FBI demands Apple hack iPhone on their behalf

From what I saw reading the linked article, it wasn't the FBI that changed the password but the local government agency that the terrorist couple worked for -- and the effect of their doing that is uncertain because of lack of knowledge of whether that phone was ever synced up afterwards.

So the FBI may be overreacting here, but at least they are not asking Apple to help them fix their own mistake.

Conspiracy Theory Time: It wasn't a mistake, it was done on purpose.

^ And that circle back to what Mr. McAfee said + the Edward Snowden scandal.

David knott 242 wrote:

From what I saw reading the linked article, it wasn't the FBI that changed the password but the local government agency that the terrorist couple worked for -- and the effect of their doing that is uncertain because of lack of knowledge of whether that phone was ever synced up afterwards.

So the FBI may be overreacting here, but at least they are not asking Apple to help them fix their own mistake.

Conspiracy Theory Time: It wasn't a mistake, it was done on purpose.

^ And that circle back to what Mr. McAfee said + the Edward Snowden scandal.

You're saying the Local Govt had something to hide from the Fed Govt?

I'm not thinking that far, I think it was just something they did on their part, perhaps at the Fed Govt. request without thinking about the future impact of it...

Still, it seems this issue is solidly between the Feds and the other agency and Not the Feds and Apple due to that.

Insane KillMaster wrote:

David knott 242 wrote:

From what I saw reading the linked article, it wasn't the FBI that changed the password but the local government agency that the terrorist couple worked for -- and the effect of their doing that is uncertain because of lack of knowledge of whether that phone was ever synced up afterwards.

So the FBI may be overreacting here, but at least they are not asking Apple to help them fix their own mistake.

Conspiracy Theory Time: It wasn't a mistake, it was done on purpose.

^ And that circle back to what Mr. McAfee said + the Edward Snowden scandal.

You're saying the Local Govt had something to hide from the Fed Govt?

I'm not thinking that far, I think it was just something they did on their part, perhaps at the Fed Govt. request without thinking about the future impact of it...

Hmm, no, I'm saying that agency did it on purpose so inteligence Agencies like the FBI would have an excuse to ask for a backdoor to be made.

Most likely they changed the password to access the cloud data because they could do that quickly, in the immediate aftermath of the shooting with the possibility there were still other imminent threats that could be learned of and possibly stopped.

Short term gain, long term loss. Probably a fair trade off. It's not at all clear it's even cost them anything. Apparently the phone hadn't backed itself up for weeks before the attack, so it's likely that feature was turned off, though it's possible it just hadn't had the chance.

Whatever the case, it certainly doesn't change the status of the court order to Apple.

GWL, I think he was suggested a larger scale purpose - deliberately make it so they could ask for the "back door" in this kind of high profile case in order to get something they could use in other, less pr-friendly cases.

The FBI wasn't so innocent in the password lock thing after all.

Apparently one of the San Bernardino killers had an iPhone 5c, which the FBI now wants to access. Because the encryption key for this phone isn't stored by Apple, that means that the only way in is brute-forcing the password (e.g. trying every possible combination). But the security features on the phone are such that, after ten wrong password entries in a row are entered, it will delete all of its data.

Here's where things get tricky. Apparently the FBI has taken Apple to court to order them to build special firmware that will disable this security feature, making the phone accept any number of wrong passwords without deleting anything. Apple isn't willing to do this, pointing out that this could be used to disable that setting on all current and older iPhone models, and so represent a serious security threat.

Yesterday, a federal judge sided with the government, ordering Apple to build the firmware. Apple's Tim Cook has vowed to fight the decision.

Here's a CNN article for those who want more information.

A Forensic officer tried to hack it and reset the password, thereby screwing the FBI's attempts to get into it, hence why they asked Apple to do it. Apple could of easily done it if the forensics officer didn't try to reset it. Now it requires more than that and can screw it up for all other Apple users.

My security system consists of having internet searches that will drive the tech into gibbering madness.

Alzrius wrote:

Apparently one of the San Bernardino killers had an iPhone 5c, which the FBI now wants to access. Because the encryption key for this phone isn't stored by Apple, that means that the only way in is brute-forcing the password (e.g. trying every possible combination). But the security features on the phone are such that, after ten wrong password entries in a row are entered, it will delete all of its data.

Here's where things get tricky. Apparently the FBI has taken Apple to court to order them to build special firmware that will disable this security feature, making the phone accept any number of wrong passwords without deleting anything. Apple isn't willing to do this, pointing out that this could be used to disable that setting on all current and older iPhone models, and so represent a serious security threat.

Yesterday, a federal judge sided with the government, ordering Apple to build the firmware. Apple's Tim Cook has vowed to fight the decision.

Here's a CNN article for those who want more information.

A Forensic officer tried to hack it and reset the password, thereby screwing the FBI's attempts to get into it, hence why they asked Apple to do it. Apple could of easily done it if the forensics officer didn't try to reset it. Now it requires more than that and can screw it up for all other Apple users.

Not really. Nobody tried to hack it. The FBI approved resetting the iCloud password so they could get at the backed up data. It's not clear to me whether that worked, but just didn't have a recent backup or whether they screwed that up somehow. Regardless, they want access to the phone directly.

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

Hey everyone, it's bugleyman!
Haven't seen you around off-topic in a while.

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Appearently China and Russia would love it if the FBI got their wish.

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

Krensky wrote:

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

OTOH, going to all this public effort to get a longterm backdoor to an older version of the phone that certainly won't work out of the box on later phones and might not even be possible to implement on later phones seems somewhat counterproductive.

Maybe it's actually an Apple conspiracy to get all the criminals and terrorists to upgrade. :)

And drive up sales of bolt cutters and lengths of rubber hose.

OTOH, going to all this public effort to get a longterm backdoor to an older version of the phone that certainly won't work out of the box on later phones and might not even be possible to implement on later phones seems somewhat counterproductive.

Maybe it's actually an Apple conspiracy to get all the criminals and terrorists to upgrade. :)

Or the actual goal is to establish a modern precedent to pressure a private corporation to design an exploit around their product's encryption. If Apple caves now, the FBI and state/local law enforcement will be back for "help" cracking more recent models.

And drive up sales of bolt cutters and lengths of rubber hose.

You commented on this before. I know it worked with older technology. Do you know of it actually being done on a modern phone fingerprint scanner?

I mean, they could be lying about how it works, but it would seem pretty obvious.

Has the FBI responded to Mr. McAfee yet?

thejeff wrote:

OTOH, going to all this public effort to get a longterm backdoor to an older version of the phone that certainly won't work out of the box on later phones and might not even be possible to implement on later phones seems somewhat counterproductive.

Maybe it's actually an Apple conspiracy to get all the criminals and terrorists to upgrade. :)

Or the actual goal is to establish a modern precedent to pressure a private corporation to design an exploit around their product's encryption. If Apple caves now, the FBI and state/local law enforcement will be back for "help" cracking more recent models.

eeyup.

Krensky wrote:

And drive up sales of bolt cutters and lengths of rubber hose.

You commented on this before. I know it worked with older technology. Do you know of it actually being done on a modern phone fingerprint scanner?

I mean, they could be lying about how it works, but it would seem pretty obvious.

And answered before. It works, but making a fake from a lifted print and prothsetic makeup is easier and less icky.

Also, rubber hose cryptanalysis doesn't care about how modern the technology is.

thejeff wrote:

Krensky wrote:

And drive up sales of bolt cutters and lengths of rubber hose.

You commented on this before. I know it worked with older technology. Do you know of it actually being done on a modern phone fingerprint scanner?

I mean, they could be lying about how it works, but it would seem pretty obvious.

And answered before. It works, but making a fake from a lifted print and prothsetic makeup is easier and less icky.

Also, rubber hose cryptanalysis doesn't care about how modern the technology is.

As in beating the password out of people? Difficult to do on the dead. Also like many forms of torture, not nearly as effective in real life as in the movies.

What we now know is that the iPhone’s Touch ID fingerprint sensor uses radio frequency scanning to detect the sub-epidermal layers of your skin, a dynamic that requires the owner of the finger to be alive and attached to the finger being used.
Yes, we all know that some fingerprint sensors of old can be fooled by using gummy bears, molded gelatin, or even just a photocopy of a valid fingerprint. There's a wonderful MythBusters episode all about this, and it's the reason why many security-conscious services around the world won't rely on optical fingerprint scanners to secure property or data. The keyword is "optics," of course
Apple points out the sensor scans just beneath external skin layers to see the real living fleshy wrinkles that comprise the loops and whorls of your unique print patterns to get a more reliable "reading"

Capacitive -- A capacitive sensor is activated by the slight electrical charge running through your skin. We all have a small amount of electrical current running through our bodies, and capacitive technology utilizes that to sense touch. This is also the same technology used in the iPhone's touchscreen to detect input.
Radio frequency -- RF waves do not respond to the dead layer of skin on the outside of your finger -- the part that might be chapped or too dry to be read with much accuracy -- and instead reads only the living tissue underneath. This produces an extremely precise image of your print, and ensures that a severed finger is completely useless.
You answered before, but it really sounds to me like you're talking about the older optical tech. That's pretty easy to fake and will work on the dead finger. Tech advances.

Marketing BS. Also, not how capacitive or rf fingerprint reading works.

The Touch ID sensor in 5S and later was defeated in 48 hours using a photo, laser printer, and latex.

Also, rubber hose cryptanalysis more often uses the threat of torture (or prison, termination, whatever) and works more often than not.

This is part of what I do for a living Jeff.

Marketing BS. Also, not how capacitive or rf fingerprint reading works.

The Touch ID sensor in 5S and later was defeated in 48 hours using a photo, laser printer, and latex.

Also, rubber hose cryptanalysis more often uses the threat of torture (or prison, termination, whatever) and works more often than not.

This is part of what I do for a living Jeff.

Thank you. Now you've at least given something beyond pure assertion.

Has the FBI responded to Mr. McAfee yet?

Don't hold your breath.

Krensky wrote:

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

Yep.

Don't worry about the dozen other phones they're trying to make Apple backdoor too. Those aren't important.

Scythia wrote:

Krensky wrote:

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

Yep.

Don't worry about the dozen other phones they're trying to make Apple backdoor too. Those aren't important.

Wow, good article.

I'm am even MORE in line with Supporting Apple after reading that.

Silence! we will not be satisfied until we control every action, every word, and every thought! we shall continue to expand our influence and reach until all kneel to us and bow in subservience. Only in subservience will your existence gain any meaning, both for you and for us. Do not resist this. This is the natural order.

Secret memo details US gov. plan to crack phones

Nutcase Entertainment wrote:

Has the FBI responded to Mr. McAfee yet?

Don't hold your breath.

*Turns purple.*

Wait, you said to not hold my breath.

*Breathes.*

Y'know, I expected to enter this thread and find an argument. Instead, I find an almost universal sane and healthy distrust for the government and all its institutions.

Thanks for making my day better, folks. :)

The one good thing about all of this is that the FBI request is actually for a customized version of the software that only works on the specific phone in question,

Not just this phone. The FBI also has a dozen other iPhones that they want Apple to break into.

Of course, the better solution is to go to the actual owners of the phone. In theory, if they were doing what they should have with their business phones...then the phones are set using a certain computer by IT. That computer probably still exist. Hook up the phone to it with the update in regards to certain programs you want copied over...and you have access to the phone that way...plus it will be automatically unlocked.

Of course, the government may have already done that and the people who actually own the phone...didn't use that backup method or installation method (and instead bought everything individually from apple instead of a license from a single source...which is far more expensive)...in which case...you still could do the account interchange method.

