An important thing to note about "GPL v3 or any future version" type language. Its not free, its a blank check. A developer has no idea what that future GPL version could say. So Linux and its simple GPL v2 and no mention of future versions is a known, unlike the FSF's current "best practices" which is an unknown, a blank check.
If a computer or iTunes backup is encrypted then like the data on the phone the FBI or anyone else can't do much.
The weak link is the passcode on the phone. The passcode is the only thing that keeps the decryption key on the phone secure, and for many its a four digit passcode. It does not matter how strong your encryption is if you only need four numeric digits to get to the decryption key.
The fact that the phone has the decryption reduces its security. In more traditional security the decryption key is generated as need by entering a passphrase and erased after use, not stored somewhere.
If the computer/iTunes backups are encrypted then like the data on the phone the FBI or anyone else can't do much.
The weak link is the passcode on the phone, the passcode is the only thing that keeps the decryption key on the phone secure. The fact that the phone has the decryption reduces its security. In more traditional security the decryption key is generated as need by entering a passphrase and erased after use, not stored somewhere.
What was it, about a week since the FBI announced they outsourced the breaching? And now its successful. So how it plays is that Apple's phones are not that secure in the public perception.
If Apple had assisted the FBI they could have maintained the perception of security. So their ethical stance had a price, which is a pretty normal thing. But its a short term price. As Apple moves more and more of its security from software to the hardware, it helps to make one's own chips, such breaches will be more and more difficult. Old iPhones being breachable would be more of a benefit if and when we get to that point. So, market loss today, but maybe a major selling point for the iPhone 8 in a couple of years.
No, deleting the key does not conceal the document.
conceal
1. to hide; withdraw or remove from observation; cover or keep from sight.
2. to keep secret; to prevent or avoid disclosing or divulging http://www.dictionary.com/brow....
The key obviously allows observation and disclosure so deleting the key is an act that prevents something from being observed or disclosed.
And the FBI can examine the phone to their beady little hearts content. Apple isn't stopping that. They're just refusing to help,...
Unless they take your advice and destroy the key.
... there is no evidence that there is ANYTHING of value on the phone...
Only probable cause would be needed for examination, and the fact that it was a communication device of the murder is probable cause. Evidence can be both positive and negative, for example the evidence may be that there is no data related to terrorism on the phone.
Maybe the FBI shouldn't have ordered the cloud password changed. If anyone should be charged with hiding evidence, it's them.
As a government agency they probably have legal immunity, unlike you, me and Apple.:-)
The key is NOT evidence. Can't you get it through your thick skull.The key MAY be needed, but the key is not itself evidence. And there is NO evidence that there is ANYTHING of evidentiary value on the phone. What happened to probable cause, etc?
How soon you forget, a couple of posts back you were agreeing with my: "The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone."
No one is saying the key is evidence itself, that is a figment of your imagination, your confusion.
Speaking of you forgetting things. Now note the subject line of this discussion, "No Constitutional Issue -- It's employer's phone
". Probably cause is not needed because the owner of the phone has given the FBI permission to examine it.
I'm more surprised by the fact that they were doing it 60 years ago. Even before touch-tone phones.
Its just the phone company billing data, which phone companies have been collecting for about as long as they have been sending bills to people. All that has happened is that someone dug up the phone company billing data from 1957. Want to know what phone call "metadata" is? Look at your phone bill.
As for touch-tone dialing, dialing information was detected mechanically long before that with rotary phones. It was just a matter of counting "clicks" rather than recognizing the frequency of tones.
The act of destruction or concealment of evidence is all that is required, it does not matter who you are and whether you are a 1st, 2nd or 3rd party. Apple knows those keys are necessary to reveal evidence, destruction of those keys given such knowledge is obstruction. 3rd parties get in trouble all the time by trying to interfere, being a 3rd party does not prevent them from winding up facedown on the ground in handcuffs.
I understand cryptography much better than you can read. I specifically mentioned hashes. How does a cloud server compare a stored hash which has been encrypted (the GP said encrypt all data kept in the cloud) to the hash generated from a user provided password when it can't decrypt the stored hash?
Apparently you missed:
Users authenticate on their Mac/iPhone/iPad to an AppleID that is optionally configured for iCloud. The AppleID authentication is something separate from iCloud. Once authenticated to an iCloud enabled AppleID their iCloud storage appears as just another storage device. Files saved to iCloud can be encrypted locally before upload. "Keychains" with the necessary keys are shared between Mac/iPhone/iPad.
In other words your Mac/iPhone/iPad is not authenticating with the 3rd party server. Apple securely refers you to 3rd storage with whatever temporary credentials you need.
That might make it hard to search emails on the server, browse your iCloud Photo Library, Apple Music collection and anything else that chooses to reside on the server rather than the device.
The index can be just another file created by the Mac/iPhone/iPad locally and stored remotely.
Ah, but there's your problem - to compare a hash, you need the hash the user provides. But, you can't single out the file from the disk - a (fully) encrypted disk doesn't allow you to know where files start or end.
Let's ignore the detail that Apple is not going to store the "hash" to an AppleID on a 3rd party server where the 3rd party can read it and just go with the above for the sake of argument. One solution is to store the "hash" outside the encrypted drive. Which is what happens on the iPhone itself. The decryption keys are stored outside of the user's storage.
Now lets consider that the user needs no encrypted 3rd party disk on the cloud. The Mac/iPhone/iPad encrypts each file saved on the cloud before uploading it. Decrypts it after downloading it. There is no need for a 3rd party to ever see plaintext user files, they need only upload/download cyphertext. Similarly anyone intercepting the network traffic only sees cyphertext.
So, how do they authorize/authenticate these users, if they only have encrypted usernames/password hashes which they can't decrypt?
Users authenticate on their Mac/iPhone/iPad to an AppleID that is optionally configured for iCloud. The AppleID authentication is something separate from iCloud. Once authenticated to an iCloud enabled AppleID their iCloud storage appears as just another storage device. Files saved to iCloud can be encrypted locally before upload. "Keychains" with the necessary keys are shared between Mac/iPhone/iPad.
So the servers which can't interpret this encrypted data process it how, exactly?
They don't. The point of a cloud server is to store user data, not Apple's data. User's word processing documents, spreadsheets, slideshows, photoshop documents, photos, etc. Whatever they stored to iCloud rather than the local HD.
The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
You wrote "most likely". In other words, you are just making a guess with no basis in law. Neither the key nor the source code are evidence.
No, I'm merely being informal. Want formality:
"Obstruction of Justice
A criminal offense that involves interference, through words or actions, with the proper operations of a court or officers of the court.
Two types of cases arise under the Omnibus Clause: the concealment, alteration, or destruction of documents; and the encouraging or rendering of false testimony. Actual obstruction is not needed as an element of proof to sustain a conviction. The defendant's endeavor to obstruct justice is sufficient." http://legal-dictionary.thefre...
Destruction of the key is concealment of documents.
A first gen iPad is stuck at IOS 5, but generally those things still works fine.
Good luck getting any apps that will run on it now though...
Its actually better than it used to be. The Apple Store now provides your device with the most recent version of an app that the device is compatible with.
The Apple Marketing really are targeting the shallow and vacuous assholes who want to feel smug about the latest shiny? My last PC was over 6 years old before it keeled over, and I hope this one lasts about the same.
My PC is at 6 and doing just fine, admittedly its on its 2nd video card upgrade so that current games are still playable. My current MacBookPro is at 4 and in no need of replacement any time soon, my previous one only had 4 years of full-time use because it did not make the cutoff for 64-bit. When I build my own PCs or order Macs I am generous with RAM, that helps performance and longevity.
PC/Mac performance has so outpaced user needs, except for gamers, that 5+ years for a PC/Mac is quite normal. Having an "older" machine has nothing to do with being wealthy or not. Those trying to misrepresent the comment as an attack on the non-wealthy are trying to manufacture a controversy for whatever reason they will benefit, most likely visits to their site.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
I'm leaning towards a situation where the MacBook has no display and is essentially a dock for an iPad. When docked the iPad merely acts as a screen for Mac OS X running on the laptop's CPU. When disconnected the iPad acts as an iPad running iOS. With Safari, iTunes, Pages, Numbers, Keynote etc being document compatible, using iCloud and doing a handoff between Mac OS X and iOS. No need to force the Mac to be iOS'ish or the iPad to be Mac'ish, let them be themselves while working on a common document, showing a webpage, viewing/playing media, etc.
I'd imagine that they'll discontinue support for the iPad 2 in the next major iOS release, so more people will have to start upgrading those tablets then.
The iPhone 4S, iPod touch gen 5, iPad 2 and iPad mini are all potentially on the chopping block. 512MB RAM devices. When devices are cutoff from the next iOS it usually seems to have to do with RAM more than anything else.
Slashdot Mirror
An important thing to note about "GPL v3 or any future version" type language. Its not free, its a blank check. A developer has no idea what that future GPL version could say. So Linux and its simple GPL v2 and no mention of future versions is a known, unlike the FSF's current "best practices" which is an unknown, a blank check.
