Very unlikely to have any kind of back door. EPA can demand all they want but unless the owner types the correct passcode they are out of luck,
Posted on 03/12/2016 8:38:30 PM PST by Swordmaker
My guess is they increment the guess count before doing the hash or anything else. Thus even powering down the system at some opportune moment would not not stop the increment. The limit check can also be done before hashing. Likewise erasing the AES key. Lots of people claim that Apple erases the data. They do not, just the key in the SoC and that is done in a microsecond.
More:
Up until iOS8, I think, it was possible to get the UID with a couple of dirty tricks. Now it’s not possible without hardware hacks. I can still get it with bus dumps or very deep hacks, but it’s still useless unless you can guess the algorithm for hashing, AND you have to hack the physical hardware. That’s beyond my ability at home.
Bus analysis says that happens. I did think about power cycling the SoC before guess count was incremented, but analysis of timing said that your posit is correct. Pass/non-pass is stored before it’ll do any communication with the OS.
Fair enough...and I did find your post interesting :)
I’ll go a little further.
I can’t even *see* how many PBKDF2 runs iOS does with the password and salt (salt being the UID, I think). That is an attack vector, but a very very weak one. And you need the UID, which doesn’t appear on the bus until the SoC has done its malarkey.
Very solid system, IMHO. And that comes from a guy who used to design missiles.
Words you don't see very often these days. Typically, when posters realize they're wrong, they quietly leave the thread and never return.
You're a stand-up dude.
Anyhow, plenty of posters on this subject have chimed in with "I could hack that phone!" Looks like you actually tried. I appreciate your detailed efforts and where it was you hit a brick wall.
Ok, it boils down to this
An I phone is in reality a very small computer with a telephone ap. As a computer, it can be locked down and subject to a pass word for entry
At the office, in the cubicle or research lab, there are computers that are networked to the corporate or personal crown jewels. They are locked with a password.
If the I phone small computer can not be locked, then the reasoning must be that neither the cubicle nor the research computer can be locked.
There can be no computer security
When Apple protects the small computer with the telephone ap, Apple is protecting all computers with all aps.
It is just that simple
Thank you. I’m a guy who will always admit when I mess something up, and I boasted, and tried to back it up.
Yeah, I failed. But *why* I failed was kinda interesting.
If it’s software then I always can hack it. Always. This was hardware, and I tried my best (which is pretty good) but couldn’t. Oh well.
Wut?
In a large system there can be a HSM. Those are typically only used to store keys rather than perform any authentication steps such as salting and hashing. But they can be used for that. And even large systems without HSMs can have strong security for that step, for example storing salts in a separate secure database firewalled from any other system except for the hashing system.
The caveat with the larger systems is they are comprised of general purpose operating systems, with the exception of the HSM. Those OSs can be hijacked or reimaged to provide a back door. Yet they are considered secure and very often are. Attackers are left with social attacks on the human weak link. Thus if those systems can be secured, an iPhone can also be secured.
well, actually your well described authentication-protected paragraph was over my head.
I actually had in mind say the EPA and EXXON. I see no difference between the FBI demanding Apple break the encryption on the I phone and say the EPA confiscating EXXON computers and demanding Dell or Microsoft break the encryption to reveal e mail or proprietary secrets thought to be climate change subversive
I see no difference between the hand held and the desk bound computers
I never thought I’d meeting someone who “gets it” on FR. Thank you FRiend.
There’s a huge difference and it’s very important.
Apple would find it very hard to do this.
I could break Apple’s encryption if I had the key. I tried today, and couldn’t make the phone give up the key.
Other people know the keys. For example, I’m the only person within my company with the key to HIPAA. And that’s fine. That’s how it should be.
Those phones are locked down hard. Very hard.
I must disagree. You made a foolish claim, yes. But, you were man enough to back down when you found out the claim was foolish.
You are not a fool. Thank you for being honest in your results, FRiend.
Lots of people here understand security and policy, many better than me. They might not comment very much however if there are various trolls throwing around red herrings.
Thank you. The respect people have shown when I admit failing has been eye-opening.
I love you guys and gals.
I tried my best, and believe me, I’m pretty good at this.
Hey palmer, thank you especially.
Well don’t feel bad!
Apple told the court it would take a team w/up to 6-8 programmers less than a month for them to do what the FBI wants.
Even assuming a very high-ball estimate that’s a whole lot more information and manpower than you can apply!
It’s not just about judicial precedence. Easy, universal encryption is just going to get more common.
There’s a valid need for it- but how can the courts do their job if more and more evidence is beyond their reach?
Yup. It was really engineered well. It's one of the main reasons I have an iPhone rather than an android. I have an android tablet I use primarily as a book reader, but it doesn't get any important information copied to it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.