Blog

Warning: The article below is over five years old. It may be badly written, poorly considered, immature, obsolete, no longer my opinion, or simply flat-out wrong.

Lessons from my recent iPad debacle.

January 22, 2012 • Permalink

A series of unfortunate events left my iPad reset to its factory defaults and unable to restore from backup. All my data: gone. This was a horrid reminder of things that I knew but hadn't fully internalised. Please learn from my mistakes and absorb the following:

Don't forget your iTunes backup password. There's no going back if you tick the "encrypt my backups" option. You can't trash the old backups and make a new one with a known password. You can't recover the old password (unless it's really weak and you'll pay £80). Your iPad will still back up – but you can't restore without the password. If you forget your password and want a usable backup, you must blank your iPad and start from scratch.

iPad encryption is strong. Really strong. I think of the iPad as a consumer device and expected security to match – allowing new backups, and/or weak encryption. Nope: it uses AES256 for encryption, SHA-1 hashes for filenames¹, and random keys as part of each backup². All the encryption's handled on the iPad and no data leaves the iPad unencrypted³. Each file in the backup gets a different encryption key¹. You need the passcode to unlock the device, and checking this is done on the iPad itself.

Ubiquitous capture for passwords is vital. Use a password safe – a program that stores your passwords, so you can memorise 1 really strong password & use randomised passwords for everything – and make sure everything goes in there. No paper scraps. No "Oh, I'll remember this one." EVERYTHING. If you find a password you've written down, put it in the password safe as "unknown" before destroying it.

Password reuse can be a good thing. Why the fuck didn't I use my Apple ID password? Or the unlock code for the iPad? Or my encrypted HD password? Or my encrypted PC backup password? Because I'm a fucking idiot, that's why.

If you don't have more than one copy of your data, you don't have it. My password safe was on my iPad. I would have been stuck even if I'd stored it in there. You need multiple copies of your data, in multiple locations, and not tied to any one device.

¹ iPhone Data Protection in-depth, slide 48.
² iPhone Data Protection in-depth, slide 52.
³ Data Decryption & Password Recovery, slide 25.
Evolution of iOS Protection and iPhone Forensics: from iPhone OS to iOS 5, slides 29-30.

Subscribe via RSS
Follow me on Twitter