If a computer or iTunes backup is encrypted then like the data on the phone the FBI or anyone else can't do much.
The weak link is the passcode on the phone. The passcode is the only thing that keeps the decryption key on the phone secure, and for many its a four digit passcode. It does not matter how strong your encryption is if you only need four numeric digits to get to the decryption key.
The fact that the phone has the decryption reduces its security. In more traditional security the decryption key is generated as need by entering a passphrase and erased after use, not stored somewhere.
I apologize for any confusion, I clicked on the wrong reply button. Doh!
If the computer/iTunes backups are encrypted then like the data on the phone the FBI or anyone else can't do much.
The weak link is the passcode on the phone, the passcode is the only thing that keeps the decryption key on the phone secure. The fact that the phone has the decryption reduces its security. In more traditional security the decryption key is generated as need by entering a passphrase and erased after use, not stored somewhere.
What was it, about a week since the FBI announced they outsourced the breaching? And now its successful. So how it plays is that Apple's phones are not that secure in the public perception.
If Apple had assisted the FBI they could have maintained the perception of security. So their ethical stance had a price, which is a pretty normal thing. But its a short term price. As Apple moves more and more of its security from software to the hardware, it helps to make one's own chips, such breaches will be more and more difficult. Old iPhones being breachable would be more of a benefit if and when we get to that point. So, market loss today, but maybe a major selling point for the iPhone 8 in a couple of years.
No, deleting the key does not conceal the document.
conceal
1. to hide; withdraw or remove from observation; cover or keep from sight.
2. to keep secret; to prevent or avoid disclosing or divulging
http://www.dictionary.com/brow....
The key obviously allows observation and disclosure so deleting the key is an act that prevents something from being observed or disclosed.
And the FBI can examine the phone to their beady little hearts content. Apple isn't stopping that. They're just refusing to help, ...
Unless they take your advice and destroy the key.
... there is no evidence that there is ANYTHING of value on the phone ...
Only probable cause would be needed for examination, and the fact that it was a communication device of the murder is probable cause. Evidence can be both positive and negative, for example the evidence may be that there is no data related to terrorism on the phone.
Maybe the FBI shouldn't have ordered the cloud password changed. If anyone should be charged with hiding evidence, it's them.
As a government agency they probably have legal immunity, unlike you, me and Apple. :-)
The key is NOT evidence. Can't you get it through your thick skull.The key MAY be needed, but the key is not itself evidence. And there is NO evidence that there is ANYTHING of evidentiary value on the phone. What happened to probable cause, etc?
How soon you forget, a couple of posts back you were agreeing with my: "The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone."
No one is saying the key is evidence itself, that is a figment of your imagination, your confusion.
Speaking of you forgetting things. Now note the subject line of this discussion, "No Constitutional Issue -- It's employer's phone ". Probably cause is not needed because the owner of the phone has given the FBI permission to examine it.
I'm more surprised by the fact that they were doing it 60 years ago. Even before touch-tone phones.
Its just the phone company billing data, which phone companies have been collecting for about as long as they have been sending bills to people. All that has happened is that someone dug up the phone company billing data from 1957. Want to know what phone call "metadata" is? Look at your phone bill.
As for touch-tone dialing, dialing information was detected mechanically long before that with rotary phones. It was just a matter of counting "clicks" rather than recognizing the frequency of tones.
This is thought as the rationale for Microsoft to invest in Apple back in the 90s
Well that worked, who is talking about the Microsoft monopoly these days. :-)
The act of destruction or concealment of evidence is all that is required, it does not matter who you are and whether you are a 1st, 2nd or 3rd party. Apple knows those keys are necessary to reveal evidence, destruction of those keys given such knowledge is obstruction. 3rd parties get in trouble all the time by trying to interfere, being a 3rd party does not prevent them from winding up facedown on the ground in handcuffs.
I understand cryptography much better than you can read. I specifically mentioned hashes. How does a cloud server compare a stored hash which has been encrypted (the GP said encrypt all data kept in the cloud) to the hash generated from a user provided password when it can't decrypt the stored hash?
Apparently you missed:
Users authenticate on their Mac/iPhone/iPad to an AppleID that is optionally configured for iCloud. The AppleID authentication is something separate from iCloud. Once authenticated to an iCloud enabled AppleID their iCloud storage appears as just another storage device. Files saved to iCloud can be encrypted locally before upload. "Keychains" with the necessary keys are shared between Mac/iPhone/iPad.
In other words your Mac/iPhone/iPad is not authenticating with the 3rd party server. Apple securely refers you to 3rd storage with whatever temporary credentials you need.
