Posted on 02/23/2016 11:34:59 AM PST by Swordmaker
Don't make dense statements, then. Challenging whether a white paper on iOS 9 covering iOS 9.2 counts as a dense statement especially when you are on here challenging technical statements from others as if you know something.
You truly are an ass.
Thanks for the chuckle!
You cannot reverse engineer something that is impervious to seeing inside. All you get out of it is a go, no go and then the ability to decrypt the data. If you cannot see how that is done, you cannot reverse engineer it.
Imagining you could "outsource it to Moscow" is a flight of fantasy. If it were possible for them or anyone to do it, it would have been done by now. There are, after all, Billions of dollars at stake in doing it.
Apple is stating in their own answer to this Court Order that even for them to do it would take a team of six to ten from two to four weeks before they could begin testing it.
"The compromised operating system that the government demands would require significant resources and effort to develop. Although it is difficult to estimate, because it has never been done before, the design, creation, validation, and deployment of the software likely would necessitate six to ten Apple engineers and employees dedicating a very substantial portion of their time for a minimum of two weeks, and likely as many as four weeks. Neuenschwander Decl. ¶ 22. Members of the team would include engineers from Apple's core operating system group, a quality assurance engineer, a project manager, and either a document writer or a tool writer. Id.No operating system currently exists that can accomplish what the government wants, and any effort to create one will require that Apple write new code, not just disable existing code functionality. Id. ¶¶ 24-25. Rather, Apple will need to design and implement untested functionality in order to allow the capability to enter passcodes into the device electronically in the manner that the government describes. Id. ¶ 24. In addition, Apple would need to either develop and prepare detailed documentation for the above protocol to enable the FBI to build a brute-force tool that is able to interface with the device to input passcode attempts, or design, develop and prepare documentation for such a tool itself. Id. ¶ 25. Further, if the tool is utilized remotely (rather than at a secure Apple facility), Apple will also have to develop procedures to encrypt, validate, and input into the device communications from the FBI. Id. This entire development process would need to be logged and recorded in case Apple's methodology is ever questioned, for example in court by a defense lawyer for anyone charged in relation to the crime.
These are the EXACT SAME things i've been telling people on here for a couple of weeks and being told I was wrong about by our two ignorant characters who claim it was a simple 15 minute job.
Outsourcing it is the same as putting out in the wild. The very thing that would compromise the security of all iOS devices.
The retry delay code could be removed or branched around.
And you are so intimately familiar with the base code of the iOS and the firmware that you know for a fact that none of what you are suggesting relies on any code or commands already burned into the ROM, making it difficult to devise a software-only workaround?
I think you've got a fairly good grasp of it.
You are right.
Footnote #22 from the Apple Motion to Vacate:
The government obtained the Order without notice to Apple and without allowing Apple an opportunity to be heard. See Mullane v. Cent. Hanover Bank & Tr. Co., 339 U.S. 306, 314 (1950) (recognizing that one of the "'fundamental requisite[s] of due process of law is the opportunity to be heard'") (quoting Grannis v. Ordean, 234 U.S. 385, 394 (1914)). But this was not a case where the government needed to proceed in secret to safeguard its investigation; indeed, Apple understands that the government alerted reporters before filing its ex parte application, and then, immediately after it was signed and confirmed to be on the docket, distributed the application and Order to the public at about the same time it notified Apple. Moreover, this is the only case in counsel's memory in which an FBI Director has blogged in real-time about pending litigation, suggesting that the government does not believe the data on the phone will yield critical evidence about other suspects.
Not only that, but the FBI in its Court Order supporting documents claimed the San Bernardino County IT department unilaterally changed the password. That was a material fact that was not just mis-represented but was an outright lie. From Footnote #21 in the same Motion to Vacate:
In its motion to compel, filed February 19 with this Court, the government sought to shift the blame to the "owner" (San Bernardino County) in describing who changed the password and why it allegedly has no other viable alternatives besides the creation of a new operating system. Dkt. 1 at 18 n.7. The FBI later issued a press release acknowledging that it "worked with" the County to reset the password. See Hanna Decl. Ex. Y [Statement to Address Misleading Reports that the County of San Bernardino Reset Terror Suspect's iPhone Without Consent of the FBI, issued by the FBI to Ars Technica (Feb. 21, 2016)]
In two cases of material facts, important facts, that were used to justify the issuance of this Court Order compelling Apple to cooperate with the opening of the iPhone, the FBI lied; perjured itself to get the Court Order issued. Why should it be continued when two of the most important arguments for its issuance were plainly FALSE?
Your claim that a paper covering the security of iOS 9 was not valid for iOS 9.2 was YOU being an ass. Now give it us a break from such denseness which you have been parading for a week now.
Not sure how wrong it is. In some circumstances it is expected by convention for one side or the other in a dispute to file a proposed motion or order wording. The judge then takes the proposed motion or order wording into account when issuing the actual order. If one side or the other has done its writing job correctly, the draft order just asks for what the legal argument justifies in the writ or motion. Judges often (usually?) do not write such orders, one party or the other does. If they don’t then the judge can simply let the issue slide by (in effect) doing nothing— not issuing the order. IANAL but this is my distant recollection from when I did some in pro per work on a case I filed once. Yeah, it was wierd and took some getting used to until I realized that the real meat was elsewhere and the actual order was in effect partly just the legal equivalent of crossing the t’s and dotting the i’s.
de nada. For extra richness, recite in the appropriate foreign accent (hint: not Spanish, lol).
