"Apple + NSA == Bullsh*t" - What's the REAL story?
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just because you want something doesn't mean that it's there. There is no reason, other than your supposition, that Apple can copy files from the encrypted sandbox of one machine to the encrypted sandbox of another, without the key being entered. In fact, it would negate the whole idea of an encrypted sandbox, wouldn't it?
As to market share, when you're dealing in billions of dollars annually and a fickle public, anything can destroy your market share and turn you into an also-ran.
Apple has built a system that protects your data very well from the most common use-case: a thief. But there has to be a way to service and repair the phone, to move data from one phone to another, and so on. Therefore, it stands to reason that the same data can be extracted and stored separately ... defeating any sort of "10 tries you're out" scenario.
No, it can't. Why do you think screen replacement is such a booming business? Because that's the only way to get back into your data - by using the SAME PHONE with the SAME KEY. Do you even have an iPhone? I dare you to turn that feature on, enter the PIN wrong 10 times, and take it to an Apple dealer (or anyone else) to recover your data. Let's see if they can help you.
Quote:
Originally Posted by sundialsvcs
FBI's recent actions -- withdrawing their legal action, and now offering to assist other law-enforcement agencies -- is tacit proof, to me, that this is (and always was) the case. As I said in the OP of this now-long thread, what Apple was saying never "rang true." "Thou doth protest too much."
All it "proves" is that someone found a bug in the software to exploit. Likely, they gained root access through a typical buffer overflow bug and were able to turn off (not reverse) the self-destruct feature (conjecture on my part). Your assertions all along have come from your own feelings, without evidence of any sort. Just "it has to be this way" or, "they must be doing it that way". Give us something that can be sensibly discussed, rather than idle conjecture.
(Conjecture is fine - until it is challenged (as it has been here by many). You can't continue to defend your points with yet more conjecture. It's time to provide at least a shred of evidence.)
Remember - this isn't the Linux world of free software. Apple is advertising a feature that millions of people are PAYING MONEY for. Apple would go bankrupt in an instant if someone discovered that this 'feature' was just smoke and mirrors.
Last edited by OregonJim; 04-01-2016 at 03:00 PM.
Reason: sigh - another typo
No, it doesn't "remove the encryption from the sandbox" to be able to copy off the sandbox file. There's no particular reason why you'd need to be able to decrypt the file, in order to copy it.
It's pretty obvious what they've done here: generated a nice, big, fat key and then encrypted that key with the passcode ... just like GPG, SSL, VPN, and so-forth can all do. This would indeed be a very secure arrangement, because only one passcode would decrypt the key and you'd know whether it did or not (without knowing which of 10,000 possible keys would do the trick). Easy, peasy.
Apple's software-update mechanism moves files on-and-off the phone all the time. I'm quite sure that they have a tool that can extract data from a mostly-dead phone; certainly one with a dead screen. (After all, that's what a USB connector is for.)
The key is not Apple's encryption mechanism, which I am sure is industry-standard, but "drop dead." I can't and won't believe that Apple doesn't have a tool that can snag that file and whisk it out of harm's way, along with every other file on the machine. Whether they care to acknowledge the existence of that tool to you, John Q. Public, is one thing. But when you're talking to an agency of the US Government who is pursuing a search warrant to try to solve a most-gruesome crime, that's quite another. Obviously, in the end, wiser heads did prevail.
There's nothing special about a phone. There's nothing remarkable in the fact that the phone has an "encrypted keychain." MacOS has it, Windows can have it, Linux KDE and Gnome all have it. What's different about this case, is not so much that a phone might have a "drop-dead feature," but that Apple at one point seemed to be ready to charge-off to Washington to ... what, protect their "right" to stymie the entire 4th Amendment (Part 2)? It's a phone, people, and as long as those phones can be dropped on the ground, there's gonna be a way to sell the customer a brand-new phone on the spot!
It's pretty obvious what they've done here: generated a nice, big, fat key and then encrypted that key with the passcode ... just like GPG, SSL, VPN, and so-forth can all do. This would indeed be a very secure arrangement, because only one passcode would decrypt the key and you'd know whether it did or not (without knowing which of 10,000 possible keys would do the trick). Easy, peasy.
Pretty obvious, in your 'fantasy world'.
The key is in hardware. Apple buys a chip from a 3rd party. Each one contains a unique key, which makes each phone unique. The key is not in writable memory - it is locked in silicon - silicon that has a command to destroy itself. The PIN/password only has the function to 'unlock' this key - make it readable - through another command to the same piece of silicon. That's why moving your encrypted data to another phone does not work - not matter how hard you argue the point.The PIN/password plays no role in encryption or decryption of the key or the data.
But, continue with your tirade, I'm out of here as well.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.