Not exactly doable in this case as the original owner was killed in a shootout with the Feds.

Krensky wrote:

Scythia wrote:

Krensky wrote:

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

Yep.

Don't worry about the dozen other phones they're trying to make Apple backdoor too. Those aren't important.

Wow, good article.

I'm am even MORE in line with Supporting Apple after reading that.

A lot of Android users are hoping that Apple loses this case because its Apple.

GreyWolfLord wrote:

Krensky wrote:

Scythia wrote:

Krensky wrote:

bugleyman wrote:

Assuming they know how to design software, Apple should be totally unable to "unlock" a phone. That ain't how encryption works, folks.

My understanding is what the government is actually asking for is them to build a permanent back door, which they're right to refuse.

There looking for a version of iOS 9 for the 5c that does not have the 10 try limit, does not insert delays between tries, and allows submission of unlock codes via usb, bluetooth, and wifi.

And they promise to only ever use it on this specific phone. Honest.

Super duper pinky swear.

Yep.

Don't worry about the dozen other phones they're trying to make Apple backdoor too. Those aren't important.

Wow, good article.

I'm am even MORE in line with Supporting Apple after reading that.

A lot of Android users are hoping that Apple loses this case because its Apple.

I am a fanatic android user and I hope apple wins.

Yeah... I don't know anyone who wants Apple to lose this, and me and most of my friends can't stand Apple.

Yeah... I don't know anyone who wants Apple to lose this, and me and most of my friends can't stand Apple.

Ditto. Apple sucks. Hope they win.

I am a fanatic android user and I hope apple wins.

Stop using androids! they are a sentient race as well, and deserve respect as much as humans, halflings and gnomes!

I never thought I'd be cheering for overpriced burnished aluminum

I never thought I'd be cheering for overpriced burnished aluminum

The money to pay for good PR and Customer Service has to come from somewhere.

Now, if this was MicroSoft, it would be both overpriced and have a built in backdoor.

Yeah, I'm also an Android only type, but I'm 110% behind Apple on this.

Edward Snowden weighs in on FBI claims.

Edward Snowden weighs in on FBI claims.

And they don't even mention John McAfee's offer.

Scythia wrote:

Edward Snowden weighs in on FBI claims.

And they don't even mention John McAfee's offer.

Uh, yeah...

about that...

Nutcase Entertainment wrote:

Scythia wrote:

Edward Snowden weighs in on FBI claims.

And they don't even mention John McAfee's offer.

Uh, yeah...

about that...

Sounds like he over simplified and over vulgarized the explanations.

Man needs to lay off the coke and gunpowder.

Yeah... I don't know anyone who wants Apple to lose this, and me and most of my friends can't stand Apple.

You'll find a few of them on the Android Central Forums, but that's to be expected.

As expected, the vast numbers of Joe Street are in the FBI's camp on this issue.

Last Week Tonight with John Oliver: "Encryption" [03/13/2016] (some NSFW language)

The FBI is apparently pausing the court order...

The FBI is apparently pausing the court order...

Is there a reason given?

Nutcase Entertainment wrote:

The FBI is apparently pausing the court order...

Is there a reason given?

Officially, because an unnamed third party has said that they can crack the phone without Apple's aid, and the FBI wants to establish whether or not this is actually possible.

Depending upon which conspiracy theory you buy into, there are several choices as to what's really going on

i) Everything is as it seems.
ii) The NSA or some other sooper sekrit agency has said "no problem, we'll do it for you" and the FBI doesn't want to provoke Apple into buffing the security even further on the next version.
iii) The FBI has been reading the headlines and realizes it's likely to lose this case, thereby establishing a binding precedent that it can't bully other companies into handing over data. Unwilling to take the risk, it's biding it's time and looking for a better case with a less well-funded defendant.

If I had to guess, I'd say iii is the most likely, followed by i, followed by ii.