Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: SteveH

“The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowing the government to conduct passcode recovery analysis.”

Bottom of page 2

https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf


112 posted on 02/25/2016 7:40:07 AM PST by Ray76 (Judge Roy Moore for Justice of the Supreme Court of the United States)
[ Post Reply | Private Reply | To 111 | View Replies ]

To: Ray76

So (point of clarification) the SIF is acting in user space as a substitute login user space application?

Is it (PoC) not (if not part of the OS itself) an OS-priveleged application?

Does this SIF already exist, or is Apple being “commandeered” by the feds to develop, test, and warrant the SIF?

Who is liable for damages if the SIF fails catastrophically, scribbles on the memory, and the data is lost forever? What happens if the SIF upon being executed by the FBI on the iphone, begins to execute, but then trips over a hitherto undetected OS bug?

How much testing should be performed to warrant the SIF as being certified to work reliably? By what standard(s) of reliability?

Seems to me that there are a host of QA and other issues here. If they have all been answered by the feds, please provide a nutshell 100 word summary and a link to the primary source(s).

Enquiring minds, etc. :-)


119 posted on 02/25/2016 8:38:37 AM PST by SteveH
[ Post Reply | Private Reply | To 112 | View Replies ]
To: Ray76

(note keys stored on device)

An excerpt from an Apple document:

Secure Boot Chain

Each step of the boot-up process contains components that are cryptographically signed by Apple to ensure integrity, and proceeds only after verifying the chain of trust. This includes the bootloaders, kernel, kernel extensions, and baseband firmware.

When an iOS device is turned on, its application processor immediately executes code from read-only memory known as the Boot ROM. This immutable code is laid down during chip fabrication, and is implicitly trusted. The Boot ROM code contains the Apple Root CA public key, which is used to verify that the Low-Level Bootloader (LLB) is signed by Apple before allowing it to load. This is the first step in the chain of trust where each step ensures that the next is signed by Apple. When the LLB finishes its tasks, it verifies and runs the next-stage bootloader, iBoot, which in turn verifies and runs the iOS kernel.

This secure boot chain ensures that the lowest levels of software are not tampered with, and allows iOS to run only on validated Apple devices.

If one step of this boot process is unable to load or verify the next, boot-up is stopped and the device displays the “Connect to iTunes” screen. This is called recovery mode. If the Boot ROM is not even able to load or verify LLB, it enters DFU (Device Firmware Upgrade) mode. In both cases, the device must be connected to iTunes via USB and restored to factory default settings. For more information on manually entering recovery mode, see http://support.apple.com/kb/HT1808.

System Software Personalization

Apple regularly releases software updates to address emerging security concerns; these updates are provided for all supported devices simultaneously. Users receive iOS update notifications on the device and through iTunes, and updates are delivered wirelessly, encouraging rapid adoption of the latest security fixes.

The boot process described above ensures that only Apple-signed code can be installed on a device. To prevent devices from being downgraded to older versions that lack the latest security updates, iOS uses a process called System Software Personalization. If downgrades were possible, an attacker who gains possession of a device could install an older version of iOS and exploit a vulnerability that’s been fixed in the newer version.

Source: http://web.archive.org/web/20120617005348/http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf


125 posted on 02/25/2016 9:03:13 AM PST by Ray76 (Judge Roy Moore for Justice of the Supreme Court of the United States)
[ Post Reply | Private Reply | To 112 | View Replies ]
To: Ray76; SteveH
"The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowing the government to conduct passcode recovery analysis."

Where in that sentence does it say Apple gets to KEEP the SUBJECT DEVICE evidence? How is it going to prevent some man-in-the-middle hacking of the device while the "government" (which department in the government? which agency?) accesses the device to its heart's content and reads and copies the unlocking code?

I STILL DON'T SEE the WORDS "APPLE GETS TO KEEP THE NOW COMPROMISED SUBJECT DEVICE!"

DO YOU?

If it is NOT written in the order, Ray, it's not in the order.

137 posted on 02/25/2016 11:10:17 AM PST by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users contIinue....)
[ Post Reply | Private Reply | To 112 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson