DoJ Says Apple's Posture on iPhone Unlocking Is Just Marketing

New submitter kruug writes: The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge's order for the company to unlock the iPhone belonging to one of the San Bernardino shooters, portraying the tech giant's refusal as a 'marketing strategy.' The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week. The Federal Bureau of Investigation is seeking the tech giant's help to access the shooter's phone, which is encrypted. The company so far has pushed back, and on Thursday won three extra days to respond to the order. Reader Lauren Weinstein writes of this tack: "The level of DOJ disingenuousness in play is simply staggering."

Apple - standing alone

[Swampash]

Assume that every other hardware manufacturer that is NOT getting threatened by the Federal Government has already rolled over.

Tim Cook: thank you. All you other bitches: FOAD.

Re:Apple - standing alone

[imgod2u]

That's actually exactly what Apple is saying and it's true: they can't access the encrypted data because they don't have the key.

What the FBI wants is for Apple to develop a hacked version of iOS that can be loaded onto the phone and allow external inputs to try different user unlock PINs as well as get rid of both the 10-attempts limit as well as the time-between-tries limit.

Obviously the existence of such a hack -- as well as the ability to load a locked phone with it -- is a dangerous tool that can be used on any iPhone. Apple isn't just refusing to hand such a thing over, they're refusing to even develop (or at the very least, acknowledge the existence of) such a hack. Thus discouraging any hackers from going "shit, it can be done, let's find out how!".

Re:Apple - standing alone

[ooloorie]

What the FBI wants is for Apple to develop a hacked version of iOS that can be loaded onto the phone and allow external inputs to try different user unlock PINs as well as get rid of both the 10-attempts limit as well as the time-between-tries limit.

Yes, that is probably what the FBI wants. My point is that if Apple can push such a software update to an existing phone without the user unlocking the device first, then iOS cryptography is broken already. And that is likely the case, because if Apple couldn't push such an update to an existing phone without unlocking it first, then it would make no sense for the court to try to force them to develop such an update, since the court can only order Apple to develop such a tool for a specific case, not for future cases that aren't before the court yet.

Re:

[Ken D]

Yes, It should be a requirement that a phone be unlocked before an update is applied.

Although there could be an option to update *and wipe* which would be equivalent to hard reset and update.

Re:Apple - standing alone

[cfalcon]

> My point is that if Apple can push such a software update to an existing phone without the user unlocking the device first, then iOS cryptography is broken already.

You should look a bit more into it.

First, if we are talking CRYPTO, lets be real: a 4 digit passcode is triival to brute force. I don't care WHAT you use- Twofish/AES/Serpent in Veracrypt, I will absolutely break your 4 digit passcode in moments. Because it's a fucking FOUR DIGIT PASSCODE.

So, how does Apple try to secure this? The only way it can- with hardware. The crypto is 128 bit AES, so they aren't trying to attack that. Later versions of the iphone have secure hardware implement this sort of logic. The version in question actually IS less secure- it has software that does the task of the wiping. Apple is refusing to build and cryptographically sign software that will do it.

There's no cryptographic way to secure a 4 digit passcode, or a 6 digit passcode. It's physically impossible. Hence the use of hardware. If you have a serious crypto passphrase on your iphone- and you absolutely can- then the only way in is through the crypto, either the AES or the PBKDF2. It's not as strong as AES 256 XTS (because it is AES 128 XTS), but it is still considered unbreakable.

So don't talk shit about their crypto if their crypto isn't even up for debate. This is about a software workaround possible on an older model to brute force requests into the hardware that is expected to defend a 4 digit passcode against repeated attempts. The crypto isn't even in the conversation.

Re:

[Razed By TV]

His point is that the crypto isn't worth a god damn thing if all you have to do is load custom firmware.
You can have all the crypto that we will develop in the next 1000 years and it doesn't mean a thing if you're backdoored.
Paging Dr. Pedantic, this would suggest that Apple's crypto may as well be considered compromised.

Re:

[thegarbz]

The implementation of crypto is broken if it can be easily bypassed.

Yes, the crypto they are using is great, but the implementation of it is pointless if it is trivial to get around it.

I don't think you know what it is they are doing, or exactly what Apple's solution would provide them. I can tell when you use the words "easily bypassed" and "trivial". The ability to bypass the encryption is entirely dependent on the way the user has set this up. This is something that EVERY SINGLE ENCRYPTION SCHEME HAS IN COMMON.

Here's an encrypted string using a standard AES128 algorithm eith ECB:
e2 2f bd 90 28 ed fe c0 75 b3 89 bf 59 4f 7a 2e
a8 36 d3

Re:

[thegarbz]

It's a 4 digit passcode to get past the lock screen.

Yes and my above encrypted code has a single character as the encryption key. I'm still waiting for you to tell me how that means the encryption is broken. Just because the USER OPTED to use a 4 digit pass code doesn't mean that Apple is creating a back door to its encryption by allowing the brute force of the login. If the USER OPTED to use a 256 character passphrase the FBI can brute force away until all people associated with the case have long passed off this mortal coil.

So I will say it yet again, this

Re:

[cfalcon]

Well, Apple has been trying to address this with every hardware rev. Later ones have enforcement in the secure enclave. This attack would absolutely not work on the 6 and 6s, but Apple has implied that there's still some way even there- I bet you see that patched in a later version.

LUKS doesn't force you to not use a 4 digit PIN. Does LUKS suck? Veracrypt will let you use a 1 digit passphrase too. Does Veracrypt suck?

You just implicitly shit on the best crypto engines in the world in the process of fin

Re:

[ooloorie]

There's no cryptographic way to secure a 4 digit passcode, or a 6 digit passcode. It's physically impossible.

Look, you don't seem to understand how these systems work. The 4 digit passcode isn't the cryptographic key, it's something that the user can use to identify himself to the phone a limited number of times. The cryptographic key is some long random string that the user likely never sees.

So don't talk shit about their crypto if their crypto isn't even up for debate. This is about a software workaroun

Re:Apple - standing alone

[thegarbz]

What this comes down to is that iOS cryptography is vulnerable because their key management appears to be vulnerable.

Key management isn't vulnerable at all. Only the user's choices make it vulnerable. Just like if I run an SSH server with all the best encryption but the login is "root" and the password is "password", the underlying process isn't weak at all, only the user inputs are.

If you're worried set your unlock key on your phone to a passphrase and use 256 random characters. That choice is yours. If you still think it's insecure, then your can come back and complain about Apple's handling of it. But the reality is you'll come back and complain about how hard it is to access your own phone.

By the way my unlock code is 000000. 6 digit passcodes were enforced by my company. I hate having to type a password in to access my phone. Does that make my phone crptographically insecure? No it just makes me a stupid user with no idea (or maybe no desire) to secure my data.

Re:

[sexconker]

There's no cryptographic way to secure a 4 digit passcode, or a 6 digit passcode. It's physically impossible.

Store hash.
Hash function can be anything, including XOR with some other value.
Good luck!

Re:

[phantomfive]

It can be broken by trying every possible 4 digit passcode

Re:

[mysidia]

There's no cryptographic way to secure a 4 digit passcode, or a 6 digit passcode. It's physically impossible.

You could use a key derived from a PBKDF2 hash with such a high number of rounds that it requires 6 hours to unlock the device, after you typed in the correct passcode.

You'll cache a "shortcut" in a special memory circuit that will reduce the time to 10 seconds to unlock, But during a firmware update that changes certain bits, the shortcut will be purged from RAM, after the update, bu

Re:

[Rutulian]

My point is that if Apple can push such a software update to an existing phone without the user unlocking the device first, then iOS cryptography is broken already.

It's not about pushing an update to the phone (which does require the phone be unlocked), it is about using the firmware loader to flash itself, much like the way you can flash the BIOS on any PC if you have physical access (yes, even if a BIOS password has been set). The only feasible way to secure this is to encypt the loader itself and design a second loader that unencrypts the update loader, but it is not clear whether this level of complexity is allowed by the chip logic.

No, the real problem, that is n

Re:

[ljw1004]

Obviously the existence of such a hack -- as well as the ability to load a locked phone with it -- is a dangerous tool that can be used on any iPhone.

That's not true. The deal is: apparently any firmware signed with Apple's key can be loaded onto the phone. The FBI is asking Apple to write a firmware which (1) is tied to this particular phone, (2) is signed by Apple's key, (3) allows rapid and repeated unlock attempts. The FBI is happy for Apple itself to load this firmware onto the phone.

This modified firmware wouldn't be usable on any iPhone because it would contain a check "if (PhysicalPhoneID != hardcoded_constant) abort;". The firmware couldn't be h

Re:

[Jane Q. Public]

Sure. Now explain how to get that firmware onto a locked phone.

If Apple can do that, then indeed the crypto is compromised. If they can't, it's not.

Android requires user intervention (therefore, unlocked phone) before an OS update.

Re: Apple - standing alone

[ljw1004]

The court order suggested Apple to use "iPhone DFU mode". It's the standard existing way to update firmware on a bricked phone. It doesn't boot the phone's OS, doesn't power up the screen, nothing. It's the iphone's built-in last-ditch way for updating the phone's firmware when the phone us (for whatever reason) unusable.

Re:Apple - standing alone

[Aighearach]

You accuse me of "misinformation," I'm throwing down the gauntlet on that! You're a liar to accuse me of that. If you disagree, disagree, don't make a false accusation.

