An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 1 of 4 1 2 3 4
And now for the story behind the news
#38971 02/20/16 04:18 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
This MacNN article puts an entirely new spin on the Justice Departments actions against Apple.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: And now for the story behind the news
joemikeb #38972 02/20/16 06:21 PM
Joined: Aug 2009
Likes: 7
Online

Joined: Aug 2009
Likes: 7
That certainly inspires confidence that the government will be competent in respecting the Constitution... mad


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: And now for the story behind the news
joemikeb #38984 02/21/16 06:14 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: joemikeb
This MacNN article puts an entirely new spin on the Justice Departments actions against Apple.

Thanks. I was going to post something to get an unbiased account of what exactly is of issue. Today on the news it was pointed out that the phone can be set to erase itself after three botched tries at the password. Are we back to the issue of whether erased flash memory can be recovered or not?

I'm still not completely getting it. I thought that if you could prove you were the owner of the phone and did not set it to erase Apple could already get into it for you, just like if you lost your password for an iPad.

Last edited by slolerner; 02/21/16 06:19 PM. Reason: More
Re: And now for the story behind the news
slolerner #38985 02/21/16 09:38 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: slolerner
Today on the news it was pointed out that the phone can be set to erase itself after three botched tries at the password. Are we back to the issue of whether erased flash memory can be recovered or not?

The option in iOS is to erase after ten (10) failed attempts, not three (3). The default setting is ON. If the report you read is so poorly researched that it missed something that basic I would take the rest with a lot more than a grain of salt.
Originally Posted By: slolerner
I'm still not completely getting it. I thought that if you could prove you were the owner of the phone and did not set it to erase Apple could already get into it for you, just like if you lost your password for an iPad.

Apple had been working with the FBI to use the only available recovery method which relies on iCloud backups but when the FBI or some other law enforcement expert switched iCloud accounts for the phone that recovery method went by the boards and cannot be recreated. The iPhone 5 and 6 along with iOS 9 are by design far more secure than previous ones.

If you believe what you see on the crime dramas on television when they blithely break into smart phones with a soldering gun and paperclip, I have a wonderful real estate investment you might be interested in. Its called the Brooklyn Bridge and you can get it for a song.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: And now for the story behind the news
joemikeb #38986 02/21/16 09:51 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Originally Posted By: joemikeb
... I have a wonderful real estate investment you might be interested in. [It's] called the Brooklyn Bridge and you can get it for a song.

Would that be a song penned by the fantabulous P.T. Barnum?! grin

Re: And now for the story behind the news
grelber #38988 02/21/16 10:18 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: grelber
Originally Posted By: joemikeb
... I have a wonderful real estate investment you might be interested in. [It's] called the Brooklyn Bridge and you can get it for a song.

Would that be a song penned by the fantabulous P.T. Barnum?! grin

I can hear the strains of the calliope now grin


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: And now for the story behind the news
joemikeb #38989 02/21/16 11:29 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Take it easy. Woof. So the FBI is asking Apple to change their encryption so it is crackable, give the FBI the key, plus either make flash memory that can't be erased but looks like it is when the phone is reset or include a built in back-up that cannot be deleted? Am I close?

Re: And now for the story behind the news
slolerner #38990 02/21/16 11:46 PM
Joined: Aug 2009
Likes: 7
Online

Joined: Aug 2009
Likes: 7
Common software would have let FBI unlock shooter’s iPhone Just another instance of an official screw-up.

Question: How does an FBI agent (or any other government official) say "F*ck you"? Answer: "Trust me. I'm from the government".

Another question: If government employees are so bad at breaking into phones, why are those people called "hacks"?


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: And now for the story behind the news
jchuzi #38991 02/22/16 12:01 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
What if it was his personal phone?

Re: And now for the story behind the news
slolerner #38992 02/22/16 12:23 AM
Joined: Aug 2009
Likes: 7
Online

Joined: Aug 2009
Likes: 7
Originally Posted By: slolerner
What if it was his personal phone?
That could be a problem.


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: And now for the story behind the news
jchuzi #38993 02/22/16 11:03 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
AFAIK, his phone records are available with a court order. That's gives you a lot of someone's contacts. There are records of the time someone was texting. Those are used when there is a serious accident. If someone is not using something Snapchat, the content of texts are recoverable. There's no way to get his pictures unless he posted them at some time. Thats a standard investigation.

Re: And now for the story behind the news
slolerner #38994 02/22/16 11:14 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
There are the same records for everyone else involved, the wife, the guy who sold him the weapon...

