±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 35741
New Yesterday: 3 Visitors: 135

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Apple Unlocking iPhones vs US Government

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page Previous  1, 2, 3, ... 10, 11, 12  Next 
  

trewmte
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 19, 16 01:02

CONUNDRUM!

What would make YOU decide to backdoor where the interest of a matter is greater than privacy and security?

Place in your order of importance the below and highlight at what stage you would expect Apple to concede and backdoor their devices for the greater good?

10....................backdoor device to find a burglary/car thief
9....................backdoor device to find local cannabis supplier
8..................backdoor device to find IIoC photo distributor/procurer
7................backdoor device to find people trafficker
6..............backdoor device to find arms smuggler
5...........backdoor device to find LE or civilian murderer
4.........backdoor device to find agent spreading bacterial warfare
3.......backdoor device to find murderer of national president
2.....backdoor device to find kidnapper of 30 babies from hospital
1...backdoor device to find where nuclear device placed before explodes

Remember more is less and less is more.
_________________
Institute for Digital Forensics (IDF) - www.linkedin.com/groups/2436720
Mobile Telephone Examination Board (MTEB) - www.linkedin.com/groups/141739
Universal Network Investigations - www.linkedin.com/groups/13536130
Mobile Telephone Evidence & Forensics trewmte.blogspot.com 
 
  

dan0841
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 19, 16 02:27

- trewmte
CONUNDRUM!

What would make YOU decide to backdoor where the interest of a matter is greater than privacy and security?

Place in your order of importance the below and highlight at what stage you would expect Apple to concede and backdoor their devices for the greater good?

10....................backdoor device to find a burglary/car thief
9....................backdoor device to find local cannabis supplier
8..................backdoor device to find IIoC photo distributor/procurer
7................backdoor device to find people trafficker
6..............backdoor device to find arms smuggler
5...........backdoor device to find LE or civilian murderer
4.........backdoor device to find agent spreading bacterial warfare
3.......backdoor device to find murderer of national president
2.....backdoor device to find kidnapper of 30 babies from hospital
1...backdoor device to find where nuclear device placed before explodes

Remember more is less and less is more.


1 - 8 Inclusive. I would, however, make sure there are sufficient safeguards as with other Telecoms based requests (At least in the UK anyway).  
 
  

jaclaz
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 19, 16 18:17

Apart from the specific case (and the opportunity and the Law, and Privacy and everything else) there is an underlying issue IMHO:
www.apple.com/customer-letter/
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.


The good Apple guys are not saying that what the FBI asked is impossible (which is what I seemed to understand they said to everyone else before) they are saying that:
1) it does not exist (yet)
2) that they will try to not make it

Till now the debate was more whether a new version of the OS would have been made in such a way to allow access to the encrypted data without knowing the pin/password/etc., it was assumed (or implied, or both) that it was not possible to replace parts (or the whole) OS on a "locked" device, i.e. both the encryption was "unbreakable" but also was not "by-passable", the news seem to be that while the encryption is still "unbreakable", it is actually "by-passable".

In other words one thing is creating a new OS that has a backdoor and install it on a new or however "unlocked" device, another thing is "injecting" an OS with a backdoor in an existing, "locked" device.



jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

thefuf
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 19, 16 21:42

Apple, FBI, and the Burden of Forensic Methodology. Is it a kind of the CSI effect when dealing with forensic tools?  
 
  

hcso1510
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 20, 16 13:50

I really do wish that we could stop calling this a back door. To me, back door denotes some sort of illegal hacking. I want a front door, but I know that can only come with a Search Warrant supported by probable cause.

Companies are not in business to support law enforcement investigations, but I never really thought they were in business to thwart them either.

I don't believe we need to wait for Apple to develop anything when they have everything they need right now.

I don't know the exact version of iOS when Apple stated only the end user could access a locked device, but there was a version just prior to that.

I would think they could push out an update that now allowed them to be able to access the phones, like they can't now???, and make it mandatory. They could also give everyone a set time period to download the update or their phones would be unsupported.

I dont see the general public throwing their iOS into the trash bins over this, but while the public does want mobile phone security I also believe they would think law enforcement should be able to access a device with a search warrant. They certainly don't want to hear that law enforcement cant access a terrorist's phone.

I'm somewhat surprised Apple hasn't come out and said "Ok, but we will charge $100 per phone." Who knows what the future holds....
_________________
Ed

I'm not a cellular technology expert, but I did stay at a Holiday Inn Express last night. 
 
  

jaclaz
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 20, 16 18:43

The news about the change of i-cloud password after the device was already seized add some further spice to the issue:
www.wired.com/2016/02/...t-iphone/?

Shortly after the phone in question was seized from an SUV belonging to Farook and his wife, someone changed an Apple ID that might have allowed the phone to back up data to iCloud—which would have given the government a chance to seize the data with a court order. But because that ID was changed, there is no chance the phone could have ever backed up additional data to iCloud, a senior Apple executive said on a call today with reporters.

When asked who changed that ID, the executive said that the government indicated it was someone who worked for the county, but that he didn’t know the identity of that worker. However, this presumably would have been an IT worker for the county who supplied the phone to Farook.

The government touched on this detail in a motion it filed with the court today but placed it only in a lengthy footnote at the bottom of one page. The government also didn’t acknowledge in the footnote that this was likely the best chance it had of retrieving the data it wanted from the phone.


jaclaz
_________________
- In theory there is no difference between theory and practice, but in practice there is. - 
 
  

C.R.S.
Senior Member
 

Re: Apple Unlocking iPhones vs US Government

Post Posted: Feb 20, 16 19:17

- hcso1510
I really do wish that we could stop calling this a back door.


Fully agree. It's not even a back door in technical terms, it's exploitation. They have a device which is somewhere between secure and insecure out of the factory, depending on your adversary. For the manufacturer, this iPhone is easily accessible to prepare a brute force attack.

I'm not an expert for US law, but I think, it is entirely possible to hold a third party responsible for reasonable efforts in such cases. Apple is to be compensated for these efforts. Apple refuses because of post-Snowden hysteria and related PR issues.  
 

Page 2 of 12
Page Previous  1, 2, 3, ... 10, 11, 12  Next