precedent
Or thought that they might lose and didn't want to set a legal precedent until they knew they would win?
The FBI has come to a sudden and surprising all-stop in its legal war with Apple. Rather than compel the Cupertino giant to help it unlock an iPhone belonging to one of the San Bernardino killers, the Feds say they may be able to break into the handset without the company's assistance after all. In a filing [PDF] submitted …
"That can't be. They changed the iCloud password, then for the phone to sync the password has to be entered again from the phone. Can't change the iCloud password back and make the iPhone happy."
Are you sure? If the iCloud account's password is changed back to the original password, the one the phone itself is synced against, how will it be able to tell the difference?
I suspect this is how the government intended to punish Apple all along if they did not cooperate and the populace was not enthused by the FBI's argument.
The break in could be a lie even. It does not matter. Apple for the moment has lost the loose loose proposition set up for them. It is a warning that others reputations will also be tarnished if they follow Apple's lead. So in a way it is precedent.
Apple for the moment has lost the loose loose proposition set up for them.
1. Learn to spell "lose".
2. Learn to spell "lose".
3. Lose-lose is hyphenated.
4. The public, especially Apple's demographic, will remember that Apple stood up to the FBI, and that the FBI backed down. They're not going to remember or care that the FBI broke into the phone some other way. People who will remember that have already been skeptical of any promise of end-to-end security (from Apple or others). Apple has lost nothing here.
Your lose -> loose dysfunction is not dyslexic, just old-fashioned ignorance.
As somebody who learned English as an adult (which arguably gives me a perspective free from an unconscious bias inherent to native speakers), I would assert that this is a consequence of bad language design.
The prevalence of homophones, the ambuguity of grammar, the plethora of slang words and local dialects ... it almost feels like BASIC from the time gone by.
As somebody who learned English as an adult (which arguably gives me a perspective free from an unconscious bias inherent to native speakers), I would assert that this is a consequence of bad language design.
I'd agree that the English language is riddled with inconsistencies and unnecessary complication. However, given the mongrel origins of English the notion that any element of "design" was involved is a bit wide of the mark!
I'd agree that the English language is riddled with inconsistencies and unnecessary complication. However, given the mongrel origins of English the notion that any element of "design" was involved is a bit wide of the mark!
All languages started like this, but many have managed to shed at least some of their no longer necessary baggage. Personally, I find the fact that English is still in pretty much in the same state of disarray it was at the time of Dr. Samuel Johnson to be nothing short of miraculous.
Personally, I find the fact that English is still in pretty much in the same state of disarray it was at the time of Dr. Samuel Johnson to be nothing short of miraculous.
Perhaps if there had remained a single, dominant English-speaking country, in the same way as there has been with French or German, say, then there would have been an opportunity to rationalise the language. However in the case of English, who's going to do the designing? There's no country that accounts for anything like a majority of English speakers, no English-language equivalent of the Académie Française, and 67 sovereign countries using English as an official language.In fact it can be argued that it's this lack of centralised control that's made English such a flexible and adaptable language and facilitated its spread.
Perhaps if there had remained a single, dominant English-speaking country, in the same way as there has been with French or German, say, then there would have been an opportunity to rationalise the language.
Given the omnishambles that was the German spelling reform and the current storm in France over the dropping of the circumflex, I am more than a little sceptical that this would work.
The fact is that most attempts to prescribe language use fail miserably and its absence possibly one of the reasons for English's success.
Perhaps you're right. Who knows?
However in English, LOSE means to mislay or not win. Whereas LOOSE means not tight or free.
The problem here is not a matter of syntax or regional variation or even dyslexia, It is more to do with the near-universal use of spell checking software that suffices for most purposes but falls down spectacularly when a specific word is mistakenly used but is nevertheless, still a real word.
If the spell-checker doesn't red-line the error, and people being either too lazy or dumb to actually scan what they have written, it gives birth to the immensely irritating and rapidly growing juxtaposition of the LOSE-LOOSE words, to the point where the lesser focused mind (or eye) can no longer discern the difference between the TWO-TOO-TO (Introducing a sister confusion) and so begins using both without understanding WHICH is WITCH. (SORRY) Hobby-Horse is competing with High-Horse here.
