Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Page 1 of 2 1 2 >
Topic Options
#366028 - 22/02/2016 14:46 The FBI vs Apple
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868

Top
#366029 - 22/02/2016 15:42 Re: The FBI vs Apple [Re: drakino]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
I'm not sure how this couldn't set a precedent. "We want this now, but don't worry, we won't ask for it again."

Besides, aren't there still other avenues they can try? I thought I saw one report that Apple could increase the guy's iCloud storage limit, which might start the backups going again. I don't think I'd have a problem with that. I assume I don't understand that situation properly though.
_________________________
Matt

Top
#366030 - 22/02/2016 16:50 Re: The FBI vs Apple [Re: Dignan]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: Dignan
I thought I saw one report that Apple could increase the guy's iCloud storage limit, which might start the backups going again.
Originally Posted By: Apple's FAQ
One of the strongest suggestions we offered was that they pair the phone to a previously joined network, which would allow them to back up the phone and get the data they are now asking for. Unfortunately, we learned that while the attacker’s iPhone was in FBI custody the Apple ID password associated with the phone was changed. Changing this password meant the phone could no longer access iCloud services.

The FBI and the San Bernardino County changed the Apple ID/iCloud account password. There's a possible way they did this by using the iForgot support site and had access to the e-mail account tied to the account. Being that this phone was the property of San Bernardino County, it could have been his work e-mail address. The password reset that the two government agencies performed means the phone no longer can backup to iCloud, assuming that setting was still on. Being that they had success changing the password it indicates the account was not set up for two step verification. Or if it was, the government agencies involved reactivated the phone number on another device to receive the SMS with the verification code. They could have been attempting this path to gain access at http://icloud.com

If San Bernardino had the device under MDM control, they could flip that setting on, however they couldn't send the new password in via that path.


Edited by drakino (22/02/2016 16:57)
Edit Reason: Added bit about password reset and two step

Top
#366033 - 22/02/2016 20:39 Re: The FBI vs Apple [Re: Dignan]
tanstaafl.
carpal tunnel

Registered: 08/07/1999
Posts: 5549
Loc: Ajijic, Mexico
Originally Posted By: Dignan
Besides, aren't there still other avenues they can try?
Since the FBI thinks that Apple can decrypt the phone, why don't they just give the phone to Apple, let Apple do whatever magic it is they do, then put just the data on a flash drive and give that to the FBI? If the FBI wants the phone back, then let Apple re-install the stock iOS on it and return it.

tanstaafl.
_________________________
"There Ain't No Such Thing As A Free Lunch"

Top
#366034 - 22/02/2016 21:56 Re: The FBI vs Apple [Re: tanstaafl.]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
The reason your idea won't fly with Apple is because Apple wants to project the idea that your data is safe from anyone on their products, even from Apple. I'm sure this is a concern for some people while they post every detail of their life on Facebook they still want to be private.

I have mixed feelings about this. Especially since it looks to be a work phone. Most companies spell it out very clearly that any thing you do on their owned equipment is subject to their monitoring and is their data. So really the owner of the phone just wants their data.


Top
#366035 - 22/02/2016 22:09 Re: The FBI vs Apple [Re: tanstaafl.]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: tanstaafl.
Since the FBI thinks that Apple can decrypt the phone, why don't they just give the phone to Apple, let Apple do whatever magic it is they do, then put just the data on a flash drive and give that to the FBI?
For all devices running iOS 8.0 and later versions, Apple will not perform iOS data extractions as data extraction tools are no longer effective. The files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess.

For iOS devices running iOS versions earlier than iOS 8.0, upon receipt of a valid search warrant issued upon a showing of probable cause, Apple can extract certain categories of active data from passcode locked iOS devices. Specifically, the user generated active files on an iOS device that are contained in Apple’s native apps and for which the data is not encrypted using the passcode (“user generated active files”), can be extracted and provided to law enforcement on external media. Apple can perform this data extraction process on iOS devices running iOS 4 through iOS 7. Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, iMessage, MMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party app data.

