x404.co.uk
http://www.x404.co.uk/forum/

Apple rejects order to unlock gunman's phone
http://www.x404.co.uk/forum/viewtopic.php?f=19&t=25036		 Page 1 of 3
Author:  paulzolo [ Wed Feb 17, 2016 10:16 am ]
Post subject:  Apple rejects order to unlock gunman's phone
Quote:
Apple will contest a court order to help FBI investigators access data on the phone belonging to San Bernardino gunman Syed Rizwan Farook.

The company had been ordered to help the FBI circumvent security software on Farook's iPhone, which the FBI said contained crucial information.

http://www.bbc.co.uk/news/technology-35594245

What Apple has been told to do is to allow brute force passcode entry. At the moment, iOS puts a delay in between each passcode entry to stop this kind of attack. The delay means that years could be added to the time to enter the passcode. Whet Apple has been ordered to do is write software / a version of iOS that ignores this delay, and also does not erase the phone after a certain number of failed attempts.

Apple appear to be contesting this order.
Author:  davrosG5 [ Wed Feb 17, 2016 11:13 am ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
If they cave in then that's basically it for iPhone security and more general mobile phone security as well.
Put the massive pile of cash to good use Apple and tell the FBI to bog off.
Author:  big_D [ Wed Feb 17, 2016 12:10 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
I believeit isthe phone to auto deleting itself, if you give the wrong PIN too many times. I think that was more the concern.
Author:  Fogmeister [ Wed Feb 17, 2016 1:32 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Yeah it's the fact that the phone deletes all its info after 10 wrong inputs that they want to get around.

The next bit is that even without the restriction it would take years to enter all possible combinations so they'd like a way to automagically enter passcode attempts.


Sent from my iPhone using Tapatalk
Author:  paulzolo [ Wed Feb 17, 2016 2:38 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Fogmeister wrote:
Yeah it's the fact that the phone deletes all its info after 10 wrong inputs that they want to get around.

The next bit is that even without the restriction it would take years to enter all possible combinations so they'd like a way to automagically enter passcode attempts.


Sent from my iPhone using Tapatalk


There’s a delay of a few seconds introduced after each failed attempt to enter the code, so it would take about 5 years or so to brute force the pass code - assuming, of course, that it’s a 4 digit one. Apple has been prompting the user to create 6 digit codes recently.
Author:  big_D [ Wed Feb 17, 2016 3:12 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
http://www.zdnet.com/article/this-is-ho ... RSSbaffb68

Quote:
n this document it states:

That the iPhone in question is an iPhone 5c (a device which lacks the Touch ID and Secure Enclave security features). This is known in the document as the "SUBJECT DEVICE".
The FBI wants Apple to create code - which the document refers to as Software Image File or "SIF" - that it can load into the iPhone's RAM without modifying any of the data already stored on the flash memory, including "the iOS on the actual phone, the user data partition or system partition."
The FBI wants the SIF to be coded with "a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE."
The FBI want the SIF loaded onto the iPhone "at either a government facility, or alternatively, at an Apple facility." If it is done at an Apple facility, then "Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowed the government to conduct passcode recovery analysis."
This SIF needs to do three things:
- Bypass or disable the auto-erase function in iOS which wipes devices after the incorrect passcode has been entered ten times,
- allow the FBI to enter passcodes electronically, and
- remove the delay feature that the iOS sets between incorrect passcode attempts.
Author:  pcernie [ Wed Feb 17, 2016 5:07 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
big_D wrote:
http://www.zdnet.com/article/this-is-how-the-fbi-wants-apple-to-backdoor-the-iphone/#ftag=RSSbaffb68

Quote:
n this document it states:

That the iPhone in question is an iPhone 5c (a device which lacks the Touch ID and Secure Enclave security features). This is known in the document as the "SUBJECT DEVICE".
The FBI wants Apple to create code - which the document refers to as Software Image File or "SIF" - that it can load into the iPhone's RAM without modifying any of the data already stored on the flash memory, including "the iOS on the actual phone, the user data partition or system partition."
The FBI wants the SIF to be coded with "a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE."
The FBI want the SIF loaded onto the iPhone "at either a government facility, or alternatively, at an Apple facility." If it is done at an Apple facility, then "Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowed the government to conduct passcode recovery analysis."
This SIF needs to do three things:
- Bypass or disable the auto-erase function in iOS which wipes devices after the incorrect passcode has been entered ten times,
- allow the FBI to enter passcodes electronically, and
- remove the delay feature that the iOS sets between incorrect passcode attempts.


'We then want them to do this until they go out of business or Armageddon happens, whichever.'
Author:  Fogmeister [ Wed Feb 17, 2016 5:39 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
paulzolo wrote:
Fogmeister wrote:
Yeah it's the fact that the phone deletes all its info after 10 wrong inputs that they want to get around.

The next bit is that even without the restriction it would take years to enter all possible combinations so they'd like a way to automagically enter passcode attempts.


Sent from my iPhone using Tapatalk


There’s a delay of a few seconds introduced after each failed attempt to enter the code, so it would take about 5 years or so to brute force the pass code - assuming, of course, that it’s a 4 digit one. Apple has been prompting the user to create 6 digit codes recently.
Yeah, I believe it the default on iOS 9 with Touch ID.


Sent from my iPhone using Tapatalk
Author:  jonbwfc [ Wed Feb 17, 2016 10:44 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Interesting article on the technicalities

TLDR version : what the FBI is asking for is technically possible but is only useful provided the iPhone doesn't have TouchID (the phone in the current case is a 5C, which doesn't have TouchID). Apparently the hardware of itself limits access attempts to one every 80ms. At that speed all possible combinations for a 4-digit PIN can be attempted in roughly half an hour.
Author:  timark_uk [ Thu Feb 18, 2016 1:26 am ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
The official Apple letter to customers
You can certainly see the argument.

Mark
Author:  pcernie [ Thu Feb 18, 2016 1:47 am ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
It's got serious legal precedent potential.
Author:  paulzolo [ Thu Feb 18, 2016 5:19 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
pcernie wrote:
It's got serious legal precedent potential.

That’s the thing. If Apple buckles on this case, then everyone will have to comply with similar requests in the future - Google, Microsoft, Blackberry and others. And if the buckle in the USA, then every other country will feel they can make similar demands.
Author:  timark_uk [ Thu Feb 18, 2016 6:02 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Google tentatively stands with Apple on the security of devices.

Mark
Author:  E. F. Benson [ Mon Feb 22, 2016 8:58 pm ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Skimming the Guardian this evening i read a couple of articles with a contrarian viewpoint. I don't share their views but it is interesting to read and see how shallow the thought process is.
Author:  timark_uk [ Wed Mar 02, 2016 12:47 am ]
Post subject:  Re: Apple rejects order to unlock gunman's phone
Apple backed by San Bernardino relative ahead of Congress hearing
It's been interesting reading about this case.
The biggest 'wow' moment for me was learning that the iCloud password was changed at the behest of the FBI.
For the most part, the FBI does appear to have been totally up-front and open about the case, if not about the motives behind getting what it wants from Apple.

Mark
Page 1 of 3 All times are UTC
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/