DOJ Says iPhone Is So Secure They Can't Crack It 454
zacharye writes "In the five years since Apple launched the iPhone, the popular device has gone from a malicious hacker's dream to law enforcement's worst nightmare. As recounted by the Massachusetts Institute of Technology's Technology Review blog, a Justice Department official recently took the stage at the DFRWS computer forensics conference in Washington, D.C. and told attendees that the beefed up security in iOS is now so good that it has become a nightmare for law enforcement."
Re:I don't believe it (Score:5, Informative)
Re:I don't believe it (Score:5, Informative)
Wrong.
It uses full disk encryption. However, that can be circumvented quite easily with a jailbreak (if one exists).
However, there is a second encryption system. This system derives the keys from your passcode and a key that is stored within a secure element on the iPhone. Thus, you need to know the Passcode of the iPhone in order to decrypt those files. Since, the key derivation function is tied to the passcode and the key within the secure element you cannot offload the brute-force attack to external machines, you need to do it on the iPhone. This means that a brute-force attack on a 4-digit PIN takes about 20 minutes (ok, that's not much), but when you consider complex PINs with 5 or more characters you are soon at 50 days (don't have the exact numbers in my mind right now, but there is a good presentation on that).
Downturn: You must rely on the app developer to chose the right protection class for the files. If he doesn't then you are down to the rather insecure full-disk-encryption, and you need to chose a longer Passcode...
Re:I don't believe it (Score:4, Informative)
> "As far as I know the iphone doesn't use full disk encryption."
And because you don't know if it does that means it doesn't, right?
http://support.apple.com/kb/HT4175 [apple.com]
Full device encryption has been available since the 3GS, when they added in hardware encryption support to their iOS products.
Before speaking on a subject you know absolutely nothing about you should do a little research on it first.
Just ask Apple (Score:2, Informative)
Just ask Apple the password they'll give it to you : http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/
Umm.. what? (Score:5, Informative)
5 minutes ago I knew nothing of Apples full disk encryption. Now I find an article that states:
http://anthonyvance.com/blog/forensics/ios4_data_protection/ [anthonyvance.com]
So I'd say I'm just VERY skeptical that the DOJ can't crack something that wasn't really designed with any security in mind in the first place. Either that, or the DOJ has nobody with any skills whatsoever.
Re:Oblig xkcd (Score:5, Informative)
Hitting people with wrenches is forbidden by the Bill of Rights.
Re:I don't believe it (Score:5, Informative)
According to TFA, encryption and decryption is now available and built in in the hardware even. So it's become computationally cheap. The AES key is also burned in silicon, making it impossible to get to.
But as usual the weakest link is the user's password, in this case a PIN. A typical 4-digit PIN can be cracked (using special software to prevent phone from wiping itself after ten failed attempts) in a matter of minutes; one needs an 8-digit PIN to be reasonably secure (average 15 years for a brute-force attack).
Re:TWO WORDS (Score:5, Informative)
Isn't the iCloud stuff (specifically, the device backups) also AES encrypted with a key Apple doesn't have? I will have to dig up the article, but I'm pretty sure I saw that.
No. [arstechnica.com]
Re:TWO WORDS (Score:5, Informative)
quite the opposite, apple holds the key - so all it takes is a gov't request to apple and they have the master key.
http://arstechnica.com/apple/2012/04/apple-holds-the-master-key-when-it-comes-to-icloud-security-privacy/ [arstechnica.com]
http://arstechnica.com/apple/2012/04/can-apple-give-police-a-key-to-your-encrypted-iphone-data-ars-investigates/ [arstechnica.com]
Given their policies regarding a number of things which are dinosaur-era, we don't have an answer to whether or not they will give it away or not. I don't know that an official statement has ever been made by apple. The question is - do you want to trust that information with apple? Specifically: 100% uncertainty? That's not a "apple is evil, apple is not evil".
Re:Government Computer Skillz (Score:5, Informative)
The burden of proof is on you, not them, under UK law, provided they can prove you ever had access to the password.
Or to put it another way, you are responsible for maintaining accurate records of every encryption passphrase you ever use.
Enjoy your SSH session keys.
Re:Government Computer Skillz (Score:5, Informative)
Re:I don't believe it (Score:5, Informative)
That's because the password-protected encryption doesn't encrypt the whole disk. It encrypts individual files. There is a full-disk encryption key, but its purpose is to make wiping the device a single block write operation (overwrite the key) instead of a complete wipe of tens of gigabytes.
Re:TWO WORDS (Score:5, Informative)
I can't help but wonder the purpose of a DOJ statement like his being made public.
