Snowden: FBI's Claim It Can't Unlock The San Bernardino iPhone Is 'Bullshit'

An anonymous reader writes: Edward Snowden, the whistleblower whose NSA revelations sparked a debate on mass surveillance, has waded into the arguments over the FBI's attempt to force Apple to help it unlock the iPhone 5C of one of the San Bernardino shooters. The FBI says that only Apple can deactivate certain passcode protections on the iPhone, which will allow law enforcement to guess the passcode by using brute-force. Talking via video link from Moscow to the Common Cause Blueprint for a Great Democracy conference, Snowden said: "The FBI says Apple has the 'exclusive technical means' to unlock the phone. Respectfully, that's bullshit." Snowden then went on to tweet his support for an American Civil Liberties Union report saying that the FBI's claims in the case are fraudulent. Apple's clash with the FBI comes to a head in California this month when the two will meet in federal court to debate whether the smartphone manufacturer should be required to weaken security settings on the iPhone of the shooter.

15 minutes are up

Maybe the FBI doesn't have the same resources as the NSA. Snowden's opinion on this is beyond irrelevant, his 15 minutes of fame ended a long time ago.

Re:15 minutes are up

if the NSA Has the resources, then his statement, that the FBI's statement that " Apple has the 'exclusive technical means' to unlock the phone" is false, is valid. Because if the NSA can unlock it, then apple does not have the "exclusive technical means". The NSA can, and thus the FBI can ask the NSA to do just that.

     

Re:15 minutes are up

Maybe the FBI doesn't have the same resources as the NSA. Snowden's opinion on this is beyond irrelevant, his 15 minutes of fame ended a long time ago.

15 minutes of fame is what validates or evaporates someone who has worked within these very intelligence circles?

Boy, it sure is a good thing we never pay ex-Presidents millions of dollars to come speak in public. God knows Clinton's 15 minutes of cum-stained fame ended long ago.

The only thing that expired here is your sense of logic.

Re:15 minutes are up

[amRadioHed]

Assuming the FBI is privy to the NSA's capabilities.

Re:15 minutes are up

More likely the NSA is privy to the FBI's capabilities.

Re:15 minutes are up

Did the FBI really say " Apple has the 'exclusive technical means' to unlock the phone"? Or are those Snowden's words?

Of course that's not true even if the FBI did say it; given unlimited time and money there are any number of governments and non-government organizations that could eventually break into it. But given the real world constraints of time and risk of trashing the device, the request to have Apple's assistance is still reasonable. And of course Apple has to put up a show of pretending to resist in order to keep their fanboys happy.

Re:15 minutes are up

given unlimited time and money

No, the device would wipe itself after a few tries.

Re:15 minutes are up

[jellomizer]

I expect they have some reason to keep the device physically intact.
Most techs worth their salt will just remove the storage mount it to a computer make copies. And break into the data with brute force.

But what the FBI is asking for is to get in without the running OS clear itself.

Re:15 minutes are up

[Dcnjoe60]

Assuming the FBI is privy to the NSA's capabilities.

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

Re:15 minutes are up

[AchilleTalon]

Well, Snowden's statement is bullshit. The firmware code is signed and without the private key to sign the firmware, it won't run on the iPhone even if you can perfectly write another one. Unless he means the FBI is having Apple's signing private key. If he believes so, he should prove it.

Re: 15 minutes are up

Actually, even if the key was wiped due to too many wrong passwords, the data is still there. While it would be even longer, the data would be retrievable.

Brute forcing the key would take longer, but is still possible. There would be recognizable elements (like an executable or video data) or file system elements (sector markers?) That would let you know you stumbled on it.

Re:15 minutes are up

[epyT-R]

That has nothing to do with the (in)validity of his points.

Re:15 minutes are up

[JustAnotherOldGuy]

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

These days it's hard to tell where one stops and the other begins...the phrase "functional overlap" comes to mind.

Re:15 minutes are up

[fustakrakich]

The government has a very long history that shows that they are no more credible than Snowden. The entire kabuki is to convince the public that encryption is an evil tool of terrorists, and it's working.

Re:15 minutes are up

[camg188]

The iPhone 6 came out a year and a half after Snowden took off with the NSA docs.

Re:15 minutes are up

[KGIII]

I have often said how much I appreciate Snowden's sacrifice and gifts to us. I find him, while a bit sleazy, to be a greater patriot than most of the folks I know - and I served eight years in the Marines. That's saying something - I think.

So, I've gotta ask...

What makes folks think he's privy to this information or knows their full capacity?
What makes everyone believe he's telling us this of his own volition?
How is he an authority on this particular issue, it seems likely to be beyond his scope?

Re:15 minutes are up

[dbIII]

Assuming the FBI is privy to the NSA's capabilities.

No problem, just subcontract it via China since they will be privy to the NSA's capabilities.

Did you people really think a private contractor in Hawaii was likely to be the only leak from that bunch of toy soldiers?

Re:15 minutes are up

[Darinbob]

A snag is that the FBI does not want to ask, and the NSA does not want to answer. Yes, there is supposed to be cooperative sharing between security related government agencies. However the NSA does not want to give out its best secrets to a law enforcement agency. It's much like Apple in that regard in that if it helps out the FBI just once then it'll open the door for continued requests from the FBI or DOJ in the future. The bar to do this helping from the NSA has to necessarily be set pretty high and involve actual national security issues, not merely a fishing expedition with the slim hope that there's some data on the phone. If the FBI had evidence that there was indeed data of value on the phone and that it involved an ongoing terrorism related investigation, then the NSA might help. The NSA is in the business of national security, whereas the FBI is in the business of making arrests. The NSA is highly jealous of its own knowledge, capabilities, and jurisdiction.

So Snowden is probably right with regards to the NSA which he does know something about, but he's possibly wrong about the FBI and he was little to no knowledge of the FBI internal capabilities. I suspect he's assuming a high degree of sharing between the agencies.

Re:15 minutes are up

[Darinbob]

This is domestic terrorism, there is slight evidence that there was any foreign involvement or planning. The FBI needs to make the case that there is a need for cooperation. With this phone however there is not very much probable cause to assume there is any evidence of value on that phone. The FBI wishes such data exists of course, which would allow them to open up *new* investigations only, but their real motivation is not in finding any foreign mastermind of the shootings but instead they want to crack open that door with Apple to enable relatively mundane phone cracking in the future for low level cases (drug crimes, financial crimes, etc).

The FBI *claims* it's a one time only request and we should accept their word on this, except that their word has proven to be unreliable in the past and they certainly can not make this one-time-only pinkie promise on behalf of the entire US goverment or all governments around the world. Once Apple caves in then we already know there is a New York DA highly interested in getting Apple's help fishing through a few buckets full of phones. The courts rely on precedence and this would set a very large precedent for future requests.

Apple is correct in taking this case all the way to the supreme court if they have to. It is their right to do so, and they are in no way unpatriotic for asserting their rights.

Re:15 minutes are up

"The FBI says Apple has the 'exclusive technical means' to unlock the phone. Respectfully, that's bullshit."

Browse the various presentations given by hardware security researchers on the topic of bypassing security systems that are more or less exactly like the one in the shooter's iPhone. You'll discover that there are many ways to get the data from the phone that do not require Apple's help at all.

The problem is that none of those ways set a helpful precedent for the US government, so it chooses not to use them. The FBI needs to do what the NSA did in the 1990's: get smarter and more tech-savvy. This is Crypto Wars, Round Two.

Re:15 minutes are up

[Darinbob]

The NSA is supposed to deal with foreign intelligence only. The FBI is supposed to deal with domestic criminal investigations only. The fact that both agencies have been trying to expand their reach so that there is functional overlap is evidence that the two agencies are not sharing their secrets with each other so readily.

This is also a domestic terrorism case with no evidence that there is any foreign involvement except for the gut feeling that all terrorism comes from a secret mastermind hidden on a island somewhere off the shore of New Jersey. We know who the shooters were. We know who they called and when, from both the work phone in question and the other phones that were actively used by the shooters. The case is essentially closed, and would be closed if it weren't for politics. The NSA is not going to open its kimono wide to the FBI for a simple case like this one. Cooperation or no, the need to know process is still in effect.

Re:15 minutes are up

[currently_awake]

1-There have been credible claims they could take the IC apart and extract the pin code directly. 2-It is likely that the NSA would benefit greatly from having Apple's signing code, so we should assume they already have it. Now since this is a Terrorist! case the FBI should expect NSA cooperation in the matter.

Re:15 minutes are up

[Darinbob]

The government is actually asking, naively, "if you've got nothing to hide, why are you hiding it?" Because the use of encryption appears to be so rare at the moment it makes a lot of citizens wonder what's up with those people who actually do use encryption.

So the more people who use encryption the better as it will start to seem mundane and common place instead of setting off mental alarms in the people willing to tear up the constitution if only they can be spared the horrors from people who hate our freedom.

Re:15 minutes are up

The FBI and NSA are redundant overhead at the taxpayers expense. There may have been a day when having both agencies made sense, but these days both of their primary functions is to spy on their own people. Let's stop pretending otherwise.

Re:15 minutes are up

This is also a domestic terrorism case with no evidence that there is any foreign involvement except for the gut feeling that all terrorism comes from a secret mastermind hidden on a island somewhere off the shore of New Jersey.

Gentlemen, behold!

Re: 15 minutes are up

You are confusing the NSA with the CIA. The CIA has generally dealt with foreign affairs while the FBI handled local affairs.

Re:15 minutes are up

[l0n3s0m3phr34k]

The ACLU's site explains it quite well. It has nothing to do with the firmware, it's the idea of copying the Toshiba NAND chip first. Install a test socket onto the board, then start running the password attempts. Get locked out, or the chip erased, pop another NAND chip in with the same image written on it. Repeat until you get in. This would probably take a long time, copying and swapping a chip for every ten attempts. But a process that is annoying is still a long ways from a process that is technically "impossible" as the FBI is claiming.

Re:15 minutes are up

[l0n3s0m3phr34k]

Most people in the US use encryption, they just don't realize it. Anyone who's ever checked their bank account online has used encryption.

Re:15 minutes are up

He's still more credible than you are.

Re:15 minutes are up

[fustakrakich]

The bank is using and controlling the encryption, not the customer. And the government will never have to ask them twice to turn everything over to them. The problem (to the government) is when the customer controls the encryption and is willing to protect his own rights.

Re:15 minutes are up

Well... Firmware signature enforcement is a chipset feature. Getting Qualcomm to ignore the firmware signature wouldn't be that hard. The question is: can the encryption key secured by the OS refusing to boot be transplanted between devices?

Re:15 minutes are up

[Narcocide]

What makes folks think he's privy to this information or knows their full capacity?

While he's far from the first to voice public dissent against the NSA and their supposed capabilities, he's the only one so far they've ever publicly decried and gone through such lengths to capture and silence. The effort level of their response alone tends to strongly validate his claims.

What makes everyone believe he's telling us this of his own volition?

I don't think there's any question at least that he feels his hand was forced. I also think that even if he were being forced to say all this by the Russian government, that doesn't necessarily invalidate the content of his statements. At this point, the Russians are probably much happier and it is much more productive for them to be spreading truth about the NSA rather than falsehoods.

How is he an authority on this particular issue, it seems likely to be beyond his scope?

It was beyond his job scope as a contractor at the NSA, however his own claim about this is that his personal investigation into their poor office network security practices and subsequent hushing from his superiors when he tried to voice legitimate, lawful concerns about this lead him down a path of discovery in which uncovered apparently the vast bulk of the data of their surveillance capabilities within the country as well as abroad, all of which also was kept secret because it was completely illegal. At this point apparently he decided to turn vigilante, and again like above, the NSA's own response in action largely validates the truth of his claims to knowledge of their secrets.

This is all fairly common public knowledge by now. Perhaps you've got him confused with Bradly Manning or Julian Assange?

Re: 15 minutes are up

[valdezjuan]

Sadly, the phrase 'functional' doesn't come to mind at all when these two agencies (well, pretty much all federal agencies that are involved in enforcement/intelligence) are brought up in the context of cooperation.

Re:15 minutes are up

[penguinoid]

What are the odds that the NSA doesn't have some high-ranking Apple employees on their payroll? Just how secure is Apple's signing key?

Re: 15 minutes are up

The firmware and the encrypted disk volume are two separate components that can be decoupled. That's why the FBI's claims are bogus. You don't need a custom version of Windows to attack a Bitlocker encrypted volume. It's nonsense.

Re:15 minutes are up

[Tom]

The ACLU misses one point:

The FBI does not know if the erase feature is enabled. The court should force them to run through the desoldering routine at least once to figure out if maybe they don't even need Apple to disable this feature.

That they didn't try, that they go to court without being sure, tells the whole story. If this were about breaking into the phone, they would have tried this, in the time that has passed with court cases they would already be sure if they need Apple at all or not, and if it turns out that not, they probably would have already broken into the phone.

ACLU is right, but they still miss just how malicious the FBI is.

Re: 15 minutes are up

Most people also reuse stupid passwords like pass12345, so what's your point?

Should we haul in anyone that uses multiple passwords longer than 8 characters?
Because by your logic they must be hiding something? What about people that have locks on their front doors? Or blinds on their windows?
Terrorist all of them!!

Re: 15 minutes are up

[some+old+guy]

No, you're wrong. The NSA is a DoD office and *in theory* bound by posse comitatus and cannot be used for domestic purposes. The head of the NSA is always a commissioned general officer.

Re:15 minutes are up

How about... look up the chips spec, copy the chip data... build virtualized chip device, hook it up in phone... and youll have bruteforcing without slow physical swap the chip every 10attempts.

Re:15 minutes are up

Lies! Terrorists come from the People's Islamic Republic of Terrorstan where all the muslims live and if we'd just stop being put off by Freedom-hating week-kneed traitor Liberals, go in and nuke the entire country of Terrorstan into radioactive slag, the world would instantly become peaceful and prosperous.

Re: 15 minutes are up

Maybe this is capitalism at work here. The FBI and NSA need competition. Mayhaps they compete with each other, to the detriment of everyone. Who needs foreign competition when you can waste so much money battling each other.

Re:15 minutes are up

[AmiMoJo]

What makes folks think he's privy to this information or knows their full capacity?
What makes everyone believe he's telling us this of his own volition?
How is he an authority on this particular issue, it seems likely to be beyond his scope?

We can read.

This isn't really coming from Snowden, he just happened to be a high profile person who tweeted about it. His statement is based on legal filings by the ACLU and others who point out methods that the FBI could use to crack the PIN code on their own.

For example, they could back up the flash memory, make 10 attempts, the phone wipes it and they restore it and try the next 10 numbers. The link is right in the summary.

Re:15 minutes are up

[Dcnjoe60]

I don't dispute what you say other than post 9-11, there is supposed to be cooperation among the various law enforcement agencies and intelligence agencies whether the terrorism is domestic or not. Whether Apple is right or wrong or there is evidence on the phone or not, does not change that.

Now if you want to delve into conspiracy theories, some say the NSA can already get into the phone, maybe even has gotten into the phone, but the FBI needs Apple to do it because 1) the NSA doesn't want it known they can do this and 2) if there was incriminating data, it would be inadmissible because there wasn't a warrant.

Like I said, that is all conspiracy theory stuff. It could be 100% accurate, 0% accurate or somewhere in between. This part, though, I believe -- If the government doesn't get their way on this case, it won't be long until there is legislation banning encryption for the sake of national security. I think that is their long game.

Re:15 minutes are up

Isn't that restriction only for their surveillance operations? If the FBI would contract NSA with breaking the phone then would this still be disallowed?

Re:15 minutes are up

[dcw3]

Assuming the FBI is privy to the NSA's capabilities.

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

In general, that would be correct. But, just like when the Enigma was developed, you wouldn't have let that secret out for a single case like this when you're fighting a larger war.

Re:15 minutes are up

[dcw3]

The NSA is supposed to deal with foreign intelligence only. The FBI is supposed to deal with domestic criminal investigations only.

That's how it was back in the 70s, but this is no longer true, and hasn't been for decades.

This is also a domestic terrorism case with no evidence that there is any foreign involvement...

Unless you're part of the investigating team, you're comment is complete conjecture. You don't know what evidence they have.

Re: 15 minutes are up

[dcw3]

Posse comitatus was a Congressional act, and you can see in the text below "except in cases..." Congress also passed some other acts...FISA and Patriot come to mind...that have changed the rules. So, the "theory" has been OBE for a while.

Whoever, except in cases and under circumstances expressly authorized by the Constitution or Act of Congress, willfully uses any part of the Army or the Air Force as a posse comitatus or otherwise to execute the laws shall be fined under this title or imprisoned not more than two years, or both.

Re:15 minutes are up

You're speaking out of your anus. There's little to no overlap, and I defy you to show evidence to the contrary.

Re: 15 minutes are up

[MachineShedFred]

Sure, if you want to be pedantic. Statistically, by the time you actually cracked it, the human race will have either abandoned Earth due to an expanding sun, or have gone extinct. Unless you get triple-Powerball-winner lucky.

For all purposes of reality, only Apple is getting that thing open unless the NSA has undisclosed methods, and they sure as shit won't disclose them for this chickenshit useless case. The only reason the FBI is going through all this is because they want to have the legal precedent to crowbar anyone's phone open, from any manufacturer, with any warrant or writ from a judge.

Re:15 minutes are up

[MachineShedFred]

And the legal standard for that is "too fucking bad."

If I bury a box in a forest with my diary in it, and then they want to peek at it after I'm dead, too fucking bad. Same situation.

Re:15 minutes are up

[MachineShedFred]

You forgot:

"Why do people think that Edward Snowden knows more about iPhone encryption and security than the manufacturer of the iPhone, and the software engineers who wrote the OS?"

Apple has been working with the FBI since day one on this thing. If there was a way in that didn't involve a custom OS image that weakens the security, they would have done it. Apple drew a line, and the FBI is using a Federal Magistrate to challenge that line.

Re:15 minutes are up

[AmiMoJo]

I'd say it's 50/50 if they pay them or just use blackmail.

Re:15 minutes are up

[Dcnjoe60]

Assuming the FBI is privy to the NSA's capabilities.

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

In general, that would be correct. But, just like when the Enigma was developed, you wouldn't have let that secret out for a single case like this when you're fighting a larger war.

Replace "supposed to cooperate" with "legally required to cooperate." I don't believe there was any such law at the time that the Enigma was developed or in use. Of particular importance is that congress passed the law requiring cooperation in terrorism cases specifically because the lack of cooperation is what led to the 9-11 attack.

Re:15 minutes are up

[Khyber]

"Just how secure is Apple's signing key?"

Not secure enough that one can't bypass it within 10,000 guesses of the PIN.

Seriously, I could easily have this phone unlocked within a day. This court case is bullshit. Anyone with any technical chops knows it.

Re:15 minutes are up

[dcw3]

Legally required to cooperate doesn't imply that they have to give up national secrets in order to do so, and I'm sure Congress didn't imply that they would need to.

Re:15 minutes are up

[Coren22]

For example, they could back up the flash memory, make 10 attempts, the phone wipes it and they restore it and try the next 10 numbers.

Except that wouldn't work. The thing that wipes is not the data but the key. The key is kept in Apple's equivalent of a TPM chip, so cannot be retrieved or replaced after the wipe.

http://searchmobilecomputing.t...

Re:15 minutes are up

[Coren22]

Really? Prove it. It seems there are many people speculating about how easy it would be that don't seem to understand how the encryption works. When the phone wipes, it doesn't wipe the flash, but the encryption key that is inside of a hardened chip. It isn't something that you can just retrieve and replace. So, since you KNOW how to do this, you should offer your services to the FBI, I am sure they would pay you very well to demonstrate the ability on a dummy phone.

Re: 15 minutes are up

[Coren22]

When the encryption key is stored in a TPM chip, yes you do.

When the TPM erases the key after X failed attempts, you don't just get to replace the disk with a bit level image, as the encryption key is what is missing, not the data.

Re:15 minutes are up

"Now if you want to delve into conspiracy theories ... Like I said, that is all conspiracy theory stuff"

Fade out music.

People do conspire all the time, nothing special about it.

Re:15 minutes are up

but the encryption key that is inside of a hardened chip.

Why do you keep saying this when it has been *repeatedly* pointed out that this model of iPhone does *not* have the A7 (or later) chip with the secure enclave?

Re:15 minutes are up

[Dcnjoe60]

If your argument is that they don't have to follow the law directed specifically at them stating they are required to share information and resources in cases of terrorism, well there is really no point in discussing the issue further.

Re:15 minutes are up

[Coren22]

https://www.reddit.com/r/theyd...

Good luck breaking into the encryption...

Re:15 minutes are up

[mrclevesque]

Your talking about more recent models, they have a 5C

Re:15 minutes are up

[mrclevesque]

"The FBI does not know if the erase feature is enabled"

Doesn't matter. If on the 10th try nothing is erased continue testing PINs. If after 10 tries it erases the key then swap in a backup of the chip and continue testing PINs.

Re:15 minutes are up

[Coren22]

Because it is what I am reading in technical articles on the subject:

http://searchmobilecomputing.t...

Please, correct me with some citations to information about how it works.

Re:15 minutes are up

[Aaden42]

Have you perhaps heard the term, “jailbreak”? That would be running unsigned code on an iPhone. There are no publically known bootloader-level jailbreaks for the iPhone 5c/s & later. NSA or another TLA could still have a very top secret exploit that allows them to run whatever they want.

If the bootloader is 100% secure, then yes, you need Apple’s keys. Find an exploit in the bootloader (or in any code that you can access on a locked phone), and odds are pretty good you can load what you want and unlock it without Apple. Anyone who has such an exploit is going to treat it like the Allies treated the fact Enigma was broken during WW2. As soon as the existance & method of the attack is known to Apple, they can patch it in their next device, closing that avenue of access.

FBI realistically doesn’t care what’s on the phone. They just want to legally strong-arm Apple into unlocking any phone they want without having to spill the beans about their (possible) exploit. Using this phone seemed like a good test case (cause ter’ists!!!), though some of the details that have emerged about the incompetence of how the phone was treated has made it a bit less of an ideal case.

Re:15 minutes are up

[Aaden42]

But that’s actually another case where encryption technology is being perfected to destroy the ability to give in to legal demands. If you use TLS with perfect forward secrecy correctly enabled, you wouldn’t be able to turn over anything to LEO that would allow them to decrypt captured traffic. Without the ephemeral data from the initial session initiation on both sides of the negotiation, you can’t decrypt.

Of course a bank is already streaming any interesting data about your activity to the Feds, never mind needing to get a warrant or decrypt anything.

Re:15 minutes are up

[AmiMoJo]

Not on the iPhone 5C, the key is kept in flash memory. The CPU doesn't have a secure memory for keys, only a factory set secret that can only be read by signed, privileged code.

Re:15 minutes are up

[dcw3]

You're obviously speaking of the IRTPA of 2004, of which the https://www.ise.gov/ was created to execute the sharing you mention.

However, what you don't seem to be grasping is that this does not mandate that the agencies start sharing everything. In some cases, there may be compelling reasons to specifically not share, and those cases would never be adjudicated in a public manner.

Re:15 minutes are up

[koreanbabykilla]

regarding 2): They do not need a warrant, as the phone in question is owned by the county government and they have given permission to search the phone.

Re:15 minutes are up

[Darinbob]

Unless you're part of the investigating team, you're comment is complete conjecture. You don't know what evidence they have.

So we just trust that the government tells the truth and we must do what they ask without question or exercising our rights to disagree and wait for the courts to overturn the writ?

Re:15 minutes are up

[dcw3]

Please don't try to twist my words. What you stated is simply not based upon any public evidence, and what you do have to deal with is that evidence isn't made public until it's brought up in court. After that, everything that's not brought out is subject to FOIA requests.

There are plenty of logical reasons for not making evidence public prior to a public hearing. You're welcome to disagree, but you'll have to live with the fact that it's the system we have, and for the most part, it works pretty well.

Re:15 minutes are up

[Plumpaquatsch]

regarding 2): They do not need a warrant, as the phone in question is owned by the county government and they have given permission to search the phone.

Then what do they need Apple for?

Re:15 minutes are up

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

This makes me wonder if the FBI/NSA has already decrypted the phone and gotten evidence they need to trace the activity back to another person, but they need the legal approval in order to use the evidence in court to prosecute someone.

Re:15 minutes are up

[Plumpaquatsch]

Assuming the FBI is privy to the NSA's capabilities.

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

In general, that would be correct. But, just like when the Enigma was developed, you wouldn't have let that secret out for a single case like this when you're fighting a larger war.

But everybody already knows the NSA can crack your phone. Why pretend they can't just for this case?

Re: 15 minutes are up

[david_thornley]

Statistically, by the time you actually cracked it, the human race will have either abandoned Earth due to an expanding sun, or have gone extinct.

You're way too optimistic about the ease of brute-forcing AES-256.

Re:15 minutes are up

[david_thornley]

Similarly, if you have an email retention policy and stick to it, you're destroying the ability to give in to legal demands. If the courts tell you to turn over the last year of emails, and you have a six-month retention policy and stick to it, you're fine legally.

Re:15 minutes are up

[david_thornley]

It doesn't have the full secure enclave of the 5S or later. That doesn't mean it doesn't have wipeable hardware AES.

Re:15 minutes are up

[Plumpaquatsch]

given unlimited time and money

No, the device would wipe itself after a few tries.

Says who? This is not a default option, so you can only claim that to be the absolute truth if you already have full access to the phone, or have already erased it by trying. In either case Apple couldn't help you.

Anyway An ACLU expert says the FBI wouldn't need Apple to get past the auto-erase

Re:15 minutes are up

[dcw3]

Assuming the FBI is privy to the NSA's capabilities.

This is a terrorism case, so the FBI and the NSA are supposed to cooperate.

In general, that would be correct. But, just like when the Enigma was developed, you wouldn't have let that secret out for a single case like this when you're fighting a larger war.

But everybody already knows the NSA can crack your phone. Why pretend they can't just for this case?

Crack?...No, I don't think we've seen any evidence of that. Intercept the calls?...Yes.

Re:15 minutes are up

[rch7]

SSLv2 was also top security feature that is impossible to crack by anybody, just make keys long enough. Then SSLv3 was the one impossible to crack. Then everybody started to understand that they are full of holes and workarounds, and who knows how many undisclosed exploits big government agencies have - whatever country you will take. The "private" key isn't that private too if you think more about it. There is bunch of people at Apple who have access to it and it is not hidden in some Faraday cage 100 feet under ground with vaulted doors.

Re: 15 minutes are up

[MachineShedFred]

I'm just saying that one of those two events will have happened. Not that they would have just happened, or that you'd have a nice shiny crypto key that works billions of years afterward.

Re:15 minutes are up

[fustakrakich]

The government can and does dictate retention policy for many things. And they can put a gag order on it besides with their NSLs and various other tricks. Once the judge puts the hammer down, you will do what they say if you want to keep your business and maybe your freedom.

Re:15 minutes are up

[l0n3s0m3phr34k]

The customer is stilling using the encryption, just by using the app / website. So is the bank, of course.

Re:15 minutes are up

[fustakrakich]

They are using the bank's encryption, not their own. That's an important difference.

Respectfully, that's bullshit

[turkeydance]

yeah, that.

Re:Respectfully, that's bullshit

Respectfully:

- your dick/tits are too small;
- you have furtive, darty eyes;
- you are a Communist/Fascist/Socialist/Statist/Bureaucrat/Toady;
- you are racist/bully/narcissist/psychopath/toxic;
- your mother was a hamster and your father smelled of elderberries!

Regardless though, respectfully!

Re:Respectfully, that's bullshit

[turkeydance]

ad homineminemanemonem

Re:Respectfully, that's bullshit

[Darinbob]

Everyone knows you can get away with any insults as long as you use the words "with all due respect" or "respectfully".

Re:Respectfully, that's bullshit

[LoneTech]

That is a poor choice of phrasing, as it ends up incorrect. It was stated with all due respect, not respectfully.

Re:Respectfully, that's bullshit

Eewww. Why would you want to give a homo an emema?

Re:Respectfully, that's bullshit

Well, here's the real deal--we're already paying the NSA to do the job and now the FBI wants the manufacturer (Apple) to do the job for them on the manufacturer's dime. It's insulting enough that the US government is paying to spy on US citizens, but they want us to pay to spy on ourselves as well. It doesn't take a genius to see that if Apple does the job they will bill the iphone customer/buyer for the cost. It would be a bad deal even if the FBI offered to pay for it (which would still be paid by taxpayers), but that's not even part of the discussion.

There was a time when corporations were expected to function in the public interest. For those who think that it is in the citizen's interest to spy on citizens, I simply disagree.

All boils down to evidence

[rfengr]

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

Re:All boils down to evidence

[geekmux]

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

This all boils down to legal precedent.

Always has been.

Re:All boils down to evidence

Sure. But tech-wise (warning, car-analogy detected), if the NSA is a Tesla, then the FBI would be a Plymouth Duster... I don't doubt the NSA can do it, but why would Snowdan know what the FBI is or isn't capable of? Assuming, that a Federal Police would neeeeeever illegally work with a Spy Agency, of course...

Re:All boils down to evidence

[NEDHead]

I had a 1972 Duster. Very reliable and economical for the time. Slant 6 engine that wouldn't quit.

Re:All boils down to evidence

Emphasis on time. No matter how great it was 45 years ago, it would not be fit in todays world. Well, unless you're All Bundy...

Re:All boils down to evidence

[taustin]

That isn't true. The CIA is prohibited to performed law enforcement functions inside the US. The NSA is not. They can be used just like any other outside forensic service, which all levels of law enforcement use all the time. Including the FBI.

Re:All boils down to evidence

[NEDHead]

That is true of course. On the other hand with all of the tracking/software controls going in to the newer cars, something simple, reliable, that can be tuned with a file and a screwdriver, and doesn't blab everything to everyone about where you are and what you are doing, has a very tangible appeal.

Re:All boils down to evidence

[AHuxley]

The FBI wants a tool that is ready for a long list of other domestic cases. A tool that is portable, federal support for state law enforcement ready. The domestic, court ready, master key for a generation of phones.
"“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,” "(March 2, 2016)
http://nypost.com/2016/03/02/f...
Its not a "one-off" or just for this case tool.
The NSA owns that tool set, missions, contracts, bids, contractors and the wins that result. The funding and fame follow the wins . The no bid contracts and experts gravitate to the NSA ensuring every generation of telco product is wide open to the US gov and mil. Only the NSA can then secure, support or plan any such missions.
When federal and state law enforcement get in on the bids for the same tool sets? Any state contractor, federal contractor can then sell their tools at a low cost and the national publicity goes to the FBI.
Political leaders see new hi tech contractor jobs in FBI support in their states and the contractors that get the new work can the support the local political leaders re election that got them the new FBI contracts.
Everyone is now winning, new federal cash is flowing out, political leaders helped their local hi tech sector with new gov work, the FBI has a flood of new cases in open court and wins.
What was the NSA's missions, fame, role, new experts, no bid contracts, code and skills now in the hands of state officials, local law enforcement, federal gov workers, anyone working with US federal law enforcement around the world. All the ex staff and former staff who got invited in on the methods.

Anyone interesting stops using US branded trapdoor and backdoor ready turnkey network, telco and computer devices.
A few decades of easy tracking, voice prints, effortless decryption is lost in months in open court.
The cults, faith groups, criminals, dealers, embassy "agents" who once had to be seen with a phone just to keep the cover as been a normal person that was always reachable all go dark.

Re:All boils down to evidence

[ArchieBunker]

I keep hearing this but what does it matter? The government does whatever it pleases without consequence. The NSA admitted to illegally spying on members of congress. Nobody was fired or even given a letter of reprimand.

Re:All boils down to evidence

Actually at 13-15 mpg, it would do better than some loud SUV's and sports cars that our richest show-offs buy today. Go figure huh?

Re:All boils down to evidence

[reboot246]

You'll just have to buy the higher octane gasoline at a slightly higher price. Either that or add your own additives. There are plenty of older vehicles still being used today.

Re:All boils down to evidence

[whoda]

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

Which of the dead shooters are we taking to court?

Re: All boils down to evidence

Any of the late 90s entry or mid level cars lack spying electronics and dont NEED to be tuned with a fork and a knife.

Re:All boils down to evidence

[cavreader]

The government deals with the consequences of their actions all the time. The whole Apple-FBI conflict is happening out in the open for every one to see. No classified FISA involvement or equally classified NSL's being used to force Apple into doing anything. The government is following the law and as a consequence they have already lost some high profile court proceedings over their similar requests. I predict they will lose the current FBI-Apple case as well. On the other hand the NSA serves a whole different purpose than the FBI and it's efforts are concentrated in the realm of foreign espionage which is the organizations mandate. And the only law the NSA follows on it's foreign activities is don't get caught. This is standard operating procedure for every foreign state espionage service around the world. You cannot condemn the NSA without factoring in the fact that there are some very powerful and well funded state security agencies in the world whose entire purpose is to conduct espionage operations against the US. US industrial, military, and political structures are constantly being targeted by both allies and enemies. Then you also have the non-state actors actively looking for ways to attack the US or anything associated with the US. However with all the hyperbolic statements being tossed around you would think that the US is the only country on the planet who conducts espionage operations around the world.

Re:All boils down to evidence

[Darinbob]

Precedent says what the courts can do are or likely to do. If someone next year wants to get Apple to crack open a phone so we can find out who ate the last box of Thin Mints from the break room, and Apple says "we can't do that", then the court will think that they indeed were able to crack the phone in the past so they should be able to do it now. Once Apple bends over it becomes much easier the next time they're asked to bend over.

The government here does NOT get to do what it pleases without consequence. There's usually not a lot of punishment involved against the government, usually it's just telling them "no, don't do it again". But there have indeed been many cases where the government has had to pay redress or damages. The courts do have a history of being able to tell the government "no".

Re:All boils down to evidence

[Darinbob]

Counsel: Mr Aldridge are you considering the question or are you just dead?
[silence]
Counsel: I think I'd better take a look m'lord.
[looks inside coffin]
Counsel: No further questions m'lord.
Judge: What do you mean, no further questions? You can't just dump a dead body in my court and say 'no further questions'. I demand an explanation.
Counsel: There are no easy answers in this case m'lord.

However it seems, reality can be as weird as Monty Python: http://www.scmp.com/news/asia/...

Re:All boils down to evidence

[penguinoid]

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

Which of the dead shooters are we taking to court?

There's still the guy who sold them the guns.

Re:All boils down to evidence

[ausekilis]

The one that smells better, obviously.

Re:All boils down to evidence

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

This all boils down to legal precedent.

and also "political" precedent. Everyone keeps saying "we need to have a discussion." This is what discussion looks like.

One precedent I definitely don't want is:

    Apple has to help the FBI in any way the FBI wishes, but only if the FBI "needs" it.

so why are we discussing what the FBI needs, or what they coulda-shoulda done? Yes, the FBI is disingenuously forcing this issue because they think they can get precedent on an instance where proles are terrified towards irrational.

If there were a way to get precedent on another issue on which people were better able to think in a legally-rigorous and long-term manner, I'd take it, but too late for that, no? or is saying they don't "need" it a way to do that---hope a less politically-sophisticated cop raises the issue again later and sets a precedent with a less emotional case?

Re:All boils down to evidence

He was taken into custody rather quickly. My guess is that they don't need to patch up any holes in his case.

Re:All boils down to evidence

[Coren22]

Um...my Tundra, which is pretty much as big as those "loud SUV's" gets 15.4 mpg. You might want to look into gas milage figures again...

Re:All boils down to evidence

[Coren22]

http://www.ndaa.org/pdf/SB-Sho...

Is that accurate? It doesn't appear to be what I am reading in the court order.

"The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE"

Not exactly the same as "give us a tool we can use on thousands of phones". Also, I would say that exactly defines a one off tool, as it is signed by Apple's signing key, it isn't like the FBI could take that file and change the unique identifier to any phone they like.

Re:All boils down to evidence

[Bob+the+Super+Hamste]

That was back when Chrysler corp was still innovating and known for engineering. Shortly after that it really went down hill, the slant 6 was a good engine though, much like those AMC and Jeep inline 6, damn near indestructible.

Re:All boils down to evidence

The NSA is part of the Department of Defense - the military. It is prohibited from acting in a law enforcement role, just as EO 12333 prohibits it from targeting American citizens except under special circumstances.

You may claim the NSA violates those laws all the time, but that's not going to make for good evidence then, is it?

Re:All boils down to evidence

[AHuxley]

“The request we got from the government in this case is, ‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,”" was directly from "The Encryption Tightrope: Balancing Americans’ Security and Privacy " from the House Committee on the Judiciary Hearings at the 4h 45 min point.
https://www.youtube.com/watch?...
The tool is transportable.
What "paper work" is presented online for the press, media in public as "court order" might not always be the real story. Note what was actually asked for :)
Once the "subject" device is open, the created tool set in gov hands is ready for the case lists at a state and federal level. Welcome to a conscripted GovtOS.

Re:All boils down to evidence

[Coren22]

The tool is supposed to be tied to a serial number (device ID), it is also to be signed by Apple's software signing key, so I am not sure how exactly the tool can be used on the next device without modification by Apple.

If Apple can do it, so can other hackers

If Apple can write code and copy it up to the phone, then the capabilities for doing so already exist. So why doesn't the FBI do the work themselves? I'm sure Apple would be willing to help with the electronic part - that's just specs. I think there is more at play here than whether Apple can or can't....

Re:If Apple can do it, so can other hackers

[ewibble]

The code may have to be signed, for the update to be accepted on the phone.

Re:If Apple can do it, so can other hackers

[Etherwalk]

If Apple can write code and copy it up to the phone, then the capabilities for doing so already exist. So why doesn't the FBI do the work themselves? I'm sure Apple would be willing to help with the electronic part - that's just specs. I think there is more at play here than whether Apple can or can't....

You need to unlock the phone to make it accept unsigned updates. You need a signed update to unlock it. So only someone with the key can unlock it.

The FBI either doesn't have a copy of the key or doesn't want to admit they do. The keys for this kind of thing are guarded by men with guns and used only on airgapped machines, at least in any competent org, and it is highly unlikely that apple would knowingly give a copy of the FBI without word of it leaking out. Another branch of government may have obtained a copy clandestinely, however, either directly from Apple or from a foreign intelligence service.

Re:If Apple can do it, so can other hackers

[MachineShedFred]

So what you are saying is that they should just compromise a 1024-bit RSA key instead of the AES-256 encrypted filesystem.

What a marvelous choice. Good thing you opined anonymously on that.

why snowden?

Why does Snowden's opinion matter on this? He pinched some documents from the NSA (the he had access to), ran to Russia, and suddenly he's the god of information security?

Re:why snowden?

He's the only public talking head who actually had clearance and no further obligation to protect information covered under it.

He's the only guy that we can trust to even start a legitimate dialog on the subject.

If we're all speculating on what a secret closed door club can do, who better than A MEMBER OF THAT CLUB to speak out? Are you retarded somehow as to miss that?

Re:why snowden?

[The-Ixian]

I was kind of thinking the same thing.

I am glad that he did what he did. I would go so far as to say he is a hero.

However, he does seem to love the limelight a bit too much.

Re:why snowden?

[Nutria]

+1

video link from Moscow to the Common Cause Blueprint for a Great Democracy conference

Snowden fanboys are amazingly blind to the irony that someone hiding behind Vladimir Putin's skirts is lecturing people on how to run a successful democracy (ignoring the fact that we've never had a democracy).

Re:why snowden?

I think he and McAfee have been sharing notes

Re:why snowden?

Because an apple iphone can be unlocked through hardware hack in very short time (below 24 hours) by subverting the blocking mechanism. If you are in physical possession of the device it's easily done. If some third world arabs can do it, I have no doubt NSA, FBI or any other can do it.

Re:why snowden?

Because an apple iphone can be unlocked through hardware hack in very short time (below 24 hours) by subverting the blocking mechanism. If you are in physical possession of the device it's easily done. If some third world arabs can do it, I have no doubt NSA, FBI or any other can do it. The reason FBI i asking for this "service" is because they want a precedent for some reason. Whatever it is they want to weaken other systems that are not as easily circumvented.

Re:why snowden?

[NEDHead]

I don't know about McAfee, but do you really think Snowden is not getting additional information leaked to him over time?

Re:why snowden?

He's not hiding behind Putin's skirts. He's doing his best to survive getting disappeared by the current regime of the US. Perhaps upon the next regime change he might decide he'd have enough of a chance elsewhere to leave. Doubt it. Nothing fans the flame of nationalism like stringing up a "traitor".

Re:why snowden?

[grantspassalan]

If it had not been for Snowden, that iPhone and all other iPhones as well as other digital hardware would still not be encrypted properly. It is the inappropriate governmental data vacuuming that started this whole super strong encryption movement.

Re:why snowden?

"Snowden fanboys are amazingly blind"

So are 99% of americans and their glorious oligarchic government.

Testing theories of representative government

Testing theories of american government

Re:why snowden?

I don't know about McAfee, but do you really think Snowden is not getting additional information leaked to him over time?

WHOOOOSH....

the sound of the joke flying over your head - FYI, neither has given any justification for his claim so neither's statement is worth much

Re:why snowden?

Snowden fanboys are amazingly blind to the irony that someone hiding behind Vladimir Putin's skirts is lecturing people on how to run a successful democracy (ignoring the fact that we've never had a democracy).

Wrong.

The trick here is that the US is so fucking far gone from a democracy that the people who want to speak out against it have to flee to Russia in order to be safe.
Also, you're using "irony" incorrectly.

SexConker posting AC to preserve moderation.

Re:why snowden?

[Sarten-X]

who better than A MEMBER OF THAT CLUB to speak out?

Snowden was in the FBI? That's news to me...

Re:why snowden?

[NEDHead]

I think perhaps it is you, sir, who have missed the point. McAfee admitted he was just trolling for attention when he said he could unlock the phone in question. Snowden's credentials as a source of information are indisputable at least as regards his first pilfered download. It is entirely plausible that others of similar access and philosophy may be finding a means to funnel incremental information to him for release. Not certain by any means, but not impossible.

Re:why snowden?

Ok, where is this additional information? Snowden is known because he revealed things. Where's the beef? If you are going to claim he's got the goods on the FBI et al. then I have to ask why is he withholding it.

Your turn; go ahead and make up some reason why he can't share this hypothetical additional information. One bullshit brick stacked upon another...

Re:why snowden?

It depends. What's Trumps stance on Snowden?

Re:why snowden?

SexConker posting AC to preserve moderation.

So you admit AC has a value.

Re:why snowden?

So McAfee made claims about the government's abilities, which he later admitted were done solely to get publicity since he is fading from the public's sight. He is an attention hound. Now we have another person slowly fading from the public's sight making a claim about the government's ability regarding a device that didn't exist until after he lost access to any special information. He has offered no reason to believe him other than due to who he is, just like McAfee. He is also trying to appear as often as he can, though such offers are rapidly decreasing, and he has shown signs of being an attention hound also. It is as plausible that he has a source feeding him as it was that McAfee did, and we know where that went. To me, his claim appears to be an opinion that was either incorrectly phrased as a known fact, or has been incorrectly reported as such probably by people with an agenda. Similarly, the Snowden's credentials are debatable given how he has admitted to taking the position with the contractor to do exactly what he did, namely to compromise the information for an agenda of harming the government, then twisted information that he released to make him seem more honorable in how he did it. If you don't know about these issues, I suggest you read more than just the pro-Snowden fanboy sites. When you remove the blinders, there isn't a lot of difference between Snowden's claim and McAfee's claim, other than one has now admitted it was a publicity stunt.

Re:why snowden?

or bernie's

Re: why snowden?

He needs to stay in the limelight before Obama OKs the launching of the Hellfire missile with his name on it. There's a reason he needs to remain publicly visible: the instant it becomes viable, he's going to vanish courtesy the Obama administration.

Re:why snowden?

[bughunter]

So much this.

And now the FBI and NSA are acting like WTBs because they they want their cheats back.

Re:why snowden?

[fustakrakich]

So are 99% of americans and their glorious oligarchic government.

Actually it's about 98.4%, according to the last election results.

Re:why snowden?

Bernie's first day in office, he'll pardon Snowden.

Re:why snowden?

The second part of your first statement is wrong. Though he obviously doesn't give a shit, once you hold a clearance, you are obligated to protect any classified information you had access/know about until you die. I was a member of "THAT CLUB" until fairly recently, and I have a nifty little 3-fold glossy brochure summarizing my lifetime obligations.

I wouldn't trust Snowden about anything. He was a low-on-the-totem-pole guy who really didn't need to know much of anything to do what he did. He's certainly no expert on this matter.

Re: why snowden?

Will that help?

Re:why snowden?

[jafiwam]

He's the only public talking head who actually had clearance and no further obligation to protect information covered under it.

He's the only guy that we can trust to even start a legitimate dialog on the subject.

If we're all speculating on what a secret closed door club can do, who better than A MEMBER OF THAT CLUB to speak out? Are you retarded somehow as to miss that?

Not disputing what you are saying, but:

iPhone 5c came out in Sept, 2013

Snowden was already getting in trouble in Jan 2014, and was probably out of the loop already (not getting new information) before that.

If Snowden "knows" stuff about the 5c, it's generalized and non specific unless it was cracked out of the box before it was released.

That leaves me skeptical Snowden knows what he thinks he knows.

This whole exercise is goofy, there's probably no data they need on THAT phone anyway, and anybody they are going to chase down is already aware that might out them and done what they are going to do about it. There was reasonably successful attempts to destroy data on other devices, why leave this one out? It's was probably wiped before the attack even happened.

Cracking THAT phone doesn't do anything but set the stage for OTHER cracks of still in use phones.

Re:why snowden?

[Citation Needed]

Re:why snowden?

[hey!]

Because people will listen to him, because he's Snowden.

I've been saying the same thing for months: the key is stored (albeit encrypted itself) in flash, so all you need to do is to back up the flash chip and you've got as many goes as you need, which with a four digit PIN chosen by humans isn't that many. But even though you can point this out the relevant details in Apple's documentation, people just refuse to believe that the government can get into an iPhone without Apple's help.

That actually kinds of mystifies me. Why would anyone believe that a government that (in part at least) created Stuxnet would be stymied by an iPhone? Whatever the reason, Snowden's imprimatur seems to help them get over it.

Re:why snowden?

Has he actually promised that, or are you just imagining that he would?

Re:why snowden?

[Darinbob]

Trump's first day in office he'll build a wall along the Atlantic and Snowden will have trouble climbing over it.

Re:why snowden?

[Darinbob]

Putin is a Real Man and does not wear skirts. Or shirts. Nobody hides behind Putin. Except Medyedev.

Re:why snowden?

iPhone 5c came out in Sept, 2013

Snowden was already getting in trouble in Jan 2014, and was probably out of the loop already (not getting new information) before that.

Snowden flew the coop in May 20, 2013. (So, months before this iPhone came out.)

I'm always fascinated by the psychology of people who post things like this without bothering to do simple verification. Do you believe you're infallible, or is the two seconds it would've taken to look up Snowden on Wikipedia to avoid contributing to the already-very-high levels of misinformation surrounding a contentious topic like this just too much work for you?

