-3

Higher authorities could easily find out about criminal activity - such as drug trafficking and child pornography - being conducted on a laptop simply by hacking into it or somehow seeing the history.

However, the iPod Touch - or any tablet device that can access the internet that isn't a phone - is next to impossible to hack.

So how would higher authorities find out about criminal activities (drug trafficking, child pornography etc.) being conducted on the internet through an iPod touch? I'm talking here about non-anonymous searches such as internet explorer or Google Chrome.

ODP
  • 133
  • 2
  • 4
  • 2
    I'd like to know of a device that is "next to impossible to hack". And even if it did exist, it's always pretty easy to eavesdrop on traffic going past... or to get your ISP to do it. – Sébastien Renauld Apr 17 '13 at 18:28
  • Well I've been told that the iPod Touch is next to impossible to hack (I personally don't have one, so wouldn't know). And what do you mean by eavesdropping on traffic going past? And what's an ISP? – ODP Apr 17 '13 at 18:31
  • 1
    "I've been told" - and yet, the ipod touch (all gens) have been jailbroken a few times, has it not? As for eavesdropping, I can find a way so your internet traffic goes through a router I own and log all traffic going past. Your internet service provider (ISP) is the perfect person to do this. – Sébastien Renauld Apr 17 '13 at 18:33
  • 2
    [This book](http://www.amazon.com/iOS-Forensic-Analysis-iPhone-Professionals/dp/1430233427) claims to explain it all. At least, I see no conceptual impossibility in opening the case and reading the Flash chip directly. – Tom Leek Apr 17 '13 at 18:38
  • 1
    @OllyPrice - you have been told wrong, iPad's are just as hackable as iPhones. Further, it's probably reasonable to expect that law enforcement could get an application signed by Apple to allow them to run it covertly on an iDevice, even without jail breaking. And even without that, the communication network that they would be using can be monitored. – AJ Henderson Apr 17 '13 at 20:04
  • You can avoid the possibility of the authorities or your ISP eavesdropping on your communications by using a Tor client to encrypt and anonymize your traffic. But that doesn't help you keep the data safe if your device is confiscated, or a keylogger is installed on it to capture your encryption passphrase. – Johnny Apr 18 '13 at 00:38
  • Its called a warrant and they just take the device from your person. They don't need to hack it. Since an iPad and Ipod Touch both run iOS any security tools work on them. Its well documented that there are security tools that can access these devices. Besides these devices would have to access the internet they only need to know who your provider to request the access logs for those devices. – Ramhound Apr 18 '13 at 16:44
  • Why the downvote? – ODP Apr 29 '13 at 18:11

1 Answers1

3

Higher authorities could easily find out about criminal activity - such as drug trafficking and child pornography - being conducted on a laptop simply by hacking into it or somehow seeing the history.

No, they find it out from the web history/logs, which is with the internet service provider (verizon, comcast, etc). They don't need access to the computer for this.

Basically, when you access the Internet, your data is routed between various servers. Some belong to your ISP, some belong to your "ISP's ISP" (the servers which give the ISP their internet), and some belong to the ISP of the destination site, as well as a few more hops in between.

When you use an https connection, the _data _ is hidden, but the URLs are not. With an HTTP connection, an eavesdropper can read everything.

Either way, most ISPs log URLs and snippets of data, and the police can request access to these logs. Then they know who visited what.

If you use an anonymizing service like Tor, the police shall find it much harder to track you. Not impossible (a lot depends on how you use it -- you need to be very careful if you don't want to be tracked), but very hard.

However, the iPod Touch - or any tablet device that can access the internet that isn't a phone - is next to impossible to hack.

Where did you see that? If this was the case, then jailbreaks would never be released.

Manishearth
  • 8,237
  • 5
  • 34
  • 56
  • 2
    A big +1 for this. All communication devices are hackable by definition. – Rory Alsop Apr 17 '13 at 18:41
  • @RoryAlsop: Thanks :) Exactly what do you mean by that, though? What does being a communication device have to do with being hackable? Communication devices are _trackable_, no doubt, but one could probably make an iTouch with the firmware on an EPROM instead of an EEPROM, and lock it down wrt installing apps. It would then be a simple web browser that probably can't be hacked. – Manishearth Apr 17 '13 at 18:46
  • It still wouldn't prevent it from cold/hot boot attacks and general "I'm going to dismantle you!" shenanigans, the #1 way to get data from devices - hard drive analysis says hi. Also, where would you store the state of such a device? – Sébastien Renauld Apr 17 '13 at 18:54
  • @SébastienRenauld: Ah, I see. Storing the state would be on non-executable EEPROM, the EPROM would be just for firmware. I get what you mean, though. However, I still don't see the connection between "communication device" and "hackable" -- what in a communication device makes it hackable? – Manishearth Apr 17 '13 at 19:00
  • The fact that it communicates in a way that is trackable and prone to eavesdropping, the ability (or inability) for firmware programmers to lock down their stuff, along with a few other things. – Sébastien Renauld Apr 17 '13 at 19:04
  • @SébastienRenauld: So basically it has to do with being trackable, not exactly hackable. I see :) – Manishearth Apr 17 '13 at 19:05
  • Still hackable. What if I suddenly swap out your DNS server upstream with something under my control? Does this constitute a form of hacking or tracking? – Sébastien Renauld Apr 17 '13 at 19:09
  • @SébastienRenauld: Well, I was interpreting "hackable" as "Some third party can read or write to some portions of the device storage". I guess it's all based on how you define "hackable" ;-) – Manishearth Apr 17 '13 at 19:12
  • You're hitting a grey area. Suppose I know that you have a PhoneGap app and can poison your DNS server's cache. I could redirect you to a page with tainted JS meant to write to your device's local storage using the cordova library; does this constitute tracking or hacking? – Sébastien Renauld Apr 17 '13 at 19:14
  • @SébastienRenauld: Like I said, it's all based on your definition of hackable. No point arguing about it :) – Manishearth Apr 17 '13 at 19:19
  • @Manishearth - my meaning is the wider sense: if a device is used for communication, then there is a way to subvert that. It may be purely technical, it may be the channel, or at the extreme end it may require the £50 wrench... – Rory Alsop Apr 17 '13 at 20:30
  • @RoryAlsop: ah, I see :) – Manishearth Apr 18 '13 at 03:37