Posted on 02/16/2016 7:16:12 PM PST by BenLurkin
According to the AP, it mandates Apple to supply the FBI with software that would prevent the iPhone from being permanently locked after too many unsuccessful password attempts.
Apple has long maintained that following iOS 8, it can’t access information on a passcode-encrypted device. This ruling is kind of a way around that: it’s not mandating Apple to break the encryption per se, just help the FBI with what I assume is a very boring brute-force attack. Let’s just hope the passcode isn’t 1234.
(Excerpt) Read more at gizmodo.com ...
This judge is a moron.
L
It’s called a subpoena.. big deal... I work in IT Security - we do it all the time.. Apple has procedures for this just like everyone else.. this is not news...
Why?
Look for the “government needs a back door” crowd to cite this.
Here is a comment I swiped from tele1234 on the AppleInsider site.
“I don’t think so. Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES encryption key.
“Within the secure enclave itself, you have the device’s Unique ID (UID) . The only place this information is stored is within the secure enclave. It can’t be queried or accessed from any other part of the device or OS. Within the phone’s processor you also have the device’s Group ID (GID). Both of these numbers combine to create 1/2 of the encryption key. These are numbers that are burned into the silicon, aren’t accessible outside of the chips themselves, and aren’t recorded anywhere once they are burned into the silicon. Apple doesn’t keep records of these numbers. Since these two different pieces of hardware combine together to make 1/2 of the encryption key, you can’t separate the secure enclave from it’s paired processor.
“The second half of the encryption key is generated using a random number generator chip. It creates entropy using the various sensors on the iPhone itself during boot (microphone, accelerometer, camera, etc.) This part of the key is stored within the Secure Enclave as well, where it resides and doesn’t leave. This storage is tamper resistant and can’t be accessed outside of the encryption system. Even if the UID and GID components of the encryption key are compromised on Apple’s end, it still wouldn’t be possible to decrypt an iPhone since that’s only 1/2 of the key.
“The secure enclave is part of an overall hardware based encryption system that completely encrypts all of the user storage. It will only decrypt content if provided with the unlock code. The unlock code itself is entangled with the device’s UDID so that all attempts to decrypt the storage must be done on the device itself. You must have all 3 pieces present: The specific secure enclave, the specific processor of the iphone, and the flash memory that you are trying to decrypt. Basically, you can’t pull the device apart to attack an individual piece of the encryption or get around parts of the encryption storage process. You can’t run the decryption or brute forcing of the unlock code in an emulator. It requires that the actual hardware components are present and can only be done on the specific device itself.
“The secure enclave also has hardware enforced time-delays and key-destruction. You can set the phone to wipe the encryption key (and all the data contained on the phone) after 10 failed attempts. If you have the data-wipe turned on, then the secure enclave will nuke the key that it stores after 10 failed attempts, effectively erasing all the data on the device. Whether the device-wipe feature is turned on or not, the secure enclave still has a hardware-enforced delay between attempts at entering the code: Attempts 1-4 have no delay, Attempt 5 has a delay of 1 minute. Attempt 6 has a delay of 5 minutes. Attempts 7 and 8 have a delay of 15 minutes. And attempts 9 or more have a delay of 1 hour. This delay is enforced by the secure enclave and can not be bypassed, even if you completely replace the operating system of the phone itself. If you have a 6-digit pin code, it will take, on average, nearly 6 years to brute-force the code. 4-digit pin will take almost a year. if you have an alpha-numeric password the amount of time required could extend beyond the heat-death of the universe. Key destruction is turned on by default.
“Even if you pull the flash storage out of the device, image it, and attempt to get around key destruction that way it won’t be successful. The key isn’t stored in the flash itself, it’s only stored within the secure enclave itself which you can’t remove the storage from or image it.
“Each boot, the secure enclave creates it’s own temporary encryption key, based on it’s own UID and random number generator with proper entropy, that it uses to store the full device encryption key in ram. Since the encryption key is also stored in ram encrypted, it can’t simply be read out of the system memory by reading the RAM bus.
“The only way I can possibly see to potentially unlock the phone without the unlock code is to use an electron microscope to read the encryption key from the secure enclave’s own storage. This would take considerable time and expense (likely millions of dollars and several months) to accomplish. This also assumes that the secure enclave chip itself isn’t built to be resistant to this kind of attack. The chip could be physically designed such that the very act of exposing the silicon to read it with an electron microscope could itself be destructive.
“It comes down to: “Do you want to allow criminals to access your iPhone so that law enforcement can also access a criminal’s iPhone?” I certainly don’t.
“The feds would get further doing some social engineering on the guy, or building one of these.”
This commenter really knows his stuff!
Based on this description, I would say that the FBI is SOL o this one.
If Apple is following their own declared encryption protocols, they can’t help the FBI at all, unless they just make some of their supercomputers available for brute force number crunching. Though I rather imagine that NSA has capabilities in that area that they don’t want anyone to know about.
Wouldn’t surprise me if this phone was cracked weeks ago, and this fiction was created to lull the accomplices into a false sense of security.
The FBI is interested in the San Bernadino shooter’s iPhone? Is this the same FBI that never bothered to secure the shooter’s apartment or secure the evidence in the apartment? The apartment which the media then ransacked and contaminated. That FBI? I don’t know who is more incompetent, the FBI, the media attempting to report this story, or the judge who is clueless about encryption.
President Skroob:
“1, 2, 3, 4, 5? That’s amazing! I’ve got the same combination on my luggage!”
First, I very much enjoyed your explanation. Second, I have a nutty idea. If the psychotic moslems still lived in crapistan, we wouldn’t need to decrypt the phone.
Read my post - I stole the text from another site, and gave full credit to the original author.
Your shouting message I assume means you believe that the 4th amendment means the cops have a right to succeed?
A warrant just gives them a right to search your house. A warrant does not mean you have to give them the front door key or assist them in ANY way, whatsoever. They can beat down the door. They can jimmy the lock. They can try everything.
But they cannot make you open the door, and they cannot make a law that you cannot put a very tough modern lock on your door.
But this control freak government thinks it has a god given right to every single personal scrap on data and information in the country.
Got it, thanks anyway sir.
Because Apple is unable to “hack” any of their products. So he’s ordering them to turn over copyrighted source code. Apple should fight this all the way to SCOTUS and beyond if necessary.
L
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.