The FBI is asking Apple to create a new instrument (in legal terms) to restore the ability to extract some data like what was possible from iOS 4 - iOS 7.

iOS 8 and above encrypt everything user created with the passcode entangled with the device UID, thus this instrument would be different then the past one. It would have to crack encryption too since the passcode is never sent to Apple.

Previous extraction was possible because that data wasn't encrypted by using the passcode, instead it only used the UID known to Apple at point of manufacturing. The previous instrument had no encryption breaking capabilities, it simply opened what was accessible with a known to Apple key unique to each phone. *edit* My explanation here is a bit off on the technical details, will add some diagrams that help explain the iOS 7 to iOS 8 changes easier then with words.

Specifically the FBI is asking Apple to create an instrument that defeats the following protections:
  • Disable the Apple programmed time delays between passcode entry attempts
  • Enable a way to attempt passcode entry over a USB, WiFi, Bluetooth or Cellular connection instead of direct touch screen entry.
  • Disable the user/owner facing setting that wipes user data after 10 failed passcode entries, a setting that the terrorist or San Bernardino County may have turned on


Edited by drakino (24/02/2016 21:19)
Edit Reason: Off on wording with how iOS 8 changed

Top
#366038 - 23/02/2016 01:22 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366042 - 23/02/2016 06:18 Re: The FBI vs Apple [Re: drakino]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: drakino
If San Bernardino had the device under MDM control, they could flip that setting on, however they couldn't send the new password in via that path.

Forgot MDM can also pop the passcode lock if needed. Seems San Bernardino County was paying $4 a month for some MDM solution, but never got around to ensuring it was on this particular iPhone they owned and handed over to their terrorist employee. Oops.

http://www.cbsnews.com/news/common-software-would-have-unlocked-san-bernardino-shooters-iphone/

Top
#366045 - 23/02/2016 15:16 Re: The FBI vs Apple [Re: drakino]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
I've blogged about this (broad summary, helpful analogy).

It's interesting to see how the employer and the FBI totally blew it with the whole MDM thing. Like, they should have been able to do this, but they screwed up, so now they're using that as a basis to go after something they've really wanted for a much longer time: a deep legal precedent.

The challenge, so far as I can tell, is trying to come up with a compelling way to even explain what the tech people are so upset about. The FBI's public statements are, needless to say, entirely one-sided on this.

Top
#366046 - 23/02/2016 18:03 Re: The FBI vs Apple [Re: DWallach]
K447
old hand

Registered: 29/05/2002
Posts: 798
Loc: near Toronto, Ontario, Canada
Originally Posted By: DWallach
I've blogged about this (broad summary)...
....
Quote:
... the suspects emails and other collected data might already make for a compelling case against them ...
Suspects are already dead, no?


Edited by K447 (23/02/2016 18:04)

Top
#366050 - 23/02/2016 18:54 Re: The FBI vs Apple [Re: drakino]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
Yeah, yeah. I was working to get that out fast, not necessary fully debugged. The real thing the FBI is presumably after is any accomplices.

Top
#366056 - 24/02/2016 14:45 Re: The FBI vs Apple [Re: DWallach]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: DWallach
The challenge, so far as I can tell, is trying to come up with a compelling way to even explain what the tech people are so upset about.

Zdziarski gives it a try, expanding an analogy Bill Gates used. : http://www.zdziarski.com/blog/?p=5714

Also speaks to a $200 device that could crack 4 digit pass codes and a flaw not closed till iOS 8.1.1. The widening use of it was a factor in iOS 9 recommending 6 digit defaults. The device exploited a flaw where incorrect attempts wouldn't be stored in flash quickly, allowing a power interruption to stop the auto wipe counter.

Top
#366060 - 24/02/2016 20:35 Re: The FBI vs Apple [Re: Taym]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA


I'm confused about one of their answers. The question says "Has Apple unlocked iPhones for law enforcement in the past?", and their answer is "no", but then they go on to explain exactly how they have indeed done it in the past. Was it a typo and they meant to answer "yes" there?
_________________________
Tony Fabris

Top
#366062 - 24/02/2016 21:13 Re: The FBI vs Apple [Re: tfabris]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
This reply covers it a bit and links to the law enforcement document Apple referred to: http://empegbbs.com/ubbthreads.php/posts/366035

Apple is defining unlock in that question as "Has Apple broken encryption or brute forced a PIN for law enforcement in the past?". Apple is stating that no they never have.

Apple with every iOS and iPhone release has continued to protect data on the device to prevent extraction (of already decrypted data) via methods both they, and 3rd parties were employing.

Top
#366064 - 24/02/2016 22:03 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
Apple is defining unlock in that question as "Has Apple broken encryption or brute forced a PIN for law enforcement in the past?". Apple is stating that no they never have.


If that's true, then how did they get data from phones for law enforcement in the past?

I believe I have a basic understanding of the technology here, so I understand Apple's position. But let me play devil's advocate for a moment so that I can make my issue with their answer on their Q&A page more clear.

The thing that people want to know with that question is, "What's the big deal? You've helped law enforcement crack into the data on phones before, so why is this different than what you already did before?"

For me, reading their Q&A page, it's just saying, "We have never cracked a phone for the fuzz, except all those times in the past when we did". They're not making the answer to that question clear.

Tom, what I think you're saying is:

They've never cracked the encryption on a phone or changed the OS to allow brute force attacks on the password before. In the past, the data on their phones wasn't actually protected very well, so they were able to retrieve the data for the fuzz without the need for those things.

If that's true, then that's what they should say on the Q&A page. But they're not coming right out and saying that in their answer. Probably because it makes one wonder about the chronology:

1. In the olden days, phones weren't secure or encrypted, so the fuzz could get whatever they wanted, right off the phone.

2. Recently, mfrs started securing phones, but they weren't actually very secure, and the fuzz could always enlist the mfr's help to get the data. Apple always complied in those cases.

3. Very recently, Apple decided to really TRULY secure phones, and are now balking at the fuzz's request to crack it.

Looking at the chronology that way, I think this really cuts to the heart of the issue, which is: Back doors have always existed. Apple has recently closed one, and this time, they're drawing a line in the sand at that point. The question is, why is the line at #3 worse than the one at #2? I understand the difference from a technological point of view, but what about the general principle? Apple seemed happy to help the fuzz at #2.

Maybe they weren't happy at all, actually. It looks like the newest encryption features were a time bomb waiting to go off. And I think they knew it would come to this, even as they were developing the newest encryption features. It almost sounds like the development of the new encryption was a calculated passive-aggressive move on their part, a type of protest against the government requiring companies to reveal customer's data all along.

Maybe Apple thought that, after they created these new encryption features, that they could honestly answer the government with "nope, sorry, no way to crack it, not possible". And now the government got clever and said, "but wait, you can crack it *this* way", and Apple was like, "woops".
_________________________
Tony Fabris

Top
#366065 - 24/02/2016 22:07 Re: The FBI vs Apple [Re: tfabris]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
I wonder if the real heart of the issue here is that the "secure enclave" circuitry was mistakenly designed to place the retry-attempt-backoff-interval onus on the operating system rather than on the chip?
_________________________
Tony Fabris

Top
#366068 - 24/02/2016 23:20 Re: The FBI vs Apple [Re: tfabris]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: tfabris
I wonder if the real heart of the issue here is that the "secure enclave" circuitry was mistakenly designed to place the retry-attempt-backoff-interval onus on the operating system rather than on the chip?

The secure enclave is not a factor with the iPhone 5c in the San Bernardino case. Only 64 bit iOS devices have the secure enclave portion of the SoC. The iPhone 5c was the last 32 bit iPhone Apple created. (Though the bitness of the CPU has nothing to do with the secure enclave, it's a convenient designation to know if it's there or not.)

So yes, for the iPhone 5c, only OS level software and the computational load limits retry attempts.

The 5s and above with the secure enclave may also be venerable to a method of bypassing delays somehow. It's unclear currently how in the discussion channels I've been following. The thought is that there is some sort of firmware upgrade path into the secure enclave that could be exploited.

Top
#366069 - 24/02/2016 23:21 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
Tony, I actually think there's a difference there, right in the general principle, rather than the technology.

