Apple ID linked to terrorist's iPhone 5c changed while device was in government hands, Apple says [

1235

Comments

  • Reply 81 of 115
    davidwdavidw Posts: 2,036member
    wovel said:
    Soli said:
    I find this confusing. They changed the passcode but they hey don't know what they changed it to or are they choosing to not give it to the Feds?
    It doesn't matter what they changed it to.  They wanted to have it backup to a different backup server and capture the data.  The only way to do that was to take the iCloud password the phone already has configured.  However I think this is all very silly.  You would think Apple would have backups of the iCloud database going back the past couple of months.  Apparently they do not. I guess it is possible they store passwords in a separate table and don't back it up on purpose.  If they ever lost the database they would then have 100s of millions of people simultaneously trying to reset their password.  I am not sure that is a great plan, but you never know.
    I would think the Apple only stores the current password as that's what needed to log in. Once changed, the old password is gone and only the new password is backed up.  But I'm surprise, well not really, that the IT Dept. that manages this iPhone don't have a record of old passwords. I know where I use to work, I had a computer account that require me to change my password every 6 months. And if Ii try to use a password that I used before, it wouldn't let me. It comes back saying I can't use an old password and to create a new one. Even if I change a couple of the letters or numbers. 
    palomine
  • Reply 82 of 115
    davidw said:
    It would appear you need at least once enter the changed password on the device and attempt an iCloud backup in order to "link" the backup to the new password. I'm guessing here but otherwise I think they'd have done this by now, no?

    I think the way it works is that you have to log the new password (to the iCloud account) into the device so that the device can log onto the iCloud account to back up on to there. Right now, the iPhone is using a password that won't work because it was changed on the server end. They can't change the password on the device because they don't have the passcode to unlock it. And since the IT Dept. didn't know what the password was before they changed it on their end, it can't be changed back to the password that the device is trying to use when it attempts to log on to the iCloud account.

    Which means that there's no way to force a back up because the iPhone can't log on to any iCloud account to do so. Apple had a chance of retrieving at least some of the data with a forced back up, if the IT Dept. had not screwed with the password to the iCloud account.  

    The back up Apple has in the iCloud account connected to this iPhone is months old, the FBI want a current back up of what's on the iPhone now. Which has a high probability of containing no more new information than what they already have. 
    This is how I understand this as well. 

    It also means that if you should lose your iOS device or switch to a new one, just avoid changing the Apple ID password in between. 
  • Reply 83 of 115
    apple ][ said:
    There has never been a govt more against Apple than the current govt.

    The DOJ ebook case against Apple, the way that the Samsung suits have been handled, the monitor that was appointed to monitor Apple and now this iPhone case.
    Agree. Conspiracy my ass - there are so many powerful companies that betrayed Apple, and now they want to take Apple down after failing miserably in the marketplace.

    US politics revolves around cash and vested interests. Apple is continuing to be a game-changer and I believe it's because Apple is the most American thing since JFK. 

    The people, and not just Americans, are voting with their dollars - the truest forms of both capitalism and democracy combined - and the tyrants of a variety of industries are certainly going to protect themselves.

    If Apple builds an electric car? Continues high-profiling in politics? Continues supporting publically popular and rational positions? Apple has been and will continue becoming an increasing threat to many.

    I desperately hope Apple wins!!
    palominepscooter63latifbp
  • Reply 84 of 115
    So Apple proposed four different ways of extracting the information. So, no one can get into the device, but under normal conditions the "backdoor" is already there in form of the iCloud backup? 
    The iCloud backup is not a "backdoor." Apple never claimed that its E2E encryption applied to data stored in iCloud. If Apple said that, it probably was an exaggeration. Any data stored in the cloud such that it travels over the air can be broken into. That's the reality of cloud storage. 
  • Reply 85 of 115
    Why would a pair of terrorists destroy their personal smartphones and NOT this county owned iPhone?  Simple... there was nothing of any use on this iPhone. Think about this, if you were a terrorist planning a massacre, would you trust a county owned iPhone with your secret info?  If they were taking a sledge hammer to the other smartphones it would have been a simple matter to smash this iPhone too and they would certainly have done so if there was anything useful on it.

    I see this whole thing as a charade aimed at securing a backdoor into the technology. The FBI wants to add another tool to their arsenal like their fake "Interceptor" cell phone towers.  Recalling that this administration learned from Rahm "Never let a serious crisis go to waste." Emanuel, should make it clear what the real aim is here.  

    jfc1138
  • Reply 86 of 115
    mike1mike1 Posts: 3,275member
    If it wasn't so sad, it'd be funny.
    palomineai46
  • Reply 87 of 115
    mtbnutmtbnut Posts: 199member
    So, using Trumpian logic, San Bernardino County Department of Public Health hates America and wants to wage jihad on us. 

    Got it? 
    ai46jfc1138
  • Reply 88 of 115
    freerangefreerange Posts: 1,597member
    you’d like to support Apple’s stance on privacy, there is a White House petition at https://petitions.whitehouse.gov/petition/apple-privacy-petition
    ai46
  • Reply 89 of 115
    volcan said:
    How did they change the Apple ID associated with the phone if the phone was locked?
    The didn't change the Apple ID. They changed the passcode (I will use password from here on) associated with the AppleID probably via appleid.apple.com.
    However, that new password would have to be entered into the iPhone (Settings-iCloud) to have that iPhone activate iCloud backup, else it can't connect.
    Somebody probably thought they would change the password to get at the data in iCloud, found out the data hadn't been backed up in months (or at all), then learned that they couldn't get the iPhone to start auto backup without entering the new AppleID password in settings, and because they didn't know the original password, could not set it back. 
    Now they are stuck with an iPhone that can't back up to iCloud and they can't change to the new password because they don't know the 4-digit PASSCODE to access the iPhone. Thus, because the FBI screwed up, they want Apple to create a software hack to bypass the 'Wipe data after 10 wrong passcode attempts' so they can brute force the device; easier to do with only 4 numeric digits, especially when you have to use 4, not 1, 2 or 3.
    Once the iPhone passcode is broken, then the FBI can enter the NEW AppleID password to get the phone to sync with iCloud, but then it won't be necessary because they can now simply copy everything to a computer.

    In other words, they want Apple to save their butt for doing something they thought was smart, but didn't work, so they try Plan B and Apple balks.
    The FBI can simply hire a psychic to divine the 4-digit.  What's the problem?
  • Reply 90 of 115
    cpsrocpsro Posts: 3,192member
    Since the password is tightly linked to the iCloud encryption key, whenever someone changes their password Apple has only 2 practical options going forward: (1) re-encrypt all previously backed up data using the new key (time consuming); (2) discard all previously backed up data and start afresh. The second option is far easier and seems the most likely choice--especially for a company that isn't vested in data-mining its customers--in which case all resources previously dedicated to storing the old backups would now be marked as "free" and would soon be overwritten by new data or at least be lost in the storage jumble of millions of iCloud accounts.

    The government successfully obtained data backed up by the subject iPhone through mid-October with the help of Apple. The problem is the iPhone wasn't (and can't be) configured to use the new passcode. iCloud therefore rejects attempts by the iPhone to connect, which prevents the device from backing up the latest data stored on it.

    Suggestion: configure iCloud servers to allow the subject iPhone alone to access iCloud services with any old password.
    edited February 2016
  • Reply 91 of 115
    vvswarup said:
    So Apple proposed four different ways of extracting the information. So, no one can get into the device, but under normal conditions the "backdoor" is already there in form of the iCloud backup? 
    The iCloud backup is not a "backdoor." Apple never claimed that its E2E encryption applied to data stored in iCloud. If Apple said that, it probably was an exaggeration. Any data stored in the cloud such that it travels over the air can be broken into. That's the reality of cloud storage. 
    Granted. And by "backdoor" I mean that there is obviously already a way to acces your phone's data.  Then, however, the question should be allowed if it is accepted that Apple hands over backup data to officials. Because in this case what's the difference between handing over backups and granting direct access? To me the difference appears to be more philosophical in nature.

    Again: I'm not talking about creating some software that can be used by anyone to hack I to your device, or its backup.    
  • Reply 92 of 115
    Granted. And by "backdoor" I mean that there is obviously already a way to acces your phone's data.  Then, however, the question should be allowed if it is accepted that Apple hands over backup data to officials. Because in this case what's the difference between handing over backups and granting direct access? To me the difference appears to be more philosophical in nature.

    Again: I'm not talking about creating some software that can be used by anyone to hack I to your device, or its backup.    
    Basically, the user accepts that risk when enabling the optional iCloud backup feature.  There is no such implied risk for data on the device itself.
    Backup to your own local hard drive and encrypt with a private key and you're covered.  But I'm somewhat surprised (and troubled) that there is still not a more secure iCloud backup option available, nor a way to exclude iMessage data from an iCloud backup.
  • Reply 93 of 115
    foggyhillfoggyhill Posts: 4,767member
    cpsro said:
    Since the password is tightly linked to the iCloud encryption key, whenever someone changes their password Apple has only 2 practical options going forward: (1) re-encrypt all previously backed up data using the new key (time consuming); (2) discard all previously backed up data and start afresh. The second option is far easier and seems the most likely choice--especially for a company that isn't vested in data-mining its customers--in which case all resources previously dedicated to storing the old backups would now be marked as "free" and would soon be overwritten by new data or at least be lost in the storage jumble of millions of iCloud accounts.

    The government successfully obtained data backed up by the subject iPhone through mid-October with the help of Apple. The problem is the iPhone wasn't (and can't be) configured to use the new passcode. iCloud therefore rejects attempts by the iPhone to connect, which prevents the device from backing up the latest data stored on it.

    Suggestion: configure iCloud servers to allow the subject iPhone alone to access iCloud services with any old password.
     That password is also used to remotely wipe a phone who got stolen, so I don't think you'd want to do that.
    Apple assumes there is a good reason for chaging this password and this access should stop.
  • Reply 94 of 115
    foggyhillfoggyhill Posts: 4,767member
    mtbnut said:
    So, using Trumpian logic, San Bernardino County Department of Public Health hates America and wants to wage jihad on us. 

    Got it? 
    Considering most of the dead were their employees or clients, that seems absurd, but hey it's Trumpian logic, anything is possible..
    edited February 2016
  • Reply 95 of 115
    foggyhillfoggyhill Posts: 4,767member
    vvswarup said:
    The iCloud backup is not a "backdoor." Apple never claimed that its E2E encryption applied to data stored in iCloud. If Apple said that, it probably was an exaggeration. Any data stored in the cloud such that it travels over the air can be broken into. That's the reality of cloud storage. 
    Granted. And by "backdoor" I mean that there is obviously already a way to acces your phone's data.  Then, however, the question should be allowed if it is accepted that Apple hands over backup data to officials. Because in this case what's the difference between handing over backups and granting direct access? To me the difference appears to be more philosophical in nature.

    Again: I'm not talking about creating some software that can be used by anyone to hack I to your device, or its backup.    
    The phone was owned by the county and they had the password. So, essentially they were entitled to the backups.
    But, on the phone, you can have personal info that is not included in those backups that's protected by the passcode.
    If you substitute the terrorist with Joe SChmo instead you see how it makes sense not just philosophically.

    They're using this case were there is likely nothing usefull on the phone as a way to get this tool that could then be used well, anytime on any pre- 5c phones, even if it's your personal phone.

    Not only that, but what would then stop the government from asking Apple put a hook in their secure enclave to enable in future versions of Iphone to also enable brute force attacks. Right now, it's not possible with the 6s. The funny thing is there are 500M of those impossible to crack phones in circulation, if criminals know that the 7s and later phones have this flaw, they'll simply use a 6s, 5s or 7s or Air 2 (yes even an Ipad has this) for the next 20 years (and they'll last that long for sure).

    magman1979
  • Reply 96 of 115
    In response to a Department of Justice motion to compel Apple's cooperation in the unlocking of an iPhone 5c used by one of the San Bernardino terrorists, company executives on Friday revealed the Apple ID passcode linked to that device was changed while the handset was in government hands, effectively blocking attempts to retrieve an iCloud backup.




    The Apple ID used to sync Syed Ryzwan Farook's iPhone 5c with Apple's iCloud was modified less than 24 hours after the device was impounded by the government, BuzzFeed News reports.

    Apple says the San Bernardino County Department of Public Health, the phone's owner and Farook's former employer, changed the account passcode. A county representative later told Reuters that FBI agents requested the iCloud password reset.

    If the passcode was not changed, FBI officials might have been able to procure a backup of the data it is currently attempting to suss out of the phone itself, the company said. The most recent backup was logged six weeks prior to the San Bernardino attack. It is not known whether Farook intentionally shut off iCloud backups or simply ran out of storage space.

    Further, Apple has been conducting "regular" discussions with government entities since early January regarding methods by which data from Farook's iPhone 5c may be recovered. According to the report, Apple proposed four different options for data recovery, none of which involved building a software backdoor into iOS.

    Apple first discovered that the passcode had been changed in attempting one of the suggested workarounds. The method, seemingly involving the offloading of a backup to iCloud before recovering it from Apple's servers, leveraged an iPhone convenience feature in which the device automatically connects to a known Wi-Fi network. Apple engineers were unable to complete the process due to the updated Apple ID passcode.

    The implications of this new development could damage the government's case. The DOJ on Friday filed a motion to force Apple's compliance in aiding the FBI's data extraction efforts, a task that now requires the creation of a software backdoor.

    Apple does comply with valid law enforcement data requests, and has in the past handed over information related to criminal investigations gleaned from its servers. The DOJ itself notes prior cooperation in its Friday motion to compel. The company has not, however, been asked to create a forensics tool that would ostensibly break iOS encryption.

    The sticky situation could have been avoided if the associated Apple ID passcode was not changed, Apple says.

    Apple says the government opened the door to public scrutiny when it filed its motion to compel. The company proposed the FBI officials keep its requests sealed, but the agency decided to seek a court order demanding Apple's cooperation.

    Update: Apple executives confirmed San Bernardino county officials changed the passcode. This article has been updated to reflect the new information.

    Update 2: San Bernardino county spokesman David Wert informed Reuters that the iCloud password was reset ">at the request of FBI officials. While the agency did not offer comment on the matter, Apple contends this reset occurred prior consultation.
    Not sure if this has been noted in the long list of comments.. As an avid user of Apple products for 20yrs, I relish in the fact that Apple has been proactive to create intuitive secure products.  One of the features I've used on many occasions as there are 7 in my household, Find My iPhone.  Since Apple has noted that someone had changed the apple id, and since one of the main functions of Find My iPhone is Erase iPhone.  Isn't it safe to assume that the powers that be in the ISIS world has already deleted all the data.  This function was established for the consumer to protect their data, the Govt shouldn't have access to this, if they were doing their job, they would have gotten this information prior to the sad incident.
  • Reply 97 of 115
    john.bjohn.b Posts: 2,742member

    Update: Apple executives confirmed San Bernardino county officials changed the passcode. This article has been updated to reflect the new information.

    Update 2: San Bernardino county spokesman David Wert informed Reuters that the iCloud password was reset at the request of FBI officials. While the agency did not offer comment on the matter, Apple contends this reset occurred prior consultation.
    Good on the San Bernardino County IT guys for not letting the FBI throw them under the proverbial bus.
    edited February 2016 jfc1138
  • Reply 98 of 115
    cpsrocpsro Posts: 3,192member
    foggyhill said:
    cpsro said:
    The government successfully obtained data backed up by the subject iPhone through mid-October with the help of Apple. The problem is the iPhone wasn't (and can't be) configured to use the new passcode. iCloud therefore rejects attempts by the iPhone to connect, which prevents the device from backing up the latest data stored on it.

    Suggestion: configure iCloud servers to allow the subject iPhone alone to access iCloud services with any old password.
     That password is also used to remotely wipe a phone who got stolen, so I don't think you'd want to do that.
    Apple assumes there is a good reason for chaging this password and this access should stop.
    Apple can prevent a remote wipe for just the one device, if they want.
  • Reply 99 of 115
    Probably worried about a remote wipe via Find My iPhone, no?
  • Reply 100 of 115
    So, if San Bernardino changed the password, didn't they need the original password in order to reset it? And, if they had the original password why don't they remember what is was? What am I missing here?
Sign In or Register to comment.