Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Should Try To Unlock iPhone Without Apple's Help, Lawmaker Says (csoonline.com)

Posted by timothy on from the seems-reasonable dept.

itwbennett writes: Representative Darrell Issa, a California Republican and former car-alarm entrepreneur, has suggested that the FBI try unlocking mass shooter Syed Rizwan Farook by copying the hard drive and running password attempts until they find the correct password. Bruce Sewell, Apple's senior vice president and general counsel, said during a congressional hearing that, although the company doesn't know the condition of the shooter's iPhone, Issa's approach may work.

22 of 254 comments (clear)

  1. Seems like... by __aaclcg7560 · · Score: 3, Insightful

    Someone is confusing the iPhone with the iPod Classic.

  2. This guy over here.... by wkwilley2 · · Score: 3, Insightful

    This guy's so far behind the times, he thinks an Iphone has a hard drive in it.

    --
    Have you ever fallen asleep at the keybhanusdiog?
    1. Re:This guy over here.... by theCzechGuy · · Score: 3, Insightful

      He's still ahead of FBI.

    2. Re:This guy over here.... by DigiShaman · · Score: 3, Insightful

      I'll give the benefit of the doubt that he's using the word hard drive interchangeably with storage. Now, if he actually thought he could pull the platters apart vs pulling data off with a cable or a manual flash chip migration to a breadboard, then yes, he's a fucking moron.

      --
      Life is not for the lazy.
    3. Re:This guy over here.... by halivar · · Score: 5, Insightful

      He called it a hard-drive, not a hard-disk. Honestly, we're splitting hairs about shit literally no one that does not frequent technology blogs gives a crap about. This is especially true because the HDD/SSD distinction has no bearing on the merits of his suggestion.

    4. Re:This guy over here.... by ImprovOmega · · Score: 5, Informative

      The iPhone's flash drive is encrypted. The key is securely stored. If you guess the lock code incorrectly 10 times then it's not the hard drive that's erased, it's the key that is irrevocably destroyed. At that point it doesn't matter if you have a bunch of copies of the disk, you have a bunch of garbage and the only key in the universe was just wiped out.

    5. Re:This guy over here.... by mrchaotica · · Score: 3, Insightful

      Are they actually serious? I assumed this was the way that it was always done; for as long as I can remember it's always been pointed out that self-destruct traps are essentially pointless as no serious attacker would be so grossly incompetent that they'd try to break into the original.

      The difference is that on iPhones, Apple has managed to design the system in such a way that breaking into the original is the only practical choice. I mean, they can make a copy, but that means they have to copy the code hard-wired into the encryption chip, not just the data in the flash. To copy that chip, they have to very carefully physically disassemble it with acid and lasers, and then examine the circuits with an electron microscope.

      And if they care that damn much then that's exactly what they should do, not force Apple to create a tool to allow the FBI subvert everybody else's security at-will.

      --

      "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

    6. Re:This guy over here.... by MachineShedFred · · Score: 3, Interesting

      Well, the trick (as I understand it) is that the phone uses the CPU's internal UID as part of the AES-256 key, ensuring that all cracking attempts must be done on that phone. There's no way to read the UID out of the CPU without extreme measures.

      --
      Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  3. Re:yes they should by theCzechGuy · · Score: 4, Informative

    Have you even read the summary? How would the iPhone do that if they make binary image of the storage? Can it magically format other storage devices as well?

  4. Re:It's not about the phone... or the crime by halivar · · Score: 3, Insightful

    In this case, the suggestion is (perhaps accidentally) correct in that it is the FBI's job to discover evidence in their own possession, not Apple's. The burden of cracking the phone should be on the agency.

  5. Re:How Long Have You Got by Anonymous Coward · · Score: 5, Funny

    It all depends on password strength. If it is based on a PIN number (4 digits), then it is of course very very easy to brute force decryption. If it is based on finger print, it is even easier: a finger print is 1 digit only! /ducks

  6. Re:yes they should by operagost · · Score: 4, Interesting

    That isn't the problem, but the real problem is that the private key is kept in NAND memory, not the flash memory (what they're calling the "hard drive"). The FBI isn't already doing this because it's really hard... mathematically hard. As in, unless they have quantum computers we don't know about, they won't be able to figure out what's on that phone for eons. And without the private key, it would be hard to even know the difference between the encrypted gobbledygook and the unencrypted data if you crack it.

