FBI Agrees to Help Arkansas Prosecutor Unlock iPhone and iPod in Homicide Case

[diegogaja]

I love posts that display, for all to see, the ignorance of the OP.

A. Apple wasn't trying to PREVENT the FBI from accessing the phone. They were fighting the FBI forcing them to open it for them.
B. Apple has been supporting a lot of social causes. However, it's good to see that you equate the suppression of a section of our society as a criminal act.

I must have missed some Law change that states that crime is forbidden except if done with a smartphone, in which case the criminal has the right to keep the phone contents away from police. This of course has another exception: if the crime is against LGBT lobbies, Apple will fight the criminal. Otherwise, Apple will be on the criminals side.

 

[CFreymarc]

Its not rocket science.
All you have to do is image the phone and the have your server farm running through multiple code/device images in parallel.

This one gets it. Many tasks can run in parallel. I see an iPhone hacking server farm in a dark basement for this purpose.

 

[diegogaja]

Apple has proved that it is more than willing to assist US LEO's.

Did you read those articles? None of those articles about China actually support your statement that "Apple has freely given source code to China". China requested it. Nowhere (that I read) mentioned that it was every actually given by Apple. And to be honest, that is really not important. You left out the part explaining WHY China requested to review the source code (as opposed to Apple just handing it over) China wanted to make sure there were no back doors or security issues with IOS. That doesn't seem as nefarious as you are trying to make it sound.

and I'm sure someone will mention that it's China, they can't be trusted, etc etc... You have a point. However, as much as I'm sure China would like to leverage some sort of power over US companies, they are more concerned about maintaining domestic power. that would be of greater concern to them.

Apple helped the FFBI over 70 times in unlocking in the past. Even for molestation cases.

Apple has freely given source code to China in the past, more than once, and even when China asked for it for security reasons. If Apple can help China it can help the US.

http://www.watertowndailytimes.com/...-precedent-in-current-privacy-debate-20160221

http://qz.com/618371/apple-is-openl...-in-china-it-takes-a-very-different-approach/

http://www.zdnet.com/article/if-apple-can-help-china-it-can-help-us-us-doj/

http://qz.com/332059/apple-is-repor...ess-to-its-devices-for-a-security-assessment/

http://www.thedailybeast.com/articl...ked-iphones-for-the-feds-70-times-before.html

Only if the code is "99999999" and isn't programmed to be the first numerical sequence attempted.

Besides, most people use "55378008".

I thought it was 8675309?

 

[ChrisCW11]

The slope is getting more and more slippery.

Authorities can enter your home, car, place of work, access your PC, can tap your landlines, tap your cell communications, heck they can even search your bodily orifices, so why is accessing contents of a phone any slipperier?

I don't understand why phones suddenly became the line that should never be crossed when you are being investigated for criminal activity after years of people having to bend over and spread-em at an airports or in jails? I think society needs to adjust their standards and raise the bar a little.

 

[TsMkLg068426]

I find it funny first Apple was not willing to help to crack the iPhone than FBI finds someone who can and when they say for only for one iPhone but now using the same hack on another iPhone for another crime what a circus.


And now Apple is asking for the codes that FBI is using to breaking into the phone when they didn't help out the FBI by giving the Encryption code to access the terrorist iPhone.


It's a damn circus this is going to turn into one of those patent troll cases that will never end who knows maybe into a OJ Simpson type circus.

 

[wovel]

Its not rocket science.
All you have to do is image the phone and the have your server farm running through multiple code/device images in parallel.

It is not quite that simple. You will have to run through all possible encryption keys that way and not just pass odes or even passwords. You would need thousands or perhaps orders of magnitude more images to finish in a reasonable time frame.(I don't recall the key length at the moment). With that you will need some amount of overhead just coordinating the parallel attempts.

With the iPhone 6 I am dubious that any amount of time allows this solution to work.

 

[rdrr]

I must have missed some Law change that states that crime is forbidden except if done with a smartphone, in which case the criminal has the right to keep the phone contents away from police. This of course has another exception: if the crime is against LGBT lobbies, Apple will fight the criminal. Otherwise, Apple will be on the criminals side.

So you think that police have every right to access any phone or its contents if you are accused of a crime, without a warrant? Pretty sure there was something about due process and search and seizure, in that pesky document that gives you the right (assuming you're American) to express your opinion towards LGBT lobbies. I have no idea how the two relate, but you have the right to have that opinion, like I have the right to keep Police/Government out of my phone without a warrant.

 

[WhySoSerious]

"Just this one phone"

Here we go. Going to happen a lot more now.

 

[Larry-K]

Then it will be an inconvenient pain to reinstall the entire thing.

Luckily, I don't give my phone to anyone, ever.

People who let their children play with their phones, especially their work phones, get what they deserve.

 

[Krandor]

Here is what I find interesting which hasn't been mentioned.

hrough the whole case, the FBI claimed they had to have Apple's help to get into the iPhone because only they could do it.

Now, based on this article they don't just have the method they used against the shooter, but also have a SECOND way to get into the phone as well. So we have gone from no way to get into an iPhone without apple's help to having two ways to do it.

Now I do think we are going to find this second phone is a real old one before apple added in the full encryptions and other things .

 

[576316]

"Just this one phone"

This is exactly what I thought when I saw this on BBC News. Apple were absolutely right. The FBI knew exactly what they wanted Apple to create and now they've found a way without Apple's help, they're going to use it as much as they can. The article seems to suggest they didn't use the same method, but all the same Apple need to patch these vulnerabilities.
[doublepost=1459454382][/doublepost]

I have mine set to 5 attempts.

Doesn't this feature nullify the iCloud device lock though? Allowing the thief to re-sync the iPhone. I thought the wipe feature reset the phone to factory settings.

 

[mariusignorello]

Didn't know you could do that...

Anyway, the delay after an incorrect attempt only kicks in after five attempts. That means anyone getting hold of your phone for a minute can prank you by entering five incorrect passcodes, and erasing your phone. Better have a backup.

Use Apple Configurator to create the configuration profile with the passcode policy. With Touch ID its 5 incorrect fingerprints plus 5 incorrect passcodes. My devices make daily backup so it's not a big deal.
[doublepost=1459455288][/doublepost]

This is exactly what I thought when I saw this on BBC News. Apple were absolutely right. The FBI knew exactly what they wanted Apple to create and now they've found a way without Apple's help, they're going to use it as much as they can. The article seems to suggest they didn't use the same method, but all the same Apple need to patch these vulnerabilities.
[doublepost=1459454382][/doublepost]

Doesn't this feature nullify the iCloud device lock though? Allowing the thief to re-sync the iPhone. I thought the wipe feature reset the phone to factory settings.

Oh no, it'll still be locked if someone steals the phone. When you choose Erase All Content and Settings it asks you for your iCloud password to turn off Find My iPhone

 

[tgara]

I didn't until the FBI started this whole hullabaloo. If nothing else, it made me realise my security could be better.

Right, automatically delete all your kiddie porn.
[doublepost=1459455715][/doublepost]

I have no problem with this. The FBI needs to access the phones of bad guys.

They're not gonna invade your wifi. Take off your tin foil hats.

Exactly. That's why there are all sorts of legal requirements and judicial approval before they can do this. Despite what the conspiracy theorists say, nobody is looking at the cat videos on your phone.
[doublepost=1459455805][/doublepost]

Here we go. Going to happen a lot more now.

Of course it's going to happen. Whenever the FBI gets a legal warrant approved by a judge to access a bad guy's phone, they are going to do it. And they should.

 

[ck2875]

Right, automatically delete all your kiddie porn.

TBF I use iCloud Backup and iCloud Photo Library. Apple would hand all my info over to legal authorities regardless of the passcode. I just don't want to lose my phone and have to worry about some bloke (i.e. Gary from the John Oliver video) wanking off with my dick pics.

 

[miniyou64]

So you think that police have every right to access any phone or its contents if you are accused of a crime, without a warrant? Pretty sure there was something about due process and search and seizure, in that pesky document that gives you the right (assuming you're American) to express your opinion towards LGBT lobbies. I have no idea how the two relate, but you have the right to have that opinion, like I have the right to keep Police/Government out of my phone without a warrant.

Do you have any idea how easy it is to get a warrant? You might as well let them right in if your only standard is that they need a warrant.

 

[dk001]

So did Apple really win? They won't need to create the back door the FBI was asking for but on the other hand the FBI now has a way to get in (older phones/iOS versions only??) without Apple knowing what it is.

Would it be better to have full control or no control at all? Apple will probably look better to the consumer not having control but then do we feel better knowing the FBI can bypass them?

Now that this "process" is being used in criminal cases it will be open to analysis by defendants via their "experts". This makes it really easy for Apple to get. I would be ROTFLMAO if the defendant has their counsel ask for Apple to evaluate the "process".

 

[Nunyabinez]

It appears that most people on MR are completely ignorant of what happened to access this phone. It was not an "exploit" in iOS. They contracted with an Israeli company that works with microchip technology.

While the FBI is not going to disclose how they accessed the phone, it likely had to do with lasering into the chip to access the data location that records the number of attempts at opening the phone. Then they brute force the pass code, rewriting the portion of the chip counting the number of attempts over and over again so that it never goes over the limit.

Apple doesn't need to make iOS more secure, and the reality is that there are smart enough people in the world to eventually break through any attempt to hide things. But that doesn't mean that iPhone's aren't the most secure phones on the planet and that the average person is at risk.

The technology and knowledge to break into this phone is only available to the most sophisticated people and is not suitable for stealing an average joe's phone as it likely renders the phone unusable and would be so expensive to own and use that no one, other than a government would be able to benefit from it's use.

That's why in the case from the OP it was mentioned that the information obtained would likely NOT be used in the trial itself, because in order to do so, the FBI would have to disclose how they obtained it, and that will not happen.

 

[tgara]

So, the FBI said:

1. Just this one phone
2. We have exhausted all other avenues to unlock
3. Only Apple can do this

And...

1. FALSE
2. FALSE
3. FALSE

Revisionist history. Each of the statements are actually true.

Re #1, Everybody gets this wrong because they have selective hearing. In his congressional testimony, Comey was referring to the ONE iPhone in the SB shooting as described in the warrant and writ. He was not seeking access to every iPhone on the planet.

Re#2 and #3, those statements were true when he said them. The FBI continued to pursue all avenues to crack the phone, and it was not until several weeks later did a third party appear to assist them on gaining access. You didn't think the FBI was just going to sit around and play CandyCrush while the court proceedings dragged on, did you?

 

[dk001]

Not in my opinion. I think Apple was the loser in this fight even. It was a lose-lose situation for them. I knew FBI was going to crack that phone sooner or later. Basically FBI said FU to Apple, we cracked the phones and we made your security look bad.

That's the problem with headline perception. This was not about accessing the device. It was all about setting a precedent for conscripting help and finding a way legally around CALEA.

If your perception from this is your statement; something all device makers deal with: hacking, I feel you totally missed the boat.
[doublepost=1459461579][/doublepost]

Agent writing that was eating M&M.

or a Lays ...
[doublepost=1459461663][/doublepost]

What happens if a relative + kid gets hold of your phone and tries repeatedly to unlock your phone to play games?

That's what backups are for. Then again, why are you leaving it laying around for this usage case?
[doublepost=1459462634][/doublepost]

So, if this situation with security on a phone was COMPLETELY reversed. If we all knew information on our phones can be found out:

Would you use our phone differently?

Very differently.
I have personal data, customer data, financial data, work data, etc... or access to it via my iPhone (and Note 5).
Without security, I would be treating this like my old RAZR V3 and still be doing an encrypted HDD and paper files in a safe.
The smartphone with security changed the way I do business.

 

[lostngone]

Unless you're planning to join ISIS or commit a serious felony the government isn't going to care about your iPhone.

The FBI doesn't work for the Saudi government so they wouldn't care about the hypothetical blogger.

All fingers point at a possible third party that showed the FBI how to do it. Do you think that this 3rd isn't going to show others? The whole "if you are not doing anything wrong then you have nothing to hide" viewpoint is very flawed.

 

[dk001]

If a CIA officer keeps a list of his contacts on his iPhone; or an Air Force officer is keeping missile launch codes on his Samsung Galaxy - then thats their problem.

