Bill Gates Sides With FBI In Apple Spat (ft.com) 389
Fudge Factor 3000 writes: Bill Gates has now publicly stated that Apple should cooperate with the FBI in the San Bernadino terrorist's phone unlocking case. He states that it is for this specific case, but seems to miss the point that there are other law enforcement officials waiting on the wings with their requests should this precedent be set. The war against privacy escalates. Setting aside the actual practicality of unlocking the San Bernadino phone, the teams that are emerging on this issue include some pretty strange bedfellows: John McAfee and Bill Gates on the pro-unlocking side, and Woz, Edward Snowden and even some of the victim's families on the con.
Is that (Score:5, Insightful)
the same Bill Gates who's companies latest offering backs up everly last secret it can find on your computer to server in the US?
Bend over more Bill, it's not quite far enough yet.
Re: (Score:3, Informative)
Re: (Score:2, Informative)
Re: (Score:3, Insightful)
Re: (Score:3)
Since I didn't make such a claim, I'm not sure why I'd present evidence for it. But since the EULA authorizes them to do so and you are claiming they are not taking advantage of what you agree to in the EULA. I trust that YOU are prepared to provide evidence they aren't exercising the legal rights they are requiring. Otherwise it's like you are just repeating things that others have said
Re: (Score:3)
Since I didn't make such a claim
Then what did you mean by "that doesn't eliminate the backdoor or all the data going back"? You made a claim that they have a backdoor and "all the data" is going back to them, certainly you or someone else here can prove it so that it's clear how MS is in the wrong.
Look, I'm not arguing against you. I just am sick and damn tired of hearing this argument against MS come up every time a tech company is mentioned in a Slashdot post, but nobody has the decency to show that something more harmful than anonymo
Re: (Score:3)
I'm not trying to justify it as acceptable behavior"
Okay, so we have found a bit of common ground. You will not see this kind of data sent from typical Linux desktops. You can take measures to prevent it in browsers as well. You can allegedly turn off some kinds of data but not all, according to MS. Your desktop/laptop
Re: (Score:3)
That's the same theory that says OpenSSL was never full of security holes because it was open source and everyone in the world could check it. Any vulnerabilities you have seen of late are just products of your fevered imagination.
In any case, that's an awfully tall straw man you've set up. You're asking "someone" to do a lot of work to find out what MS are collecting at the moment, far beyond "decency".
People are, generally, likely to think MS are trustworthy because they have skin in the game (as do I). H
Re:Is that (Score:5, Insightful)
Windows 10 does send information back to Microsoft, but nothing personal aside from anonymous telemetry data. It's not stealing documents, it's not stealing photos, it's doing the same thing OS X does, it's doing the same thing Android does, it's doing the same thing Ubuntu did.
Oh fucking bullshit.
If you can actually read, Microsoft very plainly and explicitly says that they scrub your identifying data after thy get your telemetry. So why would they tell you they scrub it if they do not have it?
Seriously, how much to you get paid to lie about this shit? It's to the hpoint where the shilss are denying What Microsoft says they do.
Re: (Score:3, Insightful)
Indeed, the company that uploads the entire contents of your device to its cloud service and calls it a "backup feature".
Oh wait, I thought you were talking about Apple for a minute. Carry on.
Re: (Score:3)
Finally someone who talks sense about the Cloud.
Taking sides: problem solved! [Re:Is that] (Score:5, Funny)
"...some pretty strange bedfellows: John McAfee and Bill Gates on the pro-unlocking side..."
Actually, John McAfee is not on the side of forcing Apple to unlock the phone-- he's against that. He is on the side of don't force them to do it because he and his elite crew of hax0rz will do it for free [businessinsider.com] with no need to bother Apple or use that all-writs thing.
And this solves the problem, doesn't it? Give it McAfee, he will screw up and erase all the data on the phone, problem solved.
Re: (Score:2)
> And this solves the problem, doesn't it? Give it McAfee, he will screw up and erase all the data on the phone, problem solved.
I cannot even begin to express how much I want the FBI to take him up on this offer.
The idea of Presidential Candidate John McAfee's personal crack team of uberhackers being deployed in this case is just.... its everything a boy could hope for. Good work JM....go full Stark on that shit.
Re:Taking sides: problem solved! [Re:Is that] (Score:5, Insightful)
FBI doesn't want to ask for volunteers or buy a zero-day/jailbreak/exploit. It wants the power to compel a manufacturer's engineers to break their own security. "Break this phone or go to jail."
Which is why the summary is so wrong that it hurts the brain, and while I understand slashdot editors aren't exactly professionals, they should have the dignity to remove that comment. Bill Gates wants cooperation with big brother, McAfee wants policework. There's a huge difference between them.
And that (Score:4, Insightful)
Of course he does. (Score:5, Insightful)
See, the billionaire class wants to make sure that we little people can be monitored and tracked.
Re: (Score:2)
Tim Cook isn't a billionaire.
What's the next step after billionaire again?
Re:Of course he does. (Score:4, Funny)
Donald Trump wants everyone to bend over.
Re: (Score:2)
Donald Trump is a serial failure, so not a good representative of any class but the loser class.
And you are surprised? (Score:5, Insightful)
The man is the founder of a company with a terrible privacy record and you are surprised? I am more surprised that he does not realize you cannot create a specific solution for this that is not also a general solution for all phones.
Re: (Score:2, Interesting)
Bill Gates is a guy who won't blink for a second when it comes to sending a human rights activists in China 10 years of hellish prison. He'll do ANYTHING to get in good with the government to make money. He's not even very particular about which government he'll hop into bed with. What do you expect him to say about a Muslim murderer who killed Americans?
Re: (Score:2)
Do you have any evidence to back that up? I mean, he was a dick when he was running Microsoft, but I don't recall him creating backdoors for the Chinese or being involved in sending activists to prison.
Re:And you are surprised? (Score:5, Insightful)
MS also earns hundreds of millions, if not billions, per year from government contracts.
As Upton Sinclair wrote, "It is difficult to get a man to understand something, when his salary depends on his not understanding it."
Microsoft gets huge payments from the NSA? (Score:4, Informative)
Can Microsoft be trusted? Here are some articles:
Windows 8: NSA Backdoor Exploit in Windows 8 Uncovered [technobuffalo.com] (Aug. 22, 2013)
Windows: NSA "backdoor" mandates lead to a computer-security FREAK show [consumeraffairs.com] Quote: "Microsoft Windows OS vulnerable to hackers, thanks to National Security Agency requirements." (March 6, 2015)
Windows: NSA Built Back Door In All Windows Software by 1999 [washingtonsblog.com] (June 7, 2013)
Windows 10, Microsoft hiding what it is doing: Microsoft has no plans to tell us what's in Windows patches [arstechnica.com]. Quote: "Each update is a black box, and it's going to stay that way." (Aug 21, 2015)
Windows 10, Microsoft takes even more control: Windows 10 is spying on almost everything you do -- here's how to opt out [bgr.com] But, of course, Microsoft can change the spyware to avoid blocking. (July 31, 2015)
Microsoft can't be trusted: How Can Any Company Ever Trust Microsoft Again? [computerworlduk.com] (June 17, 2013)
Microsoft releases EXTREMELY buggy software: Microsoft Kills Many Critical Flaws, Some 0-Days, Un-Trusts One Wildcard Cert [slashdot.org] It is likely that there are many bugs Microsoft hasn't yet found. Are Microsoft products intentionally made insecure? (December 9, 2015)
Re:And you are surprised? (Score:4, Interesting)
I am more surprised that he does not realize you cannot create a specific solution for this that is not also a general solution for all phones.
Err, can't you? Since only Apple has the private key necessary to sign iOS firmware updates, AFAICT that means that Apple could release a nerfed firmware that would run only on an iPhone 5c with Sayed Farouk's phone's hardware ID, and refuse to run on any other device, and nobody would be able to modify it without breaking its signature.
I understand there is also a principle of legal precedent to consider, but from a technical standpoint I don't see how it's impossible.
Re:And you are surprised? (Score:4, Insightful)
It's more of a barrier to entry.
Right now, Apple has to develop the firmware. And while it's easy to disable the 10 PIN check, the FBI wants additional development to be able to programmatically guess the PIN.
Once that is done, you have basically a master key. It doesn't matter that the FBI has a nerfed version that only works on one phone. One it's out, the barrier to developing it for other phones Is a lot lower - "We just want what you have given the FBI, just with this hardware ID". And so on.
And then there's a whole case of cyberattackers wanting to look at the firmware and find ways to break it - through jailbreaking if need be. Imagine the havoc caused if this firmware was released as part of a jailbreak tool for iOS.
In fact, the precedent for the All Writs Act is if something is already done, then law enforcement can ask for it to be done as well. Since the telephone company already uses pen registers for their own internal investigations (fraud, etc), then the FBI, local LEOs and others asking the phone company to put on a pen register on a specific line can do so as well. After all, the difference between the phone company and LEOs is who the data goes to in the end.
And the FBI doesn't want static data. They want live data. Let's say they used GMail and other services - they could ask Google for the data, but that requires a warrant. They could ask Apple, then use the GMail app on the phone in question and get the data without a warrant. Sure, it's probably not admissible, but if you really needed to know, you could either subpoena Google later for an "official" copy of the evidence, or just find other evidence.
And one final note - if you're comfortable with LEOs accessing your phone, then why bother putting a PIN on it? Or do you have crap on your phone that you don't want others to see?
Tim Cook knows about privacy - if nothing more than to protect those who have yet to come out of the closet. Which even in these modern times still brings up punishments as severe as the death penalty in many countries. Even in the first world many people are unable to cope with learning their son/daughter is gay.
So yeah, the phone owner's life could literally be on the line.
Says he's misinterpreted (Score:5, Informative)
He's refuting he said that he supports the FBI.
He has very slightly backed off, claims that people have misinterpreted his position:
(see the "update:" in this gizmodo article: http://gizmodo.com/bill-gates-... [gizmodo.com] )
But here is Gates' actual quote from the Financial times article; what do you think-- was he misinterpreted?
http://www.ft.com/cms/s/2/3559... [ft.com]
Bill Gates was always about controlling people (Score:5, Insightful)
.
It comes as no surprise that Bill Gates gives privacy so little weight, with less privacy users have less choice and control.
Re: (Score:3)
From his time as Microsoft CEO, Bill Gates was all about removing choice, and making computer users use Windows software by making deals with PC OEMs.
. It comes as no surprise that Bill Gates gives privacy so little weight, with less privacy users have less choice and control.
I'm shocked, shocked to find someone on Slashdot that taking the chance to dump on Bill Gates.
I don't really care who comes out on what side here. I'm more interested in how Apple and Google move forward with their OSes to prevent this from even being a question next time.
Re: (Score:2, Insightful)
... I'm more interested in how Apple and Google move forward with their OSes to prevent this from even being a question next time.
This. The thing that bothers me the most about this whole thing is that Apple declared that they couldn't unlock our phones, that with the new OS and default encryption your data is safe, when it clearly isn't. IMO, they should open the phone for the FBI if they have the capability, then fix whatever is needed so that they actually CANNOT comply in the future.
Re: (Score:2)
Also, in this case, they even said point blank the government would have been welcome to the data if it had been backed up to iCloud. It's not like Apple's a saint of privacy here.
Re: (Score:2)
Go watch the old Keynotes with Steve. He talks about user privacy quite a lot when talking about iTunes, iCloud, etc.
McAfee? (Score:5, Interesting)
Re:McAfee? (Score:5, Insightful)
I thought that McAfee's position wasn't so much 'pro unlock' as "Me and my hacker posse will hack the shit out of it!";
I thought McAfee's position was more along the lines of "Look at me! Look at me!" with the idea that he could say any old shit, get the attention he craves and then not have to deliver anything as no-one in their right mind would let him near that phone.
Re: (Score:2)
You don't need "that" phone. You need to get any iPhone and you can debug it and get whatever access to it in general way that will apply to similar hardware/software, most likely just by changing single byte in machine code instructions. It would cost time/money though. Apple already has access to it though through their own personal backdoor, so why should they be immune to court orders? No business or person is immune to it. They can only (try to) refuse to provide general access software, but every time
The whole point (Score:2)
You don't need "that" phone. You need to get any iPhone and you can debug it and get whatever access to it in general way that will apply to similar hardware/software, most likely just by changing single byte in machine code instructions. It would cost time/money though. Apple already has access to it though through their own personal backdoor,
No. The whole point is that "their own personal backdoor" does not exist.
so why should they be immune to court orders? No business or person is immune to it. They can only (try to) refuse to provide general access software, but every time they will get court order to provide data from specific phone, they should be legally required to comply with court order.
Again. Apple is not being asked to "provide data from the phone"; they're not even being asked to decrypt the phone. They are being commanded to write new software to the FBI's specification.
Re: (Score:3)
Off topic a bit, but does anybody but me think the 'erase phone after 10 bad password tries' feature takes 'security' too far? I'm not nuts about a feature that lets any arbitrary malicious person with physical access to my phone wipe the whole thing by simply entering 10 bad passwords. How about just making them wait a few hours after 10 bad passwords - perhaps increasing that delay after each 10 bad tries until the correct password has been entered. That'd make a brute force crack impossible, but still
Re: (Score:2)
Off topic a bit, but does anybody but me think the 'erase phone after 10 bad password tries' feature takes 'security' too far?
It would be a bit over-the-top if erasing the phone meant losing all the data you had stored on the phone. But then again, if you didn't have your phone backed up somewhere, dropping your phone into the sink would have the exact same effect. So of course you do have your important data backed up, right? In which case, having your kid brother accidentally wipe your phone is only a minor inconvenience, not a big disaster -- just restore it when you get your phone back.
Comment removed (Score:4, Interesting)
So help them out, Bill! (Score:2)
NBC poll 52% for FBI, 38% for Apple (Score:4, Insightful)
Re:NBC poll 52% for FBI, 38% for Apple (Score:5, Informative)
and this is why America is no longer the land of the free, its the land of the afraid.
Re: (Score:2)
When was it ever? Are you ignorant of US history?
Re:NBC poll 52% for FBI, 38% for Apple (Score:5, Insightful)
The biggest problem is that people are reacting to the headline - not the back story.
1) This was the terrorist's WORK phone. He tried (and failed) to destroy his personal phone - and the FBI have all of the data from that. If he didn't destroy the work phone, there probably wasn't anything important on it.
2) The FBI already have his texts, IP address lookups, voicemails and phonecall meta-data from the telco's - so this is only stuff like photos and documents stored inside the phone.
3) The FBI already have an iCloud backup from 6 weeks before the attack.
4) If they hadn't screwed up and changed the iCloud account's apple id - they'd have a recent backup too - and this would be a moot point. They screwed up.
5) If this was so important - why didn't they demand it back in December when they first got the phone? Any information on it now will be horribly outdated.
6) We already know that this was not a big ISIS plot or anything like that. It was a 'lone gunman' kind of a thing...so it's unlikely that there is anything on the phone that would incriminate anyone else who isn't already incriminated.
7) If they succeed - you can bet that Apple's next phone will make it impossible to circumvent the security with an OS upgrade by putting more stuff in ROM.
Knowing those things makes it very clear that they are using a high-profile case to demonstrate a capability (both on behalf of Apple - and on the behalf of the legal system to compel Apple).
The reason to do this is to provoke a debate that they hope will produce either laws or a legal precedent that they can apply to future cases - there is no other reason to fight Apple and public opinion.
The reason MOST people are agreeing with the Fed is that they didn't take the time to look at the facts.
Re: (Score:2)
Already destroyed the actual phones used (Score:5, Informative)
The biggest problem is that people are reacting to the headline - not the back story.
1) This was the terrorist's WORK phone. He tried (and failed) to destroy his personal phone - and the FBI have all of the data from that. If he didn't destroy the work phone, there probably wasn't anything important on it.
Close, but no.
He tried, and succeeded, in destroying his personal phones:
http://www.foxnews.com/us/2016... [foxnews.com]
The couple took pains to physically destroy two personally owned cellphones, crushing them beyond the FBI's ability to recover information from them. They also removed a hard drive from their computer; it has not been found despite investigators diving for days for potential electronic evidence in a nearby lake.
Farook was not carrying his work iPhone during the attack. It was discovered after a subsequent search.
So, the question is: given that they went to great lengths to destroy the phones and hard drives that they used in planning the attack, why in the world would anybody think that this phone they didn't think were worth bothering to destroy would have anything on it?
Re: (Score:2)
Main street is viewing it differently than tech world. People fear security more than privacy.
That's to be expected. Generally speaking, people fear what they are told to fear and don't question the viewpoints presented to them. They think that if unlocking this phone will help catch terrorists, then it should be done. If that's as far as one's thinking goes, it makes perfect sense.
Re:It's not Tech v. Main Street (Score:5, Insightful)
It's not conspiracy and conjecture, it's "legal precedent" and it's an actual thing. Once it's happened in a single instance, that single instance can be pointed to in future cases until it's refuted by a higher level judge. Which, in this case, would mean either the Federal Appeals Court, or the United States Supreme Court.
