UroshnorOrSafeword?

sflocal said:

They have an iP6 with TouchID.  I presume they have the owner's fingerprints on file as well, or worst case... put his thumb on the darn sensor and be done with it.  What am I missing here?

All Devices with TouchID (and a couple without ), have an A7 or later processor. Such devices ship with an additional processor inside called either "Secure Enclave" or "Secure Enclave Processor" depending on which version of Apple's documentation you read.

The Touch ID sensor talks directly to the Secure Enclave. The Secure Enclave is a separate processor inside the phone, that does not run iOS, it runs a different operating system using the L3 Kernel. The L3 kernel was developed at University of New South Wales in Australia, and is one of a very few kernels to have undergone verification to a level where it has been mathematically proven to be bug-free. This is extremely unusual and very rare. Because of this it is a very simple kernel, and whilst its not powerful enough to run the entire phone, it is complex enough to do a few important things - encrypt data, generate (very) random numbers and manage cryptographic keys.

The Secure Enclave is cryptographically paired with the TouchID sensor in the device at time of manufacture, and Apple does not know what this 256 bit key is. This prevents an attacker from swapping out the TouchID sensor for a bogus one that presents to be the real finger.

The Secure Enclave also does not trust the A-series Application Processor that actually runs iOS, until the user has entered the device passcode. Why ? Because it is the Secure Enclave basically acts as a bouncer at the door , to the club where all the cryptographic keys are partying, and it never lets iOS in. I guess Jony Ive didn't make its UI cool enough. However, it WILL pass notes to the cryptographic keys on behalf of iOS.

So when a user types a passcode, iOS doesn't work out if its valid or not, it has to ask Secure Enclave if its valid or not, the SE just says "yes" or "no", or in some cases iOS passes it what it thinks are the keys, and if the keys are valid, the SE hands back the decrypted object.

Amongst other things, what that means is that the Secure Enclave can make up its own rules as to when it trusts iOS and TouchID or not.

- 48 hours elapses without unlocking the phone ? Stop trusting Touch ID and iOS, and require the passcode to be re-entered
- Reboot the Phone ? Stop trusting TouchID and iOS and require the passcode to be re-entered
- 3 incorrect Fingerprint reads ? Stop trusting TouchID and require the passcode to be re-entered

All of this is explained here: https://www.apple.com/business/docs/iOS_Security_Guide.pdf

What Apple has done is not perfect, but it sets a very high standard compared to the industry as a whole.

So if you arrest someone with a TouchID capable device, and you want to unlock it, if they reboot the phone, then the passcode is the only way to unlock it. If they don't reboot the phone, you have less than 48 hours to use their fingerprint to unlock it, after which the passcode is the only way to unlock it.

Or you can be smart, and understand human behaviour, like the British police, and side step the whole issue that US law enforcement has run into with its heavy handed approach, and seize the phone while its unlocked :

 http://www.businessinsider.com.au/cops-seized-terror-suspect-junead-khan-iphone-going-undercover-encryption-britain-2016-4?r=UK&IR=T

 

tpkatsa said:

This is a federal terrorism investigation. The privacy issue is moot because the ONE phone in question belonged to a terrorist who is now dead. Apple needs to be very careful with this. Being perceived to be on the wrong side of an FBI investigation of a terrorist act where 14 people were murdered can't be good for Apple's image. There are times to stick up for privacy rights, such as when the government tries to do things without a warrant, or otherwise tries to circumvent the process, but not when the government has a court order from a federal judge for assistance with a dead terrorist's phone. Apple needs to do the right thing here and help the feds get any and all information that will help us understand what led to the murder of 14 people - anything less is a disgrace and an affront to those who perished in the attack.

If Apple actually had a tool that could assist the FBI , then this line of reasoning would have more merit.

However, they do not. Such a tool would need to be built. 

Apple are asserting, that such a tool , once built, can relatively easily be modified to work on any iPhone. As such , the very existence of such a tool presents a risk to all users of Apple devices, of which there are around 1 billion users.

There is no information on this phone that will bring the dead back to life. Indeed, it is very likely, certainly beyond balance of probabilities, and possibly beyond reasonable doubt, that there is no information on this phone that is pertinent to the investigation. The two murderers were careful enough to destroy every other electronic device they had. Do you really think, that people who were that thorough and organized and prepared, left this phone untouched, if there was even the possibility of it containing information of value. Farouk knew the county created the ICloud account and had the ICloud password , why would he plot on such a device, given his other attention to detail and thoroughness ?

This has nothing to do with the privacy of the Farooks, they are dead, and the phone was not their property.

it has everything to do with the phones of tens of millions of US citizens, and over a billion people worldwide. If such a tool is built, Asumming what the US government is asking for is actually legal, under US law, and it may not be (a judge in New York ruled , very strongly, in a similar case, that it was not, at least in a criminal case) , do you think the US government is the only government allowed to order the tool be used ? What if a foreign government demands the tool be used against the phone of a US citizen ? 

