As I’ve said time and again, let’s fight argue that one as and when it happens. But it’s really not going to happen, because not only are the FBI never going to ask for it, there’s absolutely no reason for them to have it – it goes against all the procedures they’ve previously followed to get data. There is no valid justification they could provide for it, and Apple would fight it up to the Supreme Court, where they’ll find judges who do understand. That suggestion really is tin foil hat territory.

I am not willing to sacrifice any of my/our/their privacy for a little more security.

Translation – you’re not willing to have a bit more security for the loss of none of your privacy.

As for signing, encryption et al I know enough to be very concerned when someone suggests that a backdoor (lets call it what it is) is a good idea. Broken encryption is very bad mkay.

Now right there is the reason I asked the question, because nobody is breaking the encryption – no matter how many times you might claim that. And no, nor is it a backdoor.

It would appear that some within security do not have a proper grasp of the subject either which is of more concern than my little knowledge.

On what knowledge of yours do you base that claim?

On what knowledge of yours do you base that claim?

On what knowledge of yours, do you continue to argue against what sandwich is saying?
I agree 100% with what he says, btw.

I am not willing to sacrifice any of my/our/their privacy for a little more security.
Translation – you’re not willing to have a bit more security for the loss of none of your privacy.

Bollocks, thin end of the wedge, as has been pointed out time and time again!
One one of these alphabet soup organisations gets an inch they’ll keep pushing and pushing until they get full access and nobody will be able to prevent anyone aging access to their personal devices, because as sure as God made little apples, (ha!), once the genie is out of the bottle, and in the hands of incompetent idiots like the FBI, it’ll be out in the wild where every hacker who wants it can get it.

Look we can sort this all out without Apple. Piers Morgan says he knows where he could take the phone down the Tottenham Court Road and get the job sorted.

I’ve worked in IT security. That and some of what he says is complete paranoid bollocks. You?

Bollocks, thin end of the wedge, as has been pointed out time and time again!

By those with a complete lack of understanding.

One one of these alphabet soup organisations gets an inch they’ll keep pushing and pushing until they get full access

<sigh> and the US courts will let them? You do realise that this is about the FBI getting back the capability they had before of Apple providing them access to the data on phones. All that time they’ve never asked for Apple to release anything more to them, because they know the US courts wouldn’t give it to them, and there is no advantage to them if they can get Apple to do it anyway.

This stuff is just wild extrapolation with no basis whatsoever.

I see the DA is now claiming that the FBI need to crack the iPhone as it might contain “a dormant cyber pathogen”?! 🙄
Government says ‘dormant cyber pathogen’ may be in San Bernardino shooter’s iPhone

People keep saying/assuming the fbi will be “given the key”, it can remain at Apple and they open phones at the court’s request

Hang on, Apple have to do the work then? What happens when every government on the planet then demands they do the same for them, are they going to pay for this massive operation? Which is going to be secure how? When the consequently huge operation needs to be staffed by monkeys to cope with the workload?

You ought to go back a few pages, what enforceablity would any foreign government have in the US?

Well, iphones are sold in other countries yes. I’m pretty sure the rest of the world makes up a pretty large **** portion of Apple sales, which could be embargoed.

Pretty sure Europe would do some deals with the American government to get access to the program.

That gives them commerical power, which they have now, but not enforceability.

As I said as well, theres always good old fashioned diplomacy. The yanks rely on European intelligence and military bases yes?

No Europe relies on US military bases and intelligence.

Hah.

I really am fascinated to know what super sensitive data some people on here keep on their iPhones. Maybe I should get a job with the FBI so I can run through all your ULTRA files?
I can imagine that your shopping lists (mostly tin foil), Mum’s birthday reminder and next meeting with your handler will be most illuminating 😀

I really am fascinated to know what super sensitive data some people on here keep on their iPhones. Maybe I should get a job with the FBI so I can run through all your ULTRA files?

it’s all dick photos. Mostly taken while you were showering.

You mean like this Dick?

Or maybe my favourite US motorsports star?

A little resurrection but with a new development
http://www.abc.net.au/news/2016-03-22/fbi-aim-to-hack-san-bernardino-attacker’s-phone-without-apple/7265948

FBI may be able to hack San Bernardino attacker’s phone without help from Apple

Worst of both worlds for Apple?

A little resurrection but with a new development
http://www.abc.net.au/news/2016-03-22/fbi-aim-to-hack-san-bernardino-attacker’s-phone-without-apple/7265948
FBI may be able to hack San Bernardino attacker’s phone without help from Apple
Worst of both worlds for Apple?

Nope, there have been a number of experts in the field who have been saying for some time that this is all about setting precedence, and about getting money out of Congress to get bigger computers; if they’d really wanted anything on that phone, all they had to do was pay a call on the NSA with bags full of donuts and ask nicely, and the NSA could have got anything they wanted, because the NSA have the sheer computing muscle that the FBI lack, and really, really want.

Even if that is the case, then without knowing any technical details, this really is worse for Apple than them helping out in the way they were asked. Because now it appears there is a way to break into an iPhone, and people know that there is a way to break into an iPhone – which can be done without Apple’s involvement. Had they complied with the request then they could still have pointed out that using the capabilities they already have didn’t really compromise the security of every other phone, because that security was still reliant upon the security of their signing keys, just as it had been before. All of a sudden your iPhone really is less secure.

