The CIA already thinks it has a way to get encrypted info from the brain; water boarding.
Apple does not agree. And why even take the risk? Itâs not as if theyâre looking for the location of a ticking nuclear weapon: theyâve admitted they donât expect to get much if anything.
Youâre right, through true brute force (knowing nothing about a key beforehand) it would take something like 10 to the power of 77 tries to figure it out, which is crazy. That said, the AES key on an iPhone is embedded in the hardware and set at the time of manufacture, so I assumed (probably erroneously!) that the feds would have a better handle on where to start. The idiosyncrasies of the particular AES crypto engine used on the phone are certainly well understood, and I guessed (again, probably incorrectly!) that the outlines of the key would be as well.
Anyway, I agree about the relative ease with which Apple could comply (through the front door, in other words) â a few hours if they only need to change the number of permitted retries, though I suspect the functionality is fairly deeply embedded. Maybe a few days even in that case. I donât think theyâve ever argued that they couldnât, just that they shouldnât â that once theyâve done this, orders to do so again and again will pour in for all sorts of flimsy and contrived reasons. Several years ago I would not have agreed with them, but after Snowdenâs revelations Iâd argue itâs not too far-fetched, Appleâs apocalyptic language aside. As a multi-national theyâre also surely concerned about the effect this would have in other countries, e.g. China, where creeping overreach would certainly be the case. Apple enjoys certain limited protections by virtue of being a US company, but once itâs demonstrated that the mechanism exists, they canât refuse similar requests from Chinese authorities and continue to do business there. Thus Appleâs stand is a combination of principles and cold economics (though their language would have us only believe the former)
2 Likes
Thatâs close⌠modern iPhones have two different features that sometimes get mixed up in these discussions.
- Device protection â the part where entering the wrong security code 10 times or more could wipe the device, depending on the settings the guy used. The security code is only four digits long, so without this they could just access it in ten minutes by trying different numbers.
- Device encryption. The part that makes it (much, much) harder to read the device by just accessing the file system directly, because the files and the CPU are separated by a dedicated 256-bit encryption module. Trying these codes in sequence would not wipe the machine, but would be extraordinarily difficult (on the order of a billion+ years, as @wickning1 pointed out) Through ordinary means this would actually be well-nigh impossible, but I assumed (probably totally incorrectly) that the NSA would have a head-start on this
Anyway, itâs the first one that the FBI is asking for a workaround on. Thatâs what Iâm finding to be something of a revelation, because itâs demonstrating they donât have a good way of accomplishing the second. Probably it shouldnât have been a revelation to me, but all those billions of dollars spent on data centers does lead one to believe the NSA is magically good at decryptionâŚ
1 Like
The telling statement is in the article:
[Apple says] extracting information from an iPhone âcould threaten the trust between Apple and its customers and substantially tarnish the Apple brand.â
This is in the end about protecting the brand, and that is no small thing. Especially since we are talking about a Software Update. We are inclined to trust that Updates we receive (and automatically install) from these companies wonât do bad things.
That said, it is hard to believe that the Apple brand would suffer greatly if it cooperated with the govt in this case. MaybeâŚ
3 Likes
At the top of Apple, a discussion about the cost/benefit is going on and theyâve obviously concluded itâs too big a risk. I think itâs interesting that all the focus is on Apple standing up to the Feds, when theyâve been cracking phones for the government for years. Again, it appears their thinking on the whole balance of dollars has shifted.
While I enjoy several Apple products, theyâre a multi-national corporation. Like the article a few years ago about them having the San Mateo Sheriff forcibly break into a manâs apartment, hogtie the guy, and drag him off to jail all to retrieve a prototype iPhone the guy had innocently found.
1 Like
Well aware. I love my Apple products but I donât put any stock in what they are saying regarding what I see as a PR move by them.
Because as I said, and I thought pretty clearly, I support the 4th amendment and when LE has probable cause and a valid warrant, compliance is required.
1 Like
Trying to convince yourself you arenât a coward again?
Well, it is much much easier for the NSA to âbreakâ encryption (or more commonly, work around encryption) when a device is in active use. The NSAâs primary mechanism for getting at âhiddenâ data is using zero-day security flaws in software, which they actively search for on their own as well as purchase on the black market. Algorithms are broken as well, but not nearly so often as flaws are found in other layers. For instance, you wouldnât likely succeed at breaking the encryption on the phone, but you might try to exploit a zero-day in the OS allowing you to install an app which pulls in-memory data out and sends it up to an NSA server.
