iOS vs Android: Which Smartphone Can Take Better Care of User Data?
Screenshot From Pxhere Official Website
A brand new research by the Johns Hopkins University that have recently found that even though both the Android and the iOS host certain requisite features in order to offer better security, neither of these two factions enforce them at all.
Android vs iOS in data security
An article by News18 focuses on smartphone security noting the difference between Android and iOS. A brand new research made by cryptographers over at Johns Hopkins University explains why these particular exploits are available as well as how these certain vulnerabilities which include Android and iOS, according to the post on SecuredPhones.io.
The research was said to be based on certain findings regarding how the iOS and Android encrypts certain smartphones in order to protect users’ data. The focus was on how these two factions exploit certain security vulnerabilities. The research was then broken down into two parts: the Completion Protection and the After First Unlock or AFU.
Complete Protection and AFU for Apple
As revealed, the Complete Protection now essentially refers towards the state of the users’ phone right after rebooting it, or even starting it up after a period of time. During this stage, prior to the user unlocking their phone for the first time, all of the user data is still within the stage of full encryption.
The difference starts coming after this one. On the Android phone just before the first unlock even when users lock the phones using their face, fingerprint, and even a PIN or some pattern. The device will then remain forever within the AFU phase. Over in the AFU phase, a much larger chunk of users’ data is now pulled away from the encrypted memory of their phone and also stored in the new non-encrypted instant memory. This makes it easy for users to access certain data directly from the lock screen even without needing to unlock their own phones repeatedly.
This memory can then be exploited by certain privilege escalation cyber attacks through using these flaws that are either embedded super deep in the system, or even not knowing yet and therefore being still zero-day vulnerabilities. It is also what a number of law enforcement agencies use. This is in order to tap into the data even when a smartphone is locked.
Data security Apple
The iOS situation is quite different according to researchers. The iOS device simply employs something known as the hierarchical encryption. This stores certain data in the AFU but will still protect some of users’ most sensitive information in raw encrypted storage even after users’ first unlock.
In a certain interview that was conducted by Wired, a certain Apple spokesperson actually stated that this is an actual choice that the company has officially made by design. This is in order to find the optimal balance that is between the convenience of users finding all of the info readily on the lock screen. This includes security of protecting everything that is behind the safe encryption.
When it comes to Android, there are reportedly a lot of OEMs, each of these have their very own telecom approval as well as the testing phase even before rolling out a certain update. This is while matching it to their very own customization curnel. In simple terms, Android’s very own fragmented ecosystem of devices. This is despite improving quite drastically in the recent past when it comes to frequency of updates and still has a long way to go for it to be able to catch up with Apple.
This article is owned by Tech Times
Written by Urian Buenconsejo
ⓒ 2018 TECHTIMES.com All rights reserved. Do not reproduce without permission.