Posted on 02/19/2016 6:21:59 PM PST by Swordmaker
Nope - worked in secure networking for many years - do some research and you'll find that some of the safeguards available would do just what Apple claims
The Feebs screwed themselves and want Apple to clean up the mess and add a complimentary backdoor (did you miss the several references to that in the article?) which renders the security useless - unless you actually trust the government in all things..
Here is my guess on what happened. When the phone was provisioned by the county IT person, they likely did a manual provision. The IT department would have used their own Apple ID to load and configure county related apps. Maybe they used a central apple ID or maybe one for each device. Once the phone was configured with county apps and network access, they let users configure the rest of the phone. Maybe they used a common apple ID and the IT department panics and makes a stupid decision in the heat of the moment. From what I've read, the password reset was related to an IClould account and not the device passcode.
If an iDevice is not set to back up to iCloud, Apple doesn’t have a copy - as these reportedly weren’t. However, when you change your AppleID password, it does change it on all your Apple ‘subaccounts,’ not just on the device you’re using. Specifically, it changes your password on the iTunes Music Store servers - that’s how you can establish chronology of password changes, among other things.
Does anyone know if this terrorist iPhone was distributed by the Obama-Phone program?
From the article:
> The Apple ID passcode linked to the iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device, senior Apple executives said Friday. If that hadn’t happened, Apple said, a backup of the information the government was seeking may have been accessible
This implies that data was backed up
No, it wasn't. This was provided by the County Health Department where the bastard worked. It was his work phone and it was still owned by them. The data on it is supposed to be only work related.
He did have a personal phone. Both his and her personal phones and computers were smashed and dumped in a nearby lake before they went on their terrorist killing spree. They obviously never planned on surviving what they had in mind.
As far as I know, Obamaphones are cheap non-smartphones.
I would think that Apple would have a log of the change, along with the IP address of where it was done from.
There's a whole lot of confusion over all this... and I don't trust anyone involved to tell us the truth.
All ppossible, but unlikely. If it had an AppleID associated with the County, then the user could not buy any apps, reset the iPhone in certain instances, update it for new security updates, be backed up to the iCloud because there would be more than one iPhone on the same iCloud account, etc. AppleID's can also used to unlock iOS devices if the passcode is compromised. . . but if you have more than one iPhone per AppleID it can get problematic distinguishing which iPhone is to be unlocked.
Yes, iOS devices can SHARE an AppleID, but it is also better for them to have another unique AppleID as well.
The County would have it set up for Enterprise pushing of its data, apps, and information, but the user would have his own Apple email, and therefore his own AppleID for backing up his data.
Each iPhone can have its own AppleID and the county would not want ALL on the same AppleID because find my iPhone would not work for locating lost or stolen county property. Individual activation asks to establish an AppleID. This is the way we set up the corporate iPhones issued to our employees. There is no advantage to sharing an AppleID between iPhones, while there are plenty of advantages to each iPhone having its own.
My conclusion is that the iPhone had an individual AppleID. However, Apple knows from which device the AppleID was changed. I don't think they would even raise this issue if it was changed from another computer source other than the iPhone 5C in question since they stated categorically that the AppleID of the iPhone was changed within 24 hours of the authorities seizing the phone.
If it had been changed by an external contact which was NOT that iPhone 5C, Apple would have said so, as that would be an important piece of evidence that should be aggressively investigated.
You need a search warrant to search something in the possession of a dead terrorist? As far as I can tell, in California they can search your cell phone whenever you're arrested... so I would assume that would hold true in the event that you're shot 6,000 times during a shootout with police.
That may be a possibility. However, Apple has provided an Enterprise system means for iPhones that allows the a large business's IT department such as the County would have to push and side-load its apps to all iOS devices under its enterprise certificate without requiring an AppleID.
The user would likely have his own AppleID for his own email and personal access to purchase and download his own apps. He would also need an AppleID to permit updates for security purposes and system updates. Those would not be handled by the Enterprise side-loading. . . nor would it be appropriate to handle under a single universal County wide AppleID for all County devices. That doesn't make sense.
