And we still don't know how long that passcode is and whether it's only digits or alphanumeric. You alone here, are the only one that thinks that doesn't matter.
You don't know how you can enter alphanumeric on a cell phone? Really?
Alpha
Alphanumeric can also be part of a long string the user creates to UNLOCK the phone, as the reference I provided shows. Are you so daft that you don't realize that it would be totally useless to provide world class encryption, but then have that encryption unlocked by a 4 digit code?
is being transmitted over the air where it can be easily intercepted.
ne to decrypt the data and that is what the govt is pretending to need help with, getting the passcode.
OK let me try one more time THe encryption uses a gigantic KEY that makes it practically impossible to guess. This protects the data WHILE IT IS TRANSMITTED IN THE AIR. THis gigantic KEY is not the same as the PASSWORD that the user enters on t he keypad. If you have the phone and have th password, the phone knows the gigantic KEY and will decrypt the data for you.
In this case the govt HAS THE PHONE and it is much easier to break in via the password then try to guess the key, (which you agree) and that is what the govt is asking Apple to help.
And yes you keep pointing out that it is MUCH EASIER to crack the password than the key which is why i think the govt doesn't really need help to crac k the password. They are using this case for political purposes.
What the govt really wants is a back door into the KEYS so they can grab da ta in the air in other cases EVEN WHEN THEY DON'T __HAVE__ THE PHONE. This is what they have been arguing about for months previous to this case. If you don't have the phone, the password is of no use, you need to crack the KEY. So they are using public opinion in this case to turn the tide again st the high tech community which refuses to weaken the KEYS. Its shrewd po litics on the part of the govt. They are no dummies when it comes to politi cs.
To the average joe, its bad Apple won't help the govt catch terrorists and the distinction between keys and passwords is lost.
This may also be used to protect the data *in* the phone's memory!
Ever buy a house and have the realtor walk up to a "lockbox" attached to the front door? He/she opens the lockbox (combination, etc.) and then fetches the house key from inside the lock box. House key's "security" is decoupled from the lock box's "security".
Of course, if someone cuts the lock box open, then they've defeated the security OF THE LOCK BOX -- but the key's security remains intact! (e.g., could be a Medeco cylinder on the house but a 3 digit combination on the lock box).
In Apple's case, the lock box SELF DESTRUCTS after some small number of attempts to guess the combination. So, imagine trying to guess the combination to the lock box (easier than picking the lock on the front door of the house!) and, after some small number of attempts, the box bursts into flames (thermite) and MELTS THE KEY that it has tucked away inside.
So, you've enhanced the apparent security of that 3 digit combination.
Just like breaking into your PC -- *if* you give me physical access to it and about 5 minutes! BECAUSE THE PC WON'T SELF-DESTRUCT if I guess wrong! :>
No. The government needs someone to "disable the self-destruct" mechanism. They want to be able to guess endlessly without risking losing the DATA that is held (encrypted by that BIG key!) in the phone.
Returning to my realtor analogy, they want to be able to sit at the front door trying every 3 digit combination without fear of the lock box self destructing and taking the key with it!
I don't think so -- not in this latest filing. I'd be willing to bet the spooks can crack AES256 with all the zetaflops they have at their disposal! But, if the phone erases the data, then they are SOL.
It SHOULD be possible for them to access the memory directly without requiring the phone (passcode) to "cooperate" -- cuz that cooperation comes with the risk of self destruct. But, that means microprobing the chips, reverse engineering the circuitry, etc.
If Apple suddenly disappeared from the face of the Earth and our survival was at stake, they *would* be able to do it. But, they don't want to have to expend that much effort for the hundreds/thousands of times they will want to do this ("once" is a baldfaced lie)
Again, I don't think this is the case based on their filing. They may be hoping to exploit the ignorance of the public to equating one issue with the other ("Well, you let us do THAT so you should be willing to let us do THIS, as well!")
The real problem here is the gummit is obviously in a perpetual game of "catchup". They seem to not be forward thinking enough to anticipate the workarounds that will undoubtedly arise -- OUTSIDE of the control of Apple, etc.! (i.e., how are you going to compel the TERRORIST to crack his proprietary encryption scheme for you?)
The gummit has been reactive in all of these cases (at least those that have come to light). You don't see them checking liquids until they HEAR that liquids might be used. They don't check shoes until they see someone trying to use a shoe. etc. With this sort of approach, it's only a matter of time for something to slip through the cracks: "Why didn't you guys *think* of this possibility and check for it -- with all the money and privacy that's been sacrificed to enable you to 'keep us safe'..."
nations enormously. iOS allows for up to 37 characters (instead of the 4 ch aracter limit in simple passcode option) with 77 possible alphanumeric/symb ol characters (versus 10 for simple passcode).
ind bogglingly huge (77 to the 37th power) and could take a hacker several lifetimes to figure out (if you used all 37 digits). "
Who says the only keypad is a numeric one? Obviously smartphones are use to enter characters and numbers all the time. Clearly they know about the security options on the iPhone and it would be really dumb to have an option for an alphanumeric one and no way to enter it. Thinking about this some more, the keypad I saw on TV had a phone style keypad with
1 having ABC on it. You probably hit it once quick for 1, or hold it to get a pop-up that allows A, B, or C. My phone does similar on the keyboard.
And again, you know this exactly how? I asked you for a reference, AFAIK the FBI has never said how many places and whether it's only digits or alphanumeric. And you can't start with 1 digit, you have to start with a code that's the length requested.
No shit Sherlock. But the point is that we don't know what level of security the terrorist chose. Only you claim to know, but you have zippo to back it up.
Whatever is on the phone, obviously.
The phone carrier would presumably have the numbers that texts were sent to and received from, but IDK that they would have the actual text contents or for how far back.
Maybe, maybe not, depending on their retention policy and whether it's cloud based or client based.
It means what you listed above, plus other means. Wifi phone apps for voice calls over the internet for example. Or WhatsAp for the equivalent of encrypted text messaging, which is apparently popular with the terrorist s now. The WhatsAp could have terrorist contacts in it's directory. There is probably some data that the perps recently deleted that is still on the phone, depending on how data gets deleted, etc. Apple would know that too.
It could be all that's been listed so far, plus even documents, eg a guide on how to conduct attacks, make bombs, etc. It would have web browser history too. But until they get it unlocked, nobody knows. Even one name, one phone number that gives the FBI a lead could lead to another perp, another terrorist cell still active, etc.
Now you're contradicting yourself. If you have to enter the key each time you use the phone, then it's not just a 4 digit or 6 digit code that unlocks the phone. That is what I've been telling you for 10 times now, complete with references.
Well, the FBI is cracking the encryption. When you put the passcode in, it decrypts the data. And the FBI intends to try passcodes they think may work and if that doesn't work, then brute force it by hitting it electronically with all possible passcodes. And as explained previously, whether that passcode is just 4 digits or a longer one that includes the alphabet makes a very big difference.
It would be really comical and pointless for Apple's world class encryption to be limited by offering only a 4 digit code, after which it all decrypts. It would be like having the worlds best safe, but hanging in front of it is a simple box with a cheap padlock and inside the box is the combination to the safe.
it is being transmitted over the air where it can be easily intercepted.
hone to decrypt the data and that is what the govt is pretending to need he lp with, getting the passcode.
o guess. This protects the data WHILE IT IS TRANSMITTED IN THE AIR.
No, it also protects the data that's on your phone. That is one of the main purposes, that if the phone falls into the wrong hands, that they can't just read out the data. And the reference that I provided describes the passcode options and how it can be up to 37 characters long.
formatting link
r-Iphones-Passcode.htm
the keypad. If you have the phone and have th password, the phone knows t he gigantic KEY and will decrypt the data for you.
Then the gigantic key would be useless, because anyone who gets the phone can defeat the world class security with a simple passcode. That's why the passcode options are not limited to just 4 or 6 DIGITS.
a the password then try to guess the key, (which you agree) and that is wh at the govt is asking Apple to help.
