Be Excellent To Each Other

Interesting. https://www.apple.com/customer-letter/

wow.. I can see his point.

He seems to be saying that it is definitely within the technical capability of Apple engineers to recover the data from that phone but if they did it would somehow compromise the security of all encrypted devices. Why is that the case? Surely if it's within their capability then the mere fact that they haven't already done it is neither here nor there.

My bad, reading on I see what he's getting at, that it'll inevitably go far beyond this one request basically.

Yep, once this hypothetical insecure versions of iOS has been created, then there is a risk that it will be leaked into the wild.

Yes.. Also I don't think Apple users would be happy about the back door being created.

Agreed. Personally I'd be more concerned about someone using it for malicious purposes on my phone rather than worrying about the authorities being able to access my browsing history.

With my work ISO27001 hat on, I like the fact that a properly secured iPhone is indeed secure and can't be accessed.

But it can: it can be accessed by Apple, who may be compelled to do so by legal means. If access was impossible, Apple wouldn't have had to write that letter.

It can in that Apple engineers have the technical ability to write a version of iOS without all the security features.
As it stands today, that software doesn't exist and there are no known vulerabilities, so I'd still argue that it's secure.

No, Apple complies with individual requests from the FBI when data is required, so they must already be able to do this.

For data that's on their servers presumably, they seem to be saying that this request to unlock a phone is extraordinary and would require a special version of the OS.

Not necessarily true. They do comply with individual requests from the FBI to provide access to data, yes. That doesn't mean that they're providing access to the encrypted data on the iPhone. Typically it means they provide access to the stuff that they hold - eg. what's in iCloud. They don't hold a copy of the encryption key for the local device.

What they're saying about the build doesn't talk about decrypting the data necessarily either. What they're saying is that right now, you have to manually tap in an unlock code, and there are brute force overrides in place to prevent multiple attempts. This letter suggests that an 'alternate' build would have a software interface for attempting an unlock code, and would remove the brute force prevention, making dictionary attacks against the data pretty simple.

I thought that previous requests involved less secure older hardware and software, or data that's held on the Apple infrastructure somewhere?

But if the data is encrypted - properly, securely encrypted - then no special version of any OS is going to help.

Something already exists in iOS to allow for the potential of being able to decrypt it (or they didn't encrypt it in a very secure way).

Apart from if you do what Craster just said I guess.

In which case why the letter ?

I did see some other posts about it on twitter last night with the judges ruling that apple need to do this

( https://twitter.com/swiftonsecurity - for all your security needs as well as pics of TS & AI fanfic)

https://twitter.com/dguido/status/699779685480321024

Important to note that the San Bernadino gunman's iPhone is an A6-based 5C w/o a Secure Enclave https://t.co/zZjHuGmtf2

— Dan Guido (@dguido) February 17, 2016

https://twitter.com/mattblaze/status/699790601508777985

Sounds like Apple is being asked to
(1) Engineer a version of iOS that doesn't enforce the PIN-counter
(2) Sign an image for installation.

— matt blaze (@mattblaze) February 17, 2016

https://twitter.com/matthew_d_green/sta ... 0728842240

Apple's main protection is an 80ms per password-attempt delay that is enforced by tamper resistant hardware. And it works.

— Matthew Green (@matthew_d_green) February 17, 2016

https://twitter.com/matthew_d_green/sta ... 9944381441

Stuff like the ten-attempt limit and throttling delays are probably all enforced by software and Apple can almost certainly turn them off.

— Matthew Green (@matthew_d_green) February 17, 2016

As I said up there. they'll allow attempts in software, and they'll remove the brute force protection. They use PBKDF2, so as long as there's a software interface, you only need to guess the passcode, not the encryption key. With most users having (at best) six digit numeric, that's utterly trivial to brute force.

That'll be what already exists in the software, then

So, if you're going to be a TERRORIZT, break your phone once you're done.

Oh - and PBKDF2 means that the means to decrypt the data isn't already there, because that decryption key is never stored anywhere other than in memory - instead it's derived on the fly when you enter your passcode

That was my understanding, too. They can't access the encrypted data once the phone bricks itself by having 10 failed unlock attempts. They can only potentially provide a way for forced access to the phone.

So yeah, as Grim... said, if you do something naughty brick your phone.

