This is all in their original affidavit. They indeed asked for a backdoor.
DiogenesLamp's Hobby Horse: if he keeps beating on it
it will someday magically change that Court Order!
Posted on 03/31/2016 10:20:28 AM PDT by BenLurkin
The FBI agreed Wednesday to help an Arkansas prosecutor unlock an iPhone and iPod belonging to two teenagers accused of killing a couple, just days after the federal agency announced it had gained access to an iPhone linked to the gunman in a mass shooting in California.
Faulkner County Prosecuting Attorney Cody Hiland said the FBI agreed to the request from his office and the Conway Police Department Wednesday afternoon. A judge on Tuesday agreed to postpone the trial of 18-year-old Hunter Drexler so prosecutors could ask the FBI for help. Drexler's trial was moved from next week to June 27.
Drexler and 15-year-old Justin Staton are accused of killing Robert and Patricia Cogdell at their home in Conway, 30 miles north of Little Rock, in July. The Cogdells had raised Staton as their grandson.
The FBI announced Monday that it had gained access to an iPhone belonging to Syed Farook, who died with his wife in a gun battle with police after they killed 14 people in San Bernardino in December. The FBI hasn't revealed how it cracked Farook's iPhone. Authorities also haven't said whether the iPhone and iPod in the Arkansas case are the same models or whether the FBI will use the same method to try to get into the devices.
Hiland said he could not discuss details of the murder case in Arkansas, but confirmed the FBI had agreed less than a day after the initial request
(Excerpt) Read more at foxnews.com ...
Laying aside your mild ad hominem, which I will choose to ignore, let's look at your very good comment.
First of all the iPhone 5C does not have a fingerprint reader, so that was not a method that could have worked. . . and even if it had one, the iPhone had been turned off when they found it. Any time an iPhone with a fingerprint reader has been turned off, the system's passcode is required to be input before the fingerprint reader will again be useable. Other lockouts are the passage of 48 hours between fingerprint or passcode access or any upgrade to the OS or change in anything in the Secure Boot chain.
My guess is that they identified where the decryption key resides on the die of the CPU ... they can figure out the zeros and ones they need using a focused ion beam setup that’s used for integrated circuit debugging and decrypt storage that way.
You are correct, except for one thing. There is no Encryption Key kept on the iPhone. Apple does not make it so simple.
Several weeks ago on FreeRepublic I described a technique that could possibly work to hack into an A6 iOS device.
This was an Apple iPhone 5C, which uses an A6 processor which is nowhere as secure as the later A7, A8, and A9 series of processor which use a Secure Element sub-processor system for securing the devices. Instead, the A6 has a location located inside the processor chip which also has a sub-processor in it called the Encryption Engine. This area of the processor is inaccessible by the A6's data processor or RAM. Inside the Encryption Engine there are several algorithms dedicated to the security of the iOS device and to encryption/Decryption of the data. Also there is a EEPROM area which can only be written to or read by the limited function sub-processor inside the Encryption Engine.
This area of the A6 was designed to be unreadable by anything running in RAM or by an external hardware probe to make it as opaque as possible to any hacker.
Stored inside the Encryption Engine from the time of manufacture of the A6 chip are a Unique Device ID (UDID) which is not recorded anywhere and a Group Device ID (GID) which is the same for all devices of that model.
One of the algorithms kept inside the Encryption Engine uses the User's passcode, of what ever number of digits or alphanumeric characters, to create a unique one-way hash which is then stored on the EEPROM. Another, algorithm creates a truly entropic random number by reading the camera, microphone, and accelerometer (and perhaps a fourth sensor), at the moment the user inputs his/her passcode for the first time, using those data as a seed, and stores that result on the EEPROM.
This results in four discrete pieces of data being stored inside the Encryption Engine:
The way the system works is that the one-way hash is calculated anew every time a user inputs his/her passcode. That newly created one-way hash is compared to the one inside the Encryption Engine by the sub-processor. If the match is made, then another algorithm in the Encryption Engine reconstructs the Encryption Key by entangling the user's passcode with items 2, 3, and 4 stored in the Encryption Engine to make a large, complex 256 bit AES encryption KEY which will allow the data on the FLASH storage to be encrypted/decrypted as needed. Thus, the
For the purposes of breaking into the subject iPhone, we need to learn just two things:
The rest of the data inside the Encryption Engine is irrelevant for our purposes, but we have to be extremely careful to not damage ANY of the data because without all of it, the iPhone is just a brick.
Focussed Ion beam and Electron Microscopy techniques have been used to read data from ICs in the past. However, their accuracy is suspect and at the small scale of these more modern chips, problematic. The other problem is that these techniques are a one shot deal. They are destructive of volatile memory. Bathing volatile memory with an electron beam or ionic stream of energetic charged particles WILL effect the charged nature of the target, altering that target's data.
That cannot be allowed happen when you have to use that target to unlock the device.
