Posted on 03/02/2016 11:57:21 PM PST by Swordmaker
Within Chinese borders on servers owned and operated by the communist government while also submitting their company to “security audits” by Chinese investigators.
Maybe that’s different. Maybe Apple will move all US data to servers at the NSA in the future.
The NSA cannot get into Apple's devices either. Quit the snarky posts. You have no basis for any such claims. Try posting it about Google and Microsoft who have been cooperating.
Uh, no, not according to the mathematicians. The HASH is a one-way hash. You cannot derive the starting seed having from the ending hash. It's not possible.
McAfee simplified it too far, especially his claiming the user passcode is somehow stored on the iPhone when it clearly is not. If he knew anything at all about it, he'd know that lack of storing the passcode is one of the simplest and first protections used today. It's akin to not putting the key to your house under the welcome mat.
The rest of your comment is essentially correct, but also simplified. They are not "asking", they are ordering Apple to do it. The FBI does not have the authority under any law to compel that.
All they have to do is use a practice phone. Doesn’t work try another practice phone. I’m they can get plenty of them from the phone companies.
That still won't work to decrypt the iPhone, nightnight. The passcode is integral to the encryption/decryption process. The passcode is part of the four pieces of the entangled encryption key that will be built to decipher the data on the Flash drive. Without it, the data cannot be unencrypted and the iPhone cannot be unlocked. It is not just a matter of taking a different fork in the road.
Explain this a bit more if you can.
The goal is to decrypt the phone's flash memory. The phone uses a dedicated AES encryption chip to encrypt/decrypt the memory. The 256-bit key is built by tangling together several sources, including the user's passcode, the device's unique ID (set during manufacture and not recorded), and an anti-replay counter. See Apple's iOS Security White Paper.
So, it would seem, if you know the unique ID and the replay counter, and the software algorithms used to combine then, you should be able to set up a brute-forcing environment external to the device, in which you try passcodes until you hit the right one.
Using the Apple hardware, it takes 80 milliseconds to try a key (they deliberately made the algorithm inefficient). 80 ms is fast for a human, but an eternity for brute-forcing. Even so, to try all four-digit passcodes takes only 14 minutes. To try all six-digit passcodes takes 100 times as long, or about a day. However, to try all 16-character alphanumeric codes takes 1.5e21 years. So, success depends on whether Farook was lazy and went for a 6-digit code, really lazy with a 4-digit code, or diligently chose a long pass phrase.
It's worth noting that, if you are able to do the brute forcing without having to use the actual phone, you should be able to achieve a substantial boost, by (1) porting the algorithm to faster hardware and (2) running many copies of the algorithm in parallel. Sounds like a job for Bluffdale.
Of course, this all depends on recovering the phone's burned in keys and replay counter from a system without a debugging interface. There are ways of doing that, but they are difficult and risk destroying the target. Here's a paper on the topic by two engineers at Chipworks, a Canadian reverse-engineering company.
Uh, no, not according to the mathematicians
Yes, you are correct in general. My statement should read: "if you can somehow get the hash and the salt, and if the passcode is short, then you can brute force it." In this particular case we have reason to believe the passcode is short. So if they could somehow get the hash out of the SoC flash and the salt (I don't know where that is stored but probably in the Soc flash), then the brute force would not take long.
There are a couple problems with my "plan". The biggest one is that you would probably destroy the SoC extracting the hash and salt and therefore make it useless. You would still need a working SoC to run the rest of the algorithm using the UiD. Without completing that, you would have nothing.
Why doesn’t he just go to a store, buy an iPhone 5C, lock it, and crack it on video? He’s spent more time blathering about this than it would take him to prove it beyond doubt. Put up or shut up.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.