Report : The FBI recently unlocked an iPhone 11 Pro with GreyKey, raising more doubts about the Pensacola case.

9to5Mac ^ | January 15, 2020 | Chance Miller

[Secret Agent Man]

Its about setting a precedent. Something they can then demand as a routine request. Also they will go to court and state the company did it in the past, so they should now or otherwise they are now obstructing an investigation by refusing to cooperate as they did prior.

[Secret Agent Man]

Further if apple caves then they can demand other companies do the same.

[ctdonath2]

There are a LOT of factors affecting whether “Apple can unlock it”.
Few here have a clue what those are, and which actually apply.

Apple is good about doing what they can to unlock, and doing what’s possible to minimize what can be breached.

[glorgau]

Well, it is the FBI. Famous But Incompetent.

[eartick]

The FBI agents/techs handling the Pensacola iPhones are clearly idiots

Well they are the FBI and the first word is Federal.

Known for creating evidence, shooting unarmed women holding babies and killing children in their sleep.

[momincombatboots]

It’s sounding more like a marketing collaboration with our dirty fbi. Gotta keep that opiate for the masses flowing.

[Swordmaker]

Further emphasizing that point, a new report from Forbes says that the FBI recently used one of those black/gray market tools to unlock the newest — and theoretically the most secure — iPhone that Apple sells.

GreyKey itself does not tout that capability themselves. They advertise the ability only to unlock devices running iOS 12 , as does Cellebrite. Forbes has not been a bastion of factual news about Apple for some time. If what they were claiming were true, there’d be obviously no necessity to involve Apple in unlocking anything. As for the two from the latest case, there is doubt only about the iPhone 7. It may have iOS 13 on it. —PING!

Apple Security PING!

If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.

[Swordmaker]

But when China wants the Apple’s source code so they can use iPhone to spy on people,

.......Apple happily bends over, grabs its ankles and loudly proclaim, “YES SIR!”

That is a false assertion, PanzeKardinal. The security "audit" that Apple agreed to did not include revealing Apple’s proprietary source code. The primary company which did that, and in fact handed over all of its source code, was Microsoft. Apple merely provided Chinese security specialists an inside look at the security architecture, not the code. This occurred over only a three day period where no code was even available to be compromised. Nice try. . . there is no spyware in iPhones. China uses another approach for getting data from their citizens’ devices in China having to do with open access to required cloud backups.

If you think Apple handed the Apple’s iOS source code to China, where are all the clone iPhones flooding the market? They don’t exist. Ergo, it never happened.

That’s why China requires all cloud services for such devices be on Chinese servers. . . and why Apple, when China passed that law in 2015, was forced to move all Chinese iCloud user data for its millions of Chinese customers from its servers outside China to servers owned by the Chinese government. At least Apple was able to retain possession, under that law, of the data encryption keys, although those keys were required to be within Chinese jurisdiction.

As I understand it, the only change Apple had to make to meet legal requirements for Chinese iOS devices was made in the Chinese version of iOS itself requiring that users in China don’t have an option about not backing up specific data on their iPhone and iPad to their mandatory cloud accounts, it’s the default, nor can they have an option of when. This allows Chinese authorities to use a "legal search warrant," issued by a court, to access to everything in the backup, i.e., everything on the devices. The same is true for all mobile devices used in China. The Chinese law voids any right to privacy one could assume for anything a user puts on or uses their devices for. Apple has no choice about it; they don’t have to like it, but they are required to obey the National law in China.

[DainBramage]

Paging Babi....
https://www.timesofisrael.com/israeli-tech-company-says-it-can-break-into-all-iphones-ever-made-some-androids/

[Swordmaker]

Anyone who thinks the NSA can't get into an Iphone in under 30 secs is an idiot.

I am far from an idiot, but I know math, and I know they cannot. . . Especially not 30 seconds. It’s the idiots who think they can, because they don’t grasp the math involved or the hardware design that limits how they can be unlocked.

