Slashdot Mirror

← Back to Stories (view on slashdot.org)

Judge Tells Apple To Help FBI Access San Bernardino Shooters' iPhone (engadget.com)

Posted by whipslash on from the slippery-slope dept.

An anonymous reader writes: After a couple shot 14 people in San Bernardino, CA before being killed themselves on December 2nd, the authorities recovered a locked iPhone. Since then, the FBI has complained it is unable to break the device's encryption, in a case that it has implied supports its desire for tech companies to make sure it can always have a way in. Today the Associated Press reports that a US magistrate judge has directed Apple to help the FBI find a way in. According to NBC News, the model in question is an iPhone 5c, but Apple has said that at least as of iOS 8 it does not have a way to bypass the passcode on a locked phone.

67 of 610 comments (clear)

  1. I can see it now... by ZorinLynx · · Score: 5, Insightful

    "Judge orders arsonist to unburn-down house"

    Good luck with that.

    1. Re:I can see it now... by binarylarry · · Score: 4, Funny

      Its pretty trivial to use this technique with Visual Basic, once you've identified the iOS device's IP address, you're home free.

      --
      Mod me down, my New Earth Global Warmingist friends!
    2. Re:I can see it now... by Darinbob · · Score: 2, Funny

      Taking apart the chip gets you what? They've already got the encrypted data. If they key was on the phone and did not rely on any external key then they could just turn on the phone and it'd be done. So there's an external key that they don't have and will never get off of any chip.

      What the FBI is really saying is that they don't believe Apple. They're so used to spying that they probably find it inconceivable (yes it means what I think it means) that a big corporation would not also have a backdoor for spying.

    3. Re:I can see it now... by Areyoukiddingme · · Score: 4, Interesting

      ...and, as I understand it, the IP Address is 512.276.128.17.

      I've noticed TV shows lately have started using the non-routeable class Cs, rather than completely invalid IP addresses. Which actually makes very good sense, since the 555 telephone exchange is the direct equivalent.

    4. Re:I can see it now... by PPH · · Score: 3, Insightful

      Good luck with that.

      Failure might be what the judge wants. And in a very public forum. Can't crack the password? Oh noes! Tragedy! Something must be done. The terrorists have gotten away with it.

      For all we know, there is nothing on the phone other than a bunch of duck-face terrorist selfies. But this is very much in the public's eye. So now is the time for the dog and pony show.

      --
      Have gnu, will travel.
    5. Re: I can see it now... by Anonymous Coward · · Score: 2, Insightful

      "and to the really smart criminals"

      You mean the FBI?

    6. Re:I can see it now... by hawguy · · Score: 4, Informative

      2. That really shouldn't be that difficult for the company that manufactured the thing.

      Would you expect a safe manufacturer to be able to easily crack open a random safe they manufactured? If so, why? If not, why do you think encryption for a mobile device should be any different?

      The company that installed our safe said they could open it when we asked what would happen if we lost the combination. They said "No problem, we'll just bring in a cutting torch and grinder and a few hours later we'll have it open. You'll need to sign a waiver first absolving us of any damage to the room."

    7. Re:I can see it now... by mattventura · · Score: 4, Insightful

      Presumably, the decryption key is stored somewhere on the device, but it in turn is encrypted with the phone's passcode. The security system deletes the key if you enter too many incorrect passcodes, but if they were able to extract the encrypted key from the phone, they could brute force it easily since there's only 10^n codes for a numeric passcode.

    8. Re:I can see it now... by TsuruchiBrian · · Score: 4, Insightful

      You can crack encryption the same way, except instead of taking a few hours with cutting torches, it takes hundreds of billions of years of computer computing clusters working well after the human race is extinct. Neither solution gives the inventor of the security mechanism much more of an advantage.

    9. Re: I can see it now... by Anonymous Coward · · Score: 5, Funny

      They want to make it somewhat realistic ...

    10. Re:I can see it now... by basecastula+ · · Score: 4, Insightful

      What more does the FBI want? The suspects are dead. Stop spending money on diminishing returns.

    11. Re:I can see it now... by zugmeister · · Score: 3, Informative

      This is exactly what they want to do... The problem is the phone will wipe itself after 10 failed attempts, so the gov't wants Apple to write them software to bypass the wipe and continue the brute force attack. I'm the only person I've ever met who has more than a 4 digit code to unlock my phone, and I don't even have anything to hide!

    12. Re:I can see it now... by zugmeister · · Score: 5, Informative

      Hardware key storage should wipe itself after so many failed attempts.

      /sigh, RTFA... This is exactly what happens after 10 bad entries. So the gov't wants Apple to write them software to let them bypass the wipe and continue brute forcing the unlock code.

    13. Re:I can see it now... by ShaunC · · Score: 5, Insightful

      Presumably they want info on who they where talking to. If the shooters had accomplices, the FBI wants to know who they are.

      If only we had an agency who is (lawfully or otherwise) intercepting every electronic signal known to mankind, who could be consulted when national security concerns arise...

      --
      Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
    14. Re:I can see it now... by meerling · · Score: 4, Informative

      I've done tech support for certain security products, and your probably right on the money there. You'd be amazed how many people are absolutely positive that you have a 'secret' backdoor to get past your security program. You wouldn't believe some of the arguments I've been subjected too over that. People just believe hollywood too much over reason. Any security program that has a backdoor access is NOT SECURE ! If the users neglected to make their emergency unlock disk, or lost it, they were totally screwed. Time to nuke & pave.
      As it happens, I don't support or have an iphone, so I have no idea what apple does, but I find it very plausible that there is absolutely nothing they can do, especially if they got pissed at their treatment early and removed any method they previously had to unlock it, even if it was for the cops when they have a proper warrant for the information. In which case, don't forget your key or it's toast.

    15. Re:I can see it now... by KGIII · · Score: 2

      Then, when 500 years passes, the FBI will return and ask what the answer is... The computer's monitor will flicker, turn on, and display a grainy image that shows but two number. 42.

      --
      "So long and thanks for all the fish."
    16. Re:I can see it now... by AaronW · · Score: 5, Interesting

      It should be possible to bypass the erase operation with physical access to the device. Most NAND devices have a write protect pin which when pulled low will disable program and erase operations.

      It may also be possible to add a socket and duplicate the encrypted flash chip so that the original is never in the phone. This could be complicated if the flash device supports a unique ID and the encryption platform makes use of it. I could think of several ways to bypass even that though. One way is to use an FPGA to create a flash emulator that can simulate the NAND device. One other advantage of this is that it could guarantee that the data is never erased. The encryption hardware itself must also store the number of authentication attempts in some non-volatile storage. Usually this would be on another chip or die since it's still not very common to mix flash and logic on the same chip.

      Unless the encryption and erase functionality is built into the Toshiba NAND device Apple uses it should be possible to pop the NAND device and use an FPGA and/or other hardware for forensic purposes since the iPhone is not built to FIPS standards (which usually pot the boards in epoxy and provide a number of methods to prevent physical intrusion).

      Even the secure keys that are not known by Apple should be accessible with physical access to the device. It's expensive, but it should be possible to read the blown fuses by digging through the layers if the exact location is known on a chip.

      https://media.blackhat.com/bh-...

      --
      This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
    17. Re:I can see it now... by TechyImmigrant · · Score: 3, Informative

      > it should be possible to pop the NAND device

      This is not a reliable thing. You can desolder a BGA, but the odds of breaking the device in the process are pretty good. Maybe if you are the police you find the risk of destroying the potential evidence unacceptable, even if you cannot get at the evidence any other way because crypto and physical security done well works.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    18. Re:I can see it now... by tlhIngan · · Score: 2, Insightful

      I still don't see why they couldn't remove the NAND chips and dump their contents, then do an offline brute force attack. I figure that if this is a terrorism case, then NSA could throw their most powerful compute clusters at it.

      Since the iPhone 4, the NAND memory has been encrypted. With a key unavailable to software.

      It's why a complete phone wipe on iPhone 3GS and prior took several hours, while only taking seconds on an iPhone 4 and up.

      So dumping the NAND does absolutely nothing - the key used to encrypt it is hidden inside the SoC itself an inaccessible to software. So you can't pop the NAND off one iPhone and put it in another iPhone.

      Android's started encrypting the flash as well, but it's still an optional feature.

      Heck, you can have main memory encryption as well - so the data in main memory can't be accessed as well. In this case, it's usually a per-startup key - so every bootup uses a completely different key.

      And the iPhone 5c is the last phone where the authentication is done in software. Since the A7 SoC upwards, the secure enclave is what authenticates the PIN code, and forces a wipe of memory if you fail to authenticate after 10 tries.

      The problem for Apple is not creating the special firmware - that's easy. The hard part is how to install it without disturbing the data. Right now, to install a software update, you have to have an unlocked phone. Even a DFU update wipes out the user data.

    19. Re:I can see it now... by AaronW · · Score: 2

      It's actually fairly reliable today and is fairly common. I regularly work with boards with BGAs with over 1000 balls that are replaced.

      Also, look up what is possible with FIB. You can basically cut through traces and build new traces on the fly on a chip, going through multiple layers or even adding new layers on top of a chip. It's not even particularly expensive and it is done regularly in the semiconductor industry especially during chip prototyping. Hell, a recent chip I worked with had to be "Fibed" to fix a critical problem. It was cheaper to fib a number of chips than it was to make a change in the metal layer and wait for the results to come back so development could proceed. Now there are some techniques with antifuse that can make this difficult, but I'm sure ways around it if you spend the money.

      --
      This post is encrypted twice with ROT-13. Documenting or attempting to crack this encryption is illegal.
    20. Re:I can see it now... by TechyImmigrant · · Score: 4, Interesting

      You are describing some aspects of my day job. I know the statistics of these operations.

      Replacing a BGA is one thing. Pulling a BGA, depackaging it and FIBing it is likely to fail. This isn't a problem if you can just do 10 and pick the ones that work. But if it's a single chip from a single phone, the odds are not good.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    21. Re:I can see it now... by Alumoi · · Score: 3, Funny

      There's No Such Agency in the US, you know :P

    22. Re:I can see it now... by stealth_finger · · Score: 2

      Over the years, I've seen many people try to use an analogy that involves a physical object or action and something to do with computers. Often, the analogy is made with a car. Yet, very seldom has it been successful.

      You can physically crack a safe with tools and a little bit of time. This is not possible with good encryption. No, I can't think of a good analogy.

      It's like a car with like a billion ignitions and you need to, you know, get all the keys, but they're like a metre long and have to go in the right order or something....and are made of unobtainium.

      Nope.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    23. Re:I can see it now... by TechyImmigrant · · Score: 4, Insightful

      Isn't this the exact attack that physical anti-tamper is meant to defeat?

      It is one attack model that an anti tamper system might be designed to resist. However it is also an attack model that some systems choose not to defend against in a simple cost/benefit analysis. If the secret on the chip has a commercial cost less that the cost of the attack, then why defend against it? The gear to mount a FIBing attack is millions of dollars. Paying a reverse engineering company is less, but > $10E6. This is related to whether or not your system has BORE properties (Break One, Reuse Everwhere).

      This does not apply here. The perception of the worth of product like a smartphone can be very tied up with perceptions of how secure it is, and being required to pull the rabbit out of the hat by a court and then you actually unlock a phone you claimed you can't unlock, then that might well destroy those perceptions of security and cost a lot in lost sales. So designing it so you can't yourself defeat the security you put in is the only sane option.

      The court order presumes that the auto erase functionality can be bypassed with software to be provided by Apple. This is likely be unbypassable either because the key management system is enforcing the retry limit in hardware or protected firmware, away from the main application code, or the software that does it simply doesn't have a back door.

      The company I work for is in the same position. We can't and won't put in back doors because being found to have lied about the security of the devices would be an existential threat to the company. That doesn't stop people who don't know lying on the internet, claiming we put in back doors, but it's not a rational thing to do.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
    24. Re:I can see it now... by v1 · · Score: 4, Informative

      They don't need to go that far. They just need to update the iPhone's operating system with an insecure version. The iPhone will update itself with whatever software Apple tells it to.

      I support the full line of Apple prodcuts at work so I have a slightly better understanding of how this process works.

      Unlike firmware updates on many devices, and older Apple iOS devies, the new ones require the firmware to be "signed", each time it is installed. This means the device will roll up its own salt, and will send a request to Apple's Firmware Signing Server. This server uses the salt and the checksum on the fimware to generate a verifiable cryptographic signature, using public key tech. iTunes sends this signature back to the phone during the restore. If it's invalid, the phone's hardware will refuse to install it. (iTunes normally will prevent it sooner, but this is assuming you have hacked iTunes, no easy task)

      Around 1-2 weeks after Apple releases a new iOS, they stop signing the old one. This prevents you from downgrading your phone's firmware. It doesn't matter if you've already downloaded and kept a copy of it. Apple won't sign it with the new salt the phone is going to generate during the installation process. So users cannot hack the firmware OR install an older version to take advantage of a patched bug.

      BUT... Apple has the secret part of the key for signing. They can roll their own custom firmware, sign it, and using a well-known public process, select the firmware and upload it. Their key servers will sign it, and the device will accept it. If Apple really wanted to fullly cooperate, it would be trivial to do. The new "security enclave" prevents them from simply ignoring the pin or displaying it on the screen, but it's possible that one or more of their requests could be accomodated. It really depends on how the SE is designed. If it's designed well, and I think we can assume it is, (they're not morons, and they have a functionally unlimited budget for such a minor thing) we should assume the SE does rate limiting in hardware. (usually via MANY hashes to dig down to the key) which is not bypassable unless you can rip the data from the hardware and feet it into a supercomputer. The USB/BT code entry is probably doable since its outside the scope of the SE. The master key should be stored inside the SE so software can't get around that.

      End game: to give them what they want will require physical hacking of the SE, to recover the encrypted key and the internal salt the SE has generated for it, and feeding that data into an emulator for the SE (or a physically redesigned/hacked SE) that can work the passcode. The hardware on the phone itself right now CANNOT be used to recover the passcode. The FBI doesn't want to break the chip trying to recover the data. They have the techniques but (A) there's a good chance they break it and they get just one try, and (B) this will go a lot faster with Apple cooperating on bypassing the SE. (they can probably still DO it, they may even have the process already developed, but it will probably be faster with Apple's cooperation)

      That leads us to another point... what if they already can access the data, or have accessed the data, and this is just a show? It's been said that the best form of deception is making your opponent believe you have fallen for his deception. Right now the terrorists are keeping a close eye on this case, trying to decide whether it's a "good idea" to use the iphone. If Apple gives them the finger, (and I hope they do) and the FBI shrugs and goes away moping, and suddenly has a breakthrough a few months from now from a "classified source", well, guess what. And that, sir, is where all my chips are placed.

      Remember, this is one case. You have to think BIG. You have to think long term. This is neither of those things. The FBI either already has this data, or will have it before th

      --
      I work for the Department of Redundancy Department.
  2. Huh? by Lunix+Nutcase · · Score: 3, Informative

    There's no word on exactly which model of iPhone was recovered

    Huh? The article clearly states a model:

    According to NBC News, the model in question is an iPhone 5c

    1. Re:Huh? by whipslash · · Score: 2

      That must have just been updated. Updating story.

    2. Re:Huh? by adamstew · · Score: 5, Informative

      You mistake an iPhone's unlock code with the iPhone's encryption key. the iPhones do typically use a 4-6 digit pin as an unlock code. The user also has the ability to create a full alphanumeric password for the unlock code as well. However, that is simply the code that's used to unlock the actual full encryption key that is stored within dedicated crypto hardware. Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES encryption key.

      Within the secure enclave itself, you have the device's Unique ID (UID) . The only place this information is stored is within the secure enclave. It can't be queried or accessed from any other part of the device or OS. Within the phone's processor you also have the device's Group ID (GID). Both of these numbers combine to create 1/2 of the encryption key. These are numbers that are burned into the silicon, aren't accessible outside of the chips themselves, and aren't recorded anywhere once they are burned into the silicon. Apple doesn't keep records of these numbers. Since these two different pieces of hardware combine together to make 1/2 of the encryption key, you can't separate the secure enclave from it's paired processor.

      The second half of the encryption key is generated using a random number generator chip. It creates entropy using the various sensors on the iPhone itself during boot (microphone, accelerometer, camera, etc.) This part of the key is stored within the Secure Enclave as well, where it resides and doesn't leave. This storage is tamper resistant and can't be accessed outside of the encryption system. Even if the UID and GID components of the encryption key are compromised on Apple's end, it still wouldn't be possible to decrypt an iPhone since that's only 1/2 of the key.

      The secure enclave is part of an overall hardware based encryption system that completely encrypts all of the user storage. It will only decrypt content if provided with the unlock code. The unlock code itself is entangled with the device's UDID so that all attempts to decrypt the storage must be done on the device itself. You must have all 3 pieces present: The specific secure enclave, the specific processor of the iphone, and the flash memory that you are trying to decrypt. Basically, you can't pull the device apart to attack an individual piece of the encryption or get around parts of the encryption storage process. You can't run the decryption or brute forcing of the unlock code in an emulator. It requires that the actual hardware components are present and can only be done on the specific device itself.

      The secure enclave also has hardware enforced time-delays and key-destruction. You can set the phone to wipe the encryption key (and all the data contained on the phone) after 10 failed attempts. If you have the data-wipe turned on, then the secure enclave will nuke the key that it stores after 10 failed attempts, effectively erasing all the data on the device. Whether the device-wipe feature is turned on or not, the secure enclave still has a hardware-enforced delay between attempts at entering the code: Attempts 1-4 have no delay, Attempt 5 has a delay of 1 minute. Attempt 6 has a delay of 5 minutes. Attempts 7 and 8 have a delay of 15 minutes. And attempts 9 or more have a delay of 1 hour. This delay is enforced by the secure enclave and can not be bypassed, even if you completely replace the operating system of the phone itself. If you have a 6-digit pin code, it will take, on average, nearly 6 years to brute-force the code. 4-digit pin will take almost a year. if you have an alpha-numeric password the amount of time required could extend beyond the heat-death of the universe. Key destruction is turned on by default.

      Even if you pull the flash storage out of the device, image it, and attempt to get around key destruction that way it won't be successful. The key isn't stored in the flash itself, it's only stored within the secure enclave itself which you can't remove the stora

    3. Re:Huh? by whipslash · · Score: 4, Informative

      Haha well... have you seen any APK spam lately?

    4. Re:Huh? by JustAnotherOldGuy · · Score: 3, Funny

      Haha well... have you seen any APK spam lately?

      If you've managed to neuter that obnoxious scumbag (or even just slowed him way down), I salute you. Seriously.

      --
      Just cruising through this digital world at 33 1/3 rpm...
    5. Re:Huh? by FunkSoulBrother · · Score: 3, Funny

      Haha well... have you seen any APK spam lately?

      God-fucking bless man. Thank you. Dude must be stewing in his own juices angry

    6. Re:Huh? by wickerprints · · Score: 5, Informative

      That isn't correct, according to the white paper:

      "The backup set is stored in the user’s iCloud account and consists of a copy of the user’s files, and the iCloud Backup keybag. The iCloud Backup keybag is protected by a random key, which is also stored with the backup set. (The user’s iCloud password is not utilized for encryption so that changing the iCloud password won’t invalidate existing backups.)

      While the user’s keychain database is backed up to iCloud, it remains protected by a UID-tangled key. This allows the keychain to be restored only to the same device from which it originated, and it means no one else, including Apple, can read the user’s keychain items.

      On restore, the backed-up files, iCloud Backup keybag, and the key for the keybag are retrieved from the user’s iCloud account. The iCloud Backup keybag is decrypted using its key, then the per-file keys in the keybag are used to decrypt the files in the backup set, which are written as new files to the file system, thus re-encrypting them as per their Data Protection class."

      The relevant sections begin at page 38, in which the paper discusses iCloud, Apple ID, and general Internet Services security. Your misunderstanding stems from the mistaken belief that you can just "restore" the iCloud backup of your phone to a new device. But to do this, you need access to the user's Apple ID password. If two-step verification is turned on, Apple definitely has no way to circumvent this.

    7. Re:Huh? by cfalcon · · Score: 2

      "Can your new site do 16 things?"

  3. Where's my tinfoil hat? by ptaff · · Score: 4, Insightful

    I wouldn't be surprised if this was nothing more than a joint PR stunt to mislead people into assuming privacy on their cellphone so they wouldn't be afraid to use it for sensitive information. Government has nothing to win by disclosing they have a backdoor, neither does the cellphone manufacturer. Even thinking lo-fi decryption, how long must the passcode be before brute-forcing gets more inconvenient for the government than for the user?

    1. Re:Where's my tinfoil hat? by TsuruchiBrian · · Score: 5, Insightful

      Apple has nothing to gain (and everything to lose) by actually having a back door. Apple doesn't make money by spying on people.

  4. Let's also order the gun manufacturer by Anonymous Coward · · Score: 5, Funny

    to revive the dead people.

  5. The code is.... by ChadSmith4920 · · Score: 4, Funny

    Unlock code: 072 (Virgins)

  6. It's easy Mr Judge by penguinoid · · Score: 4, Insightful

    All you gotta do is put the password here and it opens right up. What's that? You don't know the password? Neither do we.

    --
    Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
    1. Re:It's easy Mr Judge by jsrjsr · · Score: 3, Insightful

      Yeah, it is absurd. But it is probably also true.

    2. Re:It's easy Mr Judge by cfalcon · · Score: 2

      The idea that a judge doesn't understand technology is NOT absurd, however.

  7. What if Apple cannot access the info? by mark-t · · Score: 4, Interesting

    Is it contempt of court to refuse to try and do something that one already knows they cannot possibly do?

    --
    File under 'M' for 'Manic ranting'
    1. Re: What if Apple cannot access the info? by Anonymous Coward · · Score: 2, Informative

      And since we have judges who do not understand encryption or technology whatsoever, the judge will simply find Apple didn't do enough to decrypt the phone.

