Encryption that can be undone retroactively by a third party is pointless.
I don’t often agree with Apple but, aside from some lack of clarity about what’s being asked, they seem entirely in the right here.
Dumb question: Why can’t the FBI just take out the memory and plug it into something that isn’t an iPhone to read?
they could - but it uses 256 bit AES, which Bruce Schneier doesn’t think NSA can currently brute force. https://www.schneier.com/blog/archives/2012/03/can_the_nsa_bre.html
Not really a dumb question, but the memory/storage itself is encrypted. You can’t unlock it without the key, which does’t exist anymore because the person who knew the code is dead. He didn’t leave it on a post-it somewhere.
Since it is a work phone, I’d be surprised if there was anything at all related to the attacks on this phone.
Since I’m not an Apple hardware guy, but have some interest in encryption, some interesting things I learned/had confirmed from the article and particularly the discussion below:
- the error 53 BSOD after 3rd parties mess with the touch sensor is actually a feature, not a bug
- combination of device specific hardware key and user entered key, prevents easily guessable brute force against password libraries.
- 256 AES encryption is used, which Bruce Schneier thinks NSA cannot currently brute force
- the HW key is likely recoverable, by milling down to the chip and directly reading the PCB with an xray and/or electron microscope (badass). But this would be very expensive ($1Mish)
- arguably, the fact that Apple uses a signing key to have the iOS hardware verify that an update is valid is already a golden key that can be used by a sophisticated enough hacker. This signing key alone in the hands of a hacker or the government would allow them to do what the FBI is asking. So we are to assume that Apple has (to date) kept that secure from the government at least.
Or one can speculate that this is all a smokescreen to persuade ne’er-do-wells that apple products are the ones to use. Because if the NSA can break in (possibly through that “golden key”) they want as many people to use compromised technology as possible. I’m just sayin’.
This case is about whether Apple can be compelled to do work to free information that doesn’t belong to them in the first place. If the government suppeonas records from a company, can Mossler be compelled to open the safe that they sold to the company which contains those records ?
So Apple is taking a stand and most people seem to be pissed about it. But if Google did something like this, they would be hailed as fighters. Why the hate toward Apple?
For that matter, does the 13th amendment prohibit the FBI from using the coercive force of the courts to compel Apple to create a product that does not yet exist?
If Apple made soapbox racers instead of tech devices and the government came to them and said “make us a motorcycle that can beat your soapbox racer” and Apple, who has never made a motorcycle, doesn’t know if it can make a motorcycle, and believes that making motorcycles will hurt it’s soapbox racer business has said no. But the government says take your tools and your people and make us some motorcycles anyway or face court sanctions, fines, and other punishments. Wouldn’t that be involuntary servitude?
Apple, basically: “If it pleases the court, tell FBI to go fuck themselves"
I bet an Apple Motorcycle would look really cool, though.
However, since humans are (barring a few possible savants) totally worthless at remembering 256 bit AES keys, there is a chunk of storage, somewhere on the PCB(whether stashed in some clever way on the bulk flash storage chips, or in some paranoia processor’s smaller but more secure memory) that contains the AES key protected only by whatever passphrase/lock code/etc. the guy used to secure his phone.
The FBI is currently asking Apple to make things easy for them; and build an attack OS that will allow them to make unlimited attempts to guess the lock code without risk of wiping the secrets; but even if Apple refuses, that weakly-obfuscated copy of the AES key is still somewhere in the silicon; and with state-level resources, you can often make a chip talk, even if it requires breaking out the electron microscopes and the ion beams and ripping it apart one gate at a time.
I haven’t been able to find any hardware-focused discussions of where and how the 5c hides the AES key; but unless you ask the user to remember it, you have to store it on the device in a form that can be accessed with only the user’s unlock code/password. and unless it’s a really, really, classy HSM a silicon level attack can probably get it back.
If nothing else, I assume that the FBI would prefer to attempt to establish that they have this power first, rather than passing on a nearly perfect ‘unsympathetic villain’ test case and having to do harder and more expensive forensics; but I’d be surprised if, for a case like this, they lack the resources to either do(or more likely hire somebody to do) a physical attack.
Any device that accepts updates is vulnerable, but that doesn’t make encryption pointless on those devices.
Right - the device’s master key is extremely strong and probably can’t be brute forced.
What can be brute forced is the weaker (most likely) user password that is used to protect the master key.
If the still locked device can be updated to remove security features, then what exactly is the point?
Airbags in cars don’t prevent 100% of traffic accident deaths, so what’s the point?
I wondered exactly this, some comments were made about how expensive it would be to crack out the electron microscope for the FBI, but it’d probably cost more for Apple developer time to do what they’re asking with a custom iOS.
I assume his iPhone wasn’t a touch ID or they could have just used a fingerprint copy (or just cut off his thumb) to gain entrance? What about social engineering by using his Amazon account and Apple Support like what happened to Matt Honan?
Once Apple creates FBiOS for 10mill, the FBiOS can crack more then one phone.
Compare the kill count by police and other state forces vs the kill count of terrorists.
Now, who’s more dangerous?