John McAfee Offers To Decrypt San Bernardino iPhone For the FBI and Save America

MojoKid writes: Wondering what John McAfee is up to these days? It's not sniffing bath salts nor is he fleeing foreign countries as a person of interest in a murder investigation and faking heart attacks (been there, done all that) ; instead, he's on a mission to save America. How so? By cracking the code on the San Bernardino iPhone that's causing such a ruckus. McAfee didn't just criticize the FBI; instead he offered a potential solution. Let him and his team of hackers break into the iPhone without any help from Apple. "With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension," McAfee said. Eccentric rant aside, McAfee's offer is simple - give him three weeks and he will, "free of charge, decrypt the information on the San Bernardino phone" with his team of hackers. He'll do it using mostly social engineering.

What's he on, today?

[MSG]

McAfee is clearly off his rocker. The only person or persons who he could expect to socially engineer his way through are dead.

Re:What's he on, today?

[Andy+Dodd]

Apple devices have an additional "trick" beyond just PBKDF2 - There's a random AES key burned into the CPU, and it's wired such that it can be set/erased, but not directly read - it can only be fed as the key into an AES engine.

I am not sure if Apple's PBKDF2 has this AES engine as part of the loop, or if it just feeds the key that comes out of PBKDF2 through the AES engine, but the end result is, on any given device, the AES key that results from a given passphrase is unique to that device and cannot be reproduced off-device.

So if someone just clones the device's flash contents, they have to resort to brute-forcing AES directly, as opposed to trying to brute-force passcodes.

So you can only brute-force passcodes on-device (something like 80ms per try on this model, newer models have a 5 seconds per try limitation), and Apple's software doesn't even allow you to do that. The FBI wants to at LEAST get on-device brute-force capability.

Which might still take years if the user had a reasonably strong passphrase.

Re:What's he on, today?

Only Apple has the key to sign their firmware image. OK, maybe the NSA but they'd never share that capability with the FBI.

Re:What's he on, today?

[Trailer+Trash]

Apple doesn't want to admit that they can flash new firmware to the locked device even though everyone knows they can.

According to one legal analyst, the FBI and NSA already have this capability. What the government is looking for in this court case is a legal precedent to force companies to do this for them and make the data recovery admissible in court.

I came to this conclusion yesterday. Some clueless folks elsewhere were arguing that there might be a zero day exploit that Apple could use (um, paradox, anyone?) that would get the trick done. My point was that if such were available chances are the FBI, NSA, whomever would already know about it or be in a position to find out about it, and that would be an easier and cheaper route to take.

It's obvious that they want to force Apple to do this as a precedent, particularly now that iPhone 6 + cannot be "hacked" in this manner.

Re:What's he on, today?

[macs4all]

I think they're also aiming to (eventually) use OS updates - which can be done remotely - to hack phones without having to have physical possession. Because seizing the phone can't be done without the owner knowing it, and getting warrants means dealing with judges. If they can do it remotely, they can ignore due process.

Apple CANNOT Force an OS Update onto an iPhone remotely. I requires the User to either bring up the Update function or at the very least, Confirm a Dialog prompt.

And I would doubt Apple can do so even with physical access, without taking the phone apart to expose JTAG (or similar) pins.

Re:What's he on, today?

[david_thornley]

Look, the defenses against this in the 5/5C and earlier models are primarily in software, so there are ways to get around it with software. Doing this requires writing new software that Apple didn't have before, and exploiting a vulnerability.

This won't work on any iPhone Apple is currently selling, by the way.

Is it your opinion that any company that mentions privacy, but has sold equipment that is designed to be easy to use and happens to not be able to stop a major megacorp breakin is lying or hypocritical?

Re:Can you work with an image?

[agm]

The encryption keys and protection mechanism are hardware based, not software based. The bytes in storage are useless without the phone's exact hardware. Unless they try and brute force the encryption. How many millions of years would that take?

iPhone Security explained..

[slashkitty]

I highly recommend some of you read this paper: http://www.apple.com/business/...

Re:Can you work with an image?

[edtice1559]

The four digit PIN isn't used to encrypt the device. If it were, the thing would have been decrypted in under a minute. The encryption key is stored in a piece of hardware that takes the PIN and encrypted data as input. It combines those with a key that only the hardware knows to generate some output. If the hardware would make it's key available then it would be trivial to do what you describe. But the hardware is explicitly designed NOT to do that. It can only output the decrypted text. If you pass it the wrong PIN, the output is jibberish. Of course you can still try every combination of PIN but you need the actual hardware. For iPhone 5, if you entered a bad PIN too many times, the OS wiped the device. If you could sabotage the counter or otherwise modify the software you get unlimited tries. That's what the FBI wants here. Starting in iPhone6, the hardware ("secure enclave") will destroy its key if there are ten bad PIN entries in a row. The same hardware is designed such that updating it's software will also destroy the key. So the trick won't work anymore. However, Apple can decrypt an iPhone5. But they have to do it by updating software to not wipe the phone.

The Fact Of The Matter

The fact of the matter is that

I don;t think that means what you think it means.

Your wild-ass and misguided assumptions are not facts.

Re:Can you work with an image?

[j-turkey]

You dont get it. This is the FBI's 'Rosa Parks' moment. They are using an incendiary case to force the issue that unbreakable encryption should not be allowed in casual use. They are trying to force the idea that it should be illegal to make an unbreakable lock and they are using this case to ram it home. They dont really give a shit about the data in this case, they want to cow the tech sector into not making their jobs harder.

THIS! I wish that I had mod points. You are correct, the case is entirely political. The Guardian has an article that explains in depth what you very succinctly stated. The big takeaway is that the actual data in this case doesn't really matter. However, the feds were fishing for the perfect inflammatory case to establish legal precedent (NPR had a great story on it earlier this week with a legal analyst who said that the Justice Department knew exactly what they were doing when they chose this case). Tim Cook is spot on in fighting this as a precedent matter more than anything else.