Apple Refusing Court Order to Unlock Killer's iPhone

[Deleted sulking member 63079]

depends. like i said if nobody at apple genuinely has the ability to decode the encryption (maybe they mashed the keyboard for the passphrase ) as I said it would take 1.4 billion years to decrypt a 128bit key.

This is why the FBI's request isn't to decrypt the data, but to enable a brute force attack on the unlock code. The encryption is 256bit AES encryption. Good luck cracking that:

"50 supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×10^51 years to exhaust the 256-bit key space."

 

[neil_g]

This is why the FBI's request isn't to decrypt the data, but to enable a brute force attack on the unlock code. The encryption is 256bit AES encryption. Good luck cracking that:

"50 supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×10^51 years to exhaust the 256-bit key space."

yup, but it opens up the debate surrounding encryption that seems to becoming under more and more fire from government (who seem to have no clue about what an impact it would cause).

 

[Mr Bump]

It would be software to negate that though and there lies the problem, once its written the chance of it being leaked would be great, putting iPhone security in serious risk.

yeah massive amounts of trivia could be exposed, handbag websites, location of hair stylists, grinder profiles

 

[jakeblu]

@Mr Bump You could also say the same regarding Trojans that farm your data on your PC but I doubt you will.

Also of course your iPhone is also used as a contactless payment method so, maybe not so trivial.

 

[viv1969]

You could also say the same regarding Trojans that farm your data on your PC but I doubt you will.

Also of course your iPhone is also used as a contactless payment method so, maybe not so trivial.

Can be used as a contactless payment system.....doesn't have to be.

 

[jakeblu]

Can be used as a contactless payment system.....doesn't have to be.

It's arguably more secure than a normal card as it needs fingerprint verification. Makes it attractive as a payment method. But your right of course, it's not compulsory

 

[PaulF]

yeah massive amounts of trivia could be exposed, handbag websites, location of hair stylists, grinder profiles

Don't forget, possibly, your bank details, credit card details, name, address, email usernames and passwords, work details, tax details, NI number etc etc. The perfect details to steal your identity. Yep, really good idea to create that software tool that everyone knows will never ever get out of Apple, not in anyone's wildest dreams could that happen.

I don't use an iphone.

 

[Mr Bump]

@Mr Bump You could also say the same regarding Trojans that farm your data on your PC but I doubt you will.

Also of course your iPhone is also used as a contactless payment method so, maybe not so trivial.

Except I havent got an iphone and I dont use my phone for such trivialities as checking my bank balance as I have many 1000s in it.

 

[neil_g]

such trivialities as checking my bank balance as I have many 1000s in it.

eh?

 

[Keith W]

eh?

Paul is a multi millionaire so doesn't need to check his bank balance on his phone..... He's loaded

 

[neil_g]

Paul is a multi millionaire so doesn't need to check his bank balance on his phone..... He's loaded

considerably richer than yaw

 

[dejongj]

Great timing to get their quarter sales up, it was slumping a bit after all. And a great rumour to spread for perceived safety and security.

I'm not buying any of it.

 

[Ricardodaforce]

Great timing to get their quarter sales up, it was slumping a bit after all. And a great rumour to spread for perceived safety and security.

I'm not buying any of it.

So you don't believe the FBI have requested the courts order Apple to enable access to this phone?

 

[Steep]

This is why the FBI's request isn't to decrypt the data, but to enable a brute force attack on the unlock code. The encryption is 256bit AES encryption. Good luck cracking that:

"50 supercomputers that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would, in theory, require about 3×10^51 years to exhaust the 256-bit key space."

But with each attempt having the same chance of being the right one it could take 5 seconds, or 5 minutes.

 

[Keith W]

Said terrorist may find themselves on a free flight to gitmo where some more... erm... "conventional" encryption cracking may take place

 

[Ricardodaforce]

Said terrorist may find themselves on a free flight to gitmo where some more... erm... "conventional" encryption cracking may take place

Just as a lot of innocent people have.