However, it does make sense that any employee would be required to register their AppleID with IT. The one thing that wouldn't make sense is that a county employee in IT would panic and stupidly change the password. First of all he'd have to know that the police/Homeland Security had seized the device of a County employee who was the terrorist, and then do something an IT guy is inherently not going to do: hide data from authorities and be ham-handed about it. This fact of WHO the terrorists are was not really widely known in the first 24 hours.
Secondly, I am pretty sure that Apple knows from which device the change of password originates. If it had come from a source NOT the iPhone 5c, Apple would have released that information to the authorities as that would have had to be investigated aggressively as a possible terrorist connection as part of the ongoing coverup. Instead, Apple makes it pretty plain that the password was changed from the iPhone while in custody of those very authority, otherwise why bring all of this up?
Oh, incidentally, the record shows that the terrorist turned off the iPhone's backup to iCloud about 30 days prior to the attack. That was a deliberate act, showing HE had access to the iCloud account from the iPhone 5C. That meant it was his iCloud AppleID.
That 30 day blank is one of the reasons the authorities want in to the iPhone to see what was so important he needed to stop the backups.
1: iCloud backups are encrypted with the same encryption as on the iphone using the same key.
2: The terrorist stopped the automatic backups 30 days before the event for some reasons known only to him and perhaps any co-conspirators, or perhaps in the terrorists' handbook.
No, unfortunately we don't.
One can change an AppleID from any computer, iOS device, etc., by logging on to one's iCloud account with one's AppleID and passcode. Many people have set up two-factor log-in which requires a one-time six digit pin to be sent to another email, messaging device under the user's control, or a phone call, which then must be put into the log-in screen to continue. If two-factor is set to one, changing the password will also require the another pin be sent to change.
And, CementJungle, you are right, Apple does have a record of what device, URL, and other information about the change of passcode/password for AppleID. They also send an email to the last emails of record--not a new email that may be newly added-- as well as sending a SMS message, alerting the account holder of the change and giving them a heads-up in case it was NOT them, telling them from what device it was changed and the Location from which it was changed, and telling them to contact Apple if it was not the owner of the account who made the change.
I've changed AppleIDs many times in the past for our office computers, iOS devices, and each time have received such alerts. When we've added devices to AppleID's an alert is sent as well. . . including what device was added and where. It is pretty comprehensive.
> This isn’t making much sense, is it?
It seems other issues are being dragged in.
If the passcode protected information was retrievable prior to the FBI involvement why isn’t the passcode protected information retrievable now?
Deliberately, and I believe Apple (and their Fan base) is the one doing it. I think they intentionally started this propaganda effort because they really really really do not want to help the FBI open any of their phones.
Not that I trust the Government either, but I think this can be done while protecting all of Apple's concerns except for their desire not to do it.
Just a quick thought.
The iPhone used by the terrorist was the property of the county, which would be getting the phone bills, which include all the phone calls made on that phone, so that information is readily available to the FBI, isn’t it? I monitor the phones and pay phone bills for those phones that we give to our employees and I am able to see all the calls made and received, including those employees with iPhones.
Those phone records make it easy to track who was being called by the terrorist, so are we to believe that the terrorist had only one phone, and was setting up additional attacks using a phone that didn’t belong to him and could easily be checked to see his usage?
Ans what about the wife’s phone, the supposed “mastermind”. We have heard nothing about her phone, but if she were IM ing her husband wouldn’t her phone show those?
The way I read the press accounts, is that the iclould password changed while the FBI was in possesion of the locked phone. They never got into the phone. That lead me to believe they were using a common iclould account. I haven't reset an Apple ID in awhile, but there are extra safe guards like answering questions before the password is reset via email.
Both Apple and the FBI seem to be using this as a proxy for other fights. The FBI should not be angling for a “backdoor” to enable unfettered monitoring, neither should Apple be refusing to help retrieve and decrypt data.
The phone was owned by the terrorists' employer. My point was that somewhere in the chain of legalities there may have have been a misstep, which could bollox the whole thing. It was speculation, nothing more.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.