    I maintain that they are pretty sure that there's nothing of value on that phone, and that this whole exercise was a ruse to gain government backdoors to encryption because, terrorism.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  7. Re:yes they should by Thanshin · · Score: 5, Funny

    and watch the phone format itself after they fail.

    Ladies and Gentlemen, the answer from a 6 digit Slashdot member. It manages an almost perfect balance between trollish and imbecilic, while leaving no doubt about the fact he didn't RTFA.

    At 5 digits, his reply would be a dupe of a previous one, and you'd understand he doesn't even understand the concept of the article.

    At 4, the comment would just be an anagram of both "first post" and a bodily fluid.

    Reading a 3 digits comment would be akin to hearing the voice of God.

    At 2 digits, the words shape the chaos into reality.

    Not even Gods speak about single digit comments. And when they do it's in weakly whispers. For such power is better to leave asleep.

  8. Re:yes they should by MachineShedFred · · Score: 4, Informative

    No, not on the iPhone 5C it isn't.

    The 'Secure Enclave' is 5S, 6, 6+, 6S, and 6S+.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  9. Re:yes they should by MachineShedFred · · Score: 4, Funny

    7-digit ID talking shit about 6-digit IDs. Now I've seen it all.

    --
    Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
  10. Re:yes they should by bleh-of-the-huns · · Score: 4, Informative

    This is incorrect. The phone does not store the key anywhere. The key is made up of the phones unique identifier value, and your pin, combined to make the key. What they can do is use acid, high powered visual equipment and lasers to try to determine the unique identifier from the iPhones CPU, and then try to brute force that with various pin numbers.

    --
    I came, I conquered, I coredumped
  11. They should do it, but they haven't. Why? by Anonymous Coward · · Score: 4, Insightful

    The answer is easy. They are not interested in the contents of the terrorist's phone as much as they want a magic key that will unlock anyone's iPhone anywhere. The NSA already has all the metadata from this phone recorded anyway, so the whole alarmist search for the phone's contents is a front for the government's overweening desire to pry into everyone's life.

  12. Re:yes they should by jandrese · · Score: 4, Informative

    Low UIDs aren't that uncommon. There are 899 three digit UIDs. That would be a pantheon dwarfing even the Greek gods of old.

    --

    I read the internet for the articles.
  13. this whole thing is fishy to me by argStyopa · · Score: 4, Insightful

    What I fundamentally don't understand is this:

    EITHER
    a) if this is GENUINELY a mattter of national security, the FBI could actually hand the phone to the NSA and get the information in about 30 seconds but for some reason isn't doing so, or
    b) the NSA's upteen-gajillion-dollar "black" budget has pretty much enabled them to record/analyze/store only the utterly banal unencrypted conversations that you could hear just sitting and listening to the guy next to you at the coffeeshop, ie almost entirely wasted on stupid crap.

    I don't see really any other alternative.

    I'd expect, for example, that Russian and Chinese government communications are ROUTINELY of a higher level of encryption than the bloody iPhone you can buy at the mall, and yet the NSA's *job* is to listen in on that stuff and they claim that they're pretty damned good at it?

    --
    -Styopa
  14. Re: yes they should by TWX · · Score: 3, Insightful

    Now you're just being pedantic.

    The FBI should copy the contents of the storage medium to another storage medium and attempt to brute-force it. That's what the lawmaker is saying in a nutshell. This lawmaker is actually making our case, that it's not Apple or any other vendor's job to break their own security, that it's the investigating agency's job to essentially prove its case by doing that work itself. Stop attacking the person actually trying to help by nitpicking what they say.

    --
    Do not look into laser with remaining eye.
  15. Re:yes they should by Pseudonym · · Score: 3, Informative

    I could have had a 4-digit id, but I come from an era when long-term lurking before posting was considered virtuous.

    --
    sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
  16. Re:yes they should by Vadim+Grinshpun · · Score: 4, Funny

    Let there be...
    nevermind.