But not now, and that's because most of the news media is run by democrats who are experts at shielding their party from negative PR.
Very true.
People are lashing out and bashing Trump, but I have a newsflash for these people! Trump is not the POTUS, not yet at least.
Obama is currently in charge, and this attack happened under Obama, no doubt helped by Obama's lax immigration rules and Obama's complete defiance of the law, where he is purposely importing dangerous, unvetted people and criminals into the USA.
I believe that liberals and liberal publications are using Trump as a smokescreen to deflect from any Obama criticism. That's pretty obvious to see.
The husband was born here and he sponsored his Saudi wife (an immigration law from way before Obama) .
It's likely that iPhones with the secure enclave won't be able to be thawted even with a firmware change. (Stored keys linked to the UID with the replay counter against brute forcing.)
This phone is a 5c, which doesn't use the secure enclave, so it's protections are built into firmware, which can be overwritten in DFU mode.
I don't have any issue with Apple helping to hack into this one particular iPhone as a one time thing. If that is at all possible, then Apple should help in my opinion.
But giving the Govt some sort of Master key which can be used to unlock any iPhone, belonging to anybody, is not a good idea, and I am against that.
I don't think they're asking for the key of a 'back door'. Just that there exists one that can be opened by Apple for cases like this.
Had a backdoor existed Apple would have simply "discovered" the phone wasn't actually locked and turned it over opened to the FBI. Protecting the San Bernardino County Dept. of Public Health's sanitation regulations from FBI scrutiny (all that is on that phone, the "good stuff" was undoubtedly on the two phones the murderers crushed to total destruction)) would be worth Apple bothering with since they've complied with valid warrants countless times in the past.
I don't like the word "back door" in this case. Here's hopefully a better analogy:
Apple wants to protect users even when they use weak passwords, but to do that, Apple needs to hold a strong master key (code signature), which in itself can't be used to crack a password, only makes it possible to brute force attack (pretty ineffective against strong passwords). The law is fairly clear that Apple must reveal (or use) this master key in a legitimate court order.
Apple does not hold a master key on the phone. It's confined to a Secure Element on the phone. They can't unlock with a key they don't hold.
Apple does in fact have a "master key", not to unlock the phone by itself, but to sign authentic code/firmware to be accepted by the device. This potentially allows brute force attack on the password, which is effective against weak passwords, not matter the strength of the encryption algorithm.
Do you have evidence he doesn't?
Ask any security expert and they'll tell you that there's always a backdoor. They may break the code up to different people as to make sure it's not solely owned by one person but there's always a backdoor.
Instead of giving the FBI a way to access the data on a phone (which they'll abuse and access loads of phones), why doesn't Apple agree to take the phone and gain access to the info themselves? They have the encryption keys to do it or a court case would be pointless if Apple couldn't access it anyway.
Instead of giving the FBI a way to access the data on a phone (which they'll abuse and access loads of phones), why doesn't Apple agree to take the phone and gain access to the info themselves? They have the encryption keys to do it or a court case would be pointless if Apple couldn't access it anyway.
I agree. I would think Apple could take the iPhone apart and access the data outside of the phone. As brilliant as Apple is, they must be able to access the NAND directly. In this case, you might call the 'back door' a screwdriver, or however you take an iPhone apart. Tim Cook seems to want public input, but doesn't seem to be making a place for that available. So, it is good to have Appleinsider.
Instead of giving the FBI a way to access the data on a phone (which they'll abuse and access loads of phones), why doesn't Apple agree to take the phone and gain access to the info themselves? They have the encryption keys to do it or a court case would be pointless if Apple couldn't access it anyway.
I agree. I would think Apple could take the iPhone apart and access the data outside of the phone. As brilliant as Apple is, they must be able to access the NAND directly. In this case, you might call the 'back door' a screwdriver, or however you take an iPhone apart. Tim Cook seems to want public input, but doesn't seem to be making a place for that available. So, it is good to have Appleinsider.
IF someone could access then NAND directly it would be encrypted with a rather complex encryption key and would take a VERY long time to brute force that decryption.
So does this prove that a 4-digit passcode is strong enough, so long as you set it to wipe after 10 attempts? No need for 6 digits or more complex passcode?
Apple's
refusal to help with a terror investigation where 14 people were
butchered has erased my sympathy and appreciation for them. At this
point I am ready to see Tim Cook perp walked into a jail cell and am now
annoyed it has not yet been done.
What has been asked of them is
easy for Apple to do and would cost them nothing. The court has
directed that Apple be paid for its work. The court allowed that Apple
could contain the work to their own facility. The court order makes it
clear that the hack should be keyed to the phone's unique identity and
that it must not work on any other phone. If Apple has further concerns
over containing their modified OS they should propose additional
security safeguards. Be a part of the solution, haggle this thing out.
Not pull a Public Relations stunt, which is all this is truly about.
For example Apple could have proposed:
1. No network connectivity. Do the work on isolated, stand-alone computers.
2.
Isolation from cell tower and wi-fi signals. This can be done with
commercially available jammers or a Faraday cage room. Or both.
3. No viewing of the OS source code by non-Apple employees.
4. The phone leaves Apple facility only with the original OS and content restored, not with the altered OS.
5.
Apple makes it clear they will destroy the work when finished. They
should not do that, but they are behaving like spoiled brats so I expect
them to do this anyway.
The only reason Cook is not making such a
counter offer is because he does not want to be involved in solving
crimes. Not even if he is paid to do so. Because the world's troubles
are not Apple's concern, only PROFIT is Apple's concern.
Now hold on everyone. Here's an idea. A secure enclave within the secure enclave that is also 256 bit encryption but requires that 5 physical keys be turned at precisely the same time in 5 different offices in order to unlock the iPhone: The President of the United States, the Head of the FBI, the Chief of the CIA, the Head of Homeland Security, and Tim Cook. So, you have hardware security and software security. The iPhone MUST be docked to one of the 5 key stations. Hell, we can start World War 3 with the turn of just 2 keys, this would be tons better, wouldn't it?!?!?
I can just picture the movie coming from this. National Treasure 3. "How will we find the (insert priceless artifact name here)???" Nicholas Cage - "We're going to download the President's iPhone!! OK, we need to each break into the homes of the President, Tim Cook, and the leaders of the FBI, CIA, and Homeland Security, then remove the keys from around their necks while they sleep, take the President's iPhone 8, then break into the Oval Office, Pentagon, Apple Headquarters, and, well, wherever else the freaking offices are, then turn our keys at precisely 14:32:57. That's 2:32 AM, at exactly 57 seconds!! We have roughly 5 hours to accomplish this. Now, let's verify our iPhones have exactly the same time..."
:-)
Great movie idea! But I don't want any more live action "National Treasure", all we need is the voices. Cheaper that way too if all Cage has to do is voice the character. I say we go with Claymation! Hire Nick Park ... that Britisher guy that does Wallace & Gromit! Remember "Chicken Run"? Same thing! Yeah, that's gonna' sell a bajillion tickets!
"National Treasure 3-D iPhone Hunt" ... in Claymation"!!!!
I love this plan! I'm excited to be a part of it!!!
Bring a small security team (no IT types) with the phone to our campus. We’ll create the OS to open the phone and give you the information on it — names, addresses, e-mails, etc., and print the photos. You can take these documents with you, when you are satisfied that we have given you all the data that’s on it, but we keep the phone.
The FBI would have the information it is seeking. They would have no ability to access the data on current iPhones, and Apple can state that this was done in the interest of security, noting that:
(1) The owner of this phone was dead. (2) The owner of this phone was a terrorist.
(Sorry it it's been explained above; still going through all the posts.)
Comments
This phone is a 5c, which doesn't use the secure enclave, so it's protections are built into firmware, which can be overwritten in DFU mode.
Here is the full document, only three pages and an easy read:
https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf
Apple's refusal to help with a terror investigation where 14 people were butchered has erased my sympathy and appreciation for them. At this point I am ready to see Tim Cook perp walked into a jail cell and am now annoyed it has not yet been done.
What has been asked of them is easy for Apple to do and would cost them nothing. The court has directed that Apple be paid for its work. The court allowed that Apple could contain the work to their own facility. The court order makes it clear that the hack should be keyed to the phone's unique identity and that it must not work on any other phone. If Apple has further concerns over containing their modified OS they should propose additional security safeguards. Be a part of the solution, haggle this thing out. Not pull a Public Relations stunt, which is all this is truly about.
For example Apple could have proposed:
1. No network connectivity. Do the work on isolated, stand-alone computers.
2. Isolation from cell tower and wi-fi signals. This can be done with commercially available jammers or a Faraday cage room. Or both.
3. No viewing of the OS source code by non-Apple employees.
4. The phone leaves Apple facility only with the original OS and content restored, not with the altered OS.
5. Apple makes it clear they will destroy the work when finished. They should not do that, but they are behaving like spoiled brats so I expect them to do this anyway.
The only reason Cook is not making such a counter offer is because he does not want to be involved in solving crimes. Not even if he is paid to do so. Because the world's troubles are not Apple's concern, only PROFIT is Apple's concern.
Great movie idea! But I don't want any more live action "National Treasure", all we need is the voices. Cheaper that way too if all Cage has to do is voice the character. I say we go with Claymation! Hire Nick Park ... that Britisher guy that does Wallace & Gromit! Remember "Chicken Run"? Same thing! Yeah, that's gonna' sell a bajillion tickets!
"National Treasure 3-D iPhone Hunt" ... in Claymation"!!!!
I love this plan! I'm excited to be a part of it!!!
Bring a small security team (no IT types) with the phone to our campus. We’ll create the OS to open the phone and give you the information on it — names, addresses, e-mails, etc., and print the photos. You can take these documents with you, when you are satisfied that we have given you all the data that’s on it, but we keep the phone.
The FBI would have the information it is seeking. They would have no ability to access the data on current iPhones, and Apple can state that this was done in the interest of security, noting that:
(1) The owner of this phone was dead.
(2) The owner of this phone was a terrorist.
(Sorry it it's been explained above; still going through all the posts.)