    2. Re:What if Apple cannot access the info? by argumentsockpuppet · · Score: 3, Insightful

      The phone is encrypted so that it takes a key that is randomly generated and unguessable, however the password that encrypts the key is not unguessable. Running a password guessing program against the key would work, except that the hardware limits how many guesses can be tried over a period of time. What you could do is modify the hardware to allow guessing the password without the limits, but modifying the hardware is extremely difficult. I know that many years ago when I worked with machines intended to prevent tampering, they had light sensitive components that would wipe the key if exposed. There are doubtless other similar failsafes built into the hardware to prevent attempts to modify the components. For example, they might have a tiny drop of mercury enclosed in a thin plastic bubble surrounded by a mesh of wires that would cause a short which would wipe the keys if the equipment is crushed or sawed. So if those two things were known, working on the device without light while frozen might allow microscopic layers to be removed until the bubble and wire mesh can revealed. If I were trying to design a keystore, that's the sort of thing I'd do and I'd know it is theoretically possible, but practically impossible to modify the hardware without triggering a key wipe. I'm just theorizing about how Apple might approach the tech, but I'm confident that it's a fair analogy.

      Apple can legitimately be compelled to provide documentation and expert consultants with the explanations on what can go wrong with each step with an encryption key recovery technique. It's likely that disassembling the hardware in the right ways and modifying it exactly right with just the right tools could give a modification allowing an attempt to brute force the password to retrieve the key. It is also likely that trying it could permanently destroy the key. If you have the steps and tools and information along with clear descriptions of what is likely to permanently destroy the keys and turn that over to the court, they'll likely screw it up, but Apple is off the hook.

      I assume that physical access is sufficient to break into any system humans have the ability to use normally, particularly with a password. That doesn't mean I think it can be done with reasonable tools or normal methods. In fact, I expect it is very, very hard. Honestly though, it's all I really ask of any company I trust.

    3. Re: What if Apple cannot access the info? by mark-t · · Score: 3, Insightful

      how do you show that you tried when it is something you cannot really show progress on until you succeed, and you do not have any ability to guarantee success?

      The reason the fbi is blocked is because they don't know the passcode, and this would be equally true for Apple. Apple may be utterly unable to do anything that the fbi cannot do and may have even already tried

      The judge may as well have told them to try and go faster than light. There are mathematical reasons why breaking encryption is hard, and being a big company with lots of money doesn't allow one to break the rules of mathematics

      --
      File under 'M' for 'Manic ranting'
    4. Re: What if Apple cannot access the info? by MachineShedFred · · Score: 4, Insightful

      This is why you pay a team of lawyers to show what extravagant actions were done in order to comply with the court order, and convince the judge.

      You act like a Federal Judge is a fucking moron or something. They may not understand technology, but they aren't stupid by any means.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  8. Re:The deed is done by wickerprints · · Score: 4, Insightful

    It stands to reason that the purpose of trying to decrypt the phone after the event, and after the death of the perpetrators, is to see if there might be any information that might implicate other individuals as accomplices or sympathizers, so that those individuals can be investigated. But if it is not possible for Apple to decrypt the phone, then other avenues of investigation will need to be considered.

    Of course, mathematics being what it is, and lawyers and judges being who they are, it is not the least bit surprising that the latter should be ignorant of the former. It's a unique form of hubris to think that one can somehow circumvent a secure cryptographic system by the mere force of law, as if jurisprudence supersedes mathematical truth.

  9. Re:Try all combinations by Falconhell · · Score: 3, Informative

    They can be set so 10 failed tries wipes the phone. They can also set larger passwords than 4 digits.

  10. Did they write down their passwords? by Lakitu · · Score: 3

    Maybe they should ask one of the 5,000,000 various reporters, journalists, and random people eating popsicles if they saw what looked like an iPhone passcode written down somewhere in their house while it was being ransacked live on television a day or two after the attack.

  11. Re:Try all combinations by fustakrakich · · Score: 2

    I assume they would image the drive first...

    --
    “He’s not deformed, he’s just drunk!”
  12. Re:The deed is done by Lumpy · · Score: 4, Insightful

    Or you know the FBI can look through all the phone records and use their other sources of information. These people had twitter, they know that, they can also easily find their email accounts.

    It's the FBI being whiney.

    --
    Do not look at laser with remaining good eye.
  13. Re:The deed is done by KitFox · · Score: 4, Insightful

    The problem is that cryptography is mathematics and doesn't know the difference between criminals and innocent people.

    It also doesn't know the difference between law enforcement requests to unlock the phone and criminal requests.

    If they can get into a criminal's phone, they can get into anybody's phone. If they can get into anybody's phone, any criminal who gets the key can get into anybody's phone. As to "how likely is it for the criminals to get the keys?"... well, pretty much every system (FBI, DHS, Apple, etc) that could theoretically hold the keys has been breached at some point. Holding that capability also makes a huge target. So "Very Likely", even to the point that when things were previously unlockable, hackers were doing so already.

    Thus it comes down to "Do you want to allow criminals to access your iPhone so that law enforcement can also access a criminal's iPhone?" at that level. And in the event that a smart criminal had an indication that Apple could defeat the encryption and lockout, they'd just store the important data in a place that no company controlled or had access to.

    --

    @Whee

  14. Re:4 Digit Pin? by Anonymous Coward · · Score: 5, Informative

    No problem. 0000. Nope. 0001. Nope. 0002. Nope...

    0009. Too many invalid password attempts. Full disk encryption key has been erased. Initiating factory reset of device...

  15. Re:The deed is done by jedidiah · · Score: 4, Insightful

    > Except for the Criminal Rights crowd

    You mean like the Son's of Liberty? THAT "criminal rights" crowd.

    You're such an ignorant moron.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  16. read the Ex Parte DOJ filing for the correct story by supernova87a · · Score: 4, Insightful

    Just so that the debate here is a little more well-informed:

    The government is not asking that Apple give out the user's password, or decrypt the phone, both of which they cannot just do (i.e. are incapable of performing). The request is that Apple produce a piece of iOS software or boot image (as I understand it), that would:
    1) Disable the auto-erase feature
    2) Allow the FBI to brute force submit password guesses to the phone, and
    3) Disable or reduce the increasing-delay-between-guesses feature of the passcode lock.

    I would be curious to know whether for this iPhone 5c (with iOS 9) this is even possible for Apple to do.

    You can see why Apple wanted to get very far away from the business of being in a position to be asked constantly by law enforcement to help decrypt its phones, just for the sheer volume of requests that will be coming if they do....

  17. Re:The deed is done by spire3661 · · Score: 5, Interesting

    The right to encryption and by extension privacy is more important than any one crime. The State has to accept its limitations, not wail and moan about how its 'not fair' they cant have absolute control over humans. Some things are beyond government's reach, accept it.

    --
    Good-bye
  18. No other means huh? by LeonPierre · · Score: 2

    What could be learned from that phone that could not be collected from all the other electronics the couple owned and used?

    Without accessing that phone the govt could find who the couple have called and texted, subpena social media sites for their exchanges, and collect who knows how much information under an NSL from Internet Service Providers.

    I find it difficult to believe that something so nefarious or so important exists on that phone and that phone alone that can't be gathered elsewhere through other fashions.

    This feels like the govt trying to flex its muscle using a high profile case in order to persuade public opinion regarding encryption and back doors.

    Remember folks: a backdoor for one is a backdoor for all. And who cares about a back door when you have an intelligence agency monitoring all the comings and goings of the front door.

    --
    "If it ain't broke, it doesn't have enough features yet"
  19. Re:On-device key useful for secure deletion by bill_mcgonigle · · Score: 4, Insightful

    Apple devices from the iPhone 5s and onward use a "Secure Enclave" which is basically tamper-proof hardware key management.

    This phone in question is the 5c, so Apple might actually be able to attack it. Unfortunately, this will make the judge think any iPhone can be attacked by Apple.

    Although, I'm really not clear under what authority the Judge believes he has the power to compel Apple to do all this work against their business interests. It used to be they'd have to threaten, in secret, to put the CEO in prison to get this kind of cooperation. Now a judge just commands it? #ussa

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  20. Comment removed by account_deleted · · Score: 4, Informative

    Comment removed based on user account deletion

  21. Re:4 Digit Pin? by Anonymous Coward · · Score: 2, Funny

    Well, your honor, we tried.

