Symmetric key cryptographic systems (such as the one that's being used to encrypt the iPhone) are not susceptible to attack by quantum computers. Some asymmetric key systems that rely on "difficult to solve" computation are.
Could there be a human readable private key embedded within the device itself?
By human readable thinking embedded within a chip requiring it to be decapped then placed in a high powered microscope. Something that is not accessible without physical access and with tell-tall damage of the device in some way.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
You can issue an order to "search and seize", however the target is under no legal requirement to provide their password. All Americans are protected by our Fifth Amendment right to avoid self-incrimination.
The 5th Amendment: No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Why do they think they are entitled to this? Because they label them terrorists? Even criminals have rights. It's all that keeps them from framing anyone they desire.
I don't give a shit what you want FBI. Solve your crimes another way.
Probably it was fairly easy to get a warrant for a search given the two people were sort of a slam dunk as having committed those murders. The gunfight recorded on video would have been probable cause for a search warrant up the wazoo. Then there's the bomb parts and bombs....
VERY 4th Amendment. "Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
ETA: "If the people are dead where that doesn't work, well problem is solved anyway, they're dead"
The flaw in that is assuming the dead acted solely alone and that's probably rarely the case: they got the weapons from somewhere (and some one) they got the bomb parts and explosives and knowledge how to assemble them from some one and somewhere etc. All of which is STILL out there even when the immediate perpetrators (or perhaps only the ones that are known?) are dead.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
Ahhh the think of the children BS. This is getting too old. There are millions of children being kill, abused and used everyday, a back door on an iPhone will not same them. They will die and be abuse and use. The FBI don't care about this kids. Any how them having all the Intell in the world wouldn't make them any more competent.
This type of encryption is relatively new. This is the first time they have no way of accessing the information they need.
Australian researchers have recently demonstrated how to make quantum computers in silicon - easily and cheaply. Any encryption system other than a one time pad is obsolete.
Nope. While systems based on the difficulty of factoring large numbers are compromised, that is not where the subject of cryptology ends. There are new candidates proposed that are not easily defeated by quantum algorithms. But study and investment in them is unlikely to take off as fast as it prudently should.
Funny how the FBI message is about how hard it is for them to get into a terrorists phone and yet not a word about how easy it was for a terrorist to obtain the weapons with which to commit the act of terror.
For encryption to protect anyone, it must protect everyone.
Yeah, well there’s a difference between you protecting your drunken orgy photos and a pedophile protecting the photos of abuse of a three year old child isn’t there. And for those who are always screaming about the Fourth Amendment try reading it sometime. It has an intentional back door that the founding fathers put there so legitimate, legal search and seizure can take place.
Anybody in America can buy a gun dipshit. Also to the "what about the children" murder molestation fantasy supporting libertys death via cell phone....
Unfortunately, the modelling process needs a perfect fingerprint (not the smudged, distorted kind you find on a mobile phone), several days and several attempts, a skilled technician, and a lot of luck. This is probably why the process seems to only have been tried once or twice successfully under perfect lab conditions. Certainly nothing you can do in a hurry if you're trying to prevent a criminal act.
The process also destroys the original fingerprint, so you can't reuse it if the process fails. And of course, if you make too many attempts (which you may do because you don't know which fingers were used to lock the phone) then you will probably cause the phone to lock completely before you get anywhere.
If you have the phone and not the owner, then he will simply wipe the phone remotely before you've even managed to complete your first cast (though sensibly you'd probably try to cast as many as you can in one go).
I thought changing the fingerprint reader might be a way in, but apparently the phone makes a component check and bricks itself, so we recently discovered.
No, it doesn't take days. A university researcher demonstrated doing it using a fingerprint lifted from the actual phone and it took a a few hours. The capabilities available to security services for 'national security' cases go way beyond that, besides they had the corpse and didn't need to lift a print of anywhere. It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.
If needed the authorities can take a HD that has been broken into pieces and stick them in a magnetic force microscope and read the bits back off, even if it was 'erased' several times before being broken up.
If they 'really' wanted the data they could just unsolder the flash chips and read out their contents directly. If he actually had encrypted the whole thing it might take an extra hour or so for the NSA. THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.
I think this FBI person needs to talk to the right people.
What the researcher demonstrated was a perfect scenario that took several days to engineer, even if the demo only took few hours (and still plenty of time for someone to erase the phone remotely before the print can be lifted). And again, if, in your less than perfect scenario, you mess up, you have a limited number of retries
The physical model of the fingerprint is no use to you if the mould wasn't accurate enough to get through the fingerprint reader, and now you don't have the physical fingerprint to try again.
If needed the authorities can take a HD that has been broken into pieces and stick them in a magnetic force microscope and read the bits back off, even if it was 'erased' several times before being broken up.
This 'stick it back together' method will not work when you're dealing with a fingerprint lifted from a device which is covered in smudged and distorted fingerprints. The process still needs a clean, pure lift to work, and of course there is still the question of time. Again, the there is a huge difference between what can be made to work under perfect lab conditions and what will actually work in the field.
