US govt says it has cracked killer's iPhone, legs it from Apple fight The US Department of Justice (DoJ) says it no longer needs Apple to help unlock the iPhone 5C used by one of the San Bernardino killers. In a filing [PDF] made Monday to the Central California District Court, prosecutors say they have extracted data from the smartphone belonging to slain San Bernardino killer Syed Farook, thus …
Actually, Apple was given the best gift - ever!
The gift of "tipping their hand".
Apple, as well as the rest of the world, now knows that the FBI wants access to ALL secrets, everywhere. And now that Apple, and the rest of the world, is "armed" with that knowledge, Apple, and others in the tech community, will make their products even stronger.
JB
"Apple, and others in the tech community, will make their products even stronger."
Yeah, believe that if you want. They'll make their products as strong as they need to to keep sales up. Proper security costs money - money which as far as Apple is concerned could be spent on the Oooh Shiny! aspects of its devices. Now Apple have done alright so far , but lets not pretend they're the shining white knight fighting for the little guy - they're a public corporation who answers to its shareholders first, customers second.
Had they appealed up to the Supreme Court and lost, they (and many other US tech companies) would be in a bind. If they won, they would be in no better position than they are today.
The fact that the FBI got at the data doesn't really hurt them. Basically from the public point of view, the FBI had a LOT of trouble getting at the data so the phone is more than secure enough for their needs, since most of us wouldn't have the level of resources directed at breaking into our phones that the FBI was putting forth for this one. Plus, the DOJ says the method "only works on this particular phone" so it isn't like they have a new trick in their toolbag they can share with police all over the US to break into iPhones willy nilly.
There's also no evidence what they did would have been possible on a newer iPhone with the secure enclave - and as of last week Apple no longer sells any iPhones that lack it.
There's also no evidence what they did would have been possible on a newer iPhone with the secure enclave - and as of last week Apple no longer sells any iPhones that lack it.
Given that the FBI started with a statement that "this would only be a one-off" which got disproved before the filing had cooled down from the laser printer I don't actually put much stock with the "we cracked it without Apple" statement either, to be honest. It seems more a deal with an obscure outfit to get lots of dev money for declaring they can break the iPhone so that the department saves face.
The problem I have with these cases is that it pits more and more people AGAINST law enforcement. There used to be a time where you'd be glad to help them to indeed catch bad guys, but they seem to be hell bent on being the bad guys themselves now which isn't right.
Restoring transparency and accountability appears to be a priority, now more than ever.
"declaring they can break the iPhone so that the department saves face."
That seems very plausible. They didn't want the matter debated anywhere that might result in a legal precedent, and they can re-think their strategy for next time. If I was the magistrate, I would ask to see the alleged phone data.
@Doug S
"Had they appealed up to the Supreme Court and lost, they (and many other US tech companies) would be in a bind. If they won, they would be in no better position than they are today."
Depends on one's point of view. The possibility that the FBI will make a similar request in the future is quite high (and getting higher, if Apple's security really does go up), and the matter is currently unresolved. Nobody wants that prospect lurking in the background forever, it'd be better for everyone if it were settled one way or the other.
As things stand the next time this case comes up it might be impossible for Apple to resist; the FBI may have far stronger reasons next time than they did this time. And then the precedent would be set not in Apple's favour.
If Apple were ever to take a chance to settle the matter in the way they wanted, this was the best opportunity. Everyone seemed to think the FBI had a weak hand. But they now cannot do that, even if they wanted to; the case is shelved.
"The fact that the FBI got at the data doesn't really hurt them. Basically from the public point of view, the FBI had a LOT of trouble getting at the data so the phone is more than secure enough for their needs, since most of us wouldn't have the level of resources directed at breaking into our phones that the FBI was putting forth for this one."
Well there's an odd thing. If as you suggest people are happy with the idea that FBI can get into their phones so long as there's some kind of barrier, why wouldn't they be happy with Apple being that barrier to access? They already are for iCloud accounts. It feels like a contradiction. Has Apple actually gone and asked any of their customers if they'd be OK with Apple being a gatekeeper like the one they already are?
@bazza
As things stand the next time this case comes up it might be impossible for Apple to resist; the FBI may have far stronger reasons next time than they did this time. And then the precedent would be set not in Apple's favour.
Hang on, how much stronger arguments than "we need to catch terrorists" are there?
I disagree with you. The FBI decided to play a high stakes game of precedent poker here and were eventually whistled back by a party whose interested they were damaging (no, I'm not assuming sanity prevailed because your rights don't have a play at that table). I don't buy the "we have managed to crack it" story for a minute, because you can't tell me the FBI isn't up to date on all possible resources and companies that have this ability (it's not like they're short of budget to buy any toy for this that they can even vaguely justify).
You also continue to conflate iCloud access (which Apple can change the password for to access) and hardware access (which Apple can only have access to in limited circumstances when permitted by the user or an MDM platform). They are not the same environments, and require different efforts to break into.
Yes, in theory the FBI can try again. What are the odds they will have such a slam dunk case again? The only way this case could have been more of a slam dunk for them would be if they could have somehow proven there definitely was intelligence on that phone and they definitely were part of a larger cell/plot.
I think the FBI and Apple learned two important things, and both were surprised by what they learned. Originally Apple wanted the case filed under seal, but the FBI refused. I think Apple was worried about negative publicity from taking a stand that might appear "pro terrorist", and the FBI thought that negative publicity would force Apple to give in which is why they refused to file the case under seal. Turns out they were both wrong.
While there certainly wasn't universal support for Apple, at best the FBI had only half the country on their side. And that was with a case that lined up almost perfectly to put Apple in the worst possible light. I honestly don't think the FBI is willing to try this again, because of the way they ran off with their tail between their legs on this one and went with the third party option that I'm sure they already knew about. They'll never get a better case, unless a terrorist is caught with a phone and taunts them "information about hundreds of ISIS terrorists in the US and dozens of active plots are on it, but it is encrypted so you'll never get in!" before he shoots himself to avoid being caught and forced to reveal the password.
It could end badly for apple in the future though. whilst apple (for right or wrong) didn't want to give the FBI carte blanche encryption breaking tools there may be a case in the future where they are compelled to - there may be a "terrorist" (using that phrase quite liberally where the American interpretations are concerned) incident that the public is more on side with - once that door has been opened it will be hard to shut it (even for lesser incidents).
Until the matter is settled properly it will come up again i'm sure. It might not be an apple device next time, wonder what the likes of blackberry would do?
[...] there may be a "terrorist" (using that phrase quite liberally where the American interpretations are concerned) incident that the public is more on side with [...]
I dunno. The key aspect of this particular case is that the FBI wanted to go snooping around in this particular piece of hardware "after-the-fact". From my perspective, any instance matching your criterion would require poking around in the device "before-the-fact", which would necessarily require that police work would have to precede any attempt at that poking. With that police work, would come (if the U.S. is still a constitutional democratic republic at the time) such things as search warrants, surveillance, interdiction...all the nasty stuff that goes with good ol' fashioned police work. Maybe my imagination just won't go there, but I have a hard time identifying a situation where end-running the Constitution just to break into a phone would go well with "the public".1
1 Excluding supporters of Herr Drumpf, of course...,
Maybe my imagination just won't go there, but I have a hard time identifying a situation where end-running the Constitution just to break into a phone would go well with "the public".
What exactly do you think happened after 9/11? Fear is a wonderful tool to sweep aside clear thinking, and the legal mess it created is still around. Even the "just now, only for this emergency" conditions still exists after the FREEDOM Act extended parts of the PATRIOT Act.
But the final outcome is good news for Apple and all other technical companies. One of the main arguments the FBI put forward was that 'Apple had the "exclusive technical means" to unlock Farook's phone.' But it has now been proved that Apple didn't have this exclusivity. The Feds stance on forcing a company to comply has been weakened considerably.
In any future case Apple, or any other company, can point to this precedent and tell the FBI (or whoever,) to use those means / methods again.
It's fine, really.
From Day 1, both parties made it clear that what the FBI was after was only possible because the 5c used software to handle keys on the device, rather than the 6's secure enclave chip, which, we're told, such an attack would be useless against.
If anything, knowing that Apple fought back might spur 5c owners to upgrade. Honestly it's doubtful, most people couldn't care less about device encryption.
But this case should be illustrative to Apple and the rest of the industry if what the FBI will be after (not just furnishing warrants for hosted data, but using All Writs to demand software be written and failing that, threatening to sieze source code). So even though Secure Enclave has gotten no mainstream advertising, future upgrades (for new phones) will likely be talked up a lot more, well resourced companies like Apple will spend significantly more on security reviews, and who knows, could even spur Apple, Google and the like to transfer ownership and development of their devices source code, or even the security aspects, to countries with stronger legal protections - certainly there's some island in the Caribbean that's drafting legislation specifically to address that.
At that point, when confronted with a demand, Apple could say "hey, we'd love to, but we can't. We only license the source code from this wholly owned subsidiary of ours. Why don't you try asking them?"
I think this whole case was a fail for the FBI. Whoever had the bright idea of going after Apple to set a precedent.... Well, I don't know! The saner thing to have done is to have gone after a less well-resourced company, win your ruling against them, then point to that precedent when going after Apple.
So at the end of the day, the FBI loses, because if nothing else, all they accomplished was to cause Apple, Google, Facebook, etc to all rethink their development policies to insure that they can't be subject to overreaching All Writs demands in the future, much less add many more sets of qualified eyes to security review. It's like the NSA and prism - worked fine, but once it was discovered/publicized, it only spurred the uptake of encryption by most the affected parties. Apple, with their device security, Google by encrypting not only external network links, but also all internal traffic as well.
"...imply there's an exploitable flaw in your devices..."
There's ALWAYS an exploitable flaw in your device.
ALWAYS.
It'll be decades before the first 'perfectly secure' device *actually* exists.
False claims will continue, but you'd have to be pretty naïve to actually believe it.
It'll be decades before the first 'perfectly secure' device *actually* exists.
There will never be a perfectly secure device because it's a never ending arms race. What people can make, people can break.
What you can get is a hard to break device, the question is if you're willing to pay for it.
There will never be a perfectly secure device
If it is possible (even in theory) to eavesdrop on key distribution via a quantum communications channel , then the universe does not work the way that we think it does.
And I'm pretty sure a device can be designed which will destructively erase itself as soon as its password has not been re-input for x hours, where x is smaller than the minimum amount of time required to reprogram it because of engineered-in slowness of its programming interface. Fail-destroyed rather than fail-safe. Whether anyone other than secret agents would want a "Mission Impossible" phone, is quite another matter.
"It'll be decades before the first 'perfectly secure' device *actually* exists."
Actually we are moving away from secure devices, as such devices become more and more complex. Often that complexity is completely unnecessary.
Only when we learn how to make such devices as simple as possible, we will get something that remotely resembles a secure device.
There's ALWAYS an exploitable flaw in your device.
ALWAYS.
Given your, er, "expertise" in matters securiy, I presume you don't use email, buy anything online and only bank physically? I'm going to make you more scared then: check out how easy door locks are to crack - it's trivial. I'd give up on life if I were you.
>Okay, who called this off?
A possibility is that both Apple and FBI did i.e. there was an agreement behind the scenes to Apple to continue unlocking its devices as it has until recently and the FBI to back off from the court case with a mealymouthed explanation: stakes were high for both and the outcome was unpredictable (not only from the courts, but potentially from the legislators as well). I suppose this is unlikely and I would like to think better of Apple*, but then they were among the other prominent US tech corps on the PRISM slides courtesy of Ed Snowden. Also, in this case Apple seems to have found its zeal for privacy advocacy only after asking the FBI to issue its application for the unlock tool under seal**.
* a trivial reason being that I'd like to eventually replace my Blackberry with something decent, privacywise, of course it is great to see a big tech player putting emphasis on privacy, but then doubt towards tech from the US is not without reason
** http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html
not really. Like I said before, if you have deep pockets you could probably clone the phone. By cloning I mean forensically clone the NAND, hardware - make a duplicate. You can then use the duplicate to brute force, clone back, brute force, clone back etc. When you have the code use it on the original.
You wouldn't need a "hack" and can use it on future devices. You would need intimate knowledge of the workings of course.
> forensically clone the NAND, hardware - make a duplicate
That's what the "secure enclave" is for - something that's really, really hard to duplicate. Like, maybe if you shave the top off and scan it with an electron microscope you might have a chance. Except that a good secure enclave will self-destruct when it is opened.
"...a good secure enclave will self-destruct when it is opened."
That's why they practice on a dozen disposable examples to learn about the booby traps, and learn how to avoid or bypass them. Only after it's down to a repeatable exercise would they put the process into 'production'.
Your use of the word 'opened' leads to muddled thinking. The chip doesn't have a door. How does it know that it's been opened? Don't forget, the power is off. There's a half-dozen techniques, but perhaps only one or two new inventions (at most).
That's why they practice on a dozen disposable examples to learn about the booby traps, and learn how to avoid or bypass them. Only after it's down to a repeatable exercise would they put the process into 'production'.
Shaving down chips is a technique that has been used for decades to crack satellite cards, but the APple chip is a bit different. I have worked with mil grade chips that had all sorts of fun stuff to prevent shaving like embedded wire cages so I think it's reasonable to assume Apple has thought just a little bit further than just replicate the satellite smartcard problem. In addition, you need to observe those chips in working order to get anywhere, and that is such a precarious exercise that I suspect you'll need far more than a dozen to get it right.
Do you really think that a company that has spend man YEARS on improving its security (for the simple reason that it is a profitable feature) can be defeated by a man with a grinder in a few weeks? By the time your man has found his secret path in, Apple will have moved on. That was even the case here: it iPhone ran an old version of the OS, and it was old hardware.
There may not be a totally safe device, but from a security perspective Apple appears to be doing things right to stay ahead in the arms race.
By the way, I'd stop thinking in absolute terms. This is a race between budget, technology and time. There is no binary answer, but if you're really that paranoid I'm wondering why you're online and not living in a cave.
"Like I said before, if you have deep pockets you could probably clone the phone" -- Danny14
And like many of us said before, it's not that simple. Cloning memory is easy, but cloning other chippery is hard. Sure if you have deep enough pockets it can be done, but I don't think you really understand just how deep they have to be. And 256 bit encryption CANNOT be brute forced. Broken, perhaps, but this break will NEVER be by brute force.
This post has been deleted by its author
"And 256 bit encryption CANNOT be brute forced. "
How many times do we have to have somebody trying to show us how smart they are by grasping the wrong end of the stick.
The FBI weren't trying to break 256 bit encryption by brute force.
They were trying to break a pass code.
A four digit pass code AIUI.
Now go away and work out how many bits that is. Big clue: it's a lot less than 256 bits.
You could take the clone bit up a level as well.
If you were able to fully clone the hardware to multiple devices then the brute force time starts going down fairly fast.
So a 4 digit pin would take less than 5 days, a 4 digit pin over 10 devices could be done during one night sleep.
There were some brute force iPhone hacks in the past that would instantly reboot the phone if the password was wrong, bypassing the incorrect guess limit.
If you were able to fully clone the hardware to multiple devices then the brute force time starts going down fairly fast.
If you were able to clone the hardware which is, of course, something Apple NEVER considered when they developed the security enclave, gosh no, I suggest you get that patented real quick before they stumble on that one, QUICK, uh, where was I? Oh yes. If you were to clone the HARDware and somehow magically managed to clone the burned in device code with it, you would not NEED brute forcing because you could just walk through the PIN code keyspace which is trivial, even if it was 6 characters alphanumeric.
I am glad I have encountered you, oh enlightened crypto expert, before you become famous and write lots of books. With your level of expertise, a government job is inevitable.
</sarcasm>
Like I said before, if you have deep pockets you could probably clone the phone. By cloning I mean forensically clone the NAND, hardware - make a duplicate. You can then use the duplicate to brute force, clone back, brute force, clone back etc. When you have the code use it on the original.
Ah, what a wonderful suggestion. It's only been made about a 1000 times by other numpties who have also failed to attain the required level of comprehensive reading required to pick up the reasons why that isn't feasible, from posts going back weeks.
I'm interested in why I got so many downvotes - is it because I implied criticism of Apple and the fanbois got upset? I'm actually on their side on this one, but I can appreciate the way the FBI are fighting their propaganda war. Until they produce the actual iPhone properly cracked and reveal what was on it, it might all just be hot air and sour grapes on their part. Saying they've done it but not passing on any information about how it was done or proof that it was done is, as I said, a kick in the nuts. They probably didn't want to risk a long drawn-out court case and possible adverse verdict at the end, so they've found a way to back out of it.
who says they don't have *access* to the ability? The Feds wanted an EASIER way of doing it, and in such a way that in future they could get others (apple) to do it for them by waving a piece of paper. They didn't want to owe favours to other departments (are you saying the NSA cannot crack iphones? whilst they aren't omnipotent, I highly doubt they do not have the ability) or pay others to do it for them.
At the end of the day the FBI are a police force, nothing more, I wouldn't expect them to be cutting edge at anything - encryption breaking included.
possible option
Every government on the planet now knows that iPhones can be hacked, every cracker knows iPhones can be broken into... so I bet theres already several groups queuing up at the apple store to buy 1/2 a dozen phones especially to see if they can break into them.
Where as if apple had complied with the warrent, people would only have known that apple can get into a phone with a modified O/S signed only by them.
Hey ho
It looks like the FBI have come out of the woodwork. It will be interesting if this turns into Armageddon a fourth world war between truth and secrecy. According to the Gronads it is: "With the court filing, Silicon Valley and Washington are poised to return to a cold war over the balance between privacy and law enforcement in the age of apps". I have suddenly found myself in the army.
http://www.theguardian.com/technology/2016/mar/28/apple-fbi-case-dropped-san-bernardino-iphone
And they blinked first!
It was always possible to decrypt an iPhone. People who had any chance of breaking into an iPhone were already trying to do so.
However, it is now known that Apple will not roll over at the whim of random prosecutors. If they want an iPhone decrypted, they'll have to pay a professional company to do it, instead of just ordering Apple to do it whenever they want.
I'd say Apple won this one. And what's more, I'd say we all did.
"Every government on the planet now knows that iPhones can be hacked"
Everyone with a clue knew this already. What was being resisted was (a) a tool that could be routinely used (e.g. during police stop & search or temporary unauthorized access to a phone) and (b) a legal precedent. This is a 100% win for Apple.
What was being resisted was (a) a tool that could be routinely used (e.g. during police stop & search or temporary unauthorized access to a phone)...
That's not something that was ever being asked for, nor is it something that it would have been reasonable to believe was possible.
However, we don't know what the FBI has now managed to obtain, with the help of its unspecified third-party consultants. It's possible that what they now have is more than they asked Apple for, so this may not be as good a result as you seem to believe.
"What was being resisted was (a) a tool that could be routinely used (e.g. during police stop & search or temporary unauthorized access to a phone)...
That's not something that was ever being asked for, nor is it something that it would have been reasonable to believe was possible."
You don't think so? Not necessarily in the first place. But having got a precedent in the bast case they could come up with the next step would be to widen it a little. And then a little more. And so on.
The other issue could have been that there's a precedent which only applies if the suspect is dead. Well, that's a circumstance that could be arranged...
Everyone now knows that obsolete iPhones can be hacked. Current ones?
Law-abiding people probably don't want Apple or anyone else to make their phones as utterly unbreakably secure as they could. I'm quite happy with the idea that the NSA and suchlike could break any phone provided it was a matter of several days work in a forensic hardware lab costing tens of millions of dollars. I just don't want my phone to be an instantly open book to any slightly curious government employee. There's probably some degree of collusion behind the scenes between Apple and the NSA.
I don't know about the USA, but in the UK what would happen if I was still alive, would be that they would simply tell me to unlock my phone for them to investigate. And I almost certainly would, after a greater or lesser amount of protest and delay depending on the circumstances. Because if I outright refuse, they will jail me. There are some safeguards here compared to electronic backdoors, although many don't see it. The threat is ineffective in the hands of a single rogue policeman. More importantly they can't do this without me knowing that they are doing it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
