
nospam
2012-10-21 16:56:41 UTC
Permalink
Post by Michelle Steiner
Post by nospam
Post by Michelle Steiner
Post by Brian
The Android and the Apple phone are both good phones.
All Android phones are good phones?
some android phones definitely are, such as the galaxy s iii, which is
easily as good and even better in some ways.
No doubt that some Androids are good phones, but your sentence implied that
all of them are, and that's what I questioned.
it wasn't my sentence and it was obvious he didn't mean every single
android phone.
Alan Browne
2012-10-21 17:48:33 UTC
Permalink
Post by Michelle Steiner
What Apps are available for Android that are not available (either as the
same app or a different one that does the same thing) for the iPhone?
One example is GPS. The iPhone only tells you the most superficial
information about the signal (position, velocity/direction, quality).

On Android phones you get satellites tracked, elevation/azimuth, signal
levels of the sats and so on. If you're "into" GPS as I am the iPhone
is disappointing. OTOH I could buy a separate bluetooth GPS and use
that with the iphone and get that info (better GPS than iPhone too).
But that's another widget, batteries/charging, etc.

I just sold my etrex 30, so now I'll probably order that bluetooth GPS.
Just wish it would work with the MacBook Pro too.
--
"There were, unfortunately, no great principles on which parties
were divided – politics became a mere struggle for office."
-Sir John A. Macdonald
Brian
2012-10-23 01:07:15 UTC
Permalink
Post by Michelle Steiner
Post by Brian
The Android and the Apple phone are both good phones.
All Android phones are good phones?
Post by Brian
I own iPod's and a iPad, the only reason I didn't buy an iPhone was that
I wanted to access the android apps as well as the iPad apps. Its kind
of like having the best of both worlds.
What Apps are available for Android that are not available (either as the
same app or a different one that does the same thing) for the iPhone?
There are some such as the game strip poker.
If I can't find the app I'm looking for amongst the Apple apps then there's
a good chance I will find it amongst the Android apps. There are some apps
like Temple Run that are an Android app as will as an Apple app but the
Android apps are certainly not a mirror of the Apple apps.
--
Regards Brian
Loading...