You claim(ed) the security of the 5c used a secure enclave. It doesn’t. Why do you post diagrams showing the secure enclave, and text describing it’s use?
No doubt just about any lawyer could easily confirm or deny this. Right now, however, it seems to me that not many lawyers are paying much attention to this thread, so unless a lawyer pipes up relatively quickly, folks might want to keep that in mind, that this particular thread might be somewhat untethered from a legal perspective.
Ideally, though, it would be nice to have a lawyer or three out there who could keep us all corralled (so to speak).
OK. Right now I am embroiled in trying to come up with a welding mod and schedule with a shop for my truck and it’s soaking up a lot of my bandwidth, as are some other various and sundry tasks. I was not ignoring you and I actually do care, but without more time than I currently have to go back and check old threads, I feel safer maintaining a fig leaf of neutrality. Besides, there is a lot of technical stuff to get back up to speed on which is challenging enough without the legal aspects and personal attacks (if any). In any case I am trying to retain a modicum of situational awareness. Please feel free to keep an eye on me lest I stray too far into the “DU Zone” (queue spooky and wierd sounding theramin music here).
I am not the only one that has this opinion. Code Toad says he can do it in 10 minutes.
We are not talking about changing one procedure call - there are multiple systems involved, and without thorough testing, a quick fix like you suggest would most likely result in bricking the phone anyway.
Multiple systems in a routine that counts to 10? Just how complicated a method do you suppose Apple uses to count to 10?
If you write code, you should know that any time you make a change in any part of the code, you risk introducing bugs that may affect parts of the code you hadn't even considered.
You must be using too many global variables. I can't imagine too many other methods of wrecking parts of code outside of subroutines except by using too many global variables.
But to make it simple, let's find the portion of code where we increment the "number of tries" counter. How about we change
Num_Tries++; to
//Num_Tries++?
I imagine there are a dozen ways to make a small code change to stop it from wiping the phone.
Apart from that, the FBI filing claims Apple has admitted they can do it.
When the government first realized that Apple retained the means to obtain that data from the SUBJECT DEVICE and that due to the way that Apple created the software Apple was the only means of obtaining that data, the government sought Apple's voluntary assistance. Apple rejected the government's request, although it conceded that it had the technical capability to help.
Apple knew NOTHING about the FBI going to Magistrate Judge Pym seeking a Court Order for what they were already doing, cooperating with the FBI and DOJ.
From Footnote #22 of Apple's Motion to Vacate:
The government obtained the Order without notice to Apple and without allowing Apple an opportunity to be heard. See Mullane v. Cent. Hanover Bank & Tr. Co., 339 U.S. 306, 314 (1950) (recognizing that one of the "'fundamental requisite[s] of due process of law is the opportunity to be heard'") (quoting Grannis v. Ordean, 234 U.S. 385, 394 (1914)). But this was not a case where the government needed to proceed in secret to safeguard its investigation; indeed, Apple understands that the government alerted reporters before filing its ex parte application, and then, immediately after it was signed and confirmed to be on the docket, distributed the application and Order to the public at about the same time it notified Apple. Moreover, this is the only case in counsel's memory in which an FBI Director has blogged in real-time about pending litigation, suggesting that the government does not believe the data on the phone will yield critical evidence about other suspects.
CodeToad is a long time anti-Apple Hate brigade member and is no more expert on these devices than you are. He is NOT someone to use as an expert voice on how to do this. He knows no more than do you about how to do it. He is NOT AT ALL FAMILIAR WITH iOS. Zip, nada, Nothing. CodeToad is not an Apple user.
We concede that Apple has more than the technical expertise to do this. The question is NOT that can it handle, but SHOULD it. The first is technical, the other philosophical and Constitutional.
Well, what else would we expect from a liberal Apple social media troll? You are a computer user and a junior one at that. We engineers think you nerdy kids ought to just shut up about things you know nothing about. Everything you post you have to ask Apple what’s its position so you stay on message.
Your previous statements were that Apple COULD NOT TECHNICALLY perform the task, yet now that we called BS, you state otherwise. You knew nothing of this issue being a computer user and not an engineer yet you mouthed off and held to the Apple talking points.
Such an Appple sleazebag.
A short comment/question, it looks as though we are going to have either Donald Trump or Hillary Clinton heading the federal government for the next four years. Do you really want either of these acknowledged authoritarians to free passage to your daily business and, more particularly you moral and political opinions? They will, of course have many ways to get information we believe is protected by the First Amendment. Will there be increasing limitations on speech? It certainly seems as though some form of “hate speech” limitation is on the door step and thin skinned chief executives will be tempted to protect themselves and their actions.
That is development. Once Development has worked out the kinks in new code which was written to create new functionality, it's generally stable, and will not blow up with a minor perturbation such as stopping a counter from counting.
This already written and debuged code. They could change the "number of tries" to any number they like with virtually no effort.
Well, Apple has lots of engineers and lots of lawyers and there seem as if there can be many unintended consequences.
And I'm pretty sure the Apple Lawyers are going to do everything they can to keep the Apple Engineers from telling the court how easy it is to implement the method suggested by the FBI.
And is it true that the order was not signed by anyone? Maybe the actual order is a seperate document that is actually signed by the magistrate judge.
The fact that they are having a hearing on the matter tells me that the court considers it a valid order. If it were not, then the court would be asking "who stole the stamp?"
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.