Apple Unlocked iPhones for the Feds 70 Times Before

http://www.thedailybeast.com/articles/2016/02/17/apple-unlocked-iphones-for-the-feds-70-times-before.html ^

[TigerClaws]

A 2015 court case shows that the tech giant has been willing to play ball with the government before—and is only stopping now because it might ‘tarnish the Apple brand.’

Apple CEO Tim Cook declared on Wednesday that his company wouldn’t comply with a government search warrant to unlock an iPhone used by one of the San Bernardino killers, a significant escalation in a long-running debate between technology companies and the government over access to people’s electronically-stored private information.

But in a similar case in New York last year, Apple acknowledged that it could extract such data if it wanted to. And according to prosecutors in that case, Apple has unlocked phones for authorities at least 70 times since 2008. (Apple doesn’t dispute this figure.)

In other words, Apple’s stance in the San Bernardino case may not be quite the principled defense that Cook claims it is. In fact, it may have as much to do with public relations as it does with warding off what Cook called “an unprecedented step which threatens the security of our customers.”

[Swordmaker]

The article very clearly says Apple has complied 70 times before!

Different circumstances. For example the New York case involved an iPhone 4S, a Model two versions before the iPhone 5C involved in the San Bernardino case. The 4S was running iOS 7, it's original operating system, but the 5C from the terrorist case was running the latest, most secure iOS 9.2. Two very different versions, one of which has unbreakable encryption. The other no encryption at all.

But in a legal brief, Apple acknowledged that the phone in the (NY) meth case was running version 7 of the iPhone operating system, which means the company can access it. “For these devices, Apple has the technical ability to extract certain categories of unencrypted data from a passcode locked iOS device,” the company said in a court brief.

Basically all of the 70 previous cases involved active prosecutions of criminals with pending cases. . . and older iPhones with older versions of iOS without encryption.

Since Apple updated the operating system with iOS 8, iPhones are all encrypted to a 256 AES standard to which the owner creates his or her own KEYs, and Apple does not have any access to at all. In fact, Apple never knows the key, ever. Therefore Apple cannot unlock any of those iPhones, essentially all iPhones from the Apple iPhone 5S, 5C, onward.

[Swordmaker]

And, two technical experts told The Daily Beast, the company could do so with the phone used by deceased San Bernardino shooter, Syed Rizwan Farook, a model 5C. (It's not clear what version of operating system the phone had installed.)

Isn't this the phone in question? The phone from the San Bernardino shooter?

The iPhone 5C was the iPhone in the San Bernardino case. It was running the latest version of iOS 9.1, which is fulling encrypted. The one they were discussing in NY was an iPhone 4S running iOS 7, no encryption at all. Unlocking it merely required a reset by Apple.

[Swordmaker]

This is getting confusing. I thought the problem was that Apple itself is currently not able to harvest the data from this i-phone, and that the court ordered them to build a device that would be able to harvest it.

Do I have that correct?

The court essentially ordered Apple to break into the iPhone 5C, iOS 9, so that the automatic erasure system would not destroy the data on the device on the tenth attempt at putting in a wrong passcode. Apple says there IS no way around that because it is hard coded into the processor. The court says DO IT, regardless of it being impossible. Apple says any hack would compromise all iPhones everywhere, so NO.

[Swordmaker]

Apple could just make a “corporate edition” OS with a backdoor.

I predict this will be the solution. Private phones won’t have it.

Incrementalism, I believe it’s called.

There are no two levels of access. The enterprise, corporate edition WANTS the security of no backdoor. . . just as individuals do. Make one, then the crooks would steal individuals' iPhones and install corporate backdoored versions and access the private data of the individuals. Nope, wouldn't work.

[Swordmaker]

The key is not the model of the phone, but the version of the operating system. If it is iOS 8 or later, they are out of luck.

Not so much.

WOW! You found another guy who believes in MAGIC. DiogenesLamp, you cannot load anything on an iPhone until you OPEN it. There is no way to do it. That means you have to enter the PASSCODE to install the software. Otherwise the phone is not RUNNING! That means you have to break into it first to get his special software on it. SHEESH! Not possible.

If you try to load it with the boot loader, the iPhone will ERASE ITSELF!

[Cololeo]

“As far as I know, slavery is still illegal - you cannot force someone to create a new product. “

Would that be like forcing someone to BUY a product?

[A CA Guy]

So obviously the thing to do would be to break open the phone and secure the solid state chip.
Then maybe somehow bypass the startup sequence for the chip and go directly to read?

That’s what I would do. Or try to do as my last resort.

[Swordmaker]

YES you do have it correct!!

Nope.

Your blogger is pretty well skewered in the comments following his MAGIC blog. He really doesn't have a clue.

