I May Just Have to Buy an iPhone Now

The argument over on Pilot Spin is that the government only seeks access to this one phone and only wants Apple to do something with this one phone.
 
The argument over on Pilot Spin is that the government only seeks access to this one phone and only wants Apple to do something with this one phone.

I can't figure out a way that that would be possible.

Even if the technical capability exists (which I doubt), the fact that one phone's protection can be cracked proves that any of them can be cracked. That would diminish the value of the phone's security features; make it less marketable (especially overseas); and make Apple, its employees, and their families vulnerable to acts of terror, extortion, and kidnapping by terrorists, foreign dictators, and other miscreants who also want someone's phone cracked.

Rich
 
From the very early days, cryptology has been under assault. A better mousetrap is always being created. Codes broken. Codes changed. It is inevitable that the current des or aes256 will be broken. All it takes is enough time and computing power. DOD and NSA probably already can (on our dime). The only reason for constantly barraging us with claims that encryption is making their jobs difficult finding and stopping terrorists is to get us used to any further infringements they want. Thirty years ago it was the cold war and the enemy was the Soviet Union.
They need enemies to justify their existence and their ever increasing budget.
I am with Apple on this. There is no good that can come from this. Camel's nose under the tent.
 
Lots of emotion on this
If the access code is 4 digits it can be cracked easily. What is stopping the gov't is the ten tries and it fries algorithm.
What is especially interesting is that the NSA can (likely) give the FBI/CIA/Justice all the phone numbers that phone connected with. (and likely the audio also) So the fact that they have not asked NSA for this raises some political issues (well, they don't discuss whether they did or not)
If they are choosing to NOT ask the NSA then why are they trying to squeeze Apple? (insert your favorite conspiracy theory)
If they asked NSA and it cannot provide the phone numbers then why did we spend billions on the NSA? (insert favorite, etc. etc. ) (mine is that the NSA cannot in fact track every single public phone call and the tale that we can was disinformation)
If they asked NSA and it refused .. .. .. (I cannot even come up with a cynical crack for this variation)
So stop focusing on what Apple should or should not do (could or could not do is relevant also) and focus on why the gov't NEEDS Apple.
 
The argument over on Pilot Spin is that the government only seeks access to this one phone and only wants Apple to do something with this one phone.

That's right up their with "hey babe, let me just put the tip in, come on just the tip"

We all know where that goes.


From the very early days, cryptology has been under assault. A better mousetrap is always being created. Codes broken. Codes changed. It is inevitable that the current des or aes256 will be broken. All it takes is enough time and computing power. DOD and NSA probably already can (on our dime). The only reason for constantly barraging us with claims that encryption is making their jobs difficult finding and stopping terrorists is to get us used to any further infringements they want. Thirty years ago it was the cold war and the enemy was the Soviet Union.
They need enemies to justify their existence and their ever increasing budget.
I am with Apple on this. There is no good that can come from this. Camel's nose under the tent.

Bingo.
 
I'm still on the fence about this one. Yeah Apple may have done it before, but then they added this "security feature" that just deletes everything if you attempt to mess with it. Maybe that was their way of stonewalling the Feds who kept asking them to mess with the phones. Now the Feds want them to disable something else.

I can't help thinking, what's the point of security and privacy if you're just going to circumvent it on a whim?

Yeah we're just disabling this feature on one person's phone right now, but how many people does it take to make it wrong? One? A hundred? A thousand?

The government would have you believe they can contain this to just ONE case, is everyone really that naive as to believe that this will REALLY be a one and done case?

National security IS important, but is 18 minutes of some random terrorist's life (which may or may not even have a single relevant thing in it) worth a privacy breach for the rest of us?
 
I'm still on the fence about this one. Yeah Apple may have done it before, but then they added this "security feature" that just deletes everything if you attempt to mess with it. Maybe that was their way of stonewalling the Feds who kept asking them to mess with the phones. Now the Feds want them to disable something else.

I can't help thinking, what's the point of security and privacy if you're just going to circumvent it on a whim?

Yeah we're just disabling this feature on one person's phone right now, but how many people does it take to make it wrong? One? A hundred? A thousand?

The government would have you believe they can contain this to just ONE case, is everyone really that naive as to believe that this will REALLY be a one and done case?

National security IS important, but is 18 minutes of some random terrorist's life (which may or may not even have a single relevant thing in it) worth a privacy breach for the rest of us?


No.

And national "security" is not important one bit when it is used to violation our rights and for the destruction of the constitution, which is far worse than anything any "terrorist" can, or has ever done.
 
I would imagine they should be able to keep that secret under wraps and not worry about being forced to divulge it.

Once it is done, it can be compelled to be disclosed by a court. I can almost guarantee you that it will be disclosed under the guise of "national security" or "public safety".

You can also bet on various government agencies and contractors working on a solution separately from Apple.
 
Once it is done, it can be compelled to be disclosed by a court. I can almost guarantee you that it will be disclosed under the guise of "national security" or "public safety".

You can also bet on various government agencies and contractors working on a solution separately from Apple.


Agreed.... I am SHOCKED the feds have not mastered the unlock code since the phone has been out for a few years....

You can bet they have thousands of techies on the payroll that should be doing just this...

For instance, let's take Edward Snowden,, he lived in pacific islands and probably spend a couple of hours a day playing on his laptop while lounging on the beach with his girlfriend... And all the while the guv was paying him close to 200 grand a year.... Multiply that by a few thousand and it clearly explains the out of control guvmint spending..:mad2::mad2::mad:
 
There are plenty of answers, some more philosophical than practical.

For me the simplest practical reason is because "government" is not static. It's ever-changing and at any given time is composed of good people and not-so-good: some elected, some appointed, some connected, some who just happened to get good grades on a civil service test, and undoubtedly a few who are there because their goal was to infiltrate their enemy.

Consequently, even if I completely trust my government today, it might not be the same government tomorrow or ten years from now; but once it has the means to act in what could be oppressive and tyrannical ways, those abilities will be inherited by whatever it may become.

The other problem is that any technology that can be abused eventually will fall into the wrong hands; so even if "the government" remains as pure as the driven snow, that doesn't mean that others won't come into possession of the technology.

Rich

This was the best answer in the thread.
 
For those who don't know from what I have read.

Older iPhones

the issue with this particular phone is that 10 tries and wipe the phone is set. What the FBI is asking apple to do is to create custom firmware that would circumvent this so the FBI can brute force attack it to gain access.

On the newer iPhones there is a chip look up "secure enclave". This essentially eliminates the ability to just write new firmware to gain access.

The best example I have heard in this particular case is the police get a warrant to search a house they come across a safe they can't crack. So they ask the manufacturer to create a special key to get in. The problem is this key lets you get into every safe like that one. This makes it tough for the company who sells them to say their safes are secure.

Personally I think there are just some things the government isn't going to know. If that makes me less safe I am OK with that. I have no issue with them getting a warrant getting the phone and trying to get in. What I fear is this is going to be the catalyst for the .gov to require a backdoor to all encryption and I have a REAL problem with that.
 
The bottom line is that privacy and security are both relative terms. And neither is absolute. If you do something embarrassing or illegal, just assume that it will become public knowledge. And the Corollary: No amount of laws, lawyers, or legislators will ever protect you from another human being.
 
The cops can also kick a door down if they have a warrant or exigency to justify doing so. What they're seeking here is more like having a master key to everyone's houses that we'll have to just trust them to use only when authorized to do so.

Rich

If they need a warrant to get into your phone, that's not exactly a master key.
 
If they need a warrant to get into your phone, that's not exactly a master key.

Well, except for those pesky "exigent circumstances," or whatever other workarounds are found to getting a warrant.

For example - police need a warrant or consent to enter your home to search it. Unless they see something happen that would cause them to feel that they must be in the home right now.

Or, they cannot search your car without a warrant or consent. Unless they convince their dog to bark at the window.
 
Lots of emotion on this
If the access code is 4 digits it can be cracked easily. What is stopping the gov't is the ten tries and it fries algorithm.
What is especially interesting is that the NSA can (likely) give the FBI/CIA/Justice all the phone numbers that phone connected with. (and likely the audio also) So the fact that they have not asked NSA for this raises some political issues (well, they don't discuss whether they did or not)
If they are choosing to NOT ask the NSA then why are they trying to squeeze Apple? (insert your favorite conspiracy theory)
If they asked NSA and it cannot provide the phone numbers then why did we spend billions on the NSA? (insert favorite, etc. etc. ) (mine is that the NSA cannot in fact track every single public phone call and the tale that we can was disinformation)
If they asked NSA and it refused .. .. .. (I cannot even come up with a cynical crack for this variation)
So stop focusing on what Apple should or should not do (could or could not do is relevant also) and focus on why the gov't NEEDS Apple.