Re: And now for the story behind the news
slolerner #38995 02/22/16 03:46 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: slolerner
I'm still not completely getting it. I thought that if you could prove you were the owner of the phone and did not set it to erase Apple could already get into it for you, just like if you lost your password for an iPad.

Update. Apple removed that capability from iOS in the Fall of 2014 (iOS 8?) in response to customer demand. Apple can access user's iCloud data and has done so many times in response to a court order. However rumor is Apple is working on secure encryption for iCloud data perhaps along the lines of FileVault.

Originally Posted By: slolerner
What if it was his personal phone?

He destroyed his personal phone. The phone in question belonged to his employer and according to the phone records seldom, if ever, used.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: And now for the story behind the news
joemikeb #38996 02/22/16 03:57 PM
Joined: Aug 2009
Likes: 8
Online

Joined: Aug 2009
Likes: 8
Originally Posted By: joemikeb
Apple had been working with the FBI to use the only available recovery method which relies on iCloud backups but when the FBI or some other law enforcement expert switched iCloud accounts for the phone that recovery method went by the boards and cannot be recreated. The iPhone 5 and 6 along with iOS 9 are by design far more secure than previous ones.


It was reported in today's San Francisco Chronicle that the iCloud password reset was done by the FBI to prevent remote wiping of the phone data. The article said the government (at that time) did not know if someone else knew the shooter's password and would try to erase the iPhone's contents.

Remotely erasing an iDevice is something any owner (or person with the correct password) can easily do over the Internet.


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: And now for the story behind the news
joemikeb #38997 02/22/16 04:16 PM
Joined: Aug 2009
Likes: 8
Online

Joined: Aug 2009
Likes: 8
There is an interesting MacWorld article that discusses the future civil rights impact of this issue. The gist of the article is "The crux of the issue is should companies be required to build security circumvention technologies to expose their own customers? Not 'assist law enforcement with existing tools,' but 'build new tools.'"

There is a rather lengthy reader comment section after the article with some interesting posts. Someone even manages to drag the Affordable Care Act into the discussion. These posts present an interesting spectrum on the matter.

There is one reader comment that I found worthwhile: "All governments are the product of a 'social contract' where freedom is balanced with security. In a democracy, this balance is under constant negotiation. Today, that process is skewed toward greater security paid for with lessened freedom. Tomorrow, we may feel and think differently but it won't be easy to reset the balance. Setting new precedents in this area should not be done without long and rigorous debate."


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: And now for the story behind the news
joemikeb #38998 02/22/16 04:16 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: joemikeb
He destroyed his personal phone. The phone in question belonged to his employer and according to the phone records seldom, if ever, used.

The question was, what if he hadn't destroyed his personal phone? (I guess if he hadn't destroyed his personal phone it might be legal to waterboard it.) If he destroyed his personal phone and not his work phone, very little info could be gleaned from it anyway, I suppose.

Re: And now for the story behind the news
joemikeb #38999 02/22/16 06:03 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
The issue of botched data recovery isn’t just because of the fact that a San Bernardino County employee made recovery of Farook’s iPhone data impossible, but also because Farook’s employer (San Bernardino County again) neglected to enroll its phones in a device management program. This (simple and available) program would have had to include all County owned phones like Farook’s work phone, as well as any other 3rd party phone accessing data belonging to or under the access care of SBC, and would have made data recovery a cinch. ‘Big’ Brother Bernardino dropped the ball twice here.

Because of these two rather serious errors, the onus for recovery was dumped in Apple’s lap as sort of a third strike. The fact that this work phone (unlike the destroyed personal phone) is unlikely to contain any useful data for the FBI’s investigation won’t help that agency’s case, but doesn’t make much of a difference for Apple’s position either.


alternaut moderator
Re: And now for the story behind the news
alternaut #39007 02/22/16 11:01 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Another slippery slope.

The mere fact that he destroyed his personal phone is even more reason to believe there is nothing on this one.

Re: And now for the story behind the news
slolerner #39008 02/22/16 11:09 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: slolerner
Another slippery slope.

I don't understand.

Last edited by ryck; 02/22/16 11:11 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: And now for the story behind the news
ryck #39012 02/23/16 01:00 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
I keep thinking about the far-reaching consequences of the Patriot Act. People were frightened. It is inconvenient that it was only his work phone but that isn't stopping the Congress from holding hearings to spin it. It's an Islamic extremist's phone, there's no way to access the contents and that's all anyone needs to hear.

Re: And now for the story behind the news
slolerner #39015 02/23/16 02:12 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
On December 16, FBI Director James Comey said: "We can see from our investigation that in late 2013, before there is a physical meeting of these two people [Farook and Malik] resulting in their engagement and then journey to the United States, they are communicating online, showing signs in that communication of their joint commitment to jihadism and to martyrdom. Those communications are direct, private messages."

Re: And now for the story behind the news
slolerner #39018 02/23/16 09:50 AM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: slolerner
I keep thinking about the far-reaching consequences of the Patriot Act....

Originally Posted By: slolerner
On December 16, FBI Director James Comey....

I still don't understand what you meant by "It's a slippery slope" in response to alternaut's suggestion that there wouldn't have been a problem in acquiring the data if the San Bernardino management had been doing their job. i.e. ensuring they had proper control of taxpayer assets for which they are responsible.

Are you saying that having phones assigned to employees, to carry out their work, in a device management program is the "slippery slope"?


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: And now for the story behind the news
ryck #39020 02/23/16 11:35 AM
Joined: Aug 2009
Offline

Joined: Aug 2009
I wasn't clear Ryck, sorry. It wasn't directly related to Alternaut's post, it was the bigger issue, because the onnes was consequently put on Apple, a private sector company, for making a product that the public thinks needs to be changed for law enforcement reasons. A Business Week headline as recently as yesterday said a poll showed over 50% of the public still believes Apple should unlock the phone. Even if they understood what happened, I don't think that would change anything. It doesn't matter if it was his work phone and every precaution got botched, why wouldn't this "we are protecting you" attitude extend to any computer that uses an unrecoverable flash drive that was not backed up to a cloud service. That was what happened to his personal phone as far as we know.

Clearly, the FBI, much more seriously, 'botched the job' than the San Bernardino police.

Last edited by slolerner; 02/23/16 12:09 PM. Reason: clarity
Re: And now for the story behind the news
slolerner #39045 02/24/16 10:49 AM
Joined: Aug 2009
Likes: 7
Online

Joined: Aug 2009
Likes: 7


Jon

macOS 11.7.10, iMac Retina 5K 27-inch, late 2014, 3.5 GHz Intel Core i5, 1 TB fusion drive, 16 GB RAM, Epson SureColor P600, Photoshop CC, Lightroom CC, MS Office 365
Re: And now for the story behind the news
slolerner #39076 02/25/16 04:34 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
Originally Posted By: slolerner
Take it easy. Woof. So the FBI is asking Apple to change their encryption so it is crackable, give the FBI the key, plus either make flash memory that can't be erased but looks like it is when the phone is reset or include a built in back-up that cannot be deleted? Am I close?


Not really. It's a VERY complex case, and what the FBI is asking for is not at all obvious to someone who doesn't know the complex innards of the iPhone.

So here's the scoop. Bear with me, this might get long and technically complicated.

When you secure your iPhone with a passcode, the phone's contents are encrypted. But--and it's really important to understand this for reasons I'll explain in a second--the passcode you type in is not the encryption key.

The phone generates a random encryption key that is very long (256 bits). This encryption key is not stored in the phone's flash storage or RAM. It's stored in a special, high-security, tamper-resistant chip, called the iPhone Secure Enclave.

The Secure Enclave can not be accessed directly by the phone's CPU, and it does not communicate with the rest of the phone over the normal data bus. It communicates over a special, dedicated, encrypted link to the CPU.

When you type your passcode, the passcode is sent to the Secure Enclave. The Secure Enclave looks at the passcode and returns "yes" or "no". If it is correct, the Secure Enclave uses the key stored in its own tamper-resistant memory to decrypt the phone. If it is not, the Secure Enclave does not decrypt the phone.

For this reason, you can't just read the contents of flash and put them in another phone, for example. The flash contents are encrypted using military-grade 256-bit AES; there is no known way to attack this encryption, and all the world's computers combined would take more than a billion years(!) to brute-force decrypt it.

Now here's where it gets weird.

The iPhone 5C and earlier and the newer iPhones are a bit different in what happens if you enter the wrong passcode several times.

If you enter the wrong passcode in an iPhone 5C or earlier, then with each wrong attempt, iOS forces you to wait a little longer to try again. If you enter the wrong passcode 9 times, iOS forces you to wait an hour before you try the 10th and last time. If you enter it wrong the 10th time, iOS erases the phone.

