Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Haha, this is hilarious. They must be aware how much more that hurts their credibility.
I'm not sure whether I find them just shameless or stupid.
 
So 8 numeric digits will take about 92 days for computer to try all codes at 80 milliseconds each.
The 80 milliseconds is the lower limit. If Apple wrote firmware code that tries one passcode after the other, then it would take 92 days. I think some Chinese guys have created hardware that can tap in one passcode after the other; that might take one second per eight digit passcode or about 3 years. There was a blogger describing how he thought the FBI could get around the killer's phone security; that method would be a lot slower than one code per second. Fast enough for 10,000 codes in a week.

I wonder if the iPhone screen would last for three years with a machine tapping in pass codes at a rate of eight codes per second. That's not something it's designed for.
 
My niece, just to piss me off, just typed random codes in my phone a few months ago. lol :p
That's why there is a delay after a few wrong pass codes. It takes more than two hours to intentionally erase a locked phone by pressing random pass codes. (I think that is the real reason for the delay, not to stop hackers, but to stop punks who pick up your phone and try to erase it).
 
Anyone else think the FBI doing this comes across passive-aggressive? "Apple, you didn't help us and we proved we can do it so now we're going to help everyone in spite of you". Maybe I'm paranoid. :)
 
The 80 milliseconds is the lower limit. If Apple wrote firmware code that tries one passcode after the other, then it would take 92 days. I think some Chinese guys have created hardware that can tap in one passcode after the other; that might take one second per eight digit passcode or about 3 years. There was a blogger describing how he thought the FBI could get around the killer's phone security; that method would be a lot slower than one code per second. Fast enough for 10,000 codes in a week.
Regardless, of which a 12 digit code would more than cover any eventuality and should get us well past the next extinction event, asteroid or Yellowstone eruption. After which it won't much matter.
 
Is this some sort of "dog and pony show"? What's next...FBI unlocks iPhone of shoplifting 14 year old at the request of local authorities?
 
That's why there is a delay after a few wrong pass codes. It takes more than two hours to intentionally erase a locked phone by pressing random pass codes. (I think that is the real reason for the delay, not to stop hackers, but to stop punks who pick up your phone and try to erase it).
Makes sense, punks and your own kids. LOL
[doublepost=1459438198][/doublepost]
Is this some sort of "dog and pony show"? What's next...FBI unlocks iPhone of shoplifting 14 year old at the request of local authorities?
And charges him under RICO act, because his two friends were in on it. Organized crime you see.
 
Quick.. We need to get skynet activated!
[doublepost=1459438577][/doublepost]
Attorney: "OK, we're at the screen asking for the passcode."

FBI: "Good, good, type 1 2 3 4 5 6"

Attorney: "We're in!"

FBI: "Excellent, don't tell anybody else the secret ..."
If that's the case...I'm going to have to jump broken ship to s7 edge for features..
 
The 80 milliseconds is the lower limit. If Apple wrote firmware code that tries one passcode after the other, then it would take 92 days. I think some Chinese guys have created hardware that can tap in one passcode after the other; that might take one second per eight digit passcode or about 3 years. There was a blogger describing how he thought the FBI could get around the killer's phone security; that method would be a lot slower than one code per second. Fast enough for 10,000 codes in a week.

I wonder if the iPhone screen would last for three years with a machine tapping in pass codes at a rate of eight codes per second. That's not something it's designed for.


Its not rocket science.
All you have to do is image the phone and the have your server farm running through multiple code/device images in parallel.
 
"Just this one phone"
I guess security isn't relevant anymore. I guess I would be jumping ship.
[doublepost=1459438895][/doublepost]
I think Apple needs to get to work building a stronger encrypted OS.
I don't think it would matter anymore. If Apple stated that they will assist law enforcement in anyway I highly doubt they would interfere. Also, I don't think apple knows how they cracked it.
[doublepost=1459439000][/doublepost]
How much does the FBI charge for a carrier unlock? So tired of paying AT$T's ridiculous international roaming rates...
9.99 plus tax and they will run your background check and tap your number.
 
I think Apple needs to get to work building a stronger encrypted OS.
For the FBI to agree to help a local prosecutor it makes me wonder if they are attempting to drive Apple in that direction, to 'encourage' Apple to strengthen the encryption significantly and then cry foul that Apple is deliberately working against law enforcement.
 
That is of course your personal preference/choice. I have absolutely nothing to hide also. However, I would never open my phone for a LEO willingly, on principle. Just because you don't want to give someone access to your phone doesn't mean you have something to hide.

Not trying to be a downer but I have 0 to hide. Let them eat cake if I become a murderer. Until then they have no reason to, nor would it benefit them in any way to look at my phone. In fact, I'd unlock it right now fr them if they asked.
 
Now the FBI is getting the right idea, don't try to force companies to build backdoors, find the vulnerabilities and exploit them, then share with other law enforcement agencies.

It would also be a good idea to share with the companies, so that they can make their devices more secure. Now you might ask how this would benefit the FBI? Well, the issue becomes how many government secrets might be stored on a particular type of phone? How much of info that can be used to bring down our infrastructure (think electrical grids, water systems, stop lights, etc.) might be stored on said phones?

Bottom line is these phones not being secure is a threat to our national security, so ultimately helping the companies to make their devices less hackable actually protects our national security. Yes, there is the trade off that it might make it harder to find terrorists, but it can make it harder on terrorists to commit the acts that they want to commit.
 
  • Like
Reactions: diegogaja
Apple would be the loser if they were trying to prevent the FBI from accessing the phone. However, that is not the case. They were trying to prevent the FBI from forcing apple to access the phone for them. Big difference.