You accuse me of "misinformation," and then you verify my statement! As you said, "firmware is just a piece of software." Right. Is a piece of software tied to one computer, or can it also be run on other computers? Is that indeed part of the nature of software?

You're saying that you believe that adding an ID check to the software source code somehow locks it so that it can only be used with one device. I'm a software developer, and I say you're full of shit and don't even realize that software can be easily altered later to work with a different ID. There is no way to "lock" it so that can't happen. Even if it is a compiled binary file, it is easy to find and replace the ID because they already know the ID of the phone it would be written for.

Don't claim I'm "spreading misinformation" when you don't even understand the details. Yes, I am saying it is "technically impossible" for Apple to write firmware that is locked to one device, because of the very nature of what software is. The only way that a piece of software can be locked to one device is if that device has a custom CPU and there are no other devices that can run the code. But iPhones don't come with individually customized processors, all the phones of the same model have the same processor and can indeed run each other's firmware.

Re:

[mark-t]

....since it is, in fact, possible

Do you have any proof of that?

Re:Apple - standing alone

[MikeMo]

That's not the deal at all. Apple can't decrypt it. The FBI wants them to remove the safety measure where the phone will discard the encryption key altogether after 10 failed attempts at guessing the passcode.

Re:Apple - standing alone

[ooloorie]

That's not the deal at all. Apple can't decrypt it. The FBI wants them to remove the safety measure where the phone will discard the encryption key altogether after 10 failed attempts at guessing the passcode.

Yes, that is likely what this is about (see my other posting). And if they can push a software update with this safety feature to an existing phone without the user unlocking it first, then Apple's software is not secure. That's exactly my point.

That is, Apple is right that such an update would make future iOS devices much less secure, but what this whole spat reveals is that the current system is already not secure precisely because governments can make demands like the US government is making. That is, the fact that we're even having this debate is due to a bad implementation of cryptography on Apple iOS.

Re:

[cfalcon]

Again, the current system is secure if you trust the math only by using a crypto secure passphrase. If you don't, you MUST be trusting the hardware or software to guard against the brute force- really the wimp force, because 10k trials is nothing.

You can set up an alphanumeric passphrase of massive length under settings. Then you are secure against brute force no matter what, same as if you used it as your Veracrypt passphrase.

Re:

[ooloorie]

Again, the current system is secure if you trust the math only by using a crypto secure passphrase. If you don't, you MUST be trusting the hardware or software to guard against the brute force- really the wimp force, because 10k trials is nothing.

That is correct. And I'm pointing out that you cannot trust the Apple hardware/software combination. It is fairly easy to design a phone like the iPhone that uses short unlock codes yet still is cryptographically secure with high probability (1:1000 with ten tri

Re:

[__aaclcg7560]

The fact that Apple can somehow push software onto an existing iPhone that allows the federal government to decrypt the data on that phone without the key seems like a fundamental flaw in iOS.

That's the FBI's position. Apple says it can't be done.

Re: Apple - standing alone

[Midnight Thunder]

If the OS is able to operate, then there must be a zone where encryption is not active, otherwise how does it boot without an entered key? The only part that would be encrypted is with user data. If this is the case, then I suspect they could disable the 10 try functionality., if push came to shove.

Whether or not you agree with the DoJ or Apple, there is certainly a precedent which is going to be set here. The discussion and implications are going to be interesting.

Re:Apple - standing alone

[ooloorie]

That's the FBI's position. Apple says it can't be done.

That simply isn't true. Apple is facing a specific order to decrypt a specific iPhone in a specific legal case. If this can't be done, there is nothing for Apple to fight, because the court order only applies to this phone. The fact that Apple is fighting this order and is saying that they are refusing to develop an unlock tool implies that they believe it can be done but are simply refusing to do it.

Re:Apple - standing alone

[__aaclcg7560]

Apple is facing a specific order to decrypt a specific iPhone in a specific legal case.

Apple has previously cooperated with warrants to unlock iPhones for the authorities, but that was before they changed the encryption method to better protect user data hackers and spies. If Apple develops an unlock tool for this specific case, what prevents it from being used for every legal case in the future?

I like the idea that no one — not even the government — can browse through the encrypted data on my iPhone. The Founding Fathers used encryption to protect their own communications from the British government. In fact, under some bills being considered by various national governments today, they would have gone to prison for using encryption technology.

Re:

[ooloorie]

If Apple develops an unlock tool for this specific case, what prevents it from being used for every legal case in the future?

My point is: such a tool should be impossible to develop in principle. The fact that such a tool can be written and Apple simply refuses to write it tells you that there must be some security flaw somewhere in iOS, at least on the phone model in question.

I like the idea that no one — not even the government — can browse through the encrypted data on my iPhone.

Me too.

Re:

[c]

If Apple develops an unlock tool for this specific case, what prevents it from being used for every legal case in the future?

Presumably Apple would get tired of that business and redesign their phones to block that entire class of backdoor attacks. No firmware updates on a locked phone. It might suck for those consumers who actually do forget their passcodes, but at least they'll have security. It wouldn't surprise me if the iPhone 7 team has recently seen some changes to the security specs...

The only way f

Re:

[sribe]

That's the FBI's position. Apple says it can't be done.

They have NEVER said it cannot be done. In fact, they have quite loudly acknowledged that it can be done. Their position is that a) such a version of iOS does not currently exist and b) to create that special version and load it onto an iPhone most certainly does not fall within the law's definition of "not burdensome".

it's sort of true

[phantomfive]

On the one hand, Apple tried to make a deal and keep the whole thing secret [recode.net]. So that makes it seem like Apple was willing to go along (for at least this one case) as long as it was kept quiet.

On the other hand, it doesn't really matter. If Apple is doing it as a publicity stunt, then it's doing it because the customers want it. Frankly that's better than a corporation trying to "do the right thing" that people don't want.

How did they try to keep that secret?

[SuperKendall]

Apple did nothing to keep this secret. It's already known they have assisted the FBI before.

Instead what happened is no-one cared, not even Apple, until the FBI demanded essentially that Apple break hardware security. That is where Apple drew the line; that is what brought all of the attention to bear.

Re:

[phantomfive]

Apple did nothing to keep this secret.

Wow, at least click on the link I provided. Again, here is the quote that directly contradicts what you said:

The FBI then made its tailored request, which Apple asked to be placed under seal, according to the New York Times.

Maybe you forgot what it means to place it under a seal?

Re:

[dbIII]

That turns it into a comedy - the FBI going public and then accusing Apple of doing it for publicity.
Did they employ some clowns thrown out of the NSA after Snowden or something? It sounds like something the Star Trek Set guy would do.

Re:

[phantomfive]

That turns it into a comedy

Enjoy the circus,
The bread is coming.
Feel the bern.
Burmashave.

Re:How did they try to keep that secret?

[j-turkey]

That turns it into a comedy - the FBI going public and then accusing Apple of doing it for publicity. Did they employ some clowns thrown out of the NSA after Snowden or something? It sounds like something the Star Trek Set guy would do.

Sort of...the FBI didn't do it for publicity. They did it to set precedent, and this case was chosen very carefully by the DoJ in order to achieve this (by tugging at heart strings and a sense of panic in the wake of terrorism). There are plenty of other investigations that they could have made similar demands under. If Apple cooperated with the FBI and it was done under seal, then it could not be used as precedent to use the courts to force Apple to do the same in future cases.

Re:

[Frosty Piss]

That's not really what any of the links you provided say.

Re:it's sort of true

[phantomfive]

Here is the quote:

The FBI then made its tailored request, which Apple asked to be placed under seal, according to the New York Times. Instead, the FBI went public, setting off the high-profile drama

Re:

[Daniel Matthews]

Apple did the wrong thing by talking about it publicly, now every despot and dictator in the world knows that forcing them to open up phones is an option, if they can control if Apple can do business in a given region. They can block the MAC addresses of Apple products selectively so that even a smuggled Apple phone will not be able to connect to the phone towers that said despot controls.

And the phone will end up cracked open one way or another, in the end, but just at a far greater cost thus consuming

stating the obvious

[xfizik]

Give me a break. Who would be naive enough to think Apple would refuse to cooperate with the U.S. government in such a case? Yes, they'll "refuse" on public, get some headlines for "standing up for privacy" and then quietly do what they were told one way or another.

Re:

[The-Ixian]

yep, for sure.

Once the public eye has been jerked away by the next shiny thing, Apple will unlock the phone quietly and the feds will mysteriously drop the case.

Can someone explain why the FBI needs Apple?

[sheetsda]

The FBI has the hardware. At the software level it should be game-over. So what is stopping them from copying the phone's memory, putting it in an emulator or another phone, and brute forcing the 5-digit PIN. Every time it self destructs, they load up another copy and continue until the correct PIN is found. What am I missing here?

Re:

[sheetsda]

Excuse the reply to my own comment...

After further thought I think I have my answer, barring some more plausible answer from the community: They don't want an Apple tool so they can crack this guy's phone, he's just politically convenient leverage to get the tool made.

Re:

[h33t l4x0r]

Right, because nobody's going to stand up for the rights of the shooter, but once they get a win it will set a precedent for the rest of us.

Re:Can someone explain why the FBI needs Apple?

