Reefa Posted February 18, 2016 Share Posted February 18, 2016 On Tuesday, the US government dropped what might be the biggest bombshell yet in its ongoing war on encryption: A court order compelling Apple to help the FBI unlock the iPhone of one of the San Bernardino shooters who killed 14 people and injured 22 last December. This is the latest chapter in the FBI's fight against Apple and encryption, which started when Apple implemented new security and encryption features with the launch of the iPhone 6 and iOS 9 in September of 2014. At the time, Apple said it wouldn’t be able to unlock phones anymore—even if the authorities came knocking at their door with a warrant—because it just didn’t have the technical means. But the US government has since been testing the legal boundaries of what it can force Apple, and by extension any other tech company, to do, mainly using the questionable legal authorities granted by a 227-year-old law. And this time, it might have devised a way to prove that Apple does have the technical means to help cops and feds when they have to access data on a locked device. In the case of the San Bernardino shooter, rather than telling Apple to break the encryption protecting the device, which is an older iPhone 5C running iOS 9, the order would force the company to build a special version of its software that removes protections against anyone guessing your passcode millions of times until it gets it right—what’s technically known as a “brute-force” attack. Apple immediately contested the order, calling it an “unprecedented step” where the government is essentially asking the company to “hack” its own users and create a “backdoor” that could be used any other time in the future. For the US government, on the other hand, this is simply “writing software code,” which is not an “unreasonable burden for a company that writes software code as part of its regular business,” as an FBI agent argued in the case. This code, moreover, will only be targeted for this specific phone, according to the feds. In other words, they’re claiming this is just a one-time solution and doesn't constitute a backdoor. An excerpt from the US government’s filing in the case. But given what is known about how the iPhone protects users’ data with encryption, and what the feds are asking in this case, that is likely untrue—not just according to Apple, but also security experts who have studied the company’s software. The government’s demands, the experts argue, ultimately have very little to do with unlocking a single phone, and everything to do with establishing far-reaching powers, and a technical way for the US government—and presumably, any government—to force companies to hack their own products. CAN APPLE COMPLY WITH THE GOVERNMENT’S DEMAND IN THIS CASE? The answer, according to experts, is yes. Dan Guido, the CEO of cybersecurity firm Trail Of Bits, explained it in detail in a lengthy post on Tuesday. Essentially, the US government is asking Apple to create a custom version of its operating system—Guido jokingly calls it “FBiOS”—which it can then load onto any iOS device to bypass its protections against rapidly guessing passcodes. On iOS 9, a security mechanism wipes the device clean if the wrong passcode is entered 10 times, and guesses are delayed for every wrong attempt. These were measures put in place to avoid forensic tools that could brute-force passcodes on previous iOS versions. A portion of Apple’s iOS 9 Security Guide. But the special OS version the court is ordering Apple to create (which court documents call a Software Image File, or SIF, and which some compare to a “forensic tool” developed by Apple itself) would remove those restrictions when loaded onto the device, leaving investigators free to try every possible passcode combination until the device is unlocked. The investigators wouldn’t even need to input the passcodes manually on the phone because they could connect the phone to an external computer or device and just run password-cracking software on it. At that point, unlocking the phone depends on how long the passcode is. If it’s made of just six numbers—which is what people normally use given that it’s what Apple suggests by default—it would require less than a day, given that the iPhone’s hardware allows roughly 12 guesses per second (one every 80 milliseconds). Quote At 80ms per guess, it Rob Graham ❄️ February 17, 2016 COULD APPLE DO THE SAME WITH OTHER IPHONES? What makes this case particularly interesting is that the phone in question is an older iPhone, the 5C. So the natural question is, could the FBI force Apple to help unlock other iPhones such as the 6 or 6S too? Could the FBI use the software specifically created by Apple to unlock the iPhone of the San Bernardino shooter and easily use it on other iPhones? The answer then becomes much more complicated, thanks to the Secure Enclave, which became available on iPhones starting from the iPhone 5S, launched in 2013, but was not available on its cheaper brother, the 5C. The Secure Enclave is not just a new feature, it’s an entirely separate computer within the iPhone which has control over the most sensitive parts of the iPhone, such as Apple Pay, TouchID, and, most importantly, the keys that encrypt the data on the phone, as well as those that encrypt iMessages. A schematic on the software and hardware components of iPhones with the Secure Enclave. Starting with iOS9, the Secure Enclave also enforces all those restrictions against brute-forcing mentioned before. It makes sure the phone gets wiped if the passcode gets guessed more than 10 times, and forces delays for every incorrect try. Moreover, the Secure Enclave adds another layer of security. When you unlock the phone, your passcode gets mixed up with another key that’s physically embedded and fused in the Secure Enclave. This makes it extremely hard for anyone to get this embedded key, known as the “Class Key,” on their own. That, however, doesn’t mean it’s impossible. In theory, the FBI could open up the phone and try to extract the keys using lasers, chemicals, or X-rays. But that, according to Guido, is “really uncharted territory” given that “the exact methods required are kind of unknown and the FBI would actually be making some new science here.” That would also likely be expensive, and, most importantly, risky because it could destroy the data that the FBI is actually after. “We’re only talking about one shot to take apart the phone and read out the hardware key, and if they screw up there is no way to turn back the dial,” Guido told Motherboard. There’s one big catch, however. None of this matters if Apple can alter the firmware running the Secure Enclave. So if the feds ever get Apple to write that custom forensic tool to disable restrictions against brute-forcing passcodes on a 5C, there might be nothing preventing them to ask Apple to do the same for newer phones. (In that case, they would need two custom forensic tools, but the underlying workaround would be the same.) Apple declined to comment, and did not answer a specific question asking whether it’s possible for Apple to alter the firmware on the Security Enclave. But experts, while saying only Apple knows the real answer, agree that it likely is. “It should be completely possible to apply this attack even on the newer phones,” Ryan Stortz, a senior security researcher at Trail of Bits, who has studied how the Security Enclave works, told me. “Apple will still be creating a solution for the FBI that can be trivially re-used” [...] It’d be pretty generically applicable in the future.” Stortz explained that at this point, the only difference would be that the brute-forcing would have to be done on the device itself, so the investigators wouldn’t be able to use an external computer. But Apple could still allow the same brute-forcing process to work via some sort of API, and at that point, the only restriction would still be the 80 millisecond limit between guesses, which is enforced at the hardware level, according to Stortz. COULD THE FEDS DO IT WITHOUT APPLE’S HELP? Crucially, the SIF or “FBiOS” would need to be signed by Apple’s developer key in order for the device to accept it. That’s why Apple is being ordered to code the special software itself. But if the US government, or anyone else, could force Apple to surrender that master developer key, or stole it, then Apple wouldn’t be needed anymore. The order says that the action taken must be “proportionate,” so legally compelling Apple to surrender its master development key would be a stretch. But accomplishing this would still be technically possible, though much harder, without Apple’s help, if the FBI or NSA somehow managed to get Apple’s signing key—say, by stealing it. (And we know from documents leaked by Edward Snowden that the CIA has been working on ways to hack the iPhone without Apple’s help for years.) Once the key in their possession, investigators would be able to write the customized software image themselves and disable the auto-wipe feature without Apple’s cooperation. Even further, it would empower the FBI to make software updates stamped with Apple’s digital signature. In that case, it would essentially be game over. Forcing a company to surrender encryption keys through legal means isn’t completely without precedent, either. Edward Snowden’s former email provider Lavabit was infamously compelled to hand over all of its SSL keys during a protracted legal fight with the US government, which resulted in the site being permanently shuttered by its owner, Ladar Levison. In either case, security and legal experts point out that this would raise troubling constitutional issues, since Apple would either be forced to create software to hack its own products or forced to surrender keys, which it would likely argue are protected under several regulations, including intellectual property laws, including as “trade secrets.” “‘Give us your dev key’ is probably on firmer ground legally than ‘write custom code for us’ but arguably way, way scarier,” the CATO Institute’s Julian Sanchez wrote on Twitter. Quote Give an FBI a key and he can fish for a day, but teach an FBI how to replace firmware and he can SPY FOREVER. Joshua Tauberer February 17, 2016 WHAT’S REALLY AT STAKE Snowden called the case “the most important tech case in a decade,” and it might very well be. At stake is whether a company can be legally compelled to sabotage the security of its own software, and the potential consequences are numerous and far-reaching. Apple believes this is not about whether the company is technically able to comply with this particular order, but about the legal precedent this request would set, according to a source with knowledge of the matter. If the government wins in this case, the source said, it will compel Apple to weaken any other technical protections in the future, no matter the phone. Furthermore, if the US government can compel Apple to write software that helps it crack passcodes, what’s to stop other countries from demanding the same? Despite the government’s narrow framing on a single iPhone used by a dead mass murderer, one thing that’s clear is that whatever technical solution results from the case will be used on countless other devices for years to come. “We knew Apple could hack their own phones, the real question is, will the FBI get the precedent they want to be able to force Apple to hack their own phones?” Jonathan Zdziarski, a well-known iOS forensic expert, told Motherboard. “I have no doubt that if Apple wants to get into an iPhone 6 it can get into an iPhone 6. The bigger question is whether or not we’re gonna let the courts decide that.” http://motherboard.vice.com/read/fbi-order-apple-san-bernardino-encryption-hacking-backdoor-technical-explainer Link to comment Share on other sites More sharing options...
straycat19 Posted February 18, 2016 Share Posted February 18, 2016 There is already a precedent for this since other encryption technology can be accessed by using special "day code keys" provided by the developers that allow the decryption of encrypted data and drives. It doesn't take a court order to get these keys since they are provided freely to forensic personnel with a need to know access. So there is no reason why Apple should not assist the FBI in a terrorist investigation. Failure to do so could even be construed as an act of contributing support to terrorists in their planning for future attacks. And then by an even further stretch of logical thought, any muslim or person from the middle east carrying an iPhone could be considered an armed terrorist simply because they have a 'weapon' of terrorism on their person. If nothing else, it would deserve a call to Homeland Security and local police for suspicious behavior since there is no reason to carry a phone that is highly encrypted, unless you have something to hide. So there are far more things involved in this than just the decryption of a known terrorists phone. Link to comment Share on other sites More sharing options...
steven36 Posted February 18, 2016 Share Posted February 18, 2016 Quote 5 facts about Apple and the terrorist’s iPhone A great deal of hype and misinformation surrounds the court order requiring Apple to help law enforcement access the iPhone of the deceased San Bernardino terrorist Syed Farook. Some of the misinformation has come from Apple CEO Tim Cook. Some people are claiming that giving in to law enforcement’s demands would be a crippling blow to the privacy of U.S. citizens. Here are five facts to put those fears in perspective: The FBI wants Apple to write software that bypasses the device-wiping function that activates after 10 wrong passcodes have been entered. This is a security feature designed to protect data when a device is lost or stolen. The FBI wants to be able to enter all possible passcodes on this specific phone. The FBI wants Apple to digitally sign and install the software. If the software is not digitally signed by Apple, the iPhone won’t accept the update. This is the key element of this case; without Apple’s digital signature, that iPhone will remain locked. The software never has to leave Apple’s control and can be immediately destroyed after this one use. Apple claims that once the software is created, it is out there. But it could be “out there” only if Apple has reason not to trust itself or the people it would assign to do the work. Nothing that the FBI has asked for would weaken encryption. The case does raise the question of when a government can demand that a developer help circumvent security measures. This is a legitimate policy concern, and if the San Bernardino case sets a precedent that leads to frequent demands for such assistance, then there is a greater possibility that the software used might become more easily available. That the FBI has to recruit Apple’s cooperation is a testament to the strength of Apple’s security measures. Apple’s resistance seems designed to position it as a champion of privacy, but the stance actually downplays the effectiveness of its privacy protections. http://www.computerworld.com/article/3034518/security/5-facts-about-apple-and-the-terrorist-s-iphone.html Link to comment Share on other sites More sharing options...
vibranium Posted February 18, 2016 Share Posted February 18, 2016 Straycat is right. There's no way Apple will fight this to the bitter end. For PR they will put up token resistance. Link to comment Share on other sites More sharing options...
straycat19 Posted February 19, 2016 Share Posted February 19, 2016 Quote The FBI wants Apple to write software that bypasses the device-wiping function Apple already has that software they just don't want to give it to the FBI because they are afraid it will 'leak' out. Link to comment Share on other sites More sharing options...
humble3d Posted February 19, 2016 Share Posted February 19, 2016 This tells us the full weight of the us government is not enough on their own to backdoor apps... They need help... conspiracy is a very real concept in american law... Conspiracy against human and civil rights by governments tells us who we're dealing with... It's no wonder some governments are called 'nazi-fascist pigs'... Link to comment Share on other sites More sharing options...
steven36 Posted February 19, 2016 Share Posted February 19, 2016 14 hours ago, humble3d said: They need help... conspiracy is a very real concept in american law... How is this anything new? after 9-11 before everyone had smart phones they uncovered info on al-Qaida trough IM programs and the software vendors fully cooperated with the the US government under the patriot act. This was before we knew of Prism witch is still a ongoing program by the way .. Why do you think they just past laws to make it legal for Software vendors to rat on consumers . The law there using to try to get Apple to unlock iphone is from 1789 even Quote Raicu thinks we may be better off adapting old laws to the new world. She thinks it's a good thing that the federal court in California used the principles set out in 1789 to order Apple to unlock the phone. That law, the All Writs Act, is all of two sentences in length. It gives judges the authority to issue any order necessary — within the law — to further litigation before the court. The relative clause says: "The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law." "The law actually seems to be keeping up with technology by being so broad that we're just reinterpreting it all the time," says Raicu. In his impassioned explanation on Apple's website for refusing the government's order, CEO Tim Cook criticized the use of this old law, rather than, as Cook put it, "asking for legislative action through Congress." But, as Raicu sees it, Cook may want to be careful what he asks for. http://www.npr.org/sections/alltechconsidered/2016/02/19/467299024/can-a-1789-law-apply-to-an-iphone When Steve Jobs introduced the Iphone years ago he forgot to tell you the part about if you're connected to internet there is real no privacy because you're online . I dont like seeing the Government getting vendors to backdoor software but you as a consumer chose to use these products that keep logs if the vendors didn't have more info on you than the government did to begin with they would be nothing to get there's no mandatory data retention laws in the US these companies do it for profit. 19 hours ago, straycat19 said: Apple already has that software they just don't want to give it to the FBI because they are afraid it will 'leak' out. There's no way you could know this unless you work for apple , and had access to there top secrets because they have never said they had this tech so stop making up things without real proof. Apple has the master signing key but the FBI is not asking for the key they want apple to make firmware and install it so the FBI can exploit it. The only people would be worried about encryption back doors in products from the USA are people who actually use encryption made in the USA something i dont do no how. Last I checked there's alternatives. Only they have power over you if you give them this power. And its not just Apple they have in court to unlock encryption. Also they have Microsoft in court to unlock encryption for emails that dont have nothing to do with terrorism . They think if a product is made in the USA and someone who suspected of a crime they should have access to there personal info regardless of the crime. And the Data Microsoft has on this person who was a suspected drug dealer is not even in the USA its in Ireland and still they think they sould have Access to the data because Microsoft is a USA company . If i was these companies i would move my business to somewhere else were dont have such laws . And if the Government keeps on it could backfire on them and the lose many business from the USA. No wonder Russia is talking about forking there own Linux for Government use. Before its over if the government keeps on these rich companies are going to lose billions of dollars in sales because people will be scared to use there products. Link to comment Share on other sites More sharing options...
VileTouch Posted February 19, 2016 Share Posted February 19, 2016 Link to comment Share on other sites More sharing options...
steven36 Posted February 19, 2016 Share Posted February 19, 2016 You take CyberGhost VPN for example it shows its already happened before when the German Police tired to mess with them they moved there VPN business to Romania were Germany has no jurisdiction or say on what they do. Its not like Apple are the only products in the world that can and are used for evil and it can easy backfire on the USA just like it did with other countries when the businesses get tired of losing money and move the cheese. Link to comment Share on other sites More sharing options...
Reefa Posted February 19, 2016 Author Share Posted February 19, 2016 On 18/02/2016 at 5:35 PM, straycat19 said: It doesn't take a court order to get these keys since they are provided freely to forensic personnel with a need to know access. Can i ask for some evidence of this please.. Link to comment Share on other sites More sharing options...
Batu69 Posted February 20, 2016 Share Posted February 20, 2016 Apple unlocked at least 70 iPhones before refusing to hack into terrorist’s device Quote Apple is fighting the FBI over a court order requiring the tech giant to unlock a terrorist’s iPhone — but it appears the company had no problem breaking into at least 70 other protected smartphones. The California-based tech giant unlocked dozens of iPhones at federal investigators’ requests between 2008 and 2015, a prosecutor argued last year. Link to comment Share on other sites More sharing options...
steven36 Posted February 20, 2016 Share Posted February 20, 2016 52 minutes ago, Batu69 said: Apple unlocked at least 70 iPhones before refusing to hack into terrorist’s device It still dont explain why the FBI needs them to write firmware and install it to get info . We all know Apple , Google , Microsoft etc has worked with the Government before already . Quote Those who support the government say Apple has cooperated in the past to unlock dozens of phones in other cases—so why can’t it help the FBI unlock this one? But this isn’t about unlocking a phone; rather, it’s about ordering Apple to create a new software tool to eliminate specific security protections the company built into its phone software to protect customer data. Opponents of the court’s decision say this is no different than the controversial backdoor the FBI has been trying to force Apple and other companies to build into their software—except in this case, it’s an after-market backdoor to be used selectively on phones the government is investigating. The stakes in the case are high because it draws a target on Apple and other companies embroiled in the ongoing encryption/backdoor debate that has been swirling in Silicon Valley and on Capitol Hill for the last two years. Briefly, the government wants a way to access data on gadgets, even when those devices use secure encryption to keep it private. Apple specifically altered its software in 2014 to ensure that it would not be able to unlock customer phones and decrypt any of the most important data on them; but it turns out it overlooked a loophole in doing this that the government is now trying to exploit. The loophole is not about Apple unlocking the phone but about making it easier for the FBI to attempt to unlock it on its own. If the controversy over the San Bernardino phone causes Apple to take further steps to close that loophole so that it can’t assist the FBI in this way in the future, it could be seen as excessive obstinance and obstruction by Capitol Hill. And that could be the thing that causes lawmakers to finally step in with federal legislation that prevents Apple and other companies from locking the government out of devices. If the FBI is successful in forcing Apple to comply with its request, it would also set a precedent for other countries to follow and ask Apple to provide their authorities with the same software tool. In the interest of clarifying the facts and correcting some misinformation, we’ve pulled together a summary of the issues at hand. What Kind of Phone Are We Talking About? The phone in question is an iPhone 5c running the iOS9 version of Apple’s software. The phone is owned by the San Bernardino Department of Public Health, which gave it to Syed Rizwan Farook, the shooter suspect, to use for work. What Is the Issue? Farook created a password to lock his phone, and due to security features built into the software on his device, the FBI can’t unlock the phone and access the data on it using the method it wants to use—a bruteforce password-guessing technique wherein they enter different passcodes repeatedly until they guess the right one—without running the risk that the device will lock them out permanently. How Would It Do That? Apple’s operating system uses two factors to secure and decrypt data on the phone–the password the user chooses and a unique 256-bit AES secret key that’s embedded in the phone when it’s manufactured. As cryptographer Matthew Green explains in a blog post, the user’s password gets “tangled” with the secret key to create a passcode key that both secures and unlocks data on the device. When the user enters the correct password, the phone performs a calculation that combines these two codes and if the result is the correct passcode, the device and data are unlocked. To prevent someone from brute-forcing the password, the device has a user-enabled function that limits the number of guesses someone can try before the passcode key gets erased. Although the data remains on the device, it cannot be decrypted and therefore becomes permanently inaccessible. The government’s motion to the court (.pdf) notes that this happens after 10 failed guesses when the auto-erase feature is enabled by the user. The government says it does not know for certain if Farook’s device has the auto-erase feature enabled, but notes in its motion that San Bernardino County gave the device to Farook with it enabled, and the most recent backup of data from his phone to iCloud “showed the function turned on.” A reasonable person might ask why, if the phone was backing data up to iCloud, the government can’t just get everything it needs from iCloud instead of breaking into the phone. The government did obtain some data backed up to iCloud from the phone, but authorities allege in their court document that he may have disabled iCloud backups at some point. They obtained data backed up to iCloud a month before the shootings, but none closer to the date of the shooting, when they say he is most likely to have used the phone to coordinate the attack. Is This Auto-Erase the Only Security Protection Apple Has in Place? No. In addition to the auto-erase function, there’s another protection against brute force attacks: time delays. Each time a password is entered on the phone, it takes about 80 milliseconds for the system to process that password and determine if it’s correct. This helps prevent someone from quickly entering a new password to try again, because they can only guess a password every 80 milliseconds. This might not seem like a lot of time, but according to Dan Guido, CEO of Trail of Bits, a company that does extensive consulting on iOS security, it can be prohibitively long depending on the length of the password. “In terms of cracking passwords, you usually want to crack or attempt to crack hundreds or thousands of them per second. And with 80 milliseconds, you really can only crack eight or nine per second. That’s incredibly slow,” he said in a call to reporters this week. With a four-digit passcode, he says, there are only about 10,000 different combinations a password-cracker has to try. But with a six-digit passcode, there are about one million different combinations a password cracker would have to try to guess the correct one—a simple six-digit passcode composed of just numbers would take a couple of days to crack, Guido says; but a more complex six-character password composed of letters and numbers could take more than five-and-a-half-years, according to Apple. The iOS9 software, which appears to be the software on the San Bernardino phone, asks you to create a six-digit password by default, though you can change this requirement to four digits if you want a shorter one. Later models of phones use a different chip than the iPhone 5c and have what’s called a “secure enclave” that adds even more time delays to the password-guessing process. Guido describes the secure enclave as a “separate computer inside the iPhone that brokers access to encryption keys” increasing the security of those keys. With the secure enclave, after each wrong password guess, the amount of time you have to wait before trying another password grows with each try; by the ninth failed password you have to wait an hour before you can enter a tenth password. The government mentioned this in its motion to the court, as if the San Bernardino phone has this added delay. But the iPhone 5c does not have secure enclave on it, so the delay would really only be the usual 80 milliseconds in this case. Why None of This Is an Issue With Older iPhones With older versions of Apple’s phone operating system—that is, phones using software prior to iOS8—Apple has the ability to bypass the user’s passcode to essentially unlock the device and access data on the phone. It has done so in dozens of cases over the years, pursuant to a court order. But beginning with iOS8, Apple changed this so that it securely encrypts all of the most important data on your phone by default—photos, messages, contacts, call history—using the password you choose. And Apple cannot bypass your password to obtain that data. According to the motion filed by the government in the San Bernardino case, the phone in question is using a later version of Apple’s operating system—which appears to be iOS9. We’re basing this on a statement in the motion that reads: “While Apple has publicized that it has written the software differently with respect to iPhones such as the SUBJECT DEVICE with operating system (“iOS”)9, Apple yet retains the capacity to provide the assistance sought herein that may enable the government to access the SUBJECT DEVICE pursuant to the search warrant.” The government is referring to the changes that Apple made with iOS8 that exist in iOS9 as well. Apple released iOS9 in September 2015, three months before the San Bernardino attacks occurred, so it’s very possible this is indeed the version installed on the San Bernardino phone. After today, technology vendors need to consider that they might be the adversary they're trying to protect their customers from. What Does the Government Want? A lot of people have misconstrued the government’s request and believe it asked the court to order Apple to unlock the phone, as Apple has done in many cases before. But as noted, the particular operating system installed on this phone does not allow Apple to bypass the passcode and decrypt the data. So the government wants to try bruteforcing the password without having the system auto-erase the decryption key and without additional time delays. To do this, it wants Apple to create a special version of its operating system, a crippled version of the firmware that essentially eliminates the bruteforcing protections, and install it on the San Bernardino phone. It also wants Apple to make it possible to enter password guesses electronically rather than through the touchscreen so that the FBI can run a password-cracking script that races through the password guesses automatically. It wants Apple to design this crippled software to be loaded into memory instead of on disk so that the data on the phone remains forensically sound and won’t be altered. Note that even after Apple does all of this, the phone will still be locked, unless the government’s bruteforcing operation works to guess the password. And if Farook kept the iOS9 default requirement for a six-digit password, and chose a complex alpha-numeric combination for his password, the FBI might never be able to crack it even with everything it has asked Apple to do. Apple CEO Tim Cook described the government’s request as “asking Apple to hack our own users and undermine decades of security