It's how the whole legal system has worked for 225+ years. And you can bet that there are hundreds of phones in evidence lockers with assistant District Attorneys and assistant US Attorneys lining up to get a court order to have Apple unlock them, depending on how this plays out.
Re: (Score:2)
Here's a list of open cases trying to get Apple to hack iPhones, just waiting for the precedent.
http://pdfserver.amlaw.com/nlj... [amlaw.com]
And this is just federal cases - I'm sure there's many more state & local cases.
Re:Conspiracy and Conjecture (Score:5, Insightful)
The point that you are missing is that the precedent to be set is that the government can make Apple write software.
This isn't about breaking into a phone, it's about exactly how much the court can compel them to do It's not "use your key to unlock this door". It's "write new software to this exact set of specifications that the FBI has written."
can the court compel Apple to write code? If they can, what else can they compel people to do?
Re: (Score:3)
Usually companies served with a warrant can be compelled to provide something they already have. If the FBI needed the e-mails that someone sent via GMail, they could compel Google to serve them up. However, the question is can the government require a company to create something entirely new just to further an investigation? The FBI wants Apple to write software to remotely apply to the iPhone that would remove the "10 attempts and phone is wiped" restriction and that would let them try PINs in an autom
Re: (Score:3)
Yes, the government can compel Apple to write code. The government can compel Ford to make a truck that gets 30MPG, compel a mining company to dig another shaft to let air into a mine, and make me pay for health insurance I do not want.
No, they can't; no, they can't; and no, they can't do that either.
They can enact regulations that include penalties if Ford's truck doesn't get 30 MPG, but if Ford says "no, we're not going to build that truck," a court writ can't force them to make trucks. They can enact safety regulations that mean mines have to have adequate ventilation, but if the company doesn't want to drill the draft, a court writ can't make them operate a mine. They can enact a tax to make you pay the costs incurred by your not ha
Re:NBC poll 52% for FBI, 38% for Apple (Score:4, Informative)
How I wish the question asked had been "Should Apple be forced to write software to enable government hacking?"
Re:NBC poll 52% for FBI, 38% for Apple (Score:4, Insightful)
For instance, if I asked people, "Should Apple comply with a legally issued search warrant?" most people will answer yes. If I instead ask them, "Should Apple give the U.S. Government unfettered access to everyone's iPhone?" people will likely answer more negatively (I wish I could say all would, but I don't have that much faith in humanity anymore).
Beyond that though, I think part of the problem is that the average person doesn't understand why "unlocking a terrorist's phone, with a warrant" is a problem. Apple has no problem (morally speaking, technical challenges are another matter) with unlocking a single iPhone. What Apple objects to is giving the government a key to disable security on ANY iPhone, because past evidence shows that they'll start using it anywhere they want to, not just on this one particular case.
Sure, Billy Boy. (Score:5, Insightful)
Yeah we all know that once law enforcement gets access to something they NEVER ask again. The disengenuousness of people claiming this is only about one phone is astounding.
All for Nothing (Score:2)
Re: (Score:2)
That how you scream "ulterior motive", son.
Partisan Bill (Score:2)
The US is not the only country. (Score:5, Insightful)
I am sure that China will wait till they have a clear terrorism/criminal case, ask Apple to give them the same software they give the FBI, then make a copy of it and use it on every single dissident.
The San Bernidino phone SHOULD be cracked - by the government, not a private company. Apple should have nothing to do with the cracking.
Re: (Score:2)
The Apple will be required to do it in countries like China anyway. Making excuses and delays in US court will not make them immune to totalitarian regimes at all. Who cares about US courts in China.
They should had though about it when leaving backdoor in their phones allowing to install whatever software without owner's permission. Once they have left backdoor for themselves, now they have a line of people wanting to use it too, isn't this what was obvious from the beginning? They don't have and should not
Re: (Score:2)
It is well worth the small amount of extra time/cash.
Re: (Score:2)
It is sounds like silly excuse, Apple doesn't know how to update software on their phone??? ;) It will not fly, and you don't have any "change phone" options, all phones are the same or worse in this aspect. Government can always have access to it, assuming otherwise just leaves you exposed. China regime may choose to do it their own though to avoid publicity and catch its enemies by surprise. It is likely they already done it, they have plenty of qualified people in China to do it.
Re: (Score:3, Interesting)
You don't think China doesn't already have the capacity? Something tells me that they fully understand how to do this. Remember they BUILD these things nearly exclusively and can easily obtain or reverse engineer these devices sufficiently to do anything they want.
Re: (Score:3)
Thank you sir! May I have another? (Score:4, Informative)
I sure it is a coincidence that Microsoft is forcing Win 7/8 users to upgrade to Windows 10, which touts its higher security. Don't worry, if you have private information you can use the Microsoft recommended product BitLocker, made in the USA and subject to US laws. I'm certain there aren't any backdoors. I'm glad that Microsoft will share Office 365 users info with government agencies to protect us. After all, the FBI would never be abuse its power, like sharing accessing info on political opponents to discredit them. Pay no attention that Microsoft was somehow vulnerable to 'FREAK' encryption flaw (http://www.cnet.com/news/windows-vulnerable-to-freak-encryption-flaw-too/#!) - nothing to worry about here. I'm sure glad Microsoft is providing free email services like Hotmail. I'm sure Microsoft has the highest standards in protecting Hotmail users info and the times it has shared private information has been completely justified besides "you agreed to the service agreement".
No, he doesn't... (Score:5, Informative)
He disputes so in a video [bloomberg.com] in Bloomberg..
Bill Gates, co-founder at Microsoft and co-chair at Bill and Melinda Gates Foundation, addresses his view of Apple's battle against an FBI court order to unlock an iPhone belonging to a shooter involved in the San Bernardino, California terror attack and the need for a balance between privacy and government access.
Way to Embrace the Dark Side Billy! (Score:5, Funny)
I'm starting to see their point. (Score:4, Insightful)
I completely understand Apple not wanting to do this, because there are far more ways it can end badly for them than positively, but I ultimately suspect that the only way they will ever see the end of this is if they try.
NSA backdoor (Score:2)
Of course Windows has a long tradition to cooperate with spying agencies.
How does this work with safes? (Score:2)
I don't think the entire concept being fought over is some brand new idea, it's a classic idea with the obligatory "with a computer".
So how has this been handled in the past? If you buy a brand new top of the line "uncrackable" vault say for a bank or casino in Vegas... and refuse to open it for police, they just... make do on their own right? Spend a few days or weeks with hammers, chisels and drills until it's open?
Nobody makes the vault company drop by and show you the secret access trick, am I right?
The FBI's failure is crystal clear (Score:2)
What seems to be missing in all of this media-fueled discussion on this topic is that the iPhone doesn't operating in a vacuum. Assuming that the couple got their marching orders on this phone (which is unlikely since it was a work phone not a personal one), someone had to send those marching orders. That means that the Feds have totally failed to identify the source. Either that or the fact that our international surveillance capabilities have been totally borked in the last few years that they no longe
precedent for what? (Score:2)
The only real protection against such government intrusions is technological, not some wimpy legal precedent. Since the iPhone 5c apparently can be unlocked after the fact with the help of Apple, it is not secure. That problem isn't going to get fixed by legal posturing, it's only going to get fixed by fixing the phon
Restore iCloud password then back it up (Score:2)
_NSAKEY (Score:2)
The same Bill Gates of _NSAKEY fame?
So all you Microsoft users (Score:3)
Are you REALLY still feeling warm and fuzzy about putting everything into Microsofts cloud, and believing Windows 10 isn't really spying on you, and that Microsoft aren't fundamentally aligned to sell out your private data at the first opportunity?
SPAT? (Score:2)
Re: (Score:2)
No, they can't.
Re: (Score:2)
Because it's a security mechanism built into the OS. The unlock process requires identifiers unique to the hardware.
Re: (Score:2)
And they can't read/copy these IDs and write them on another iPhone?
Re: (Score:2)
I can't speak to the internals of the iPhone in particular, but there absolutely exists cheap, tamper resistant hardware that allows you to import a key, but not export it. The hardware simply doesn't have offer a function to do it.
Re: (Score:2)
You're right, now that I think about it I remember seeing something about this for some Atmel microcontrollers.
Re: (Score:2)
There's plenty of commentary talking about this. The key is in a place that is not trivially gotten at (in other variations of such a scheme long ago, getting at the similar key amounted to dissolving parts of the chip package to get at the relevant bits, lot's of advancement has been made since then).