After thinking about it and reading your post, doesn't big brother already have access through the phone companies to all of the numbers called to and from that phone..........I would also imagine they can track all the texts too..
 
After thinking about it and reading your post, doesn't big brother already have access through the phone companies to all of the numbers called to and from that phone..........I would also imagine they can track all the texts too..

I suspect the reason is because it cannot be done quietly, and the government is still celebrating the fact that most people don't know what Snowden did anymore (many think he either runs/ran WikiLeaks, or that he sold secret information to spies). Bringing it back to the forefront in the middle of an election year would be a bad move politically.
 
Well, except for those pesky "exigent circumstances," or whatever other workarounds are found to getting a warrant.

For example - police need a warrant or consent to enter your home to search it. Unless they see something happen that would cause them to feel that they must be in the home right now.

Or, they cannot search your car without a warrant or consent. Unless they convince their dog to bark at the window.

Well, I don't have any real strong feelings on this matter either way. I don't know how I feel about them compelling a company to write some program but the idea that they can get a warrant to search your phone isn't that alarming to me. Hell, I figured they already could do that and don't see it as much different than getting a warrant to search my car, home or personal belongings,
 
Well, I don't have any real strong feelings on this matter either way. I don't know how I feel about them compelling a company to write some program but the idea that they can get a warrant to search your phone isn't that alarming to me. Hell, I figured they already could do that and don't see it as much different than getting a warrant to search my car, home or personal belongings,

Of course they can. That's not the issue at hand - the issue at hand is requiring a company to provide a means to break security mechanisms that have been, to date, impossible to break.

You can't go back once that's done. And once its done, it gets easier for the government to do it again.
 
After thinking about it and reading your post, doesn't big brother already have access through the phone companies to all of the numbers called to and from that phone..........I would also imagine they can track all the texts too..

They can track all of that, but there may be data stored locally on the phone that never goes through the phone carrier. Unless the user had iCloud on and syncing, there are a number of things that might be local to the phone.

That said, this case is about precedent.... Nick is 100% on point.
 
Ok but is that what everyone is really objecting to?
In my case yes.
The cops can currently get a search warrant and search someone's computer. Do you object to that as well?

No problem, not even on the iPhone do I object to the search. But likewise, I would object if they tried to order Dell to change their operating system so that they could get in to a dell computer anytime anytime.
 
So what makes law enforcement so sure that the shooters didn't have and use burner/prepaid cell phones for coordinating with others - personally I would laugh that after we go thru all this legal nonsense and the iPhone is unlocked, there is nothing but d**k pics !!!
 
Something nobody has yet mentioned and I think is extremely important is that you can't have a truly secure encryption system with a backdoor. Not a matter of "won't" or "refuse to", it's a matter of "can't".

Not that I'm advocating they should do this...

But from a purely technical perspective it's very simple having an unbreakable backdoor. Use a public key/private key mechanism and encrypt the users password with a long salt into the phone with a well-known public key that all phone manufacturers use.

With a modern day key length, there isn't enough energy in the solar system to be able to run through the combinations you would need to brute force that private key. Sure maybe someone could discover faulty math with the encryption algorithm, but that's equally as likely to happen on the front-line security as the back door.

The trick comes into how secure government can keep that private key.

However, Apple has no problem shipping their phone with > 30 root certificates of entities they trust to hand out keys to you - and those are also 30 entities that have to keep their keys VERY secure - the entire Internet economy depends on it. Those keys are what keeps your password & other bank detail encrypted when you enter it on your bank or brokerage site. Once your password is encrypted, ONLY your bank can decrypt it - not even you. When you read about large scale security breaches - it's always because of weak passwords, or because the people operating the sites are idiots that don't know how to RTFM when they store the passwords. It's never because the encryption has been cracked.

So to supply such a backdoor, Apple would simply have to ship yet another root certificate with the private keys behind it owned by the government, then use a government cert to encrypt and store your password in a location on the phone.

Now to keep it secure, there should only ever be one person in government that has access to it. Maybe right next to the nuclear launch codes... And it should require an act of congress or a tactical wartime defense scenario for it to be released and used.

The main problem with this isn't the technology. It's not even our government. It's because if Apple does it for the U.S. they're going to have to do it for every crappy little government in the world in order to sell phones in those markets. And I certainly don't want to have to trust some guy in the government of Guinea Bissau to have to keep a secret when someone knocks on his door with a $10'000 bribe.
 
The laughable part (in a sad what happened to our freedom kind of way) is that it doesn't work anyways.

