[LINK] US Gov: making a panic button app
Peter Tonoli
anarchie at metaverse.org
Sat Apr 2 20:13:03 AEDT 2011
Hi Ivan,
Ivan Trundle wrote:
> On 01/04/2011, at 9:23 AM, Roger Clarke <Roger.Clarke at xamax.com.au> wrote:
>
>
>>> Not to mention a slip of the finger. "Dad, what does this button do?"
>>>
>> Damn, missed that one.
>>
>
> Remote wipe function for iPhone/iPad is available only when device is set to allow remote wipe (and it can be locked): it's relatively deep in preferences. Remote wipe is only available via login to https site and check box must be selected agreeing to the consequences, followed by click of button. Full recovery of device data is possible once device is connected to computer where backups are kept (automated via iTunes).
>
That's not quite true. Remote wipe can be activated as part of Microsoft
Exchange ActiveSync based on using a Microsoft Exchange or Exchange like
server, and can be sent practically instantaneously if the phone is
configured to connect to an Exchange server using push.
What actually happens when a 'wipe' command is sent is that the phones
internal 256 bit AES encryption key to the phones data is deleted.
> I think the chances of a remote wipe happening accidentally or maliciously is extremely slight.
>
I wouldn't say 'extremely slight'. If the underlying Exchange server
gets compromised, or the sysadmin of the Exchange server wishes to do
so, it's all over in the press of a mouse button.
Peter.
More information about the Link
mailing list