I have fought and killed terrorists in combat, and two of the things that separates us from them is the is rule of law, and protecting the weak. There are a lot of weak who need protection in that billion or so users. It is folly to harm the living in memory of the dead.

sflocal said:

Isn't a lot of this going to be moot soon?  I mean, when all iPhones use TouchID, it'll just be a matter of using the terrorists' thumb to unlock the phone, whether by force (I didn't see it happen) or the thumb not necessarily being attached to his hand.

Either way, I think it will be easier in certain ways down the road.

No.

To date, no version of TouchID does any additional checks that the person is alive when the fingerprint is presented.

However, there are two things that need to be true for TouchID to unlock the phone:

1. It is powered on, and after being powered on, it was unlocked with the passcode at least once.
2. It has stayed on, and been unlocked at least once in the last 48 hours .

If either of these things is false you need the passcode.

Reboot the phone, or let it go flat, and bang, you need the passcode.

in this case, the phone was found switched off (possibly flat).

So even if it was a 5s or later, they'd still need the passcode.

PassionsGate said:

I completely understand Apple's view of this...but let's not loss sight about why the FBI wants access to these phones....the couple in California committed an act of terrorism. Somehow this has become about the right to privacy...these people and therefore anyone who murders innocent people lost their rights.  Now having said this do I believe the FBI should have ability to access information on these phones...YES!  Do I believe Apple should give it to them...yes and no.  They should find a way to help the FBI but no they are not responsible to give the FBI a backdoor, this is the place of the FBI to find a way.  As to all the wing nuts who claim this is gonna give the FBI the power to collect information on anyone and everyone...give it a rest!  Most of you aren't worth the effort to have your paranoid, pathetic lives examined by the FBI, they have bigger fish to fry...and of course had the people who massacred all these people killed one of yours you'd be pissed at the FBI for not getting to the bottom of this matter and pissed at Apple for not doing all it could to help!!

Apple has given the FBI all the information is has. Apple gave the FBI advice on how to trick the phone in to giving up more recent information, but the FBI made a deliberate decision to destroy that option.

Apple built a tool to allow organisations to unlock their own phones (its part of Mobile Device Management), and San Bernadino county bought it, but never deployed it.

The probability that this phone contains any information of value is very low (The San Bernadino County Police Chief has said as much, and the murderers were tech-savvy enough to physically destroy their personal computers, and personal phones, prior to the attack.)

The tool that the FBI are asking for does not yet exist, and under US law, no company has been ordered to make such a tool, yet, using the law the FBI has asserted.

If such a tool is made, it can not be locked to just one iPhone in any permanent way - it can be easily modified to work on any iPhone of around that generation (later devices that use an A7 processor may need a bit more work)

Once such a tool has been made, it makes it much easier for the FBI to order Apple to use the tool on other phones, AND it makes it much easier for the FBI to order other phone manufacturers to do similar things (in most cases this is not necessary today, as most Android phones have physical local root compromises that make this straightforward for the FBI to simply do themselves, or contract it out to a forensics specialist). The thing is , how many other US phone manufacturers are there ? The answer is none really (Boeing and Raytheon). Anyone who is mass market, are all foreign companies, and the US court system has no jurisdiction over them.

If the US asserts a right to force foreign companies to do this as well, then it makes it much easier for Apple to have the same done to them by foreign governments. Even for US government owned phones.

Such a situation is a mess, and has an impact on the privacy of over a billion people. For thousands, or potentially millions, of them, particularly outside the US, it could be quite serious indeed. 

If it happens, then terrorists and criminals will just move to one of the multitude of ways of encrypting their data, without relying on anyone who is under US jurisdiction. They do this today. It is well documented. We will not be any safer from terrorists and they will still have gone dark. But the FBI will be able to access data on normal people's phones whenever it can get a court order.

Thats a REALLY big trade off to make, when the phone probably contains nothing of value, we know who committed the crime, and they are dead.

The FBI having unrestricted access to this information makes no-one safer. The US Government knew that something like 9/11 was happening from looking at unencrypted communications, but was unable to get enough information to make it clear that action was needed and prevent it. Several governments knew Paris was going to likely happen, again from unencrypted communications, but they weren't able to pull all the pieces together fast enough to understand the urgency, and prevent it.

Honouring the memory of 14 people does not outweigh the right to privacy of billions.

AwesomeJ said:

The FBI should be encouraging federal, state, and local governments to purchase an MDM solution to manage their mobile devices.  Properly configured MDM solutions, like JAMF Software's Casper Suite, allow the owning institution to unlock a device over the air.  We do this all the time for K12 students where I work. This functionality is not Apple ID dependent.

Indeed. The County actually had paid for an MDM solution, they just never got around to using it. Ideally for institutionally owned devices like this one, you'd combine an MDM with Apple's Device Enrolment program to make MDM mandatory and non-removable.