I do wonder whether the FBI knew all along there was another way and were just giving Apple enough rope.

There was always option c, do it before it became public with a high level of secrecy.

FBI have hired an Israeli firm specialising in mobile security to access the phone. Given Israeli mobile security technology is in many (most?) mobiles it makes sense. The story below quotes other articles and a couple of potential methods basically disabling the “attempt counter”

MacRumors Story

🙂

The court case has been “settled” 🙂

http://www.bbc.co.uk/news/world-us-canada-35914195

Apple share price?

A court order issued last month required Apple to write new software to allow officials to access Rizwan Farook’s phone.
But Apple had resisted, saying it would set a “dangerous precedent”.

Well I’m scared of the dangerous precedent….

Is it the one where security and privacy is just a myth?

Last week, prosecutors said “an outside party” had demonstrated a possible way of unlocking the iPhone without the need to seek Apple’s help.

Ah so they finally let the NSA do it for them then?

@Graham see my link above, their hired a security specialist

If the bombing couple were still alive they could have stopped the FBI getting into the phone citing that amendment thingy. At least it is not a legal precedent so only dead people have to worry about photos on their phone.

And those who store photos on removable memory cards.

@mrs – I doubt it as it was a company phone

MacRumors story

Last week, prosecutors said “an outside party” had demonstrated a possible way of unlocking the iPhone without the need to seek Apple’s help.

“It’s looking like we’re going to lose the case so we’re just going to say we’ve done it.”

Cougar – Moderator

“It’s looking like we’re going to lose the case so we’re just going to say we’ve done it.”

“Yeah we totally hacked it by ourselves but there was nothing on it, it must have been wiped like the others” always seemed like one of the end games to me… It’s an easy out for the authorities and means they get to say they’ve won, and it’s always felt like this was less about any specific information, and more about winning the fight (especially since they’ve been so inconsistent in what they actually expect to find)

I do hope that the DORMANT CYBER PATHOGEN doesn’t escape now and kill us all.

was on news down under this am

http://www.abc.net.au/worldtoday/content/2016/s4433155.htm

“FBI unlocks shooter’s phone without Apple’s assistance”

so either Apple did it for them (conspiracy theory #1)

or the FBI didn’t get the data but would like people to think Apple’s security claims are false (#2)

or a third party actually did get the data and the FBI think it beneficial to publish this

let the debate begin

Either way, the next time the FBI try and go to court and insist the manufacturer provides a workaround/hack they’ll be on shakier ground saying it’s ‘impossible’ to access the data any other way.

Doesn’t make sense.

Surely if you could access the data then you’d tell no one.

All this does is give Apple a chance to close whatever backdoor has been found, and the bad guys will find some other way to store their data.

If they’d kept quiet they’d have the data, the backdoor would remain open, and they’d be able to access the bad guys phones

I suspect they knew how to access the data all along, but realised that they hadn’t won the PR war yet, so wanted to defer the court case in case it ruled against the FBI which would set them back.

or a third party actually did get the data and the FBI think it beneficial to publish this

That latter clause is particularly intriguing. If they really had managed to crack Apple’s protection (which can only be some sort of vulnerability exploit, I don’t believe for a second that they’ve actually cracked the encryption), would they be crowing about it or would they be more inclined to keep hush-hush as a secret weapon? If terrorists believe that their ‘secure’ messaging system has been compromised, they’re going to look for something else.

Look at RADAR, or the whole Bletchley Park tale. If we’d have gone public rather than going, “yeah, our pilots have good night-time vision because they eat a lot of carrots” the final outcome would’ve been very different.

I don’t believe for a second that they’ve actually cracked the encryption

If they can get the data off the phone encrypted, then if the owner just used the standard 4 digit PIN, a brute force attack would be pretty easy.

if the owner just used the standard 4 digit PIN, a brute force attack would be pretty easy.

I think this was covered earlier in the thread. As I understand it the PIN just tells the CPU/Security Enclave which internal (unreadable) encryption key to use – so if you just get the encrypted data off the phone it is no easier to break than other other encrypted data regardless of the PIN length.

^ what he said. The PIN only unlocks the private key associated with it. The issue they had was the lockout on the PIN and the device reset. Given they went to court they would have been between a rock and a hard place to pretend they hadn’t managed to get round the lockout. Interesting times, now in theory there is a backdoor to the PIN functionality in iOS….

Depending on the version of iOS it may not have even been encrypted. This was always about much more than this one phone, the FBI wanted to set a precedent about encryption in personal devices.

@Cougar – MacRumors I think published a few of the different things the Israeli security company could try, one of which was resetting the pin attempts clock to zero in hardware so the 10 attempts is never breached. IIRC UK companies spends £1.8bn pa on Israeli mobile phone security, they seem to be leaders in the field. The FBI paod them $15,000 (retainer only perhaps) which wouod suggest it wasn’t that hard to do. As they already had his Apple ID/password they only needed the 4 digit pin

>FBI breaks into iPhone
>IOS 9.3 released, all hell breaks loose.

Coincidence?