Slashdot Mirror
Apple Is Said To Be Working On an iPhone Even It Can't Hack (nytimes.com)
An anonymous reader writes with this story at the New York Times: Apple engineers have already begun developing new security measures that would make it impossible for the government to break into a locked iPhone using methods similar to those now at the center of a court fight in California, according to people close to the company and security experts. If Apple succeeds in upgrading its security — and experts say it almost surely will — the company would create a significant technical challenge for law enforcement agencies, even if the Obama administration wins its fight over access to data stored on an iPhone used by one of the killers in last year's San Bernardino, Calif., rampage. The F.B.I. would then have to find another way to defeat Apple security, setting up a new cycle of court fights and, yet again, more technical fixes by Apple.
I want security, but if access to the data on the phone could potentially save lives, that seems pretty important too.
So basically Apple is telling me that unless I upgrade to the next iPhone, they might sell out my data to the cops, NSA or ???. That's great.
"Treason against the United States shall consist only in levying war against them, or in adhering to their enemies, giving them aid and comfort. "
Developing a measure with the explicit intended goal to deny the US Government Legal access to any random State enemy's communications device by demanding brute-force decryption software through lawful order by making an alteration solely intended to render that as impossible could be argued as an act with the sole intention of "giving aid and comfort".
How much of this is theatre? Is the only improvement is to make it more difficult to download new software while the phone is locked? Which models does this apply to - is it a hardware change that applies only to new models, or is it just an OS change that might also apply to some (or all) older models? From the prior discussions here on slashdot I came away with the impression that there are hardware modules (secure enclave???) on newer model iPhones that would render useless the OS changes requested by the FBI.
They should unlock the phone if they can, then fix the bug that let's them unlock it.
Also, is systemd still supported mostly by creepy dudes that fondle goats inappropriately?
After a good-bye tax, of course.
Microsoft is disguising "Tips and Tricks" as a way to sell out your lock screen and is having you store your files on their cloud so that the government, Microsoft, it's "partners", and advertisers have full access to all your data.
Guess I should consider looking at OpenBSD
Sig: I stole this sig.
AAPL makes software and hardware in "response". Yea!!
It would be trivial for Apple to disable all IPSW image installations without a unlock code making what the FBI requested technically impossible, however if the FBI were to prevail in court the Judiciary is likely to take a dim view of Apples actions
you never know who gets hacked.
If Apple is all-powerful, can they make a phone that they can't hack?
HA HA HA! We got him now!
Maybe they're coming out with a phone not marketed towards fags?
Just legalize cocaine for those dirty aristocrats fill their asses and they will forget about the government.
Why does apple get headlines for doing what they should have done in the first place? Anything else is a broken, insecure device. If the vendor has a backdoor, it's not secure, whether they allow the government to access it or not.
Can God make a chili pepper so HOT that even He can't eat it?
Yeah, makes you think, doesn't it?
...omphaloskepsis often...
What I haven't heard yet is where Android lands on the security spectrum. Are they already as or more secure than what the rumors are now saying Apple is trying to achieve? Are they as or more secure than where Apple is right now? Are they as or more secure than where Windows is right now?
Than some stupid phone.
And then the FBI will demand the source to iOS, toolchain, and Apple's signing keys.
The U.S. Government can conceivably ban the sale or possession of that type of phone.
They do it all the time with other products, or require licensing and training and over site after purchase.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
I suspect that Tim Cook as an LGBT individual, has an intimate, proximate, and/or cultivated personal interest, with historical and current backing, in personal privacy. In these particular circumstances, it would express itself as the importance of data privacy on a personal device.
If I had to guess, it could come down through the ranks indirectly as unstated support from the top.
to the data on the phone (disabling wipe after 10 attempts) - is the phone really all that secure?
The security "war" is not longer about country versus country, but about "the people" versus the government.
that way they'll have some skin in the game. Cupertino population density according to WP: 5,200/sq. mi. --- Manhattan population density --- 71,671
This issue become if another country that is not bounded by the search and seizure laws (China) forcing a deep investigative search of all phones entering the country, and possibly leaving long term trap doors in the phone. If this person later becomes a person of interest (for any reason) the country immediately downloads your entire phone remotely and turns it upside down looking for sedition/treason.
Any knowledgeable international travelers already know to leave their laptops at home or bring a burner laptop on the assumption that Chinese customs and immigration *will* load your computer up with five different flavors of spyware during the immigration process. I expect they would love to do the same with every phone that enters the country.
Architectural plans are like computer source code with a couple of differences: You only compile once.
This is how Apple should have designed these phones from the start. We've only had the necessary technology widely and cheaply available for, oh, about, 25 years?
Why does apple get headlines for doing what they should have done in the first place?
Why do you think Apple should have "in the first place" required a PIN code to install an OS update? As a technologist do you not find it reasonable you should be able to put the phone into a recovery mode and then install the OS again in case something was messed up?
Indeed if it's what they "should have done" then you must be apoplectic that no other company has taken this "obvious" step to date.
Should you be required to log into your PC in order to install an OS?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
to the data on the phone (disabling wipe after 10 attempts) - is the phone really all that secure?
It's not that the data is automatically accessible, it's that if your PIN is only four digits, then it's easy to brute force (which is that the FBI wants to do: go through all ten thousand combinations).
If, however, you enable "complex passcodes", and you enter a 10+ character string, then it's going to be a lot harder to go through all the combinations--even if Apple is forced to help.
At a moment very very soon, the US Government should determine that Apple Inc. is and Enemy of the USA and take the most direct measures to annihilate Apple Inc. and it's ... Fuhrer.
Mr. Timothy Donald Cook and Apple Inc. are the cancer within humanity.
Bye Bye
Precisely ... When I aim my 9 mm out the window I have a really good grip compared to when I am grasping my cell phone, texting down the highway at 80 mph, primed to kill someone as soon as auto-correct makes me bring the screen closer to my face.
Go ahead, I'll wait.
I'm not sure why it's so hard to just say the truth instead of wishy-washy crap like "I think it depends on the OEM". We aren't having this debate about Android phones because it is trivial for the FBI to crack an Android phone.
Presumably you've made a perfectly secure smartphone yourself--that would certainly justify your 'holier than thou' attitude. Can you point me to where I can buy it?
Failing that, just point me to any perfectly secure consumer computing device. Go ahead, I'll wait.
I RTFA this time. It, like so many other other articles, missed the actual legitimate issues of the case. Every time you read an opinion that says Apple should "unlock the phone" or "decrypt the phone" misses the point that Apple must create software which doesn't exist. Whether Apple should do that or not is itself an interesting discussion, but the real issue here is whether government agencies should be able to force software companies to create hacking software, especially when the software company isn't accused of breaking any law in the case.
I don't have any issue with the idea that a government agency should be allowed to create hacking software. I wouldn't object if the NSA had required Apple to sign a software update created by the NSA for the purpose of hacking into the phone. In fact, I think that's what the government should do. However, I'm very troubled by the fact that most people are in favor of Apple being forced to unlock a phone when that's not what is really going on.
Compulsion of speech is an issue that has been supported in food labeling laws and denied in other cases. Creating software is fundamentally different than providing existing information. I believe creation of software is a form of speech, and I think the courts have upheld that viewpoint, so this case is really hinging on whether a judge under "All Writs Act" has the authority to force someone, not even someone accused of a crime, to create something new.
I think it is important in this discussion to understand how the software the government wants Apple to create would work. Apple updates happen automatically for phones which automatically connect to a known wifi access point. Those updates don't just get pulled from Apple though, the phone creates a code which is encrypted with Apple's public key, so that only Apple with it's private key can decrypt. The update is then provided to the phone, with the code provided by the phone re-encrypted so that only the phone can decrypt it, and only then is the update, signed with Apple's key, loaded into the phone.
If the government wanted to, they could require Apple to provide source code to their existing software and the government could modify it and either ask Apple to sign it or require Apple to provide its private key. However, by requiring Apple to create the hacking software, they're introducing an idea that software companies cannot refuse to create software when required by the government. Once someone does something for a government official, often that's taken as a reason that the government can require them to do it again. (See In re Boucher - case citation: No. 2:06-mj-91, 2009 WL 424718)
Apple had asked that the request be sealed, thus kept secret and not able to be used as precedent but the Department of Justice refused and thus made their request both public and able to be used as precedent. If they succeed in forcing Apple to create hacking software they get access to the information on this phone, but more importantly, the hundreds or thousands of phones they'd like to access are much more likely to be accessed by forcing Apple to repeat the process over and over. Apple doesn't want to be in the business of creating hacking software for the government. Much of law enforcement would consider this a victory, but I think the FBI is hoping to lose this case as a general might be willing to lose a battle, in order to win the bigger war. By losing the case, the FBI gains public support that they can use to pressure Congress to create laws forcing software companies to build in backdoors. Such a thing could be done securely, so that it wouldn't open the software to hackers. I have zero faith that Congress or software companies actually would do it in a secure way, but that's not the reason I am against the backdoor. Encryption is math and the math is known and freely available to anyone who searches for it. The ability to create securely encrypted software is something that can't be made to disappear, but it can be made illegal to do in the US. By d
"This couple purposely and specifically destroyed their phones and computers before going on their rampage. Do you really thing they left incriminating evidence on the guys's work phone?"
Its interesting to consider that by leaving their iphone in the situation they did, this terrorist couple may end up doing far more damage to US society than their shooting spree...
I have disliked Apple since i used apple IIs as test beds in test engineering. Apple pascal was an abortion and it only got worse from there. Apple hardware is real nice but the company was never going to get my support till it stopped being so tight fisted with their hardware. That being said I applaud Apple for fighting the proper fight. Today's smart phones have so much in them that I would consider them a brain extension. Do you want the government to have access to your brain? No I thought not. Cheers to apple.
They'd better be working on this entirely from outside of the country, otherwise I wouldn't put it past the various U.S. agencies to try and sabotage this next release somehow, either via hacking legal asshattery, or both.
The only reason they really go this far is to protect celebrities, not normal people.
(For this, I'm thankful to have an Android phone)
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
It would be nice if this issue would generate additional discussion and action to fix the failure of technology companies as a whole for delivering secure products. It is clear that computer science departments in the United States have failed. It is also clear that many companies are failing. Computer scientists should have a mandatory requirement to take a class in cryptography. Students need to learn concepts about securing communications, data on devices, and creating solutions to authenticate users and commands passed to software. They should also be required to take a senior level elective on ethics and be made to study case studies on the impact to society and economies due to poor design and implementation of software systems.
There have been several stories on Slashdot about the total failure of IoT devices. Reading about the failures in design of the software solution made me think that 'software hacks' made the systems and not professionals. There is a lot of energy and passion being spent by technical folks on both sides of the Apple and FBI/DoJ issue. I for one would love folks on Slashdot who are in product development to turn this passion into improving security of products as a whole at their companies.
Then Apple is one San Bernadino event away from being on the wrong side of things.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
If Tim Cook cannot produce an iPhone that he cannot hack, would that constitute proof that he is not omnipotent?
how much of this is just an attempt by the FBI to convince everybody that they don't already have a quantum computer that will break anything?
Sheesh, evil *and* a jerk. -- Jade
If the lack of security--due to government mandated back doors--allows for state sponsored persecution of innocents, enemy state or NGO attacks, etc.
There is no back door. There is only Apple digitally signing a modified version of iOS. That's it, just like with every patch for iOS that goes over the wire.
What the FBI needs is for a modified version of iOS that skips the delays between passcode entry attempts and destroying the encryption key currently used if there are too many failed passcode attempts. Apple could add code that limits this version of iOS from running on any other iPhone. Apple's digital signature would prevent the FBI from using this version on any other phone, exactly the same way the FBI can not hack around and change iOS themselves today. Apple could unlock this phone without giving the FBI a tool that could be used on any other phone.
The real problem is that the government's claim that this is a one time event is bogus. I don't see why any judge on any case could not order similar technical assistance from Apple.
As for this supposed unhackable phone. All it would require is that the passcode delays and encryption key destruction after too many failed passcodes be moved into the hardware and not be in iOS where it is "patchable".
The only "vulnerability" is this case is that Apple potentially has the ability to push new firmware onto this model of iPhone (the 5c) using its own signed certificate, even if the phone is locked. The FBI wants this new firmware to do two things: (1) bypass the "10 wrong tries on the unlock code and the iPhone erases itself" routine and (2) reduce the time interval between unlock code entries.
Note that Apple can introduce code to this modified firmware/iOS so that it only runs on this one particular phone. The FBI would be no more able to remove this restriction than they can remove the current passcode delay. Apple's digital signature can prevent this code from being used on any device.
Also note that making the firmware unpatchable in unlikely. More likely is that the passcode entry delay, and maybe the encryption key destruction after too many failures, would be moved into the hardware, permanently embedded into the silicon. Unpatchable.
What is more: the current line of products with their "secure enclave" chip and so, are already supposedly unbreakable by Apple themselves. So is this an admission that Apple can actually break into the current iPhone 6 line? Or do I miss something here?
More secure in the sense of defeating the encryption since part of the key is embedded in silicon and "unreadable"? Which is something quite different from your passcode which is normally all that prevents one's data from being decrypted by all this fancy hardware. Unless the passcode retry delay is burned into silicon, part of a processor, it would seem to be software that is patchable. If so the only thing the FBI needs is for Apple to digitally sign a tampered iOS or firmware.
On a positive note if Apple provides the modified firmware/iOS then they could make this modification only run on the one iPhone in question. Their digital signature would prevent the FBI from altering this code, just as the FBI is prevented from altering any of the current code.
The real problem is that if one court can compel Apple to do this than any court on any case can likewise compel them. Any claim that this is a one time thing seems false, in what way is any court so limited?
This is called flaunting.
we forgot to turn it on.
Apple can never create a secure phone unless it completely destroys itself the moment it leaves your hand.
Remember back in the Jobs days when Apple sold music with digital rights (mis)management? Back then, they would re-update iTunes to re-encrypt every time the music player's encryption dll was (re)cracked.
So now it's a new decade, but same old same old cat-and-mouse game, except that:
This time it's Apple doing the cat and mouse game with its own people :).
Don't get too excited, folks. It's unlikely that such a device will ever be released. The governments will make sure that it will be banned, as are drugs or explosives. If current laws don't allow this, then they will be changed. And Apple knows this very well. They are making this news only as a tool in their negotiations with the FBI and DOJ.
If he was still alive today, I wonder what say and do about this privacy issue.
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
apple do not make guns.
Although if they did, they'd be amazing looking
and only shoot rubber bullets
Excuse the Unicode crap in my posts. That's an apostrophe, and slashdot is busted.
the power was off.
So you're only willing to sacrifice someone else, most likely some normal person, just to stick it to the government?
At the very least, an Apple phone is now the mark of a criminal or terrorist.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
What happened to good old-fashioned police work? When did it all go down the drain, when did people begin to even accept such a thing as lazy law enforcement that simply wants to have access to every tiny bit of a person's privacy?
almost certainly, emotions aside 14 dead people is not really a concern for anyone but those directly involved. ~90 people die in traffic accidents every day
>Every encryption is hackable, it might just take the 'lifetime' of few universes to do it.
There's 100% completely utterly unhackable and there's 99.99999999% when someone without the budget of top10 1st world country can't.
The later is good enough for most practical purposes.
The funny thing is you know out there somewhere someone has already done it.
Security is something that is in the control of the end users. You choose the level you want.
On the other hand, Apple only designed their security to protect celebrities and people of means.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Only if you consider choice to be a problem.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Apple already has given away the backdoor but they are positioning themselves so that they look like they care about their customer privacy.
Please, just stop this cyber-punk pink unicorn cloud-castle daydreaming, stop it now! Why?
- Uncle Sam can resort to the old and efficient 5$ wrech and hose method.
- Apple execs can die, in shipwrecks of their yachts, contacting unexplained illnesses, during bizarre sex acts, etc. Next round of Apple CEOs will wizen up that it is better to play golf alongside politicians in office. The political elite is ruthless, for them ritual human sacrifice is as common as boiling an egg.
- The giant called Nokia was intentionally wrecked for as little as getting US permission to buy 72 units of JASSM-158 stealth cruise missiles. Apple is now the new Nokia. There is a price, where US national security concerns or political-military interests justify wrecking Apple and replace it with Teslaphone or whatever.
Encrypted filesystem, tiny OS kernel stored as on-chip PROM and a bit of NVRAM. Sorry, no updates to it are possible so they'd better get all the bugs out before release. Kernel has just enough to support to display a prompt and accept the PIN, set up encryption, relinquish control of screen and keyboard and trigger a real OS boot, presenting plain data to the device as if it were a disk controller or memory stick. The phone or whatever doesn't know its data is encrypted.
Let's say three strikes and you're out. First time it's used, a random salt is generated and 3 copies of the salt are written to its NVRAM, along with a hash of the PIN. The encryption key is hash(salt+PIN). Destroying all copies of the salt would render data inaccessible.
Every time a PIN is entered (attempt x=1,2,3) its hash is computed and then salt(x) is read into memory, then salt(x) is destroyed in NVRAM (zeroed). Then the hash of the PIN is checked against the stored hash.
If the PIN is bad, we move on to the next entry. salt(x) remains destroyed.
If the PIN is good, the salt held in memory is rewritten to salt(x), un-destroying it. All other salt() entries are checked to see if they match the salt stored in memory and if they don't match, they are rewritten so there are now 3 good copies. Then encryption is set up and the boot proceeds.
This using of three salt buckets and always writing to them is to protect against a brute force attack where the attacker power-cycles the chip to gain "free" attempts. But also, if you use separate "game over: you lose" code that sets out to destroy the salt, a side-channel attack may be possible where the attacker listens to chip emissions to detect it starting to run and aborts it somehow. By destroying a copy of the salt on every attempt the chip's emissions should offer little or no clue of such branching behavior.
A downside is that yes, NVRAM is being written to and will degrade over time. That's why it is good to have good escrow system in place so the government can help you recover your data. /SARC It probably wouldn't hurt if on first use the user has the option of selecting the salt rather than random generation, and a separate option (after successful PIN entry) that displays the salt. This would allow a technician to ''migrate' you onto a new chip that can access the (copied) encrypted filesystem. And the chip itself should be removable so in case of a device failure it can be moved to a new one.
<blink>down the rabbit hole</blink>
Is there anything a company can do with the software in a phone they provide to make sure it isn't being used illegally?
I love Jesus, except for his foreign policy.
...by the FCC. Apple is not free to flout the law. Apple has no right to be communications provider to world terror.
Error 53.
Best Slashdot Co
More power to them!
The government does NOT have the right to do whatever it wants whenever it wants...
The government does NOT have the right to what you know (5th Amendment).
This only applies to self-incrimination.
Read the whole thing: "... nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation."
An article explaining the logic:
* http://arstechnica.com/tech-policy/2016/02/forget-the-1st-amendment-apple-to-plead-the-5th-in-iphone-crypto-flap/
With the way the internet works, it is IMPOSSIBLE to create a hack proof phone. First the auto updates, The phone has to get updates from somewhere, That somewhere is a closely guarded secret for a reason. If the hackers got a hold of that site, and spoofed it, You could in theory update the phone to whatever hack you wanted. Second there is the downloaded content every time you go on the internet, A small rookit, on a site that the user sets to allow, POOF its hacked. In some cases the user does not even need to "allow". People without a background in security should NOT be writing stories and spreading rumors about security.
This is Obama, pure and simple. The most anti-constitutional President ever. He studied the Constitution so he could DEFEAT IT.
Apply the same reasoning, and you'd have:
The court has already established a precedent here that saving a life is subordinate to the right to privacy.
If she ever suspected that I was cheating, there'd be no stopping her from getting into my phone.
I was wondering about this...thank you for posting.
Fist if is made by humans it is hack-able. This has been proven time and time again.
Second if they make it and know what keys/software/code they used they can undo it or come up with some way around it.
Apply may increase their profits by providing false sense of security, but it is just delusional to assume there is any security in your phone against governments and regimes of big countries. Everything on it can be read using zero-day exploits and you will never know it was read. Even if your phone is locked and you are dead and can't readily provide pin code to interrogator with a big wrench, he can always hire electronics engineer, connect your phone RAM and ROM and change all the bits he needs to brute-force full access. Very long unpractical passphrases may give another level of security illusion, but basically it is very old dilemma - you are trying to create security on device that is connected to all kinds of communication channels and can't be trusted at all, you have no clue what exactly is running on it at given moment of time.
Step 1.
Ban iPone from Federal procurement and possession by Federal agencies and employees personal iPones on Federal property.
Step 2.
FCC revokes iPones access to telecommunication codes and airways.
Step 3.
Arrest Mr. Timothy Donald Cook, CEO Apple Inc. for conspiracy, interfering with a Federal investigation, destruction of Federal property, accomplice to the murders of 14 and accomplice to terrorism, treason.
BOOK THE GOAT FUCKER Dan'O!
Although I disagree with Apple's stance (because you don't have the right to privacy once a warrant is issued, and that includes data in computers, labtops, and yes your phone) I see the creation of an unhackable phone to be inevitable. Strong encryption coupled with impossibly hackable hardware is coming, like it or not.
No subpoena or search warrant will allow a government to get the data, because the device will be unhackable. And although the judge can stipulate that you are out of order and are in contempt of court for not providing your password (and thus, could be imprisoned basically indefinitely on continuing counts of contempt) this would in no way help at all when faced with a dead terrorist.
It's very much like gun control after everyone has 3d printers and cad software able to print guns. You can make all the laws controlling guns you want, but if I can just print one out in my bedroom, it'll be moot.
This is probably ok. The FEDS certainly have poisoned the well of trust. We're in a post-snowden world where a large majority of people don't trust the government, and a signficant minority believe the government to be 'the enemy'.
What we need to do is fix the government and its agencies so that the damaged trust is repaired. It's a dangerous position to be in when a society doesn't trust their government. That's when civil war breaks out and democracies fall. This won't be easy or quick, and may be painful as some in the government lose their power, jobs, castles in the sand etc.
Apple Is Said To Be Working On an iPhone Even It Can't Hack
It's like that old rhetorical question about if Jesus is all-powerful then can He microwave a burrito so hot even He couldn't eat it?
- First they ignore you, then they laugh at you, then ???, then profit.
Don't worry. They have enough folks controlling guns. They hire new folks to control phones. They will hire new folks to control what you eat tomorrow morning. They will hire new folks to monitor the cams you will be required to have up in your house.
Don't worry. Your wish is on the way.
I'll bet they're doing it with people who are not US subjects, and through a management chain which removes them from US legislation. And they've got enough financial and political muscle that they may make it stick.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
The only reason they really go this far is to protect celebrities, not normal people.
(For this, I'm thankful to have an Android phone, which gives more options)
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.