advancements that protect our customers—including tens of millions of American citizens—from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.” What Exactly Is the Loophole You Said the Government Is Exploiting? The loophole is the fact that Apple still retains the ability to run crippled firmware on a device like this without requiring the user to approve it, the way software updates usually work. If this required user approval, Apple would not be able to do what the government is requesting. How Doable Is All of This? Guido says the government’s request is completely doable and reasonable. “They have to make a couple of modifications. They have to make it so that the operating system boots inside of a RAM disk…[and] they need to delete a bunch of code—there’s a lot of code that protects the passcode that they just need to trash,” he said. Making it possible for the government to test passwords with a script instead of typing them in would take a little more effort he says. “[T]hat would require a little bit of extra development time, but again totally possible. Apple can load a new kernel driver that allows you to plug something in over the [Lightning] port… It wouldn’t be trivial but it wouldn’t be massive.” Could This Same Technique Be Used to Undermine Newer, More Secure Phones? There has been some debate online about whether Apple would be able to do this for later phones that have newer chips and the secure enclave. It’s an important question because these are the phones that most users will have in the next one or two years as they replace their old phones. Though the secure enclave has additional security features, Guido says that Apple could indeed also write crippled firmware for the secure enclave that achieves exactly what the FBI is asking for in the San Bernardino case. “It is absolutely within the realm of possibility for Apple themselves to tamper with a lot of the functionality of the secure enclave. They can’t read the secure private keys out of it, but they can eliminate things like the passcode delay,” he said. “That means the solution that they might implement for the 5c would not port over directly to the 5s, the 6 or the 6s, but they could create a separate solution for [these] that includes basically crippled firmware for the secure enclave.” If Apple eliminates the added time delays that the secure enclave introduces, then such phones would only have the standard 80-millisecond delay that older phones have. “It requires more work to do so with the secure enclave. You have to develop more software; you have to test it a lot better,” he said. “There may be some other considerations that Apple has to work around. [But] as far as I can tell, if you issue a software update to the secure enclave, you can eliminate the passcode delay and you can eliminate the other device-erase [security feature]. And once both of those are gone, you can query for passcodes as fast as 80 milliseconds per request.” What Hope Is There for Your Privacy? You can create a strong alpha-numeric password for your device that would make bruteforcing it essentially infeasible for the FBI or anyone else. “If you have letters and numbers and it’s six, seven or eight digits long, then the potential combinations there are really too large for anyone to bruteforce,” Guido said. And What Can Apple Do Going Forward? Guido says Apple could and should make changes to its system so that what the FBI is asking it to do can’t be done in future models. “There are changes that Apple can make to the secure enclave to further secure their phones,” he said. “For instance, they may be able to require some kind of user confirmation, before that firmware gets updated, by entering their PIN code … or they could burn the secure enclave into the chip as read-only memory and lose the ability to update it [entirely].” These would prevent Apple in the future from having the ability to either upload crippled firmware to the device without the phone owner’s approval or from uploading new firmware to the secure enclave at all. “There’s a couple of different options that they have; I think all of them, though, are going to require either a new major version of iOS or new chips on the actual phones,” Guido said. “But for the moment, what you have to fall back on is that it takes 80 milliseconds to try every single password guess. And if you have a complex enough password then you’re safe.” Is the Ability to Upload Crippled Firmware a Vulnerability Apple Should Have Foreseen? Guido says no. “It wasn’t until very recently that companies had to consider: What does it look like if we attack our own customers? What does it look like if we strip out and remove the security mitigations we put in specifically to protect customers?” He adds: “Apple did all the right things to make sure the iPhone is safe from remote intruders, or people trying to break into the iPhone.… But certainly after today, technology vendors need to consider that they might be the adversary they’re trying to protect their customers from. And that’s quite a big shift.” Update 2:30 pm EST: To clarify the number of failed password guesses that can occur before the phone deletes the passcode key, making data on the phone inaccessible. Update 5:30 pm EST: To clarify the security changes Apple made in 2014 that prevent it from unlocking secured data on phones. http://www.wired.com/2016/02/apples-fbi-battle-is-complicated-heres-whats-really-going-on/ If this info is correct by making a really strong password they want be able to get in no ways . Link to comment Share on other sites More sharing options...
steven36 Posted February 20, 2016 Share Posted February 20, 2016 Quote Why an Apple victory against the FBI would be a win for all of us Putting back doors into any software, even once, is just asking for trouble We could argue endlessly over the legal, political and technical fine points of the FBI getting a court order requiring Apple to assist it in cracking open a locked iPhone 5c. That’s not really the point. See More True, Apple has cheerfully helped the government look into customers’ data before. No, the FBI isn’t asking for an iPhone backdoor —this time. All Magistrate Judge Sheri Pym of the U.S. District Court for the Central District of California really wants is for Apple to provide a one-off, signed iOS image that will enable the FBI to try different iOS 9 passcodes quickly without triggering the iPhone’s auto-erasure feature after 10 failed attempts. Some people think Apple shouldn’t do this. Nonsense! As Dan Guido, CEO of Trail of Bits, an information security startup, points out, “As many jail-breakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware.” Give me those keys and I could crack your iPhone! And, while I may know more tech than the average bear — or the average IT pro for that matter — I am far from being a top-notch programmer. But giving the FBI those keys is still a lousy idea for reasons that have nothing to do with the law or the politics of the issue. Why? Because, as Rich Mogull, a security analyst at Securosis, pointed out, the real issue is companies should be “required to build security circumvention technologies to expose their own customers?” Or, as I put it, “Should companies be required to put back doors in their software?” To that question, I answer: “Hell no.” My reasoning for this position is very simple. First, if a business or a government can crack open our records for a good reason, how long will it be before they can do it for a bad one? Answer? No time at all. And it’s not just a slippery slope because other government agencies could (will?) get their noses into our private business. It’s a slippery slope because, once there’s a back door of any sort, it’s only a matter of time before it’s misused by hackers. Glance at Computerworld’s pages. Almost every day there’s a serious security breach of software that was designed to be as safe as possible. Now, take that same program and put in a deliberate weakness, a designed keyhole for a software lock picker. Besides, why would you think the government can be trusted to keep secrets? My security clearance secrets, circa 1985, were revealed in the Office of Personnel Management (OPM) hacks. In the X-Files, the government covered up the Roswell UFO crash and implanted alien DNA in U.S. citizens. In the real world, they’re nothing like that competent. Do you get my point? Even if the official decryption key is, by some miracle, kept secret and only used for good, transparent reasons — say, as in this case, the terriorist attack on the Inland Regional Center in San Bernardino, Calif. — there is no reason whatsoever to think that these built-in security holes won’t be used by criminals. My view is that, while in this specific case the FBI has a compelling reason to want Apple’s help in breaking into iOS, it is, as my friend David Gewirtz, the director of the U.S. Strategic Perspective Institute, put it, a “dangerous and far-reaching precedent.” Amen. Let’s not go any further down this road. Ultimately, it will only lead to even worse troubles in the future. So, Apple, I hope you win. I’m not at all sure you will, but take it all the way to the Supreme Court, if you must. This issue is too important — for all of us — for you to surrender meekly. http://www.computerworld.com/article/3035596/data-privacy/why-an-apple-victory-against-the-fbi-would-be-a-win-for-all-of-us.html Link to comment Share on other sites More sharing options...
Pequi Posted February 20, 2016 Share Posted February 20, 2016 On quinta-feira, 18 de fevereiro de 2016 at 1:50 PM, F3dupsk1Nup said: Furthermore, if the US government can compel Apple to write software that helps it crack passcodes, what’s to stop other countries from demanding the same? They would not need to. For every Snowden, there are 20 others willing to sell the hacking software to other countries for a relatively small price. A mere fraction of the hundreds of millions it would cost to develop it. A backdoor is just a door. Anyone with a "key" can get in. Which shows once again that the NSA could not care less about "National Security". They're in the business of blackmail prominent people and corporate spying. 20 people killed in a "terrorist" attack. A drop in the ocean if you consider how many lives could be saved if the NSA's budget was applied in health and education. "Patriot Acts", "Homeland Security" and "National Security Agency" are a parody of 1984 and it's "Ministry of Peace". Someone had a creepy sense of humor when he named them. Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted March 3, 2016 Share Posted March 3, 2016 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.