Posted on 02/17/2016 8:49:09 AM PST by pgyanke
Republican presidential front-runner Donald Trump bashed the tech company Apple today for refusing to help investigators access the iPhone of a San Bernardino attacker.
"I agree 100 percent with the courts," he said on "Fox and Friends" this morning. "In that case, we should open it up."
"To think that Apple won't allow us to get into her cell phone -- who do they think they are?" Trump said. "No, we have to open it up."
(Excerpt) Read more at abcnews.go.com ...
“No. Apple is siding with terrorists.”
I haven’t followed this, so this is the first time I knew that it belonged to this guy!
And people here are screaming that the info should stay there and not be touched?!?
That's how I see it.
This is not that complicated.
Imagine a safe in a bank.
The FBI can go to the bank and ask for access to the criminals safety deposit box.
The FBI does not need the banks combination to its safe.
Trump is saying, open the safety deposit box. That’s all.
Who they think they are Mr. Trump, is a law abiding business that is being compelled to act under threat by a government that is, in theory at least, supposed to protect their individual liberties.
As I understand it, Apple cannot break the encryption any more than the FBI can. Their OS is deliberately set up to NOT have a backdoor by which they (and potentially others) can access the encrypted data.
There’s a huge dif between giving cops the keys or doing it for them.
Borrowed from another thread ——
Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES encryption key.
Within the secure enclave itself, you have the device’s Unique ID (UID) . The only place this information is stored is within the secure enclave. It can’t be queried or accessed from any other part of the device or OS. Within the phone’s processor you also have the device’s Group ID (GID). Both of these numbers combine to create 1/2 of the encryption key. These are numbers that are burned into the silicon, aren’t accessible outside of the chips themselves, and aren’t recorded anywhere once they are burned into the silicon. Apple doesn’t keep records of these numbers. Since these two different pieces of hardware combine together to make 1/2 of the encryption key, you can’t separate the secure enclave from it’s paired processor.
The second half of the encryption key is generated using a random number generator chip. It creates entropy using the various sensors on the iPhone itself during boot (microphone, accelerometer, camera, etc.) This part of the key is stored within the Secure Enclave as well, where it resides and doesn’t leave. This storage is tamper resistant and can’t be accessed outside of the encryption system. Even if the UID and GID components of the encryption key are compromised on Apple’s end, it still wouldn’t be possible to decrypt an iPhone since that’s only 1/2 of the key.
The secure enclave is part of an overall hardware based encryption system that completely encrypts all of the user storage. It will only decrypt content if provided with the unlock code. The unlock code itself is entangled with the device’s UDID so that all attempts to decrypt the storage must be done on the device itself. You must have all 3 pieces present: The specific secure enclave, the specific processor of the iphone, and the flash memory that you are trying to decrypt. Basically, you can’t pull the device apart to attack an individual piece of the encryption or get around parts of the encryption storage process. You can’t run the decryption or brute forcing of the unlock code in an emulator. It requires that the actual hardware components are present and can only be done on the specific device itself.
The secure enclave also has hardware enforced time-delays and key-destruction. You can set the phone to wipe the encryption key (and all the data contained on the phone) after 10 failed attempts. If you have the data-wipe turned on, then the secure enclave will nuke the key that it stores after 10 failed attempts, effectively erasing all the data on the device. Whether the device-wipe feature is turned on or not, the secure enclave still has a hardware-enforced delay between attempts at entering the code: Attempts 1-4 have no delay, Attempt 5 has a delay of 1 minute. Attempt 6 has a delay of 5 minutes. Attempts 7 and 8 have a delay of 15 minutes. And attempts 9 or more have a delay of 1 hour. This delay is enforced by the secure enclave and can not be bypassed, even if you completely replace the operating system of the phone itself. If you have a 6-digit pin code, it will take, on average, nearly 6 years to brute-force the code. 4-digit pin will take almost a year. if you have an alpha-numeric password the amount of time required could extend beyond the heat-death of the universe. Key destruction is turned on by default.
Even if you pull the flash storage out of the device, image it, and attempt to get around key destruction that way it won’t be successful. The key isn’t stored in the flash itself, it’s only stored within the secure enclave itself which you can’t remove the storage from or image it.
Each boot, the secure enclave creates it’s own temporary encryption key, based on it’s own UID and random number generator with proper entropy, that it uses to store the full device encryption key in ram. Since the encryption key is also stored in ram encrypted, it can’t simply be read out of the system memory by reading the RAM bus.
The only way I can possibly see to potentially unlock the phone without the unlock code is to use an electron microscope to read the encryption key from the secure enclave’s own storage. This would take considerable time and expense (likely millions of dollars and several months) to accomplish. This also assumes that the secure enclave chip itself isn’t built to be resistant to this kind of attack. The chip could be physically designed such that the very act of exposing the silicon to read it with an electron microscope could itself be destructive.
If the government couldn’t hack into a cellphone there’s no way they would openly admit such. Especially months after they should have.
We know that government never "stop[s] at that", or willingly gives up any power it has seized. We also know that domestic tyranny is a greater threat to We the People than foreign terrorism. The bloody history of the XX Century shows us clearly what unrestrained governments do to their subject people.
To all you in favor. This will allow the alphabet agencies a legal pathway to unconstitutional eaves dropping on all of us. Its not about the info on the phone... THEY AREADY HAVE IT. It is about LEGALLY obtaining a pathway to use it.
So if that is the case that Apple can't even help, then why does Cook say the following?
"But Apple argues that providing access to this cell phone would make it possible to hack into any other iPhone as well.
"The implications of the government’s demands are chilling," Apple CEO Tim Cook said in a statement. "The government suggests this tool could only be used once, on one phone. But that's simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks -- from restaurants and banks to stores and homes."
Why doesn't Cook say that the tool cannot be created? That it is not technically possible to retrieve the information? Laugh that off.
> The problem is that, by providing the decryption algorithm to the FBI, Apple opens up the possibility of hacking YOUR iphone WITHOUT probable cause.
Apple is not being asked to provide any help in decryption.
They are being asked to stop the phone from nuking itself after some number of failed attempts at guessing the password.
See my post #72.
Agree, Apple should hack the phone and make the data available to the feds. No need to give the FBI the auto erase kill algorithm
The court order does not ask Apple to break the encryption on that one phone, but rather to provide software that will disable the feature that wipes the data on any of their phones after 10 incorrect tries at entering a password.
That will allow them to "brute force" the password on ANY of their phones by having a computer try any number of passwords until the correct password is found.
That gives the FBI (and whoever else) a backdoor into ANY Iphone.
If Trump doesn't know this, someone should tell him and then ask him if he still supports it.
That may be how the FBI is couching it, but that's not true. They are asking for a method of breaking the encryption that could them be used on any phone.
Why would it even have to be disclosed publicly? This could have been done without any public knowledge. I do find it interesting that this battle is being fought out publicly. Maybe it is a smokescreen to protect Apple and to give the terrorists a false sense of security when using I-phones. Regardless, there is no such thing as any code being unbreakable.
Tim Cook is very worried because if Apple creates a program to decrypt the phone Apple could be hacked and the program stolen ALL phones could THEN be in danger!!! I don’t think Trump understands this!!! I did not fully understand this!!! Once Apple starts to create this program for this ONE phone it never goes away it IS OUT THERE a hackers DREAM!!!!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.