Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's iPhone Already Has a Backdoor

Posted by timothy on from the hidden-driveway-too dept.

Nicola Hahn writes: As the Department of Justice exerts legal pressure on Apple in an effort to recover data from the iPhone used by Syed Rizwan Farook, Apple's CEO has publicly stated that "the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone." But, as one Windows rootkit developer has observed, the existing functionality that the FBI seeks to leverage is itself a backdoor. Specifically, the ability to remotely update code on a device automatically, without user intervention, represents a fairly serious threat vector. Update features marketed as a safety mechanism can just as easily be wielded to subvert technology if the update source isn't trustworthy. Something to consider in light of the government's ability to steal digital certificates and manipulate network traffic, not to mention the private sector's lengthy history of secret cooperation. Related: wiredmikey writes: Apple said Monday it would accept having a panel of experts consider access to encrypted devices if US authorities drop efforts to force it to help break into the iPhone of a California attacker. Apple reaffirmed its opposition to the US government's effort to compel it to provide technical assistance to the FBI investigation of the San Bernardino attacks, but also suggested a compromise in the highly charged legal battle.

In his first public remarks since Apple CEO Tim Cook said he would fight the federal magistrate's order, FBI Director James Comey claimed the Justice Department's request is is about "the victims and justice."

61 of 401 comments (clear)

  1. Tim Cook's letter by Midnight+Thunder · · Score: 5, Informative

    In the context of this article it is worth pointing out the letter that Tim Cook sent out to Apple employees:

    http://arstechnica.com/tech-po...

    I believe he makes good points, and where ever we end up, it should be because of proper discussion understanding implications, rather than because 'Apple is evil' mantra, that will end up burning everyone.

    --
    Jumpstart the tartan drive.
    1. Re:Tim Cook's letter by Anonymous Coward · · Score: 5, Interesting

      From the arstechnica article:

      The document closed with a call for Congress to "form a commission or other panel of experts on intelligence, technology, and civil liberties to discuss the implications for law enforcement, national security, privacy, and personal freedoms. Apple would gladly participate in such an effort."

      From the leaked White House memo linked in the Counterpunch article:

      Proposed Policy Principles
      Deputies agreed that attempts to build cooperation with
      industry, with advice proposing specific technical solutions, will
      offer the most successful option for making progress on this
      issue. In particular, given industry and civil society's
      combative reaction to government statements to date, any
      proposed solution almost certainly would quickly become a focal
      point for attacks and the basis of further entrenchment by
      opposed parties. Rather than sparking more discussion,
      government-proposed technical approaches would almost certainly
      be perceived as proposals to introduce “backdoors” or
      vulnerabilities in technology products and services and increase
      tensions rather build cooperation.
      However, if the United States Government were to provide a set
      of principles it intends to adhere to in developing its
      encryption policy, such a document could spark public debate.
      Proposing such principles would not be without risk, as some
      constituencies may not distinguish between principles and
      specific technical approaches. As a result, these principles
      could come under attack, but could also serve to focus Public or
      private conversation on practicalities and policy trade—offs
      rather than whether the government is seeking to weaken
      encryption or introduce vulnerabilities into technology products
      and services.

      It seems like the plan is proceeding nicely. We getting into the "public debate" phase. Soon it will move on to the trade-off phase decided on by a panel of private and governmental experts.

    2. Re:Tim Cook's letter by Tablizer · · Score: 5, Insightful

      I especially like this quote:

      "...we strongly believe the only way to guarantee that such a powerful tool isn't abused and doesn't fall into the wrong hands is to never create it."

      --
      Table-ized A.I.
    3. Re:Tim Cook's letter by FlyHelicopters · · Score: 5, Insightful

      It seems like the plan is proceeding nicely. We getting into the "public debate" phase. Soon it will move on to the trade-off phase decided on by a panel of private and governmental experts.

      Yea, but part of the challenge is that not everything in the world can be "compromised" or "traded-off".

      Encryption either works or it doesn't. Your info is either secure or it isn't. If the government can access it, then it isn't secure.

      There just isn't any give-and-take here, either you can make your info private, or you cannot.

    4. Re:Tim Cook's letter by kheldan · · Score: 3, Insightful

      Encryption, by it's very nature, is a binary issue; it either 'works' or it 'doesn't work', there is nothing in between. If you design in a work-around for not having the keys, then the encryption 'doesn't work' because it can be defeated. If you make the front door and it's framework out of quarter-inch thick hardened steel armor plate and secure it with an Abloy lock, but then have a spare key under the Welcome mat, you've failed to properly secure your house. If you have a secret and you share it with someone else, it's not a secret anymore. There is no such thing as 'a little pregnant', you either 'are' or you 'are not'. So it goes with encryption: Either 'encryption==TRUE' or 'encryption==FALSE', there is no state between the two. Even if they banned ALL encryption, it won't accomplish what they want to accomplish; criminals and terrorists will still use encryption of some sort or other, it's commonly available now -- and they won't have any 'backdoor' into that, either! The entire subject is moot. What law enforcement and the government wants is pointless and stupid and they need to just GIVE UP and forget about it. If they can't suss out what criminals and terrorists are doing using conventional investigative methods then they're incompetent and need to be replaced with people who can.