In the past, precisely because data was not as well protected, Apple helped the authorities to retrieve data exploiting weaknesses in the system.

This time, they're being asked to weaken the system; to change it back to a previous, less secure state.

I think there's a significant different. One thing is to ask me to exploit weaknesses in my products, another thing is to force me to redesign them (worsen them).

The argument that this change will only affect this one phone is weak, also. FBI is already asking to use this same method on 12 more phones, and it could be used fraudulently on any other iPhone. Would I, as a consumer, consider an iPhone secure, at that point?

I've never been a fan of Apple, and while I think Apple products are great in many ways, unfortunately they have disappointed me more often than not. This case is winning me over to the iPhone, provided the Gov't does not force apple to break it.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366070 - 25/02/2016 00:08 Re: The FBI vs Apple [Re: Taym]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Originally Posted By: Taym
In the past, precisely because data was not as well protected, Apple helped the authorities to retrieve data exploiting weaknesses in the system.

This time, they're being asked to weaken the system; to change it back to a previous, less secure state.


Yeah. That is a really clear way of putting it. That's what the Q&A page should say.
_________________________
Tony Fabris

Top
#366071 - 25/02/2016 00:09 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Originally Posted By: drakino
The secure enclave is not a factor with the iPhone 5c in the San Bernardino case.


Oh! Right! I was remembering that incorrectly. Good point.
_________________________
Tony Fabris

Top
#366074 - 25/02/2016 03:42 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
This is a great interview. I just happen to agree on ALL Tim Cook said here.

http://www.theverge.com/2016/2/24/11110802/apple-tim-cook-full-interview-fbi-iphone-encryption
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366082 - 25/02/2016 22:00 Re: The FBI vs Apple [Re: drakino]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868

Top
#366090 - 26/02/2016 20:17 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Interesting article here:

http://www.nytimes.com/2016/02/25/techno...-cant-hack.html

It directly answers my earlier question, which was:
Quote:
Maybe Apple thought that, after they created these new encryption features, that they could honestly answer the government with "nope, sorry, no way to crack it, not possible". And now the government got clever and said, "but wait, you can crack it *this* way", and Apple was like, "woops".


The answer, according to the article, was, they hadn't yet seen their security measures like that, but now are going to be working toward a day when they truly can't hack their own phones. My favorite quote from the article:

Quote:
Apple’s showdown with the Justice Department is different in one important way. Now that the government has tried to force Apple to hack its own code, security officials say, the company must view itself as the vulnerability.

“This is the first time that Apple has been included in their own threat model,” Mr. Zdziarski said. “I don’t think Apple ever considered becoming a compelled arm of the government.”
_________________________
Tony Fabris

Top
#366098 - 27/02/2016 07:15 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
Very interesting way to put it.

Personally, the more I think about it, the more the "can of worms" argument gets relevant to me.

Once Apple is forced to write code as the Government wishes, for whatever reason, then it would have to constantly keep a shadow version of the code that complies with Government. Would this eventually be unsustainable, for technology or financial reasons? Would this eventually stop Apple from introducing new features that depend on encryption, or leverage some technology that would make it impossibile for the Government to break in?

I mean, this is so bad in so many ways.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366106 - 28/02/2016 00:57 Re: The FBI vs Apple [Re: drakino]
Dignan
carpal tunnel

Registered: 08/03/2000
Posts: 12338
Loc: Sterling, VA
I've been surprised by how much of the public has sided against Apple in this. I know that they have the more difficult side to explain (it's easy to say "the government needs this to stop terrorists"), but given how much affection the company has garnered over the past 15 years, I would expect them to have more people on their side. The numbers I've seen appear to hover around 50% of the public, however accurate that might be.
_________________________
Matt

Top
#366107 - 28/02/2016 03:55 Re: The FBI vs Apple [Re: Dignan]
K447
old hand

Registered: 29/05/2002
Posts: 798
Loc: near Toronto, Ontario, Canada
Originally Posted By: Dignan
I've been surprised by how much of the public .... The numbers I've seen appear to hover around 50% of the public, however accurate that might be.
This is the sort of thing where polls can indicate quite differently depending on who is asking and what is asked. And whether the people being asked actually understand the issue.

