GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
All the more reason not to trust the government. Remember that the FBI said that only 1 phone was at stake, and Apple was only resisting as a marketing ploy?
No wonder there's a, anti-government lunatic fringe in America: There's a kernel of truth in their arguments!
That linked article is another product marketing scheme in the penultimate intent.
If only to crack? I suppose US Govt has stronger hands to flex behind the scene than going to court for a product/company vs. fbi show. Moreover, to solve the problem a skeleton blob can be had by FBI from an insider clandestinely anytime for the interest of "National Security" at lesser expense and with honor, not with humiliation. Otherwise... common sense might ask: is it how tactically weak the federal bureau of counter-intelligence is? I don't believe so.
Is the iPhone losing a chunk to Android? I think this is a more relevant question?
Personally, I think that all of these articles are pure buncombe. I do not believe, for one split-second, that Apple does not possess a way to recover a (e.g. forgotten ...) four-digit passcode. It only makes sense that you would. Technical support might positively insist that it absolutely cannot be done but I am entirely sure that it is.
Likewise, I dismiss as spurious the argument that you must use exotic techniques to slurp the data off the chips without disturbing them.
And finally, there are only 10,000 possible combinations and, once you have obtained an image of the phone's memory, you certainly do not have to type them in by hand. I believe that, by law, Apple can [be forced to] tell you, in confidence, exactly what the algorithm is and to supply you with the source-code that does it. Now, you only need a for-loop.
Thus, "the lady protesteth too much."
In any case: if evidence necessary to the investigation of a multiple murder(!) is on a device that you manufactured, and you are served with a bona fide search warrant or other court-order, I firmly believe that you must comply. (And, that you cannot "dictate terms" to The Honorable Court, as Apple has on its web-site claimed to do.)
Although, yes, the US Constitution states that you are entitled to an expectation of privacy with regard to your "papers and effects," it also(!) grants to the Government the restricted right of "search and seizure." It is clearly in the Public interest that a homicide be expediently solved, and that public money not be spent unnecessarily towards that lawful end. The Constitution declares that law enforcement agencies do have that (carefully proscribed ...) right. Therefore, those who are most in the position to enable the Court to accomplish its stated purpose by issuing such a Warrant or Court Order, IMHO must comply ... as The Court directs ... to promptly fulfill the order and at a minimum of public expense. To do otherwise is "obstruction of Justice," which is a Felony.
I think that we do need an Act of Congress to clarify these issues, and I know that one has been proposed in the current Session.
Also: in matters of law enforcement where Secrecy is needed, not only because "you don't Need To Know" and to protect Apple's corporate interests and the interests of its many law-abiding customers who do rely upon that security, I believe that FBI is not obliged to provide full details to the general public.
Last edited by sundialsvcs; 09-25-2016 at 09:27 AM.
Personally, I think that all of these articles are pure buncombe. I do not believe, for one split-second, that Apple does not possess a way to recover a (e.g. forgotten ...) four-digit passcode. It only makes sense that you would. Technical support might positively insist that it absolutely cannot be done but I am entirely sure that it is.
So your reasoning is "I don't believe" and "I am entirely sure"?
Obviously no one not at Apple, unless Apple reveals its source code, can know for sure. We can only guess. So you can't be entirely sure, and I can't be entirely sure.
I will say I don't believe it's in Apple's own financial best interests to build a backdoor into its own products. What do they have to gain from that? Building a backdoor makes it that much easier for others to find a backdoor. Building as secure a platform as you can, however, makes for better marketing/sales.
Quote:
And finally, there are only 10,000 possible combinations and, once you have obtained an image of the phone's memory, you certainly do not have to type them in by hand.
So you say all the articles are bunkum. Did you actually read the linked-to article? It says exactly what you said here: make an image of the phone's memory.
From the article:
Quote:
NAND mirroring makes a copy of a phone’s memory in its undisturbed state. Using an iPhone of his own, Dr Skorobogatov was able repeatedly to overwrite its memory with the copy he had made before he began his guesses. This caused the instrument to forget that he had made any guesses at all, avoiding any temporary lockouts and ensuring that the data would never be wiped clean. That, in turn, permitted him to brute-force the PIN six guesses at a time, resetting the phone to its original condition between each batch of guesses.
I referred to "make an image of the phone's memory," but I am absolutely sure that no such thing was necessary.
Let's face it: it was a pass code. There are only 10,000 possibilities. It might have been used to generate a cipher key, but there are only 10,000 of them. The software update process might insist that the phone be unlocked before it will update, but I am again quite sure that Apple has a way around this. We already know that you can easily "sync" the content of the phone with available software.
I believe that Apple is required to offer all reasonable assistance to law enforcement ... and to be fairly compensated for their time. They must reveal the ciphers used, and the source-code that does the actual work, if only in confidence, to the law enforcement agencies and to the Honorable Court. They must get the data off that phone, pass-code or not, and do so without spending an undue amount of time or public money.
They must comply with a search warrant or a court order ... and they may not "pick and choose" which ones they will respect or tell any judge what terms s/he "must" include.
Obviously, digital privacy (the first part of the Amendment), and digital search-and-seizure (the second part of that same Amendment), needs Congressional clarification.
Someone murdered a lot of people in cold blood. There is reasonable cause to believe that his phone should be "seized and searched," and the Court issued a Warrant. (IMHO ...) No electronics manufacturer may stand in the way of the Court, nor impede the timely and efficient fulfillment of its Order or Warrant, nor otherwise hinder the prerogatives which are Constitutionally granted to the Government and to that Court, so long as the Constitutional procedures and strictures are being observed. (Which is not the aforesaid Manufacturer's privilege to interpret for itself.) It is in the Public's interest that the case be solved. A pass-code that is mainly designed to make the phone useless if stolen in the Men's room at the airport may not obstruct nor even delay this endeavor.
"A back door" in a pass-code system? Of course there's a back door somewhere! "I'm a law-abiding user and I forgot my pass-code. Me Bad.™ Now, don't tell me that there's no way for you to retrieve or to remove it, because I do not believe you."
Last edited by sundialsvcs; 09-25-2016 at 11:59 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.