Join Us!

Apple Unlocking iPh...
 
Notifications
Clear all

Apple Unlocking iPhones vs US Government  

Page 2 / 6
  RSS
C.R.S.
(@c-r-s)
Active Member

Technically fair observations and I don't have a problem with those terms. It might be though others might think this is being a little bit semantically picky.

However, it's not only about a semantic nuance but the essential qualitative difference between a state enacted ex ante weakening of a reasonably secure device before it is placed on the market or used, aka back door, and the subsequent access to an originally insecure device. It is an essential difference not only technically but for the legal and civil rights implications.

While I'm not aware of ITU, ETSI or 3GPP using the term back door the wrong way, it's just my observation that media and their "advising" activism groups predictably choose those terms which make the actual, wrongly described undertaking seem the most aggressive, illegitimate or associable with actually illegitimate intents.

ReplyQuote
Posted : 20/02/2016 8:01 pm
trewmte
(@trewmte)
Community Legend

I don't have an issue with your term merely, however, such qualification would require you to go out and change the millions of published words at maybe hundreds of thousands of newspapers, website, new broadcasts etc. etc.

Technically fair observations and I don't have a problem with those terms. It might be though others might think this is being a little bit semantically picky.

However, it's not only about a semantic nuance but the essential qualitative difference between a state enacted ex ante weakening of a reasonably secure device before it is placed on the market or used, aka back door, and the subsequent access to an originally insecure device. It is an essential difference not only technically but for the legal and civil rights implications.

So you are in court and you give, as the technical witness in the witness box, the above definition. The Judge asks, ok so what is "aka back door" then if it is not another word being used for exploitation?

While I'm not aware of ITU, ETSI or 3GPP using the term back door the wrong way

1 Introduction

With appropriate equipment it may be possible to perform hijacking attacks on a not-ciphered GPRS radio link. Appropriate equipment consists of a combination of a modified base station and a modified mobile station. Hijacking attacks are attacks whereby an intruder inserts his packets on radio resource allocated to a genuine user.

As an effective countermeasure, SMG10 (Oct. '97, and again in Jan. '00) have proposed to make encryption mandatory for GPRS. Mandatory encryption however would prevent world-wide deployment of GPRS (without any non-standard additions), as some countries restrict the use of encryption and to other countries the export of network equipment with the appropriate algorithms is restricted, or – which is more likely due to the importance of the market that is involved – it would make vendors build in there equipment a "back-door" which would result in the fact that encryption is only mandatory "in the specification" but not in reality.

The statement above was made by Siemens a world leader in wireless networks and devices. No mention of the word exploitation. The act Siemens mentions could appear an aggressive, illegitimate etc "intention" to subvert for a vendor's own gain (perhaps) whilst deployed in the field by creating a back door to overcome encryption possibly designated by laws?

ReplyQuote
Posted : 21/02/2016 12:10 pm
RolfGutmann
(@rolfgutmann)
Community Legend

If you cannot prevent wrong-doing of words created and used by common people in millions, the only way may is to extend the term to make it more precise.

A 'device-customized' backdoor would sound better but in fact is untrue because Apple can do this again and again. The creator knows all about his creature. But people in general simplify words in areas they feel not familiar with. How many people still speak about 'Antivirus'? The majority for a long time are trojans and worms as part of malware, no more viruses.

And to complete The Islamic State called itself ISIS and the U.S. tried to implement the term 'dash'. Did not work, too late. So either starting immediately to pull of another term or to control the media globally.

If something new calls itself X and stays alive! then it always can say 'My name is X'? The more a term is multiplied in media and simpler to understand, the more people adapt it. Back is clear and door too, so backdoor is most simple for everyone.

No wisdom, just my view

ReplyQuote
Posted : 21/02/2016 7:27 pm
C.R.S.
(@c-r-s)
Active Member

So you are in court and you give, as the technical witness in the witness box, the above definition. The Judge asks, ok so what is "aka back door" then if it is not another word being used for exploitation?

Highly unlikely that a judge will ask this, since I gave him this broad hint in my wording, and jurists have so much joy in distinguishing ex ante and ex post perspectives, which is the entire point here.

The statement above was made by Siemens a world leader in wireless networks and devices. No mention of the word exploitation.

This is because they are talking about a back door that vendors - on request by a government - generally and preemptively to any tangible government access put into their products on an entire market to render the mobile network encryption ineffective for every single user. It doesn't make more sense to call such a back door exploitation than vice versa.

By far not only technical statements use "back door" correctly. In most cases, media and laymen, such as those concerned teenagers who populate IT forums and need to be NSA-safe nowadays, are spot on when talking about back doors in the fear of some kind of Clipper Chip or manipulated proprietary encryption software. Some politicians bring up the idea of "back doors" when they really mean back doors, which both isn't helpful at all. Media are right in criticising such proposals, since they represent a massive governmental intervention to the disadvantage of ordinary citizens and economy.
In this case, there is no such intervention. The authorities just want to take advantage of the given weak security implementation that enables Apple to switch off security functions and that Apple put into their iPhones without any government interference.
Of course, Apple's assistance also affects the entire market, since it can be devolved to any already sold iPhone in past and future cases. But the root cause for this is not government interference, no back door, but Apple's design choice and consumer preference for the intrinsically weak product. The Apple statement in this context is ridiculous, effectively saying "As long as we don't program the exploitation tool, there is no vulnerability."

