Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Director Suggests iPhone Hacking Method May Remain Secret (reuters.com)

Posted by BeauHD on from the pick-and-choose dept.

An anonymous reader quotes a report from Reuters: FBI Director James Comey said on Tuesday that his agency was still assessing whether a vulnerability used to unlock an iPhone linked to one of the San Bernardino killers would go through a government review to determine if it should be disclosed to Apple or the public. "We are in the midst of trying to sort that out," Comey said. "The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don't have sufficient knowledge of the vulnerability to implicate the process?" The White House has a procedure for reviewing technology security flaws and deciding which ones should be made public. Although officials say the process leans toward disclosure, it is not set up to handle or reveal flaws that are discovered and owned by private companies, sources have told Reuters, raising questions about the effectiveness of the so-called Vulnerabilities Equities Process.

110 comments

  1. This has reached the point of ridiculousness by bangular · · Score: 4, Insightful

    Does anyone actually believe anything they say on the matter anymore? I'm still not convinced they even have the contents of the phone at the point.

    1. Re:This has reached the point of ridiculousness by npslider · · Score: 2

      It's been said that this was never really about the data on the phone, but an opportunity to establish a "legal" government backdoor into millions of devices. The NSA can probably crack it, but will hardly say so. This is all smoke and mirrors.

    2. Re:This has reached the point of ridiculousness by tom229 · · Score: 1

      Why? It's not hard. What I can't believe is that anyone thinks Apple can successfully secure a device with a 4 digit pin. You can only obfuscate your encryption methods so much before you sacrifice too much performance, and even then all your work can be undone with a leak or even just a dedicated team of reverse engineers. There's a few things that are astonishing in this case:

      1) The sheer amount of misinformation swirling around the media
      2) The amount of people weighing in with opinions with no verification of the facts
      3) That the FBI paid 1 million dollars for a "hack"

      What's not hard to believe, at all, is that the FBI was able to find a way to decrypt data secured with a 4 digit pin or weak password.

      --
      If it ain't broke, don't fix it.
    3. Re:This has reached the point of ridiculousness by Imrik · · Score: 1

      Unfortunately, I don't find any of those astonishing.

    4. Re:This has reached the point of ridiculousness by fustakrakich · · Score: 1

      "There is no phone" The entire story is a fairy tale.

      --
      “He’s not deformed, he’s just drunk!”
    5. Re: This has reached the point of ridiculousness by Rosyna · · Score: 1

      Know how I can tell you've never read the iOS Security Paper and have no actual knowledge of how iOS encryption works?

      Because you think a 4 digit numeric passcode is the only thing that makes up the securely generated AES 256 encryption key. It's not. At all.

      Here's the iOS Security Paper. The relevant section begins on page 10. Read it. Understand it. Then review your original comment and learn how many fundamental mistakes you made.

    6. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 1

      I myself have actually read quite a lot about iOS security and still agree with tom229, he's fundamentally right that a 4-digit PIN or short password was not sufficient to protect the model(s) affected. The underlying encryption algorithm is irrelevant in this discussion. The paper you linked is also not relevant to this particular case as it's about iOS9 and later. You assume what he means or meant is the current models which is obviously not the case.

      The most significant weakness in a 4-digit PIN is that (in this case) merely by guessing you have a 0.1% chance to get it right. If you combine some statistical analysis to your tries, the chances to get it right by guessing go up significantly since a PIN can't be usually said to have perfect entropy if the users are able to choose them.

      The lesson learned here? Don't be cocky even if you are absolutely certain you're right. Makes one look rather silly and lowers the quality of the discussion.

    7. Re:This has reached the point of ridiculousness by drinkypoo · · Score: 1

      Does anyone actually believe anything they say on the matter anymore? I'm still not convinced they even have the contents of the phone at the point.

      At this point, I'm not even sure there is a phone. I think they're just using stock photos. The Fucking Big Idiots are often said to have a hard time finding their own asshole with both hands and a map, I doubt they even know what an iPhone is.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    8. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      You, would never know. Me, I cannot believe the paid for a hack. They should have hired the guy. That would make it part of the investigative process and created a white hat image. Legal. Now any drug dealer, can argue against the obvious. Setup, something added to the phone. And not by Apple. Tainted evidence. No conviction.

    9. Re:This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Do you people really like repeating yourself every time the topic is brought up? Sure. You are a cool anti establishment person. Get back to work.

    10. Re: This has reached the point of ridiculousness by tom229 · · Score: 1

      As someone already pointed out, I'm well aware of Apple's encryption methods. The fact remains, the weak pincode is their Achilles heel. The leading theory how the encryption was brute forced is a simple nand chip swap since the failed attempt increment is stored on the flash storage. A dedicated engineer with a fancy setup could swap nand chips and brute force at a rate that should discover a 4 digit pin in a few days. 6 digit in maybe a couple months. 8 digit alpha numeric, not in his life time.

      Apple's new hardware encryption method is separated from the running processor in a system called "Secure Enclave". Secure Enclave suffers the same problems with weak pins. The biggest threat with secure enclave would be a custom firmware or manipulation of the RAM to remove the failed attempt security checks. This is precisely why Apple is so worried about a precedent that allows law enforcement to demand custom firmware, even in a secure Cupertino lab. It completely reverts their new security methods. Custom firmware could drop the failed attempt interval to whatever the SE hardware limit is, which I believe is somewhere around 80ms. This would mean a 4 digit pin is discoverable in about 30 minutes, 6 digit a day or two, 8 digit alpha numeric probably close to a decade.

      Another theory is the ability to use electron microscopes to read the 256-aes key directly from the chip. Again, the weak password becomes your problem when this key is known.

      --
      If it ain't broke, don't fix it.
    11. Re:This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      I'm a network engineer and I have been in the I.T. industry for 30 years. I specialize in computer forensics

      Nobody should believe them. I was one of the people that called the FBI a bunch of liars from day one of the Apple / FBI nonsense. The entire solution was to use standard forensic procedures. Literally, you can learn them all on the web within a day or two.

      The FBI (just like the rest of government) are using a bluff, to make you think they are more capable than they really are, but it's all bullshit.

      Want proof? Don't pay your taxes on time. Date the forms as if you did, but then send them out a week later and see if they claim you paid late. Do you really believe they have computer checking the smeered date stamp on the outside of all those different envelopes, can do so with accuracy, just on the off chance that somebody MIGHT be late and they can charge a little extra money that would never cover the cost of the hardware and software to identify it? Think about it. The IRS is all about FEAR.

      The FBI is no different. In fact, of all the government law enforcement agencies I have worked with, 100% of them barely even know how to turn on a computer. Their invvestigators are not usually very computer savvy, so they call people like me to gather their evidence, and provide it to them.

      But if I were ever the accused, I would ignore their bluff games, and focus my defense on the procedures they use in gathering the evidence, and documenting it. In most cases you chew them up in a court of law.

      Most defendents lose their cases because they either admit to the crime (STUPID), or the investigators got really lucky with the evidence.

      Remember, if they really have solid evidence against you, they don't need to ask you any questions or offer a plea deal. My suggestion is NEVER give up, NEVER deal.

    12. Re:This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      I'm still not convinced they even have the contents of the phone at the point.

      This is pretty much the reason why they should be required to divulge their method of unlocking the phone.

      "Oh, you want to use this evidence in a court of law? How'd you get it?"
      "We hacked this phone."
      "And how'd you do that?"
      "We cannot tell you."
      "Then fuck you, your evidence is thrown out."

    13. Re:This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Want proof? Don't pay your taxes on time. Date the forms as if you did, but then send them out a week later and see if they claim you paid late. Do you really believe they have computer checking the smeered date stamp on the outside of all those different envelopes, can do so with accuracy, just on the off chance that somebody MIGHT be late and they can charge a little extra money that would never cover the cost of the hardware and software to identify it? Think about it.

      I did think about it, and I think you're wrong. Why would they need a computer? The USPS delivers mail every day of the week (except for Sunday). For the physical bags of mail received prior to and on April 15, dump them in one bin. For the physical bags of mail received on April 16 and beyond, dump them in a different bin. Boom, no need for some fancy-shmancy date scanning device.

      What's that? You want proof? Why? You provided no proof for your claim. All you provided was a thought experiment, and I countered with a much more believable thought experiment.

    14. Re: This has reached the point of ridiculousness by Smerta · · Score: 1

      The most significant weakness in a 4-digit PIN is that (in this case) merely by guessing you have a 0.1% chance to get it right.

      Wait, what? 4-digit PIN = 0-9,999 = 1 in 10K chance = 0.01% chance, correct? I mean, that's an order of magnitude...

    15. Re: This has reached the point of ridiculousness by Rosyna · · Score: 1

      Sigh. Could you at least have tried to read the iOS Security Paper before posting?

      If you had, you would have realized the decryption key is derived from the passcode, the unique UID burned into the SoC, and the GID unique to each model family.

      In order to brute force the securely generated AES 256 decryption key via the passcode, you need the other pieces of information. Had you read the paper, you would have learned how difficult that task is.

    16. Re: This has reached the point of ridiculousness by Rosyna · · Score: 1

      Sigh. The encryption methods haven't changed in years. iOS devices have had these features for multiple generations. You can read the iOS Security Paper from February 2014 to confirm this. It starts on page 8.

    17. Re: This has reached the point of ridiculousness by pla · · Score: 1

      Depending on how you look at the problem, humans don't do well at picking truly random pins.

      In just 10 guesses, you have a 22% "real world" chance of getting it correct. That goes up even further if you know even a hint of biographical data about your target (ie, their birthday).

    18. Re:This has reached the point of ridiculousness by Maritz · · Score: 1

      I would begin with the assumption that anything the likes of the FBI say publically is deception of one kind or another. If they are mulling 'disclosing' the vulnerability, then the vulnerability they disclose (if any) will not be the one that they used. I've not seen enough the other way to adjust that assumption.

      --
      I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
    19. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Eh?

    20. Re: This has reached the point of ridiculousness by tom229 · · Score: 1

      I didn't explicitly mention the unique UID because it's not particularly relevant. You don't need to know the UID. In fact, the firmware running on the device never knows the UID. If it did, you could just write custom firmware to extract it.

      All the UID does is force you to run your brute force on that particular hardware (because you can never know it). Therefore if you use custom firmware to remove the artificial software security checks, you are only limited by the hardware encryption circuitry. I said this is somewhere around 80ms which means a 4 digit pin (10,000 combinations) takes 800 seconds or about 13 minutes to brute force on the actual iPhone hardware.

      Now let's consider an alpha numeric password. We wont even worry about uppercase, lets just assume lowercase/numeric. 36^8 = 2.8211099x10^12 or 2,821,109,900,000 combinations. At 80ms per iteration you're looking at 3,761,479,876 seconds or roughly 7000 years (I could be wrong, I did these calculations quickly.. the point is.. its a long fucking time).

      The only thing you need to know is approximately what the decrypted data should look like, which I'd imagine looks just like an Apple filesystem. I did read the papers. The only difference here is I actually understood them.

      --
      If it ain't broke, don't fix it.
    21. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      You keep mentioning pins as if iPhones don't let you have alpha numeric passcodes as well. You also keep forgetting to mention that with the correct settings, an iPhone will erase itself after a certain amount of attempts. So go ahead and keep trying to guess that passcode with a .01% chance to guess correctly. I'm sure you will get it in 10 attempts.

    22. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      10 guesses make it 0.1%. iPhones have, or at least 5x series has, 10 guesses until you're locked out.

    23. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Are you fucking serious? Pretty much every core feature has gone through changes. For starters the default PIN length is now 6 digits.

      Don't embarrass yourself any more.

    24. Re:This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Well, that's going to come up if they try to use it again, but the case at hand doesn't really matter as there isn't anywhere for the investigation to actually go from here, and cracking the phone was completely pointless.

    25. Re: This has reached the point of ridiculousness by Rosyna · · Score: 1

      The core functionality of the encryption methods haven't changed much, as you can clearly see if you compare the iOS 7, Feb 2014 security paper to the 2015 iOS 9 security paper.

      There are many excellent guides on how iOS encryption works. There's no need for you to remain this ignorant about how iOS encryption works.

    26. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      So you don't call a 50% increase in PIN lenght, from 4 to 6, and Security Enclave a "core feature"? You really are more dense than one would assume at first glance.

    27. Re: This has reached the point of ridiculousness by Plumpaquatsch · · Score: 1

      The paper you linked is also not relevant to this particular case as it's about iOS9 and later.

      Here's the predecessor from Feb 2014: https://www.apple.com/euro/iphone/business/b/generic/docs/iOS_Security_Feb14.pdf - IOW up to iOS 7. Not much difference, because the encryption is done in hardware.

      Ohh, and Apple has been telling people to use more than 4-digit passcodes for years. The fact that the shooter only used 4 digit just proves he had nothing to hide on that stupid phone.

      --
      Of course news about a fake are Fake News.
    28. Re: This has reached the point of ridiculousness by Plumpaquatsch · · Score: 1

      So you don't call a 50% increase in PIN lenght, from 4 to 6, and Security Enclave a "core feature"? You really are more dense than one would assume at first glance.

      You could use a longer passcode or even a password since iOS 5 (and supposedly before if you used an company Exchange account). That doesn't depend on iOS 9.

      --
      Of course news about a fake are Fake News.
    29. Re: This has reached the point of ridiculousness by Anonymous Coward · · Score: 0

      Oh, sure. I'll just type in my 24 character complex password every time I open the screen and hope that the non-existant Seucre Enclave exists in that particular model.

  2. Who cares? by wardrich86 · · Score: 0

    Why do people even give a shit anymore? It was an old phone running old firmware.

    1. Re:Who cares? by npslider · · Score: 1

      Besides I'm sure China, Russia, North Korea and Co. already know how it was done. Just ask them!

    2. Re:Who cares? by vux984 · · Score: 5, Insightful

      Because its a policy / precedent.

      How they behave with this security vulnerability today is how they will behave with the next one tomorrow.

      It's literally a ... "first they came for the X, but I was not a X, so I did nothing" situation.

      And theirs is the wrong action, law enforcement should disclose vulnerabilities to the manufacturer and owners so that they can be corrected in future, not so that they can exploit them themselves.

      Its fundamentally the exact opposite of what they should be doing, FBI & NSA both, and the government in general. Their function is to 'serve and protect' the public. I am in no way being served by there being known security vulnerabilities in the products I use. If the government knows them, then so do other actors. I don't trust those other actors, and based on government behavior I don't trust them either.

    3. Re:Who cares? by MightyMartian · · Score: 1

      As do several organized crime outfits in Eastern Europe.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    4. Re:Who cares? by tom229 · · Score: 0

      If you're really concerned about your safety all you need to know is that any data encrypted with a weak password or pincode... isn't very secure. I promise you, this "hack" wasnt extraordinary. It was likely just a leak of Apple's encryption algorithms, which is a problem for them, but not really for you. Unless of course you're an Apple customer that enjoys a false sense of security. But I hardly think it's the government's responsibility to maintain the delusions of citizens.

      --
      If it ain't broke, don't fix it.
    5. Re:Who cares? by Bartles · · Score: 0, Flamebait

      I bet you voted for Obama twice. I can tell, because he never enters the discussion. It's his fault.

