Former NSA, CIA Director Michael Hayden Sides With Apple Over FBI (foxbusiness.com) 146
cold fjord writes: General Michael Hayden (Retired), who served as head of both the NSA and CIA, has taken a position supporting Apple in its conflict with the FBI. Apple is fighting a court order to assist the FBI in breaking into the government owned phone used by one of the two dead terrorists responsible for the recent San Bernardino massacre. General Hayden stated, "You can argue this on constitutional grounds. Does the government have the right to do this? Frankly, I think the government does have a right to do it. You can do balancing privacy and security dead men don't have a right to privacy. I don't use those lenses. My lens is the security lens, and frankly, it's a close but clear call that Apple's right on just raw security grounds. ... I get why the FBI wants to get into the phones but this may be a case where we've got to give up some things in law enforcement and even counter terrorism in order to preserve this aspect, our cybersecurity."
Subject (Score:2)
Can we can bring him out of retirement and put him back in charge?
Re: (Score:1)
He was in charge when most of the current Prism bullshit got put into place. You really think that is a good idea.
Re: (Score:2)
It is almost as if.... a paycheck prevents a person from understanding things that would be detrimental to the reception of said check.... and removal of that income can help to bring these issues into focus, especially when you realize someone else is now at the reigns and has the power to do unto you with the powers you used to have to do unto others.
Re:Subject (Score:5, Insightful)
I think the issue is a bit different.
The FBI is basically a national police force. I've known a few cops, and their point of view has been all about solving and preventing crime. Even the ones I like as people... on these sorts of subjects it's like they're wearing blinders. Innocent people's privacy isn't a concern to them. Constitutional guarantees aren't a concern to them, except when it's been hammered into their heads as something they're required to do by the higher ups - not because they agree with those guarantees, but because they know it will mess up the eventual prosecution if they don't do it.
Their job is to prevent and solve crimes, and anything that obstructs those two goals should be done away with (in their view).
In a cop's perfect world, they'd be able to just walk into your house and look around. They'd be able to stop people on the street and frisk them. And of course they should be able to use license plate scanners, and have unrestricted access to the data forever.
So of course they they think should be able to look through anyone's phone.
Re: (Score:2)
He was in charge when most of the current Prism bullshit got put into place. You really think that is a good idea.
He was also in charge when the decision against the Clipper chip was made.
The guy has one interest: National security. He doesn't care about privacy, about finding some kidnapper, anything like that. Just national security.
So he tells everyone who wants to hear that what the FBI wants Apple to do is damaging national security. As I said, the guy doesn't do "think of the children", he does national security.
Re: (Score:2)
No, because he's an idiot:
"You can argue this on constitutional grounds. Does the government have the right to do this? Frankly, I think the government does have a right to do it."
Frankly, this clown is wrong.
"You can do balancing privacy and security dead men don't have a right to privacy."
Wrong again.
"My lens is the security lens, and frankly, it's a close but clear call that Apple's right on just raw security grounds."
Frankly, it's not a close call at all. (And this guy uses "frankly" way too often.)
Re: (Score:2)
The government has a right to read what's on the phone, given either a warrant or permission from the owner of the phone, which is the dead guy's employer. You can object to how warrants are issued, and I'd be with you there, but the government has a right to try to get any information with the proper authorization.
What the Feds don't have is the ability to read what's on the phone, and the question is whether Apple should have to damage the security of their product to allow government fishing expediti
Re: (Score:2)
Permission from the owner of the phone would not give them the authority to search the user's personal files when there's an expectation of privacy, just like permission from a telco doesn't grant the government the authority to eavesdrop on all calls or permission from the post master doesn't let them open your mail. And the use of encryption is about as explicit a declaration of privacy as you can get.
Further, they can't legally force the user to unlock the phone because of the 5th amendment. (Yes, judg
Re: (Score:2)
Do you live in the US? Many European nations have much stronger privacy legislation. In the US, if it's on the employer's equipment, the employer may access it. I don't see that this does any major harm; if I want to do anything personal that I want to keep private, I do it on stuff I own. The "Private" folder on my work computer contains stuff that I got a one-user license for, not anything related to my private life.
It's also possible to ask for almost anything legally, given a search warrant. The
Translation... (Score:5, Interesting)
Re: (Score:1)
Re: (Score:3)
Why is this modded interesting? It is pure conjecture.
Re: (Score:1)
Why is this modded interesting? It is pure conjecture.
Uh, because it's interesting conjecture? Now if you were complaining about 'Insightful' mods you'd have a case...
Re: (Score:2)
Something is obviously up. Hayden is a liar with zero interest in the public good.
Of course Apple is right (Score:5, Insightful)
You can argue this on constitutional grounds. Does the government have the right to do this? Frankly, I think the government does have a right to do it.
I disagree. I think the government doesn't (or at least shouldn't) have the right to compel companies to break security protocols on behalf of the government when that would affect parties other than the one under legal scrutiny. Furthermore it seems clear to me that this creates an unreasonable burden on Apple (or any other company) to support the government. I'm not sure the court in this case fully appreciates what they are asking from Apple. By breaking the encryption on this device they materially devalue the product Apple is selling substantially. I think you can argue this on at minimum 1st and 4th amendment grounds.
it's a close but clear call that Apple's right on just raw security grounds.
"Close"? No it isn't. Apple is clearly correct that breaking security for one phone breaks them all. That's how it works. Anybody with even a basic understanding of cryptography on computers would know this. If we break it for the US government we break it for foreign governments, black-hats, paparazzi, etc. There is no way to restrict it to just one specific party. Apple is 100% correct to do what they are doing. I'm not always a fan of Apple but they are both morally and technologically correct in their position here.
Re: (Score:2)
Distinctions without differences (Score:2)
He wasn't talking about Apple's position on encryption. He was saying the argument that the government should be allowed to force Apple to break the iPhone security.
RTFA yourself. That is a distinction without a difference. Security = Encryption in this case. The iPhone's security relies on encryption. To break the iPhone security means to circumvent the encryption. By breaking or circumventing the encryption you make the encryption (security) immediately worthless on every iPhone in the process. Arguing that the government has a right to force Apple to break this security means that ALL citizens are no longer entitled to first and fourth amendment rights and the
Re: (Score:3)
By breaking or circumventing the encryption you make the encryption (security) immediately worthless on every iPhone in the process.
Not quite. Nobody can break _the encryption_ of the iPhone. What the FBI wants Apple to do is to disable a feature where trying to brute force the passcode erases the phone after ten wrong attempts.
If that feature is disabled, you can brute force the phone at a maximum rate of one key every 80 milliseconds. Which means 4 digit passcode security is broken (takes 15 minutes to brute force). 6 digit passcode takes two weeks to crack. 8 digit passcode takes two years to crack. 8 random lowercase letters take
Re: (Score:2)
The epiphany (Score:1)
Why is it that only former and retired officials have them, and never the current ones? Pure public relations bullshit.
Isn't it sad that I don't trust him? (Score:2)
Am I the only one that feels this way about this? Somehow I think not.
See what you've done to us U.S. Law Enforcement and Government? You've fucked everything up so much that we can't trust anyone anymore, even when they agree with us.
Re: (Score:2)
NOT (Score:1)
Michael Hayden presided over the increased Mass Collection "just in case" of innocent communications data. He essentially excremented on Magna Charta and the U.S. constitution.
His reasoning was that "all that data is stored in a lockbox. It will only be touched when an analyst searches (like googleing) in the lockbox". Of course even if that is true they can ANYTIME change the rules. They can write algorithms which will do much more than the described search engine does. E.g. "give me all persons who ever c
Re: (Score:2)
Recall PRISM. The NSA has its way into all the US brands and likes to be the one stop security gatekeeper of all such missions.
The big brands let the US gov in by default, working with the US gov or the US gov found some always open way in that was always kept wide open..
The ability to collect information, act on it and then decide who and how to share it with is wh
We can? (Score:2)
General Hayden stated, "You can argue this on constitutional grounds."
I wasn't aware that ever worked.
The obvious reason is... (Score:3)
there is something on the phone that implicates General Hayden as a terrorist!
What am I reading in the summary? (Score:2)
Govt doesn't have rights.
Re: (Score:2)
I seriously don't get why this is a big deal. (Score:2)
The only reason this is happening, is that the key in question is expected to be unusually easy to brute force. (We think the user's passphrase was 4 or 5 decimal digits.)
The general case is much harder, and it doesn't matter how much you beg/force a manufacturer or anyone else:
Re: (Score:2)
If the FBI gets the precedent set that Apple has to unlock the phone for them, then how long will it be before it's declared that all phone vendors must be able to unlock phones for law enforcement at any time? We're already seeing laws of this kind being proposed in some states. The precedent will grease these wheels and make the move towards stronger encryption risky for any device manufacturer.
Re: (Score:2)
Suppose that happens. So what? FBI says to manufacturer: "unlock this phone."
Manufacturer: "Sure thing. I will help you however I can. What model phone do you need help with?"
FBI: "It's a 2014 or later model."
"Oh. Sorry. I literally lack the capacity to help you, because that phone answers to its user, not us."
This entire issue is sliding into obsolesence.
Re: (Score:2)
Except that "we don't support older phones" won't be a valid response to a court order of "unlock this phone." In addition, precedent will state that since Apple unlocked these phones before, they have the ability to keep unlocking it. Worst case scenario would be that the court says "ok, you don't need to unlock these old phones in the future - you just need to give the FBI a universal unlocking program and THEY can unlock the phones."
You do bring up a good point, though. Once this precedent is set, Appl
Re: (Score:2)
I think you haven't read up on exactly what the court demanded Apple give the FBI, and why it will work on the iPhone 5C. Am I mistaken?
Re: (Score:2)
I have read what they wanted. The court ordered Apple to write software to a) remotely disable the "10 PIN tries and the phone is erased" feature and b) give the FBI the ability to make PIN attempts from a simulated USB keyboard (so they could automate PIN attempts). I just don't believe that it will stop here. If this is allowed and the next iPhone makes this impossible, the courts will just extend the request a little more and a little more. There seems to be an attitude in the FBI that all companies
Re: (Score:2)
It's too late. Even if the FBI loses, by pointing their gun at Apple's face, we the public have already been given a real-life non-tinfoil-hat reminder that signers can be coerced. There is never any going back from this. Or rather, we should go back to when we still had a little common sense, when..
..Phil Zimmermann taught us that's what we ought to be doing anyway, a quarter century ago when he se
Wow, more Apple ADs! (Score:1)
Only Dead Men? That can be fixed (Score:2)
dead men don't have a right to privacy
Is this true? is that the law in USA? ... If death makes private information easier to legally obtain, doesn't that make it very dangerous for the people still alive with private information? it's far easier to make people dead and then legally obtain their secrets than convince the courts that they have no right to privacy while alive.
Who bribed him from Apple? (Score:2)
This seems to be counter to his usual opinion.
Re:Ponder this (Score:5, Funny)
Parent may already have been replaced by a cunning Eliza program.
Re: (Score:1)
Parent may already have been replaced by a cunning Eliza program.
Say, do you have any psychological problems?
Re: (Score:2)
If, eventually, a computer can do whatever a human can do, and do it better, what is the point of human existence?
To invent those computers, obviously, and then either use them to better ourselves or fuck off and let them go on
Re: (Score:3, Insightful)
To be and enjoy it. Or change as you would like to. Just because someone is better than something and even if it is by orders of magnitude beyond your understanding that doesn't mean you are worth less as a person. Whether that is a fundamental truth or a quirk of the Human brain I think that should be something we should hypothetically instill (Not necessarily install.) in others. So find something to do.
Re: (Score:1)
Perhaps you should read "The Culture" series, by Iain M. Banks.
Re:Ponder this (Score:4, Insightful)
What was the point of human existence before computers?
I doubt it's changed.
Re: (Score:1)
What was the point of human existence before computers?
I doubt it's changed.
Near as I can tell, the point of human existence is to eat, shit, fuck, and suffer. Too bad, those poor computers won't get to do any of the fun stuff once they replace us.
Re: (Score:3)
Eating and shitting aren't our purpose, that's like saying my cell phone's purpose is to consume battery.