As the old saying goes,
"If I wanted to get to there I wouldn't start from here."
The English language is what it is. Yes it can be confusing, inconsistent and illogical, but it can also be flexible, adaptable and in many cases concise.
If you can take a look at the multi-language instruction sheets that come with electrical goods and so on. The English version is usually a lot shorter than the others.
@Credas
To quote (I believe) James Nicoll:
"The problem with defending the purity of the English language is that English is about as pure as a cribhouse whore. We don't just borrow words; on occasion, English has pursued other languages down alleyways to beat them unconscious and rifle their pockets for new vocabulary."
Great thanks to you the grammar police from a dyslexic without the time to have a second person read all my posts ahead of time. Ride that high horse!
In other words: make the Mexicans spell and make them pay for it
Any dyslexic worth their salt knows how important it is to take the time and to use the relevant tools to reduce errors. The problem with your incomprehensible gibberish was not that it was poorly spelt but that it was incomprehensible: no combination of lose/loose lose/loose could ever make sense in the context.
Trying to pass off your ignorance as a medical condition is shameful.
>Great thanks to you the grammar police from a dyslexic without the time to have a second person read all my posts ahead of time. Ride that high horse!
Feel sorry for you about grammar, mine is terrible in all 4 languages I master "at a native level", sort of, well, ok, maybe only spoken ... however, I agree with the other comment@rds, that is, Apple have lost nothing.
At least now, you will remember lose, loose, and lose-lose for the rest of your life ;-) and we all had a good laugh as well, so it is a win-win for all!
"STFU and get back on topic or go back to slashdot, you fucking wankers."
Grammar Nazis is a bit strong; I think grammar council officials is nearer the mark.
I once had the privilege - because I learned a lot from him - of working with a Cambridge double-first English graduate. He could not spell. For a lot of common words he could tell you their derivation, alternative forms in a number of other languages, and if he stopped to think, variant spellings. But as well as holding down a full time job he knocked out novels under more than one pseudonym, and when he was writing he put down words by their shape, which is how he recognised them.
If I came across loose-loose as above, I would realise immediately that it meant lose-lose because that's the only form that makes sense. Breaks for brakes is mildly irritating because the meaning is so different, but to a philologist loose and lose are joined at the hip, related to the German world los, Greek λύω, and from the Indo-European root leu- meaning to loosen, divide or separate.
I make the odd spelling mistake on posts and it rarely gets attention. But that may just be because nobody ever reads them.
DON'T try to defend the indefensible by blaming dyslexia: those of us with reading/learning disfluency learn to compensate for it. The rest of your post shows that you understand, read, and write English, but in this you made a mistake, and instead of taking the correction, try to win some whinging sympathy for yourself and hit back at the corrector. NOT COOL. AC because I hide my disability for professional purposes.
I too am dyslexic, you need to think of it as a gift rather than pain in the arse. Revel in the fact that your thought processes with language are different to others and that gives you an advantage in being able to solve problems a different way.
Don't make excuses for it, just get on and write what you want to write, and change the spelling from phonetic to standard english at the end of every paragraph (Well that's how I do it!). :-)
You watch, someone is going to pick this apart too, go ahead, I don't mind a bit. :-)
@Steve Knox,
"4. The public, especially Apple's demographic, will remember that Apple stood up to the FBI, and that the FBI backed down. They're not going to remember or care that the FBI broke into the phone some other way. People who will remember that have already been skeptical of any promise of end-to-end security (from Apple or others). Apple has lost nothing here."
Well, that's not actually happened yet. The court order is still in place, there's still plenty of lawyers burning the midnight oil (at vast expense) over the matter. And, whether we like it or not, the FBI still stand a good chance of winning.
But your right, withdrawal/continuance doesn't matter. Most people seem to firmly believe that governments (especially the US government) can get into anything they like anytime they want. The FBI withdrawing from that case won't do anything to quell that belief.
One thing I've never figured out is as follows. Apple have already complied with a warrant to grant access to the iCloud account involved in this case (and found the cupboard bare, but that's not relevant to this question). So why, philosophically speaking, in this age where Apple claim that your iCloud account is as private as one's own phone, are they entirely happy to bust some criminal's online account wide open but not his offline account?
That feels like a massive moral contradiction. They go to some lengths to get you to use an iCloud account, are then are quite happy to turn that all over to the FBI on receiving a warrant, yet draw a line on giving access to the phone itself when they themselves have already tried very hard to do that. Imagine if they ever made iCloud non-optional; that would make their current stance totally contradictory. That would almost certainly prompt legislative changes, and then Apple do lose, completely.
Meanwhile over in Android land where there are no sacred data cows at all (Google sees it all whether one likes it or not), one imagines that this situation would never arise. There's not much point in accessing an Android phone directly, Google have probably already got it all in their servers.
@ AC
1) the fbi/local cops reset the iCloud password to something they knew. So they could gain access.
2) the phone is owned by the government as is the iCloud account, the government consented to apple retrieving the iCloud data.
3) as the iCloud password was easily resettable by the authorities, it was trivial to get in for everyone, no need for special compromised IOS.
"And, whether we like it or not, the FBI still stand a good chance of winning."
Balderdash.
Let's say that the FBI win the case in the courts and 'Apple' (the company) is forced to create the new ios.
1. Who goes to jail if they don't do it?
2. If you answered #1 as being the CEO/CTO etc. then take into consideration that the techies who would do the actual writing could also decide not to do it (they could resign/go on strike or whatever)
3. If you got this far then perhaps you can explain who actually goes to jail and why.
They're kinda damned if they do, and damned if they don't. Help the FBI, they lose trust from their current customers and potential customers.
Stand their ground and the FBI seeks help elsewhere. If the FBI and their outside party succeed, that pretty much guarantees that a means of breaking iPhone encryption is out in the wild by second breakfast.
More likely it is an attempt to break the encryption on the phone while being able to imply 'in passing' that the iPhone is not as secure as it is made out to be by Apple, as a 3rd party has a working method that apparently Apple do not know.
If Apple knew the method they would have given it to the FBI quietly or it could be implied that they hid that too from the FBI which would bolster the 'UnAmerican' attacks on Apple.
The assumption is that it is the NSA but it may not be.
I am sure that the FBI has relationships with other similar orgs around the globe.
It could also be help from a hardware 3rd party that can directly access the hardware.
(Chip Manufacturers/fabs etc)
They will of course use a test version of the same model iPhone to test the technique and verify that it can work or at least does not destroy the original evidence if it should fail.
I need to get more Popcorn and keep watching the show for more twists & turns!!! :)
Maybe I missed something but I don't think it was ever the case that Apple said the phone could not be hacked into which was the pragmatic basis if not the ideological basic for them not providing something special for the FBI. Apple knew that the FBI didn't need what they were requesting from Apple. If you have the device itself odds are you can get at the data. The data of course may be encrypted but that is a different issue.
Actually, it kinda was concluded that short of physically de-capping chip and applying some deep magic and industrial hardware (or using a zero-day exploit - which by its very nature eludes any meaningful assumptions other than one or more might potentially exist) there was _no way_ to get to the data, unless Apple replaced the OS with a custom backdoored one.
If it turned out all you need to do is say "Siri, open settings" on the 'emergency call' dialer screen, a bunch of folks would be rather miffed...
I would guess that the FBI are already into the phone and have found useful evidence on it.
So, in order to use that evidence without disclosing their encryption-breaking capability they need to get their story straight about how they came by that evidence.
Disclosing their way in would result in it being closed.
Actually, it kinda was concluded that short of physically de-capping chip and applying some deep magic and industrial hardware (or using a zero-day exploit - which by its very nature eludes any meaningful assumptions other than one or more might potentially exist) there was _no way_ to get to the data, unless Apple replaced the OS with a custom backdoored one.
Apologies for not having time to look it up (too busy with Brussels, sorry), but if I recall correctly the 5C did have some softness in its protection exactly because not everything was in-chip. However, this softness no longer exists in iPhone 6 and beyond.
When I read "outside party", my first thought was more people who make a "not-so above board" living out of breaking into devices, machines, and systems...
I dont see why the NSA would be helping the FBI. Being able to see what J bloggs says on their phone or PC when no one else can is one of the perks of the job :D
"Easily"? Did anyone say it would be easy?