ReplyQuote
Posted : 21/02/2016 10:46 pm
jaclaz
(@jaclaz)
Community Legend

The news about the change of i-cloud password after the device was already seized add some further spice to the issue
http//www.wired.com/2016/02/apple-says-the-government-bungled-its-chance-to-hack-that-iphone/?

Quoting myself, just to say "as expected"
http//www.zdziarski.com/blog/?p=5695

In a letter emailed from FBI Press Relations in the Los Angeles Field Office, the FBI admitted to performing a reckless and forensically unsound password change that they acknowledge interfered with Apple’s attempts to re-connect Farook’s iCloud backup service.

Either the FBI has recklessly interfered with the processing of evidence OR FBI has mislead the courts on the amount and the nature of assistance required by Apple under the All Writs Act.

jaclaz

ReplyQuote
Posted : 21/02/2016 11:22 pm
LANGWONDE
(@langwonde)
New Member

Hello,there,
McAfee claim that he can solve this situation,does it true and possible D

"With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet. These hackers attend Defcon in Las Vegas, and they are legends in their local hacking groups, such as HackMiami. They are all prodigies, with talents that defy normal human comprehension. About 75% are social engineers. The remainder are hardcore coders. I would eat my shoe on the Neil Cavuto show if we could not break the encryption on the San Bernardino phone. This is a pure and simple fact. "

http//www.maxim.com/news/john-mcafee-iphone-shoe-2016-2

ReplyQuote
Posted : 24/02/2016 10:53 am
RolfGutmann
(@rolfgutmann)
Community Legend

The iPhone 5s's carrier probably has more data - already delivered. Does anybody know which carrier was in use and if the FBI already got this data out of All-IP and CDR?

ReplyQuote
Posted : 27/02/2016 3:31 am
jaclaz
(@jaclaz)
Community Legend

Another consideration could revolve around what is expected to be found on the specific phone.
It seems like
1) an i-cloud backup with a relatively recent date was actually found
2) the phone the case is about is a "business phone" issued by the employer, the dead terrorists had their own devices that - unlike this one - were intentionally physically destroyed before the attack

Form a pure logical point of view it is very improbable that the phone at hand has ever been used for *anything* even loosely connected to the attack, otherwise it would have been destroyed like the other devices.

jaclaz

ReplyQuote
Posted : 27/02/2016 4:13 pm
RolfGutmann
(@rolfgutmann)
Community Legend

@jaclaz please provide some referencies to the assumptions made. Who do YOU work for?

ReplyQuote
Posted : 27/02/2016 10:34 pm
jaclaz
(@jaclaz)
Community Legend

The iPhone 5s's carrier probably has more data - already delivered. Does anybody know which carrier was in use and if the FBI already got this data out of All-IP and CDR?

Seemingly Verizon (see cited sources).

@jaclaz please provide some referencies to the assumptions made.

Sure. )
http//www.techinsider.io/fbi-confirms-shooters-icloud-password-reset-2016-2

FBI investigators worked cooperatively with the county of San Bernardino in order to exploit crucial data contained in the iCloud account associated with a county-issued iPhone that was assigned to the suspected terror suspect, Syed Rizwan Farook.

The last iCloud data backup of the iPhone 5C was 10/19 and, based on other evidence, investigators know that Syed Rizwan Farook had been using the phone after 10/19. It is unknown whether an additional iCloud backup of the phone after that date – if one had been technically possible – would have yielded any data.

http//www.cbc.ca/news/business/apple-must-help-hack-san-bernardino-shooters-phone-1.3451123

It also was not immediately clear what investigators believe they might find on Farook's work phone or why the information would not be available from third-party service providers, such as Google or Facebook, though investigators think the device may hold clues about whom the couple communicated with and where they may have travelled.

The couple took pains to physically destroy two personally owned cellphones, crushing them beyond the FBI's ability to recover information from them. They also removed a hard drive from their computer; it has not been found despite investigators diving for days for potential electronic evidence in a nearby lake.

Farook was not carrying his work iPhone during the attack. It was discovered after a subsequent search. It was not known whether Farook forgot about the iPhone or did not care whether investigators found it.

All in all the couple seemed like smart enough to physically destroy other devices but not the county-issued iPhone, maybe out of respect of public property, or more likely (IMHO) because they were pretty much sure that there was nothing of value in it.

Also
https://theintercept.com/2016/02/26/farooks-iphone-is-probably-useless-even-the-police-say-so/

A locked phone used by a dead terrorist initially may have seemed like the perfect test case for law enforcement to argue that it needs ways to get around advanced device security.

But authorities may have picked the wrong phone after all. It’s becoming increasingly clear that law enforcement doesn’t really think there’s any important data on San Bernardino killer Syed Rizwan Farook’s iPhone and that it has more precedent-setting value than investigative value.

“I’ll be honest with you, I think that there is a reasonably good chance that there is nothing of any value on the phone,” San Bernardino Police Chief Jarrod Burguan told NPR reporter Steve Inskeep on Friday.

Who do YOU work for?

Naah, going to create a nice, symmetrical situation

http//www.forensicfocus.com/Forums/viewtopic/t=13737/start=21/
http//www.marriedtothesea.com/102107/symmetrical.gif

jaclaz

ReplyQuote
Posted : 27/02/2016 11:01 pm
zorko
(@zorko)
New Member

A lot has been written about this story in recent days, but surprisingly, a very important element is hardly ever mentioned

Somewhat simplified, the data content of a locked device is protected by two keys one provided by Apple and another entered by the user. The two are combined, to create a long key, and that combined key is used to encrypt the content. In order to make it possible for a user to use a short, easily remembered key, a combination of hardware and software creates delays between subsequent attempts to enter the key, and erases the combined key after a small number of tries. This makes brute-forcing even a short, 6-digit user key on a stock device impossible.

Apple could, if they wanted to, build a hardware/software combination (a "back-door") that would not delay attempts and not erase the combined key. However, this will be of no use if the user chooses to use a long key. Therefore, if it became known that Apple has built such device, users that need to keep the content of their devices private would simply start using longer keys, and thus make the back-door ineffective. It is only reasonable to assume that such users do that already.

ReplyQuote
Posted : 28/02/2016 3:29 am
RolfGutmann
(@rolfgutmann)
Community Legend

As Apple brought the issue to public and signaled to increase security of CoreOS Security a deadlock is in front of us. The alltime global attention on this issue by digital social and media channels is very critical to what will result. Two players FBI and Apple. Two options If FBI enforces also after supreme court to this case - everybody will know 'Apple did it (was pressed to do it)'. So trust in iPhones will fall - but not harm. Either it was not Apple's intention, they were pressed (kind 'we feel with you') and second no alternatives as Android devices collect more data than iOS.

So a short time cry and 'we feel with you'-solidarity will bring Apple in shape again. But trust will be gone just based on the actual media presence. Result All mobile devices are hacked/backdoored.

Other option Apple wins the battle. FBI is on a global pranger as a loser. Maybe for short. The worst case of a terror attack with hundreds of deaths and in use iPhones will inflame the situation and this time Apple would have to explain that 'it is really not possible because of PassCode and Secure Enclave security to break the phone'. What is missing is a third parties voice which should be the most trusted voice who can approve that iPhones 5s and up are unbreakable.

After Snowden revelations people remember the NSA and say 'Wait a minute - the NSA should break the FBiOS'?

Trust is more than fragile and gone. The next round of Zerodium 1m USD for iOS 9.3 breaking will come.

ReplyQuote
Posted : 28/02/2016 8:52 am
RolfGutmann
(@rolfgutmann)
Community Legend

Play-doh can open PassCode, see here

Vkansee @MWC15 proof

ReplyQuote
Posted : 29/02/2016 4:11 pm
jaclaz
(@jaclaz)
Community Legend

Play-doh can open PassCode, see here

Vkansee @MWC15 proof

Sure, though I am not so sure why it is getting all this publicity, it is not particularly "news", the procedure involves having the owner of the phone pressing his/her finger for some 5 minutes on dental mold, whilst the good ol'way of lifting off a fingerprint was IMHO much more "stealth"
http//www.zdnet.com/article/apple-iphone-fingerprint-reader-confirmed-as-easy-to-hack/
http//www.theregister.co.uk/2014/09/23/iphone_6_still_vulnerable_to_touchid_fingerprint_hack/

jaclaz

ReplyQuote
Posted : 29/02/2016 7:25 pm
trewmte
(@trewmte)
Community Legend

Play-doh can open PassCode, see here

Vkansee @MWC15 proof

Sure, though I am not so sure why it is getting all this publicity, it is not particularly "news", the procedure involves having the owner of the phone pressing his/her finger for some 5 minutes on dental mold, whilst the good ol'way of lifting off a fingerprint was IMHO much more "stealth"
http//www.zdnet.com/article/apple-iphone-fingerprint-reader-confirmed-as-easy-to-hack/
http//www.theregister.co.uk/2014/09/23/iphone_6_still_vulnerable_to_touchid_fingerprint_hack/

jaclaz

Ahhhh, yes, but, if husband/wife works in a dentist and whilst their partner is under gas and air, could easily take fingerprint/s to use later on and find out whether their partner is having an affair etc.. Could also work where dentist or dental assistant is working on someone else's behalf.

ReplyQuote
Posted : 01/03/2016 12:02 pm
Page 2 / 6
Share: