The 5c originally shipped with iOS 7, which apple can get into if they want. It will be interesting to see what happens. Maybe apples claims about being 'locked out' of iOS 8 is bunk. Maybe they didn't password protect their phone. Maybe apple can guess their iCloud password ('12345'?), or access their gmail and reset the password. Once they have the iCloud password, and if there's an online backup, they can restore the backup to another phone. There are plenty of options beside brute forcing that hardware.
You mistake an iPhone's unlock code with the iPhone's encryption key. the iPhones do typically use a 4-6 digit pin as an unlock code. The user also has the ability to create a full alphanumeric password for the unlock code as well. However, that is simply the code that's used to unlock the actual full encryption key that is stored within dedicated crypto hardware. Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES
That's great and all, but you know what else it turned on by default in iOS?
iCloud backup.
And that ain't encrypted by the Secure Enclave or whatever because you can use it to restore your phone to a new phone should the old one break. Or Error 53 because you tried to repair it.
Apple presumably has a nice copy of the phone stored on their servers that they could just hand over to the FBI if they weren't being obstructionist dicks.
"The backup set is stored in the user’s iCloud account and consists of a copy of the user’s files, and the iCloud Backup keybag. The iCloud Backup keybag is protected by a random key, which is also stored with the backup set. (The user’s iCloud password is not utilized for encryption so that changing the iCloud password won’t invalidate existing backups.)
While the user’s keychain database is backed up to iCloud, it remains protected by a UID-tangled key. This allows the keychain to be restored only to the same device from which it originated, and it means no one else, including Apple, can read the user’s keychain items.
On restore, the backed-up files, iCloud Backup keybag, and the key for the keybag are retrieved from the user’s iCloud account. The iCloud Backup keybag is decrypted using its key, then the per-file keys in the keybag are used to decrypt the files in the backup set, which are written as new files to the file system, thus re-encrypting them as per their Data Protection class."
The relevant sections begin at page 38, in which the paper discusses iCloud, Apple ID, and general Internet Services security. Your misunderstanding stems from the mistaken belief that you can just "restore" the iCloud backup of your phone to a new device. But to do this, you need access to the user's Apple ID password. If two-step verification is turned on, Apple definitely has no way to circumvent this.
I've put this elsewhere in the thread but Apple seems to think they can provide plenty of stuff from icloud to law enforcement. The icloud stuff is encrypted with a passcode known to Apple:
So if it was in icloud, presumably they have it already, because Apple says "we can give you the icloud stuff, because we can access it". The locally encrypted stuff is locally encrypted, however- so presumably they w
Huh? (Score:4, Informative)
There's no word on exactly which model of iPhone was recovered
Huh? The article clearly states a model:
According to NBC News, the model in question is an iPhone 5c
Re: (Score:2)
The 5c originally shipped with iOS 7, which apple can get into if they want. It will be interesting to see what happens. Maybe apples claims about being 'locked out' of iOS 8 is bunk. Maybe they didn't password protect their phone. Maybe apple can guess their iCloud password ('12345'?), or access their gmail and reset the password. Once they have the iCloud password, and if there's an online backup, they can restore the backup to another phone. There are plenty of options beside brute forcing that hardware.
Re: (Score:0)
I don't own one of these devices, so no experience here... but wait. You're saying there are only 10K different possible passwords? How can that be?
I must be mistaken in assuming that is a password to decrypt the encrypted storage?
Re: (Score:5, Informative)
You mistake an iPhone's unlock code with the iPhone's encryption key. the iPhones do typically use a 4-6 digit pin as an unlock code. The user also has the ability to create a full alphanumeric password for the unlock code as well. However, that is simply the code that's used to unlock the actual full encryption key that is stored within dedicated crypto hardware. Apple uses a dedicated chip to store and process the encryption. They call this the Secure Enclave. The secure enclave stores a full 256-bit AES
Re: (Score:0)
That's great and all, but you know what else it turned on by default in iOS?
iCloud backup.
And that ain't encrypted by the Secure Enclave or whatever because you can use it to restore your phone to a new phone should the old one break. Or Error 53 because you tried to repair it.
Apple presumably has a nice copy of the phone stored on their servers that they could just hand over to the FBI if they weren't being obstructionist dicks.
Re:Huh? (Score:5, Informative)
That isn't correct, according to the white paper:
"The backup set is stored in the user’s iCloud account and consists of a copy of the user’s files, and the iCloud Backup keybag. The iCloud Backup keybag is protected by a random key, which is also stored with the backup set. (The user’s iCloud password is not utilized for encryption so that changing the iCloud password won’t invalidate existing backups.)
While the user’s keychain database is backed up to iCloud, it remains protected by a UID-tangled key. This allows the keychain to be restored only to the same device from which it originated, and it means no one else, including Apple, can read the user’s keychain items.
On restore, the backed-up files, iCloud Backup keybag, and the key for the keybag are retrieved from the user’s iCloud account. The iCloud Backup keybag is decrypted using its key, then the per-file keys in the keybag are used to decrypt the files in the backup set, which are written as new files to the file system, thus re-encrypting them as per their Data Protection class."
The relevant sections begin at page 38, in which the paper discusses iCloud, Apple ID, and general Internet Services security. Your misunderstanding stems from the mistaken belief that you can just "restore" the iCloud backup of your phone to a new device. But to do this, you need access to the user's Apple ID password. If two-step verification is turned on, Apple definitely has no way to circumvent this.
Re: (Score:2)
I've put this elsewhere in the thread but Apple seems to think they can provide plenty of stuff from icloud to law enforcement. The icloud stuff is encrypted with a passcode known to Apple:
http://www.apple.com/privacy/d... [apple.com]
This LEO guide seems to back that up:
http://manhattanda.org/sites/d... [manhattanda.org]
So if it was in icloud, presumably they have it already, because Apple says "we can give you the icloud stuff, because we can access it". The locally encrypted stuff is locally encrypted, however- so presumably they w
Re: (Score:2)
This allows the keychain to be restored only to the same device from which it originated
Sucks if you lose your device. Or it physically breaks.
Two of the main reasons you'd want to keep a backup in the first place.