Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Telling Congress How It Hacked iPhone (theverge.com)

Posted by BeauHD on from the next-in-line dept.

An anonymous reader quotes a report from The Verge: According to a new report in National Journal, the FBI has already briefed Senator Diane Feinstein (D-CA) on the methods used to break into the iPhone at the center of Apple's recent legal fight. Senator Richard Burr (R-NC) is also scheduled to be briefed on the topic in the days to come. [Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.] The disclosures come amid widespread calls for the attack to be made public, particularly from privacy and technology groups. However the FBI's new method works, the ability to unlock an iPhone without knowing its passcode represents a significant break in Apple's security measures, one Apple would surely like to protect against if it hasn't already. Just days after the FBI broke into the terrorist's iPhone, the FBI told law enforcement agencies it would assist them with unlocking phones and other electronic devices. We still do not know how the iPhone was hacked, nor do we know how many iPhones may be able to be unlocked from the hack. The FBI did tell USA Today the hack has not been used in any other case beyond San Bernardino.

37 of 346 comments (clear)

  1. Diane Feinstein by Anonymous Coward · · Score: 5, Insightful

    The queen of "laws for thee, but not for me."

    Guns? Why, those should be illegal! But I'm going to need some armed guards for myself, of course.

    Encryption? Consumers can't be allowed to have that! Now how do I configure my secure Senate email account?

    What a hypocritical cunt.

    1. Re:Diane Feinstein by ArylAkamov · · Score: 4, Insightful

      She is the QUEEN of hypocritical, scaremongering cunts. Naturally it would be her trying to limit this NEW TERRORIST CRIMINAL ENABLING technology.

    2. Re:Diane Feinstein by MobileTatsu-NJG · · Score: 3, Interesting

      A politician who is against the ownership of guns that relies on armed protection (assuming that is even a choice they can make...) is not a hypocrite. The fact that they need those guards supports their message.

      --

      "I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)

    3. Re:Diane Feinstein by LynnwoodRooster · · Score: 4, Insightful

      I want to just give you a personal anecdote about terrorism, because less than 20 years ago, I was the target of a terrorist group. It was the New World Liberation Front. They blew up power stations and put a bomb at my home when my husband was dying of cancer. And the bomb was set to detonate at two o'clock in the morning, but it was a construction explosive that doesn't detonate when it drops below freezing. It doesn't usually freeze in San Francisco, but on this night, it dropped below freezing, and the bomb didn't detonate. I was very lucky. But, I thought of what might have happened. Later the same group shot out all the windows of my home. And, I know the sense of helplessness that people feel. I know the urge to arm yourself, because that's what I did. I was trained in firearms. I'd walk to the hospital when my husband was sick. I carried a concealed weapon. I made the determination that if somebody was going to try to take me out, I was going to take them with me.

      - Diane Feinstein, Concealed Weapons Permit holder. Concealed permits and firearm ownership was all fine and welcome and useful for Diane when she felt threatened, but we can't have the general public enjoying such luxury to protection...

      --
      Browsing at +1 - no ACs, I ignore their posts. So refreshing!
    4. Re:Diane Feinstein by AmiMoJo · · Score: 3, Insightful

      I don't know much about this women so won't defend her, but as a gender point can't politicians change their minds? Maybe she decided that carrying a gun was mostly ineffective or even made things worse overall. Not saying she did, but I know there is stuff I did 20 years ago that I wouldn't do today.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    5. Re:Diane Feinstein by macs4all · · Score: 3, Informative

      Curtailing legal gun ownership is not going to make guns disappear from the hands of criminals overnight, but you have to start somewhere

      No, you don't.

    6. Re:Diane Feinstein by anegg · · Score: 3, Interesting

      To me the point is the fact that she availed herself of the opportunity (to arm herself for self defense) at some point in the past when she felt she needed to, but she would now deny to others the ability to make that same choice to protect themselves. She *may* believe that it is overall for the better, but her current context under which she is reaching that conclusion is nothing like her context previously, and that (to me) makes her conclusion suspect. Strip her of her wealth and power, and all protections not available to the average citizen, place her in a more dangerous home environment, then see how whether she quickly changes her mind again.