      --
      Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
    5. Re:Tim Cook's letter by FlyHelicopters · · Score: 2

      You could make that argument, but I would disagree with it.

      The flaw in it is that if the government CAN access it, then so can FOREIGN governments, and likely bad actors as well, so the country STILL isn't secure.

      My personal privacy and liberty is more important than the government keeping the boarders secure in any case.

  2. So the vulnerability is the updating mechanism? by mlw4428 · · Score: 3, Insightful

    I hate Apple as much as the next anti-Apple-fan boy, but come on. Literally EVERY OS has this concern. I wouldn't call it a backdoor anymore than I would suggest that having a window not made out of bulletproof glass is an open invitation for robbers into your house. In other words, this is sort of like "duhhhhhhh" material and hardly newsworthy. Now having an open and honest discussion about the security of update services for OS and the security methodologies employed, would be a fantastic article.

    1. Re:So the vulnerability is the updating mechanism? by ceoyoyo · · Score: 3, Informative

      Every OS does not have that problem. I'm not even sure that iOS does. It's possible Apple has a way to forcibly push an over the air OS update to your phone, but I don't recall ever hearing any confirmation of that. As far as non-mobile OSes, the only one I've ever heard about forcing updates on you is Windows 10.

    2. Re:So the vulnerability is the updating mechanism? by xxxJonBoyxxx · · Score: 4, Informative

      >> Literally EVERY OS has this concern

      I'm not sure you understand the concern then. The feature in question is, "ability to remotely update code on a device automatically, without user intervention"

      Windows allows you to disable automatic updates (even on Windows 10). Linux famously allows you to only put the specific code you want into your OS. (Google "compile kernel", etc.) If iPhones require automated updates or they will stop functioning, I'd say that concern is still fairly unique to the iPhone platform.

    3. Re:So the vulnerability is the updating mechanism? by Anonymous Coward · · Score: 4, Interesting

      I think the article is not correct. iOS doesn't let you run an update that reboots the phone unless you input the password first (ostensibly to prevent you from being locked out on reboot).

      I think Apple can force load a new OS without this limitation, but it needs physical access to do so.

    4. Re:So the vulnerability is the updating mechanism? by Espectr0 · · Score: 2

      You can't disable updates on Windows 10, only "defer" them, at least on non enterprise versions.

      This screenshot is from my Windows 10 Pro machine at work. There is only "aplazar" available (defer)

      --
      Open Source Java Web Forum with LDAP authentication
    5. Re:So the vulnerability is the updating mechanism? by zerosomething · · Score: 3, Interesting

      I think the article is not correct. iOS doesn't let you run an update that reboots the phone unless you input the password first (ostensibly to prevent you from being locked out on reboot).

      I think Apple can force load a new OS without this limitation, but it needs physical access to do so.

      Exactly correct, the article is wrong on the fundamental premise that Apple can force an over the air update. They, or anyone, can force a firmware update when connected to a wire. The Government want's Apple to create firmware that would turn off the security option in iOS that wipes the phone after 10 failed passcode attempts.

      --
      It all starts at 0
    6. Re:So the vulnerability is the updating mechanism? by EmperorArthur · · Score: 2

      Ehh, who needs mod points.

      Take a look at this link: https://www.techdirt.com/artic...

      The gist is that iPhone's "Secure credential storage" firmware is part of the regular firmware, and can be updated without authentication. It just has to be signed by Apple. I will agree that a much better model would be a fully seperate chip that requires authentication, or a wipe to update the firmware. Unfortunately, it looks like Apple didn't want to do things properly.

      I'm not sure what you're talking about for the second part. The changes the FBI is asking for are pretty simple. Disable the auto wipe after 10 bad attempts, and remove the delay between password retries. With both of those removed brute forcing the password is easy. The truth is those changes are trivial. Since they have the source code, all Apple hase to do is comment out two lines. The BIG IMPORTANT PART is the new firmware requires Apple to sign it to run.

      --
      So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
  3. And soon it won't be by JonahsDad · · Score: 5, Interesting

    When I read exactly what the FBI was asking Apple to do, I realized that there was a back door, and that Apple will most likely be doing what they can to close this back door in a future iPhone release.

