Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

gadgetguy03

macrumors regular
Nov 1, 2012
223
143
Who would have thought the much-maligned iPhone 5c would be one of the most secure phones on the market....
 

Designer Dale

macrumors 68040
Mar 25, 2009
3,950
100
Folding space
For some reason I can't get this junk PC I'm stuck with to copy the link to this, so here is the headline and byline.It's the full text of the story posted elsewhere.

Apple Tells Employees Why it Won't Help Hack Shooters Phone
By Tami Abdollah and Eric Tucker
Associated Press


Way down it reads:

"The case would not have existed if the county government that owned the iPhone had installed a feature on it that would have allowed the FBI to easily and immediately unlock the phone. San Bernardino County had bought the technology, known as mobile device management from MobileIron Inc., but never installed it on any of the inspectors' phones, including Farook's, said county spokesman David Wert said.

There is no countywide policy on the matter and departments make their own decisions, he said.

The service costs $4 per month per phone."

EDIT: See posts 104 and 108 for the conspiracy theory version.

Dale
 
Last edited:

rdowns

macrumors Penryn
Jul 11, 2003
27,397
12,520
For some reason I can't get this junk PC I'm stuck with to copy the link to this, so here is the headline and byline.It's the full text of the story posted elsewhere.

Apple Tells Employees Why it Won't Help Hack Shooters Phone
By Tami Abdollah and Eric Tucker
Associated Press


Way down it reads:

"The case would not have existed if the county government that owned the iPhone had installed a feature on it that would have allowed the FBI to easily and immediately unlock the phone. San Bernardino County had bought the technology, known as mobile device management from MobileIron Inc., but never installed it on any of the inspectors' phones, including Farook's, said county spokesman David Wert said.

There is no countywide policy on the matter and departments make their own decisions, he said.

The service costs $4 per month per phone."

Dale


Here's the link.

http://abcnews.go.com/Technology/wireStory/basic-software-held-key-shooters-iphone-unused-37106947
 

TouchMint.com

macrumors 68000
May 25, 2012
1,625
318
Phoenix
I really want to assume there are people working in the fbi that release how bad of an idea it is for Apple to build a back door and it's just a few old guys at the top that are clueless about tech demanding this.
 

Designer Dale

macrumors 68040
Mar 25, 2009
3,950
100
Folding space

Correct authors, wrong story.

Interesting. The whole story, the one containing the quote in my first post (103) came in on my Yahoo Finance feed early this morning on my iPhone. The link you posted is to a different story. I went back to my iPhone and emailed the story link to myself to post here, but got the same link you posted. Someone seems to be messing with the free distribution on information here. But that's what we are actually discussing, isn't it?

Dale
 

rdowns

macrumors Penryn
Jul 11, 2003
27,397
12,520
Correct authors, wrong story.

Interesting. The whole story, the one containing the quote in my first post (103) came in on my Yahoo Finance feed early this morning on my iPhone. The link you posted is to a different story. I went back to my iPhone and emailed the story link to myself to post here, but got the same link you posted. Someone seems to be messing with the free distribution on information here. But that's what we are actually discussing, isn't it?

Dale


Wow, that's weird. I Googled the article title and authors and was presented the story you referred to. Now the link is incorrect.
 

randian

macrumors 6502a
Jan 15, 2014
777
352
What the FBI forgets to mention is that it can't install this "special" version of iOS unless it has Apple's signing key, and if it has that it can install a hacked os on any phone anywhere in the world.
 

Designer Dale

macrumors 68040
Mar 25, 2009
3,950
100
Folding space
Wow, that's weird. I Googled the article title and authors and was presented the story you referred to. Now the link is incorrect.

Same here. The original article is intact on my iPhone. I'm going to activate it's encryption feature.

Think about this in the general context of this debate. I was delivered an article from a trusted source that contained information, including names, that cast disparaging light on the parties not named Apple. The copy function for this link is somehow disabled from several sources and later given copy authority but linked to an article about the victims and families supporting the Government case.

Dale
 
Last edited:

webbuzz

macrumors 68020
Jul 24, 2010
2,351
7,525
Correct authors, wrong story.

Interesting. The whole story, the one containing the quote in my first post (103) came in on my Yahoo Finance feed early this morning on my iPhone. The link you posted is to a different story. I went back to my iPhone and emailed the story link to myself to post here, but got the same link you posted. Someone seems to be messing with the free distribution on information here. But that's what we are actually discussing, isn't it?

Dale
Wow, that's weird. I Googled the article title and authors and was presented the story you referred to. Now the link is incorrect.
Reuters
San Bernardino County, which employed Farook as an environmental health inspector, requires some, but not all, of its workers to install mobile-device management software made by Silicon Valley-based MobileIron Inc MOBL.O on government-issued phones, according to county spokesman David Wert.