    6. Re: Who cares? by vux984 · · Score: 1

      I don't see law enforcement going around warning people about bump keys.

      Everybody knows they exist, and lots of information exists and info is readily available about them. You can buy locks if you like that defend against them.

      If law enforcement found a bump key, and then kept it for themselves, and then used it on suspects, and refused to show it to anybody... well that hasn't actually happened...

      Anyone who think law enforcement = security guards is literally retarded.

      What precisely do you think they are? Crime prevention, and crime investigation are their two main functions.

    7. Re:Who cares? by mysidia · · Score: 1

      How they behave with this security vulnerability today is how they will behave with the next one tomorrow.

      Requirement should be to prosecute someone in court, they have to disseminate all technical details to the public of how they gained access to the phone --- no black boxing, closed, secret, or proprietary technologies or programs allowed.

      No full disclosure of the design specs and source code of any exploit software or exploit devices, then no evidence from hacked phone can be used in court.

    8. Re:Who cares? by Imrik · · Score: 1

      So, since there wasn't any useful data on the phone and they aren't actually prosecuting anyone, they should be allowed to keep it a secret?

    9. Re:Who cares? by LostMyBeaver · · Score: 1

      I'll bite... what's the association?

    10. Re:Who cares? by Anonymous Coward · · Score: 0

      Come to think of it, if it's not reproducible, how can they even claim it's anything but crap they made up? Right now it's "oh we totally found terrorist murder plans", but next time it can easily be "and that's how you ordered that hit on your wife whom we ran-over in our squad car"

    11. Re: Who cares? by Bartles · · Score: 1

      He's supposedly in charge. He could end all this with a phone call. He is the one that bears the blame.

    12. Re: Who cares? by Anonymous Coward · · Score: 0

      Anyone who think law enforcement = security guards is literally retarded.

      This is Slashdot. Unless you're setting a variable to that sentence, use == or === instead, depending on the way you want to emphasis the comparison.

    13. Re: Who cares? by rdwulfe · · Score: 1

      Only because they have more specialized picks and skills needed to deal with them. Circular locks aren't inherently harder to pick, merely less common that a locksmith or someone nefearious will have the tools to do so, or have practiced on them since they aren't commonly used.

      Security seems more to be about "Hey, it's easier to go over there and break into THAT, don't bother with THIS."

    14. Re: Who cares? by drinkypoo · · Score: 1

      If law enforcement found a bump key, and then kept it for themselves, and then used it on suspects, and refused to show it to anybody... well that hasn't actually happened...

      Close enough... you can open any typical lock with a pick gun, the cops have them, and it's illegal for you to have them but anyone can totally get one. What's the difference?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    15. Re: Who cares? by drinkypoo · · Score: 1

      Probably one of the best are those circular locks like on most vending machines.

      Oh yeah, that looks amazingly secure.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    16. Re: Who cares? by Anonymous Coward · · Score: 0

      Security seems more to be about "Hey, it's easier to go over there and break into THAT, don't bother with THIS."

      I've applied that to my parking for years. When possible, park between something old and something expensive. Kids looking for a joyride will take the easiest to break into, more "professional" thieves will take the more profitable for resale car.

      Physical security has always about being a less appealing target than the other guy. I see no reason that digital security is different in this regard.

    17. Re:Who cares? by Antique+Geekmeister · · Score: 1

      The best guess I've heard is that the FBI hired an Israeli security firm.The Israelis have strong reasons to want to hack personal phones, which are used both for terrorist communications and for control devices for emote detonators.

    18. Re: Who cares? by Anonymous Coward · · Score: 0

      Blocking detonators, why, when the military knows, detonators can be when connection is lost works, also. Plus, timers, plus all the other ways they have of activating devices. You pressure switches, movement, etc. You are one step ahead, until you follow.

    19. Re: Who cares? by Anonymous Coward · · Score: 0

      Talk about? So you cannot trust security, or the police, who do you trust then? The bad guys? You know the bad guys are going to be bad. Would you trust your life on bad guys behaving in a certain parameter? Follow this thought, follow the money. Who gets the most money bad guys or good guys? Or good guys being bad?

    20. Re: Who cares? by Anonymous Coward · · Score: 0

      Not sure where you are from, but lock picking tools are only illegal in a handful of states.

    21. Re:Who cares? by mysidia · · Score: 1

      I think most investigations stay secret. The police are not required to disclose the details of specific investigations, unless someone winds up in court charged with a crime.

      Why would you expect them to disclose the secret with no net benefit to the public in doing so, After the gov't Paid for this vulnerability, and the value derived from this payment will be completely destroyed if Apple learns the details of it?

    22. Re:Who cares? by DarkOx · · Score: 1

      Well that isn't a problem in this case, they won't be taking a deceased perpetrator to court anyway.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    23. Re: Who cares? by Rosyna · · Score: 1

      As reading the iOS Security Paper has proven too difficult for you, here's an excellent iOS Encryption Primer that discusses how iOS encryption actually works.

    24. Re:Who cares? by tlhIngan · · Score: 1

      unless someone winds up in court charged with a crime.

