A cautionary tale

This post is a cautionary tale that hopefully helps someone in the future, unfortunately it has affected a friend of mine who is having to deal with the situation.

So, what is this about.  This is all about getting the new iPhone 5S, this is what happened.  My friend was tempted by the new phone and since he was out of contract he was considering the purchase, he wanted the 32GB version but found the cost to be prohibitive (come on Apple make 32GB the standard).  Anyway, he saw a deal in the local RadioShack, they would trade in your phone (an 4S in his case) and get you a shiny new iPhone 5S, they would give him around $150 for his old phone, sounded good.  This is where it starts to go South, firstly they didn’t have the new phone in stock, my advice to him was to tell them to forget about it and get one from Apple then go online and sell his phone for (probably) more than $150.  Since he made the deal with RadioShack and he is an honourable man he persevered and waited.

Then the phone finally arrived (over 2 weeks later), so he goes to the store and starts the process, from all accounts the monkeys in RadioShack must have only ever done this type of transfer once in their dreams and what should have taken 5 minutes was taking over half an hour.  Then the kicker (in the balls), they casually told him that he would not be getting the full amount for his phone (ouch) and they asked him if that was OK; at this point I would have picked up my phone and left but he said that if they could do it in 5 minutes then he would be fine.

So, now we get to the nub of the matter, they then ask him whether he wants them to transfer his data to his new phone, well, since he was getting agitated and frustrated he just wanted to get out of the store, so remembering that he had a backup on iTunes he told them that he didn’t need them to do that.  He watched the monkeys wipe his old iPhone 4S of all the data, contacts, photos, notes, the lot!

He gets home, plugs in his new iPhone to his computer and tries to restore his backup, all looks well till it asks him for a password for the backup, hmmm, what was that password, I know it’s in my password vault … that is on my iPhone … that is wiped and sitting in RadioShack, crap.  He tries the old standbys but nothing works, now what?  I try to help by asking him whether he backed up his data to iCloud, nope, he only created a local iTunes backup.

I don’t know how the backup is encrypted but the only way to crack this is to use a brute force attack, since he does not know what the password length is this could take weeks, months or years to crack, not cool.

So, lessons have we learned from this incident.

  1. Getting an iPhone from anyone other that your carrier or Apple directly is a waste of time, remember that Apple can sell every phone it makes without resorting to third parties especially just after the introduction of a new phone.  Therefore third parties get the scraps hence the long wait for the phone in the first place.
  2. RadioShack (and I assume other vendors) seem to hire monkeys to do their bidding, it should not take more than 5 minutes to setup a customers phone.
  3. Use iCloud for backup, it’s free, it is convenient and you never have to worry about it.  My positive experience with iCloud was when I got my iPhone 5, it was playing up so I took it to an Apple store.  The technician confirmed the problem and gave me a new phone, then we restored from iCloud there and then, all my contacts, few pictures and notes were restored; my music was not but that was all in iTunes.
  4. If you have a password safe make sure it spans multiple devices, e.g. a Mac or PC or another tablet device.  I use KeePass (other are out there) and I have the file on Dropbox (or SkyDrive) so that it is accessible anywhere I have access to a computer.  OK, so I need to remember the Dropbox, SkyDrive and the password to the file but that should be easy because I use them all the time.
  5. Don’t encrypt your iTunes backup, if the backup is on a machine that has a password and the machine is always with you then someone would have to steal your PC and then crack your Windows/Mac password before they could get to your data in iTunes.

I think that this whole situation was a perfect storm that has unfortunately put my friend in a bad situation, we are trying to crack his backup password but it is slow going and I don’t even know whether it will ever be cracked (we can only try).

Advertisements

One thought on “A cautionary tale

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s