

The iPhone Has Passed a Key Security Threshold - rdl
http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-security-threshold

======
rdl
Basically, if you use a 8-12 digit numeric passcode (random), and an iPhone 4S
or iPad 2/3, your data will be safe from cold boot attacks for between 4
months and 3000 years. You still may suffer from legal or extralegal
compulsion to turn over a passcode to unlock the device, evil maid type
attacks, (or unpublished backdoors or vulnerabilities, or hardware attacks on
the security processor, but these are beyond local law enforcement and
probably sufficiently sensitive that only intelligence agencies would use
them, and only when an alternate source could be plausible).

That's about the most secure computing device in default configuration ever
shipped. Pretty amazing. The only reason forensics can generally work on
iPhones today is that 4 digit numeric passcodes are the default, and "delete
on 10 tries" doesn't get enforced correctly on current generation hardware. If
they fix that on the iPhone 5, then 4 digit passcodes become reasonable.

