Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
Apple Computing Products:
macOS - Operating System
How secure is a locked Apple Note?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Rod" data-source="post: 1948822" data-attributes="member: 204485"><p>You are welcome Mark, obviously online security is very important to us all, it's essential to keeping us safe in what has become a hostile environment. I do believe that a purpose made password manager is the best method of keeping passwords safe even in the event that your device is lost, stolen, hacked or cloned. </p><p></p><p>In the first two examples apart from Find My iPhone/Computer/Watch you also have the option of erasing the device remotely as well as the "locked" device function which kicks in after too many failed attempts to login. In the latter cases unusual activity on the device would be the alarm bell but again a P/W manager still requires ID verification to open as does a cloned iPhone.</p><p></p><p>So, the example of your son is an interesting one, this does sound like an instance of cloning or mirroring but in both cases I think the PIN for the phone would be required. Once entered the first thing the criminal does is change the PIN and probably face ID if used. Stolen Device Protection, if on, prevents this by delaying the action if not in a recognised location, notifying all other devices on the same account and requiring 2FA from a secondary device after 30min, plus a biometric or face ID. Of course none of this works if you don't have 2FA which is why it's so strongly recommended.</p><p>If you get a notification as above you can check "My Devices" in Find My... and if you see an unfamiliar device remove it. This effectively renders that device useless. The next step would be to change <em>your </em>PIN. </p><p></p><p>In Australia we don't have "burner" phones, to purchase a mob phone you need proof of ID, usually in the form of a drivers licence which also has your photo and address on it, a credit card in the same name and proof of address, usually a utility bill for that address in the same name. Even if you were to buy a second hand phone online you still need a SIM card which requires the same above ID details. </p><p>Our banks here require a One Time Password (OTP) sent to the mob number of the account holder to make changes to their account like transaction limits, large transfers, passwords or user details. It's a real pain when updating to a new phone but it means even a cloned phone cannot do much with a bank account, even from a browser much less the bank's app which is usually not transferable anyway without that OTP. The same thing goes for Authenticator apps, you can't transfer them to a new phone without the old phone in front of you because like eg. Google Authenticator you need to scan a QR Code off the app on the old phone.</p><p></p><p>As for getting a job here in Australia a Tax File number would be inadequate on it's own but I suppose if you used all of your own ID details but someone else's TFN it would take a little while before it was uncovered. If you used it as a part of ID here you would still need other documents to support it. Here you would need a Medicare number as well as photo ID of some sort and usually a bank account in the same name for wage payment to get a job long term, maybe they were payed by check. So, I suppose what you are saying is they used your ID to get the job and your TFN for their tax records. In Australia it's not that easy, your employer deducts your taxes <em>before</em> payment via a system called PAYG. After you file your tax return you either get a refund of those taxes, nothing, or a debit depending on your circumstances. Not much point in that.</p></blockquote><p></p>
[QUOTE="Rod, post: 1948822, member: 204485"] You are welcome Mark, obviously online security is very important to us all, it's essential to keeping us safe in what has become a hostile environment. I do believe that a purpose made password manager is the best method of keeping passwords safe even in the event that your device is lost, stolen, hacked or cloned. In the first two examples apart from Find My iPhone/Computer/Watch you also have the option of erasing the device remotely as well as the "locked" device function which kicks in after too many failed attempts to login. In the latter cases unusual activity on the device would be the alarm bell but again a P/W manager still requires ID verification to open as does a cloned iPhone. So, the example of your son is an interesting one, this does sound like an instance of cloning or mirroring but in both cases I think the PIN for the phone would be required. Once entered the first thing the criminal does is change the PIN and probably face ID if used. Stolen Device Protection, if on, prevents this by delaying the action if not in a recognised location, notifying all other devices on the same account and requiring 2FA from a secondary device after 30min, plus a biometric or face ID. Of course none of this works if you don't have 2FA which is why it's so strongly recommended. If you get a notification as above you can check "My Devices" in Find My... and if you see an unfamiliar device remove it. This effectively renders that device useless. The next step would be to change [I]your [/I]PIN. In Australia we don't have "burner" phones, to purchase a mob phone you need proof of ID, usually in the form of a drivers licence which also has your photo and address on it, a credit card in the same name and proof of address, usually a utility bill for that address in the same name. Even if you were to buy a second hand phone online you still need a SIM card which requires the same above ID details. Our banks here require a One Time Password (OTP) sent to the mob number of the account holder to make changes to their account like transaction limits, large transfers, passwords or user details. It's a real pain when updating to a new phone but it means even a cloned phone cannot do much with a bank account, even from a browser much less the bank's app which is usually not transferable anyway without that OTP. The same thing goes for Authenticator apps, you can't transfer them to a new phone without the old phone in front of you because like eg. Google Authenticator you need to scan a QR Code off the app on the old phone. As for getting a job here in Australia a Tax File number would be inadequate on it's own but I suppose if you used all of your own ID details but someone else's TFN it would take a little while before it was uncovered. If you used it as a part of ID here you would still need other documents to support it. Here you would need a Medicare number as well as photo ID of some sort and usually a bank account in the same name for wage payment to get a job long term, maybe they were payed by check. So, I suppose what you are saying is they used your ID to get the job and your TFN for their tax records. In Australia it's not that easy, your employer deducts your taxes [I]before[/I] payment via a system called PAYG. After you file your tax return you either get a refund of those taxes, nothing, or a debit depending on your circumstances. Not much point in that. [/QUOTE]
Verification
Name this item. 🍎
Post reply
Forums
Apple Computing Products:
macOS - Operating System
How secure is a locked Apple Note?
Top