If they 'really' wanted the data they could just unsolder the flash chips and read out their contents directly. If he actually had encrypted the whole thing it might take an extra hour or so for the NSA. THE NSA says basically that you can't really wipe Flash at all and the only way to safely dispose of flash memory is to grind the chips into dust.
Now, that's a completely different argument than reckoning that fingerprint reader is a viable way in. In fact, there best approach would probably to be to dismantle the phone as soon as they get hold of it and read the chips.
But while we're moving into different arguments, I'd probably say that anyone intent on carrying out some sort of attack will not be planning it via smartphones communications unless they're a complete idiot. The last people imprisoned for planning a terrorist attack in this country did actually communicate using smartphones, but they also asked for bomb-making instructions on Twitter, so they hardly qualified for the Lex Luthor Award for base villainy.
cnocbui said: ...besides they had the corpse and didn't need to lift a print of anywhere. It might destroy the print on the phone but the process gives you a physical model of the print so you still have that.
You'd probably get lucky with right and left thumb and index fingers. Unless you knew which of the two dead terrorists the phone belonged to, you might have scan eight fingers. If it doesn't work after five tries though, you are left with only the passcode as a means of unlocking it.
The biggest problem is that the fingerprints on a mobile phone are very likely to be too smudged to foil any fingerprint reader. And then there's the possibility that the phone was handled by more than one person. Yes, thinking about it, I wonder if dismantling the phone might be the better option.
There is nothing stopping the FBI or the police to get a Court issued Warrant handing it to you and making you unlock your device. If you don't do it, you get thrown in jail. T
actually there is for the US. there have been several lawsuits that determined that forcing you to give up your passcode is unconstitutional. and by the time they get a warrant to make it okay to force your hand on your phone, the time out will have likely kicked in and your finger wouldn't work anyway.
Australian researchers have recently demonstrated how to make quantum computers in silicon - easily and cheaply. Any encryption system other than a one time pad is obsolete.
Nope. While systems based on the difficulty of factoring large numbers are compromised, that is not where the subject of cryptology ends. There are new candidates proposed that are not easily defeated by quantum algorithms. But study and investment in them is unlikely to take off as fast as it prudently should.
If it can be devised using a computer it can be defeated using a computer.
The world we live in has a very basic security and has for a long time. Suddenly the security is catching up and phones which are the life blood of over 95% of people has to have a backdoor to let lazy enforcement offices the ability to enter into anyone's life or phone so to speak Coppers have been solving crime long before the computer although it helps its about forensics not hacking a phone
Look and you will find search and you will get the answers do not depend on shortcuts because they will lead you in the wrong direction. Why do all have to suffer for the greed and laziness of the powers that we have to live with
Comments
By human readable thinking embedded within a chip requiring it to be decapped then placed in a high powered microscope.
Something that is not accessible without physical access and with tell-tall damage of the device in some way.
The 5th Amendment:
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
The tree of liberty is watered with blood.
Everyone knows children have magic blood
What the researcher demonstrated was a perfect scenario that took several days to engineer, even if the demo only took few hours (and still plenty of time for someone to erase the phone remotely before the print can be lifted). And again, if, in your less than perfect scenario, you mess up, you have a limited number of retries
The physical model of the fingerprint is no use to you if the mould wasn't accurate enough to get through the fingerprint reader, and now you don't have the physical fingerprint to try again.
This 'stick it back together' method will not work when you're dealing with a fingerprint lifted from a device which is covered in smudged and distorted fingerprints. The process still needs a clean, pure lift to work, and of course there is still the question of time. Again, the there is a huge difference between what can be made to work under perfect lab conditions and what will actually work in the field.
Now, that's a completely different argument than reckoning that fingerprint reader is a viable way in. In fact, there best approach would probably to be to dismantle the phone as soon as they get hold of it and read the chips.
But while we're moving into different arguments, I'd probably say that anyone intent on carrying out some sort of attack will not be planning it via smartphones communications unless they're a complete idiot. The last people imprisoned for planning a terrorist attack in this country did actually communicate using smartphones, but they also asked for bomb-making instructions on Twitter, so they hardly qualified for the Lex Luthor Award for base villainy.
The biggest problem is that the fingerprints on a mobile phone are very likely to be too smudged to foil any fingerprint reader. And then there's the possibility that the phone was handled by more than one person. Yes, thinking about it, I wonder if dismantling the phone might be the better option.
Not hard at all.
The world we live in has a very basic security and has for a long time. Suddenly the security is catching up and phones which are the life blood of over 95% of people has to have a backdoor to let lazy enforcement offices the ability to enter into anyone's life or phone so to speak Coppers have been solving crime long before the computer although it helps its about forensics not hacking a phone
Look and you will find search and you will get the answers do not depend on shortcuts because they will lead you in the wrong direction. Why do all have to suffer for the greed and laziness of the powers that we have to live with