My guess is that the "hacker" was once a colleague of a certain Mr Snowden and has access to some ferocious processing power, ad-hoc chip fabbing plant etc.
Or maybe the iPhone can be hacked with a mashed Bic pen like those super-expensive bike locks were back when bikes were cool.
This does make one wonder, doesn't it. All the support for Apple and zip for the FBI. Even if they don't crack the phone, just an announcement that it's been cracked should slap Apple hard in their security claims.
There's an awful lot of game playing going in DC lately what with the election coming up, the Cuba trip (and some surprises from that), Wheeler's little happy dance about net neutrality, and now this. Has the world (or at least the US) gone mad?
Maybe Obama pocketed the iPhone when he went to Cuba and slipped it to a little guy in a Havana back alley during his walkabout. Had it back unlocked in three minutes. No-one noticed.
It's all smoke and mirrors with the Feds and Apple, It's possible that the FBI can't unlock it but pretend that they can to give Apple a black eye. Or, they could unlock it all along but didn't want Apple (or us) to know that, so they went with the Court Order to hide their ability.
It's equally likely that Apple quietly slipped them the code but conspired to keep it quiet from us, Or, it was never a secret to begin with and this was all just a bit of theatre to keep us amused - and guessing.
Which we have done in spades.
The only thing we know for sure is that we don't know anything for sure.
At this stage, I think it's a bit late for the Feds to pretend that this was "easy".
On the other hand, it's not too late for Apple to beef up the security on its next release, such that in future it will be impossible to change the firmware without entering a passcode first...
>if it turns out the phone can be easily cracked without help from Apple.
How will the world ever know? Because the FBI could make known what they found, or not. And they could lie about the results of their sub rosa inquiry, or not. Have a look around the table. Would you believe anything the FBI told you now, or ever?
"Not really a win for Apple if it turns out the phone can be easily cracked without help from Apple."
As they have just released a new small iPhone without the security flaws of the 5c, I imagine cash registers are all fired up with the afterburners ready to go. Be secure - buy the SE!
Whatever is being done to break into this iPhone 5c isn't simple, or things wouldn't have reached this point. So it can still be claimed to be pretty darn secure, just not perfectly secure against every possible attack - and this 5c is a model from before the secure enclave was added. Whatever is being done to get at the data might not be possible against a 5S/6/6S/SE.
This is a win because it gives Apple free reign to continue to improve iPhone security without an active court case getting in the way. They can make it impossible for them to hack themselves via a custom iOS update, for instance. So next time the FBI comes calling for something no one can help them with, Apple will be able to say "sorry, we can't help you either".
"Not really a win for Apple if it turns out the phone can be easily cracked without help from Apple."
It could well be this zero-day: http://www.theregister.co.uk/2016/03/21/zero_day_apple_grapple_dredges_imessage_photos_videos_in_ios_9/ in which case it'll be fixed for regular users.
No, that 0 day is about using a man in the middle attack to decrypt iMessages - if you are able to receive thousands of them. It doesn't help you get access to the phone.
And iOS 9.3 is already out, so that avenue is closed for anyone who has already updated like I did :)
Apple were approached by the FBI (through the courts mind you) to unlock the phone in question.
Apple refused citing legal this and that, setting a precedent, etc. Other companies could be forced into the same situation and so on.
In the meantime a "third party" has provided an apparent means to do what the FBI wanted.
Everybody gets a result.
FBI get what they wanted.
Apple comes out squeaky clean because they stood up to the man.
Call me a cynic but.......
You can't blame Apple. It's just the way the system works.
I have agree that your scenario could be very plausible with the way all things US tend to work.
Apple did raise the 'Public ask' as a problematic way to ask.
This would give everyone a win and the FBI a direct line to Apple in the future.
I am cynical enough to believe this could be true. :)
Or... the FBI brass, being tried-and-tested political creatures, are well aware of the attention span of the US Media and Public General, which happens to be akin to the lifespan of your average mayfly, and chose this tactic to ensure any continuation would at best reach page 5 news when the trials recommence.
Also smoke and mirrors, because you can't use *that* as an excuse to hold up a court case, but whether this "third party solution" works or not, they'll have their month.. in election season, with 150% chance any different SJW issue will have the Twats in Arms when the trials recommence. Even more time given that picking up the case starts out dry as dust, and the next Blip will be the verdict pro or con Apple, with option to appeal.
It'll be almost summer before anything definite happens again...
If they would continue now, win or lose, the FBI would suffer tremendous political, social, and operational damage. This smacks more of damage control than any real solution to cracking that phone.
If they were sure of a method that *worked* , they'd be dropping the case and crowing victory.
Then you reply that the cash you have he can't readily handle. I was about to say the smallest you have is a hundred, but a Jersey cabbie would probably be able to handle it, so perhaps say you have foreign cash. Now you force the cabbie to declare he lied and that his card reader works or force him to waste time (and lose perhaps another fare) driving you back.
If this is shown to be true, then I told you so...
Me: "Far too many people stop and stare at the key length, do the 2^N math, and are dazzled by the billions of years. That's why they don't crack codes that way. It would be extraordinary that the iPhone 5C just happens to represent the first uncrackable encryption system. So many have claimed that, all have failed so far."
>Edward Snowden said weeks ago that the NSA didn't need any help from Apple.
Apple have released a few iterations of hardware and firmware since Snowdon was in the game.
This Apple/FBI spat actually goes back 18 months when Apple released iOS 8 and closed a loophole the FBI had been routinely using. Apple even sent the FBI a beta of iOS 8.
http://www.bloomberg.com/news/features/2016-03-20/the-behind-the-scenes-fight-between-apple-and-the-fbi
Me: "Far too many people stop and stare at the key length, do the 2^N math, and are dazzled by the billions of years. That's why they don't crack codes that way. It would be extraordinary that the iPhone 5C just happens to represent the first uncrackable encryption system. So many have claimed that, all have failed so far."
At the moment you're only right in Schoedinger terms. We don't know either way and frankly, I doubt we ever will.
Yep, it's amazing that the FBI didn't take McAfee up on his offer to crack the San Bernardino iPhone FOR FREE way back on Feb 18th. It's also shocking that McAfee's offer didn't go viral in the media, but considering we're in a world of US presstitute news outlets, I guess it's not too surprising.
By ignoring McAfee, and others, we at least now know that the FBI did indeed want to set a legal precedent forcing an American company to comply with an unfair unconstitutional demand. Gotta admit I suddenly have a ton of respect for Tim Cook for standing his ground against Obama's dark forces. There may be some hope yet, if other CEOs will follow Tim Cook's lead.
I am rather cynical about feral claims they have an alternate method. If the method exists it is likely due to a security coding error and was probably known to a friendly spookhaus. The best way to have handled this is quietly through the FISA court with a court order (nod, nod, wink, wink) ordering the spookhaus to get in. To me, ferals have abjectly surrendered while mouthing off about an unprovable claim. Later they can claim there was nothing on the phone of value after they allegedly hack it.
I know the title is insulting to real Cheese Eating Surrender Monkeys, they actually showed more spirit and competence than the ferals.
It is also worth noting that Pykrete (which they planned to use - basically wood fibre frozen in ice) is a very different animal than vanilla ice (no, not the rapper) regarding both melting point and structural strength, which makes the idea a lot less ludicrous than it actually sounds (okay, still pretty far out)...
It is also claimed that Lord Mountbatten's enthusiastic demonstration of Pykrete nearly killed a general with a ricochet and caused the whole thing to be hastily mothballed.
Mountbatten had an excellent record of support for scientists and engineers, and make a lot of people in the Navy happy with his destroyer improvements. But Pykrete was just a little too far.
I wonder if the FBI backing down had to do with this little discovery. Since the exploit is publicly disclosed, the FBI can't deny it, and since it affects all iPhones to date (as the patch has not yet been released), the FBI also can't deny being able to use the exploit to get into the phone's data. So they're kinda caught in a blatant lie, meaning it's now extremely unlikely the court will grant the motion, seeing as necessity (meaning a lack of alternatives) is generally required to get such a motion granted.