What you're suggesting is like having the world's most secure safe and the only option is to have the combination for the safe inside a simple metal box that sits in front of the safe and is secured with a $2 lock. That's why the passcode can be 37 characters long and it's up to the user to decide how strong they want it to be.
d than the key which is why i think the govt doesn't really need help to cr ack the password. They are using this case for political purposes.
data in the air in other cases EVEN WHEN THEY DON'T __HAVE__ THE PHONE.
The court order isn't for any of that.
This is what they have been arguing about for months previous to this case. If you don't have the phone, the password is of no use, you need to crac k the KEY. So they are using public opinion in this case to turn the tide against the high tech community which refuses to weaken the KEYS. Its shre wd politics on the part of the govt. They are no dummies when it comes to p olitics.
nd the distinction between keys and passwords is lost.
Which of course is the right position. The govt has a perfectly legitimate court order and Apple instead is protecting terrorists.
your analogy is correct only for the case where you have physcial access to the phone.
The purpose of the world class encryption with the gigantic key is to prote ct the data while it is TRANSMITTED ON THE NET. In this case almost anyone can intercept it and you need world class encryption to protect it.
You seem to miss the distinction between physically having the phone and me alrly intercepting the data on the net.
In this case the Govt has the phone so it is much easier to get the data du e to the lock box analogy you gave.
The govts ultimate goal is to move public opinion to force the high tech co mmunity to weaken encryption so the govt can decrypt data that has been in tercepted on the net without havig the physical phone.
Yes I know, they are not asking for that in this particular case, it is a f ew moves ahead in the chess game.
Bottom line, I think the govt can get into this particular phone that they physically have without Apples help, but they want to use this case to furt her their ultimate goal of weakening encryption so they can decrypt interce pted data when they don'y physically have the phone.... M
y physically have without Apples help, but they want to use this case to fu rther their ultimate goal of weakening encryption so they can decrypt inter cepted data when they don'y physically have the phone....
and I wil add, if the govt gets everything they want, opening this phone and weakened encr yption, it will probaly do no good in the long run.
There are unbreakable codes that are simple.
ONE TIME PAD used in WW2.
A few years ago they found a dead carrier pigeon in a chimmney with an encr ypted note attached. The note is encypted with a simple one time pad.
NO ONE has been able to decrypt it even with modern computers.
On Wednesday, February 24, 2016 at 9:31:12 AM UTC-5, snipped-for-privacy@yahoo.com wrot e:
to the phone.
tect the data while it is TRANSMITTED ON THE NET. In this case almost anyo ne can intercept it and you need world class encryption to protect it.
Where is your reference that it's only to protect the data while it's being sent? And to whom and by whom? If I use an iPhone to buy something online, AFAIK, the transaction is not protected anymore or any less than it is on any other phone, PC, etc. All use RSA based security and it's an agreed on standard, not an Apple specific one.
mealrly intercepting the data on the net.
You seem to miss that Apple doesn't set the standard for encrypting data on the net. Their encryption when sending my credit card number to Ebay conforms to the same standard that everyone else is using, AFAIK. If I send a Word document to you, it's not encrypted at all, unless I take some special steps. If I use SnapChat to chat with you, from what I understand, that is encrypted, but not by Apple, but by whatever SC uses.
What Apple has made super encrypted is all the data on the phone which protects that data from being read out of flash by someone who gets a hold of the phone. It also protects it when it's backed up to the cloud at Apple. And that encryption apparently relies on whatever passcode you choose, which is why it can be up to 37 alphanumeric characters long.
due to the lock box analogy you gave.
community to weaken encryption so the govt can decrypt data that has been intercepted on the net without havig the physical phone.
few moves ahead in the chess game.
y physically have without Apples help, but they want to use this case to fu rther their ultimate goal of weakening encryption so they can decrypt inter cepted data when they don'y physically have the phone....
I agree that they likely could get into it, with a lot more work and time on their part though, than if Apple helps them.
Lets say they can protect it. Why should they become an arm of the gvt to break into people's phones simply because they "know how to"? Remember, it's not their phone, it's not their data, it's not the job. What right does gvt have to make you their slave and force you to work for them? That is the main part I find objectionable.
I'm not familiar with Apple systems but I assume it's like android, when a new OS comes out the Carrier pushes the new OS to your phone. You see a pop up saying "Do you want to allow this update". But that's just housekeeping as far as I'm concerned. The real question is still, under what authority does the FBI make Apple their slave and force them to do work for them?
If the FBI can do this, why can't they say "You're a good friend of Joe and we need to spy on Joe. So from now on you will be wearing this wire whether you want to or not and we will be recording your conversations. Further, you will be wearing this earpiece and asking him the questions we tell you to ask him."
That is what the FBI is trying to do to Apple, make the company the FBI's technical slave because they don't know how to do it themselves. I would not grant them that right. They have the right to ASK, not to compel IMHO. Otherwise it's just one more police state nail in the coffin the US is becoming.
That's not reasonable, it still makes apple the FBI's slave. What if the FBI needs technical work in some other area when the investigate a crime? If someone blows up a plane does the FBI have the right to COMPELL Boeing to assist them whether Boeing wishes to or not? Can the FBI ORDER Boeings engineers to report to FBI headquarters and do whatever the FBI wants them to do simply because "You guys know how and we don't."
I wouldn't say it's the same. All that stuff is stuff CURRENT technology already EXISTS to do. It's the situation where the FBI would be saying "You (apple) can't hide from us the stuff you can ALREADY SEE". In the apple case, Apple can't "already see" this info. Nobody can, that's the purpose of encryption, so no one can see it. If the FBI wins the case there would be no limit to who and how many people they could commandeer from private companies to facilitate decrypting stuff. In this case it's Apple because they made the phone but lets say Apple's tech guy who can do this dies. Using the same logic they went to Apple the FBI can go to Google and say, "You guys work on encryption and we think you can decrypt this Apple phone and we've convinced a judge to let us make you our slave to work on it so get started."
I'd be alot more comfortable with that approach. The FBI takes the source code and hires programmers to try and figure out how to change it. The caveat is that they would have to be prepared to pay out millions/billions to apple if in the process the code gets disclosed and apple can prove damages. I'm not at all comfortable with the Gvt/FBI saying "you folks are our slaves and will do what we want or you go to jail."
And what will teh gvt do if "apple" the company, says to the gvt, OK, we give up, we "the company" will break into this phone but ALL of their flesh and blood tech people say "I won't work on that project." Is the gvt going to jail them?
I have not read the legal history but this "all writs" law was written in the 1700's and probably not intended for this purpose.
For the same reason the phone company complies with court orders to trace calls and help with wiretaps. For the same reason an alarm company that installed the alarm system for a drug lord's house would be compelled to honor a court order to help bypass the security system pursuant to a warrant. In fact, as cited in the Govts brief, Apple has provided help with getting into phones in the past.
Read the govt brief and the case law cited. For the same reason that all kinds of companies have been compelled to cooperate in similar circumstances. As long as it's necessary, within their ability and not an undo burden, courts have held that the company has to comply.
Irrelevant, because this modified code would be put onto one phone, at Apple. There is no carrier, no distribution, etc.
But
Addressed above.
Because you're not in the business of spying on Joe, or spying on anyone and it almost certainly would be considered an undo burden, put you personally at risk of harm, etc. Apple is in the business of making cell phones and has the best capability to do what the govt wants, without unreasonable burden. They can try to argue that last part, but I doubt they will prevail.
See the case law cited, where the govt did exactly that. And it's really a stretch to say that for Apple to unlock a TERRORISTS phone is a step toward a police state. It's no more a step than requiring phone companies to help with wire taps, call traces, finding where a GPS is located, etc.
That's a big stretch. If the FBI gets a court order for Sears to pull all the sales records of a Winchester Model XXX gun sold in the past 10 years, is that making Sears a govt slave? Seems a bit of a stretch. You would think Sears, Apple, etc would be interested in defending America and saving lives, but Tim Cook is more interested in selling phones to terrorists and hippies.
What if
If they can convince a court that they need a warrant to get something that Boeing has, pursuant to a criminal investigation, I'd say yes. If a Boeing jet went down, it looked like there was a terrorist act, the govt wants some data from the plane and needs Boeing's help to be able to extract it, I think again, the court would say YES.
Can
Yes, as long as it's pursuant to a legitimate need, Boeing has the expertise, and it's not an unreasonable burden.
And the technology already exists to do what the govt is asking. Give me the source code to the Apple OS and I could do it. You modify the source code, recompile it, replace the OS with it.
It's the situation where the FBI
In the case of wire taps, the phone company isn't listening in on the calls routinely either, it takes some special effort to set up.
It would be just as limited as wiretaps are. And again, the govt isn't asking to specifically decrypt anything in this case.
In this case it's Apple because they made the phone
Any competent programmer that has access to the OS source code can do what's required.
Using the same
They could try, but that would be much harder to win. The key differences are "thinking" Google can do it, versus in this case Apple doesn't deny that it can do it and the product is not Google's to begin with.
OMG. That's orders of magnitude worse for Apple and for your position of fearing what the govt will do with it.
The caveat is that they would have to be prepared to pay out
I guess you're also not comfortable with people being subpoenaed to testify in court. Woman walking down the street, sees a robbery, what happens? She gets questioned by the police and eventually they can and will subpoena her to appear in court to testify. If she doesn't, she will be arrested, hauled before a judge and if she refuses to testify, she can go to jail.
They probably could, but it's unlikely that it will ever get to that. Plenty of people think Apple is wrong and I'm sure the govt could find Apple engineers who would comply. If I was there, I would.
There is apparently case law covering companies that didn't want to cooperate with wire taps and similar in modern times that flows from it.
I have not read the case law. I remain un-persuaded by the arguments I've heard. I think it's gvt overreach. I don't believe that when I am not the subject of the investigation it's should be MY decision, not the gvts, as to how much burden, if any, I am willing to take on. The gvt does exactly ZERO in the way of accommodating me and that's about as much as I care to accommodate them, zero.
Why Apple chose to do this grandstand play, IDK. The govt brief says that Apple has cooperated in the past in opening phones. They could have done this one, quietly, and it's unlikely the public would even know exactly how the FBI got into it. And the one thing I can't stand in all this is how Tim Cook lies. He keeps saying that the govt is asking them to build a backdoor into their product. Per the clear, limited court order, that is totally untrue. He's lying and spinning, instead of sticking to the facts. In this case Trump is right. People should boycott Apple products unless they comply.
Which opens up the question. Fight terrorism, how? Should we fight terrorism by passing laws that disarm the law abiding? How about the proposed laws in Lexington, Mass (just reading last night on the computer) confiscating semi automatic guns from law abiding citizens? The Obama, Bernie, Hillary members of government appear to follow the old adage I made up years ago: "if there is a wolf in your chickens, shoot your dog."
yes, thats all it wil take to cripple apple. a terrorist attack while apple plays politics with the issue. espically if info on the latest attack is later found o that locked phone.
Apple doesn't have anything it "needs" that the FBI has. The FBI does have something it "needs" from Apple, ie help in getting into the phone. Yes, I think the FBI could do it without help from Apple. But the govt could also probably do wiretaps and similar without help from the phone company too, it's just that it would be much harder. In this case, with the FBI not knowing for sure how the phone actually works, they could wind up destroying the very data they are trying to get if they try to do it without Apple.
Sure, they've brought up that issue. But that issue is entirely separate from this one narrow case. And do you think Tim Cook's idea of getting Congress involved is going to turn out good for Apple? For those that think that Apple shouldn't help even with this limited request? Very good chance that the outcome would be that Congress would require that a real backdoor be built into all products, it's not an unreasonable position. Factor in guys like Trump, how smart is it for Apple to be on this path to Congress again? Sure there will be some guys like Rand Paul on Apples side, but most of Congress? Even Obama is against them.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.