Jump to content

Apple rejects order to unlock gunman's phone


StringJunky

Recommended Posts

 

FBI agrees to unlock another iPhone in homicide case

 

The FBI has offered to unlock another iPhone for police after revealing it could access the handset used by San Bernardino killer Syed Farook.

Police in Arkansas wish to unlock an iPhone and iPod belonging to two teenagers accused of killing a couple, according to the Associated Press (AP).

Less than a day after its San Bernardino announcement, the FBI agreed to help in the homicide case.

 

Syed Farook and his wife were shot dead after killing 14 people in December.

 

A judge agreed to postpone the Arkansas case on 28 March to allow prosecutors to ask the FBI for help.

 

Hunter Drexler, 18, and Justin Staton, 15, are accused of killing Robert and Patricia Cogdell at their home in Conway, Arkansas last July.

 

Staton had been raised as a grandson by the Cogdells.

 

http://www.bbc.co.uk/news/technology-35933239

Edited by StringJunky
Link to comment
Share on other sites

 

 

I want my wife, my children, my lawyer, my doctor, my sheriff, all local judges, politicians, and bankers, to be able to hide their personal info from my enemies. I don't want my enemies to be able to blackmail or pressure people whose discretion and fair judgment is important to me.

 

The government is one of my enemies, potentially.

 

I'm late to your discussion and this will be my only comment. I read this and I just had to say that government is neither your enemy or your friend. Government does what is best for it rather than what might be best for its populace. It is concern with its continual existence and, to that end, it will lie to, cheat, and steal from its people. It will abuse and misuse it's people in service to itself. It considers itself above the laws and morals it insists our adherence. Regardless of all that, government is a reflection of its people and people can be uncivil, bigoted, disingenuous, selfish, violent, amoral creatures. However, where government ceases to reflect its people, revolution and chaos will soon follow and government will use the fear disorder infers to maintain its power. Power, invariably, corrupts but government is a power society needs to thrive--although I do agree with Apple.

Link to comment
Share on other sites

 

FBI trick for breaking into iPhone likely to leak, limiting its use

 

.....The FBI's method for breaking into a locked iPhone 5c is unlikely to stay secret for long, according to senior Apple Inc engineers and outside experts......

 

....If the government pursues a similar case seeking Apple’s help in New York, the court could make the FBI disclose its new trick.

 

....But even if the government walks away from that battle, the growing number of state and local authorities seeking the FBI’s help with locked phones in criminal probes increases the likelihood that the FBI will have to provide it. When that happens, defense attorneys will cross-examine the experts involved.

 

Although each lawyer would mainly be interested in whether evidence-tampering may have occurred, the process would likely reveal enough about the method for Apple to block it in future versions of its phones, an Apple employee said....

 

http://uk.reuters.com/article/uk-apple-encryption-fbi-idUKKCN0WZ0U0

 

Edited by StringJunky
Link to comment
Share on other sites

  • 2 weeks later...

A few relevant updates:

 

https://threatpost.com/fbi-director-challenges-absolute-privacy-claims-iphone-tool-only-works-on-narrow-slice-of-phones/117254/

The method the FBI used to unlock the San Bernardino killer’s iPhone 5C does not work on newer models, FBI Director James Comey told a crowd of students on Wednesday night.

 

In a Q&A following a keynote address at Kenyon College’s Expectation of Privacy conference in Gambier, Ohio, Comey spoke vaguely but clarified that the tool, which the FBI purchased from a private party, would not work on an iPhone 6, or 5S.

 

Comey called it “a bit of a technological corner case,” in the sense that the tool the FBI has in its possession only works on “a narrow slice of phones.”

(snip)

Comey told attendees at the biennial conference that there have been ongoing discussions within the government over whether or not they should share with Apple how the phone was cracked, adding that the FBI may ultimately tell the company, it just hasn’t decided yet."

 

Should we tell Apple what the flaw is that we found?” Comey asked Wednesday, “If we do, then they’ll fix it and we’re right back where we’re started from.”

(snip)

While the FBINhas been inundated with requests from both local and state law enforcement to unlock devices over the last few months, Comey believes that both the FBI and the “private party” can succeed at keeping how it got into the phone under wraps.

 

"The people we bought this from, I know a fair bit about them, and I have a high degree of confidence that they’re very good at protecting this, and their motivations align with ours,” he said.

I'm thinking Israeli intelligence seems likely here, but could very well be mistaken.

Link to comment
Share on other sites

A few relevant updates:

 

https://threatpost.com/fbi-director-challenges-absolute-privacy-claims-iphone-tool-only-works-on-narrow-slice-of-phones/117254/

 

I'm thinking Israeli intelligence seems likely here, but could very well be mistaken.

Yes, It would likely be some entity that is, at least, the equivalent to Apple in resource availability. I mean, they are pretty much the state-of-the-art, aren't they?

Edited by StringJunky
Link to comment
Share on other sites

  • 3 months later...

Way to always have our backs, M$!

I hate the Apple model but... This is is the problem with preserving security and keeping dabs on customer data for commercial exploitation . Whatsapp, with end-to-end encryption, and Apple, with no backdoors, seem to be genuinely concerned about aiming towards 100% security and privacy.

Edited by StringJunky
Link to comment
Share on other sites

  • 6 months later...

Is Apple ethically correct to take up this stance or is the government's need more important?

 

 

Well it is indeed an ethical grey area. Apple is correct to deny access to the government on the basis that it wants to protect the privacy of it's clients, even if they are murders, (In addition with the government's general habit of once we do something once we're gonna do it a bunch before long the government would be checking out each time you misspell corn at work while looking something up, and record it and send it to your corporate office, so we'd all be out of jobs pretty fast) But it is wrong to the victims of the shooting to not take part in dealing out retribution for the gunman's actions, and preventing him from doing it again.

Link to comment
Share on other sites

  • 9 months later...

Apple refused so what.  The real questions asked should be why did they refuse?

Was a warrent or special warrent issued?

If no warrent or special warrent was issued would accessing the phone be self incriminating? 

Would doing so without warent lead to possible civil or criminal repercussions? 

Law Enforcement seeks arrests and convictions. How there go about doesnt matter unless they get called out. Its nothing new. 

 

 

 

 

 

Link to comment
Share on other sites

This is silly, they should just decrypt the phone it would take seconds for a supercomputer, what is the password like 4 digits, brute forced in seconds literally, 10000 tries would literally take less than that, if the phone's password is how I am thinking, 0.0000000005 seconds @ 20 Teraflops, like 0.5 nanoseconds brute force decrypt on that. See I didn't even read the article and me and the FBI had the same idea, but I am much more a ass, I would just block the command that erases the data with the Processor command for halt on the instruction pipe which is 0xF4 as it is cracked in a nanosecond. (Command to erase -------->0xF4 = Halt pipe instruction)  or if may need to push it so (Command to Erase ---------------> (0x9A , 0xF4) = Push Call Halt Pipe Instruction)  

Then again this does have to hit in the middle of the command to erase or before so it would actually have to be push call.

iphone-passcode-screens.jpg

Edited by Vmedvil
Link to comment
Share on other sites

2 hours ago, Vmedvil said:

This is silly, they should just decrypt the phone it would take seconds for a supercomputer, what is the password like 4 digits, brute forced in seconds literally, 10000 tries would literally take less than that, if the phone's password is how I am thinking, 0.0000000005 seconds @ 20 Teraflops, like 0.5 nanoseconds brute force decrypt on that. See I didn't even read the article and me and the FBI had the same idea, but I am much more a ass, I would just block the command that erases the data with the Processor command for halt on the instruction pipe which is 0xF4 as it is cracked in a nanosecond. (Command to erase -------->0xF4 = Halt pipe instruction)  or if may need to push it so (Command to Erase ---------------> (0x9A , 0xF4) = Push Call Halt Pipe Instruction)  

Then again this does have to hit in the middle of the command to erase or before so it would actually have to be push call.

iphone-passcode-screens.jpg

You overlooked one small detail: limited retries.

