flat assembler
Message board for the users of flat assembler.

flat assembler > Heap > Apple vs FBI re iPhone unlocking

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
Walter



Joined: 26 Jan 2013
Posts: 132
Argued with the girlfriend on this one. If it was just about giving government a binary dump of data, I'd say go for it. After all, we're dealing with terrorist activities here. But this one is much more complicated.

www.wired.com

"But if you got a warrant, I guess you're gonna come in."
Grateful Dead - Truckin'
Post 20 Feb 2016, 00:19
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
The most interesting thing for me, regardless of the eventual outcome, is the exposure of the flaw of the iPhone protection mechanisms. If someone, anyone, can (even in principle) hack your data with a bypass then your data is not as safe as you might have otherwise assumed.

Another public exposure I would like to see is something like lastpass and all the JS it sends to the user for encryption. It would be possible for a TLA to compel lastpass to send modified JS to particular clients to surreptitiously send the users decodable passcode to a server of their choosing. Since the users have no practical way to audit the JS coming in, and most simply trust it to be good, then this would be an efficient way to gather passcodes and most people wouldn't be aware it was even happening.
Post 20 Feb 2016, 07:00
View user's profile Send private message Visit poster's website Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 685
Location: Adelaide
Quote:
What is actually being asked for here is that Apple write custom code that allows the FBI to perform a brute-force attack against the iPhone without triggering the "10 strikes and the phone is wiped" protection mechanism.

http://www.theregister.co.uk/2016/02/17/why_tim_cook_is_wrong_a_privacy_advocates_view/
Post 20 Feb 2016, 07:26
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 7788
Location: ˛                              ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣ Posts: 6699
one locked all his wealth,memories,etc in an unbreakable treasury chest,

come one person demand chest key from him because he needs something inside that chest, or he suspects this person stole something from him and locked it inside the chest, chest contains proof that could clear another convicted person, or stuff that could save thousand lives, or etc

if i lend a handset from you to record a movie,
the recorded mp4 is mine or yours?

who own all the rubbishes on streets?

police could force me to open my door because they suspect there are terrorists in my house, they do it with all my neighbours knew and watch, with me watching and recording,

but police cannot and should not force housing developer to create a hidden door in every house so that they could enter through that door when they want to enter.

i suggest, apple video tape, screen video, each police request to open an iphone and post them in youtube, i think such approach is nearer to available accepted laws.
Post 20 Feb 2016, 21:25
View user's profile Send private message Reply with quote
Walter



Joined: 26 Jan 2013
Posts: 132
An open letter from Tim Cook

http://www.apple.com/customer-letter/
Post 20 Feb 2016, 23:16
View user's profile Send private message Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3476
Location: Bulgaria
All this story for me simple show for the public. PR action of Apple. On the reality Apple probably shares the user data with the government, but wants this to be kept in secret.. And the secrecy of such collaboration is good for the government as well, because otherwise the people will start to control their conversations and the content of their phones.

For example, why not to simply desolder the flash chip from the phone and brute force it separately. This way the protection will not work anymore.
Post 21 Feb 2016, 09:31
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
JohnFound wrote:
For example, why not to simply desolder the flash chip from the phone and brute force it separately. This way the protection will not work anymore.
That won't work because of the key stored in the TrustZone. You would need to extract the key from the TrustZone which is no easy task. Without that key you then have to break the AES crypto which is a much harder task than just trying all the 4 or 6 digit unlock codes. This is why you have to run the code on the actual phone.
Post 21 Feb 2016, 23:20
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3476
Location: Bulgaria
Well, I have close to none knowledge of ARM architecture. But I am sure there is something dirty behind the scene of this story. Everything is too melodramatic. Smile
Post 22 Feb 2016, 01:00
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
JohnFound wrote:
Well, I have close to none knowledge of ARM architecture. But I am sure there is something dirty behind the scene of this story. Everything is too melodramatic. Smile
It is not ARM architecture, it is the SOC that has things like the TrustZone. Later Apple iPhones have something called the secure enclave, which apparently is much more robust than the TrustZone, but I think for this purpose it makes almost no practical difference, the key is going to be well contained within the chip unless some very serious hardware extraction tools are deployed.
Post 22 Feb 2016, 03:20
View user's profile Send private message Visit poster's website Reply with quote
YONG



Joined: 16 Mar 2005
Posts: 8000
Location: 22° 15' N | 114° 10' E
McAfee Founder: I'll decrypt terrorists iPhone for free
https://www.youtube.com/watch?v=EWZ8Gi0DVP8

Wow, he said it can be done within three weeks! Rolling Eyes Wink
Post 23 Feb 2016, 07:32
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
YONG wrote:
McAfee Founder: I'll decrypt terrorists iPhone for free
https://www.youtube.com/watch?v=EWZ8Gi0DVP8

Wow, he said it can be done within three weeks! Rolling Eyes Wink
Do you believe him? I think it is just a publicity stunt. He knows he will never be given the chance so he is quite safe to claim whatever he wants.
Post 23 Feb 2016, 07:36
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3476
Location: Bulgaria
revolution wrote:
He knows he will never be given the chance so he is quite safe to claim whatever he wants.


Well, he always can demonstrate the technique with another iPhone and then will get his chance. Smile

_________________
Tox ID: 48C0321ADDB2FE5F644BB5E3D58B0D58C35E5BCBC81D7CD333633FEDF1047914A534256478D9
Post 23 Feb 2016, 08:15
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 16128
Location: Hyperborea
JohnFound wrote:
Well, he always can demonstrate the technique with another iPhone and then will get his chance. Smile
Sure. But it doesn't really prove anything because the provenance of the iPhone cannot be vouched for in the same way. Just get a friend to give McAfee his locked iPhone (and he also tells McAfee the unlock code in secret) and three weeks later, wow, look he cracked it. Rolling Eyes
Post 23 Feb 2016, 08:42
View user's profile Send private message Visit poster's website Reply with quote
JohnFound



Joined: 16 Jun 2003
Posts: 3476
Location: Bulgaria
Well, it can be made trustworthy. One way, or another. In addition, if he want to crack this terrorists phone, as a way to advertise his skills, it is better he can make it, or else will get the opposite effect.
Post 23 Feb 2016, 09:54
View user's profile Send private message Visit poster's website ICQ Number Reply with quote
YONG



Joined: 16 Mar 2005
Posts: 8000
Location: 22° 15' N | 114° 10' E
revolution wrote:
I think it is just a publicity stunt. He knows he will never be given the chance so he is quite safe to claim whatever he wants.
The legal battle between Apple and the FBI may drag on for a long time. So, if he can demonstrate he actually has the skill, the FBI will probably have to give him a try. Time will tell. Wink
Post 23 Feb 2016, 10:11
View user's profile Send private message Visit poster's website Reply with quote
YONG



Joined: 16 Mar 2005
Posts: 8000
Location: 22° 15' N | 114° 10' E
Refer to:

http://money.cnn.com/2016/02/29/technology/judge-apple-feds/index.html?iid=obnetwork
Quote:
A federal magistrate-judge in New York City has ruled that the U.S. government can't force Apple to hack an iPhone to investigate a drug dealer.
This is not the same case. But it would certainly strengthen Apple's legal argument.

Wink
Post 02 Mar 2016, 01:36
View user's profile Send private message Visit poster's website Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1389
Location: Toronto, Canada
This discussion has an interesting remark:
the possibility of preventing a terrorist attack is not worth of all the possible issues for ordinal iPhone users,
when their phones can get 'unlocked' - too much information is on the smart phones these days.

http://www.therebel.media/fbi_san_bernardino_terrorists_to_bring_apple_and_microsoft
Post 02 Mar 2016, 17:47
View user's profile Send private message Send e-mail Reply with quote
YONG



Joined: 16 Mar 2005
Posts: 8000
Location: 22° 15' N | 114° 10' E
Post 29 Mar 2016, 01:52
View user's profile Send private message Visit poster's website Reply with quote
Walter



Joined: 26 Jan 2013
Posts: 132
The name of the new operating system:

GovOS Confused
Post 29 Mar 2016, 03:34
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1147
What a fetid load of rubbish all this talk about "smartphone this", "encryption that". Blah!!!

There MAY be some proof on their phones/computers that MAY be locked/encrypted. MAYBE.

But it's not like the crime is being committed in cyberland. And it's not like the people committing the crime aren't already known to many security agencies around the world.

These people high up in the idiocy, err, I mean intelligence community really think the whole world is made of complete morons who can't see how incompetent they've become at doing their job, who can't see the whole situation overwhelms them, who can't see they don't even grasp the ABC of that kind of terrorism.

If only we could have an encryption-free world, if only we could eavesdrop on all your kinky conversations, if only we could watch your every movement through the CCTV peephole from the cradle to the grave. Then we would all be saved and enjoy a long life in the land of milk and honey where planes don't get hijacked and come crashing into buildings and where bombs don't go off in train stations.

If only ...
Post 29 Mar 2016, 19:20
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2018, Tomasz Grysztar.

Powered by rwasa.