If you clone to the best of your ability, you'll still not get the key. If there is a way to retrieve the key, it would require more engineering effort than a theoretical software change, and likely be runni
Re: (Score:2)
Re: (Score:2)
Because part of the key comes from a UID that is burned into the CPU, and not recorded anywhere else. This makes it so that you can't unlock the image without being on the hardware itself, unless you have some kind of magical crack for AES-256, or several hundred thousand years to brute force the key.
Re: (Score:2)
There's a fresh article on Ars about how they could, in theory, decap the chip and read the UID data, then spin up clones for brute forcing, yes. But you have to know where the data is physically located, and you're likely to just destroy stuff and make it completely unrecoverable.
http://arstechnica.com/securit... [arstechnica.com]
Re: (Score:2)
All Writs Act.
Re: (Score:2)
Re: (Score:2)
You may have a point, but given that Apple isn't objecting on these grounds I'm driven to believe that their corporate lawyers don't consider that a strong argument. Not to mention that "It would cost us money!" wouldn't play well in the press. This is Apple, they have money to burn...
Re: (Score:2)
Apple isn't objecting on these grounds
You don't play that card on the first round.
Re: (Score:3)
No, a good lawyer plays ALL his cards UPFRONT. This Matlock style last second cropping up of evidence to get your client off you see on TV is not how these things work.
If you are making a motion or responding to something you put ALL of your arguments into your filings because each of these arguments must be individually dealt with by the court and you won't have the chance to go back and amend your response without a good reason. Your best chance at prevailing is at the first strike, going back later an
Re: (Score:2)
False. FAR is for executive agencies. This order came from the judiciary, which is not a executive agency at all.
Re:I don't get it ... (Score:4, Insightful)
Perhaps Apple doesn't want to divert their resources off of the products and product lines that are important to them as a company.
Perhaps Apple doesn't want the liability if they mistakenly delete all the data the FBI wants.
Perhaps Apple doesn't want to set a legal precedent that companies will result in ever increasing demands to break their products in the way the government desires.
Perhaps Apple is taking a principled stand.
Re: (Score:2)
What makes you think Apple cannot crack their own hardware/software?
I'm no Apple zealot, but it's obvious to me they *could* do what the FBI wants, write a version of iOS that allows the FBI to brute force the phone quickly. This is NOT an issue of security and doesn't really require that Apple find a vulnerability to exploit. What the FBI wants is an iOS version with a set of vulnerabilities purposely built in so they can more easily brute force the phone in question.
Re: (Score:2)
Of course Apple can deliver what the FBI wants in this case - this phone doesn't employ the much more hardened security of the 5S and above. They could comment out a couple of functions in the code (wipe after 10 attempts, increase time delay between incorrect attempts), build it, sign it, put the phone into DFU mode and upload it. It would take one engineer less than a day.
They are fighting the legal precedent of allowing a Federal Court Judge to compel a company to compromise their product on a whim. T
Re: (Score:2)
Doesn't DFU mode wipe the data?
Re: (Score:2)
I'm not making a determination on if Apple should or shouldn't do what the FBI wants and what the judge has ordered. I'm just trying to explain what they've been asked to do.
Re:you people are idiots (Score:5, Insightful)
Nice argument, but that's not what happened. Apple already made the contents of the iCloud account available to investigators, as they were ordered to. This is entirely different. They're being asked to build software that doesn't exist to subvert a security feature in iOS.
It's more like going to a safe company and asking them to build you a key that unlocks every safe. It's more complex than that, really, but it's less wrong than your analogy.
Re: (Score:2)
Maybe they're all aboard Air Force One, they ran out of room so all the law enforcement officials are on the wings.
Re: (Score:2)
On this particular phone, it is possible. Thus, they are not taking that legal strategy.
If it was a 5S or a 6, that is exactly what they would have done, because it probably is impossible without having an untold amount of computing power for an untold amount of time.
Re: (Score:2)
The FBI isn't asking Apple to decrypt the phone. It's not encrypted, it's protected by a four digit PIN. Naturally it's trivial to defeat a four digit PIN if you have unlimited retries, which is why iOS limits you to, I think, ten successive attempts before the phone is wiped.
It all boils down to the old security/convenience tradeoff. Yes, you'd like the security of a phone where all the data was encrypted with a high entropy key, but you prefer a phone that you can unlock in a few seconds then use in an