      Which is probably what's going to happen. I mean there's only so many times you can do it before some lawyer wises up and will try for "tampered evidence" defense.

      At which point the phone will come up and the FBI will have to describe how they cracked the phone. If it ends up with a third party they'd get at those details to make sure there was no chain of custody issues and that the methods used were kosher and won't tamper with evidence.

      At which point the method of cracking WILL be public.

      Otherwise it might be argued the evidence was tampered with, or chain of custody lost, and thus any subsequent warrants issued with that information were no longer valid and associated evidence.

      Heck, a judge found a defendant not guilty despite evidence to the contrary - it's just the evidence was obtained using a Stingray without a valid warrant (there was a warrant issued, but the judge felt it was issued improperly and thus invalid - making the evidence collected without a warrant) and the judge threw out that illegally obtained evidence. The judge certainly *felt* the defendant was guilty, but could not rule that way because there was insufficient leftover evidence.

      If any evidence was obtained from cracking a phone that lead to additional searches, tossing the phone's evidence will suddenly mean those warrants were invalid and that evidence gathered is not allowed as well.

    25. Re: Who cares? by vux984 · · Score: 1

      If you are willing to do that, you would probably just take a crowbar to the vending machine. That lock wasn't picked, it was destroyed. And it wasn't particularly discreet, quick, or quiet.

      Really the only use for it would be as in the video where you wanted to open the vending machine without the keys while doing minimal damage to it... which would only be a concern if you owned it.

    26. Re: Who cares? by tom229 · · Score: 1

      I've already wrecked you in another thread so there's little point going over it all again here. You simply don't understand what you're reading Rosyna. The hardware UID isn't as magical as you think it is. All it does is force you to run brute force attacks on the actual hardware, instead of outside it. The weak pin code becomes a major problem due to a 4 digit pin having a mere 10,000 combinations. This is precisely why the firmware on the chip tries to limit the attempts, and frequency of attempts, and precisely why the FBI wants custom firmware, or security exploits, to remove these limitations.

      --
      If it ain't broke, don't fix it.
    27. Re: Who cares? by Rosyna · · Score: 1

      You haven't "wrecked" anything. All you've done is proven your unwillingness to learn.

      At least you're finally acknowledging it's no where near as simple as brute forcing a 4 digit PIN, as your previous posts claimed repeatedly.

      Now you've realized/learned there are other major, significant hurdles to doing a brute force attack, such as finding security holes in other parts of iOS that first allow you to run arbitrary code on the iOS device when you have physical access or getting access to the UID by physically decapping the SoC.

      So I assume this means you've stopped claiming it's as simple as reading the NAND directly.

    28. Re: Who cares? by tom229 · · Score: 1

      Actually its probably as simple as, not reading the nand, but overwriting it, at least in the 5c implementation. The 5c does not have secure enclave which means the hardware encryption is done on the main soc, and the brute force security checks are likely part of iOS, instead of the secure enclave firmware. This means you could likely image the nand and solder in and out fresh copies to reset the failed attempts counter. This is a theory (not mine, but many others) and the logic is sound.

      if you would like to learn anything else by acting knowledgeable and getting schooled I'll be here for a couple more hours.

      --
      If it ain't broke, don't fix it.
    29. Re: Who cares? by Rosyna · · Score: 1

      iOS has an anti-replay counter to prevent reimaging like the type you suggest to assist with a brute force attack. Furthermore, the "secure enclave" is a marketing term Apple uses to group disparate security features under one umbrella. Most of the security features under the "secure enclave" umbrella still existed on previous iOS devices.

      Finally, the Apple A6 SoC does have its own rewritable NVRAM that can be used to store the number of incorrect attempts without needing to store it on the NAND.

  3. What they are doing... by npslider · · Score: 1

    Government: "This is not the iPhone hack you are looking for... move along."
    Citizen: "You are right, I am going to go home and rethink my life."

  4. 'e's a crim, 'guv by Anonymous Coward · · Score: 0

    He said "hacking", so he needs locking up now. It's the law!

  5. Too obvious by jxander · · Score: 3, Insightful

    Soo, they didn't actually crack the thing at all.

    Let's see: no actionable data from the phone (imagine the headline: "FBI's cracked iPhone thwarts terror plot"), they haven't shared this skeleton key with Law Enforcement, and now they might just never divulge the secret at all??

    "Ignore the man behind the curtain."

    --
    This signature is false.
    1. Re:Too obvious by npslider · · Score: 1

      Or, the Gov did crack it and discovered it contained noting of value, and realized they spent all that legal effort to gain "legal" access to a worthless device.

    2. Re: Too obvious by jxander · · Score: 1

      Then why wouldn't they crack some phones for the cops?

      At least one of those thousands and thousands of phones in LEO possession would have solid leads, and generate some good PR for the FBI at least.

      --
      This signature is false.
    3. Re: Too obvious by npslider · · Score: 1

      The third party that allegedly cracked the phone may have not shared the means with the FBI, only performed the service and handed the phone back. If I had that kind of knowledge, I'd be changing uncle Sam through the nose every time I was asked to break into another phone.

      Commit crime with iphone in hand > Allow phone to be found as evidence > Sell services to unlock said device > PROFIT! ... nah... couldn't be THAT easy.