    If I were Apple, I'd make sure a future release gave the user the option of only allowing firmware updates after the user logged in. This doesn't have to be required for every iPhone (corporations might want this disabled on iPhones they purchase for their employees), but it should at least be an option.

    1. Re:And soon it won't be by steve6534 · · Score: 5, Informative

      A normal update does require you to unlock the phone to accept the update. They're talking about leveraging recovery mode which can be used to force load an image onto a phone that might be otherwise unusable. See here - https://support.apple.com/en-u...

    2. Re:And soon it won't be by dunkindave · · Score: 3, Interesting

      A normal update does require you to unlock the phone to accept the update. They're talking about leveraging recovery mode which can be used to force load an image onto a phone that might be otherwise unusable. See here - https://support.apple.com/en-u...

      Yes. That's the exact Apple support page that worries me. It says "iTunes will try to reinstall iOS without erasing your data." Updating iOS in this way needs to either require my passcode or erase my data. I expect that it will in a future version version of hardware (because only doing it in software isn't enough).

      I have gone through this process, so can speak from experience. My wife changed her passcode, then promptly forgot the new one. The only option according to Apple is to reinstall. But if the phone is previously synced to a computer, it has exchanged cookies that allow the computer to still access the phone's contents (this is one of the reasons why the FBI wanted to find that hard disk). When I did the reinstall, it first read the contents out like a normal backup, then installed a fresh OS, then restored the data from the backup. I think this is what they mean by "try to reinstall iOS without erasing your data." It does get erased, but is restored, so effectively not erased.

      About six months later she did the same thing, except this time, she tried rebooting the phone. When I hooked it to the computer, the system was unable to access the phone, so the restore could only put back the data saved during the latest backup (about a month before). She was bummed since she lives off her phone's calendar and doesn't trust it backing up to iCloud.

  4. Signed updates are fine... by AmiMoJo · · Score: 2

    Signed updates are fine, as long as you can't update the firmware in your secure memory to alter the maximum number of wrong guesses before erasing or reduce the minimum time between guesses. That way even if the OS image is compromised you still need to enter the correct code within n attempts to unlock the device.

    It seems incredible that Apple thought it would be a good idea to build that functionality. I don't know of any other ARM CPU design that allows it, for this exact reason.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    1. Re:Signed updates are fine... by sims+2 · · Score: 2

      Apple already had to update the fw once http://9to5mac.com/2015/03/18/... because it wasn't incrementing properly when the power was cut. You would prefer to wipe the phone to apply the update?

      Personally I would like the ability to set the key myself.

      --
      Minimum threshold fixed. Thanks!
    2. Re:Signed updates are fine... by adamstew · · Score: 3, Insightful

      You can fix that super easily:

      secure enclave will accept software updates in two cases: 1) provide unlock code and keep the encryption key intact. 2) do not provide unlock code and then wipe the encryption key.

      This is a secure method of doing it. You can either provide the unlock code and update the firmware of the secure enclave without wiping the device, or you can wipe your device and update the firmware of the secure enclave without the unlock code.

    3. Re:Signed updates are fine... by MachineShedFred · · Score: 2

      Well, it's an academic discussion because the phone in question is an iPhone 5C, which doesn't have the Secure Enclave.

      If it did, then the FBI would be fucked. But, because it's the last model without it, this type of brute forcing of the PIN is still possible if the OS doesn't prevent it, which is exactly what they are asking for.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  5. There's a lesson here by Jawnn · · Score: 5, Insightful
    ...and that is that you should not trust the security of your stuff to a third party. Not Apple, not "the cloud", and definitely not the government. Don't get me wrong. I am not some foil hat wearing paranoid when it comes to "the government", but I damn sure don't consider them trustworthy enough to manage my crypto keys. I'd trust a handful of cloud operators before I'd trust the government, and none of them get my keys either.

    Listen up, law enforcement, DoJ, et al. I am more afraid of your incompetence than I am any dark "world domination" motive on your part, but I am nowhere near as afraid of :"teh terrorists" as I am of you, regardless of your motive. So hands off my crypto. M'kay?

    1. Re:There's a lesson here by FlyHelicopters · · Score: 4, Insightful

      And that's all fine. Remind me again why Apple has to provide said help?

      A Judge can order a safe broken into, the FBI can hire a safecracker to break into it. If that safecracker doesn't want to do the job, they'll get someone else.

      What DOESN'T happen is the Judge directly ordering a SPECIFIC safecracker to do the job against their will, and in the process, damage their reputation for ALL safes.

      No one is disputing the FBI's right to inspect this phone. More power to them, crack away... Why exactly does Apple have to help again? Have we become slaves?