For an iPhone âat restâ, though, the potential attack vectors are very small. Do we have any zero-day exploits on the Apple firmware which could be used here? Do we have any unknown severe flaws in the 256-bit AES encryption being used here (again, flaws which can be exploited âat restâ rather than by having data encrypted and sniffing encrypt/decrypt artifacts)? It appears either that the answer is ânoâ, or that the NSA is holding these particular cards very close to their metaphorical chest.
Ever since Snowden this has been a marketing push for Apple. Their business model does not depend on them knowing intimate details about you. Their technologies try to put processing on the device rather than in the cloud. As a result, they can engineer things (messages, etc) such that even they can not decrypt it (you can bet that they are working on doing the same with iCloud backups now too, although I donât know anyone who actually uses that because the free space afforded for the backup is so much less than even a single device would consume). That is a huge marketing statement over many competitors (Google and Microsoft, primarily), and yes this absolutely highlights it.
People - and Iâm not meaning to impugn you with this - tend to say this is âall about marketingâ. Just because it is great marketing neither means that that is the only reason Apple is doing it (there are multitudes of reasons why Apple does not want to be or to be seen as the FBIâs iPhone crack development team that have nothing to do with making you or I feel more secure in our privacy), nor that the only good coming out of this for us is meaningless marketing (this is a very real threat to the very idea of privacy in a technological age where many devices hold more detailed and varied data bout how we have lived our lives than in any other time in history).
3 Likes
One need only look at any blog on the web to realize that anonymity does not bring out the best in people, and with unbreakable encryption weâre talking about absolute anonymity from law enforcement. This will tilt the balance of power to the criminals, psychopaths, and terrorists.
If you donât trust law enforcement with enough access to exercise a lawfully issued warrant, then by default you are trusting every miscreant in the world to not hurt anybody.
If the encryption enthusiasts donât develop a solution that allows a search warrant to be honored, eventually there will be a horrendous crime that will put enormous pressure on lawmakers to just outlaw any encryption they cannot break.
In the mean time, there is no difference between not providing the key upon a lawful request and premeditated, willful, deliberate destruction of evidence which generally indicates guilt.
Well, that is to brute force a particular AES-encrypted instance. That wouldnât âbreakâ AES encryption, though.
That said, I wouldnât be quite so absolute. MD5, SHA, DES, etc, have all been found to have cryptanalytic flaws which allowed significantly lower-cost-than-brute-forcing decryption (which is actually âbreakingâ the encryption) rather than just per-instance brute forcing (DES was also brute forced in 56 hours using a distributed computing system in 1998 ⌠apparently now with a known plaintext and encrypted text pair you can get the DES key out in less than 24 hours).
It is possible that AES has similar cryptanalytic flaws, and if it does it is also at least remotely likely that the NSA knows them. Also, as CanadaChris points out, the specific implementation of AES Apple used might have its own implementation flaw, which would be another way for the NSA to get around the iPhone encryption.
On the other hand, (1) the password vector is likely still a much easier attack vector even if the implementation of AES has been cracked because âbreakingâ AES most likely means you can decrypt something in years or decades rather than multiple times the expected lifetime of the universe, and (2) such a capability is not something you want anyone else in the world to know you have, so it would be very likely in a really low-value case like this one that the NSA would sit on its hands.
1 Like
First, no you are not at all talking about absolute anonymity. Your person is still quite un-anonymous, just as it has been (in fact less than it ever has been) for the past several centuries. Things you do in public are just as public. Things you physically hide are just as easy or hard to uncover as always. Even digitally you are leaving a multitude of public traces of where you have gone and what you have done which an investigator even fifty years ago would have killed to gain access to. The FBI and police have a huge arsenal of investigative tools which do not rely on breaking encryption, and that arsenal is larger and more powerful than it ever has been in the history of mankind.
Second, criminals and terrorists already have unbreakable encryption far more powerful than a 6-digit iPhone passcode.
How much data did the FBI get off the two completely destroyed personal phones from the San Bernadino terrorists, for example?
It is very very astonishingly easy to destroy data, if you are willing to live with a little inconvenience. For instance, using a current iPhone set your password to a long alphanumeric password and turn cloud backups off; if you want that phone to not be compromised, turn it off (especially if you have TouchID enabled), smash it open, smash the individual chips, and burn them in a high-temperature fire. Doing things in that order, if you are interrupted before completed you are still quite likely to have an uncompromisable phone. Individual hood rats donât know this necessarily, but crime syndicates and terrorist organizations know it damned well.
Good opsec is millions of times more secure than what the âaverage joeâ is willing to put up with. Why disarm the âaverage joeâ for a feel-good measure that wonât at all affect those with good opsec?
Huh? Bullshit. I am completely for the FBI exercising lawful warrants. I do trust my government with my data far more than I trust a multinational company for instance. The question here is not âshould a warrant be followedâ, but rather, âIs this warrant legal?â And that question is being arbitrated in the exact proper place - the US court system.
More importantly, though, this case is not about trusting the FBI and US Government. It is about trusting every government in the world where Apple does business with my phoneâs data - and more importantly with the data on the phones of their internal dissidents and agents of change who are fighting with their very lives to make the world a better place. I can think of quite a few of those countries Iâd rather not trust, thank you, and I donât think that means that I trust miscreants to not hurt anyone ever.
I am sorry, but such a law would never work. You might as well make a law outlawing calculus. Yeah, you can outlaw the use of calculus (or encryption) in the US, but the rest of the world is not going to follow our lead there. Then, suddenly, all US businesses and individuals are ripe targets for attacks while the rest of the world sits behind encrypted data systems. Technological progress is not something which can be controlled by laws. Historical attempts to do so have always not only failed but severely backfired.
Now, will lawmakers do something stupid? Historically, it is as close to a sure bet as you can get. But donât preemptively lobotomize the country. Fight against the stupid thing when it proposed, with reason and logic. Sometimes that does work. And when it doesnât work, it helps ensure the stupidity is reversed when the things you predict are going to happen start happening.
Sigh. More false equivalence. First this is not about Apple providing any kind of key; they have no key to provide; the FBI wants Apple to write new firmware for this phone and for the other 170+ phones they already have lined up to break into, to bypass password entry controls. Second, are you saying that because Apple is not conscripting itself as the FBIâs new iPhone fbiOS Development Team that Apple is guilty of planning the San Bernadino attacks in some way? You have to understand how ludicrous you sound, right? Finally, if we were talking about an individual the right to not self-incriminate is well established in the Constitution, and being forced to hand over passwords or encryption keys which protect data you have is generally (not 100%) accepted to be a violation of oneâs fifth amendment rights. If I were in that situation, guilty or not, I would not hand over the password for my computer nor any other encryption key, and I would absolutely not see it as deliberate destruction of evidence.
5 Likes
They havenât been âcrackingâ. Apple can provide unencrypted data that they have in hand â phone backups â and has the ability to âextractâ data without unlocking them, on older phones/OSes.
The latter is already impossible on current models, and theyâre working toward preventing the former. That will make it impossible for them to help people that legitimately lose access to their data. But it will also get them out of the business of fulfilling these requests.
Then the question will be whether Congress makes that illegal, and mandates a backdoor.
What theyâre being asked to do now in the San Bernardino case is not âcrackingâ either, not quite âbypassingâ, and the âdoorâ metaphors are confusing; but it is certainly weakening the security so that it is somewhere between âenablingâ and âfacilitatingâ non-standard access.
the article a few years ago about them having the San Mateo Sheriff forcibly break into a manâs apartment, hogtie the guy, and drag him off to jail all to retrieve a prototype iPhone the guy had innocently found
California law requires that people turn over âfoundâ property. It is not âfinders, keepersâ, at least not immediately.
Also, it seems like you have conflated two separate incidents, and no one was hogtied nor jailed.
2 Likes
Yes, as well as every other phone that any law enforcement agency wants unlocked. Or are we supposed to be pretend weâre morons and that it wonât ever be used again? As you say, a warrant is a warrant and once Apple creates this software, it will most definitely be used every time a cop gets a warrant. And weâre supposed to assume that China and other oppressive regimes wonât demand this software for themselves. And of course, youâre pretending that hackers will never get their hands on this software. Why? If they can hack the IRS, FBI, and other government agencies, how can they make sure this stays safe?
The truth is: The government wants Apple to create dangerous software based on the premise that we live in Fantasyland and nothing bad will happen with it. And in reality, terrorists arenât going to rely on Appleâs privacy policy anyway. Instead, theyâre going to keep using their back channels to communicate, because they already know that Apple will provide iCloud backups with warrants and wonât assume that their phones are safe. So weâre risking the security of our phones in return for a false sense of security. Thanks, but no thanks. Iâll take Apple over you and your naivete.
4 Likes
I am glad you have such faith in the equinamity of the Chinese police and Iranian security.
And just to be clear, this is not a valid warrant (er, court order) yet. It is being challenged in court by the established process (Apple is not at all violating a court order like certain GOP candidates have asserted). There is no evidence to support the assertion that, if the appeal is denied and a stay pending further appeal to SCOTUS is denied, Apple would refuse to comply.
No, it is quite well supported by case law. If the tool developed is material in producing evidence which is used in a court of law the defense has a legal right to examine that code. Going with the main example that the FBI is using of prior caselaw, pen registers and wire taps are absolutely open for inspection by the defense attorneys. That is not a slippery slope at all; it is a prima facie fact of the demanded work.
The government applying for its use again and again was a slippery-slope argument, until the government reversed its assertion and specifically said that it would very much like to use this code again with a backlog of 170 phones.
The need to do the same for other countries was also a bit of a slippery-slope argument at the start, but we have since found that the only reason this has not been asked of by China in particular has been the lack of precedent (which the FBI is asking Apple to set).
Now, saying that this crack would mean that Apple would also be forced to crack the Secure Enclave firmware so the same approach could be applied to iPhone 5s+ devices could be a âslippery slopeâ argument, but Iâd be very comfortable with it. On the other hand saying that Apple being forced to comply with this would mean that they (or some other software vendor) would be forced to ship a software update to upload on-device data is definitely a âslippery slopeâ argument, and a bit far out there, but real enough that it does need answering.
That is a lot to give up for the possibility that maybe there might be something relevant on this guyâs work phone when he had the operational security and understanding to completely destroy both personal phones and his computer system. The other 170+ phones the FBI wants to unlock next? Clearly their data is even less compelling, since they arenât presenting the reasoning on those at all.
Again, if the court says that Apple must do this, I fully expect Apple to do so. I also fully expect Apple to make it so they canât even do this on the iPhone 7, but that is neither here nor there. More likely, Apple will not be forced to comply with the initial court order (it will be vacated), then the matter will go to Congress to do something about if they feel they must. There, if Congress wants to run the most successful business in the history of the world out of the country, it will be their prerogative; I suspect cooler heads will prevail.
From a national security perspective this is a very very bad fight to be picking. We have the absolute best security experts, the best resources for cracking encryption, in the entire world. We do not want to kill encryption around the world. From a national security standpoint we have a lot more to lose as a country from weak encryption than we could possibly hope to gain from terrorist cell phones when every terrorist worth his salt knows how to actually destroy a phone.
6 Likes
Yet. We think.
I wonât reiterate the points on cryptanalytic flaws that CanadaChris and Tom Dibble have already covered.
But while the present day technology that we know of canât decrypt AES by brute force in any sort of reasonable time frame - barring the aforementioned cryptanalytic flaws - a quantum computer could significantly cut the time required to do brute force decryption (depending on the encryption algorithm). We also know that the GCHQ invented/discovered public key encryption, and passed it on to the NSA about 5-6 years before Diffie & Hellman made it publicly available.
So I would not be surprised if the NSA already has some rudimentary quantum computing capabilities. Theyâre certainly <a href=https://www.washingtonpost.com/world/national-security/nsa-seeks-to-build-quantum-computer-that-could-crack-most-types-of-encryption/2014/01/02/8fff297e-7195-11e3-8def-a33011492df2_story.html">working on it.
Yeah, FBI hasnât requested the software. And once Apple creates it, you know that the FBI wonât ask for it the next day becauseâŚ? Thatâs right, there is absolutely no guarantee they wonât and every reason to think they will.
2 Likes
You misspelled âhystericalâ 
1 Like
Hereâs what I donât understand. What does the 4th Amendment have to do with this? The FBI already seized the phone. As far as I know, Apple didnât do anything illegal (in this case anyway) so the 4th Amendment does not apply to them in any way, or does it?
Iâm not a lawyer so I have trouble understanding on what grounds the government can force Apple to do something it (Apple) clearly does not want to do, when Apple isnât even accused of any wrongdoing.
I see the whole thing as a ploy to force Apple to build more secure devices. That is obviously what will happen, and surely the FBI canât be so stupid as to not see that. Therefore it must be what the government wants.
The case is a useful reminder how maximalist law enforcement is (which is not a criticism, thatâs their job). Imagine the San Bernardino shooter kept records and used some old school pen and paper cipher. Since heâs dead, if the cipher was halfway good there would be no realistic way for the law enforcement to ever get to the plaintext. Surely that would be the end of the world?
And hey, letâs have another âslippery slopeâ argument. Who here would like Donald Trumpâs government to have the ability to unlock their phone? Anyone? Anyone? Bueller?