Misunderstanding about precisely what Apple has actually been asked to do for the FBI also seems widespread.

Apple has been rather consistently portrayed by media, for years, as accidentally successful with imminent potential failure just around every turn. The contradictory and conflicted nature of how Apple is portrayed and perceived is itself worthy of study.

Top
#366110 - 28/02/2016 12:23 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
I agree. I've been looking at few videos these days, and many people just don't seem to know the issue at stake, let alone the implications. Questions such as "Should Apple help the FBI to crack a terrorist's iPhone" don't help at all.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366134 - 01/03/2016 05:08 Re: The FBI vs Apple [Re: drakino]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Major decision out of New York that will hopefully help the case in California. http://techcrunch.com/2016/02/29/ny-judg...or-iphone-data/

Should also help quash other requests out of New York, where some parts of the government there were eager to see Apple lose to the DOJ in California.

Tony, I've still got a longer response I'll get to posting later in the week to respond to your questions elsewhere in the thread. Been keeping my limited free time focused on keeping up with the rapidly evolving situation.

Top
#366136 - 01/03/2016 12:32 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Let me be clear that I'm on Apple's side here. I just had a problem with the wording of their qa page, and wondered if maybe this is a showdown they've been expecting.
_________________________
Tony Fabris

Top
#366137 - 01/03/2016 14:50 Re: The FBI vs Apple [Re: tfabris]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: tfabris
Let me be clear that I'm on Apple's side here. I just had a problem with the wording of their qa page, and wondered if maybe this is a showdown they've been expecting.

Short answer, I believe yes based on watching the buildup to this for a while. It's part of the longer response I'm planning when I can give it the proper time to type it out. Including lightly touching on the technical aspects Apple has been building up that date back to the iPhone 3gs.

Top
#366146 - 02/03/2016 06:19 Re: The FBI vs Apple [Re: drakino]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
https://www.youtube.com/watch?v=g1GgnbN9oNw - Video of the testimony before the House Committee on the Judiciary Hearings.

Top
#366181 - 04/03/2016 01:14 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
The husband of a woman who was shot three times in the attack (but survived) supports Apple:
http://arstechnica.com/tech-policy/2016/...imes-in-attack/
_________________________
Tony Fabris

Top
#366182 - 04/03/2016 01:15 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Aaaand...
Rep. David Jolly (R-Fla.) introduces a pointless bill to blast Apple:
http://arstechnica.com/tech-policy/2016/...pointless-bill/
_________________________
Tony Fabris

Top
#366186 - 04/03/2016 11:42 Re: The FBI vs Apple [Re: tfabris]
Roger
carpal tunnel

Registered: 18/01/2000
Posts: 5683
Loc: London, UK
Originally Posted By: tfabris
Aaaand...


I can think of two scenarios where this bill isn't pointless: Federal information doesn't deserve to be encrypted securely. Or only federal employees can become terrorists.
_________________________
-- roger

Top
#366187 - 04/03/2016 11:57 Re: The FBI vs Apple [Re: Roger]
Tim
veteran

Registered: 25/04/2000
Posts: 1525
Loc: Arizona
Originally Posted By: Roger
I can think of two scenarios where this bill isn't pointless: Federal information doesn't deserve to be encrypted securely. Or only federal employees can become terrorists.
There are two situations here, which I think people are losing sight of.

The first is that of the private individual. When using your own phone, you should have the expectation of privacy.

The second is that of the employer. When you use their phone, you follow their rules. I know that every time I log into my work provided laptop the login screen says something to the effect of "This is company property, you should have no expectations of privacy when using it". Every time I get a new phone, I sign a form that basically says the same thing.

I have no problems at all with Apple not wanting to put private citizens' privacy at risk. That is how it should be. Keep my private stuff private.

I also have no problems at all with employers (such as the federal government) wanting to be able to see what their employees are doing with their equipment. They shouldn't be sending anything that needs to be encrypted (personally identifiable information, sensitive information) on a basic phone anyway, and at the very least need something similar to the SecuSUITE. They really should have a way to get into the phone, since they are the owners of it.