Not in my opinion. I think Apple was the loser in this fight even. It was a lose-lose situation for them. I knew FBI was going to crack that phone sooner or later. Basically FBI said FU to Apple, we cracked the phones and we made your security look bad.
 
Don't fall for the marketing spin. That secure enclave is only for your finger print records. It does't stop the phone being hackable.
That enclave is no marketing spin. It makes the storage very secure and the only weak point is removing the attempt counter (physically) and brute-forcing the thing.
 
isn't is wonderful want the FBI can do on its own if they only put a bit of elbow grease behind their ears. :p

Now we'll suddenly see a host of "hey.. we can now get at all these other iphones now" we *couldn't* do that before, because we had no idea why.
 
I think Apple needs to get to work building a stronger encrypted OS.

Not just the OS but the hardware. There are many ways to encrypt data at a hardware level before a single op-code executes to access the data. While it is more of a cost, there are models of Flash memory that encrypt data and even erases its data if unmounted from a printed circuit board mount.

Sure the iPhone 7 will have a lot of fun tricks in its design.
[doublepost=1459440227][/doublepost]
That enclave is no marketing spin. It makes the storage very secure and the only weak point is removing the attempt counter (physically) and brute-forcing the thing.

Wouldn't be surprised if that was part of the technique used to get into the phone.
[doublepost=1459440347][/doublepost]
Not in my opinion. I think Apple was the loser in this fight even. It was a lose-lose situation for them. I knew FBI was going to crack that phone sooner or later. Basically FBI said FU to Apple, we cracked the phones and we made your security look bad.

That or some back door brokering was done where the iPhone was hacked by a third party, Apple confidentially condoned the action to keep looking like the White Knight. However, this is only conjecture.
 
Just PR? Have you been paying attention? Apple has been improving security steadily over the last several iOS and iPhone iterations. iMessage end to end encryption, Touch ID and secure enclave just to name a few. Your one requirement is that they improve it between now and the fall when the iPhone 7 will come out or else that's solid proof that it's lip service? HAHA. What a load of BS. Look at what Apple has done to improve security over the life of the iPhone (& iPads iPods, etc) and see how it actually has accelerated over the past few years.

And as to your sharpshootin of Mr. Cook, Apple was actively assisting the FBI, behind the scenes as it were, on this case. And has assisted LEO's many other times on previous cases. Apple didn't bring this issue out in the open. The FBI brought it out both to the public and in the courts without any prior notification to Apple. Apple was just responding to the FBI's actions in kind.

Your gut feeling is wrong...or at least uninformed. Apple has been steadily improving the hardware and software steadily over the past few years to the point that it's become one of the most secure phones on the market.

so after all that PR press, and great speeches that apple was fighting for our privacy/security, should we expect the iPhone 7 to become more secure? Or was it all PR ?

If apple remains silent on this and nothing changes in iPhone 7, it would have all just been BS to push sales. I'm sure Tim would have preferred this dragging out through the courts, building more publicity and momentum ahead of iPhone 7 launch. Your move Tim.

My gut feeling is that nothing will change. Unless sales are hurt .
[doublepost=1459400213][/doublepost]

Problem is 99.99999999% of iPhones will have 4 pin code. Average user is far too lazy to input a mixed 20 character passcode everytime they restart.
[doublepost=1459441147][/doublepost]You do realize that Apple wasn't trying to prevent the FBI from getting into the iPhone right? Apple was LITERALLY helping them to try and get into the phone and had helped with many other phones in the past.

Apple was trying to prevent the FBI from forcing Apple to break in to the phone...

So...Apple 1. FBI 0.

Apple 0. FBI 1

Everyone thought germanys enigma code was "unbreakable" too

Apple can spends billions developing the strongest encryption possible, the flaw will always be "its man made encryption"

Breaking news: FBI tells applle "go pound sand"
 
  • Like
Reactions: dk001
Don't fall for the marketing spin. That secure enclave is only for your finger print records. It does't stop the phone being hackable.
Actually the secure enclave handles passcodes as well - it's essentially responsible for dealing with the decryption / encryption of the storage.

The idea is that the actual iPhone firmware never touches the storage - instead it has to go via the secure enclave which has its own processor.

For the FBI to agree to help a local prosecutor it makes me wonder if they are attempting to drive Apple in that direction, to 'encourage' Apple to strengthen the encryption significantly and then cry foul that Apple is deliberately working against law enforcement.
Now that you mention it that wouldn't surprise me at all. Thing is, regardless of Apple's view on law enforcement it makes sense for them to want to secure the iPhone further. If the FBI can break in, others can too, even if they haven't yet disclosed the means through which they did.
 
In my mind there is a fundamental difference between being able to hack into a phone you have physical possession of; and that requires disassembly of the device, and removal of motherboard components - and being able to hack into a phone remotely; by means of covertly installing some piece of software, etc.

I don't worry about Russian criminals getting physical possession of my phone. Because I'm unlikely to leave it on a bus, and even if I did, the payoff for anyone finding a phone in such circumstances would be such that they would be extremely unlikely to expend the time and effort to open it up on the tiniest off chance that it might contain some information they could exploit for profit. If my phone is lost; it gives to the user time to remotely erase or otherwise disable it.

Maybe that should be the "reasonable standard" for smartphone encryption protection. A device that authorities actually have to have within their possession, and that requires a time-consuming and (presumably) expensive procedure to unlock. Versus something that can be done over the internet at essentially zero marginal cost.

Mostly agree. The difference is if *IF* it is something criminals learn to do, theft of the phone itself would cease to be the goal... theft of the information (i.e. banking credentials) could be far more lucrative.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.