[Anonymous Coward]

The data is encrypted using a key fused into the hardware processor. The key is in hardware and not readable. The key is not the 10 digit pin. The 10 digit pin and the encrypted contents are sent to the hardware chip and a decryption attempt is made. The results of that are sent back. If the user fails to decrypt the data within 10 attempts the encryption key in HARDWARE is wiped out making the user brute force AES 256 on the data instead of the 9999 possible pin combinations.

The hardware encryption chip would need to be copied as well as the data. Copying the data alone gives you nothing but random bits of AES 256 encrypted data. Putting that on a phone emulator or another phone will never work unless the unique key in hardware is known and that cannot be read.

Re:

[sheetsda]

That is a reasonable answer - Thanks!

Re:

[Wraithlyn]

OK, so after 10 failed attempts, the Operating System (software) wipes the key, right? This in fact is what the DOJ wants Apple to do, push an updated O/S that doesn't wipe the key after 10 attempts. So it follows that the key wiping part must be controlled by software.

So why can't they image the phone, try 9 attempts, and then restore the image? Wouldn't that reset the "failed attempts" counter to 0?

Re:

[Cramer]

(a) It's evidence. They cannot "drill into it".
(b) Apple designed to the processor to resist such attempts. (it's actually codified in FIPS-140 standards) It's hardened against x-ray imaging.

Re:

[Anubis IV]

The device in question relies on the OS itself to handle the wiping and rate limiting. As such, a malicious OS update could be crafted that removes those safeguards, allowing the passcode to be brute forced. Later devices have dedicated hardware that manage those features, meaning that a simple OS update would be insufficient. You'd also need to update the firmware on the dedicated hardware (i.e. The Secure Enclave).

Re:

[nawcom]

running it in some kind of emulator wouldn't be possible due to its full disk encryption, which uses the UID key [theiphonewiki.com] making it impossible to clone.

If you're interested in how the hardware-driven encryption works in current versions of iOS: Why can't Apple decrypt your iPhone? [cryptograp...eering.com]

Re:

[suutar]

Part of the process of going from PIN to decryption key is in hardware, and they only have one of that chip.

Re:

[Anonymous Psychopath]

The FBI has the hardware. At the software level it should be game-over. So what is stopping them from copying the phone's memory, putting it in an emulator or another phone, and brute forcing the 5-digit PIN. Every time it self destructs, they load up another copy and continue until the correct PIN is found. What am I missing here?

Apple has stated that anything with an A7 or newer CPU has a unique code embedded in the hardware that is combined with the PIN to serve as the encryption key. Apple doesn't record the hardware key, and they are the only ones that possess the keys for the software used by the secured enclave in which it resides. So without Apple's help, the DOJ would have to first break into the secure enclave, which I presume is so difficult as to be impractical, and only then could they try the brute-force method you desc

Re:

[AchilleTalon]

FBI and NSA can break the code, but it will not be acceptable as a proof before the court. That is why they ask and request Apple to perform it. In this particular case, they want the data admissible as a proof before the court. They are not trying to break it in order to organize an operation against a secret target or whatever. So, the conditions under which the data will be made accessible and decrypted matter.

Re:

[FlyHelicopters]

Proof before the court of... what?

No one is on trial here... the people who did this are dead...

Re:

[penguinoid]

The FBI has the hardware. At the software level it should be game-over. So what is stopping them from copying the phone's memory, putting it in an emulator or another phone, and brute forcing the 5-digit PIN. Every time it self destructs, they load up another copy and continue until the correct PIN is found. What am I missing here?

What you're missing is that Apple engineers aren't idiots, and spent more than the 5 seconds you did thinking of their security. Specifically, half the key is embedded in the hardware and would require some super expensive reverse-engineering to extract.

Meanwhile, the government is making a big fuss about this because what they really want is the ability to crack iPhones in general, preferably remotely, automatically, and without a warrant. They already know who the guy was talking to. But there likely won'

Re:

[larkost]

The data on the chips is encrypted with AES. No-one has the computational power to try all possible AES keys, or even a reasonable fraction of them. Unless there are unknown weaknesses in AES, then some have speculated that it is not possible to try all combinations using all computers on earth through the heat-death of the universe.

The key to that encryption is in hardware on the phone, is unique to that phone, unknown to Apple or any of its suppliers, and is not recoverable (try to get at it physically an

They're correct - because it's about survival

[FireballX301]

Apple knows that complying with this order will essentially destroy most, if not all of their overseas business. If they comply with this order, they will lose anyone who is even remotely suspicious of US govt motives; this includes literally billions of non-Americans around the world. The net result would simply be people moving to phones that are perceived as more secure, there's an easy market opportunity for a non US based company to put out 'secured' phones (for example, a phone that rejects all firmware updates in addition to the secure area tech) and gain all the business that Apple would lose.