If Apple/google/MS eliminated security completely the poor bad guys will just install Wickr and TOR and the rich bad guys will just by Silent Circle's Black Phone and stay dark

Security is a good thing. With all the cyber attacks we've had, and growing, why would anyone want to loosen rather than tighten security.

The winners will be the punks who steal the phones unlock them and sell them.
 
The argument over on Pilot Spin is that the government only seeks access to this one phone and only wants Apple to do something with this one phone.

I believe the request is for Apple to engineer a backdoor which would be part of a future iOS upgrade. This request does not get them into this one particular phone.
 
Well, I don't have any real strong feelings on this matter either way. I don't know how I feel about them compelling a company to write some program but the idea that they can get a warrant to search your phone isn't that alarming to me. Hell, I figured they already could do that and don't see it as much different than getting a warrant to search my car, home or personal belongings,

My thoughts as well. They can get a warrant to search your computer, so why not a smartphone?

Besides... The owner of the phone has granted permission. Really there shouldn't even be the need for a warrant.
 
Older iPhones the issue with this particular phone is that 10 tries and wipe the phone is set. What the FBI is asking apple to do is to create custom firmware that would circumvent this so the FBI can brute force attack it to gain access.

.

Isn't it all just data? It should be fairly straightforward to clone the chip with exactly the same data on another chip. Then try all possible unlock codes. If it fries you just clone another one. Worst case you'll fry 1000 chips. But but the original chip will still be intact and eventually you'll find the right code. It has to be cheaper and faster than trying to get Apple to write a back door.

Even better, write an iPhone emulator. How hard could that be? :)

Jim
 
Isn't it all just data? It should be fairly straightforward to clone the chip with exactly the same data on another chip. Then try all possible unlock codes. If it fries you just clone another one. Worst case you'll fry 1000 chips. But but the original chip will still be intact and eventually you'll find the right code. It has to be cheaper and faster than trying to get Apple to write a back door.

Even better, write an iPhone emulator. How hard could that be? :)

Jim

Even assuming that that would be possible (which it may or may not be -- I'm not any kind of iThing expert), it wouldn't accomplish what I believe is the real objective: to circumvent Congress's denial of the FBI's and other intelligence agencies' requests for virtually unfettered access to people's encrypted personal data.

This whole case is just a convenient excuse to use the courts to attempt an end run around the elected Congress and the will of the people. It has nothing to do with the data on that particular phone. If there were anything important on it, it would have been destroyed like the others.

Rich
 
If I was Apple I would just announce moving all operations and company residence offshore, so they don't have jurisdiction.
 
Even assuming that that would be possible (which it may or may not be -- I'm not any kind of iThing expert), it wouldn't accomplish what I believe is the real objective: to circumvent Congress's denial of the FBI's and other intelligence agencies' requests for virtually unfettered access to people's encrypted personal data.

This whole case is just a convenient excuse to use the courts to attempt an end run around the elected Congress and the will of the people. It has nothing to do with the data on that particular phone. If there were anything important on it, it would have been destroyed like the others.

Rich
And it has never stopped the courts from making new laws that circumvent congress (or the constitution). One just needs to be rich enough to chase this all the way up the judicial ladder.
 
And it has never stopped the courts from making new laws that circumvent congress (or the constitution). One just needs to be rich enough to chase this all the way up the judicial ladder.

This is where we the people need to grow a damn spine, this is why there is the 2nd amendment, it gives all the other amendments teeth.
 
Last edited:
I would imagine they should be able to keep that secret under wraps and not worry about being forced to divulge it.

Bad imagination. Apple was not even allowed to be present at the court where this was ordered. NSL letters may not be disclosed at all (discussion)

Only the good guys follow the rules. To eliminate security to protect them from the bad guys (Nigerian princes, ISIS, ransomeware schemes) is insane.

let the good guys lock the doors, even if a bad guy locks his too. Good guys out number bads by a lot...

BTW, does everyone here realize this is simply a user setting you can turn or off individually.
 
Senator from NC is pushing a bill to *criminalize* manufacturers not assisting law enforcement in these cases. The political games have begun.
 
TouchID has a 48 hour timeout. If you haven't touched your phone in the last 2 days, it'll force you to enter your passcode.

December has been a bit more than 2 days ago.

Edit: Also at bootup. So if the phone was off when they found it, or it has been turned off in the intervening time, they're still out of luck.
Also a 5C doesn't have touch ID.
 
Back
Top