Re:why snowden?

[Darinbob]

To the tune of My Country 'Tis Of Thee:

My Own Plutocracy,
Sweet Oligocracy,
Of thee I sing.
Land where my money's spent
On those who who represent,
Each child and innocent,
I would be king!

Re:why snowden?

[l0n3s0m3phr34k]

I had to explain that yesterday to some people...McAfee wasn't "lying", he was "trolling" as in poking fun at the FBI.

Re:why snowden?

[LiENUS]

I've been saying the same thing for months: the key is stored (albeit encrypted itself) in flash, so all you need to do is to back up the flash chip

And everyone else has been saying for months that part of the key is stored in the cpu in a region that is not readable. So all you need to do to back up the key is disassemble the cpu and hope you don't destroy it in the process.

Re:why snowden?

[Megol]

Are you that clueless that you think exposing sensitive data to the world is speaking out?

I think that Snowden in general did the right thing but realize that what he did is equivalent to espionage.

Re: why snowden?

I don't see the parent mentioning the FBI.
That misdirection is all on you, and you get a D+ for effort.

The NSA knows the capabilities of the FBI, because they spy on everyone.

Re: why snowden?

He also knew that the "Club's" internal security policies were laughable and was able to bypass them...

If he was such a low ranking person, with no valuable information, why has the US gov persued him to such an extent?

Re:why snowden?

[hey!]

And everyone else has been saying for months that part of the key is stored in the cpu in a region that is not readable. So all you need to do to back up the key is disassemble the cpu and hope you don't destroy it in the process.

Then "everyone else" would be wrong in this case. The "secure enclave" was introduced in Apple's A7 processor. The phone in question is an iPhone 5c which has an A6 processor. There is no crypto coprocessor to store anything in. The Apple docs even describe the process used to erase the keys in question from flash.

Now as for the iPhone 5S and later, there's no question they're tougher to hack -- that's the whole point of the new hardware features. But I still wouldn't put absolute faith in the inability of the new features to keep the government out if they had physical access to your phone.

Re:why snowden?

[q4Fry]

Bravo!

Re:why snowden?

Disregard that; I suck cocks.

SexConker posting AC to preserve moderation.

Re:why snowden?

you can easily identify the person with access to classified information and also communicates with snowden because he or she has to carry his or her nuts around in a wheelbarrow

Re:why snowden?

[LiENUS]

Theres the UID key needed to decrypt the flash key, and it is in fact stored in the processor and inaccessible. The difference between it and the secure enclave is the secure enclave contains the whole flash key instead of just the key to decrypt the flash key and the secure enclave erases itself through the unupdatable firmware on it, whereas without the secure enclave erasure of the flash key is done by the operating system.

Having the encrypted flash key is worthless without that uid as it is impossibly difficult to decrypt. Look into how long it would take to decrypt aes-256. If the fbi could get that UID key then they would have decrypted the flash key already. This is all explained in the aclu's blog on this. Try reading the article the summary links to man.

He has no idea

I side with Apple, really don't want my hardware crippled so the government can root through my phone at will, but how would he know? iPhone 5c launched months after he defected.

We know the FBI *can* unlock it without help

We know the FBI *can* unlock it without help, but we also know that this brings with it a certain level of technical risk that adjusted firmware would not (whereas the firmware would pose a certain level of privacy risk), and an attempt rate that is abysmal at best.

The ACLU report specifically states that they can desolder the storage chip, copy the storage entire, put in a socket (no risk there), plonk the chip in, try, and if it fails - restore the storage to the chip (or a model with equal behavior and characteristics). Several of these steps come with risk, and all of it comes with it the fact that it takes time. A lot of time. Even with a rig that pops the chip out and drops another one in, with chips going on a merry-go-around for reprogramming after N attempts, it's a lot slower than a firmware that would allow an effectively unlimited number of attempts.

Push comes to shove, they can try decapping it and looking straight at the bare metal. But as anybody who does forensic work would know, that's not exactly your go-to method; figuring out the password directly, or figuring out a pre-existing backdoor to bypass protection entirely, would be very much preferable. If disabling the maximum number of attempts is hypothetically an option as long as you can get the manufacturer to agree to do it, hell yes it's on the table.

Re:We know the FBI *can* unlock it without help

No one doubts that the security can eventually be circumvented. What you propose still slows down the process of running possible combinations to the point of taking too long and requiring considerable expense compared to forcing Apple to push a firmware update that allows for unlimited tries with no pauses.

Re:We know the FBI *can* unlock it without help

[ewibble]

Forcing apple to do it would probably cost more and take longer, law suits against multinational corporations, are neither fast or cheap. What this method allows, is the future unlocking of all phones, quickly.

Re:We know the FBI *can* unlock it without help

That won't work as the cryptographic processor does not erase the storage after 10 failed attempts.
What it is does do after 10 failed attempts is to delete the key that is used to encrypt the storage.

With the key gone all that is left is to brute force decrypting the storage, which is infinity harder than brute forcing the pass code,
which is why the FBI wants Apple to alter the firmware to allow them to do so.

Re:We know the FBI *can* unlock it without help

NSA can image the damn flash chip and use an offline grinder. It's basic forensics. They are playing the court system. Snowden for President.

Re:We know the FBI *can* unlock it without help

What it is does do after 10 failed attempts is to delete the key that is used to encrypt the storage.

So make 9 attempts, then on the 10th attempt remove power from the chip before it deletes the key (timing is critical here). After that, they can make any number of attempts until the counter rolls over back to 0.

Re:We know the FBI *can* unlock it without help

"Several of these steps come with risk, and all of it comes with it the fact that it takes time. A lot of time. Even with a rig that pops the chip out and drops another one in, with chips going on a merry-go-around for reprogramming after N attempts, it's a lot slower than a firmware that would allow an effectively unlimited number of attempts."

So, uh, wire up a flash simulator. It's not like flash chips are too fast to simulate, or even particularly complicated. Then you only have to do the wiring once and press a button on a PC to reset the "flash chip".

Duh.

Re:We know the FBI *can* unlock it without help

RIIIGGHHHTT...because there is 0 expense to Apple in creating new firmware for this purpose either directly or through harm to their business. Not to mention the risk to our fundamental rights..
.
No one doubted that Al Capone deserved to be in prison. Actual investigation & developing evidence to prove the case against him was taking too long & came at considerable expense, we should have just planted evidence on him to allow us to prosecute him without all the icky issues of due process.

The FBI TODAY has the ability to bypass the '10 try limit' using easily available tools & technology (especially for a government agency with their budget) with very little risk to the integrity of the data (*)...they are claiming they can't do that...that's an outright lie (though of course in their filing in court its phrased in such a way as to avoid charges of falsification of evidence/perjury).

(*) Note that it can reasonably be argued that the FBI should copy the firmware AND the contents of the NAND prior to Apple pushing any firmware update or otherwise attempting to break in to the device specifically because of the low but real risk that the firmware or data may be corrupted while attempting to unlock the phone even assuming that Apple is forced to provide a firmware update.

Re:We know the FBI *can* unlock it without help

It can reasonably be argued that the FBI must backup the firmware AND the contents of the NAND regardless in order to avoid it being corrupted or otherwise made unusable during any attempts to break-in.

Beyond that any risks of following the process the ACLU laid out are trivial in respect to the risk in regards to loss of our rights.

Lastly 'time & expense' are of 0 concern UNLESS someone can clearly PROVE 'imminent danger'. The 'time and expense' (not to mention loss of life) in developing the case against Al Capone was considerable, we should have just planted evidence on him as everyone knew he was guilty of some crime.

For crying out loud, do you have absolutely 0 respect for your rights & the rights of your fellow citizens? "Geez, this Bill of Rights thing just adds considerable time & expense to law enforcement lets just get rid of it as too many rapists, murderers, , are escaping prosecution'...

Re:We know the FBI *can* unlock it without help

[shawn2772]

You didn't RTFA. The key that gets wiped is stored in flash. So you back up the flash, make your attempts, then restore the flash and try some more. Repeat until success.

Re:We know the FBI *can* unlock it without help

If you could read the key to back it up, you'd already have the key to decrypt the phone. You can't read the key.

Re:We know the FBI *can* unlock it without help

[srmalloy]

You can't read the key, but you don't have to. You make an image copy of the NAND flash, without worrying about what cells in the flash belong to what data. Then you make your ten tries, and if the phone wipes the flash memory, you just restore the whole image and do it again. When they get the correct passcode, the phone will unlock, and then the key in the NAND flash will become readable.

Re:We know the FBI *can* unlock it without help

The key is stored in a part of the security chip that can not be copied, otherwise you could just read the key and decrypt the phone. There is no way to image/copy/read the key, other than perhaps an electron microscope.

Re:We know the FBI *can* unlock it without help

You make an image copy of the NAND flash, without worrying about what cells in the flash belong to what data.

I was under the impression from previous stories that it had some kind of secure storage of the key information that couldn't be backed up, or is this phone old enough that it doesn't?

Just imaging the encrypted data is mostly useless, since that would require a brute force attack

Re:We know the FBI *can* unlock it without help

[harperska]

The 5C model does not have a secure enclave chip.

Re:We know the FBI *can* unlock it without help

You're one evil son of a bitch. I like the way you think! :)

Re:We know the FBI *can* unlock it without help

Best I can tell (and probably only Apple knows), for this phone version the key is stored in a separate flash area not subject to wear leveling, but otherwise completely normal and copyable.
However the key itself is stored encrypted, and it is encrypted with a key stored in the CPU. However that key in the CPU cannot be changed or erased, so it is safe.
Thus backing up the flash (or to be honest, disable writes and allow only reads would be easier - depending on how the flash is controlled) should work.

Re:We know the FBI *can* unlock it without help

[bfpierce]

Why do we care about time here again?

If there were a legitimate need to 'get this done as quickly as possible' they'd have been in court and done with this whole deal by now. I don't care of government employees have to work hard.

Re:We know the FBI *can* unlock it without help

[edtice1559]

This is true for later model phones using the A7 processor. It's not true for *this* phone. This has been pointed out before, but I can always use an extra +5.

Re:We know the FBI *can* unlock it without help

I think they already did open it, and found nothing.
But, they didn't tell anybody, so they can milk Apple for all of its secrets.

Can't prove a negative

With all due respect to both Snowden and the FBI

I trust neither of you, and neither one of you can prove that Apple is indeed the only organization that can do this.

FBI says that Apple is the only organization that can do this, and that is BS if only because if they CAN actually do it, then that means someone in Apple can, which means it's knowledge that can be transferred (either by firing that person, or having them talk to someone outside of Apple).

Snowden's claim that others beside Apple can do it is also BS because if they CAN actually do it doesn't imply that they have SHARED that knowledge outside of Apple (in all likelyhood, they have not)

In either case, neither claims goes anywhere near whether or not apple CAN actually do it.

So the FBI and Snowden are both talking out of their asses and should sit down and shut up.

Calling bullshit

[Tailhook]

It's entirely plausible to me that Apple built something the FBI can't get into using their existing tools and techniques and Snowden has produced no evidence to the contrary. Don't make shit up.

Naturally his fans are obligated to defend this now and build a fictional world view around it, condemning anyone that fails to accept their bullshit... It's all enough to make you hope for a large bolide impact.

Re:Calling bullshit

If you read the article, you'd see that he's referencing this post by the ACLU that goes into detail about a viable method the FBI could use:

https://www.aclu.org/blog/free-future/one-fbis-major-claims-iphone-case-fraudulent

Naturally you're too busy assuming every else is an idiot to take the time to actually understand what you're commenting on.

Re:Calling bullshit

[fustakrakich]

It's entirely plausible to me that Apple built something the FBI can't get into using their existing tools and techniques

Why? How would you know? The ability to break encryption will be guarded like missile launch codes and other top secrets. The is no reason to believe that the government (whichever branch) cannot break into every phone out there. It is the safer bet to assume they can and act accordingly, regardless what Snowden says. They can then construct a case without exposing these abilities to daylight.

Re:Calling bullshit

[ooloorie]

It's entirely plausible to me that Apple built something the FBI can't get into using their existing tools and techniques

It's plausible, but Snowden is probably right. The iPhone 5C uses its main processor to implement lockout and erase, and that processor is subject to hardware attacks; that is, the FBI can tie into the device's hardware bus, modify RAM on the fly, disassemble programs, etc. To be actually secure, security needs to be implemented in secure hardware. The iPhone 5C has some secure hardware, but it isn't used in a way that would protect against the kind of attack the FBI is proposing. I think Apple has already announced that their future iPhones will use secure hardware in a better way, so that both the FBI and even Apple themselves can't break into it.

And I wouldn't blame Apple for the iPhone 5C not being very secure; the iPhone 5C is an old design, and at the time, the kind of bullet proof cryptography we demand now just wasn't as important yet.

Re:Calling bullshit

This. Snowden has been out of it for a WHILE now. In technology times at the least.

Things since he outed shit have changed massively in that time.

It is almost certainly a case of them being unable to break it.
It wouldn't be a technically hard thing to do in the slightest.
It is not a case of them being unable to make a legal case of illegally gained information, this is not parallel magicks in the slightest.
A LOT of companies are pissed off at the illegal spying of their data. (mainly because they never paid for it :^) )

Re:Calling bullshit

[Khyber]

"It's entirely plausible to me that Apple built something the FBI can't get into using their existing tools and techniques"

You fail at rule #1 of engineering: Man can make it, man can break it.

Re:Calling bullshit

The NSA has tools that the FBI can't know the full details. There are a lot of reasons, the most public are that DoD and DoJ classifications system are different and joint working groups require liasons that have been approved in both systems. The IC is the same deal... typical government red tape.

I'm not saying collaboration doesn't happen--just that it is collaboration is painful and slow, the FBI does not have the same level of capability that the NSA has, the NSA isn't going to tell the FBI all of it's capabilities anyway, and Snowen will know NSA much better than FBI.

Re:Calling bullshit

No, he's entirely correct.
"using their existing tools and techniques"
If they already had the tools to do this, they would have cracked this phone, and all the others on the backlog, long ago.

ACLU Article is wrong

[steamraven]

The linked ACLU article has some very large inaccuracies. While the "file system key" is indeed stored in "effaceable storage" and can be read out, it does no good. The key itself is encrypted with device specific data. Please see: http://www.darthnull.org/2014/... (this is for iOS 8, but similar to 9). Getting the encrypted key is fairly useless as only that specific cpu can decrypt it.

Re:ACLU Article is wrong

[fnj]

+1, insightful and informative

Re:ACLU Article is wrong

The ACLU article is correct. You need to learn to read:
"If it turns out that the auto-erase feature is on, and the Effaceable Storage gets erased, they can remove the chip, copy the original information back in, and replace it. If they plan to do this many times, they can attach a “test socket” to the circuit board that makes it easy and fast to do this kind of chip swapping."

Re:ACLU Article is wrong

The ACLU didn't say it wasn't encrypted and your link makes it clear that the key in question is stored on the 'effaceable storage' whether its encrypted or not is immaterial to the process. Copy the memory with the encrypted key, if 'key destroyed after 10 attempts' restore bits from backup & 'reiterate'. In fact for the process to work it would be vital the key remains in the format it was in when backed up(e.g. 'encrypted'). This isn't about trying to decrypt that file system key directly.

This is no different than making a copy of a DVD that I watch in my properly licensed DVD player. I can make any number of copies of the bits of the DVD I want. I may not be able to view them but if I break the physical DVD I can burn the bits back on to another one & use my properly licensed software to view the movie.

not making it easy on himself

For a guy that wants to go back to the US even if it means he might spend a little time in jail when he gets there, he's not really doing himself any favors by calling out the FBI and USDOJ and calling them liars.

Not gay but I love Ed Snowden.

Snowden for President someday. Fucking A right!?

Integrity Theatre

Basically the FBI and Apple are engaged in an elaborate PR stunt. Integrity Theatre,

- The FBI/State is trying to convince the public that it doesn't have access to their precious iDink gadgets and the bonanza of private papers within.
- Apple is trying to convince the public that it actually gives a dam about user privacy, let alone enough to resist tarnishing its relationship with the US state or indeed any other over the matter.

And lest we forget

- Users are trying to convince themselves and everyone else that the files on their phones and tablets -- and even for some poor fools, the cloud -- are anything other than open to public display towards Apple, the US Government, and any marketing/research/political organisation which pays for access to those files, now or at any future date.

Snowden is right. This is all bullshit. The war is over and we have lost. The Internet is a panopticon, and every device we have is a listening node. If you want privacy, write on a notepad, and buy a safe.

Re:Integrity Theatre

iDink FTW.

Time for a poll on this privacy-related topic?

[shanen]

Do you believe:

(1) The FBI (and friends) can hack all popular devices, but they want us to believe they can't.
(2) The FBI is using a politically convenient case to effectively outlaw encryption for regular citizens.
(3) When encryption is outlawed, only outlaws will have encryption--by circular definition.
(4) If you haven't done anything wrong, then of course there's no harm if the FBI knows EVERYTHING about you!
(5) All of the above.

Don't look at me. I'm so paranoid that I think Snowden is sincere and was deliberately picked to release exactly the information that the NSA (and friends) wanted us to see. If their psychological profiling didn't spot him many years ago, then we might as well surrender now, Dorothy.

It isn't bullshit, it is a matter of semantics.

[dsmatthews9379]

Apple can do it now, but the FBI can't do it, yet, however enough time and money would change that.

If you listen to just Snowden you will not learn the whole truth because he does filter the facts available to him in order to paint a picture that suits his political views, because he is an activist, and nobody should be surprised by that because all activists and lobbyists behave that way.

He used a swear word

So he must be right.

NSA already has it...

[Etherwalk]

The NSA may already have the information on the cellphone, from when it was sniffed as it passed over the interwebs.

What does snowden know about it?

Nothing.
He's been hiding in Russia for longer than the iPhone 5c had existed. Nothing he leaked or had access to could possibly prove the FBI or any other government agency can unlock a phone that didn't not yet exist.

so everybody is lying all around

[ooloorie]

I happen to agree with Snowden. And one you recognize that the FBI is lying about being unable to break into the phone, and Tim Cook is lying about the phones being secure the way they are, you end up wondering what their actual motivations are. Might it be that Tim Cook doesn't like his company's products to get a reputation for being not secure, while the FBI likes people using insecure and breakable phones?

(Note that Microsoft has already been forced to give its source code to the Russian security services, and it seems likely that Apple has succumbed to similar pressures.)

Re:so everybody is lying all around

It's a big show and Apple gives them everything they want under the table.
Well, that's my guess.

Re:so everybody is lying all around

[Waccoon]

The FBI is getting this case in the news and will use it to write new laws which will force companies to comply. Apple is getting tons of positive publicity as they are still within the letter of the law.

Both will be winners in the long term, and I find it rather unlikely that there will be any hard feelings when all is said and done.

Re:so everybody is lying all around

[ausekilis]

The FBI wants to make a public spectacle to set precedent for the *required* capability of the government to search any phone (encrypted or not) when it is needed for law enforcement at any level. Apple wanted the request to be sealed, which would have made this case a one-off. The FBI refused and made it public. This is for the gov to get their way about backdoors into phones, nothing else.

Apple is fighting it due to their public image and potential legal recourse. They have advertised their phones as being so secure, even they can't break in. If they do, then it's game over for their claims. Apple opens themselves up for class action (potentially, bait-and-switch), their public trust is tarnished, and they will have an uphill battle in proving that the next version "is really secure, really guys, we mean it." Apple could lose lots of money.

This is all under the guise of the all writs act, which basically says "judge compels someone to do something outside of establish law". Apple has a leg to stand on because of the request putting undue burden on their business. It's not part of Apples business model, it would be a new creation, customer privacy, etc... The F.B.I. is basically saying "but, terrorism".

Re:so everybody is lying all around

[bfpierce]

The current hardware brute force method requires physical acquisition of the actual device.

What the FBI is asking for would not.

There's a pretty big difference in the 'lie' as it were.

Re:so everybody is lying all around

[ooloorie]

The current hardware brute force method requires physical acquisition of the actual device. What the FBI is asking for would not.

The FBI is simply asking for a signed, phone-specific firmware update to remove the number of unlock attempts. That update probably can't be sent over the air, but even if it could, it wouldn't matter since it only applies to a phone that the FBI already physically possesses.

What I can't figure out about people like you is whether you don't realize how stupid the stuff you say is, or whether you are deliberately making up bullshit and hope nobody notices.

Snowden was a sys admin with a GED

I don't think Snowden is the be all to end all when it comes to security.

Snowden: Is Bullshit.

[sethstorm]

No more needs to be said.

Standard procedure for cracking storage

[joseph.j.desouza]

The government method for cracking a piece of storage evidence is straight forward. Rule 1. Clone your storage device on the bit level. The FBI and NSA would've done this and this alone circumvents the number of failed pin attempts to get into the iPhone. At that point, they could just set up the storage image with an iPhone simulator or numerous devices and script as many pin attempts as they wish.

Eddie Snowden

Snowden is going to die chittering like a small animal in distress, rapidly and with remarkably high pitch. Passers-by will reflect back and marvel that a human being could have made such sounds.

Either Snowden is right or he is wrong.

If he is right, it means the FBI is a corrupt anti-USian entity that is deliberately lying to the USAian populace and the court system to force a company to damage the security of their own product. If he is wrong, it means the FBI is totally incompetent.

I in now way support Snowden. But in this one limited instance he might be correct.

you're good

hey yeah 50 years of hardcore science on the topic but you just figured it out in one slashdot post!

Re:you're good

[hey!]

No, I just read the documentation.

Two extra buttholes coming right up

I guess this snowden clown isn't content with the new asshole that will be torn for him once the government gets to his ass.

Why is this fool still in the news?

Stop giving the traitor airtime.

He Wouldn't Know

[dcw3]

In spite of his god-like status among some of you, Mr. Snowden wouldn't know what capabilities the FBI has or doesn't have. He didn't work there, and he wouldn't have had a need to know, so he would never have been briefed on such. But, let's not let that get in the way of the Snowden gospel.

Re:He Wouldn't Know

[Agent0013]

In spite of his god-like status among some of you, Mr. Snowden wouldn't know what capabilities the FBI has or doesn't have. He didn't work there, and he wouldn't have had a need to know, so he would never have been briefed on such. But, let's not let that get in the way of the Snowden gospel.

Right! Because the FBI is unable to do what any lab that solders circuit boards and programs flash chips has the capability to do! If the FBI can't figure it out because they are too incompetent, then they can hire any one of these hundreds of companies that are fully capable to do it for them.

Re:He Wouldn't Know

[bfpierce]

He can read the same ACLU submission as the rest of us, which clearly shows that their claims are complete and utter bullshit. Which of course anybody with rudimentary knowledge of the hardware involved already knew.

Re:He Wouldn't Know

[dcw3]

In spite of his god-like status among some of you, Mr. Snowden wouldn't know what capabilities the FBI has or doesn't have. He didn't work there, and he wouldn't have had a need to know, so he would never have been briefed on such. But, let's not let that get in the way of the Snowden gospel.

Right! Because the FBI is unable to do what any lab that solders circuit boards and programs flash chips has the capability to do! If the FBI can't figure it out because they are too incompetent, then they can hire any one of these hundreds of companies that are fully capable to do it for them.

I wasn't arguing for/against their case, only that the article is basically just click-bait. For whatever it's worth, I side with Apple on this. Not because I don't feel for the victims, but because their loss shouldn't affect our freedom.

Re:He Wouldn't Know

[dcw3]

Then they should have posted the ACLU submission. The point is that Snowden weighing in is like me making a claim about climate change...I've got an opinion, but I'm not an expert, and my belief shouldn't carry weight with anyone else.

Re:He Wouldn't Know

Nice justification of technical incompetence!

Captcha: firing

Re:He Wouldn't Know

[Agent0013]

In spite of his god-like status among some of you, Mr. Snowden wouldn't know what capabilities the FBI has or doesn't have. He didn't work there, and he wouldn't have had a need to know, so he would never have been briefed on such. But, let's not let that get in the way of the Snowden gospel.

Right! Because the FBI is unable to do what any lab that solders circuit boards and programs flash chips has the capability to do! If the FBI can't figure it out because they are too incompetent, then they can hire any one of these hundreds of companies that are fully capable to do it for them.

I wasn't arguing for/against their case, only that the article is basically just click-bait. For whatever it's worth, I side with Apple on this. Not because I don't feel for the victims, but because their loss shouldn't affect our freedom.

I was simply pointing out that copying a flash chip is not so difficult that one would have to know the inner workings of the FBI to figure out that they either have that capability or can contract it out if needed. Perhaps there are reasons that it isn't as simple as that, but from the articles I have read in the last day it seems pretty straight forward and something they can accomplish. It may be a slower road to keep replacing the chip with another programmed one, but we are talking capability not how quickly it can be done.

Re:He Wouldn't Know

[bfpierce]

It's in the summary...

Snowden is a bit more click bait than the ACLU, mostly because there's people who absolutely hate the guy. As judged by your OP...

Re:He Wouldn't Know

[dcw3]

I neither love nor hate him, but I'm glad we've been having the national open discussion on the topics he exposed. I think it's been overdue dating back to the Patriot Act. I only question his methods/motives, but for me it would be up to a judge/jury to decide if he could have raised his concerns through existing channels or if he had no other recourse.

Without proof, I call bullshit

[GuB-42]

If Snowden knows that the FBI claim is bullshit, why doesn't he explains how it is supposed to work or at least give us an idea. It is not like he really cares about disclosing classified information...
Well, the FBI or NSA can probably infiltrate Apple and attempt to steal the key or infect the firmware from the inside but I won't complain if they decide not to do it like this.

/. said this the day it happened

[Hussman32]

I would note there were /. commenters that provided this exact mechanism for the FBI to get the phone data on the day this story broke. Well done, folks, this site is still relevant.

Are you smarter than average?

If the NSA can do it, it would probably not be allowed as evidence in court. If the FBI did it, maybe it would.

Which of the dead shooters are we taking to court?

You seriously want to pretend it is about the dead shooters, and not the NSA furthering it by cracking average Joe citizen's encrypted iphone? What part of this controversy do you not follow?

Contact me. I'll give you some tutoring for a nominal fee. Hell, I'll even give you the first lesson free.

What if?

What if this guy did not turn on the wipe after 10 attempts feature? Was he really that thoughtful? How many average people out there turn on that feature much less protect their phone with a passcode more than 4 digits. How many average people even know it's an option?

I bet it's turned off and the code is 1234. The same code on my luggage.

PR

[DarthVain]

As I understand, it is basically a PR war between the FBI and Apple which the FBI instigated to establish legal precedent and authority.
1) The phone in question is an older model. Apple certainly can crack it, FBI probably can also with a bit of effort.
2) Apple doesn't want the impression that their phones are not secure.
3) Apple's new phones *are* secure, Apple may not be able to crack it, FBI likely cannot.
4) By making this a legal issue, the FBI are basically using the highly publicized terrorist incident to try and force a legal decision...
5) The idea being that this is about the future. I think they can get into the phone, they are just using it as leverage to try and force Apple to legally give them access to their new phones into the future, which they currently do not have.

This has less to do with technology and more about using legal and public opinion about a similar issue to force a non-technological future solution to encryption.
Basically the XKCD comic about using a wrench, but where that is a euphemism for legal action prompted by public opinion on a recent event.

Re:PR

I don't think you can fault the FBI for wanting to set some sort of precedent because their job is law enforcement. They have already admitted there are other similar cases where they want to be able to collect as much evidence as they can to support their criminal investigations. A precedent would help them do their job. But if the FBI wanted to use a precedent in future cases the case being adjudicated needs to be almost identical to the case that spawned the precedent. Otherwise even a public defender could get the precedent set aside if the government seeks to use it in court. But they have followed protocol in going through the court system and have to abide by the courts ruling. So far they have lost every court case.

They have the data

Of course the FBI has the data already... all they have to do is ask the NSA to boot up their quantum computers. This isn't about getting the data... it is about making the data legally discoverable in court.

Condemning the NSA

You cannot condemn the NSA without factoring in the fact that there are some very powerful and well funded state security agencies in the world whose entire purpose is to conduct espionage operations against the US.

Are we talking about the same foreign agencies that have reciprocal agreements with the NSA to share information collected on US citizens while the NSA shares information collected about theirs? That is an international conspiracy, and all parties participating in it are traitors.

latest tech

I thought that FBI was equiped with all the latest technology