Top
#366189 - 04/03/2016 13:30 Re: The FBI vs Apple [Re: Tim]
Roger
carpal tunnel

Registered: 18/01/2000
Posts: 5683
Loc: London, UK
Originally Posted By: Tim
{Employers} really should have a way to get into the phone, since they are the owners of it.


And they do. I believe (though I've not looked into it in any depth) that Apple's MDM provides everything that an employer needs in this regard. It's just that the federal government is probably no more competent than any other private enterprise in using it appropriately.

And if it doesn't provide that access, then that's a reasonable argument for not using Apple devices.
_________________________
-- roger

Top
#366190 - 04/03/2016 13:41 Re: The FBI vs Apple [Re: drakino]
peter
carpal tunnel

Registered: 13/07/2000
Posts: 4180
Loc: Cambridge, England
Jolly strange idea about who holds the power in that relationship. Which is the direr threat: that the Feds stop buying Apple gear, or that Pope Cook puts the Feds (or the whole of the US) under interdict and stops selling them Apple gear?

Peter

Top
#366192 - 04/03/2016 14:09 Re: The FBI vs Apple [Re: peter]
K447
old hand

Registered: 29/05/2002
Posts: 798
Loc: near Toronto, Ontario, Canada
Originally Posted By: peter
... Which is the direr threat ...
Threat to whom?

Top
#366252 - 14/03/2016 17:04 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
John Oliver on the Apple Vs. FBI issue:
https://www.youtube.com/watch?v=zsjZ2r9Ygzw
_________________________
Tony Fabris

Top
#366281 - 21/03/2016 19:31 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
The standoff between the FBI and Apple has indeed been brewing for quite some time. According to this article, IOS 8 was about where it started:

http://www.macrumors.com/2016/03/21/apple-fbi-encryption-ios-8/
_________________________
Tony Fabris

Top
#366283 - 21/03/2016 20:27 Re: The FBI vs Apple [Re: tfabris]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Yep. iOS 8 was a big change in how aspects of encryption were handled on the phone. It closed off a number of tech support and other "back doors" of sorts that were being exploited by both unsavory criminals and law enforcement. It was also a jump in how they protected active data, instead of the past data at rest protections that have been around since the 3gs.

I'm aiming to circle back to that longer explanation of iPhone encryption changes likely this week or into the weekend. Which will also help to clarify Apple's choice of wording on that initial Q&A page.

iOS 9.3 betas also had hints of the iCloud backups being additionally protected using the PIN. Curious to see if that made it into the release today, or if that's being bumped to iOS 10.

Top
#366284 - 21/03/2016 20:52 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
Which will also help to clarify Apple's choice of wording on that initial Q&A page.


Oh, I understand their wording. I just think it sucks for the layman and should be re-worded on what's supposed to be their plain-english "FAQ" page.

They're distinguishing between "Have we ever unlocked an iPhone" and "Have we ever extracted data from an iPhone". I understand the difference, but the general public (and any given politician) will not. To most people, those phrases either mean the same thing, or they think that unlocking has always been a prerequisite for data extraction.

I just think the paragraph would be helped by an explanation of the difference between those two things, and why in the past it's been possible to extract data without unlocking. And yes, that critical difference is at the heart of the fight. The fact that most people don't understand the difference is part of why it's so controversial.
_________________________
Tony Fabris

Top
#366292 - 21/03/2016 23:10 Re: The FBI vs Apple [Re: drakino]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Notice to vacate the planned March 22 hearing filed by the government lawyers:

http://www.documentcloud.org/documents/2773536-Motion-To-Vacate-Hearing.html

Top
#366294 - 21/03/2016 23:34 Re: The FBI vs Apple [Re: drakino]
K447
old hand

Registered: 29/05/2002
Posts: 798
Loc: near Toronto, Ontario, Canada
Originally Posted By: drakino
Notice to vacate the planned March 22 hearing filed by the government lawyers:

http://www.documentcloud.org/documents/2773536-Motion-To-Vacate-Hearing.html
"An outside party" has offered to crack the iPhone in question...

