Apple Ordered to Create a Backdoor

ManoaHi · Feb 18, 2016

ozznixon said:
Why not build a device which they can pull he guts of the iphone, and treat it like a slave drive on a PC... boot the master device, mount the secondary device and voila... data.

Patent that idea!
O.

That's not the problem. What you would get when you mount the "guts" is "voila...garbage, oops". It is still encrypted with a "baked in code" + user's password. Sure they may get the password eventually (remember you can make the password really long and complex), thus making it hard to brute force, but how will they get the "baked in code". It's in the crypto engine, which sits in the DMA path. Once you start messing with the DMA path you risk corrupting the data. This is also true of the Samsung Android phones/phablets as well, don't forget that if Apple loses, the entire industry (all makes an models) will be affected since the FBI would have a precendent case. Don't think of this as just an Apple issue.

Mr. D · Feb 18, 2016

I had a relative hiding under a table in the San Bernardino terrorist shooting! I'm a moderate Liberal & behind privacy 100%, but Apple better damned well figure out a way to obey Federal warrants for information on "specific iPhones" or Americans will turn against Apple! No company should be able to sell a system that allows terrorists & criminals to communicate secretly & safe from a "specific Federal Warrant issued on one specific phone"! My God, are we trying to aid criminals & terrorists?? That would be making a profit by aiding terrorists & criminals to keep law enforcement from detecting crimes & terrorism! No information should be denied a legal warrant issued by a judge on a specific iPhone, computer or any other method of communication in an investigation!

c5vetter · Feb 18, 2016

The iPHONE is CALEA compliant (by US Gov't & international treaty), and IF that is not enough -- change the law and spell it out specifically what you want ALL mobile phone manufacturers to do and be compliant. Crippling Apple changes nothing in this argument.

ManoaHi · Feb 18, 2016

Mr. D said:
...Apple better damned well figure out a way to obey Federal warrants for information on "specific iPhones" or Americans will turn against Apple!

1. Does anyone have proof that the iPhone was used in the shooting?
2. Anyone with half a brain won't use the company's phone for such communication. The phone comes under the company's control.
3. Could this person have got another phone and used that intead? Sort of a no-brainer.
4. Did the FBI get the meta data (which is not encrypted) from the service provider? This determines if that phone was ever used. They would not have had enough time to sift through it after getting a warrant for the service provider. Another no brainer.
5. Please remember that the government madated kill switches:
http://www.theverge.com/2014/7/21/5...scrambling-to-pass-smartphone-killswitch-laws
most manufactures already built it into their phones. But most have to be turned on, do we have proof the he turned it on?
6. We have MDM so we can wipe any of our company phones at any time if they are lost or stolen. Has the employer stated that they didn't wipe the device?
7. This is not an Apple only issue. If Apple loses, it will be a precedent case for any electronic device with strong encryption. That would even include banks. Also hackers will get into the backdoors eventually and if gaping, it could be just hours. In other words at that point law enforcement would be so overwhelmed, with fraud, robbery, identity theft, ransom, other severe crimes. Right now, they have to resort to low tech phishing.
8. Everytime the government gets involved in tech, it has many unintended consequences. Like when encryption technology, the US was second to none and then the tech became "munitiions" and thus barring US companies from spreading their encryption tech outside the US. Now the US is way behind as other countries don't have such restrictions and have significanly leap frogged the US, even our allies.

"Americans will turn against Apple!" Actually, no, the exact opposite. They will turn against Apple if they capitulate, but it has much much farther reach than just Apple. I have an iPhone 6S (iOS) and a Samsung S6 (Android) they both have strong encryption. They would be compromised, to the hackers, if not the government. You also realize that if Apple loses, the government can do this without a warrant and the criminals never bother with warrants. Also, terrorists or criminals will have the means to encrypt their communications if easy to hack current technology, where the manufacturures won't even have a clue to undo. Then warrant or not, the encrytion could never be undone, where it sits right now.

Cr00zng · Feb 18, 2016

XJ-linux said:
The FBI needs a plausible chain of custody regarding this iPhone - every single thing that has been done to it, by whom, when, and how it was done - if it wants to use it for prosecutions in court, or to obtain warrants for search, seizure or wiretaps from a court.

You seem to forget that the court order does allow for the possibility of:

the custom firmware might be used only at an Apple location
with the FBI having remote access to the passcode recovery system

This is why the FBI (DHS) needs "Apple assistance" to open it, unless they want to either disclose in court records that they successfully surreptitiously opened it, or have a big redacted pubic record regarding the opening process which is as good as saying they cracked it.

