Apple Says 'No'
-
This section seems a bit strange:-
Quote:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession.
If the file exists on the phone and was encrypted using an existing version of the data, how would installing a new version of the iOS allow easier unencryption? Also - wouldn't doing that utterly corrupt the chain of evidence meaning anything discovered could not possibly be used in a civilian court of law?
They have enough evidence to go to any level of legal measure required. This is an attempt to get more information and intelligence.
Regards, Nish
Website: www.voidnish.com Blog: voidnish.wordpress.com
-
Having been a developer for 30+ years, I can't sit here and believe that Apple doesn't already have a way to open a phone. Have you ever written encryption without a way to unlock it? How would you test it without an unlocking mechanism? It already exists - Apple just doesn't want to give it up.
If it's not broken, fix it until it is
A good encryption system is one that will not allow an attacker to decrypt a ciphertext even if he (a) knows the encryption/decryption algorithms and (b) has both plaintext and ciphertext of a set of messages encrypted with the key. If the key used has enough bits, the only way to crack the encryption is to attack the algorithm. Once the algorithm is known to be sound, you test an encryption system by generating keys (or key pairs). You do not encrypt (and destroy the plaintext) of any important data. No one can prove that many popular algorithms do not have built-in "back doors" (rumors about the NSA's work are legion), but if so - no one is talking...
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
-
If Mr. Cook chooses to ignore a court order, then Mr. Cook should be held in contempt of court. Isn't this what would happen to the rest of us?
I don't think he's simply going to "ignore" the ruling, they're going to appeal the decision. I'm sure Apple has an army of lawyers.
-
This section seems a bit strange:-
Quote:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession.
If the file exists on the phone and was encrypted using an existing version of the data, how would installing a new version of the iOS allow easier unencryption? Also - wouldn't doing that utterly corrupt the chain of evidence meaning anything discovered could not possibly be used in a civilian court of law?
I believe I read somewhere that there's currently a security measure that deletes the encryption key upon too many failed attempted login attempts. If I'm not mistaken, they're asking Apple to change that setting so that they can brute force the password (i.e. make it so it doesn't delete anything when faced with a brute force attack).
-
This section seems a bit strange:-
Quote:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession.
If the file exists on the phone and was encrypted using an existing version of the data, how would installing a new version of the iOS allow easier unencryption? Also - wouldn't doing that utterly corrupt the chain of evidence meaning anything discovered could not possibly be used in a civilian court of law?
Duncan Edwards Jones wrote:
If the file exists on the phone and was encrypted using an existing version of the data, how would installing a new version of the iOS allow easier unencryption?
My understanding is that if you attempt bad passwords X number of times, the phone bricks itself essentially. The "new" iOS being requested by the courts/FBI would allow unlimited attempts therefore making any phone that can have that OS installed brute forcible.
-
More people have been killed with babies by guns than terrorists. Don't let hoopla and propaganda cloud your judgement. Yes it was sad, but the media blew it up to play the fear card to make it seem like it's a much bigger problem than it really is. So, it's not worth Pandora's box being opened.
Jeremy Falcon
I say we ban babies! :suss:
-
I say we ban babies! :suss:
Agreed. They don't do anything but cry and poop anyway. Who needs them.
Jeremy Falcon
-
A good encryption system is one that will not allow an attacker to decrypt a ciphertext even if he (a) knows the encryption/decryption algorithms and (b) has both plaintext and ciphertext of a set of messages encrypted with the key. If the key used has enough bits, the only way to crack the encryption is to attack the algorithm. Once the algorithm is known to be sound, you test an encryption system by generating keys (or key pairs). You do not encrypt (and destroy the plaintext) of any important data. No one can prove that many popular algorithms do not have built-in "back doors" (rumors about the NSA's work are legion), but if so - no one is talking...
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
Daniel Pfeffer wrote:
No one can prove that many popular algorithms do not have built-in "back doors"
Most widely used algorithms have open-source implementations, meaning you can look at the source and see if you see any deficiencies or back doors. So... the algorithms themselves are pretty sound.
-
Duncan Edwards Jones wrote:
If the file exists on the phone and was encrypted using an existing version of the data, how would installing a new version of the iOS allow easier unencryption?
My understanding is that if you attempt bad passwords X number of times, the phone bricks itself essentially. The "new" iOS being requested by the courts/FBI would allow unlimited attempts therefore making any phone that can have that OS installed brute forcible.
We answered the same thing at just about the same time, so I guess that is the stated story. I can see the concern, if this "modified" version of the OS got out onto "the wild", anybody could brute force an iPhone.
-
legal precedents are harder to over turn than they are to not create in the first place and I was lso thinking of this:
Quote:
"asked us to build a backdoor to the iPhone" — something he described as "too dangerous to create."
pandora's box, that would be exploited by criminals and legally allowed representatives alike. Really bad idea!
GStrad wrote:
asked us to build a backdoor to the iPhone
Ah, yes. That's certainly a nasty box. I was thinking purely of the legal rights. X|
cheers Chris Maunder
-
Daniel Pfeffer wrote:
No one can prove that many popular algorithms do not have built-in "back doors"
Most widely used algorithms have open-source implementations, meaning you can look at the source and see if you see any deficiencies or back doors. So... the algorithms themselves are pretty sound.
Very few people have the background in cryptography required to analyze an encryption algorithm. An algorithm with a vulnerability could be perfectly encoded, but still be vulnerable to attack.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
It could be a marketing stunt on the part of Apple: (1)Apple publish that they refuse to unlock phones knowing damn well that that will unlock them. (2)Their sales go up and they gain a market share from the Android users who think 'Apple have an ethical stance'. (3)Apple then say that sadly they had no choice and unlock the phone - they come out of it smelling of roses.
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
-
But why go to Apple? Just hire 2-3 really good phone hackers and they'll get in within a week.
Regards, Nish
Website: www.voidnish.com Blog: voidnish.wordpress.com
I'm pretty sure that would be illegal and any evidence uncovered would be inadmissible in any U.S. court. Law enforcement wouldn't be use any incriminating evidence, if found, to levy charges against any other accomplices.
if (Object.DividedByZero == true) { Universe.Implode(); }
-
Very few people have the background in cryptography required to analyze an encryption algorithm. An algorithm with a vulnerability could be perfectly encoded, but still be vulnerable to attack.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack. --Winston Churchill
"Very few" is different than "no one", I believe you used the latter.
Daniel Pfeffer wrote:
An algorithm with a vulnerability could be perfectly encoded, but still be vulnerable to attack.
Sure, that is true of anything in this world, but that's the rationale for open sourcing projects... To allow other people other than the original designers to assess vulnerabilities.
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
It is not like that...but Apple has no idea how to unlock iPhone :-D
Skipper: We'll fix it. Alex: Fix it? How you gonna fix this? Skipper: Grit, spit and a whole lotta duct tape.
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
You need to get the full story. The government has not asked Apple to "unlock" that phone. The government wants Apple to create and install software on that phone which makes it hackable. Software can be copied. You may or may not love to hate Apple. But their words open another perspective: Customer Letter - Apple[^] :suss:
Life is too shor
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
The question is...can you trust the government. When you see how the IRS abused its power, I think the answer is obvious: No. Any tools given to the government will be used against real and 'perceived' enemies. A 'perceived' enemy is someone you disagree with politically.
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
Apple are saying no because it will devalue their biggest selling product. Even if we believe that it was special software written to access one particular phone, the fact that it could be done to anyone on a court order may well deter people from their products in the future. Having said that, I find it disingenuous of Apple stand up for security concerns when they've allowed such easy access to the data to, albeit legitimately, installed applications such as Facebook. Ultimately we should consider any computing device, especially devices capable of over the air comms, as insecure anyway.
-
Apple Fights Order to Unlock San Bernardino Shooter's iPhone[^]. Normally I would side with Apple, but I live 20 minutes from San Bernadino so this one hits home. The Gov isn't asking hem to unlock EVERYONE's phone - just this one. It could start a dangerous precedent, but I think the opportunity to discover valuable intel trumps Apple.
If it's not broken, fix it until it is
-
If Mr. Cook chooses to ignore a court order, then Mr. Cook should be held in contempt of court. Isn't this what would happen to the rest of us?