  2. we do not even know IF the phone was hacked by TheGratefulNet · · Score: 5, Insightful

    so we can't even talk about anything further.

    who is going to tell us the honest truth? all we get is the dishonest truth from every 'official' that speaks up about this.

    disinformation and even more disinformation. you'd be nuts to take anything on face value, given what's at stake.

    --

    --
    "It is now safe to switch off your computer."
    1. Re:we do not even know IF the phone was hacked by rch7 · · Score: 4, Insightful

      The honest truth is that nothing on Internet or phone or computer is private. You must be nuts to believe in some overhyped security illusion on inherently insecure interconnected devices.

      Ironically, what Apple has achieved is that it will not be able to fix its security issues. The exploits are going to be sold to law enforcement agencies, or just anybody ready to pay around the world, for big money and kept secret. Maybe the times when such bugs were send to vendor for free for fixing are long gone anyway, but such cases make it even worse.

    2. Re:we do not even know IF the phone was hacked by exomondo · · Score: 3, Informative

      so we can't even talk about anything further.

      It's pretty silly to assume that in this day and age with complex systems and the device physically in the hands of those wanting to break into it that it still remains unbreakable. Yes it may have needed a bespoke solution for that particular software version but it's pretty naive and stupid to try and sweep this discussion under the rug because you believe Apple's product is completely secure.

    3. Re:we do not even know IF the phone was hacked by somenickname · · Score: 4, Insightful

      We also don't know if the device *needed* to be hacked by a third party. To me it looked like the FBI wanted a precedent, realized it might not get the one it wanted and then decided to back down with a, "Oh, wait, we found another way" story.

      You know it's scary times when the guy wearing the tinfoil hat is starting to seem like the most sane person in the room.

    4. Re:we do not even know IF the phone was hacked by macs4all · · Score: 3, Informative

      Ironically, what Apple has achieved is that it will not be able to fix its security issues.

      Wanna bet? Watch them.

      Remember, the San 'Berdino iPhone was an iPhone 5C, which did NOT have the Secure Enclave chip.

      The FBI is too stupid to know the difference; but there IS a difference. A BIG difference!

      And I ASSURE you that Apple is burning the midnight oil searching for, and closing, any security holes in iOS after this FBI debacle; and is likely pushing more security into hardware; where it is MUCH harder to circumvent by anyone, even Apple.

      They are QUITE serious about this.

  3. More alarming than the "hack"... by TigerPlish · · Score: 5, Insightful

    More alarming than the hack is the following bit in TFS:

    [Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.]

    The "hack", as I understand, was on an 5C, which is weak by comparison to the 5S and beyond. Non-event.

    But the bit I quoted? Really? Limit what encryption consumers can have? I find that more alarming than "old-ass insecure phone got cracked."

    I hope this dies a flaming painful death before it goes anywhere.

    --
    The "Civilized World" jumped the shark ca. 1973.
    1. Re:More alarming than the "hack"... by Dunbal · · Score: 4, Informative

      Let the US shoot itself in the foot. The rest of the world will encrypt.

      --
      Seven puppies were harmed during the making of this post.
    2. Re:More alarming than the "hack"... by JoeMerchant · · Score: 3, Interesting

      I studied cryptography in college in the 1980s - and all the same old methods still work, maybe the keys need to be a little longer today, but symmetric, asymmetric, time locks, etc, all still apply.

      So, are we going to stop teaching encryption methods in school? How about burning the textbooks, making it illegal to post on the internet, flagging people who talk about it or search for it? Every semester institutions of higher learning are training our youth in the dangerous art of secure communication, when will it stop?

    3. Re:More alarming than the "hack"... by Anonymous Coward · · Score: 5, Insightful

      Yeah, Apple, Google, Microsoft, Blackberry, etc should all come out publicly and say
      "We will produce secure encryption for the rest of the world, however the US government has mandated that US citizens are only entitled to 2nd best, now here is a list of YOUR representatives who voted for the bill"

      If the representative were Named, Shamed and Blamed they might just loose their cushy jobs.

    4. Re:More alarming than the "hack"... by JustAnotherOldGuy · · Score: 3, Insightful

      Banning encryption would be unconstitutional.

      Lol, and what's your point? It's not going to stop scumbags like Feinstein and Burr. The Constitution is optional for people like them.

      --
      Just cruising through this digital world at 33 1/3 rpm...
    5. Re:More alarming than the "hack"... by swb · · Score: 4, Insightful

      Be careful, or they will outlaw mathematics.

    6. Re:More alarming than the "hack"... by sjames · · Score: 5, Insightful

      We are not the worst! Yeah USA!

      I that really your yardstick for excellence?

    7. Re:More alarming than the "hack"... by blindseer · · Score: 3, Interesting

      If encryption is a "munition" then this is not just a First Amendment issue, the Second Amendment also applies.

      Along that same train of thought, anyone besides me remember those Apple commercials touting that the then new PowerMac was considered a weapon? That same law that considers encryption a weapon also controls what kind of computers we can export. That's because computers are weapons too, I guess.

      They want to ban "undetectable" plastic guns, and the 3D printers that can create them. Then they tell us we can't even share the design files for the 3D printed guns. Can't have encryption that they cannot break, which I assume is so we can't share these gun designs without them knowing. Or even order a pizza without them knowing.

      What are these people so afraid of?

      Perhaps they fear us "peasants" might revolt.

      --
      I am armed because I am free. I am free because I am armed.
    8. Re:More alarming than the "hack"... by jonwil · · Score: 3, Interesting

      The US government should realize by now that Islamic State and other terrorist groups (and increasingly even small cells or lone-wolf attackers like the ones in San Bernadino) already have (and are using) encryption software that even the NSA cant currently break and that further restrictions on cryptography wont make it any easier to catch the bad guys despite the rhetoric of the FBI, NSA and others.

      That said, the whole "terrorists around every corner" angle is just a cover story to disguise the fact that the "5 eyes" governments have created a worldwide surveillance network far moire powerful than anything that has come before it and is willing to do anything they can to prevent that surveillance network going dark and cutting off their access to the world's data.

    9. Re:More alarming than the "hack"... by sjames · · Score: 5, Informative

      Are you sure?

    10. Re:More alarming than the "hack"... by cdrudge · · Score: 3, Interesting

      I remember a time when the US had all the good encryption and wasn't allowed to export it. Now the rest of the world will have good encryption and the US won't be allowed to import it.

    11. Re:More alarming than the "hack"... by jonwil · · Score: 3, Insightful

      Yeah the problem is that governments and law enforcement.intelligence agencies want the ability to build an even bigger haystack to search through when what they SHOULD be doing is hiring more guys with the skills to find the needles in the haystack they already have.

      More money spent on HUMINT and less spent collecting every piece of data in the known universe might actually lead to the next guys who want to blow up a sports stadium or an airport or a train station or a skyscraper being caught BEFORE they do whatever evil things they plan to do.

  4. Diane Feinstein - Queen of a fascist state by Taco+Cowboy · · Score: 5, Insightful

    Diane Fienstein was born in the wrong country

    She fits much more snugly in a fascist state

    --
    Muchas Gracias, Señor Edward Snowden !
    1. Re:Diane Feinstein - Queen of a fascist state by Anonymous Coward · · Score: 5, Insightful

      Then she is in the right country.

    2. Re:Diane Feinstein - Queen of a fascist state by RobotRunAmok · · Score: 3, Funny

      Once upon a time maybe, back when you first joined. Now, I would guess that 3/4 of the users are spread evenly across the high schools in every state...

  5. do we know the phone was hacked by turkeydance · · Score: 3, Interesting

    or are we just believing the FBI said it was?

  6. am I misrememberinfg by Swampash · · Score: 4, Interesting

    or wasn't there some law about circumventing security measures on a computer device?