    4. Re:Too obvious by Bartles · · Score: 2

      Or Apple actually gave them access months ago, and this is all just a big cover story to keep the cozy Apple/FBI relationship going.

    5. Re:Too obvious by Imrik · · Score: 1

      They already knew it contained nothing of value, they wanted to set precedent.

    6. Re: Too obvious by jxander · · Score: 1

      I'd go one step shadier ... just buy up a dozen or so unlocked iphones. Write a small script to generate random contact info, browsing history, etc, so the phones look "used."

      Offer to unlock any phone for the FBI, on the condition that I'm given the phone and not observed while I work. Swap it out for the randomly populated device, and return it (maybe spend a bit of time strategically scuffing or cracking screens to match the physical appearance of the original) That'll be $150,000 please.

      --
      This signature is false.
    7. Re:Too obvious by Anonymous Coward · · Score: 0

      Did you not read the headlines & complaints over the last few months from our own fellow commenters on HOW EVERYONE IS CONCERNED THE TOOL WOULD END UP IN THE WILD? So now the staff who are very close to the project decide to not upload the darn thing to a torrent, and yet you complain that it's unavailable? You silly J, you silly...

    8. Re: Too obvious by DarkOx · · Score: 1

      Chain of custody probably.

      IANAL but I don't thing. "Then we sent it to *some people* at the FBI where they did *some stuff* to it and sent it back." will fly in most criminal cases.

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    9. Re: Too obvious by Anonymous Coward · · Score: 0

      Once "the method" is used to get real evidence in a real case they will have to disclose it in court at which point apple can fix the defect.

  6. Gubmint: We's keepin' dis SEKRIT! by Chas · · Score: 1

    BWAHAHAHAHAHA!

    Yeah. Like that's ACTUALLY going to happen.
    They can't keep anything ELSE secret, but this'll remain an undisclosed security hole until the end of time...

    Hey! Do they have any bridges to sell us too?
    Bargain priced ocean-front property in Nevada?
    Are they all secretly Nigerian princes looking to enrich us if we can just help them a little?

    Call me when these assclowns descend back to reality.

    --


    Chas - The one, the only.
    THANK GOD!!!
    1. Re:Gubmint: We's keepin' dis SEKRIT! by Laser_iCE · · Score: 1

      They can't keep anything ELSE secret

      How do we know? I guess that's the thing about secrets, if you know about them then they're not secrets.

    2. Re:Gubmint: We's keepin' dis SEKRIT! by dbIII · · Score: 1

      Speaking of Nigeria, one interesting little thing leaked in the Manning cables was an oil company exec in Nigeria refusing to disclose commercial information to a US intelligence group because they were worried that it would leak.

  7. "Implicate"? by CCarrot · · Score: 3

    I've heard of extrapolating a process, or even inferring something unknown from known facts (sure, that could be a process). Heck, even "explicate" would work...but "implicate the process"?

    Implicate it in what? Manslaughter? Conspiracy to defraud?

    --
    "I love animals! Some are cute, others are tasty, what's not to like?" - Betsy Schroeder, Jeopardy contestant
  8. Tinfoil hat looking more fashionable by somenickname · · Score: 2

    They didn't use a third party to hack the phone. They had the ability the entire time and invented this narrative when they realized that they weren't going to get the court precedent that they wanted.

    1. Re:Tinfoil hat looking more fashionable by tom229 · · Score: 1
      What precedent? Company assistance in a search warrant? Besides the fact that Apple has done exactly this before, have you even read the court order? Here's the full text, and here's my favorite part:

      The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT

      The actual court order makes several attempts to insist the process only affects this one device, even explicitly suggesting Apple build a sanitized lab and give the FBI remote access, with monetary compensation.

      So undoubtedly it's you that has bought the narrative. It's you, and many others that have believed the hyperbole and misinformation without verifying the facts. Apple is playing a political game here. A game intended to sell more phones, as is their duty to their shareholders, and their only duty. The last entity I would ever assume is on my side is private enterprise.

      --
      If it ain't broke, don't fix it.
  9. The wording blows my mind. by PsychoSlashDot · · Score: 1

    "still assessing whether a vulnerability... would go through a government review to determine if it should be disclosed"

    They're debating over if they should debate over disclosing this. Yes, I get the reason why, but it still sounds moronic.

    --
    "Oh no... he found the .sig setting."
    1. Re: The wording blows my mind. by chill · · Score: 1

      No, it makes perfect sense. He admits the truth -- they are fucking clueless on the details of the hack. They don't even have enough information to fill out the form to start the disclosure review process.

      They paid for either a service or an obfuscated, single purpose binary. For all Coomey knows it was leprechaun magic.

      --
      Learning HOW to think is more important than learning WHAT to think.
    2. Re: The wording blows my mind. by Anonymous Coward · · Score: 0

      No, it makes perfect sense. He admits the truth -- they are fucking clueless on the details of the hack. They don't even have enough information to fill out the form to start the disclosure review process.

      They paid for either a service or an obfuscated, single purpose binary. For all Coomey knows it was leprechaun magic.