That might make it hard to search emails on the server, browse your iCloud Photo Library, Apple Music collection and anything else that chooses to reside on the server rather than the device.
The index can be just another file created by the Mac/iPhone/iPad locally and stored remotely.
Cloud services do much more than just store user data.
Not the cloud service we are talking about, Apple iCloud.
Ah, but there's your problem - to compare a hash, you need the hash the user provides. But, you can't single out the file from the disk - a (fully) encrypted disk doesn't allow you to know where files start or end.
Let's ignore the detail that Apple is not going to store the "hash" to an AppleID on a 3rd party server where the 3rd party can read it and just go with the above for the sake of argument. One solution is to store the "hash" outside the encrypted drive. Which is what happens on the iPhone itself. The decryption keys are stored outside of the user's storage.
Now lets consider that the user needs no encrypted 3rd party disk on the cloud. The Mac/iPhone/iPad encrypts each file saved on the cloud before uploading it. Decrypts it after downloading it. There is no need for a 3rd party to ever see plaintext user files, they need only upload/download cyphertext. Similarly anyone intercepting the network traffic only sees cyphertext.
So, how do they authorize/authenticate these users, if they only have encrypted usernames/password hashes which they can't decrypt?
Users authenticate on their Mac/iPhone/iPad to an AppleID that is optionally configured for iCloud. The AppleID authentication is something separate from iCloud. Once authenticated to an iCloud enabled AppleID their iCloud storage appears as just another storage device. Files saved to iCloud can be encrypted locally before upload. "Keychains" with the necessary keys are shared between Mac/iPhone/iPad.
So the servers which can't interpret this encrypted data process it how, exactly?
They don't. The point of a cloud server is to store user data, not Apple's data. User's word processing documents, spreadsheets, slideshows, photoshop documents, photos, etc. Whatever they stored to iCloud rather than the local HD.
Here's a crazier idea. All data uploaded to cloud servers is encrypted so that it is unreadable by servers. Backdoors should be irrelevant.
The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone.
The irony is sweet with this one: http://www.bloomberg.com/news/...
Doubtful. They are protecting sources and methods by refusing to disclose to Apple.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
You wrote "most likely". In other words, you are just making a guess with no basis in law. Neither the key nor the source code are evidence.
No, I'm merely being informal. Want formality:
"Obstruction of Justice
A criminal offense that involves interference, through words or actions, with the proper operations of a court or officers of the court.
Two types of cases arise under the Omnibus Clause: the concealment, alteration, or destruction of documents; and the encouraging or rendering of false testimony. Actual obstruction is not needed as an element of proof to sustain a conviction. The defendant's endeavor to obstruct justice is sufficient."
http://legal-dictionary.thefre...
Destruction of the key is concealment of documents.
A first gen iPad is stuck at IOS 5, but generally those things still works fine.
Good luck getting any apps that will run on it now though...
Its actually better than it used to be. The Apple Store now provides your device with the most recent version of an app that the device is compatible with.
The Apple Marketing really are targeting the shallow and vacuous assholes who want to feel smug about the latest shiny? My last PC was over 6 years old before it keeled over, and I hope this one lasts about the same.
My PC is at 6 and doing just fine, admittedly its on its 2nd video card upgrade so that current games are still playable. My current MacBookPro is at 4 and in no need of replacement any time soon, my previous one only had 4 years of full-time use because it did not make the cutoff for 64-bit. When I build my own PCs or order Macs I am generous with RAM, that helps performance and longevity.
PC/Mac performance has so outpaced user needs, except for gamers, that 5+ years for a PC/Mac is quite normal. Having an "older" machine has nothing to do with being wealthy or not. Those trying to misrepresent the comment as an attack on the non-wealthy are trying to manufacture a controversy for whatever reason they will benefit, most likely visits to their site.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
I'm leaning towards a situation where the MacBook has no display and is essentially a dock for an iPad. When docked the iPad merely acts as a screen for Mac OS X running on the laptop's CPU. When disconnected the iPad acts as an iPad running iOS. With Safari, iTunes, Pages, Numbers, Keynote etc being document compatible, using iCloud and doing a handoff between Mac OS X and iOS. No need to force the Mac to be iOS'ish or the iPad to be Mac'ish, let them be themselves while working on a common document, showing a webpage, viewing/playing media, etc.
I'd imagine that they'll discontinue support for the iPad 2 in the next major iOS release, so more people will have to start upgrading those tablets then.
The iPhone 4S, iPod touch gen 5, iPad 2 and iPad mini are all potentially on the chopping block. 512MB RAM devices. When devices are cutoff from the next iOS it usually seems to have to do with RAM more than anything else.