The new four inch iPhone SE includes all the security features of the bigger models. Looks like even the 'inexpensive' iPhone fleet will become more security capable, on average, going forward.

Top
#366297 - 22/03/2016 03:03 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Wow. So, kicking the can down the road a little farther. Interesting.
_________________________
Tony Fabris

Top
#366298 - 22/03/2016 08:21 Re: The FBI vs Apple [Re: drakino]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
I am not sure this is good or bad news. The fact that the FBI may not NEED Apple to produce a "broken" OS now, does not mean they won't need it in the future. This may be just postponing the issue.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366304 - 22/03/2016 14:23 Re: The FBI vs Apple [Re: Taym]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
If the case remains open which it currently is, Apple has a legal right to ask what method the FBI is using. Will be interesting to see if the case gets dropped by April 5th to possibly prevent Apple finding out what exploit was found.

Top
#366308 - 22/03/2016 15:46 Re: The FBI vs Apple [Re: drakino]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
For what it's worth, I suspect that the FBI and others on its side were totally unprepared for the public backlash, and this is a way for them to back down without losing face. It also keeps the issue live for "next time", whatever that means.

Top
#366327 - 23/03/2016 06:44 Re: The FBI vs Apple [Re: DWallach]
Taym
carpal tunnel

Registered: 18/06/2001
Posts: 2504
Loc: Roma, Italy
Originally Posted By: DWallach
For what it's worth, I suspect that the FBI and others on its side were totally unprepared for the public backlash, and this is a way for them to back down without losing face. It also keeps the issue live for "next time", whatever that means.


I suspect this is PRECISELY what is happening. That is what I was thinking when I posted right above, here. Unfortunatey, constant attempts by Governments to extend their reach is often articulated in small steps across decades. If you look at both EU and US history, it seems to me there's a pattern there. I'd be much happier if this was the time when a principle is established and, as much as reasonably possible, set in stone. The public opinion backlash would help A LOT in that regard, and I am not sure that will be there next time, when they try again.
_________________________
= Taym =
MK2a #040103216 * 100Gb *All/Colors* Radio * 3.0a11 * Hijack = taympeg

Top
#366382 - 28/03/2016 22:18 Re: The FBI vs Apple [Re: K447]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Originally Posted By: K447
"An outside party" has offered to crack the iPhone in question...

Looks like it was successful. Official filing to vacate the initial order mentions the FBI has now accessed the data. http://pdfserver.amlaw.com/nlj/FBI_apple_20160328.pdf

People are guessing the flash ram was cloned, allowing a reset of the possible 10 tries counter. Important to note that the erase after 10 tries is not a default on setting. Looks like the contract from the FBI to a company for $15k was uncovered for whatever process was performed. http://www.macrumors.com/2016/03/23/fbi-israeli-firm-cellebrite-to-unlock-iphone/

Top
#366383 - 29/03/2016 00:12 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Ah, the irony. Israeli hackers can crack it, so the FBI goes to them.

I hope the point here isn't lost on the FBI or on lawmakers: If it's important to our government that our computers and phones don't get hacked by foreign powers, then they need to actually let our companies build them that strong.
_________________________
Tony Fabris

Top
#366385 - 29/03/2016 12:31 Re: The FBI vs Apple [Re: drakino]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
From public statements and whatnot, we know that the DoD / NSA types appreciate the importance of making phones hard to hack. It's just the FBI that's hard-headed about this, and they've managed to pull along a lot of their law enforcement colleagues.

No doubt, we're in a replay of the late 1990's crypto wars.

Top
#366459 - 05/04/2016 17:43 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
The truth behind how the FBI finally cracked the phone:

http://www.planteink.com/toons/2016/PlantB20160331.jpg


Edited by tfabris (13/04/2016 16:52)
_________________________
Tony Fabris

Top
#366508 - 13/04/2016 16:51 Re: The FBI vs Apple [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
According to this article, the previous cartoon wasn't far off the mark: they used a 0-day security flaw sold to them by some low-profile hackers, not the Israeli firm as previously reported.

https://www.washingtonpost.com/world/nat...26c5_story.html
_________________________
Tony Fabris

Top
Page 1 of 2 1 2 >