Apple doesn't want that either, because the conclusion is that Apple iPhones are hackable by the US government without any help from Apple. As such, Apple will eventually "open" it for them, but will kick the can a while publicly to save their image and stock value.

The court is asking Apple to provide a a custom code for the specific iPhone in question that removes the device wipe after ten unsuccessful try and the progressively increasing delay time between entering the PIN. In addition, it also ask for allowing programmatic enter of the PIN, instead of manually via the screen. There's no request in the court order about encryption backdoor, nor does FBI need one if they can crack the PIN with the court ordered custom firmware code for the device in question.

The requested custom firmware, that can include serial number, WiFi/Bluetooth MAC, etc., would be signed by Apple. Any changes to this firmware, even just a single character, would invalidate the firmware certificate of authenticity and as such, would refuse to load. And to be the safe side, the device in question could have the latest available iOS version installed, once the PIN had been recovered. At which point Apple can just revoke the certificate for the custom firmware.

The question is, does Apple have the technical capabilities to perform these steps? The FBI seems to think so and the court/judge agreed with them since all three items requested from Apple are, well, based in software and Apple should have the technical capability to comply with the court order.

Doing so does not mean that the US government could hack any iPhones on their own, quite the contrary. The request actually proves that Apple's encryption method is solid and the only way to decrypt the data is to discover the PIN that cannot be done without Apple's help.

In general, I still support Apple's decision for appealing the court order. It is the right thing to do, making it hard for the FBI to submit such request. I also believe that in this case, Apple will cave in due to the case at hand. Especially, if they have the technical capabilities to assist the FBI in their effort to investigate every aspect of the heinous crime committed by the owner of the device in question. Apple owns that to their users...

urbanman2004 · Feb 19, 2016

Even though I own no Apple mobile devices (i.e. iPhone) this is why I never trust the government.

cbarney · Feb 19, 2016

encryption

i've read that iOS8 wipes out all date following ten unsuccessful attempts to enter the 4-digit passcode.

i use iOS8 and had never heard of this feature. is it a user preference, or is it built into the operating system? is there no way to turn it off?

chscag · Feb 19, 2016

cbarney said:
i've read that iOS8 wipes out all date following ten unsuccessful attempts to enter the 4-digit passcode.

i use iOS8 and had never heard of this feature. is it a user preference, or is it built into the operating system? is there no way to turn it off?

Not a user preference. It's a security feature built into the firmware of the iPhone once iOS 8 is loaded and there is no way to turn it off or defeat it.

bogwort47 · Feb 19, 2016

Hi Everyone

First off, I believe that this whole thing may have got out of hand - mis-handled?? Read this: http://www.thedailybeast.com/articl...ked-iphones-for-the-feds-70-times-before.html

Regrettably, the judge that issued the 'order' obviously did not understand what or was misguided in what he was being persuaded to do by the 'security services?', or else he would have realised that it would create a serious ongoing risk to personal and national/world security which none would wish for.

OK, so it has been done before for individual phones and unless there is something different, which we haven't been told about, it should be possible now.

Apple are quite correct to refuse sharing, let alone a 'backdoor' for reasons that it is inappropriate to go into in public, but are well known to those knowledgable in risk management.

It is possible that an error of judgement was made at a relatively low level leading to the misguidance of the legal process. If this is the case, then a speedy back down might unblock the current impasse and lead to a speedy resolution of this matter by the 2 parties who must have national and world security as their top priority.

In the legal parlance, senior partner would have a private chat with senior partner and this 'difficulty' should go away with little or no change to anyone's level
of risk.

Hope this sheds some light on these issues...

Meadoway · Feb 19, 2016

The issue is wider than Apple

Apple are right to resist the demand by US Govt.

Apple did not kill those people, it was a deranged individual who under the current trendy guise of being a muslim and follower of Islam, for what ever reasons decided to kill some people using guns.

Many other people have been killed in the same manner and those people up to now it appears have not been a user of an iPhone? -I think not.

Many others have and will be killed in the same manner and they will be white people who pull the triggers and are not “Arabic types clutching copies of the Quran and a Kalashnicov”

So, instead, why not call for better security services in the USA?

Why not pressurise Muslim clerics and supporters of Islam and urge them to be doing more to identify and eliminate the nutters in their midst ?

