Jump to content


FBI/Goverment Orders Apple to create "backdoor" into customer phones; Apple tells them to pound sand

Saunders

By Saunders,
in Politics & Religion

Recommended Posts

Saunders Defensive Coordinator

Saunders

Posted
Posted
SAN FRANCISCO — Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.
On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.
Judge Pym ordered Apple to build special software that would essentially act as a skeleton key capable of unlocking the phone.
But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

 

 

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.
This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

 

 

This is fantastic news.

  • Fire 1
Link to comment

Saunders Defensive Coordinator

Saunders

Posted
  • Author
Posted

Donald Trump: Apple Should Open Up San Bernardino Shooter’s iPhone

 

Donald Trump said on Wednesday that Apple should comply with a court order demanding the company assist the FBI in unlocking the iPhone of one of the San Bernardino shooters.

“I agree 100% with the courts. In that case, we should open it up,” Trump said on Fox and Friends. “I think security overall. We have to open it up, and we have to use our heads.”

“To think that Apple won’t allow us to get into her cell phone — who do they think they are? No, we have to open it up,” Trump continued.

http://www.buzzfeed.com/kyleblaine/donald-trump-apple-should-open-up-san-bernardino-shooters-ip#.qaLEDpKxP

 

Trump's an idiot.

Link to comment
Saunders Defensive Coordinator

Saunders

Posted
  • Author
Posted

How do you make somebody assist? This judge is on crack.

 

If the FBI wants in the phone, no one is stopping them.

They can't get in, because of the security measures, and that's intentional. They're arguing for Apple to create a special backdoor that only the government can use, and for "this" specific phone. The problem is, that's impossible, and that's why they won't do it. It's opening pandora's box.

 

From one of my programmer friends:

 

 

• The Boot ROM checks if the iOS in flash memory is signed properly.

 

• If the signature is ok, iOS is loaded and run.

 

• Only code running on the device has access to the crypto coprocessor, which uses a buried and non-retrievable, device-individual, once-per-installation key to encrypt / decrypt the contents of the data partition on the device.

 

• Even then, most data is still encrypted a second time, and to get that opened the user needs to unlock the device, either via entry of the passcode or via Touch ID (the inaccessible secure enclave will provide a usable key only if the fingerprint has been recognized wthout the actual fingerprint ever being visible to the CPU).

 

• Only with the user-provided key the key chain can be decrypted and the actual user data can be accessed.

 

Fun fact: Even each installed app has its own individual file system encryption key, so even if an app could actually access raw files of another app (or of the main system) it would only see encrypted garbage.

--

 

What the FBI is asking for is a creation of a signed BootROM. The BootROMs are valid for any class of device (In this case, an iPhone 5C includes all A6 hardware (all iPhone 5C and iPhone 5). There is no way to lock the rom to a specific phone because the ROMs do not do checking for a device ID/IMEI. Once created, it could be used on any devices of the same hardware class. The iPhone 5C did not include secure enclave, but it does include full-device multi-stage encryption (enabled by default) and device-wipe after login failure. The FBI wants a rom that disables device-wipe and the software-triggered passkey lockout. They cannot ask for one that does device decryption, because that encryption is handled entirely by the encryption coprocessor which uses a one-time key generated unique for each phone and burned directly into the hardware.

 

However, that ROM can be then applied to any A6-class hardware. There is no way to restrict it to a single phone.

 

Link to comment


Landlord Head Coach

Landlord

Posted
Posted

 

 

I've got it. The FBI takes her phone... goes to her dead body, and uses her finger print... boom.

Ha! Great minds think alike!

 

Pretty sure the thumb print thingy was added with the iPhone 6. Gotta have the 4 digit code to get into this one.

 

 

 

 

5S, but the 5C, or the "budget 5", doesn't have one.

Link to comment
Saunders Defensive Coordinator

Saunders

Posted
  • Author
Posted

If this were simply about Farook's phone and the hassle involved in helping the FBI pry it open, it's unlikely Apple would be taking such a big public stand. The concern is that the government is trying to take advantage of a particularly odious defendant to set a precedent that could have much broader implications.

For starters, although the hassle involved in complying with the FBI's request is considerable, once Apple engineers have done the necessary work of creating the custom software it will be much easier to comply with other law enforcement requests for the same service. Today's extraordinary request for an extraordinary suspect, in other words, could be tomorrow's routine request.

And the Farook case comes against the backdrop of a larger debate about whether technology companies should be compelled in general to provide government "back doors" into their products. Throughout the past year, FBI Director James Comey has been warning that smartphone encryption is hampering law enforcement efforts. He wants to compel technology companies to provide law enforcement with access to their customers' data on demand.

On the campaign trail, Hillary Clinton has called for the technology sector to embark on a "Manhattan-like project" to figure out a way to provide back doors to law enforcement without compromising device security more broadly.

Technologists say that if technology companies deliberately weaken their encryption products to accommodate the US government, they'll simultaneously make those products more vulnerable to hackers and foreign governments seeking to exploit those same weaknesses. Either you build data security systems from the ground up to be unbreakable, in which case the government can't crack them either, or else you deliberately create exploitable security holes, in which case a whole range of bad actors can exploit them.

http://www.vox.com/2016/2/17/11037748/fbi-apple-san-bernardino

 

  • Fire 1
Link to comment
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

Visit the Sports Illustrated Husker site



×
×
  • Create New...