I don't mean to sound flippant. But it is the responsibility of those charged with maintaining National Security to do so. Not Apple; not me or you; and not the FBI or other legitimate law enforcement agencies.

We are setting ourselves up for an inevitably unsolvable legal and ethical dilemma if we expect consumer electronic devices, sold over the counter worldwide, to maintain the same level of unbreakable encryption we assign to secrets of the highest national importance.

We expect Apple to provide us with devices and services that are unhackable by criminals. That are inaccessible to casual browsing by rogue law enforcement officers snooping around in the course of a traffic stop. That protect our secrets from jealous spouses or nosy family members.

And that they can do. And will continue to do.

But a device that is seized during the course of a legitimate criminal investigation. That can only be accessed by physically opening the device; and applying a lengthy and costly technical process, under legally authorized supervision? I don't have a problem with that.

I don't want Apple modifying its operating systems to provide anyone with a software backdoor. The risk of such a loophole being exploited is too great for us to accept. But a physical examination of the device is, legally and philosophically, no different to what law enforcement does every day in the course of conducting physical searches of persons and premises; vehicles and commercial and banking records.

Good post. Couple of comments...

Unbreakable encryption. Never have seen that. Don't see how that is possible. It can be difficult. As far as I know, unbreakable has yet to exist even if it is possible.
Unhackable? Even Apple admits they are at most 6 months ahead of hackers and nation-states. However, yes, I do expect iOS, Android, and other encryption endeavors properly set to do it's utmost to protect my data, much of it Secret or Confidential, from criminals of all types. This includes illegal access by LEO and other corporations/businesses.
However, when it comes to access methods, these are challengeable in method and application by each defendant for whom such data gathering was used.
It is a never ending game of "Whack-A-Mole". This is now the FBI's challenge by taking their method into the criminal court element. Personally I feel far too much emphasis is placed on device data.

 

[zioxide]

Not in my opinion. I think Apple was the loser in this fight even. It was a lose-lose situation for them. I knew FBI was going to crack that phone sooner or later. Basically FBI said FU to Apple, we cracked the phones and we made your security look bad.

Not really. No precedent was set and all the FBI did was prove that there's a vulnerability in an older phone. Even if Apple doesn't actually know the flaw exploited by the FBI to get in, it's possible it's already patched/non-existent in the newest phones/iOS due to the redesign of their security architecture to include the secure element.

 

[dk001]

Authorities can enter your home, car, place of work, access your PC, can tap your landlines, tap your cell communications, heck they can even search your bodily orifices, so why is accessing contents of a phone any slipperier?

I don't understand why phones suddenly became the line that should never be crossed when you are being investigated for criminal activity after years of people having to bend over and spread-em at an airports or in jails? I think society needs to adjust their standards and raise the bar a little.

Recommend you go back and look at a timeline of the Apple vs. FBI event. Try this link: http://www.theverge.com/2016/2/17/11036306/apple-fbi-iphone-encryption-backdoor-tim-cook
This will allow you to see not only the timeline but all aspects of the issue(s).

 

[zioxide]

Good post. Couple of comments...

Unbreakable encryption. Never have seen that. Don't see how that is possible. It can be difficult. As far as I know, unbreakable has yet to exist even if it is possible.

Theoretically, you're right, there is no such thing as "unbreakable encryption". But in practice, if you use large enough private keys, you can have something that's unbreakable due to the fact that it would take thousands of years with the most powerful supercomputing clusters on the planet to crack.

Now, that likely all will change when quantum computing takes over, but that's also why many of the world's leading crypto experts are working on new methods of cryptography using things like lattices.

 

[vvswarup]

Not trying to be a downer but I have 0 to hide. Let them eat cake if I become a murderer. Until then they have no reason to, nor would it benefit them in any way to look at my phone. In fact, I'd unlock it right now fr them if they asked.

Despite what some people might have told you, wanting privacy isn't abnormal. Just because you want to keep something private doesn't mean you're doing something wrong. It's just that certain things you do aren't anyone's business but yours. If you want to hand over your information to the government, then be my guest but don't expect others to do the same. Don't try to imply that those who desire privacy are doing something wrong and want to keep it hidden.