 

[viv1969]

Said terrorist may find themselves on a free flight to gitmo where some more... erm... "conventional" encryption cracking may take place

That would be difficult since said terrorist is dead.

 

[john.margetts]

Great timing to get their quarter sales up, it was slumping a bit after all. And a great rumour to spread for perceived safety and security.

I'm not buying any of it.

I would be amazed if the developers had not made their own lives easier by having a backdoor. I suspect Apple's reticence stems from their not wanting to admit how easy it is to get into the system once you know how.

 

[dejongj]

So you don't believe the FBI have requested the courts order Apple to enable access to this phone?

No I totally believe they have done that. Besides that is easy enough to verify. But that wasn't the point.

 

[Ricardodaforce]

No I totally believe they have done that. Besides that is easy enough to verify. But that wasn't the point.

What was the point?

 

[Phil V]

So if something happened to a family member of friend and the police wannted access to a suspect`s phone some think that access should be denied. Really?

Really?

That's why we have a justice system, because left to human nature carnage ensues. If someone harmed one of my kids, I'd want to kill them and cook their entrails, that doesn't make it right though. And allowing that reaction to influence my behaviour would make me a cockwomble not a loving father.

 

[Keith W]

That would be difficult since said terrorist is dead.

Ahhh that would pose a problem

 

[nog]

Really?

That's why we have a justice system, because left to human nature carnage ensues. If someone harmed one of my kids, I'd want to kill them and cook their entrails, that doesn't make it right though. And allowing that reaction to influence my behaviour would make me a cockwomble not a loving father.

From OP "Apple will contest a court order to help FBI investigators access data on the phone belonging to San Bernardino gunman Syed Rizwan Farook."

My bold, the justice system has been used. I suspect you will counter with just 1 judge/America etc . Not sure about the entrails and cockwombles, I believe its pretty reasonable for thr FBI to try and get the info off the phone.Hey ho you don`t agree.

 

[dejongj]

Just as a lot of innocent people have.

Provide a sense of security, and boost sales...

 

[Phil V]

From OP "Apple will contest a court order to help FBI investigators access data on the phone belonging to San Bernardino gunman Syed Rizwan Farook."

My bold, the justice system has been used. I suspect you will counter with just 1 judge/America etc . Not sure about the entrails and cockwombles, I believe its pretty reasonable for thr FBI to try and get the info off the phone.Hey ho you don`t agree.

Does that court order breach the law? Judges have been known to get it wrong, I think we should wait and see what the final outcome is.

And for clarity I was responding to your post, re the police, not 'a court order', just to keep my first post in context.

 

[dejongj]

I agree, nothing wrong with 'contesting' a court order. Why not use the system, and get some more free advertising...Even when they are wrong, they can afford it and its cheaper than an ad campaign.

 

[Nod]

I agree, nothing wrong with 'contesting' a court order. Why not use the system, and get some more free advertising...Even when they are wrong, they can afford it and its cheaper than an ad campaign.

Wouldn't a reputation for being unpatriotic be more damaging to them than ultimate perceived security be helpful?

 

[nog]

Wouldn't a reputation for being unpatriotic be more damaging to them than ultimate perceived security be helpful?

I agree and for once I agree with Donald Trump.


“The government is asking Apple to hack our own users and undermine decades of security advancement that protect our customers - including tens of millions of American citizens - from sophisticated hackers and cybercriminals,” he said.(Tim Cook- Apple)

The US Justice Department countered that the victims of the terrorist attack deserved an investigation that “will leave no stone unturned”.

Mr Trump agreed, saying “we have to use common sense.”

“We have to open it up, and we have to use our heads,” the Republican front-runner said in an interview with Fox News on Wednesday.

http://www.telegraph.co.uk/news/wor...-to-allow-FBI-to-access-terrorists-phone.html

 

[dejongj]

Wouldn't a reputation for being unpatriotic be more damaging to them than ultimate perceived security be helpful?

There is no such thing as bad news. And this is not unpatriotic as many more are concerned about their privacy. It's a market grab, and not just nationally the international value of this is many times greater.

 

[Deleted sulking member 63079]

I don't have an iPhone, so someone here might be able to answer this:

If there's an IOS update, can it be pushed to the phone without the user confirming it on the phone? And if the phone is locked, can this be confirmed without putting in the pin code?

If it requires the pin to flash the firmware, then I can't see how apple could actually do it without resorting to extremely expensive and "unreasonable" measures.

 

[Nod]

There is no such thing as bad news. And this is not unpatriotic as many more are concerned about their privacy. It's a market grab, and not just nationally the international value of this is many times greater.

Tell tricky Dicky Nixon that there's no such thing as bad publicity!

Done properly and securely by Apple and the FBI, any cracking shouldn't ever reach the public domain so 99.99999% of people would have their privacy intact. If the process can't be done properly and securely, surely there is a far greater risk to people's privacy somewhere in the "machine"? Of course, Apple could already have an easy way in and are stalling to make it appear that it's far more complicated than it actually is... [/tinhat!]

 

[the black fox]

human nature being what it is theres quiet a few possible scenarios arising in this thread .

for now i'll side with apples p.o.v ,but its highly likely its all smoke and mirrors and the fbi have already accessed the files ,and this is just a ploy to make isis sympathisers feel safe so the security services stay one step ahead of the game .i wonder what edward snowdens take on this is

 

[neil_g]

Done properly and securely by Apple and the FBI, any cracking shouldn't ever reach the public domain so 99.99999% of people would have their privacy intact.

yeah "shouldn't" is a great word. I use it all the time when I dont want to commit.

I wonder how often the US gov leaves confidential info in a briefcase on a train. but it's not necessarily the leak of the physical program that's a problem its the knowledge of how the program was created. you cannot erase the brain of everyone that has any technical knowledge of the brute force program.. humans are always the weakest link and open to corruption when the correct leverage is applied.

 

[Nod]

Nothing is ever truly 100% secure, whether it's a bank vault or a fact known by only one person. If a crack can be created, it can be created by malfeasants as well as by "the good guys" although the latter do have a few advantages.

 

[viv1969]

human nature being what it is theres quiet a few possible scenarios arising in this thread .

for now i'll side with apples p.o.v ,but its highly likely its all smoke and mirrors and the fbi have already accessed the files ,and this is just a ploy to make isis sympathisers feel safe so the security services stay one step ahead of the game .i wonder what edward snowdens take on this is

Snowden has already commented, I'm told.

 

[Deleted sulking member 63079]

human nature being what it is theres quiet a few possible scenarios arising in this thread .

for now i'll side with apples p.o.v ,but its highly likely its all smoke and mirrors and the fbi have already accessed the files ,and this is just a ploy to make isis sympathisers feel safe so the security services stay one step ahead of the game .i wonder what edward snowdens take on this is

Occam's Razor. It's highly likely they haven't accessed the files or they wouldn't have got the court order.

 

[neil_g]

Nothing is ever truly 100% secure, whether it's a bank vault or a fact known by only one person. If a crack can be created, it can be created by malfeasants as well as by "the good guys" although the latter do have a few advantages.

so youre agreeing that creating this program for the US gov is a bad thing then surely?

once there is a known way in then it will get attempts at exploiting the weakness. best never to make a weakness in the first place.

 

[dejongj]

Occam's Razor. It's highly likely they haven't accessed the files or they wouldn't have got the court order.

Not at all if you understand how it works

 

[neil_g]

for what it's worth the FBI already have the guys icloud data up to a couple weeks before the attack.

 

[Deleted sulking member 63079]

for what it's worth the FBI already have the guys icloud data up to a couple weeks before the attack.

Yeah the phone encryption will only be for files physically on the device.