I suggested that a reflective optical laser method of some kind of could work to non-destructively read the EEPROM and trace the silicon of the Encryption Engine inside the A6. This would allow them to reverse engineer the one-way hash algorithm and also read the specific one-way hash that exists on this particular iPhone 5C.
Since they know that the iPhone requests a four digit passcode, there are only 10,000 possible combinations from 0,0,0,0, to 9,9,9,9, running the algorithm it is a easy task to construct a data base of all possible passcodes and their matching one-way hashes. Compare the database to the one found in the subject iPhone 5C from the Terrorists, and you have the passcode. Violá!
Input that four digit passcode, and Farouk's iPhone 5C Work phone is unlocked. Done.
I have no doubt that this, or a slight modification of this, was the way that Cellebrite hardware hacked into the iPhone. It is neither easy, nor cheap to do, and requires a specialized set of equipment and skills.
Thanks for the heads up, Mark
Apple wanted to do this quietly. It was the government who went public. Apple learned about the ex parte order with the rest of us.
We are ready to upgrade one of our iPhones. How long do you think it might be before Apple comes out with an iPhone thats even more difficult to break? I am thinking I should wait to see what they do.
Your thoughts?
The liar here is you. The Court order was quite specific that Apple would have to supply to the FBI any software it developed. READ THE COURT ORDER using ENGLISH, not DiogenesLampese. It was quite explicit. You've been reading what you've wanted into that very simple language for over a month.
Verbatim from Magistrate Judge Sheri Pym's Court Order, written for her by the FBI's legal counsel:
“. . . providing the FBI with a signed iPhone Software file, recovery bundle or other Software image File (“SIF”) that can be loaded onto the SUBJECT DEVICE. The SIF will load and run from Random Access Memory (“RAM”) and will not modify the i/os on the actual phone, the user data partition or system partition on the devices’s flash memory. . . The SIF will be loaded via Device Firmware Upgrade (“DFU”) mode, recovery mode or other applicable mode available to the FBI.”
From the dictionary:
Root word for "providing" is PROVIDE (verb)1: the foundation will provide funds: supply, give, issue, furnish, come up with, dispense, bestow, impart, produce, yield, bring forth, bear, deliver, donate, contribute, pledge, advance, spare, part with, allocate, distribute, allot, put up; informal fork out, lay out, ante up, pony up. ANTONYMS: refuse, withhold.
2: she was provided with enough tools: equip, furnish, issue, supply, outfit; fit out, rig out, arm, provision; informal fix up. ANTONYMS: deprive.
3: he had to provide for his family: feed, nurture, nourish; support, maintain, keep, sustain, provide sustenance for, fend for, finance, endow. ANTONYMS: neglect.
4: the test may provide the answer: make available, present, offer, afford, give, add, bring, yield, impart.
There is no other reading of that word that makes any sense other than that Apple would have to give the software to the FBI. . . no matter how much you sing, dance, and use a ventriloquist dummy to put words into the mouth of the Court order, it just isn't there to say what you claim it says! Again, as I've said before, Diogenes would be a whirling dervish in his grave with your antics.
And you show your ignorance of the difference between the case that established the legality of that case and this one. It played a prominent role in the arguments. . . but showed that it was a standard function of the New York Telephone company, not requiring the company to invent something entirely new. They even forced phone companies to create the equipment necessary to tap phones.
No, that was something they did NOT do. That is what shows your ignorance of the cases. The pen registers the New York Telephone Company used was standard equipment they used for billing purposes and standard troubleshooting of their lines. They already had the equipment and agreed it was not an "undue burden" to place it on the lines in question. Any operator could easily listen in on any phone line. It was NOT new equipment that had to be "created" necessary to tap the phones and you just made that up to bolster your argument. Typical of you.
If they are making money on the deal, what the problem?
The government does not get to define what anyone's business is, or is not. . . nor do they get to define what that business gets paid to do any task. Nor does the government get to dictate that any business must do something for the government against its will for the benefit of the government.
Glad to help.
“Facts don’t matter to “just don’t wanna know.”
I see what you did there. You clever rascal.
You seem to completely ignore the first clause of the Fourth Amendment. . . always. But, Just Don't Know, it is the most important part of the Fourth Amendment, far more important than the rest. It can stand alone, without qualifiers:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized
It doesn't even need the subordinate clause ". . . against unreasonable searches and seizures. . . ".
But you ignore that most important part, the part which the one that outlines the RIGHT of the people. The other clauses are the RESTRICTIONS on the government's power to violate that RIGHT of the people. This fixation of yours on the power of the government exposes you as a big government fanatic.
FBI agrees to unlock iPhone, iPod in Arkansas homicide case
You still seem to be trying to litigate your other loser case. Not interested. Do us a favor though, uncork another fine whine..
And I have challenged you to show me the search warrant legally served on Apple for something they had that was dispositive or probative in the terrorist case.
You have never produced that search warrant because you cannot. It does not exist.
By the way, the way you posted your citation of the Fourth Amendment, and your stress on the limitations of the power of the government, proves my contention "this fixation of yours on the power of the government exposing you as a big government fanatic." Thanks for the immediate validation.
Why are you sending this crap to me? This has nothing to do with the other thread that you are hung up on. You got your ass kicked. Find someone else to try to impress, will you sweetheart?
"*I* unlike many people who discuss this issue, have actually READ the relevant filings without any comprehension of what I read."
There, fixed if for you, Just Don't Know. Now it's accurate. But this does not constitute a "Back Door." It also does not constitute a tool which was to be given to the FBI. The FBI filing with the court explicitly said Apple could retain custody of the phone, custody of the software, and the FBI would never touch it.
No, Just Don't Know. The FBI's filing was an ARGUMENT, not part of the court order. It has no probative or dispositive value other than a lawyer standing up and saying something. It is not even said under oath. It has no value. . . and holds ZERO weight. The only thing that has any force at this point is the ORDER SIGNED BY A FEDERAL JUDGE. Do you seriously think that a Jailer can legally say to a prisoner I don't care what your sentence says, what the Judge signed, I'm gonna let you go only a week into your court ordered sentence, because I'm satisfied you fulfilled it???? That's essentially what you are saying the FBI is saying with their argumentative filing by your giving it weight as having the power to change the COURT ORDER!
That is the pure essence of the rule of MEN rather than the rule of LAW!
FBI: "PFUUII! We are only going to comply with the part of the order we LIKE, not the order as written! So, Apple, we've changed our minds. You don't have to give us the software, keep it, just let us use it."
It doesn't work that way. If the FBI, who WROTE the original court order wants it amended, then they have to ask the judge to vacate the original and replace it with a new one, outlining their new court order with their new orders. . . and sign that one. It's not an optional thing, directed by what the FBI wants as they go along, as you seem to think. Try that with a judge someday, say about showing up sometime for a hearing about that traffic ticket. See how that goes over with the judge.
I was kidding ... It wasn’t meant to be an attack :-).
Thanks for posting that. I wasn’t working on anything that had to be secure when I was playing around with the FIB (I was probing an embedded EEPROM ironically) .... I am familiar with techniques to cover such embedded devices with metal layers as well as introduce traps so that if someone wanted to dig down through the metal with a FIB, they risk cutting power rails and the like. Similar techniques are implemented at the PCB level to prevent sniffing of DRAM busses hidden on inner layers of the PCB (I suspect Apple and other vendors have embedded encryption in front of the DRAM’s physical layer since they develop their own ASICs).
Anyway, I simply got sick of seeing people imply that the iPhone was hacked due to a security issue ... I highly doubted that was the case. Plus there were many people calling you out as if you were wrong about Apple’s security.
I would offer you the same advice. I program mostly in Assembly and C++. I design and build microprocessor and PC based stuff for people. (Mostly SCADA and control stuff.)
A “backdoor” is exactly what they wanted. They attempted to open the phone 10 times, and after the 10th, the data was removed from device. This is done by scrambling the EEPROM on the mainboard. The only way to unscramble that would be to reverse engineer the encryption algorithm or to provide the hash and salt used to generate the algorithm, thereby providing a way to recover the data. This isn’t a lie, this is cold hard fact.
Well sure it is, except for the part about the "back door." Everything else you said is true. A "Back Door" is a secret hack to allow someone direct entry into the system. This not only doesn't allow direct entry into the system, it is also known to all and sundry parties. Therefore it would be more accurately described as a "Front Door Bell." But whatever you call it, Apple would still have all the keys to it under the FBI court filing.
The FBI was explicitly asking for Apple to provide the keys to their algorithm.
No they weren't. This was an ACCUSATION that came from the Lying Squad at Apple inc. READ THE COURT FILING. The FBI was asking for no such thing.
But i'm a reasonable man. If you can show me in the FBI's court filing where they asked for the keys to Apple's encryption algorithm, i'll admit I was wrong.
From everything I have read on the subject, that allegation appears to be completely made up, and came directly from Apple inc.
If you cannot find the FBI's original court filing, let me know and i'll see if I can find it. It's been posted in my history numerous times, but it's pretty far back there.
How again does this turn into something Apple wants? I'm not grasping your point here.
If money matters just get a reputable privacy “app”.
I believe they are available for Apple products if you prefer an Iphone.
Apple is the most expensive source for security, and they will always be behind the makers of apps.
The head of the FBI even clarified that Apple does not have to give the government any sort of software at all. I've already posted the link to you before, so you can look back in your history if you want to see it.
I know that you don't want to see it, so i'm not going to bother hunting it up for you again.
Apple was allowed to accomplish the task in any manner they wished, and were permitted to do so without transferring any software to the government. None. Zero. Zilch.
If Apple chose to do something stupid like that, well who is the FBI to tell them not to do it?
Perhaps if it was shorter, and more intelligible?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.