It's a byproduct of the actual purpose.
To fuck and suffer.
Or more elegantly, to fuck and be fucked in return.
Re: (Score:1)
We DID deal with it... by inventing the concept of "higher purpose". Like God, "higher purpose" is self-reinforcing and not falsifiable, thus providing never-ending fun for we great apes!
Re: (Score:2)
"What was the point of human existence before computers?"
Ask your grandpa. People played cards and board games, and porn was printed on paper.
Re: (Score:2)
The point of human existence before computers was the develop technology to the state able to create computers.
Ponder something else (Score:3)
If, eventually, a computer can do whatever a human can do, and do it better, what is the point of human existence?
Some humans can do everything certain other humans can do and do it better. Does that make the existence of less capable humans pointless? I think not.
Anyway it's a moot question. You can argue that the point of human existence is to pass on their genes and robots cannot in any manner pass on human genes. So there is always at least one thing humans can do better than robots.
Re: (Score:2)
what is the point of human existence?
To dream... to love
Re: (Score:1)
... to learn! Try giving it a shot
Re: (Score:3)
Life has whatever meaning you choose to attach to it.
Re: (Score:2)
To shoot the machine in the head when it gets too big for its britches.
Re: (Score:2)
..or, alternately, you could quit being a Negative Nelly and find some purpose in your life. Based on the first impression you give, I'd also recommend you go find a decent talk therapist, and enter into some conversation with them about why you're so (obviously) depressed.
For the rest of you: I don't forsee anytime in approximately the next 100 years, humans being completely
Re: (Score:2)
If, eventually, a computer can do whatever a human can do, and do it better, what is the point of human existence?
Man is that he might have joy.
Re: (Score:1)
I did, no coffee in the house...
Maybe if I had a robot...
Re: (Score:2)
Except Snowden doesn't say what you claim. He states that he disbelieves the FBI's claims that they can't break into the phone. According to what is referenced in that article, he doesn't say anywhere that this is just Apple putting on a show.
Re:Really? (Score:4, Insightful)
Except Snowden doesn't say what you claim. He states that he disbelieves the FBI's claims that they can't break into the phone. According to what is referenced in that article, he doesn't say anywhere that this is just Apple putting on a show.
They likely can break into the phone, but that is not what this is all about. And it never has been, just as this has never been about "one phone", regardless of who wants to claim that bullshit.
This is about setting legal precedent. Period. End of statement. And once it's set, it will be abused. Guaranteed. There is zero evidence in our history to even prove otherwise.
Re: (Score:1)
And Apple is in this too, so why do I always get -1 for such comments? That many fanbois or is someone playing "forum police".
I rant about other shit rarely get marked down as quickly as pointing Apple's security "issues" or point out the fallacies of this case.
When this all becomes evident to even the dimmest fanboi what then? Will you stop buying their products?
Doubtful.
Re: Really? (Score:2)
It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.
Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box).
Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google and security fixes usually require to buy a new phone or wait indefinitely for the manifactur
Re: (Score:2)
I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the international hero Snowden. He claims apple is doing the right things at the moment. To my knowledge, he is right.
Snowden has been holed up in Russia for the last three years, and it's likely his access to impartial media is even worse than the average American's. How could he possibly know what Apple is doing? He has no special access, he's a sideline watcher like the rest of us.
I have no doubt of his good intentions, but he doesn't have any knowledge of what Apple and the NSA are up to since he fled the country.
Re: Really? (Score:2)
It is this easy: Apple closed the backdoors they had left open for your spooks in iOS 8 after the Snowden-files.
Snowden claims that apple does the right things (can't trust their cloud, but there are secure alternatives as caldav, carddav and IMAP for notes are ssupported out of the box). Android is way (!) more insecure, leaving encryption keys on wiped devices and supporting the way more insecure cloud from google.
I do not trust apple, they had their hands in the cookie jar until iOS 8. But I do trust the
Re: (Score:2)
Um, Apple is doing the right thing, and when this becomes obvious to the dimmest fanboi said fanboi will stop buying Apple products? Or is it that Apple products are insecure, and so the correct thing to do is to buy less secure products?
Is it your opinion that it's trivial to design an easy-to-use device that can withstand any security attack from highly motivated entities with great resources and knowledge who not only have physical control of the device but don't have to worry about destroying it or
Re: Really? (Score:5, Informative)
There's a good ACLU [aclu.org] piece this week talking tech about why the FBI is lying.
Re: (Score:1, Insightful)
Because they want a president set that it's okay for the government to insert backdoors into encryption solutions, and make unreasonable requests of tech companies, so that when it comes to inserting backdoors in all communications systems, it'll be easy to force through.
Re: (Score:2)
How is this for a precedent: The Clipper Chip, an encryption chip designed by the NSA in the early 1990s which was intended to be included in communications devices. They were pretty open about it having a backdoor that only they had access to; this was pretty much the point of its push.
Although it was opposed by the strange-bedfellows partnership of John Kerry and John Ashcroft, it was the technical flaws that doomed the chip, specifically the lack of security inherent with key escrow systems, and some of
Re: (Score:2)
There are backdoors in all communications systems, required by CALEA [wikipedia.org]. This is about the iPhone as a computer, not as a phone.
Re:Really? (Score:4, Insightful)
Looking over my iphone I don't really have anything that Law enforcement would be interested in - however, I really really really do not want the bad guys having that very same access.
note: I don't actually want anyone snooping in my phone at all, so let's not have the semi-obligitory "First they came for....." sillieness folks, mKay?
Re:Really? (Score:4, Insightful)
And you know what the FBI wants? That's pretty powerful stuff there. Those four items are a backdoor. And just because the FBI doesn't publicly reveal their desires, it doesn't mean they don't exist. You need to acknowledge precedent.
Re: (Score:1)
Considering that what the FBI wants is listed in the court order, you should be able to find it on your own without issue. I guess you think the FBI is somehow keeping their request secret?
http://www.ndaa.org/pdf/SB-Sho... [ndaa.org]
I suppose you could just read the court order, but maybe that is too hard? The FBI already stated that they don't want a generic backdoor, nor do they want access to the backdoor, but I guess you know so much more than I do.
Re: (Score:1)
Oh please! You got all sorts of secret 'requests' and gag orders, the most obvious being the national security letters. You only know what's public. The government does not operate very publicly in these matters. The entire theater is to vilify private, secure communications in the public's mind. The government already has more than one phone that they want to break into. They are trying to make a case against encryption. And it sounds like you side with them. If that is true, I guess there's nothing to dis
Re: Really? (Score:3)
Re: (Score:1)
I just linked the motion. Are you trying to claim what I linked is not the motion, or that it was somehow secret despite that I linked it to you?
Re: (Score:1)
I guess you take everything at face value, but from known liars?
Re: (Score:2)
First of all you did not link the motion. You linked the order. Those are two separate things. Second, you failed to understand legal procedure. Here are the series of events in this case.
In Apple's motion: "And more important
Re: (Score:3)
Considering that what the FBI wants is listed in the court order, you should be able to find it on your own without issue. I guess you think the FBI is somehow keeping their request secret?
http://www.ndaa.org/pdf/SB-Sho... [ndaa.org]
I suppose you could just read the court order, but maybe that is too hard? The FBI already stated that they don't want a generic backdoor, nor do they want access to the backdoor, but I guess you know so much more than I do.
right, they just want access when they want it, with nothing hindering the process.
All of your "solutions are actual backdoors. So now if you want to say thy don't want backdoors you have to tell us why you were wrog when you first told us we were wrong. You're digging a pretty deep hole for yourself.
Re: (Score:2)
The FBI already stated that they don't want a generic backdoor, nor do they want access to the backdoor, but I guess you know so much more than I do.
Well, we know what FBI Director James Comey has publicly stated. In his testimony before the Senate Intelligence Committee.
"Encryption is a problem in our investigations and it is also a great thing. And therein lies the problem."
He mentioned they haven't been able to access the phone of the San Bernadino shooter, and then stated that wider use of encryption is "overwhelmingly affecting" law enforcement operations, including investigations into murder, car accidents, drug trafficking and the proliferation o
Re: (Score:2)
The court order is not to create a generic backdoor directly. It is to establish a precedent, and to make sure Apple has the ability to break in. The All Writs act has been held to allow the government to compel third parties to use tools they already have, which means that if Apple had this software they could clearly be compelled to use it. If Apple gives in on this case, they won't have a leg to stand on when the next 254,984 orders come in.
