FBI Gets Court Order for Apple to Hack Terrorist's iPhone
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
But how do we know if Apple hasn't say gave it's keys to China already?
Er, did you read either of the two technical articles I linked to? As is standard practice, each device (not model, device) has its own unique key. Someone talking about getting into DIY encryption should be aware of that. :P
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
I think it's hilarious that people are defending the US government at all. The US government are likely responsible for far more innocent people being killed than any terrorist organisation on the planet. The US has a human rights record which would make Pol Pot happy.
OK, these policing bodies have a job to do and some of it is protecting innocent people from criminals but, come on, why the hell should any company ever allow them access which could in any way weaken anybody else's privacy?
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 425
Original Poster
Rep:
Quote:
Originally Posted by dugan
Then they would have to brute-force the encryption key, which is much harder than brute-forcing the pin, no?
Well, then it looks like Apple is right: the FBI seeks a door (back/front/side/whatever) that would render encryption moot on all Apple devices because Apple would have to deliver to the FBI an operating system that enabled the FBI to brute force a short user password. The link you gave me said that the Secure Enclave had a key that could "never" be read (I don't believe that, but whatever), so the FBI simply seeks to brute force the shorter user password/code.
How long can a user-defined passcode be in an Apple device?
Given that CIA/NSA/FBI password try rates are measured in the thousands of trillions of passcodes per second (Snowden told his journalist contacts to prepare their systems for brute force attacks at 100 trillion guesses per second, and that was several years ago), then forcing Apple to weaken its encryption system (de facto, of course) on a universal basis is exactly what the FBI is trying to do. What disturbs me isn't the FBI going to Apple for assistance on this phone, but the FBI's insistence on being given an universal and permanent solution to encryption on ALL Apple products.
Distribution: Dabble, but latest used are Fedora 13 and Ubuntu 10.4.1
Posts: 425
Original Poster
Rep:
Quote:
Originally Posted by sundialsvcs
Obviously, there are not only "a tangle of legal problems" here, but also maybe "pragmatic problems" as well. It seems to me that it is very easy, maybe too easy, for you to "lose your data forever" with Apple's uber-secure system as it stands right now. It might well be overkill for dealing with the basic issue of "someone stole your phone or you accidentally left it on the bathroom sink." We are not dealing with James Bond here.
We do have in the United States, as in most countries, the concept of "search warrants" and a legal duty to disclose keys (in proper confidence) when served with one. The complication in this case is of course that the "perp" is dead. Search warrants are a very important consideration in the grand scheme of public justice ... as is privacy.
This, therefore, is not "hacking" the phone: a court of law has issued a search warrant for an indisputably-valid reason, to help solve a heinous and hideous crime. The legal justification is at the highest possible level:
It cannot be argued that the warrant was lawfully issued, and that "the place to be searched," which has already been "seized," is a phone, which there is "probable cause" to believe does contain evidence relating to a capital crime. While no one can claim that Apple is "obstructing justice" (unless they do), it certainly seems that their engineering has frustrated the purpose when the owner is six feet underground.
Okay, well, what about pragmatic issues? "Business associates get hit by taxicabs, too." What then? Extremely important business data might be on that phone, and the original owner's funeral was last week, and now the business ... for entirely legitimate reasons ... needs to get to it. Can they? It certainly sounds like, with Apple's present system, they could not. Has Cupertino, in its zeal for information security (and recognizing that phones are "none too secure" in any case), built a system that is too strong?
A lot more thought needs to be put into this, by a lot of people: lawyers, judges, legislators, and hardware and software engineers.
The problem is the FBI's insistence on a permanent and universal "fix" involving a new OS that it will have. That smacks of more of a power grab, not going to Apple on an indisputable religious terrorism case and asking for assistance.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by moxieman99
Well, then it looks like Apple is right: the FBI seeks a door (back/front/side/whatever) that would render encryption moot on all Apple devices because Apple would have to deliver to the FBI an operating system that enabled the FBI to brute force a short user password. The link you gave me said that the Secure Enclave had a key that could "never" be read (I don't believe that, but whatever), so the FBI simply seeks to brute force the shorter user password/code.
How long can a user-defined passcode be in an Apple device?
Given that CIA/NSA/FBI password try rates are measured in the thousands of trillions of passcodes per second (Snowden told his journalist contacts to prepare their systems for brute force attacks at 100 trillion guesses per second, and that was several years ago), then forcing Apple to weaken its encryption system (de facto, of course) on a universal basis is exactly what the FBI is trying to do. What disturbs me isn't the FBI going to Apple for assistance on this phone, but the FBI's insistence on being given an universal and permanent solution to encryption on ALL Apple products.
The US government is just worried that it won't be able to steal trade secrets from competing countries any more and is trying to get back to the "good old days" of Echelon where they tipped-off US businesses about UK and other bids in order to give them an advantage. If people start using truly secure products then how are the government going to get the secrets they sell to businesses?
I don't think my country is entirely bad, I think there's still people in power fighting the good fight against the corruption. Nevertheless our next election I feel will make or break us since we're 19 trillion in debt. God bless
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by Otherworlds
I don't think my country is entirely bad, I think there's still people in power fighting the good fight against the corruption. Nevertheless our next election I feel will make or break us since we're 19 trillion in debt. God bless
I agree that there are many good people in the US, just as there are many good people in the UK, but I fear that our governments are now beyond our control.
The US government, particularly (sadly), seem intent upon squashing human rights not just in the US but all over the globe.
I don't think my country is entirely bad, I think there's still people in power fighting the good fight against the corruption. Nevertheless our next election I feel will make or break us since we're 19 trillion in debt. God bless
"Let he whose country is without sin cast the first stone."
Or, as a general famously declared during WW2: "NUTS!"
But how do we know if Apple hasn't say gave it's keys to China already?
It's been reported that Apple has said, specifically, that China has never asked. I don't really have a source that satisfies me, but this is the best one I've found:
Okay, well, what about pragmatic issues? "Business associates get hit by taxicabs, too." What then? Extremely important business data might be on that phone, and the original owner's funeral was last week, and now the business ... for entirely legitimate reasons ... needs to get to it. Can they? It certainly sounds like, with Apple's present system, they could not. Has Cupertino, in its zeal for information security (and recognizing that phones are "none too secure" in any case), built a system that is too strong?
Plenty of businesses are willing to lose data altogether rather than have another entity gain unauthorized access.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.