Best thing I've read about the whole argument was a discussion with a previous counter terrorism official that obviously has his head screwed on properly:
CLARKE: Apple helps law enforcement organizations in the United States and Apple helps law enforcement organizations overseas when they have a duly authorized request for material that Apple has. Apple doesn't have this material. If it were in the Cloud, if the FBI and the San Bernardino County hadn't made a mistake on the way they treated this phone, this information would be in the iCloud and Apple would allow access to that because Apple has that information.
GREENE: What do you know about the debate within the Obama administration? It's been reported that there really is a fierce debate over how to handle this.
CLARKE: Well, I don't think it's a fierce debate. I think the Justice Department and the FBI are on their own here. You know, the secretary of defense has said how important encryption is when asked about this case. The National Security Agency director and three past National Security Agency directors, a former CIA director, a former Homeland Security secretary have all said that they're much more sympathetic with Apple in this case. You really have to understand that the FBI director is exaggerating the need for this and is trying to build it up as an emotional case, organizing the families of the victims and all of that. And it's Jim Comey and the attorney general is letting him get away with it.
GREENE: So if you were still inside the government right now as a counterterrorism official, could you have seen yourself being more sympathetic with the FBI in doing everything for you that it can to crack this case?
CLARKE: No, David. If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They're not as interested in solving the problem as they are in getting a legal precedent.
GREENE: Wow, that sounds like quite a charge. You're suggesting they could have just gone to the NSA to crack this iPhone but they're presenting this case because they want to set a precedent to be able to do it in the future?
CLARKE: Every expert I know believes that NSA could crack this phone. They want the precedent that the government can compel a computer device manufacturer to allow the government in.
Well.. if the FBI walks away with the phone and the new firmware, they own all of that particular model. That's the issue. If the new firmware was installed and Apple kept the phone, the FBI took the data, and Apple then installed the old firmware, there's not a problem. It's giving them the phone with the modified firmware.
You're just dead wrong, notwithstanding your grammar challenge. "There" is no difference between cracking this one phone and cracking all of them. The phone is in the FBI's lab, not Apple's, and "their" lab is where they want Apple to send the new firmware. That puts it into the FBI's hands forever to use in any way they want on any phone they want.
There was also the concern that if they were forced to break into this phone, they would then be expected to use their tool to break into other iDevices as the precedent had been set and the software written.
I suspect that if the G-Men want to tarnish Apple over this they simply have to release a story that they broke into the phone (they're therefore not as secure as Apple claim) and that they found an evil plot involving baddies on the phone that wasn't backed up to the iCloud, for some reason.
"How you keep the tools, developed explicitly for this purpose, from falling into the hands of ISIS."
I am far less worried about ISIS than I am about either, say, the Adams gang involved in the Hatton Garden theft, or our local council officials.
Indeed. There is a lot of ignorance about the technical details here.
There is only one critical secret piece of information that matters. The FBI could create the needed firmware themselves. There is nothing special about it. What they can't do is sign it. Only Apple has that ability. The FBI were demanding that Apple do the slog work in writing the special version of the OS (which was going to include code that ensured it only ran on that one phone.) No matter who wrote the code, the only thing that really mattered was forcing Apple into signing it. Once signed the code is immutable, hence if it contains code to target only one phone by its unique ID, it can't be modified to run on any other phone without being signed again.
All of the questions of exploits, hacking, who writes what, or the "weaponising of the code" come down to one thing. Apple must sign it. There were rumours that the FBI would consider escalating the case to demand Apple hand over the signing key. Now THAT would be bad. Apple fought the orders to write the special OS as once written it becomes too easy for new demands for that same code to be re-signed on demand for new cases.
Letting the signing key out of Apple would be a disaster waiting to happen. One would assume that it is kept in a set of appropriate secure key devices, and is actually not known to anyone.
I'm not sure ANY legal eagles anywhere are particularly interested in the outcome of the case they represent - somebody will win, somebody will lose, and the eagles on both sides will get paid, exceedingly handsomely. Assuming your attorney cares as much about winning your case as you do is a big, big mistake.
This isn't over yet - so keep tuned! This is something like a time-out, and probably an involuntary one. My guess is that someone strongly suggested to the FBI to dial it back a bit and keep a low(er) profile. But I can't see Jim Comey forfeiting the match, so to speak. He has put quile a lot of his personal clout behind this and has to prevent losing too much face over this.
As to the "third party" involved - my money is on the NSA because a) it's their job to do stuff like that (and for all we know they are very good at it) and b) it ties in neatly with my 'the feds were reined in' theory - "FFS Jim, keep it down and get on the phone and make that call to Fort Meade already!"
However, for all we know, the mysterious "third party" just as well might not exist. Or it might be PLA Unit 61398. Keep tuned, folks - more after a quick word from our sponsor!
How annoying would it be if, as stupid as it sounds, it turned out they did actually just copy all the data and crack the pin code in a VM?
What a howler that would be!!
However they do it, I hope there is no meaning full data on that phone as that would just put fuel in FBI's stance to compel tech companies to incorporate government access to locked devices.
See, copying the data to a VM, or de-lidding the chips, that all sounds complex.
Much cheaper to just have some low ranking FBI agent (perhaps one who's screwed something up recently) sitting there trying PIN after PIN, and rebooting to reset the failed count.
Maybe three disgraced agents so you could run around the clock, and you could probably test, what, four numbers per minute? They could have tested about half a million combinations by now.
Apple should try to find out and introduce countermeasures... However, I think it'll be unlikely they would. They have staged a show of resistance, won the fight "on behalf of milions of our loyal customers" - no need to keep pissing into the FBI garden for no PR benefit. Shame though.
Let's assume the mysterious third party is the NSA and with their huge budget and smart people have discovered a series of zero day exploits for any OS.
Should this agency immediately report the exploits to the software developers so consumers can be protected? Of course.
But this isn't what's happening. To keep the upper hand and to use the exploit themselves, they expose the citizens (which pays the agencies wages) to cyber criminals, other hostile governments, and even their own governments attemps to trample on the right for privacy.
We have arrived at a point again where technology has progressed faster than legislation and government considers this a threat. This threat has to be contained at any cost and terrorism is a welcome justification for taking liberties away. Which in this Case means either breaking - or - not fixing technology.
When governments start working against their own people (actively or passively) it means the terrorists are winning.
My guess is that the FBI decided that there was probably nothing of interest on the phone (after all, the user destroyed their other phones but not this one), but they didn't want to risk proving this. If Apple gave them what they were asking for, the decrypted data would then show incontrovertibly that this was the case. If a third party makes a less definitive attempt at it (e.g.a bungled one), the FBI's PR can spin it to their advantage.
Apple: Hi Corporate Drone 1.
Corporate Drone 1: Hi.
Apple: Hey Corporate Drone 1, take a look at this - it's a means to unlock the Apple 5s phone which we don't want people to know about, but the FBI would really like us to give to them.
Corporate Drone 1: Aw gee, I think I know wha...
AN UNMARKED CAR APPEARS.
Apple: Say Corporate Drone 1, here's a big cheque for your services. Please get in this car.
Corporate Drone 1: Please don't fire me, I real.....
Apple: You're fired.
Driver: Next stop, Washington DC!
Former Corporate Drone: Good morning Mr FBI.
Mr FBI: Good morning Third Party.
Apple: Curse that Third Party, we did ALL we could...
<FIN>
I don't think it's a precedent-setting case. There's already been one other case where the FBI has been denied access, yet the judge in this case granted it. So apparently it's on a case-by-case basis.
The important thing to remember is that your phone is totally hackable, and Apple is kidding themselves by proclaiming that it isn't. I also doubt the FBI will share the exploit they used with Apple.
Now that we can put all that behind us, Apple can resume pushing iWallet to its iDiots.
" wonder if the FBI had suspicions the judge assigned to the case may come down on the side of Apple and decided that wasn't a precedent they wanted setting."
This is my suspicion. There's an old saying 'don't start a fight you can't win'. They thought that they could do this by taking it to a magistrate, assuring her it was all straightforward and getting a warrant without letting Apple be heard. What with Apple contesting it, with heavy-weight amicus briefs and a few influential voices saying that other parts of the govt favour encryption they're now thinking this is a fight they can't win. Maybe the recent zero-day is what they're using to back down gracefully. Maybe Zdziarski's right (I'd have thought this would have been something NSA would have looked at way back).
I'm sure what they really want is a precedent to get backdoors put into whatever they want and if this looks as if there's any possibility that this could go against them they'll wait for another chance somewhere else.
This post has been deleted by its author
TIME AND MONEY
Big Brother (FBI / NSA / CIA) is alive and well, but a little disappointed today.
All those lies Big Brother has been spinning hasn't worked out. However, the current campaign to steal mass data has been mildly effective. U.S. Congressional clowns are considering new laws to spy on the public - worldwide.
You ask, "Why don’t they just continue the way the have in the past!"
I say: "Because of the time and costs involved."
Here's a question for you:
What do you think the cost is to 'crack' an encrypted cellphone (hardware) or ANY data message? Remember, each instance will have a unique personal encryption key and will need to be done individually."
$10,000 ?
$1,246,307.08 ?
More?
Less?
1) Come up with a guess.
2) Multiple your guess by every encrypted data packet known and unknown to mankind created in the past year.
3) Print estimated yearly cost here: __________________________________________________
See the point?
The FBI / NSA / CIA does NOT have the money. Their combined budgets are not even close. Have I mentioned how much time (money), research (money), hardware (money), lawsuits (lots of money), etc. (money), is involved?
No? Better triple that number above.
So, what's a body to do? Backdoor (s)?
Big Brother: "Were working on bringing the cost down."
You and me: "How?"
"Bend over, please…"
JB
So Apple have gone from "We didn't want anyone to see we could break iPhone security with our proprietary knowledge in case they thought our phones were insecure" to "Actually, you don't need to be Apple to crack an iPhone. World+Dog can do it."
They'd have had rather less security egg on their faces if they'd cracked the phone.
"An external forensics company, with hardware capabilities, is likely copying the NAND storage off the [iPhone's chipset] and frequently recopying it back to the device in order to brute force the PIN ... This shouldn’t be a surprise to anyone, as it’s a fairly straightforward technique."
This is pretty much exactly what I said a month ago and was downvoted into oblivion with some AC saying I needed to post something sensible.
As anyone knows - when you have physical access to any device you can get the data.
"This is pretty much exactly what I said a month ago and was downvoted into oblivion with some AC saying I needed to post something sensible."
There's also been a good of crap about "do you know how many attempts you need to to brute-force an AES key" when, in fact it was all about brute-forcing a four digit pin.
But if this is the explanation I think the" external forensics company" has a TLA.
I think it's rather hypocritical of Cook to stand there and proclaim a huge victory for privacy advocates, when Apple have pretty much bent over and grabbed their ankles for the government of China and god knows who else.
Furthermore, I find it absolutely laughable for Cook to stand there with a straight face and state he hated to be at odds with "Apple's government", or something to that effect. Apple is a multinational corporation that really doesn't report to just one government. Sure, it was founded in the US, but it has long sold its soul to SE Asia under the false pretense of "shareholder equity".
Finally, I want to make it crystal clear that I am pro privacy and find it pitiful that the FBI (et. al) feels compelled to take the easy route and go to the manufacturer, rather than figure it out for themselves. FFS, as many people who work for DARPA, the NSA, FBI, CIA, DHS, or any branch of the military, there has to be at least one or two people that might have the skills to at least give it a try. Or, they could just fecking outsource, like they have been doing for years.
I think this whole affair is pitiful and I don't know which is worse, Apple or the FBI!
Flame away.
So, Apple "wins" as their customers are secure in the fantasy that their data is "secure", augmenting their Marketing position.
The FBI (etal) win as well, as they have gained the capability to crack phones while "the public" believes otherwise.
Of course they will need physical possession of the phone, but they needed that in any case.
"An external forensics company, with hardware capabilities, is likely copying the NAND storage off the [iPhone's chipset] and frequently recopying it back to the device in order to brute force the PIN..."
That's why the FBI have asked to postpone until April - to give them time to brute force the PIN.
Compare this (fiasco) with that in Paris, where the attackers just used unencrypted comms through unencrypted phones bought for use on the day and disposed of immediately after. They even hoiked phones off their victims and used them for some of their calls.
Which goes to prove that breaking encryption has nothing to do with stopping terrorism.