That software is designed to secure corporate data. It also allows information technology departments to remotely unlock phones, even without assistance of the phone's users or access to the password needed to open the phone and unscramble the data.

"If that particular iPhone was using MobileIron, the county's IT department could unlock it," MobileIron Vice President Ojas Rege told Reuters.
 

jettredmont

macrumors 68030
Jul 25, 2002
2,731
328
Who would have thought the much-maligned iPhone 5c would be one of the most secure phones on the market....

It isn't, really, unless you are including Android and other non-security-minded phones. The 5S and greater have a Secure Enclave. Doing this same hack with one of those phones would require creating and flashing a new secure enclave firmware as well as the new iPhone firmware. But, as Apple has said, that's not much further at all conceptually from what the FBI is requesting here.
[doublepost=1456167187][/doublepost]
I really want to assume there are people working in the fbi that release how bad of an idea it is for Apple to build a back door and it's just a few old guys at the top that are clueless about tech demanding this.

Yes, there are. Likely not saying much for fear of killing any future in the Department, but outside Comey's purview people within the NSA have come out against the "encryption back doors" proposals from Comey. In other words, not everyone who works in the government is single-mindedly focused on trampling rights in favor of investigative tools.
 

techwhiz

macrumors 65816
Feb 22, 2010
1,297
1,804
Northern Ca.
The reason Apple can't break this encryption is because of the fail safe measures put in place by themselves in their own products, using an architecture that they designed for themselves (however similar to others). This has nothing to do with Open Source - and AES encryption was not an Open Source endeavor. And of all security through obscurity, Open Source would be the best candidate for that. We saw what happened with OpenSSL and Heartbleed almost 2 years ago, for instance.

No, actually they use SHA256 with has no known collisions, so no known compromises.
They CAN'T break the encryption.
The only hope the FBI has is to break down the front door.
The back door for SHA256 does not exist. The only option is to brute force a key.
The FBI wants Apple to develop that front door basher for lack of a better term.
The encryption won't be broken they want Apple to get a key.
 

Shirasaki

macrumors P6
May 16, 2015
15,502
10,728
So the FBI have backups to October 19th yet want Apple to code a completely new version of iOS for a few days worth of data. If they understand the implications of their own request, then they are insane, if they don't then they are incompetent.
Either shows their own weaknesses or ignorant, I think.
 

satcomer

Suspended
Feb 19, 2008
9,115
1,973
The Finger Lakes Region
So is Apple sitting hard on the key, or is there simply no key? The former would indicate Apple is, as accused, using this as an opportunity to generate warm fuzzies from its customers. The latter would be more palatable, to me anyway.

As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys. But if they won't decrypt this phone because they genuinely can't, wouldn't that be a better argument to the Feds?

If you understood the first Apple Letter that the FBI was using this to make Apple to make software programs to give them a back Door and Apple doesn't even have the iPhone, besides the passcode is encrypted by the processor!:confused:
 

Mcmeowmers

macrumors 6502
Jun 1, 2015
427
267
You clearly don't understand how encryption works.

Lets make it very simple, they "key" is 256 bits long, that means there is over 1.15 x10^77 possible combinations, each one of those bit is either a 0 or a 1. Now guess what the combination is.

Now consider a lottery where they have 40 balls and you have to select 6 of them, there is a 1 chance in 3.8 Million

The lottery easy, VERY easy in comparison, so how many times have you won a major prize ?

So decrypting it is NOT an option.


Such a nice reply. It appears you have a hair trigger and came to this thread to blast people with your superior knowledge of all that is common. I really don't see how my statement warranted such a response.

There is nothing clear about "they know how the internals work" to suggest I "clearly don't understand how encryption works."

In fact, there is a damn good chance that you don't know how security and encryption work if you think the only way into that phone is through its "key."


How does the FBI get into physical safes? They go to the same maker. (And I'll shut down your next point - the physical safe has flaws and that the security enclave doesn't. The safe maker is still better suited than someone else)
 

palmerc

macrumors 6502
Feb 26, 2008
350
225
So is Apple sitting hard on the key, or is there simply no key? The former would indicate Apple is, as accused, using this as an opportunity to generate warm fuzzies from its customers. The latter would be more palatable, to me anyway.

As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys. But if they won't decrypt this phone because they genuinely can't, wouldn't that be a better argument to the Feds?

They cannot brute force or bypass the encryption because it is tied to the phone's internal key and the users PIN. They could, because this is a 5C without secure enclave, change the OS and install it via DFU mode to allow unlimited password attempts without enforcing auto-erase or delays. With secure enclave the delay is enforced by the secure enclave. The question then becomes can the secure enclave be reprogrammed without the PIN being entered? Certainly it is designed to never allow the keys be seen, but if the delay component can be disabled is an unanswered question. If it is, Apple will certainly be burning that into the silicon next time around.

