Results 1 to 10 of 10

Thread: Apple, iPhones and Encryption

  1. #1
    Administrator Mjölnir's Avatar
    Join Date
    Jan 2000
    Location
    Norfolk, VA
    Posts
    2,964
    Mentioned
    0 Post(s)

    Apple, iPhones and Encryption

    Interesting bit on the All Writs Act and Apple

    Apple has hit back after a US federal magistrate ordered the company to help the FBI unlock the iPhone of one of the San Bernadino shooters, with chief executive Tim Cook describing the demand as “chilling”.

    The court order focuses on Apple’s security feature that slows down anyone trying to use “brute force” to gain access to an iPhone by guessing its passcode. In a letter published on the company’s website, Cook responded saying Apple would oppose the order and calling for public debate.

    “The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand,” he wrote. While Cook took pains to stress that Apple was “shocked and outraged” by the San Bernadino shooting last December – “we have no sympathy for terrorists” – he said company is determined to push back against the court order.

    Cook wrote that opposing the order “is not something we take lightly”.

    “We feel we must speak up in the face of what we see as an overreach by the US government,” he added.

    “Up to this point, we have done everything that is both within our power and within the law to help them. But now the US government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone,” he wrote.

    “Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation.”

    Cook claimed that “in the wrong hands” this software could be used to unlock “any iPhone in someone’s physical possession”, and warned that Apple would not be able to guarantee that the software would only be used by the FBI in this case.

    “The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals,” he wrote.

    “The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe. We can find no precedent for an American company being forced to expose its customers to a greater risk of attack.”

    Cook also claimed that the FBI’s use of the All Writs Act of 1789 to justify its request also could have a knock-on effect.

    “The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data,” he wrote.

    “The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”

    Cook concludes: “We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

    “While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”
    [/
    The most important six inches on the battlefield ... is between your ears.

  2. #2
    Senior Member Rainmaker's Avatar
    Join Date
    Oct 2010
    Location
    on a Marl Road
    Posts
    3,882
    Mentioned
    39 Post(s)
    Quote Originally Posted by Mjölnir View Post
    Interesting bit on the All Writs Act and Apple

    [/
    So, with all that money that the Feds have extorted from the taxpayers and with basically unlimited resources at their disposal, they don't even have the capability to crack a dead rag head's 4 digit Pin? Total BS.

    By the way. Do obscure 18th century laws (like the All writs Act) also apply to the company that ran the Former secretary of state's private email server?

  3. #3
    Senior Member
    Join Date
    Jun 2014
    Posts
    965
    Mentioned
    6 Post(s)
    Quote Originally Posted by Rainmaker View Post
    So, with all that money that the Feds have extorted from the taxpayers and with basically unlimited resources at their disposal, they don't even have the capability to crack a dead rag head's 4 digit Pin? Total BS.

    By the way. Do obscure 18th century laws (like the All writs Act) also apply to the company that ran the Former secretary of state's private email server?
    They can crack the four digit PIN at will, the problem is that they can't use the technology that would crack it without the phone wiping itself. In the Arms race between cipher-makers and code breakers the Cipher-makers are currently far ahead, The NSA can't get the best people because what scientist wants to work without publishing and those that will can make far more money working for companies that don't carry the stigma of working for Government snoops.

    Modern encryption is the realm of high end mathematicians, and the government has no monopoly on them.

  4. #4
    Administrator Mjölnir's Avatar
    Join Date
    Jan 2000
    Location
    Norfolk, VA
    Posts
    2,964
    Mentioned
    0 Post(s)
    Quote Originally Posted by Rainmaker View Post
    So, with all that money that the Feds have extorted from the taxpayers and with basically unlimited resources at their disposal, they don't even have the capability to crack a dead rag head's 4 digit Pin? Total BS.

    By the way. Do obscure 18th century laws (like the All writs Act) also apply to the company that ran the Former secretary of state's private email server?
    Am going to avoid too many specifics on capabilities because it is pretty close to what I do and don't want to blur any work / personal lines etc.

    However, I see privacy issues galore coming out of this. I do admire the principled stand that Apple is taking, at the same time I can't help but note that Apple was not as principled when the Chinese and Russian governments compelled Apple to store all data for users in those countries in servers owned and operated in those countries (outside of Apple control.) I am sure that a large part of it is public relations and the bottom line all-mighty dollar.

    What I find interesting out of the use of the All Writs Act is that a 200+ year old law is being used on this very modern issue. Not that old laws don't apply, but that a more modern amendment or addendum to the law -- legislative solution vice judicial branch interpretation of the Act may be more appropriate.
    The most important six inches on the battlefield ... is between your ears.

  5. #5
    Senior Member Rainmaker's Avatar
    Join Date
    Oct 2010
    Location
    on a Marl Road
    Posts
    3,882
    Mentioned
    39 Post(s)
    Quote Originally Posted by MikeKerriii View Post
    The NSA can't get the best people because what scientist wants to work without publishing and those that will can make far more money working for companies that don't carry the stigma of working for Government snoops.

    Modern encryption is the realm of high end mathematicians, and the government has no monopoly on them.
    hook, line, and sinker....
    Let Rainmaker spell it out for you Mike. S.M.O.K.E.__S.C.R.E.E.N...... They already have the data off the phone.
    And they already have the back door too. What they want is to set the precedent to compel companies to do what they want, whenever they want., so they can have it LEGALLY.
    Of course this already exists for times of actual National Emergencies.

    See they do have a monopoly Mikey..... Because, we have a busted economy, all of the investment in production is coming from the government. Nobody else will take any risk because there's risk free money to be made in the rigged markets.

    So, They don't need (or even want) them on the payroll. All They have to do is set up shell companies and provide seed money (stolen from the taxpayers). They get the working prototype and the data rights and the Public gets fleeced for an IPhone (made by an 8 year old girl chained to a table in a sweat shop in China) with a 200% markup, to have the privilege of Siri broadcasting your location and your private thoughts from the deep recesses of your twisted little mind back to people like Commander Mjoner (who are keeping you safe from the non-existent ISIS terrorist that's hiding under your bed).

    It's either that or maybe they really can't guess a PIN (I wonder if they tried 1234 yet?)

  6. #6
    Senior Member Rainmaker's Avatar
    Join Date
    Oct 2010
    Location
    on a Marl Road
    Posts
    3,882
    Mentioned
    39 Post(s)
    Quote Originally Posted by Mjölnir View Post

    I do admire the principled stand that Apple is taking, at the same time I can't help but note that Apple was not as principled when the Chinese and Russian governments compelled Apple to store all data for users in those countries in servers owned and operated in those countries (outside of Apple control.)
    As a general rule of thumb it's never a good idea to trust any company that sold their first product for $666 and uses a luciferian symbol as their corporate logo.

    Tim Cook should be arrested and charged with the subjective crime of "conspiracy to impede officers conducting a Federal Investigation.
    If he protests whatsoever, he should be shot Bundy ranch style on the spot.

  7. #7
    Administrator Mjölnir's Avatar
    Join Date
    Jan 2000
    Location
    Norfolk, VA
    Posts
    2,964
    Mentioned
    0 Post(s)
    Quote Originally Posted by Rainmaker View Post
    It's either that or maybe they really can't guess a PIN (I wonder if they tried 1234 yet?)
    Now I gotta go change my PIN.
    The most important six inches on the battlefield ... is between your ears.

  8. #8
    Senior Member
    Join Date
    Feb 2012
    Location
    Dayon, Ohio
    Posts
    1,244
    Mentioned
    2 Post(s)
    Quote Originally Posted by MikeKerriii View Post
    They can crack the four digit PIN at will, the problem is that they can't use the technology that would crack it without the phone wiping itself. In the Arms race between cipher-makers and code breakers the Cipher-makers are currently far ahead, The NSA can't get the best people because what scientist wants to work without publishing and those that will can make far more money working for companies that don't carry the stigma of working for Government snoops.

    Modern encryption is the realm of high end mathematicians, and the government has no monopoly on them.
    Mike, I'd do a little more reading on this. Or, if you have an iPhone click on Settings>Touch ID & Passcode and look at the options. At the very bottom you will notice a slider that says "Erase Data" (underneath it says Erase all data on this iPhone after 10 failed attempts)

    With an iPhone if you try five straight unsuccessful passcodes it will lock you out for 5 minutes. Each try after that locks you out an additional 5 minutes. So the 5th attempt is 10 minutes, the seventh attempt is 15 minutes, etc.

