Slashdot Mirror
DoJ Says Apple's Posture on iPhone Unlocking Is Just Marketing (reuters.com)
New submitter kruug writes: The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge's order for the company to unlock the iPhone belonging to one of the San Bernardino shooters, portraying the tech giant's refusal as a 'marketing strategy.' The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week. The Federal Bureau of Investigation is seeking the tech giant's help to access the shooter's phone, which is encrypted. The company so far has pushed back, and on Thursday won three extra days to respond to the order. Reader Lauren Weinstein writes of this tack: "The level of DOJ disingenuousness in play is simply staggering."
Apple did nothing to keep this secret. It's already known they have assisted the FBI before.
Instead what happened is no-one cared, not even Apple, until the FBI demanded essentially that Apple break hardware security. That is where Apple drew the line; that is what brought all of the attention to bear.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
from TFA: " iPhone belonging to one of the San Bernardino shooters"
wrong - it belongs to San Bernardino County.
Seems likely, anyway. On the other hand, the FBI's posture is just a constitutional overreach and attempt to institutionalize the ignoring of due process, so they're about even.
The FBI then made its tailored request, which Apple asked to be placed under seal, according to the New York Times. Instead, the FBI went public, setting off the high-profile drama
"First they came for the slanderers and i said nothing."
The data is encrypted using a key fused into the hardware processor. The key is in hardware and not readable. The key is not the 10 digit pin. The 10 digit pin and the encrypted contents are sent to the hardware chip and a decryption attempt is made. The results of that are sent back. If the user fails to decrypt the data within 10 attempts the encryption key in HARDWARE is wiped out making the user brute force AES 256 on the data instead of the 9999 possible pin combinations.
The hardware encryption chip would need to be copied as well as the data. Copying the data alone gives you nothing but random bits of AES 256 encrypted data. Putting that on a phone emulator or another phone will never work unless the unique key in hardware is known and that cannot be read.
That's actually exactly what Apple is saying and it's true: they can't access the encrypted data because they don't have the key.
What the FBI wants is for Apple to develop a hacked version of iOS that can be loaded onto the phone and allow external inputs to try different user unlock PINs as well as get rid of both the 10-attempts limit as well as the time-between-tries limit.
Obviously the existence of such a hack -- as well as the ability to load a locked phone with it -- is a dangerous tool that can be used on any iPhone. Apple isn't just refusing to hand such a thing over, they're refusing to even develop (or at the very least, acknowledge the existence of) such a hack. Thus discouraging any hackers from going "shit, it can be done, let's find out how!".
That's not the deal at all. Apple can't decrypt it. The FBI wants them to remove the safety measure where the phone will discard the encryption key altogether after 10 failed attempts at guessing the passcode.
That simply isn't true. Apple is facing a specific order to decrypt a specific iPhone in a specific legal case. If this can't be done, there is nothing for Apple to fight, because the court order only applies to this phone. The fact that Apple is fighting this order and is saying that they are refusing to develop an unlock tool implies that they believe it can be done but are simply refusing to do it.
Apple is facing a specific order to decrypt a specific iPhone in a specific legal case.
Apple has previously cooperated with warrants to unlock iPhones for the authorities, but that was before they changed the encryption method to better protect user data hackers and spies. If Apple develops an unlock tool for this specific case, what prevents it from being used for every legal case in the future?
I like the idea that no one — not even the government — can browse through the encrypted data on my iPhone. The Founding Fathers used encryption to protect their own communications from the British government. In fact, under some bills being considered by various national governments today, they would have gone to prison for using encryption technology.
> My point is that if Apple can push such a software update to an existing phone without the user unlocking the device first, then iOS cryptography is broken already.
You should look a bit more into it.
First, if we are talking CRYPTO, lets be real: a 4 digit passcode is triival to brute force. I don't care WHAT you use- Twofish/AES/Serpent in Veracrypt, I will absolutely break your 4 digit passcode in moments. Because it's a fucking FOUR DIGIT PASSCODE.
So, how does Apple try to secure this? The only way it can- with hardware. The crypto is 128 bit AES, so they aren't trying to attack that. Later versions of the iphone have secure hardware implement this sort of logic. The version in question actually IS less secure- it has software that does the task of the wiping. Apple is refusing to build and cryptographically sign software that will do it.
There's no cryptographic way to secure a 4 digit passcode, or a 6 digit passcode. It's physically impossible. Hence the use of hardware. If you have a serious crypto passphrase on your iphone- and you absolutely can- then the only way in is through the crypto, either the AES or the PBKDF2. It's not as strong as AES 256 XTS (because it is AES 128 XTS), but it is still considered unbreakable.
So don't talk shit about their crypto if their crypto isn't even up for debate. This is about a software workaround possible on an older model to brute force requests into the hardware that is expected to defend a 4 digit passcode against repeated attempts. The crypto isn't even in the conversation.
What this comes down to is that iOS cryptography is vulnerable because their key management appears to be vulnerable.
Key management isn't vulnerable at all. Only the user's choices make it vulnerable. Just like if I run an SSH server with all the best encryption but the login is "root" and the password is "password", the underlying process isn't weak at all, only the user inputs are.
If you're worried set your unlock key on your phone to a passphrase and use 256 random characters. That choice is yours. If you still think it's insecure, then your can come back and complain about Apple's handling of it. But the reality is you'll come back and complain about how hard it is to access your own phone.
By the way my unlock code is 000000. 6 digit passcodes were enforced by my company. I hate having to type a password in to access my phone. Does that make my phone crptographically insecure? No it just makes me a stupid user with no idea (or maybe no desire) to secure my data.