The security built into the phone is outlined in detail here:
https://www.apple.com/business/docs/iOS_Security_Guide.pdf
 

sir1963nz

macrumors 6502a
Feb 9, 2012
735
1,215
Such a nice reply. It appears you have a hair trigger and came to this thread to blast people with your superior knowledge of all that is common. I really don't see how my statement warranted such a response.

There is nothing clear about "they know how the internals work" to suggest I "clearly don't understand how encryption works."

In fact, there is a damn good chance that you don't know how security and encryption work if you think the only way into that phone is through its "key."


How does the FBI get into physical safes? They go to the same maker. (And I'll shut down your next point - the physical safe has flaws and that the security enclave doesn't. The safe maker is still better suited than someone else)

Here is how AES encryption works
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard.

Its math, that math does not change depending on who uses it. If you understand the Math, you understand the encryption.
The FBI fully understands the encryption and how it works. Understanding how it works does NOT however give a short cut to decrypting it. You MUST have the key, Apple does not have the key, Apple can not get access to the key, they are in the same place as the FBI as far as just decrypting the data. The encrypted data can be downloaded from the phone, however with 256 bit encryption there are over 1.5 x 10^77 possibilities, if they could do 1000 guesses per second and there are 3.154 x 10^7 seconds in a year that would mean it could take 1.5x10^67 years to decrypt the data.

Apple however has the ability to rewrite the firmware to
a. Remove the 10 wrong tries and the phone gets erased
b. Allow the "guess" for the phone pin to be entered electronically rather than by hand
c. Remove the forced delay between guesses
d. Sign the firmware electronically so that it will be accepted by the phone
e. Push that firmware onto the phone

That will then allow the phone to decrypt the data and give the FBI access.
 
  • Like
Reactions: Mcmeowmers

Mystic386

macrumors regular
Nov 18, 2011
162
40
I can accept the phone being given to Apple and Apple using it's best endeavours to access the phone at the FBI's cost even if that means Apple creating new software and installing it on the phone. Even if it means the FBI has to pay huge $$$ to access the data, and it fails. I cannot accept the FBI being given something of the nature they are requesting.
[doublepost=1456223053][/doublepost]If Trump becomes President will there be a law making all phones open to government analysis via online connection in any circumstance they deem this would be of importance to National US Security?
 

Krandor

macrumors 6502
Jul 15, 2010
478
80
What kills me is the fact that if Apple chose to rewrite iOS, this device in question would need to be updated or restored, therefore possibly destroying evidence. After all, they can't back up and restore the device because the password is different now. FBI just might be screwed in this case.

Per the court order the new iOS must run in ram and not modify the iOS on the phone.
 

sir1963nz

macrumors 6502a
Feb 9, 2012
735
1,215
Per the court order the new iOS must run in ram and not modify the iOS on the phone.

So its not only a case of writing a new OS, its actually creating a tool to allow the FBI etc to hack any phone they like, because the Application in RAM must deliberately disable/bypass the phone security. a Whole new OS would simply not invoke the security.

This is even MORE dangerous.
 

PinkyMacGodess

Suspended
Mar 7, 2007
10,271
6,226
Midwest America.
Everyone talks of striking or walking out or putting up resistance. Is Cook going to be paralleled to Mandala, Ghandi, King, or others, with any issues that might tarnish the "good guy" visage being swept under the rug, but it's nice to see him win people over with the dog and pony show he's putting on.

Maybe he'll finally get around to fixing the child labor, worker suicides, other human rights abuses, and the latest chapter: http://fortune.com/2016/01/19/apple-child-labor/ (if those companies are linked, then so are the customers? Why or why not? Can everyone simply "vote with their wallets" or is reality a little less simple than what we delude ourselves with via quotes such as that one? ;) )

Snowden?

All Chinese corporations and factories have an issue with horrendous labor conditions. It least Apple, so far, has given more than a fraction of a poop about it.

Walmart really just couldn't give less of a poop about how many children, or whatever make their garbage. They want it CHEAP, and they want it YESTERDAY. That don't care what it's made from, who made it, or how many people or animals died making it. Such issues aren't their concern because of PROFIT.

And they literally buy politicians like they were sports stars. Go to Opensecrets.org and search for the Walton name. Wave after wave of 'contributions'. They should just call it what they are: Rent to buy fees...
[doublepost=1456350882][/doublepost]The FBI wants:

  1. iOS can be set to erase its keys after 10 incorrect passcode guesses. The FBI wants software with this feature disabled.
  2. iOS imposes increasingly long delays after consecutive incorrect passcode guesses to slow down guessing (this is commonly called rate limiting). The FBI wants software that accepts an arbitrary number of guesses with no delays.
  3. iOS requires individual passcodes be typed in by hand. The FBI wants a means to electronically enter passcodes, allowing it to automatically try every possible code quickly.

Making the iPhone just like Android? With a screen door with a 'WELCOME' mat?
 
  • Like
Reactions: satcomer
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.