Well no, it doesn't. There currently is no software interface - you can only enter the PIN physically. They're talking about implementing a software interface to allow automated PIN attempts.

The decryption bit, I meant.

Oh, right, I see. That doesn't help them without the encryption key though.

Convenient easy way to do this just discovered :-)

http://www.sciencealert.com/here-s-why- ... ck-to-1970

From what I can see they are simply requesting a way of upgrading a phone , to a 'new' IOS version (so signed / etc) and this new version will remove the limit on the number of pin attempts and the short time delay after each failed attempt

So for most people they get hold of your phone - upgrade it to this OS and then brute force the 4 digit pin which gets them full access.

If you have enabled complex passwords : http://www.iphonehacks.com/2015/03/how- ... -ipad.html then yes in theory you can still brute force it but its not really practical to do.

Meh, easy fixed (if you have an iphone that can be opened without damaging it). You just disconnect the battery fro 30 seconds.

I'm sure there is some type of interface or at least someone built one - one of the previous iOS versions had a weird vulnerability that allowed hackers to try their passcodes and reboot the phone to reset the check - there is a video of it somewhere (and i'll attach it here).

** edit **

https://www.intego.com/mac-security-blo ... pass-code/

It doesn't brick it, just locks it into a boot recycle or something. If you let the phone's battery run entirely flat it'll reset.

I've only skim read this thread but I have read the letter.

Anyway, would the FBI offer up a massive reward for anyone that could do this if Apple say no?

Anyone who could actually 'hack' their way in would be able to command a shit ton of money from anyone they wanted.

Decent level encryption is pretty much never hacked until it's fairly obsolete. Finding a way round it is the better choice.

I'm sure there are ways to get into that phone but the most practical way is to get the owner to unlock it for you

BBC story : http://www.bbc.co.uk/news/technology-35594245

What I find interesting about this is that there has apparently been a court order issued to get Apple to do this. A court can order a software house to assign development resource to creating an OS variant?

The Vision has a new project to occupy his evenings, it seems.

Hollywood has led me to believe that all hacker teams are made up of exactly three people:

1: fat guy with goatee, eats crisps and drinks Mountsin Dew.
2: Asian guy, small and thin. Meticulous, always has glasses, usually wears tank top.
3: girl with black hair, unwashed, attitude problem OR bookworm.

I don't know if you fit any of these profiles. Get eating and you'll need to moody that beard.

because someone *thinks* there might be important information on a dead mans phone.

Oh, I get the why - I'm just surprised it's something a company would be expected to comply with. A court order to hand over an encryption key? Sure. A court order to have to go away and rewrite one of their products surprises me.

That's a jailbreak. A working jailbreak exploit on a current iOS device is worth north of a million dollars on the infosec black market.

The process could have done:

1) Apple, give us the data on this phone.
2) We can't, it's encrypted.
3) Break the encrytion then.
4) We can't.
5) Then we'll brute force it.
6) You can't, because our software stops you.
7) Then we'll change that restriction. Give us your signing key.
We can't, that's a trade secret.
9) Fine, then here's the device. You use your secret key to make a version of iOS (let's call it FBiOS) that has no bruteforce protection and put it on the device.

The FBI have skipped steps 1-8, presumably because they have obvious legal counter-arguments, and jumped straight to step 9.

Note that the court order does not require Apple to give the FBI a copy of FBiOS. The FBI are careful to say the phone can stay in Apple's possession, they only need remote access to do the bruteforce and then the forensics. This is an attempt to set a legal precedent and the FBI have been careful to look as reasonable as possible. Hence, I think, the request that Apple change iOS, rather than give up the signing key.

Not my joke, although a good one

Well no, I meant an actual exploitable weakness in AES. That's worth a shit done more than a million dollars on the infosec black market. 'Find a way around it' is the Jailbreak.

Duct tape, pipe wrench and an office chair. Takes 5 minutes.

Not sure how that would help with a corpse.

A few blogs
http://blog.trailofbits.com/2016/02/17/ ... urt-order/
http://blog.erratasec.com/2016/02/some- ... sSYL1IYktw

@JohnHedge on Twitter, who is a former Apple embedded security engineer, has specifically rebutted this:

It won't. The software engineer on the other hand...

As long as it's Gaywood I'm all for it.

But think of the screams! Entire forests would be shredded. It's too great a risk.