Apple added some useful feature and some feature is really harder to the offsite user. The question is that if someone takes your iPhone, can they get your data too?
For years, Apple has been working to ensure the appropriate answer is no. The iPhone’s local storage drive has solid encryption without a password or a fingerprint, there’s no real way to get past the lock screen. If the phone shuts down or goes 48 hours without a login, it secures significantly further, requiring a password to restart. It’s a huge problem for phone thieves — and, as the San Bernardino case demonstrated, makes life troublesome for law authorization as well. It’s still possible to get cloud information hung on Apple servers, and any information controlled by an application is another story, but if it’s stored locally on your phone, it’s difficult to get without your permission.
With those insurances set up, criminals and digital forensics experts have turned to the iPhone’s automatic backup system as the easiest way through. So, if your phone is connected with some machine as trusted device, then it is an automatic backup activated from your machine itself, which basically dumps all the phone’s data onto your attached machine. On the other side if your phone couldn’t connect a trusted device, then you need to establish a trusted device is a fingerprint login, which you could potentially spoof or 3D-print. Once you’ve made that login, you can pair the phone, dump the information, and start picking through.
If your computer is registered as a trusted device for a particular phone, the computer can pull backups off that phone whenever later on, even without signing in.
The process for establishing a trusted device is already a bit daunting, however, with iOS 11, that system will get only a little bit tighter. A new feature in iOS 11 will make that system a little bit difficult to crack. Now, you won’t be able to establish a pair with just a fingerprint; you’ll require the full password, similarly as though you were unlocking the phone after a hard reset. It appears to be minor, however, it’s conceivably a difficult issue for police, who are legally allowed to constrain fingerprints but move into trickier legal territory when it comes to passcodes.
So the mean time is if you’re spoofing fingerprints, you have enough to sign into the phone itself (as long as it’s not secured), and soon at some point, you can simply open applications and get the information you require anyway. But backing up the phone to a trusted device is a huge part of modern forensics, and it’s one of the few ways for investigators to be sure they’ve gotten every piece of data they could.
In iOS 11, it is very difficult to do that without the customer’s permission, turning up the heat ever so slightly on the encryption debate.