On an iPhone 6 or later, the Secure Enclave chip handles all these functions. When you enter the wrong passcode, the Secure Enclave starts a hardware timer and will not permit you to enter the passcode again for a longer and longer time. If you enter the passcode wrong on the 10th time, the Secure Enclave wipes its special high-security memory containing the decryption key, forever and irreversibly vaporizing the key and making the phone's contents forever unreadable.

Nobody, not even Apple, has a realistic means of getting the encryption key off the Secure Enclave chip. It is theoretically possible to do, maybe, but the process would involve taking the phone apart in a cleanroom, using acid to dissolve the top casing of the Secure Enclave chip, turning on power, and then attempting to read the Secure Enclave's memory using something like an atomic force microscope. This might work, but it has a very high likelihood of destroying the Secure Enclave chip and if you do that, it's adios, muchachos--the key is gone forever and you're done.

The difference between how the iPhone 5C and the iPhone 6 works is important. In the iPhone 6, all the security is handled by that special chip. In the 5C, it's handled by iOS.

What the FBI is asking Apple to do is write a special version of iOS and put it on the phone. The special version of iOS would be different from "normal" iOS in two regards: it would not make you wait longer and longer times to enter the passcode, and it would not wipe the phone after 10 wrong tries.

On the iPhone 6, iOS does not do this, the security chip does, so nobody, not even Apple, can change that. On this phone, the FBI hopes that installing an altered version of iOS on the phone will let them try all 10,000 possible passcode combinations until they get the right one.

Why doesn't Apple want to do this?

Lots of reasons.

First, it's not clear that it matters. This phone didn't belong to the terrorist, the terrorist stopped using it before the attacks, and he destroyed all his other phones, which means there's almost certainly nothing interesting or important on it.

Second, the FBI already has the iCloud backup and the contact list and call record from the phone, and there was nothing interesting or important in it. Again, that means there's almost certainly nothing interesting or important on the phone.

Third, it would set a precedent: with any older iPhone, any government anywhere in the world could issue a subpoena to Apple saying "load your special rigged software on this phone, because we told you to." That's potentially scary. There's no way to stuff the genie back into the bottle. (In fact, it was precisely to head off this possibility that Apple changed how the Secure Enclave works in later phone models.)

Fourth, if Apple capitulates on this, it will make it that much easier for the FBI to strong-arm other companies (Google? Facebook?) into weakening the encryption they use on their devices. Weakening encryption is potentially a big problem. The thing about encryption is it's just math. Math does not know about good guys or bad guys. Math is math. If there's a mathematical way for the FBI to break encryption or use a back door, there's a mathematical way for anyone--cybercriminals, virus writers, Eastern European organized crime, hostile governments--to do it. Math is math. If it's mathematically possible to break encryption, it can be done. The whole point of encryption is it works because it's NOT mathematically possible to break.

The law under which the FBI is asking Apple to do this is an old one. It's the All Writs Act of 1789. The All Writs Act requires citizens and companies to take any measures "necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law." The FBI is saying that means Apple has to create a new version of iOS just for them, because creating this new version of iOS is necessary and appropriate in aid of this investigation.

What's not clear is, can the government force private citizens to work for it? That's a key part of the debate that I feel is being glossed over. Can the government require that a private company like Apple or private citizens like Apple employees do work on its behalf if they don't want to? Is that "necessary and appropriate"?

There would be a lot more work involved than just changing some lines of code and hitting Compile. Forensics laws are specific about what has to happen with any forensic software used to extract data from a digital device in evidence. The software must be regression-tested, every part of it must be documented, it must be evaluated by peer review, and it must be tested on hardware identical to that of the target device. This is necessary to preserve the chain of evidence and make sure the forensic software isn't inadvertently modifying the data.

And you can't just clone this iPhone and use the new iOS build on the clone, because cloning the phone does not clone the encryption key locked away inside the Secure Enclave chip.

So they're asking Apple to do a great deal of work and to document all that work under legal procedures, and submit the new version of iOS for peer review, in order to get at the contents of the phone. Is this "necessary and appropriate" to do when the people you're ordering to do it are private citizens and not government employees? The All Writs Act of 1789 was clearly never intended to apply to a situation like this; how could it be?

Last edited by tacit; 02/26/16 10:58 PM. Reason: Edited for typos

Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Page 1 of 4 1 2 3 4

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.045s Queries: 65 (0.034s) Memory: 0.7219 MB (Peak: 0.9038 MB) Data Comp: Zlib Server Time: 2024-03-28 16:26:46 UTC
Valid HTML 5 and Valid CSS