  6. The title of this article is wrong! by NicholFD · · Score: 5, Insightful

    Nicola Hahn is incorrect. No one has stated that Apple has the ability to, "remotely update code on a device automatically, without user intervention". The method the device would be updated requires DFU (Device Firmware Upgrade) mode, physical possession of the device and a USB connection to a PC/Mac: https://www.theiphonewiki.com/... Way to grab a headline, though...

  7. You need physical access to put it in DFU mode by Kjella · · Score: 5, Informative

    What they're talking about is putting the phone into Device Firmware Update mode, like this. Only then will they be able to update it remotely and on the newest iPhones that'd also wipe the encryption keys. But not on the model in question here.

    --
    Live today, because you never know what tomorrow brings
  8. Cluster Fuck by sycodon · · Score: 3, Insightful

    This is all a giant Cluster Fuck.

    It's still unclear; does the FBI want to give the phone to Apple so they can break in, or do they want apple to give them the tools to do it themselves?

    If it's the former, then Apple should get it done, then destroy the tools and cal it a day. if it's the latter, then Apple should make it clear and call them out on it.

    What is clear is that getting the data from the phone is not secondary to the Us vs Them bullshit going on now.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
    1. Re:Cluster Fuck by suutar · · Score: 5, Insightful

      from what I've read the FBI prefers the latter but would accept the former. However, Cook has said that law enforcement around the country has already said they have hundreds of iPhones they want appel to unlock if the FBI wins; if that's so, I don't think destroying the tool is going to be a viable option.

    2. Re:Cluster Fuck by youngatheart · · Score: 5, Informative

      Wrong.

      It's still unclear; does the FBI want to give the phone to Apple so they can break in, or do they want apple to give them the tools to do it themselves?

      The order clearly states that Apple is not required to provide the software created. Many people, including myself, believe that there is an unspoken motivation in this case to have a precedent which allows law enforcement to force software companies to produce software to enable access to encrypted systems, but it is a supposition not substantiated by the court documents.

      The court documents compel Apple to create software which will make it easy for the DOJ to break in, but not that Apple do the final step of actually breaking in.

      If it's the former, then Apple should get it done, then destroy the tools and cal it a day.

      Which Apple probably would have done if the DOJ had made the request under seal to keep it secret, as Apple requested. However, the government made it a public request, which supports the idea that the government wants either a legal precedent or an excuse to ask Congress to change the laws so they can force software companies to create hacking software.

      What is clear is that getting the data from the phone is not secondary to the Us vs Them bullshit going on now.

      I think that must be a typo. It is clear that this debate is not about this case, but rather what the DOJ can successfully force software companies to do, or an excuse to get new legislation so they can force hacking by software companies.

    3. Re:Cluster Fuck by sjames · · Score: 5, Interesting

      This. If it's done once, the demands will never stop. At least not until the NSA steals a copy of the hacked firmware and distributes it the LEOs everywhere under an NDA.

    4. Re:Cluster Fuck by ausekilis · · Score: 3, Insightful

      I don't think that's quite right either: zdnet has a reasonable rundown. The court order is for "Apple to provide", which I interpret as giving the gov the tool. I read elsewhere (can't find the source, maybe on /. earlier today...) that Apple requested the FBI make a sealed request and they would have complied. That hints that Apple didn't want their (potential) tool to be public knowledge.

      It's also not quite as simple as "Apple does it, destroy the tool, call it a day." It's like any weapon, once developed it's hard to put the genie back in the bottle. We can't go back from missiles, guns, bombs, etc... The technology is there, and it can't be undone. Similarly, if Apple where to develop the tool and use it in-house, then there are brains in Cupertino that know how to defeat the protection. Think of insider threat, extortion, the increased attempts to break into Apples network, etc... Not to mention the requests from law enforcement to break into other phones.

      I've never been a fan of Apple's walled garden and prefer to have control over my devices... though with their standing firm on consumer privacy that iPhone is starting to look pretty good.

    5. Re:Cluster Fuck by AK+Marc · · Score: 4, Insightful

      There are piles of backdoors into iPhones. Apple keeps them locked up and secure. The government wants the tools, not the phone. They are using "terrorism" as the reason to demand the tools.

      --
      Learn to love Alaska
    6. Re:Cluster Fuck by danceswithtrees · · Score: 5, Interesting

      If Apple is as serious as they say they are about security and privacy, they need to change the OS/firmware/hardware to make updating a phone impossible without either unlocking the phone or wiping it clean. This way, when this happens again, and it almost certainly will, they can honestly say, we can't rather than we would rather not.

    7. Re:Cluster Fuck by nospam007 · · Score: 2

      "If it's the former, then Apple should get it done, then destroy the tools and cal it a day. "

      Exactly. And additionally, make sure that after the next iOS update, that method will never, ever work in the future.

    8. Re:Cluster Fuck by parkinglot777 · · Score: 2

      TFA contains more info links, but by itself the content looks more of assumption/implication. I can't find anything from TFA showing the evidence that there is a backdoor but rather said it (see below)...

      Tim Cook protests that Apple is being asked to create “a new version of the iPhone operating system.” This glib talking point distracts attention from the reality that there’s essentially a backdoor on every new iPhone that ships around the world: the ability to load and execute modified firmware without user intervention.

      Ostensibly software patches were intended to fix bugs. But they can just as easily install code that compromises sensitive data. I repeat: without user intervention. Apple isn’t alone in this regard. Has anyone noticed that the auto-update feature deployed with certain versions of Windows 10 is impossible to turn off using existing user controls?

      Now, to answer your question about FBI, you would get the answer http://www.nytimes.com/2016/02... by following a link on TFA page.

      After December’s San Bernardino attack, Apple worked with the F.B.I. to gather data that had been backed up to the cloud from a work iPhone issued to one of the assailants, according to court filings. When investigators also wanted unspecified information on the phone that had not been backed up, the judge this week granted the order requiring Apple to create a special tool to help investigators more easily crack the phone’s passcode and get into the device.

      Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity. The result was the letter that Mr. Cook signed on Tuesday, where he argued that it set a “dangerous precedent” for a company to be forced to build tools for the government that weaken security.

      Anyway, this does not mean I trust Apple that they don't have backdoor on their device, but I would rather see an evidence or some research results that point out exactly what it is.

    9. Re:Cluster Fuck by Jason+Levine · · Score: 5, Insightful

      The demands would never stop from US law enforcement agencies. And then they would roll in from governments around the world. And then some hacker group would get their hands on the "unlock" tool and repurpose it to break into any iPhone at any time.

      If Apple breaks the encryption, there is no way that it will be just for this one phone and that's it.

      --
      My sci-fi novel, Ghost Thief, is now available from Amazon.com.
    10. Re:Cluster Fuck by Lord_Jeremy · · Score: 5, Insightful

      They already did that. The secure enclave in the iPhone 6 and 6s serves all those functions. It's essentially a black box, and itself is responsible for the unlock attempt counter and the storage hardware encryption keys.

    11. Re:Cluster Fuck by ausekilis · · Score: 2

      I'm pretty sure any coder could write code that disables "if (numtries lt 10)". That's ignoring the other question I hinted at:

      Can Apple develop software to *upgrade* a phone without user interaction?
      The fact that they are raising such a stink about this hints at yes. Though since they hold the source code, there is some security through obscurity at play here. We can only speculate as to how they would implement this tool, or what protections Apple puts on access to those bits of code (if any). This is about breaking one safety mechanism to disable another. Apple requires user interaction to install an update, which currently means unlocking the phone. This is opposite of MS's approach with Windows 10 of "Want more updates! we'll cram them down your throat then nag you to restart!", e.g. no user approval required to install. That's been the subject of a lot of scrutiny these days too.

      I'll keep with my weapon analogy. It's certainly possible that there are engineers at Apple that know how to break or circumvent different parts of this secure system. However, until it is developed and we have a proof of concept that we reach a point of no return. The folks at White Sands in the 1950's didn't know if the bomb would ever stop exploding, and now there's always global talks about cutting down on nuclear armament. It was thought up, demonstrated, weaponized, and everybody wanted it.

    12. Re:Cluster Fuck by MachineShedFred · · Score: 2

      My guess is that it's probably not possible without doing some serious work, such as imaging the phone as a "backup", wiping it, updating the OS, and then restoring the "backup" over the top, which would then restore the encrypted data. Because this phone doesn't have the "Secure Enclave" the encryption key is stored somewhere in flash, and likely would be backed up with the rest of the data.

      I know that every time there was an iOS update delivered over the air since they added that capability, it makes you put in your password / use your fingerprint to start the update, so I'm guessing that is the mechanism for getting access to the encryption key.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
    13. Re:Cluster Fuck by afidel · · Score: 2

      Because firmware updates have to be cryptographically signed with Apples signing key.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    14. Re:Cluster Fuck by mark-t · · Score: 2

      The existence of jailbreaks would seem to be evidence that you are not entirely correct

      --
      File under 'M' for 'Manic ranting'
  9. Android by Tokolosh · · Score: 5, Interesting

    Lot's of good discussion about iOS and Apple.

    I would like to have the same analysis about the state of Andriod. Can it be made secure against such backdoors? Do third-party flavors and rooting have a role? Is it possible to have a device where all software and firmware code can be examined?

    --
    Prove anything by multiplying Huge Number times Tiny Number
  10. iPhone 7 will use SE to authorize any OS updates by Anonymous Coward · · Score: 5, Interesting

    Apple has updated the secure enclave with an iOS update in the past and added additional protection, so it presumably can do an update that would REMOVE protections on the SE. So the same scenario of this phone can theoretically be applied to any existing iPhone and not just a 5c.

    So right now, Apple is making the iPhone 7 immune to this attack vector. With the iPhone7, even Apple with not be able to do a firmware modification to the SE in DFU mode. The correct user password will *have* to be entered in the iPhone7 and it will be enforced solely in the SE hardware. There will be nothing that can get around that. You can't solder on a different SE chip, you can't swap components, change the IEMI, or anything else.

    That will be the selling point of the iPhone 7. iOS 9 was software-based protection since a software update could (apparently) change the SE. Apple will disclaim they never expected their own government trying to force them to create a hacker-version of iOS, so security of the iPhone has to be hardware based. iPhone7 will have true 100% bulletproof hardware-based protection that will truly be bulletproof. And that is what they will sell.

    Then, unfortunately, the FBI will simply demand iOS source code and signing keys.

  11. What more? by NetNed · · Score: 4, Insightful

    The cell provider gave them their info and Apple gave the FBI the last iCloud back-up for the device, so what more could they actually find on the phone that would be of such a great use? I mean, I have a hard time believing that a couple of people that think throwing a hard drive in to a lake destroys the data on it would have the info on their phone not back-up to iCloud or have used something that is only obtainable from the unlocked phone itself. Add to that the story of the phones pass code changing while in FBI possession, which would be easy to track, and that the reports were that they threw their phones in the lake too. So you can find a 18 year old downloading illegal movies, but you can't track who changed the phone's lock code?? Ahhh yeahhhh, all of it together seems like some overwhelming bullshit.

    1. Re:What more? by tlhIngan · · Score: 3, Interesting

      The cell provider gave them their info and Apple gave the FBI the last iCloud back-up for the device, so what more could they actually find on the phone that would be of such a great use? I mean, I have a hard time believing that a couple of people that think throwing a hard drive in to a lake destroys the data on it would have the info on their phone not back-up to iCloud or have used something that is only obtainable from the unlocked phone itself. Add to that the story of the phones pass code changing while in FBI possession, which would be easy to track, and that the reports were that they threw their phones in the lake too. So you can find a 18 year old downloading illegal movies, but you can't track who changed the phone's lock code?? Ahhh yeahhhh, all of it together seems like some overwhelming bullshit.

      Easy. The FBI has two reasons for compelling Apple to do this.

      1) The phone itself. Think of all the credentials stored on the device that you now can access. Saved messages in WhatsApp and other IM style apps, live access to various services (perhaps they used GMail? The Gmail app or web page will show you the account and its data as well), etc. etc. etc.

      Effectively, they get access to all sorts of data without requiring a warrant - perhaps they know he had a GMail account, and then they'd need to get a warrant to get information from that account from Google. But if they can access the Gmail app from the iPhone, warranty avoided!

      2) The second part is to get Apple to deveop this software, because once it exists, it can be used over and over again.

      The case cited for the All Writs Act involves the use of pen registers. The telephone company lost purely because they were already using pen registers in their day to day operations to verify billing and check for fraud. So they can be compelled to connect a pen register up to a desired phone line because they were doing it already.

      Apple doesn't have the software, but once they do, it can be compelled into action. That's the result the FBI really wants.

    2. Re:What more? by Anubis+IV · · Score: 3, Informative

      You have a few factual errors. The passcode wasn't changed. The iCloud account password was. The distinction matters quite a bit, since one is used to unlock the phone, while the other is used by the phone to access external Apple services, including iCloud Backup. The hope here was that they could initiate an automatic iCloud backup by charging the iPhone while it was in range of a recognized WiFi network. Apple has the ability to access data that's backed up to iCloud, so they'd be able to provide the FBI with the lawfully-requested contents of the iPhone if a fresh backup were initiated, and they could do so without needing to build malicious tools.

      Unfortunately, the iPhone belonged to the county (since the shooter was a government employee). For reasons that are unknown but very suspicious since the iCloud backup technique is known to the FBI and has proven useful in the past, in the day immediately after the attack, the FBI ordered the county to reset the user's iCloud password, which the county was able to do by logging into his work e-mail that was tied to his iCloud account and initiating the password reset from there. As a result, the iPhone now lacks the correct credentials to create an iCloud backup. The FBI then tried to downplay the matter in the footnote of some court documents by implying offhandedly that it was local yokels who made a mistake, until the "local yokels" spoke up in their own defense by pointing out that they were acting on FBI orders.

      So, going back to your original question, the FBI wants one thing: a change in precedent that allows them to put a stop to strong encryption. Demanding access to the current contents of the phone (despite already having a recent backup) while sabotaging the best known way to get at it is just a means to that end.