Re: (Score:3)
Actually, the FBI's been pretty overt with what they want and they view "just this one phone" as a stepping stone to unlock any phone they want at any time they want. Like you pointed out, precedent is the important thing here. If Apple fails to set the right precedent, then it's only a matter of time before Apple is flooded with requests and the FBI demands that Apple turn over the unlocking program so that the FBI can unlock phones quicker.
Re: (Score:1)
Re: (Score:2)
Fine, I got it wrong, it is a lightning connector:
http://www.apple.com/iphone-6s... [apple.com]
As I am not a iPhone owner, I wasn't aware that they have a special name for the port on the phone. So sue me.
Re: (Score:1)
Re: (Score:3)
Um, have you read anything at all about this case? No one has asked Apple to insert a backdoor. The FBI has asked Apple to write a program that:
1. Remains in memory 2. Only Apple has access to 3. Allows the FBI to use unlimited guesses on the PIN 4. Allows the FBI to use a custom pin entry through the Thunderbolt port
Nowhere in there is a request for a backdoor on every phone, nor does the FBI want a generic backdoor they can use whenever they want. In fact, the first item is because the FBI doesn't want anyone to claim they can reverse engineer the backdoor from the firmware.
You are a moron, or a liar, or both.
Unlimited access to the pin IS a backdoor. There is no functional equivalent between one iPhone 5c with one serial number and another. The claim that the software can't be used on a different iPhone 5c is an unmitigated lie.
Re: (Score:2)
So, a court order, asking for Apple to modify a single phone is somehow going to make every iPhone in the world backdoored? Do you really think that?
http://www.ndaa.org/pdf/SB-Sho... [ndaa.org]
There is the court order, please show me where they ask Apple to give them access to the software. Please show me where it says that they want a generic backdoor, compiled and signed with Apple's key that they can use on every phone in the world.
Instead, the court order asks for a single backdoor, which is keyed to a specific
Re: Really? (Score:2)
Re: (Score:2)
That's not only a backdoor but a serious and irresponsible threat to the lives of apple software engineers caused by the FBI.
I doubt the FBI would go that far. All they need is an informant in Apple.
Re: (Score:2)
Look dude, the FBI specifically said they don't want a backdoor. They just want the tech companies to sell "only communications gear that enables law enforcement to access communications in unencrypted form" rather than the two parties to the communication. TOTALLY different from a backdoor. I'm not sure how, but Comey proposed it, and you don't become FBI Director by being a dullard.
Re: (Score:3)
The FBI only wants Apple to have the access right now just like it's "just for this one phone." Once the precedent is set, the FBI will ask for more and more phones to be unlocked for ever-less-severe crimes. It'll go from "he's a terrorist" to "he's a murderer" to "he threatened someone" to "this person uploaded some movies against copyright law." Meanwhile, the law enforcement agencies requesting this unlocking will increase. It'll start with the FBI, but eventually local law enforcement will want acc
Re: (Score:2)
Um, have you read anything at all about this case? No one has asked Apple to insert a backdoor.
The FBI has asked Apple to write a program that:
1. Remains in memory
Already an issue. This means that Apple has to remove one of it's features. No wiping the phone
2. Only Apple has access to
Bwahahhahahahaha! Yes, only apple will ever have access to it. Spare me your self righteous hmm's seriously? Seriously. Looks like the perfect scenario, because Nothing that is ever a secret gets out. Never ever happened so far. Right?
3. Allows the FBI to use unlimited guesses on the PIN
Sounds like a fine brute force ...... get ready for it....... backdoor
4. Allows the FBI to use a custom pin entry through the Thunderbolt port
You gotta be shitting me don't ya? This is doubleplusgood talk. Let's just not call any of this stuff a "ba
Re: (Score:1)
Um, have you read anything at all about this case? No one has asked Apple to insert a backdoor. The FBI has asked Apple to write a program that:
1. Remains in memory 2. Only Apple has access to 3. Allows the FBI to use unlimited guesses on the PIN 4. Allows the FBI to use a custom pin entry through the Thunderbolt port
Nowhere in there is a request for a backdoor on every phone, nor does the FBI want a generic backdoor they can use whenever they want. In fact, the first item is because the FBI doesn't want anyone to claim they can reverse engineer the backdoor from the firmware.
And all they have to do is to desolder the Flash, read the (encrypted) contents (I'm sure Apple will give them the pinout for the flash chip, even if proprietary (which I don't believe it is. In fact, Step 10 in this iFixit Teardown [ifixit.com] reveals that it is a Toshiba THGBX2G7B2JLA01 128 Gb (16 GB) NAND flash)), and have at it. No "remote wipe", no "10 tries", no "escalating timeout" issues.
Re: (Score:2)
Re: (Score:1)
Not that bullshit again. If you remove the flash memory, you separate it from one of the 256 bit keys required for decryption which is locked inside the CPU.
Which still allows you to sicc your fancy Quantum computers on about 10,000 copies of the data, without fear of the "Wipe", the "Timeout", or having to have 10,000 interns manually keying in "0001, 0002, 0003..."
So yeah, that bullshit again.
Re: (Score:2)
That wouldn't work. The flash memory is encrypted with AES-256, which is impossible to brute-force with optimal quantum computers using only the resources of the Solar System until the heat death of the Universe. It seems highly unlikely for several reasons that the NSA has a way to crack it. This means that the only way to read the flash is to recreate the key.
Apple has a special piece of hardware that does AES-256 encryption and decryption. It includes a secret 256-bit random number that can't be r
Re: (Score:1)
That wouldn't work. The flash memory is encrypted with AES-256, which is impossible to brute-force with optimal quantum computers using only the resources of the Solar System until the heat death of the Universe. It seems highly unlikely for several reasons that the NSA has a way to crack it. This means that the only way to read the flash is to recreate the key.
Apple has a special piece of hardware that does AES-256 encryption and decryption. It includes a secret 256-bit random number that can't be read, and which can only be accessed by combining a PIN with it to form the key. I don't think the key is exposed either, so the only way to read the flash is to enter the correct PIN into that particular hardware. It cannot easily or reliably be copied, and if it's destroyed the flash is permanently unreadable.
Brute-forcing a 4-digit or 6-digit PIN is trivial, except that iOS permits only ten tries before wiping the random number and rendering the flash permanently unreadable, and the tries have to come through iOS on that particular device. The FBI wants a changed version of iOS that doesn't have the wipe, the lockout delay, and which accepts access through new means.
For someone pretending to have some knowledge of the situation, you have (deliberately or ignorantly) left out a few key points, to wit:
1. The phone in question is a iPhone 5C. So no "Special piece of hardware" (Secure Enclave chip). This is VERY significant.
2. As I pointed out in another post, AES256 is actually weaker than other forms of the algorithm. So it may be breakable in less time than the Universe has left.
3. When you Brute Forrce a key on a pile of static data in situ, all you need is the dat
Re: (Score:2)
1. The 5C does not have the Secure Enclave chip. This does not mean the key is in the open. Part of it is in the CPU, and therefore the iPhone can only be decrypted as itself, not by examining the flash. See this Ars article [arstechnica.com] for more details. The key isn't nearly as well protected as it would be in the the Secure Enclave, but it's not trivial.
2. AES-256 has problems that raise the possibility that it may be a lot weaker than it should be for a 256-bit key. You're not citing an actual attack. It m
Re: (Score:2)
1. Remains in memory
What does this mean? Someone has to write this code. This code must exist on disk somewhere. Obviously you've not done any coding. Every single piece of code I ever created had to be saved when being developed. So this code will at the least exist at Apple. Apple now becomes a huge target for hackers wanting to access this code.
2. Only Apple has access to
The FBI has physical access to the phone. They will have to at the transfer ownership temporarily to Apple but then they will get back the phone to do the breaking. As soon as the
Re:Security threats are a strawman (Score:5, Insightful)
The question is not "what if it escapes".
What if, one of the guys working at Apple is able to get his hands on that "one-serial" version? Is that guy security checked? Is he a spy?
That such a version even exists is a risk. Whereas if all the Apple firmwares issued, to anyone, are just consumer, technical, etc. firmwares that don't allow arbitrary bypass of security restrictions, it's much harder to make happen.
And how difficult would it be for, same, some enterprising country to get their hands on this "one-serial" firmware and hack either the serial is applies to AND/OR the serial on the hardware they want to get into?
It's not public escape and the guys on the firmware hacking forums that this guy would care about. That kind of thing could already be going on anyway. It's that Apple are providing firmwares capable of device compromise to anyone who asks in any of their legal locations. Like China. If the FBI succeed in the US, what's to stop the appropriate equivalent Chinese agency succeeding in China (where it would be done much more quietly and probably without any safeguards at all?). Nothing.
Short of Apple literally having to pull out of China if they are forced to do it, they would have to comply with the laws there too, by their court's interpretation, whether the device was originally bought in the US, the EU or anywhere else, if if a similar case comes up and the highest Chinese legal authority decrees they want this, and Apple has already provided the facility to the FBI, it's almost impossible to deny them it short of pulling out of sales in that country entirely. And that would hurt Apple and, by proxy, the American export economy.
This guy is making some sense, at least. He's not even trying to pretend that the courts aren't within their right in this instance, what he's saying is that it's a much bigger issue than just resolving one legal dispute, and will affect the security and export of US electronics worldwide.
It's got nothing to do with "how many times we give in", but "that we gave in the first time", which is a sad and oft-repeated lament where law is concerned. Apple aren't even saying they COULDN'T do this... they are saying they SHOULDN'T.
It would destroy exports, user confidence, and provide a tool that - with almost zero effort - could be applied elsewhere. And, please bear in mind - evidence submitted in a court can be requested, inspected, queried and argued over by the other side too.
In the same way that the firmware of breathalysers and all kinds of other devices are legally forced open in many jurisdictions (because you are putting people behind bars based on the assertions that the software is making, and thus the software has to be able to be inspected by an appropriate professional analyst if the defendant makes a fuss about it, in order to dis/prove their case), providing this firmware to the FBI may well pave the way to providing it to the defendant's lawyers, legal team, analysts, courtroom, etc.
It's not joe-public hacking the firmware on their iPad that anyone cares about. It's creating a tool that you then can't "uncreate" and may well be able to be applied to everything from some kiosk-like visitor-log device in the White House to the kid's tablet in Downing Street, and then advertising that the tool exists to any court in the world that might demand it.
Though I hate Apple with an absolute, physical, lividness, this is actually a big case with much more impact for Apple, the US electronics economy and the global IT economy, plus the national security of almost every country, than just "who might bypass your passcode when they can put a hacked firmware on your iPad when you leave it unattended in a bar".
It doesn't even need to "escape". If Apple get summonsed to provide this same tool by a Chinese court, or an EU one, they will have to comply or fight the same fight. If they could point at the US and say "No, look, we argued this over there, we're not going to do it", it holds much more precedent than "We caved to the FBI, but we don't like your court system over here so we won't do the same for you."
Re: (Score:1)
More to the point. the FBI is painting a huge target on Apple employees' heads.
http://it.slashdot.org/story/14/03/21/1214223/inside-nsas-efforts-to-hunt-sysadmins [slashdot.org]
That's what our spies do to random sysadmins at foreign telcos.
If the FBI gets its way, even if the Apple employees who crack the thing sincerely intend to never disclose the technique, their lives are e
Re:Security threats are a strawman (Score:5, Insightful)
I didn't read the article, but I heard the interview on NPR. Basically his reasoning is this: Cybersecurity is our biggest defense gap. It's clear now that the chinese have stolen designs for expensive weapon systems of ours and we've seen signs that foreign entities have the ability to manipulate our power grid and infrastructure, and possibly the stock market. In this context, building in any weakness at all - even for a seemingly slam dunk case such as terrorism, we should be cautious. In a landscape so woefully filled with security holes, it is more incumbent upon us to protect Americans by tightening security, than gaining a little extra information about some lone wolf shooters.