Breaking News
Blog

Apple, FBI Talks Need Engineers

NO RATINGS
View Comments: Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
rick merritt
User Rank
Author
Re: The philosophical chasm
rick merritt   2/29/2016 7:45:34 PM
NO RATINGS
@CC VanDorne I have my cynical monmenbts, too. Frankly some days I wonder which is worse, trusting the coroprate giants or the government.

That said, I think it could be useful oif engineers from both sides participate in the debate about technically feasible approaches to both protecting privacy and pubic safety.

CC VanDorne
User Rank
Author
The philosophical chasm
CC VanDorne   2/29/2016 11:39:21 AM
NO RATINGS
Although the extent to which governments today "guard their citizen's freedom" is highly debatable, I think this says it all:

"Private companies are responsible to build the most secure products possible. Governments are charged to guard their citizens' safety and freedom. Today we are moving toward an extreme in which the two sides are adversaries."

If so, then what can a meeting-of-the-minds, which according to EETimes should also include engineers, actually accomplishat this point?  It seems that we have been forced into the position of choosing one side or the other then standing back and watching as one wins, the other suffers defeat, then hoping for the best as the fallout of that outcome - whatever it may be - ensues.

Crisis mode governance 101.

Or am I letting my cycism - guided by the observation that the US government rarely loses in these situations - get the best of me?  Is it not too late such that the injection of the engineering mind at this point will be anything but perfunctory?

 

nick_rb
User Rank
Author
Re: Try all password combinations
nick_rb   2/29/2016 9:01:43 AM
NO RATINGS
@Bert

The iPhone owner (San Bernardino Health Department) reset the iCloud password after being asked to do so by the FBI. All the metadata (which is the actual data of interest) was presumably already in the hands of the FBI thanks to the agreements with the service providers. It looks like it was a cock-up by the FBI, which it tried to capitalise on by making caselaw in favour of backdooring devices.

Some cynical people might think that the password reset would have been intentional to achieve that goal...

rick merritt
User Rank
Author
Re: Try all password combinations
rick merritt   2/26/2016 3:27:22 PM
NO RATINGS
@waaromikke: You remind me of the presidential candidate years ago who said we should have a Department of Peace. I can imagine it setting up schools, research institutes and startup accelerators in empoversihed areas around the world, building bridges instead of walls.

waaromikke
User Rank
Author
Re: Try all password combinations
waaromikke   2/26/2016 2:27:05 PM
NO RATINGS
If the phone owner was serious about security he would have used a alphanumerical password more complex than 6 digits. And if he was even more serious he would not have left secret traces on his phone. If the FBI want to know who he called then they can contact the telco and/or ISP. But if this person is a little smart he would have used a VPN.

To me this seems like an optimistic wild goose chase. How many goose have been caught so far with all the B$ spent by agencies so far? If this money had been spent on poor in Asia, Africa than many more lives would have been saved.

Some Guy
User Rank
Author
Re: Try all password combinations
Some Guy   2/26/2016 2:16:28 PM
NO RATINGS
Not just the delay, but also the max tries, so they can try all 1 million possible combinations.

Bert22306
User Rank
Author
Re: Try all password combinations
Bert22306   2/25/2016 10:30:07 PM
NO RATINGS
Ah, thanks. They only want Apple to delete the delay between passcode attempts. That makes sense.

Doug_S
User Rank
Author
Re: Try all password combinations
Doug_S   2/25/2016 10:25:18 PM
NO RATINGS
The iPhone is encrypted, but the key for decryption is protected by the passcode. Find the passcode, and it unlocks access to the encrypted files like iMessage communication, Visual voicemail, call history, etc.

 

So the FBI wants Apple to make it easy for them to brute force the passcode, so they can unlock the phone and access this stuff.

Bert22306
User Rank
Author
Re: Try all password combinations
Bert22306   2/25/2016 9:23:39 PM
NO RATINGS
But none of those changes will get the FBI any closer to decrypting the files in the iPhones involved here, the San Bernardino iPhones, as far as I can tell. So you're saying, the FBI is past that? This is just for the future?  Could be. I didn't get that nuance at all, from news reports.

This whole scenario relies on the ability of iPhones to have their OS updated while locked (if you boot them into DFU mode, which is sort of a pre-boot for recovery from bad flashes etc.) which fortunately Apple is already working on closing up.

I'm pretty sure you cannot decrypt files that have been stored encrypted, no matter how you update the OS. Aside from just brute force attempts cycling through all possible keys.

Doug_S
User Rank
Author
Re: Try all password combinations
Doug_S   2/25/2016 9:18:05 PM
NO RATINGS
What the government wants is a special version of iOS to be created that does not enforce the 10 try limit on passcode guesses that wipes the phone. They also want the delay between passcode guesses to be eliminated, so the FBI can use a method that repeatedly tries passcodes via brute force until it hits the right one.

 

I guess the FBI considers themselves lucky that the terrorist used a passcode (either 4 or 6 digit PIN, not sure) instead of a full alphanumeric password, which has been allowed in iOS since at last 2009 if not earlier and would be impossible to brute force.

 

Personally I think the FBI knows this is a wild goose chase, and merely wants to set a precedent that they can compel companies to create special software to break their security. Unless you believe that terrorists smart enough to destroy the hard drive in their PC and both their personal phones would ignore a work phone, have it syncing to iCloud until recently, and use an insecure passcode on it instead of a password. If it contained anything useful the terrorists would have destroyed it too.

 

This whole scenario relies on the ability of iPhones to have their OS updated while locked (if you boot them into DFU mode, which is sort of a pre-boot for recovery from bad flashes etc.) which fortunately Apple is already working on closing up. Hopefully they also offer an option to have fully encrypted iCloud backups - they would be unable to help people who forget their passwords but I've thought that needs to be an option ever since iCloud was introduced.

Page 1 / 2   >   >>

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed