tele1234

beltsbear said:

suddenly newton said:

It sounds like Apple is being asked to install software that prevents the built-in code that auto-deletes/destroys the phone's content when too many bad password are attempted (brute force attack).

In other words, it will give the FBI an unlimited  number of password retries.

To paraphrase Mission Impossible:
"This phone will self-destruct in 5 seconds."

Apple can sort of do this with specialized tools.  The phone memory can be imaged.  Then a new phone with the same serial numbers and other parameters can run that copy and do a few tries.  It would be labor intensive but the limited retries can be gotten around by extreme measures. 

I don't think so. Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES encryption key.

Within the secure enclave itself, you have the device's Unique ID (UID) . The only place this information is stored is within the secure enclave. It can't be queried or accessed from any other part of the device or OS. Within the phone's processor you also have the device's Group ID (GID). Both of these numbers combine to create 1/2 of the encryption key. These are numbers that are burned into the silicon, aren't accessible outside of the chips themselves, and aren't recorded anywhere once they are burned into the silicon. Apple doesn't keep records of these numbers. Since these two different pieces of hardware combine together to make 1/2 of the encryption key, you can't separate the secure enclave from it's paired processor.

The second half of the encryption key is generated using a random number generator chip. It creates entropy using the various sensors on the iPhone itself during boot (microphone, accelerometer, camera, etc.) This part of the key is stored within the Secure Enclave as well, where it resides and doesn't leave. This storage is tamper resistant and can't be accessed outside of the encryption system. Even if the UID and GID components of the encryption key are compromised on Apple's end, it still wouldn't be possible to decrypt an iPhone since that's only 1/2 of the key.

The secure enclave is part of an overall hardware based encryption system that completely encrypts all of the user storage. It will only decrypt content if provided with the unlock code. The unlock code itself is entangled with the device's UDID so that all attempts to decrypt the storage must be done on the device itself. You must have all 3 pieces present: The specific secure enclave, the specific processor of the iphone, and the flash memory that you are trying to decrypt. Basically, you can't pull the device apart to attack an individual piece of the encryption or get around parts of the encryption storage process. You can't run the decryption or brute forcing of the unlock code in an emulator. It requires that the actual hardware components are present and can only be done on the specific device itself.

The secure enclave also has hardware enforced time-delays and key-destruction. You can set the phone to wipe the encryption key (and all the data contained on the phone) after 10 failed attempts. If you have the data-wipe turned on, then the secure enclave will nuke the key that it stores after 10 failed attempts, effectively erasing all the data on the device. Whether the device-wipe feature is turned on or not, the secure enclave still has a hardware-enforced delay between attempts at entering the code: Attempts 1-4 have no delay, Attempt 5 has a delay of 1 minute. Attempt 6 has a delay of 5 minutes. Attempts 7 and 8 have a delay of 15 minutes. And attempts 9 or more have a delay of 1 hour. This delay is enforced by the secure enclave and can not be bypassed, even if you completely replace the operating system of the phone itself. If you have a 6-digit pin code, it will take, on average, nearly 6 years to brute-force the code. 4-digit pin will take almost a year. if you have an alpha-numeric password the amount of time required could extend beyond the heat-death of the universe. Key destruction is turned on by default.

Even if you pull the flash storage out of the device, image it, and attempt to get around key destruction that way it won't be successful. The key isn't stored in the flash itself, it's only stored within the secure enclave itself which you can't remove the storage from or image it.

Each boot, the secure enclave creates it's own temporary encryption key, based on it's own UID and random number generator with proper entropy, that it uses to store the full device encryption key in ram. Since the encryption key is also stored in ram encrypted, it can't simply be read out of the system memory by reading the RAM bus.

The only way I can possibly see to potentially unlock the phone without the unlock code is to use an electron microscope to read the encryption key from the secure enclave's own storage. This would take considerable time and expense (likely millions of dollars and several months) to accomplish. This also assumes that the secure enclave chip itself isn't built to be resistant to this kind of attack. The chip could be physically designed such that the very act of exposing the silicon to read it with an electron microscope could itself be destructive.

It comes down to: "Do you want to allow criminals to access your iPhone so that law enforcement can also access a criminal's iPhone?" I certainly don't.

The feds would get further doing some social engineering on the guy, or building one of these.

jbishop1039 said:

These lawsuits are getting a bit ridiculous. I'm sure eventually Apple will get sued for making the  Car with 4 wheels and a motor. 

Apple themselves is very guilty of this: For example, rounded corners, Click to call, the infamous 'realtime API' debacle, suing someone because they sued them... and of course, stealing the swipe-to-unlock feature then suing people who use it. 

Apple's a huge patent troll. I wouldn't be surprised in the slightest if Apple tries to sue google over driverless cars.

Dan Andersen said:

tele1234 said:

2.6% of Samsung Electronic's total marketshare is coming from Apple

Citation? Apple and Samsung are the world's largest buyers of semiconductors with Apple holding an 8.7% market share. If your number is correct, it implies that Apple is shunning Samsung as a semiconductor supplier…

http://www.phonearena.com/news/Apple-projected-to-be-the-worlds-biggest-chip-buyer-in-2016-Samsung-has-its-business-cut-for-it_id77967

The world's largest semiconductor manufacturers are Intel, Samsung, Qualcom, Micron and Hynix holding a combined 40% of the global market. Samsung itself is only 10.8%. If you introduce foundries, Samsung falls to 4th. Apple has been loosening reliance of Samsung's semiconductor business since 2014 when they signed a 3-year contract with TSMC.

People here seem to doubt the vastness of Samsung's operation. It's not some tiny backwater operation run by the Koreans that exists only because of Apple, it's a massive and broad-reaching enterprise that's very, very ingrained in the semiconductor market and various other industries. Apple and it's leaders don't care in the slightest about the Samsung brand: they care about quality. Samsung's newest processors aren't as good as alternatives, Apple drops them. It's hit, but not one that'll bankrupt the company. Samsung still produces vast quantities market-leading of NAND, DRAM, (O)LEDs and other panels, 22% of the handheld mobile market and not to mention it's non-electronic operations such as Oil/Gas platforms, Nuclear Power Plants and Renewable energy platforms.

tonester said:

koop said:

They already won the contract for the Snapdragon 820. Sounds to me like the capacity Apple left has already been filled.

That's funny. All that capacity to make 820s for what?  The next big thing from Samsung that nobody is going to buy. 

2.6% of Samsung Electronic's total marketshare is coming from Apple, and the vast majority of that is NAND and DRAM. Apple isn't going to cut those out, because they're leading the world in those technologies right now. They don't need to 'fill that capacity' at all.

Snapdragons are used by Samsung phones (1st in global marketshare), Huawei (3rd), and Xiaomi (4th) - that's 40% of the smartphone market right there. I don't think that's 'nobody'.

adrayven said:

just to keep their stock price from bottoming out even more... 

???

The only part of Samsung 'bottoming out' is their heavy machinery manufacturing and petrochemical production divisions. What are you referring to?