I spent some time yesterday on another thread, explaining why and what the limitations are on the two hardware/software unlocking approaches that are currently available to the authorities are. I suggest you read it and get an education. It contains some suggestions that will make your Apple iOS devices even more inviolate from snooping than they already are. Those are offered by GreyKey and Cellebrite for sale only to law enforcement and official government agencies. Both of which have listed the NSA as among their customers.

[Swordmaker]

li>All it takes to break into an iphone, or any other phone is a good hacking program. All it takes is a phone number or even a fb account. There are many ways to access the phone’s emei number or what kind of phone it is.
Lots of ways hackers do this. And no, they don’t need your password to get in. How they do it, i don’t know. All I know is I’ve seen brand new phonws broken into within 30 minutes of brand new purchase.

"How they do it, I don’t know."

No, PrairieLady2, you don’t know and everything you posted claiming "all you need is a good hacking program" must be why police departments are paying $15,000 to $35,000 for a hardware device that will only unlock older Apple iPhones, and why before those became available, the FBI paid over $1,000,000 to one of those companies, Cellebrite, which developed that technology to unlock the San Bernardino Terrorist’s iPhone 5C.

Cracking into Android phones may be a piece of cake, but Apple iPhones have the same level of encryption used that is certified by the NSA for use to protect our nations top secret information and keep multi billion dollar transactions between financial institutions secure.

It’s called 256bit Advanced Encryption Standard (AES) which has never had its encryption broken. The iPhone’s telephone number and EMEI have absolutely nothing to do with accessing, locking, or unlocking the iPhone. . . and even less to do with the encryption.

A wise iPhone owner can protect his device from being unlocked even with the most sophisticated tools available to the government by using an easily remembered alphanumeric passcode of just six characters. Because it must be done on that particular iPhone which allows only one try every 1.3 seconds, for anyone to try every possible passcode to get into that iPhone would take a mere 2,147 years, working 24/7. . . and that’s with only six characters. With eight, it would take over 9 million years to find the one that would unlock it!

[Swordmaker]

Paging Babi....

Cellebrite’s own website advertising touts it can unlock iPhones running iOS 12. What about iOS 13? Crickets. Police departments are complaining they can’t unlock later iPhones with either GreyKey or Cellebrite equipment. Oops! Ergo, the Israeli times article spouting an old press release, especially claiming only some Android phones when ALL Android phones have only bolt on security and have been unlockable for years! As far as I know, none have built in hardware encryption. Even Samsung’s vaunted Knox was found to keep its encryption key in an unencrypted plain text library where anyone could find it. That’s not secure at all.

I will grant there is a way they can’t unlock data, but it would work on iPhones as well as Android. That’s to use a third-party 256bit AES encryption to just encrypt specific data files. Do not store the algorithm for encryption/decrypting on the device, just download it when you need it, and memorize the 256bit key. NOBODY will be able to unlock those data. . . just not very convenient for instant access.

[richardtavor]

They don’t want it for dead guys. They want it to set a precedent for future investigations and prosecutions. I am sure they already have the info that is on the phones but could not use it in this case. However, if they get Apple to routinely allow it, then it can be used in future court cases. Just my opinion, but like most here, I would be shocked if they don’t already have the info.

[Lurkina.n.Learnin]

“It might be that they couldn’t use the info in court if it was gathered by a bootleg software.”

Mueller didn’t have a problem using third party testimony and in this case they have physical possession of the evidence. They never had Hillary’s server.

[richardtavor]

Mueller didn’t really have to prove anything (and didn’t), and it wasn’t a court of law (furthest from).

[zeugma]

You can probably hear my eyes roll.

Yes, all the way from here. They are rolling in harmony with mine.

Eventually the fact that so many of us wouldn't trust the FBI (or any related agencies) if they told us the sun will rise in the east will start affecting their ability to bring cases. For myself, I'd consider any evidence presented by the FBI to be no better than hearsay.

[grwcfl537]

Agree 100%, they want Apple to put a backdoor into iOS.