  12. iPhone has a backdoor for Apple's own use. by fraxinus-tree · · Score: 3, Insightful

    iPhone has a backdoor for apple's own use. For a lot of people, it's OK as long as only Apple uses it. Even if they know about it, they understand it as a fair trade. Well, for me it is not OK but I am a minority so I work around the problem by not using i-devices.

    FBI wants to use this very backdoor, too. For a lot of people, this is already NOT OK. The government is pretty much different from a company you have business with.

    And it is not about the ability to crack. NSA probably has the resources to do that. FBI wants it "by the law".

  13. Re:Someone educate me, please by NetNed · · Score: 2

    After ten failed tries an iPhone can, if turned on, which by default is not, erase all data on the phone. Have a hard time believing that terrorist that throw a hard drive in to a lake thinking it will destroy it would know this about the iPhone AND have it turned on. FBI is just using this as an excuse to get it's claws in something the easy way, and set president in forcing a private company to do it's bidding.

  14. The FBI's argument. by msauve · · Score: 3, Insightful

    It's obvious that the FBI doesn't have a good intellectual or legal argument, and they're now resorting to an emotional one.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  15. A response by brennz · · Score: 5, Informative

    This is all distraction, as operating system configuration and patching is not a "backdoor'.

    The best response to the FBI's request I've read thus far comes from the noted IOS forensics security guru, Jonathan Zdziarski where he wrote the following

    An instrument is the term used in the courts to describe anything from a breathalyzer device to a forensics tool, and in order to get judicial notice of a new instrument, it must be established that it is validated, peer reviewed, and accepted in the scientific community. It is also held to strict requirements of reproducibility and predictability, requiring third parties (such as defense experts) to have access to it. I've often heard Cellebrite referred to, for example, as the Cellebrite instrument in courts. Instruments are treated very differently from a simple lab service, like dumping a phone. I've done both of these for law enforcement in the past: provided services, and developed a forensics tool. Providing a simple dump of a disk image only involves my giving testimony of my technique. My forensics tools, however, required a much thorough process that took significant resources, and they would for Apple too.

    The tool must be designed and developed under much more stringent practices that involve reproducible, predictable results, extensive error checking, documentation, adequate logging of errors, and so on. The tool must be forensically sound and not change anything on the target, or document every change that it makes / is made in the process. Full documentation must be written that explains the methods and techniques used to disable Apple's own security features. The tool cannot simply be some throw-together to break a PIN; it must be designed in a manner in which its function can be explained, and its methodology could be reproduced by independent third parties. Since FBI is supposedly the ones to provide the PIN codes to try, Apple must also design and develop an interface / harness to communicate PINs into the tool, which means added engineering for input validation, protocol design, more logging, error handling, and so on. FBI has asked to do this wirelessly (possibly remotely), which also means transit encryption, validation, certificate revocation, and so on.

    Once the tool itself is designed, it must be tested internally on a number of devices with exactly matching versions of hardware and operating system, and peer reviewed internally to establish a pool of peer-review experts that can vouch for the technology. In my case, it was a bunch of scientists from various government agencies doing the peer-review for me. The test devices will be imaged before and after, and their disk images compared to ensure that no bits were changed; changes that do occur from the operating system unlocking, logging, etc., will need to be documented so they can be explained to the courts. Bugs must be addressed. The user interface must be simplified and robust in its error handling so that it can be used by third parties.

    Once the tool is ready, it must be tested and validated by a third party. In this case, it would be NIST/NIJ (which is where my own tools were validated). NIST has a mobile forensics testing and validation process by which Apple would need to provide a copy of the tool (which would have to work on all of their test devices) for NIST to verify. NIST checks to ensure that all of the data on the test devices is recovered. Any time the software is updated, it should go back through the validation process. Once NIST tests and validates the device, it would be clear for the FBI to use on the device. Here is an example of what my tools validation from NIJ looks like: https://www.ncjrs.gov/pdffiles...

    During trial, the court will want to see what kind of scientific peer review the tool has had; if it is not validated by NIST or some other third party, or has no acceptance in the scientific community,

    1. Re:A response by edtice1559 · · Score: 2

      But this assumes that the data is wanted for prosecution and it has to be admissible. Seems reasonable that they might just download the contact list and start investigating those people. The data from the phone will never actually be used in court. So in that case, they don't need an instrument, just the facts, so to speak. Ed

    2. Re:A response by guruevi · · Score: 2

      If you want to maintain the constitution (I know, it's far fetched), all evidence must be processed as described above. If the FBI gets a contact list from the phone and decides to prosecute an individual, all the defense has to do is "well, how did you get that phone number" and if the evidence isn't good/correct or the FBI tells them that it just magically knew who to talk to, it's highly likely that the case gets thrown out right then and there.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
  16. It's not all Apple's fault by smooth+wombat · · Score: 5, Informative

    Something which I had been questioning from the day I heard the phone was not the terrorist's but owned by a country government in California, couldn't something such as AirWatch be used to unlock the phone?

    My answer came over the weekend when I read this article which stated the county paid for but never installed such software.

    Having been responsible for setting up iPhones for a state agency, one of the steps was installing AirWatch which we did have to use on a few occasions when people locked themselves out.

    Not installing such software is either incompetence or laziness on the part of the IT folks who handed out these phones.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
  17. Re: So the vulnerability is the updating mechanism by n0creativity · · Score: 2

    You must have missed all of those FACTS stating otherwise. Apple has confirmed that they CAN do what the DOJ is asking, but they don't WANT to because they feel, and I would agree, that it sets an extremely dangerous precedent. I haven't seen any definitive information indicating whether the update can be done OTA or must be done via a USB cable and booting into a low level mode. Either way, the fact that a device can have it's software and/or firmware updated without user intervention is a security hole, but seeing as the software and/or firmware must be signed by Apple, I'm not sure I would classify this as a 'backdoor' unless, of course, those signing keys are in the wild. I would add citations but I'm on my Android phone and feeling to lazy to do so.

  18. Re:Dumb Pre-Paid Phones? by Vokkyt · · Score: 2

    While some of this is true, I think the real answer is even simpler: they're disposable.

    There's a reason that the phones are called burner phones; if it gets trashed or destroyed for whatever reason, you're not out anything except an easily replicated list of phone numbers.

    Likewise, a lot of burner phones just don't have many of the tattle-tale features that smart phones do; older models lack GPS, very little on-board memory for logging, and so on.

    While law enforcement certainly does have the means to spy on these phones, the ability to rapidly dispose of and cheaply replace them is why they are still useful.

  19. Re:Word on 'net by youngatheart · · Score: 2

    I hope you're right, but SCOTUS says money is speech and people are still compelled to pay money.

    The issue of compelled speech is not completely settled either. The courts have ruled both that it can be and that it can't be depending on circumstances.

    http://www.firstamendmentcente...

    https://www.washingtonpost.com...

    https://www.researchgate.net/p...

  20. Re:Puh-leeze. It's an iPhone. by Thud457 · · Score: 4, Funny

    Atari Phone is clearly best phone.
    It has genuine woodgrain vinyl overlay.

    running vi, naturally

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  21. Smoke and Mirrors? by JustNiz · · Score: 2, Insightful

    I'm seriously wondering if this whole thing could really just be a giant PR/marketing exercise by Apple, when in fact they are already complying with the NSA?

    http://www.theguardian.com/wor...

  22. Re:Puh-leeze. It's an iPhone. by ewibble · · Score: 2

    To me that is the very definition of a back door, apple can install arbitrary software on your phone without your consent. That is make your phone do whatever apple wants without consent.

  23. Re:Apple is wrong, but so is the FBI by mark-t · · Score: 2

    The biggest reason why Apple would not help, other than the possibility that there is no help they are capable of offering (which is conceivable), is that by doing so, they would be confirming beyond any shadow of doubt that it is even actually possible.

    The realization that something is physically possible is a *HUGE* incentive for some people to try and figure out how it is done, and if Apple can do it, then so can other people... people with much more nefarious intentions than even an untrustworthy government.

    --
    File under 'M' for 'Manic ranting'
  24. Re:Puh-leeze. It's an iPhone. by XXongo · · Score: 2

    To me that is the very definition of a back door, apple can install arbitrary software on your phone without your consent.

    Um, what hardware do you have upon which it is impossible for someone with physical control of the hardware cannot install software? -and if your answer is, "but at least I can encrypt my data"-- you do know that the proposed software that the FBI demands that Apple write doesn't actually get them into the phone; it just gives them the opportunity to brute-force the password.

  25. Re:iPhone 7 will use SE to authorize any OS update by fulldecent · · Score: 2

    If the SE is designed correctly then even publishing the source code and signing keys will not allow recovering the encryption key.

    That's what the S stands for!

    --

    -- I was raised on the command line, bitch

  26. There's always a backdoor by lylefile · · Score: 2

    Isn't there always the option of reverse engineering at the hardware level? Authorities could always pop open the flash and then use an electron microscope to read the current state of memory. They could then either reverse engineer the whole thing, or, perhaps less expensively, clone it into another phone and cycle through the pass codes to find the right one. If the phone bricks, reinitialize and keep going, or use another cloned phone. Expensive, but at least this ensures that they'll only do this for phones they're **really** interested in cracking. I'm sure the CIA and NSA would have to do this with some of the (foreign) equipment they come across, so they must be pretty good at it by now.