The question is, of course, if the government knows this, and I'm pretty sure the law enforcement/'intelligence' personnel here are so scoped into their mindset that they're totally unaware of this, and would reflexively brush it off as hyperbole (hint it isnt).

Re:They're correct - because it's about survival

[DutchUncle]

I suggest that the law enforcement personnel ARE aware of the issue. Even as NYC police had a press conference pointing out how many cases were blocked because of inaccessible information on smartphones, and the commissioner was blasting Apple's current policy, a subsequent speaker (a prosecutor?) was careful to point out that Apple had formerly cooperated in such cases, and that a narrow set of conditions including a properly-executed court order to work on a single phone at a time for a single case is VERY DIFFERENT from a generic backdoor. I'm betting that something along these lines will become the court-ordered compromise: isolated workspace, isolated cases, some kind of open oversight (like normal search warrants and court orders, not the NSA secret rubberstamp court). Practical side: DoJ doesn't want to be blamed for killing the biggest tech company or crashing the stock market.

Re:

[dmbrun]

If they do this for the FBI (US Government) then any overseas government will ask for the same privilege/device. And No, they won't be sending the devices to the USA, the unlocking device will be in the country concerned.

Of course, Apple don't have to agree. Unless they want to keep doing business in that country.

Re:They're correct - because it's about survival

[FireballX301]

The average person might not give a fuck, but iPhone buyers outside US/EU are not average - they tend to be well off, or enterprise customers (who I can assure you will care very much so about this). More importantly, it'd be very easy for governments to spin this against the US and Apple - how easy would it be for the PRC to talk about how the US is spying on China, and mandate that all Chinese citizens/enterprise buy Xiaomi?

You minimize the impact at your own peril.

something fishy about iOS encryption

[ooloorie]

It's one thing for the government to talk to Apple about mandating encryption backdoors in future iOS updates. But this spat between the government and Apple is not about that, it is about data on a phone running current iOS software. Apple is essentially saying that they could access data on encrypted iPhones by pushing a software update. That is not how a cryptographic system ought to work. A correctly implemented cryptographic system should allow access to the data only with the key. When a cryptographic

Re:

[imgod2u]

The second scenario is what's happening here. Whether or not an OS update to a locked device can be done is up for grabs. What's in the letter Tim Cook posted is that they're refusing to even *develop* such a tool if it were possible. It could very well be that it's not possible, but no system is really perfect.

With Secure Enclave in the newer models (the iPhone in question is a 5C), the time limit and retry limit is hardware enforced. So such a hack wouldn't work on newer phones, only iPhone 5C and 5 (and

Re:something fishy about iOS encryption

[AchilleTalon]

We are talking about a iPhone 5c. You should read this [washingtonpost.com] for more about the actual reason FBI is asking Apple to perform the decryption of the iPhone.

Re:

[ooloorie]

Yes, Schneier's article is essentially correct as far as it goes. He believes that the problem with the iPhone is a lack of code signing. But there is a more fundamental problem. Normally, Apple seems to require a password for updating the phone software. But it appears that Apple has ways of altering the phone software of a locked, encrypted phone even without unlocking it first, otherwise the FBI demand would make no sense in regards to the San Bernadino phone. That means that there must be an existing, g

Re:

[dbIII]

Apple should not be able to push such an update to an existing phone without having the user unlock the phone first.

I don't have an Apple phone but with others being able to reinstall or patch the system via USB is a useful feature. Some have an option where they only boot as far as a program to do updates.

Re:

[BitZtream]

No, Apple isn't saying they could get access to the encrypted data.

The FBI is asking for apple to give them a version of the software that doesn't have the delay between password attempts and doesn't wipe the device after a certain number of tries.

Neither of these things mean it 'isn't encrypted properly', they in fact are an example of it working as it should.

To go further into your comments:

The FBI request won't work however for one glaring reason: You can't update a locked device without unlocking it be

Re:

[ooloorie]

The FBI request won't work however for one glaring reason: You can't update a locked device without unlocking it because THE DEVICE REJECTS THE UPDATE REQUEST. Apple designed it that way, intentionally.

You are missing the point. That is what a properly designed system ought to do. But if this were true, there would be no dispute between Apple and the FBI: in response to the FBI's demand to unlock the San Bernadino phone, Apple could simply say "it is impossible to do that" and that would be the end of it.

They are probably right

[taustin]

Seems likely, anyway. On the other hand, the FBI's posture is just a constitutional overreach and attempt to institutionalize the ignoring of due process, so they're about even.

What Apple should do at this point

[SuperKendall]

A) bring iPhone into Apple facility.
B) OOPS! Destroyed phone in freak Ives latte spill.
C) LOSS

How much could the government fine Apple? A million dollars? 100 million? A billion? Whatever!

