OT: Apple says screw you law enforcement!

I think Apple would welcome the "clarification" that the courts may finally have to provide:

"We do it because we HAVE TO"

or

"We don't do it because we DON'T have to"

fwiw, I picked up 'The Girl in the Spider's Web' at the library yesterday and Apple gets mentioned as the phone not to have if you're a serious hacker. That must have been a tidbit the author picked up someplace since he seems clueless. Stringing together buzzwords like Linux, root, zero-day, Active Directory, and so forth in an attempt fro realism doesn't work well. Whether the attempt to continue Larsson's series works remains to be seen.

I'm surprised that we haven't seen an FOSS cell phone. Or, an "add on" that allows a commodity cell phone to be used simply as a "wire" -- in much the same way that a network interface chip provides only an interface (and doesn't muck with content).

Treat the phone as a modem that bolts onto a "handheld computer". Then, YOU control the computations instead of letting some other entity have the final say ("Trust Us")

I doubt my LG flip has enough brains to get hacked.

Imagine if you could pair it with a "compute device" using it SOLELY for the comms link.

That is my guess. I bet they have already open the phone but they are just putting on this show to lull the bad guys into thinking they are still safe and to polish the apple a little.

If that's true, then they are going to be wide open to either doing a 180 in a few days or face perjury charges when then respond to the court order and appear in court to defend it.

An NPR story yesterday said that Apple had already quietly cracked about 70 phones for NYC police.

And that with the next phone, in NY, it was the judge who decided to go public about the whole thing. I think this preceded the case in the news.

And an NPR story this morning said that an email Apple sent to employees last night thanked them for their support and acknowledged that they *could* unlock the phone, but thought it was a bad idea. Even though the current request is only to get around the 10-try limit, I think they're saying they could .... well, all they would have to do is cancel the 10-try limit and then do what the FBI was planning to do, try all the codes sequentially until the right one was found. I think there are only 10,000. Four digits, right?

There are at least 6 and not sure if they are limited to numbers. This has been confusing from the start. The media talked about 6, but were showing a phone screen with the minimal 4 digit passcode. At the same time, they said it could be alphanumeric. More recently I saw a screen shot on TV where they showed a 6 place entry, with a keypad screen like a phone, ie 1 is also ABC. So, IDK. With that screen, it's limited to the 1 mil combinations, alphabet isn't adding anything. It's possible there is a setting for higher security and that gives you the ability to use letters too, in which case it's 68 bil. Anyone have an iPhone?

This is NOT about the data on that particular phone. If the govt wants the data on that phone, they probably already have it or have ways to get it without Apple's help. Offer $ 1million and a white hat hacker could do it in a day.

This is about a bigger battle between the govt and high tech.

The govt wants Apple to SUBMIT.

The govt chose this particular case to make an issue becasue the govt thinks they can use this particular case to sway public opinion about giving up more freedoms.

Mark

According to you and your opinion, of course. Do you really think the govt is going to go into court next week and commit perjury? The court order, what the govt is asking for, is very specific and very limited.

How could they possibly have it? This is not about email or texts sent or received or even the address book, but about other info stored in the phone.

The 10-try limit?

It's easy to say that when neither of us have any idea how to do it.

What trader said about perjury.

I think it was the first TV story, the one with the drawing of the keyboard and some wires, that the narrator not only said 4 digits, but specifically said "10,000".

However even if it's billions, it won't take that much longer.

Did they say that was the *only* possible security setting for that iPhone?

Really, you think 68 bil possible codes doesn't take much longer than 10,000? That's the whole point to modern cyphers, that we know how to crack them all, it's the large amount of time it takes that provides the security. In this case, it would take 6.8 mil times longer.

It's no big secret about how to do it. The phone has a CPU running an OS that includes the pwd checking. Presumably that OS is in a flash memory chip together with the user data. You hook up a logic analyzer to the address and data bus connecting the two. Now you can follow the code that is being executed, disassemble it, see the data being moved to and from memory. You watch which code section gets executed when you attempt a password, figure out how that section of code works, then figure out how to modify the sections you want.

You would also copy the flash memory, either while it's in the phone or else by removing it. Once copied, you now can do the above work on multiple phones, if you screw up, you can replicate it on an unlimited number of new phones, etc. You then replace the OS portion of the flash with your new version and put it into a phone.

Of course all the above is a lot easier and less risky if you have the source code and are sure about how the phone internals actually work. That's why they want Apple to do it.

I doubt this ever sees a court room and they will avoid any perjury issues by only letting their lawyers speak, using carefully worded statements

They said ttbomr that there were 10,000 possible codes for this phone.

But in days, it wouldn't be much longer.

But they didn't say that was the *only* option. AFAIK, like many phones today, there are a variety of PWD options that you can choose from. And as I said, I saw an iPhone 5 on TV being shown with a six digit PWD. Just because the default is a simple 4 digit one, doesn't mean that there aren't far more secure ones. 4 digits and RSA type encryption that even NSA can't break, don't compute.

Baloney. One day or one hour times 6.8mil isn't much longer? The whole modern ecryption world, including this iPhone encryption, is based on very large prime numbers and the fact that it takes even a supercomputer many years to crack them. The encryption algorithms are public, have been researched by mathematicians, published, etc. What they rely on is that without knowing the key, they can't be quickly broken by even a supercomputer. Whether that code is just

6 digits, 6 alphanumeric characters, or a longer alphanumeric string makes a HUGE difference.

Baloney. In a court hearing, the two sides can't refuse to testify. Either side can call any person they wish, the judge can ask any questions he sees fit, etc. And of course it's seeing a court room, it's already started. Unless Apple complies, there will soon be court hearings and both sides will have to present their cases.