      I think that it's more likely that this whole thing is bullshit. The phone was never hacked in the first place. They just decided to declare victory because they are above the law.

    3. Re: The wording blows my mind. by Jeremi · · Score: 1

      They paid for either a service or an obfuscated, single purpose binary. For all Coomey knows it was leprechaun magic.

      I like to imagine that this third-party company received the iPhone from the FBI, wiped it clean, renamed it to "Sayed's iPhone", installed Angry Birds, then handed it back to the FBI, saying "here, it's unlocked now!" and collected their million-dollar fee.

      --


      I don't care if it's 90,000 hectares. That lake was not my doing.
    4. Re: The wording blows my mind. by Imrik · · Score: 1

      No, it doesn't say they don't know the details of the hack, it says they're deciding if they know the details. If they do, then they'll release it, if they don't, then they won't. Granted this argument is kind of silly, but that's what it says.

      IMO, if they were telling the truth about this, they would just give Apple what they know about the hack and let them deal with any missing information.

  10. Makes sense by Imp00 · · Score: 0

    The iPhone 5s is more modern with the first 64 bit system-on-a-chip design. The 5c is an older design so whatever forensic analysis they could do to exploit a vulnerability in the 5c hardware is almost surely gone from the 5s onward being an entirely new design. Hopefully Apple will continue to be more careful with the security in their hardware designs, but I still think they should allow law enforcement a means of decrypting the contents of a phone for special situations like people involved in notorious crimes. Those types deserve no privacy. There needs to be special laws that can balance people's privacy with the need for law enforcement to investigate known criminals, especially ones that everyone knows is a bad guy, like a terrorist. Anyone who disagrees is basically saying "terrorists deserve the same protections as everyone else" and they'd be out of their mind for thinking that.

    1. Re:Makes sense by Imp00 · · Score: 0

      Also I think they should keep this private because you don't want that information known potentially by criminals who might potentially use that to steal personal information from things like stolen phones.

  11. Circumventing Security Measures Illegal? DCMA. by Anonymous Coward · · Score: 0

    Isn't it illegal to circumvent security measures on copyright materials under the DCMA? (https://www.eff.org/issues/dmca).
    Isn't the iPhone iOS a copyright material? What about other content on the phones?

    If the FBI are seriously arguing that they don't know how the crack is done because it's part of a commercial toolkit, then assuming this is part of a private companies toolkit, wouldn't the FBI be concealing a crime if it did not disclose what tool or mechanism was used to crack iPhones?

    Surely any exemption to the DCMA provisions that applies to law enforcement can't apply to something that has uses other than law enforcement and isn't a process developed exclusively by or for law enforcement.

  12. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  13. Congratulations, you're now the enemy by BitZtream · · Score: 4, Insightful

    So you've effectively put yourself at war with the American people in that statement, do you realize that?

    You've weaponized an asset of an American company and are intentionally putting the American public at risk to further your own agenda.

    You should be hung from the highest bridge with care.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    1. Re:Congratulations, you're now the enemy by Gravis+Zero · · Score: 2

      You should be hung from the highest bridge with care.

      whoa buddy! don't you think that's a bit extreme? seriously, i don't want to have to figure out which bridge is the highest. how about we just stick with the highest bridge in a 50 mile radius? ;)

      --
      Anons need not reply. Questions end with a question mark.
    2. Re:Congratulations, you're now the enemy by Anonymous Coward · · Score: 0

      I was going to complain about your "with care" comment, but you're right that we should treat our roads and briges much better than we do right now.

    3. Re:Congratulations, you're now the enemy by fustakrakich · · Score: 1

      All this angst! I remind you that 95% of the congress that keeps this little game running is about to be reelected in just over six months. FBI is just following orders, ours...

      And yes, with today's infrastructure issues, you don't want any careless hangings

      --
      “He’s not deformed, he’s just drunk!”
    4. Re:Congratulations, you're now the enemy by Anonymous Coward · · Score: 0

      Listen, commenters & citizens left & right were all complaining this tool would leak into the wild. That everyone's selfies & contacts would be jeopardized forever. Now this agency decides to keep their methods in-house and not release it... knowing full well it would be abused were it ever distributed. And you accuse them of being unfriendly with the public? They did us a solid. PS: They're not coming for you. You're not that important, really.

    5. Re:Congratulations, you're now the enemy by Anonymous Coward · · Score: 0

      Yes. Welcome to the FIB!

  14. Owned?!?! by meerling · · Score: 1

    "...is not set up to handle or reveal flaws that are discovered and owned by private companies..."
    It's OWNED by Apple. It's their software, copyright and all. (Maybe even a few patents in there.)
    Any flaw that's in it was created by Apple, even if unintentionally, and is still part of their software which they 'own'.

    Just because some guy in a trenchcoat sold you a map to the back door of the theater along with a copy of the key to unlock it, doesn't mean he owns the friggin door!

