[LINK] US Gov: making a panic button app

[Ivan Trundle]

On 02/04/2011, at 8:13 PM, Peter Tonoli wrote:

> That's not quite true. Remote wipe can be activated as part of Microsoft Exchange ActiveSync based on using a Microsoft Exchange or Exchange like server, and can be sent practically instantaneously if the phone is configured to connect to an Exchange server using push.

This seems to be an Exchange problem, not an iDevice problem.

> What actually happens when a 'wipe' command is sent is that the phones internal 256 bit AES encryption key to the phones data is deleted.

Agreed, but the context was that all data would be lost by a simple (i.e. 'Hey Dad, what does this button do) button press. Compromised servers (and devices) are another kettle of fish.

Data kept as backups on iTunes is recoverable back to a device: the point I was making is that apps and settings can be recovered. Cloud-kept data is something else.

>> I think the chances of a remote wipe happening accidentally or maliciously is extremely slight.   
> I wouldn't say 'extremely slight'. If the underlying Exchange server gets compromised, or the sysadmin of the Exchange server wishes to do so, it's all over in the press of a mouse button.

What precisely is 'all over'? (in the context of the panic button, in particular?

iT