Re:

[jklovanc]

DOJ is smart enough to clone the phone first.

Re:

[Anonymous Coward]

You can't clone the hardware chip with the encryption key. Isn't this supposed to be a tech site?

Re:

[suutar]

which does them no good whatsoever without the particular key storage chip from that phone. Otherwise they'd just clone it a hundred times and throw 10 attempts at each clone.

Re:

[DreamMaster]

It wouldn't work, or otherwise the DOJ would have set up an automated cloning of the phone and trying 10 password attempts at a time. What I've gathered from reading the various articles is that each IPhone has it's decryption key stored in hardware, with no way to copy it. Easily, that is, I suppose they could break open the chip and try and chart the pathways using a scanning tunneling microscope, but that would take a great deal of effort, and it would be easy to accidentally destroy the key doing so.

So

A Lose-Lose Proposition

[zenlessyank]

If Apple refuses then the tanks roll in so to speak, and if they comply then they will lose potentially a lot of business because the rumors will be valid about 'back-doors'. I assume there is some other crap at play since this smells like a rat.

Re:

[sexconker]

Life in prison, in solitary confinement in a basement if you don't reveal your passwords and encryption keys

That's just as wrong as what they're trying to do now.

Dave Ross says: It's honeypot misinformation

[DutchUncle]

Dave Ross, commentator on CBS Radio, proposed: Our vaunted security agencies state, loudly and publicly, that they are incapable of reading an iPhone. Apple refuses, loudly and publicly, to do anything to help, and points to our own constitution for protection. One can easily imagine a rush of bad guys to get iPhones so they can harm us with our own technology. And in the meantime . . . . are the security agencies REALLY incapable of reading it, and is Apple REALLY unwilling to help them, or is it all a

Applehater Agrees With Apple.

[BrendaEM]

'nuff said.

What would apple do

[stabiesoft]

if the phone had the details of where a bomb was placed on the apple campus and it was set to go off april 1st. Would they let their campus go boom or would they decrypt it? I already know this post is going to get downvoted into oblivion...

Re:

[mark-t]

That wholly would depend on whether they actually had the ability to decrypt it in that amount of time. If not, they would simply try to find the bomb before the deadline, and not bother trying to decrypt it at all, because that is more likely to produce the desired results than doing something that they already know they could not offer any guarantee of success before their time was up.

My, hasn't Apple come a long way?

[scdeimos]

It was only a few years ago that SFPD officers and Apple employees were busting down doors together to recover (lost, not stolen) iPhone prototypes. Did Apple Impersonate Police To Recover the Lost iPhone 5? [slashdot.org]

DoJ Spinning

[blavallee]

The FBI made this issue public. [bgr.com]
Trying to make Apple look like the bad guy, to generate public sympathy.

Have I said thanks?

[Impy the Impiuos Imp]

> just marketing

Yes, much like your instructions to create a 1984-like warrantless panopticon is just political marketing by politicians preening in front of voters.

Re:Why is Apple acting like obstructionist...

[__aaclcg7560]

The keys on the new phones are only five digits. They should be able to find the key in a matter of seconds.

Except you have only ten attempts to enter the correct five digits before the data is automatically wiped. A security feature that prevents a brute force attack to unlock the iPhone.

Re:

[The-Ixian]

If that were the case then I don't think the FBI would have such a problem unlocking the phone.

I know, there are political reasons for why the FBI could be pushing this angle so hard even, if they do have the ability to unlock it. But the fact that they would push at all implies that it is not a trivial process and, perhaps, a non-zero chance of failing and wiping the device by accident.

Re:

[__aaclcg7560]

But the fact that they would push at all implies that it is not a trivial process and, perhaps, a non-zero chance of failing and wiping the device by accident.

A defense attorney could challenge the data recovery admission as evidence in public court, forcing the FBI to reveal exactly how they were able to unlock the phone to recover the data. The government does not like reveal sensitive information in public courts, which often withdraws the evidence and/or let the case collapse. The workaround is to set a legal precedent that would force companies like Apple to do the data recovery for them.

Re:

[AchilleTalon]

There is a way, dot period. You don't know what you are talking about. Please, take time to search what this case revolves around regarding the breaking of the encryption. Hint: Washington's Post has a nice article about it. The iPhone is a iPhone 5c and is perfectly "breakable" provided some conditions.

Re:

[mark-t]

Basically, the FBI doesn't want to have to get a warrant for the phone records from the providers and then track down all the frequently called numbers.

It seems to me that would actually be a whole lot easier than all of this.

Re:

[koreanbabykilla]

They dont need a warrant, The phone in question was his work phone. He worked for the government.

Re:

[rainer_d]

I'm confused by Apple's (and slashdotters') response to this whole thing. I can't see that Apple is in the right here. This case has nothing to do with the actual encryption. There's no back door we're talking about here. Turning off the device wiping safety feature is something Apple can do without affecting anyone else. If the worry is that the government would keep this firmware and use it on anyone's phone, well, they apparently have the power to compel this anyway. And Apple has always had the power to do that. I don't see this as a privacy and security issue above and beyond the status quo. If the question was either, can you crack this encryption for us, or can you add a backdoor to the encryption, then the answer is clearly and legitimately no and a court could have to accept the first and be convinced of the second: it's not physically possible to crack good encryption, and it's a bad idea for everyone add a back door.

But as to the question, "can Apple disable the bad passcode wiping function?" yes they absolutely can. Hence the court order. Apple cannot say this is impossible for them to do. Hence by refusing to comply they are clearly in contempt of court. Will be interesting to hear how they plan to battle this out in the courts (and why they would want to).

I am clearly missing something here.

After all is said and done I doubt the FBI will find much of value on the phone. I'll be the first to admit good, old fashioned detective work is still the key these days, though law enforcement apparently wants things to be quicker and easier electronically.

They don't say it's impossible. They say it sets a dangerous precedent, which people tend to agree to.

I also see why people have issues with Apple doing what they are doing right now - but it's not illegal to exhaust all legal means!

Re:

[mark-t]

Would *YOU* want to even try to do something that you knew you could offer no guarantee of success within a human lifetime with current technology, and that you would have to do entirely at your own expense? (because I have not seen anywhere that the FBI is required to pay Apple for their time)

Re:

[mark-t]

Does Apple get paid even if they don't succeed? How do they prove that they even tried at all if they are unsuccessful?

Re:

[DutchUncle]

They HAVE a court order. Apple is arguing that the court order is like a military draft, forcing Apple to become an agent of the security agencies, and incidentally costing them something at the same time. I'm betting this will go all the way up to the Supreme Court, by which time some kind of "secure facility" compromise (and remuneration agreement) will have been prepared in the background.

Re:

[WillAffleckUW]

Because it's a 'give us everything we might feel like' court judiciary order, not a panel of federal judges limiting the search appropriately.

Let me put this simply for you. The Constitution allows me to only search your home. Or your car. Or your phone. Or your kid's backpack. But I have to specifically limit what I ask for, and for each thing, I need a legal reason to search and I can't just EMPTY YOUR HOUSE, YOUR CAR, YOUR PHONE, AND YOUR KIDS BACKPACKS and use all of it to find anything I feel like. I

Re:

[DutchUncle]

Yes, I got it the first time, and I wrote that some kind of "secure facility" . . . oh, wait, sorry, I wrote a lot more in another posting separately. Yes, a search warrant has limits (though police are frequently known to go beyond them). OTOH it's not quite as specific as one would like to think, especially if written properly (like any sneaky contract). If they get a warrant to search your home for evidence of a particular crime, say a particular kind of weapon, they CAN go through every room and ever

Re:

[sonamchauhan]

And it works like this: you pay $1.20 and you get a non-exclusive lease of a traffic lane for 5 minutes.

Enough cynicism. The DoJ may not have *your* best interests at heart, but most employees have the American people's best interests paramount.

As long as the DoJ request is to decrypt this *one* iPhone, and tools to do are not permanently given to the FBI, why would Apple fight against doing good.

Is the iPhone holy?

Re:

[FlyHelicopters]

As long as the DoJ request is to decrypt this *one* iPhone, and tools to do are not permanently given to the FBI, why would Apple fight against doing good.

1. Do you honestly think the FBI won't end up with their hands on that tool, sooner or later?

2. Do you honestly think the Chinese government, or the Russian government, won't insist on having it, if Apple wants to sell phones there?

Road to hell, good intentions, and all that...

Action vs No Action

[duckintheface]

It is not a crime to do nothing. If Apple already has a key, they can be compelled under discovery to turn it over. But they can't be compelled to create one if it does not exist. You can't require someone to act against their will. That is called slavery.

Re:

[Aighearach]

The attempt to argue it that generally fails, because there is precedent for purely commercial action; for example, during WWII farmers were required to grow certain crops, or else turn their farmland over to somebody willing to grow it. It may also be true that there are additional elements of the thing called "slavery" than just being compelled to do a thing you didn't want to do. If somebody is kidnapped, and rescued an hour later, and during that hour they were forced to take money out of an ATM, is it

Re:The phone belongs to the county, not the shoote

[Fallen Kell]

For which San Bernadino is then looking stupid for not placing the phone under some kind of enterprise mobile device control allowing the true owners the ability to unlock the phone and read the contents.... This is why none of the news and 3 letter agencies are stating the real fact of ownership, because then they look inept for not doing basic device control.