  15. The government is compromising the evidence by Anonymous Coward · · Score: 0

    The government is compromising the evidence by utilizing tools it doesn't even understand. The government should not be interfering, modifying, or touching in any way a device. Once they've done that any evidence should be thrown out. It's contaminated. There is a good reason that government is suppose to pull the plug and maintains a chain of custody. It's because you have to be able to prove you didn't contaminate or otherwise plant evidence upon seizure. If your installing key loggers, exploiting vulnerabilities in a users software, etc your effecting the system and contaminating it. Computers are too complex and saying "we know it didn't have any consequence" is BS. An officer searching for "how to kill a mocking bird" can result in data being dumped to disk via swapping that turns into what looks like a search for "how to kill". Now you understand what happened and can see how easily an exploit can easily effect where something ends up in memory and can effect other processes. Sure- it might not have such an effect. But you can't reasonably testify to that. I think computer forensics is a joke and should not be acceptable in the court of law, but given that it is I want to see to it that the evidence is at least not compromised by government in the process of seizing it. Sadly the government clearly does more than seize evidence though.

    I have witnessed the FBI attempting to *plant* evidence in order to get a warrant to conduct a search. Possession of child porn is a crime and it doesn't matter that the FBI sent it to you. The government will fail to specify anything to the judge in regards to this fact. Now the FBI might screw it up and later find no evidence because they sent it to old email addresses the user they are targeting isn't utilizing, but they've still created the negative publicity they were after on the user targeted. Objective achieved. And this is why we shouldn't have these types of ridicules laws.

  16. What? by Anonymous Coward · · Score: 0

    "and owned by private companies"

    How the fuck are flaws in someone else's code owned by someone else?

  17. The depth here is a little too shallow by LostMyBeaver · · Score: 1

    The FBI is called any time a local law enforcement team is unable to handle their own processes. Consider it to be something like a two tier support system. Cops first, Feds next.

    When it comes to technology related issues, the FBI very likely is contacted for use of their forensics labs almost constantly. As telephones become more difficult for law enforcement to crack, the FBI will be contacted more often, establish a longer backlog and especially in the case of police departments with less funding, will have to perform work with little or no recompense.

    When a terrorist's telephone became available to push the issue with, the FBI saw this as an opportunity to simplify the process of unlocking telephones more rapidly since Apple would of course be reasonable and finally see that law enforcement needs more effective ways of accessing such data without the FBI always needing to be called. If nothing else, they should be able to disable the 10 failure bomb and manually type 10000 or 1000000 values in by hand.

    Apple didn't play with this game. If they were to publish a method to the FBI to make the phones vulnerable, all it would take is some cop showing off for his nephew to leak the information into the public and it would quickly become widespread.

    Whatever the underlying issues with the case is, law enforcement at times requires access to data on telephones. But this issue is much wider spread than just America. As such, Apple is trying to have some control over the unlocking of the phones, not because they want to screw the FBI (which these days they might want to) but because they don't want to be responsible for supporting less ethical governments.

    Both sides have valid points and valid concerns.

    If Apple manages to make an iPhone which can't be easily hack (hasn't happened yet) then the problem will be somewhat solved by removing the possibility of unlocking the phone to begin with.

  18. Just a thought by jxander · · Score: 1

    My thought: Security cam shoulder surfing. What if the "crack" actually involved checking security footage from any banks, stores, etc. visited by the terrorist before the incident. One of them might've had a clear enough angle to see him punch in the code.

    It's just dumb enough to actually work, but something the FBI might not want to admit out loud. Not only for fear of sounding stupid, but this would also back up Apple's stance that the phones themselves are secure... and the FBI doesn't want that. Nor does the FBI want people to realize just how much they're on camera.

    --
    This signature is false.
  19. James who? by ZorglubZ · · Score: 1

    I read that as "FBI Director James Cagney"...

  20. Give apple the iPhone by Anonymous Coward · · Score: 0

    Now that you've dumped the contents and accessed it, give apple the iPhone to analyze for intrusion method

    1. Re:Give apple the iPhone by Anonymous Coward · · Score: 0

      They don't need to. The data was obtained by standard forensic practices, as I suggested when the whole Apple/FBI nonsense started.

  21. Give apple the iPhone by Anonymous Coward · · Score: 0

    Now that they've dumped the iPhone, they should release it to apple who can analyze it for the intrusion method used

  22. Tinfoil hattery by plague911 · · Score: 1
    I would like to point out the level of black helicopter craziness going on here. In one line you have individuals claiming the phone was never cracked, the next line you claiming it was cracked by apple at the start, the next a clamed that the FBI did it, the next that it was the NSA.

    The level of random ideas on the topic is indicative that there is actually something seriously wrong with the discourse on here. People are making way way to many random accusations that they appear 100% confident on. While I realize this is /. Nut this is a much grander and more fetishized version of this behavioral pattern.

  23. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  24. Comment removed by account_deleted · · Score: 1

    Comment removed based on user account deletion

  25. iPhone like sand through the hourglass by Anonymous Coward · · Score: 0

    CEO of Apple literally sucks dicks. Is iPhone so secure only a faggot has access? WHO the fuck cares?

    Why would you buy the piece of shit? FBI vs fags who fucking cares.

    Spies are flies in God's eyes. DBT

  26. If you have nothing to hide by eric_harris_76 · · Score: 1

    Go ahead. Release the information.

    If you have nothing to hide, you have nothing to fear.

    What? Isn't that what you keep telling us?

    --
    There's no time like the present. Well, the past used to be.