It was a higher-up in the DoJ (specifically, Ovie Carroll) discussing challenges in digital forensics (at a conference on digital forensics). It was a brief mention in a larger talk and a fact that does not surprise anyone in the field. It's well-known that pulling data off of an iPhone can be a real pain in the ass. (IMO, I would consider Android worse, as there is not yet a reliable technique that can pull data off of an unrooted phone without modifying the phone's data, and data modification -- even when justified and documented -- is a big problem in some jurisdictions.)
Re:Oblig xkcd (Score:5, Informative)
Only if done as punishment. According to Scalia, as long as it's not punishment, torture is constitutional. [thinkprogress.org]
Re:Umm.. what? (Score:5, Informative)
Last time I checked, the government can't lie. It can only deny.
Sorry, incorrect. Go watch "Don't talk to police" on YouTube. Required viewing for US residency.
Re:Government Computer Skillz (Score:5, Informative)
In the U.S., the 5th Amendment prevents someone from being required to turn over their password.
This is still unsettled. The 11th Circuit Court [wired.com] has ruled that passwords are protected under the 5th amendment. However the 10th Circuit [huffingtonpost.com] has chosen not to intervene in a lower court decision that forced a woman to decrypt her laptop.
This is going to have to go to the Supreme Court eventually, and I think you can guess how the fascist majority of justices will decide.
Re:Government Computer Skillz (Score:5, Informative)
Wikipedia [wikipedia.org] sez:
Re:TWO WORDS (Score:5, Informative)
FYI, this is the source of the summary quotes (adhoc as they are) and also addresses other questions regarding device security as opposed to iCloud security which has nothing to do with the linked articles.
It also notes the key here, that while the device is powered on, it is still possible to obtain the key from memory, but once the device is turned off, the key is lost. It also notes that the decryption key itself is encrypted by the device pin, meaning an easy pin is an easily decrypted device. This is true for any mobile device, and a good reason to enable a strong ping instead of the default 4 char code seen on most devices.
What I found curious about the article is that they didn't emphasize this point. Video's of police decrypting a device due to a weak 4 pin character lock within a matter of seconds are available for any number of devices. I am curious how much additional computing power is needed to decrypt a device for each character added to the unlock sequence.
Scare tactics. (Score:4, Informative)
Okay, can't watch the youtube video(blocked due to limited bandwidth here), but it let me onto the infowars site.
750M rounds is 2.5 rounds per person in the USA, yes. However: Scare tactics are being used.
First, it's for training ammunition - my training/qualification for the year is at well over 500 rounds between pistol and rifle(~half each). I'm not DHS, but it should be a clue as to how many rounds it takes to train&qualify somebody. It's often an annual requirement.
Second - it's a 'purchase UP TO' order, up to 70M rounds/year, between all winning parties, for a 5 year contract. NOT 'planning to buy 750M rounds of ammo'. Going by the contract, that's a MAX of 350M. The minimum order in a year is 1 lot of 1k rounds. In these sorts of contracts they list the maximum possible they expect for each item - for example, a big purchase of .40S&W handguns, a shift to .357 Sig, whatever. .223 is well represented, though I wonder that they aren't shooting NATO 5.56 spec rifles(the difference is about a human hair; doesn't matter much in training I guess). Going by my figure, a max order of 70M rounds would let you dual-qualify ~140k people. Office types trained 'just in case' would use a bit less ammo, SWAT types far more. A quick search shows 160k [syr.edu] employees in DHS. Or maybe it's 188k employees AND 200k contractors [fcw.com]. Whatever. I doubt they're going to be qualifying EVERYONE anytime soon, and probably don't plan to short of some crazy doomsday scenarios.
Third - "including 357 mag rounds that are able to penetrate walls." - just about ANY handgun self defense caliber is fully capable of penetrating a wall while remaining potentially lethal. It's a simple fact that a human body, which self defense rounds generally have to be able to completely penetrate to be considered effective, is more difficult to penetrate than 2 sheets of drywall. You want to go back to yea old days - when the .357 was developed, the standard was actually penetrating a car windscreen with a maximum deflection such that you'd still hit the driver. 9mm, btw, is 'normally' powerful enough for this, though you might need 2 shots(not as big of a deal for a semi), but this was back when we were still issuing revolvers to police. While we're at it, the contract also lists rifle calibers - .223, .30-06, and .308; all far more powerful than .357.
In other words, it's a big hoopla over just about nothing.
Re:TWO WORDS (Score:4, Informative)
The same subpoena can't get the data out of RIM actually -- device to device communications are encrypted in such a way that RIM has no access to the contents.
Yeah, about that... [indiatimes.com]
Re:TWO WORDS (Score:4, Informative)