    If you have the option turned on the iPhone will erase itself after 10 tries. We don't know whether the terrorist had this option turned on or not. Most people don't turn it on. The FBI doesn't want to take that risk.

    With that said, I kind of agree with rainmaker here. Most likely the FBI already has the data. The iPhone uses a four digit pin. Gee, I wonder what the pin is. Most likely the terrorists ATM Pin. Wow that was easy!

    What the FBI is asking apple to do in this case is develop a new version of IOS that does not lock you out after 5 attempts and also does not have the auto-erase feature. At that point, they'll just use a computer to try every single pin (there are only 9999) and unlock the phone.

    Most likely, if they've tried the suspects ATM pin number they already have the data.

    Also, I'd like to point out this isn't the suspects personal phone. This is actually a phone issued by his employer the San Bernadino County Health Dept. The irony here is incredible. The government is asking Apple to help them break into a phone owned by the local government.

    If you get bored, check out Edward Snowden's twitter account @snowden He has some interesting thoughts on the subject. Like this nugget, the FBI also wants Apple's help in 12 other cases yet they are claiming "it will just be used this one time"

    https://twitter.com/trevortimm/statu...86240380297216

    or this tweet https://twitter.com/Snowden/status/700823383961792512

    P.S. For those that didn't click on the second link. The suspect destroyed his personal phone. The one they are trying to get into is his work-issued phone. What could possibly be in it? Are we supposed to believe he was using his work phone to plan out a terror attack? A phone issued by the government that is subject to consent to monitoring.
    Last edited by SomeRandomGuy; 02-25-2016 at 03:51 PM.

  9. #9
    Senior Member
    Join Date
    Jun 2014
    Posts
    965
    Mentioned
    6 Post(s)
    Quote Originally Posted by Rainmaker View Post
    hook, line, and sinker....
    Let Rainmaker spell it out for you Mike. S.M.O.K.E.__S.C.R.E.E.N...... They already have the data off the phone.
    And they already have the back door too. What they want is to set the precedent to compel companies to do what they want, whenever they want., so they can have it LEGALLY.
    Of course this already exists for times of actual National Emergencies.

    See they do have a monopoly Mikey..... Because, we have a busted economy, all of the investment in production is coming from the government. Nobody else will take any risk because there's risk free money to be made in the rigged markets.

    So, They don't need (or even want) them on the payroll. All They have to do is set up shell companies and provide seed money (stolen from the taxpayers). They get the working prototype and the data rights and the Public gets fleeced for an IPhone (made by an 8 year old girl chained to a table in a sweat shop in China) with a 200% markup, to have the privilege of Siri broadcasting your location and your private thoughts from the deep recesses of your twisted little mind back to people like Commander Mjoner (who are keeping you safe from the non-existent ISIS terrorist that's hiding under your bed).

    It's either that or maybe they really can't guess a PIN (I wonder if they tried 1234 yet?)
    It appears when you have absolutely no knowledge a subject yous substitute tin-foil hat BS. Do you a have any knowledge of Cryptography or secure communicants beyond perhaps the ability to insert the key on a STU the right way most of the time? S spent decades working with that stuff and I try to keep up at least with the civilian software, and the issues involved even today. Not all issues can per interpreted by the tin-foil you so proudly flaunt

    The so called shell companies are pretty mainstream corporate and universities all over the world, this is a place where the US is not dominant, It has not been dominant since the early PGP days when NSA decided to limit studies in the US and try to jail academicians who defied it. The main work is being done overseas now and much of it far beyond the reach of the NSA and a large part of it is open source limiting the NSAs or any other group of thugs to tamper with the code, Having the software be open source doesn't hurt since knowing how the encryption works with one way algorithms doesn't help you break the cipher.

  10. #10
    Senior Member UH1FE's Avatar
    Join Date
    Feb 2011
    Location
    DC
    Posts
    109
    Mentioned
    0 Post(s)
    This along with how the guys at Laughlin were treated caused me to turn off my thumbprint unlock and turn on the 10 attempted erase feature.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •