Posted on 02/17/2016 9:04:36 PM PST by TigerClaws
That is different than what the media is saying. That makes sense.
HOW!???? That's news to everybody in the security business and mathematics. The Financial sector and our government is happy using 128 bit AES encryption. Frankly, I don't believe you. Unless you prove it, you are just blowing smoke. There is simply no way that you can brute force something with that size key. It is not mathematically possible.
Your Chinese guy spoofed YOU, not 256 bit AES encryption, driftdiver.
Well, for one thing, when you do the update on your iPhone, you are logged in. . . but the operating system is not encrypted. Only the data is encrypted.
I think they should. Odds are it will uncover a snake den, if it is not too late by now. You would have thought that the Feds would have very quietly turned the phone over to Apple engineers immediately and let them do their thing. The terrorists don’t deserve any legal protection.
Limbaugh says the Feds are trying to exploit this situation to get their hands on all Apple capabilities, a step which will end the company’s ability to guarantee total privacy for users.
Sword you know I don’t give a crap what you think. Try to be nice to you and you once again go off the deep end. Bye
Sure it does. It gives you a forensic copy. You know something law enforcement uses. For being so smart you don’t know squat.
It should be mentioned that the "LOCK" in this instance is hard-coded into the SECURE ELEMENT of most iPhones. In this particular iPhone 5C, it does happen to exist in software. On later models, it is burned into the silicon. . . and cannot be overwritten. On the iPhone 5C, it would require a FIRM WARE UPDATE, which also requires a hard reset, which requires a RESTORE from an iTUNES BACKUP. If I recall correctly, the user has to sync the iPhone to iTunes first, do the firmware update, then RESTORE the data back to the iPhone. . . and to do all that, the user has to FIRST BE LOGGED IN WITH THE USER'S PASSCODE! This is part of the Secure Boot System. OOPS!
That's why that so-called security site Blogger's idea wouldn't work. He wanted Apple to write a new version of the Firm ware that forced the iPhone to ignore the SECURE BOOT STARTUP and use a new startup that did not check for the passcode input timers to allow unlimited passcode inputs without timing out, and to also allow passcodes to be input through the lightning port, so they could be input as fast as the lightning port could accept them, by passing the requirement they had to be input from the touchscreen. But, since the only way to install new firmware is outlined in my first paragraph, no can do.
Tim Cook is NOT saying “I cant”. He is saying “I won’t”.
That means he can.
Driftdiver, you made an unbelievable assertion that is against all known security technology and mathematics that 256 bit AES encryption was hacked in 15 minutes by some Chinese guy and that YOU saw it. . .
I have asked you HOW this Chinese guy "hacked 256 bit AES" and all you do is claim you don't give crap what I think????
You made the unbelievable assertion? PROVE IT! Prove your claim or admit it never happened.
If such a thing had happened it would make HUGE headlines in the security and financial community, and you just toss it off as if it were nothing important, and now you want to fold your tent and run away?!
I am not going off the deep end. YOU'VE DONE THAT WITH YOUR WILD ASS CLAIM!
You said it. It's up to you to prove your claim.
Drive by assertions are NOT acceptable.
I write software. They are asking for version 8.0.0.2 of version 8.0.0.1.
From what I read, Apple is technically capable of doing this. The problem is once they do it, they can no longer claim the phone is unhackable. If they demonstrate that it can be done, every law enforcement agency with locked smart phones will show up with court orders.
The government caused this with the NSA abuses. Cook doesn’t trust the government. He created a marketing niche on that distrust.
I wouldn’t want to be Cook.
For the iPhone 5C, they probably could design and build a special version of iOS, but it would require a lot of work. Not easily for any later iPhone. However, there is the potential that once built, it could be modified for others. The point is that Apple is not a party to this investigation, nor is there a prosecution involved; all potential defendants at this time are dead.
Complying with the court's order, absent any other compelling reason, using just an "All Writs" order, would put Apple's entire ecosystem at risk of destruction. No one is being prosecuted. It's a fishing expedition. There is no legal reason why Apple should be forced to do something against their interest and the interests of their customers, and their stockholders, merely because law enforcement would like to know what's in that iPhone.
Oh cmon sport. You know the key length is crucial. Short key lengths of say 128bits haven’t been considered secure for at least 20 years. I started out in military crypto. I’ve forgotten more than you know.
The right to privacy is long gone. They can get into everything you have from house to computer to files, anything WITH A search warrant. The can and do listen to your conversations thru walls. What makes it so different with the holiest thing people think they got, a damn cell phone. A particular device I abhor because of all the productivity loss it causes and lives it costs on the highways. Is it that important to keep your phone calls secret to your mother or girl friend? Of course, only those that have something secret that is illegal have anything to worry about like drug dealers or terrorism.
You people complain about the authorities not doing enough for the safety of this country from terrorism but hamstring them when they need new tools. Well which is it, you gonna let your children or fellow Americans die or let us go kill the bad guys?
Apple will lose this in court.
The iPhone 5C is running iOS 9.2 and they want Apple to design a tool to defeat its built in security. In the long run, doing that would defeat the built in security of all iPhones. There is NO search warrant, only a writ from the judge ordering Apple to assist the FBI in unlocking and opening the iPhone. Apple was already doing that but the FBI wanted more than help.
“It’s a fishing expedition.”
Nope. They have a dead terrorist and over a dozen innocent civilians dead. And it is pretty apparent WITHOUT the phone that this guy had help over time. I don’t know about you, but I want the government to catch any more terrorists before they kill anyone else.
Cook’s problem, and the government’s problem, is that he built a sales pitch on anger and distrust of an untrustworthy government. Bad moves by both parties.
From a strictly legal point of view, I’m not sure the court order will stand (not sure if this is a SCOTUS ruling). From a PR standpoint, this doesn’t look good.
You still haven't proved a thing, driftdiver. . . and you should be ashamed of what you tried to pull off! Your talking about short passcodes as a key for encryption is merely an attempt to muddy the waters on this discussion on the iPhone's encryption.
Of course a 128bit/16 character passcode that IS the key for the encryption could be broken very quickly by brute force. . . unless there was an enforced wait period between tries.
It would be especially easy if you limit your choices of characters to alphanumeric.
However, allow use of all 233 characters accessible from the virtual keyboard on an iPhone, and you are looking at 16233 possible keys to test and I think you might find your putative "Chinese guy" would take a tad longer than 15 minutes, even with a fast computer.
But who is talking about 128 bits? Not me. Not Apple.
128 BITS is not the same thing as a hidden UUID plus a GID which combines to make a minimum of 128 CHARACTERS before the user's passcode is entangled with them. That's 1024 bits! And it still isn't the complete KEY that is used to encrypt the data on an iPhone or iPad.
You don't seem to have a clue what we are talking about in this context.
So, in other words, your claim that 256 bit AES encryption being hacked was a special case of the use of brute force on a SIMPLE passcode, not an actual hacking of the encryption. . . but rather a solving of a known password size, which was done by someone who actually knew in advance the password size and parameters.
You obviously tossed that little gem out in the discussion to deliberately denigrate the actual security of 256 bit AES encryption without explaining that it was a special case, not a general overall hacking of all cases. RIGHT.
You wanted to obfuscate the encryption issue and make people think 256 bit AES encryption is not secure because it could be easily hacked in a mere 15 minutes. . . yet you attacked me and claim I went overboard for calling you out on this piece of dishonesty???? Who exactly tried to distort the record here?
A forensic copy? Good luck breaking the encryption on it.
That still doesn't make it anything more than a fishing expedition. They have no specific suspects. They have no-one to prosecute. That means this is a fishing expedition to see what they can find. It doesn't meet the criteria for a search warrant. That's why the judge didn't issue a search warrant. There is no one to serve a search warrant on. Instead she issued a WRIT, a finding, and an order requiring a third party, Apple, to help the police and FBI unlock the device by using their expertise to create something they do not want to create that may actually damage them. This is an overstepping of her authority.
My guess is if this was the 60’s you would be calling me one of those damned hippies. :)
Damn right.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.