[Swordmaker]

I did read the article. Apple can disable the delay and erasure features. That will likely accomplish the intended result.

No, you have a BLOGGER who is a nobody claiming that Apple can do it. That is no evidence that Apple can do it. I suggest you turn in your screen name. Your lamp is broken. The bloggers claims are TWADDLE. He doesn't know what he is talking about. He was eviscerated in the comments on his on blog. A lot were dripping in derision, talking about other failed means as being as likely to work. SHEESH, Diogenes, you are grasping at straws in your delusional dislike of Apple.

[Swordmaker]

Again in plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered. This customized version of iOS (*ahem* FBiOS) will ignore passcode entry delays, will not erase the device after any number of incorrect attempts, and will allow the FBI to hook up an external device to facilitate guessing the passcode. The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus.

That is the most unbelievable claim of all in this bozo's claims. Haven't you ever heard of "CHAIN OF CUSTODY" for evidence? They FBI cannot do that without breaking the chain of custody. That iPhone cannot leave law enforcement hands, ever!

[Swordmaker]

Probably a relatively minor firm ware revision. One of their coders could probably do it in a couple of hours.

DiogenesLamp believes in MAGIC as the solution to all of this. Apple can wave a magic wand and solve it. . . and decipher 256 bit AES encryption in a fortnight.

[Swordmaker]

So obviously the thing to do would be to break open the phone and secure the solid state chip.
Then maybe somehow bypass the startup sequence for the chip and go directly to read?

That’s what I would do. Or try to do as my last resort.

Nope. won't work. The iPhone uses three things to encrypt the data. All of them have to be present to decipher the data, and all of them are on the iPhone in separate places. . . and without all three, you are not going to get in. Also, the input passcode HAS to be input by the touchscreen. Also, if you bypass the startup sequence, which is called the SECURE BOOT SEQUENCE, it forces the iPhone into a special mode which requires the iPhone to be reset to FACTORY CLEAR STATE, and erased. It can only be re-set with the owner's AppleID, then restored from an iTunes data backup. OOPS.

[dennisw]

Very interesting. It seems the only reason Apple will not unlock this phone is it hurts their profits. Due to their current big selling point of their products having no backdoor for the Federales. BUT WAIT! Now it seems they do indeed have backdoors (or other unlocks) that only Apple can open and has opened in the past for law enforcement. Apple is far from helpless and has been lying about being unable to get past its own encryption. I am shocked that such an effete gang of California homos would be lying. Shocked!

[dennisw]

Sure seems this current case will wind through the courts with Apple being ordered to unlock the phone

[Swordmaker]

Then maybe somehow bypass the startup sequence for the chip and go directly to read?

Incidentally, assuming you were able to go directly to read the data, all you'd get to see would be gobble-de-gook. The data is encrypted to 256 bit AES standard encryption. Unless you go all the way through the log in process which re-builds the decryption key, the data will not be deciphered to be readable. It would take years, literally trillions of years, to find the right key, to decipher it. Actually more than trillions. Something like 5.62 undecillion years. That's 5.62 X 10¹⁹⁵ years. . . Using the fastest supercomputer we have available today.

[Gaffer]

There is a difference between unlocking a phone FOR the FBI and GIVING them the software to do it. From what I read yesterday the FBI wants the SOFTWARE to do it.

What are the chances of that SW being spread around the government like a dirty picture?

If they have a court order, the blessing of the real owners of the phone (the county), and can unlock the phone FOR the FBI, I have no problem with it. Otherwise, no sale.

[dennisw]

then you can force Faggot run companies to make their cracks available

Agreed! Good post that explained it better to me.

[Swordmaker]

If they have a court order, the blessing of the real owners of the phone (the county), and can unlock the phone FOR the FBI, I have no problem with it. Otherwise, no sale.

I disagree, Gaffer. Just the knowledge that it can be done is bad for Apple and their customers' privacy and security. Apple has stated that they absolutely do NOT have the key to get into their customers' iOS 8 and later devices. If Apple were to unlock this iPhone 5C running iOS 9, they would tell hackers everywhere there IS a way to do it. Those hackers would not rest until they found it.

[Gaffer]

I guess we disagree then. To me it is no different than getting a court order to open a safe, safe deposit box, open a mailbox.....

The difference for me is DOING it for the FBI and giving them the tools and software so they can do it any time they want. I don’t support giving the FBI the tools to use any time they want.

A last comment on your iOS 8/9 and hackers. If Apple has said there isn’t a way, and there IS, how safe does that make you feel about their claim? Is that what you call ‘security?’

[Read Write Repeat]

Simple solution: dig up the corpse and use Touch ID. :P