  7. Re:FBI hack should not be made public by xaosflux · · Score: 4, Insightful

    Because Apple helps to fund the FBI, the FBI doesn't help to fund Apple.

  8. More importantly ... by mattyj · · Score: 5, Interesting

    What info did the FBI get off the phone? I think it's generally considered that time was a crucial element in getting any meaningful info from the phone, and perhaps days or hours after the event, anything in there would be useless.

    I'm not sure anyone has yet to convince me that more encryption = more terrorism.

  9. Feinstein and Burr are scum by JustAnotherOldGuy · · Score: 3, Insightful

    "Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come."

    Not only is this extremely stupid and utterly unworkable, but fuck these two maggots who think that it's their right to weaken our privacy.

    --
    Just cruising through this digital world at 33 1/3 rpm...
  10. When math is outlawed... by ZipK · · Score: 4, Funny

    Feinstein and Burr are both working on a new bill to limit the use of encryption in consumer technology, expected to be made public in the weeks to come.

    When math is outlawed, only mathematicians and those who can read their papers will have math.

  11. bash, Outlook, Photoshop, grep, awk, make by raymorris · · Score: 4, Interesting

    I could have said that more concisely as:
    --
    My last two employers needed me to use Outlook and Photoshop.
    My personal workflow uses bash, perl, grep, awk, and make.

    All of those required tools work great on my Mac, even after I've dropped it on the concrete.
    ---
    Mac is full-fledged certified UNIX, and it's corporate helpdesk approved. Where else are you going find that combination ?

    My MacBook Pro does run Linux, Windows, and FreeBSD virtual machines all the time too, though. I click whichever OS is suited to the moment. Last week, in 18 hours, we found thousands of vulnerabilities in 14 machines running those operating systems plus Cisco, so I know none are bulletproof, but I also know some are much more secure than others. (Out full vulnerability report for 14 targets was over 1600 pages long - for the exposures we found in 18 hours).

  12. Re:FBI hack should not be made public by FlyHelicopters · · Score: 3, Insightful

    Do privacy concerns come before finding the bomb before it detonates?

    Yes, they do...

    If you don't have principles to stand on, then you stand for nothing and will fall, sooner or later.

  13. Re:FBI hack should not be made public by Plus1Entropy · · Score: 5, Insightful

    As with most theoretical ethics problems, it only seems as if there is a conflict because the proposed scenario is too vague. This is why I find philosophy irritating sometimes, once you define enough details (as you would have in a real world scenario) you'll often find that the "right" thing to do is less ambiguous than it seems.

    How do we know there is a nuke that is about to go off at all, if we don't know where it is? How did we locate the person who delivered the bomb in the first place? We were tracking them closely enough to know that they planted the bomb, but not closely enough to know where? How do we know that the location and the disarming codes are on the iPhone at all? What kind of guarantees do we have that if we do get into the iPhone we can stop the bomb going off in time anyway?

    If we have a 100%, no bones about it, guarantee that gaining access to this one particular iPhone will prevent a nuke going off somewhere, then by all means, break into this particular iPhone. But you'll never have that kind of guarantee, so people will always argue that we need to be able to get into all the iPhones just in case.

    This is always the problem with this kind of reasoning, it leads inexorably to mass surveillance: "We have to watch everybody because somebody, somewhere, at some time will do something dangerous, and this is the only way to stop them." How about: most people are good, so let them be free.

    I'd rather die in a nuclear blast in a free country, than live a long life in a police state. The real fight is not to prevent deaths due to terrorism, the real fight is to prevent terrorists from changing who we are. They can only win that fight if we let them.

    --
    Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
  14. Re:FBI hack should not be made public by chihowa · · Score: 3, Insightful

    Most people are "cut you off in traffic" assholes, not "plant a nuclear bomb in downtown Manhattan" assholes. Most people are good in that they're not violent criminals, even if they are uncourteous (and Americans are not even close to being the most uncourteous people in the world).

    --
    If you want a vision of the future, imagine a youtube comments section scrolling - forever.