So why not have a go at the Gun manufacturers ?

So why not have a go at the ease by which Americans can procure guns?

Apple are right to refuse to write a hack against their own product, there is a famous and fairly recent period in the UK when it was possible to hack phones, - the actions of those who did it cost a newspaper its business and many others their freedom.

Once the hack exists, ones privacy is no longer secure.

Do we really have to repeat history?

cbarney · Feb 19, 2016

chscag said:
Not a user preference. It's a security feature built into the firmware of the iPhone once iOS 8 is loaded and there is no way to turn it off or defeat it.

thank you. interesting that no one at apple ever mentioned this feature when i bought an iPhone 6 at the apple store.

i'm now on iOS 9.2.1 (13D15), which i assume incorporates the feature from iOS 8. no idea what the parenthetical material means.

Cr00zng · Feb 19, 2016

chscag said:
Not a user preference. It's a security feature built into the firmware of the iPhone once iOS 8 is loaded and there is no way to turn it off or defeat it.

While it is correct...

The Device Firmware Update, or DFU for short, allows to update the iOS, firmware and the Security Enclave (SE) without the PIN for the iPhone, regardless of the version of iOS. The same feature allows jailbreaking the iPhone. The iPhone in question is the 5c that does not have the Security Enclave, that makes it easier for Apple to do what the curt ordered them to do. Apple is probably on its way to lock down the firmware vulnerability, by the iOS version 10.x the latest, which will make it hard if not impossible to jailbreak the iPhone.

The number of tries and time delay is "baked" into the firmware, not into the iOS. The court order isn't asking for a backdoor for the iPhone encryption, or the iOS, it is asking for specific firmware for the 5c in question to enable cracking the PIN. Once the PIN is known, the data will be decrypted by the iOS.

The White House collecting signatures for halting the efforts that compel Apple and other device manufacturers to build backdoors into their devices. Here's your chance to object against backdoors in your device....

https://petitions.whitehouse.gov/petition/apple-privacy-petition

macular · Feb 20, 2016

Perhaps Apple will comply now that The Donald has put in his request... "Boycott Apple until such time as they give that information."

dtravis7 · Feb 20, 2016

macular said:
Perhaps Apple will comply now that The Donald has put in his request... "Boycott Apple until such time as they give that information."

Apple is laughing at old Trump Card. The very fact he used HIS iPhone to do the tweet made them LOL! I told Trump, not sure if he saw what I said or not) don't let the door hit you on the rear and that Samsung would love him!

I tried to switch to Samsung, both a Note Tablet and phone and was miserable and came back to Apple.

harryb2448 · Feb 20, 2016

Whilst USA is not my country Dennos, too often political jokes have a habit of being elected. I sure hope noti

chscag · Feb 20, 2016

I tried to switch to Samsung, both a Note Tablet and phone and was miserable and came back to Apple.

Hey Dennis, Samsung makes nice refrigerators and wash machines. ;P

chscag · Feb 20, 2016

harryb2448 said:
Whilst USA is not my country Dennos, too often political jokes have a habit of being elected. I sure hope noti

LOL, Harry. I think a few of us would be moving to Nambucca Heads if that were to happen!

XJ-linux · Feb 20, 2016

macular said:
Perhaps Apple will comply now that The Donald has put in his request... "Boycott Apple until such time as they give that information."

Yeah.. Tim Cook is a loser! I know Apple executives, they love me! Love me! A few of them have called me.. Important Apple execs... You'd know their names. Well, they call me and tell me it's a tremendous thing I'm doing.. TREMENDOUS! They've been waiting for someone to stand up to Tim Cook. That's what they said! They thanked me!
-D.T.

pm-r · Feb 20, 2016

chscag said:
LOL, Harry. I think a few of us would be moving to Nambucca Heads if that were to happen!

Man, I sure wouldn't be laughing too much, or at all if I lived or was a US citizen, and listening to and reading some of the US political headlines this evening… just bloody scary!!!

harryb2448 · Feb 20, 2016

We better start toughening up our immigration laws methinks Charlie!

Apple Ordered to Create a Backdoor

ManoaHi

Mr. D

c5vetter

ManoaHi

Cr00zng

urbanman2004

cbarney

chscag

Well-known member

bogwort47

Meadoway

cbarney

Cr00zng

macular

dtravis7

harryb2448

chscag

Well-known member

chscag

Well-known member

XJ-linux

pm-r

harryb2448

Shop Amazon