  22. They do not need that phone by gweihir · · Score: 2

    The perpetrators are contained. Finding out why they did it has time and can be done slowly and the old-fashioned way. The only thing they are doing here is to push (again) stupidly for a thing that makes everybody much less safe: backdoors. They must not be allowed to make the current global computing infrastructure even less secure as it is today, just to cater to their laziness. These people are more of a threat than any criminal could ever be.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  23. Re:What does he expect? by gweihir · · Score: 2

    Brute forcing BPKDF2 is easy in comparison to what he wants. This is about breaking a secure microcontroller. A few orders of magnitude harder and pure software-attacks will very likely not work.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  24. Re:read the Ex Parte DOJ filing for the correct st by wickerprints · · Score: 4, Informative

    After reading Apple's iOS Security Guide white paper, it is doubtful that Apple can write any kind of software to load onto the device to permit any of those options. This is because once the device is locked, it will not install any updates to the operating system. The boot firmware is already installed and automatically runs when the device is turned on. Updating the operating system requires the device password. These functions are cryptographically secured. See the section "Keybags," subsection "Escrow Keybag" in the paper. The auto-erase and time delay features are enforced by the Secure Enclave in hardware, and cannot be circumvented.

  25. why? guilt is not in question by johncandale · · Score: 2

    why? guilt is not in question. It's just a precedent thing. fbi is overfunded and now they have something to do. Why don't they use these resources on future crimes unrealated? I'll tell you why. because it's easier and more fun to tinker with this. fuck the fbi, do something useful for us.

  26. Re:The deed is done by KitFox · · Score: 2

    From one point of view, it could be said that I did not say the encryption scheme would be broken in that case. It would be the misappropriation of "legitimate" keys used to access the back door of the encryption system.

    From another point of view, if the point of the encryption is to prevent any but explicitly-authorized entities - as defined by the data holder and assumed to not include the pool of "and whoever has backdoor keys to the encryption system" - from accessing the data, the very existence of a backdoor breaks the encryption scheme (though not the cipher-generation algorithm) to a degree as it both creates an unknown third party "authorized entity" and a larger attack surface against which a successful attack can compromise the security of your data.

    The encryption scheme, taken as a whole, is the entirety of everything from the key storage to (in)secure hardware to the strength of the key against various attacks to the cipher algorithm and stuff in between and around. So the algorithm that generates the encrypted result and reverses that process may be "very secure", but the scheme as a whole can have other faults. Like "password written on a post it note and stuck to the back" or "intercept the self-destruct process to be allowed to brute-force 10,000 4-digit possibilities" to "offload the stored key and use knowledge of the pin-to-key process to extract the key by brute force on an external system".

    Encryption cipher algorithms as we know them today is not "unbreakable". It's just "currently so hard to break that it cannot feasibly be assumed to be doable in a useful time period." But a sticky note with the password renders even an "unbreakable" quantum cipher useless in short order. So you protect the key.

    If you are the only one in control of the key, you can make your own choices (within some limitations) on where that key exists and who/what has access to it. The moment there is a back door, you no longer have control over the fully-inclusive key set to your data and the people who do have proven that there is a strong potential for their backdoor key to become compromised, thus compromising the security of your data.

    --

    @Whee

  27. Re: read the Ex Parte DOJ filing for the correct s by cfalcon · · Score: 2

    NO!

    If he had it on icloud, Apple could turn it over. The icloud backups are encrypted BY APPLE.

    Check page 4:
    www.apple.com/privacy/docs/legal-process-guidelines-us.pdf

    Here's some guidelines:
    http://manhattanda.org/sites/d...

    There's a part where the document sort of complains that users aren't required to back everything up to icloud, because they can just ask for anything in icloud at all and get it in plaintext immediately (as documented by the first link).

    If you promise to encrypt "hunter2" your end with AES-256, is it encrypted? Sure, but it's also here on plaintext, in transit, and if asked, you could certainly retrieve it. Even though it's clearly my password that you can't see :P

  28. This is why Touch ID is a problem by nbritton · · Score: 4, Informative

    If the iPhone 5c had Touch ID this wouldn't be a problem, they could just use the persons finger to unlock the device. This illustrates why Touch ID is a bad idea if you care about your privacy. Since we only have ten fingers and the auto erase doesn't activate until after 10 failed attempts, the only thing needed to get into a Touch ID phone is a court order. The Fifth Amendment protection against self incrimination only applies to the contents of your mind, it's established precedent that it doesn't apply to your body (i.g. blood, DNA, finger prints, etc.) or property.

  29. Re:What does he expect? by squiggleslash · · Score: 2

    No, they want Apple to create a "one-off" insecure version of iOS. Source: I was personally told this by Tim Cook.

    Well, OK, he wrote me a letter.

    Well, OK, he wrote a lot of people that same letter and has probably never heard of me or had me in mind when writing it. But he is a person, and he did tell me this via said open letter, so that counts as being personally told this by Tim Cook right?

    --
    You are not alone. This is not normal. None of this is normal.