Posted on 02/17/2016 4:20:38 AM PST by John W
LOS ANGELES Feb. 17 (UPI) -- Apple CEO Tim Cook on Wednesday said a court order demanding the company create a "backdoor" into the cellphone data of the San Bernardino, Calif., attackers was "chilling" and "dangerous."
In a letter to customers, Cook expressed his opposition to the court order.
"The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand," Cook wrote. "Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us. For many years, we have used encryption to protect our customers' personal data because we believe it's the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business."
(Excerpt) Read more at upi.com ...
He likes "mouthfuls" as well. lol
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
Once you sacrifice Liberty, then you get tyranny.
“There is no backdoor. That’s the point. The government is basically ordering them to find a way to hack their own device.”
I can believe that. I further imagine that Apple’s encryption method is a standard one and it’s a matter of finding the encryption key or keys.
Do you suppose Apple has unique knowledge on how to break their encryption? Seems like if they don’t have special knowledge then Cook should just say that and the government has no reason to pick on Apple.
“Apple/s CEO Tim Cook better man up and understand he is a citizen of the USA....FIRST AND FOREMOST.
Apple, and he, succeed and make humongous profits on the freedoms that we are afforded here. “
BINGO
I wonder how different this thread would have been if Cook wasn’t gay?
And they will get neither.
For those who have not been following internet security for the last 20 years, this is all about making sure that NO American can hide from the US Gov.
This is NOT about 911 as it really ramped up back in the ‘90s when Intel came up with an encryption solution which had no backdoor.
The MSM, NSA and State Dept went all-in attacking Intel’s plan that it was going to use it for their own personal gain.
This was a lie.
Right now, Apple iphone encryption is done in such a way that only the user has the keys.
Personal records already exist on the cell phone provider system who they called and when.
This is all about a shakedown of Apple to wire in an NSA backdoor...just like they did to Intel, Microsoft and Google.
Is it 1776 yet?
Normal is a new "N" word. It is a macroaggression against the abnormal!
“It is an atrocity that Apple would allow these killers to continue their destruction of America.”
I am certain the Fraud’s puppet masters authorized Apple to protect his terrorist buddies, just like they trashed the apartment crime scene after the San Bernadino shootings.
My next cell phone will be an apple. Thanks, Tim for remembering that we have a 4th Amendment.
In this case, I agree with you. It was the first thing that came to my mind as well, and I'm not an Apple basher. The obvious connection was ... obvious.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
Wow.
The man is an optimist.
Why are you willing to hand additional power to an already abusive government?
Have seen opinions both ways on here and none seem based on that.
-—Borrowed from another thread ——
Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES encryption key.
Within the secure enclave itself, you have the device’s Unique ID (UID) . The only place this information is stored is within the secure enclave. It can’t be queried or accessed from any other part of the device or OS. Within the phone’s processor you also have the device’s Group ID (GID). Both of these numbers combine to create 1/2 of the encryption key. These are numbers that are burned into the silicon, aren’t accessible outside of the chips themselves, and aren’t recorded anywhere once they are burned into the silicon. Apple doesn’t keep records of these numbers. Since these two different pieces of hardware combine together to make 1/2 of the encryption key, you can’t separate the secure enclave from it’s paired processor.
The second half of the encryption key is generated using a random number generator chip. It creates entropy using the various sensors on the iPhone itself during boot (microphone, accelerometer, camera, etc.) This part of the key is stored within the Secure Enclave as well, where it resides and doesn’t leave. This storage is tamper resistant and can’t be accessed outside of the encryption system. Even if the UID and GID components of the encryption key are compromised on Apple’s end, it still wouldn’t be possible to decrypt an iPhone since that’s only 1/2 of the key.
The secure enclave is part of an overall hardware based encryption system that completely encrypts all of the user storage. It will only decrypt content if provided with the unlock code. The unlock code itself is entangled with the device’s UDID so that all attempts to decrypt the storage must be done on the device itself. You must have all 3 pieces present: The specific secure enclave, the specific processor of the iphone, and the flash memory that you are trying to decrypt. Basically, you can’t pull the device apart to attack an individual piece of the encryption or get around parts of the encryption storage process. You can’t run the decryption or brute forcing of the unlock code in an emulator. It requires that the actual hardware components are present and can only be done on the specific device itself.
The secure enclave also has hardware enforced time-delays and key-destruction. You can set the phone to wipe the encryption key (and all the data contained on the phone) after 10 failed attempts. If you have the data-wipe turned on, then the secure enclave will nuke the key that it stores after 10 failed attempts, effectively erasing all the data on the device. Whether the device-wipe feature is turned on or not, the secure enclave still has a hardware-enforced delay between attempts at entering the code: Attempts 1-4 have no delay, Attempt 5 has a delay of 1 minute. Attempt 6 has a delay of 5 minutes. Attempts 7 and 8 have a delay of 15 minutes. And attempts 9 or more have a delay of 1 hour. This delay is enforced by the secure enclave and can not be bypassed, even if you completely replace the operating system of the phone itself. If you have a 6-digit pin code, it will take, on average, nearly 6 years to brute-force the code. 4-digit pin will take almost a year. if you have an alpha-numeric password the amount of time required could extend beyond the heat-death of the universe. Key destruction is turned on by default.
Even if you pull the flash storage out of the device, image it, and attempt to get around key destruction that way it won’t be successful. The key isn’t stored in the flash itself, it’s only stored within the secure enclave itself which you can’t remove the storage from or image it.
Each boot, the secure enclave creates it’s own temporary encryption key, based on it’s own UID and random number generator with proper entropy, that it uses to store the full device encryption key in ram. Since the encryption key is also stored in ram encrypted, it can’t simply be read out of the system memory by reading the RAM bus.
The only way I can possibly see to potentially unlock the phone without the unlock code is to use an electron microscope to read the encryption key from the secure enclave’s own storage. This would take considerable time and expense (likely millions of dollars and several months) to accomplish. This also assumes that the secure enclave chip itself isn’t built to be resistant to this kind of attack. The chip could be physically designed such that the very act of exposing the silicon to read it with an electron microscope could itself be destructive.
“Why are you willing to hand additional power to an already abusive government?”
No additional power at all. Whenever they’ve really wanted these records, they’ve gotten them.
The Fraud and his handlers want to protect THIS PARTICULAR information, as I’ve been stipulating.
It is irrelevant. Big money behind the scenes is battling over who is going to be the next slave master. I JUST posted what I would do to Apple if they did not cooperate. So, my philosophy is NEVER going to be represented in leadership. Some really severe things need to happen to permanently change peoples' minds.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.