A post about Mobile Security

With the release of the new Apple iPhone 5c and  iPhone 5s models as well as a new operating system, there has been a lot of discussion in the Tech world over security features this past week.  The big feature on everyone's mind has been Apple including a new concept of Biometric Sensor Technology to allow for securing the iPhone 5s via finger print scanning.

A video, showcasing the Chaos Computer Club, from Germany, surfaced online over the weekend showing "proof" that the sensor had been hacked and access gained to the device.  This video, just over a minute in length, actually caused debates as to what defines a device being "hacked" and if this was more the technology being bypassed by a spoof of the user's finger print.

Lets take a look at a few things that Apple have said about this Technology before we go any further.
(details taken from Apples Support Document found at http://support.apple.com/kb/HT5949?viewlocale=en_US&locale=en_US)

Touch ID is designed to minimize the input of your passcode; but your passcode will be needed for additional security validation, such as:

• After restarting your iPhone 5s
• When more than 48 hours have elapsed from the last time you unlocked your iPhone 5s
• To enter the Passcode & Fingerprint setting

Later in the same document, Apple goes on to state that

 After five failed attempts, you'll be given the option of entering your Apple ID password. In addition, you will need to enter your Apple ID password after:

• Restarting your iPhone 5s
• Enrolling or deleting fingers

What this means for the user, is that someone who has procured your iPhone 5s device would have to have a clean enough copy of your print to be able to spoof the sensor and failing that needs to know your Apple ID and Password in order to access any data or wipe the Phone for resale purposes.

In other words, Your Fingerprint is only one part of a multi part authentication process, and if you as the end user, remember to practice using strong passwords and safe device protocols, your device , and it's data, can be considered strongly secured.  What does strong passwords and safe device protocols constitute, some points to alway remember

A Modern Passcode should be no less then 8 characters, and 16 or more is better.

A Passcode should not be formatted based off dates, or full words example

Bad Password: James

Good Password:V1sta_Sunr1s3G849z2 

(as you can see this password includes Capital Letters, subs numbers in for letters, includes a string that can not be pulled from a dictionary, has a underscore and is 18 characters long)

Apple users, should also make sure to active the feature that wipes their phone after a series of failed attempts to log in and make sure that they know about Apple's "Find My iPhone" feature, which allows them to log into any Internet enabled computer, via iCloud.com, pinpoint the location of their device, and even wipe the data remotely if the device is transmitting to be picked up

Lets be honest here, there is no such thing as a 100% secure option when it comes to security, the best that anyone can do is have a formulated game plan in place to protect their device should it be separated from them.