Link to comment
Share on other sites

4 hours ago, Vmedvil said:

This is silly, they should just decrypt the phone it would take seconds for a supercomputer, what is the password like 4 digits, brute forced in seconds literally, 10000 tries would literally take less than that, if the phone's password is how I am thinking, 0.0000000005 seconds @ 20 Teraflops, like 0.5 nanoseconds brute force decrypt on that. See I didn't even read the article and me and the FBI had the same idea, but I am much more a ass, I would just block the command that erases the data with the Processor command for halt on the instruction pipe which is 0xF4 as it is cracked in a nanosecond. (Command to erase -------->0xF4 = Halt pipe instruction)  or if may need to push it so (Command to Erase ---------------> (0x9A , 0xF4) = Push Call Halt Pipe Instruction)  

Then again this does have to hit in the middle of the command to erase or before so it would actually have to be push call.

iphone-passcode-screens.jpg

Irrelevant, this could not serve as evidence in court, data has to be obtained according to the law, this is not a technical issue.
 

Link to comment
Share on other sites

1 hour ago, koti said:

Irrelevant, this could not serve as evidence in court, data has to be obtained according to the law, this is not a technical issue.
 

They originally thought they couldn't obtain the information themselves, which is why they went to Apple. So it was, at least in part, a technical issue. But a brute force solution just shows ignorance of the details.

Link to comment
Share on other sites

5 minutes ago, swansont said:

They originally thought they couldn't obtain the information themselves, which is why they went to Apple. So it was, at least in part, a technical issue. But a brute force solution just shows ignorance of the details.

It wouldn’t be a wild assumption to think that they could have had the data since day 1 and went to Apple just to avoid hundreds of millions in law suits and an international precedent. Vmedvil is right pointing out that technicaly it’s not such a big issue. 

Link to comment
Share on other sites

6 hours ago, Vmedvil said:

This is silly, they should just decrypt the phone it would take seconds for a supercomputer, what is the password like 4 digits, brute forced in seconds literally, 10000 tries would literally take less than that, if the phone's password is how I am thinking, 0.0000000005 seconds @ 20 Teraflops, like 0.5 nanoseconds brute force decrypt on that.

Where can I buy a 20 Teraflop iphone?

Link to comment
Share on other sites

2 hours ago, koti said:

this is not a technical issue

Yes it is.

Specifically, they ask for software changes making it easier to hack an iphone, which could be used on an iphone NOT in their posession.

If you have an iphone in your possession that you need to hack, you only need an engineer to physically open it and retrieve any data from it.

 

Link to comment
Share on other sites

3 hours ago, Carrock said:

Where can I buy a 20 Teraflop iphone?

That would be like a low level supercomputer connected to the phone trying to decrypt it.

7 hours ago, StringJunky said:

You overlooked one small detail: limited retries.

No, the Proccessor command would halt the pipe that is machine code for Halt processor pipe in the phone instantly, send that to a computer sometime and see what happens, basically if you send that in the middle of a command like that it will error the command, then the computer will think it is stacking on that command and stop trying to do it.

(Push Call, Halt Pipe)

(0x9A , 0xF4)

If you are really worried about it, you can add loop on it.

(Push Call,Loop,Halt Pipe)

(0x9A , 0xE0, 0xF4)

That will completely freeze the phone.

Processor Instruction listing in Machine Code.

5 hours ago, swansont said:

Of course it matters. The police has to follow the rules.

Yes it would be be able to be admitted in court, as long as they had a search order from the judge, at that point it doesn't matter, how they search it it is all legal, It would be the same as unlocking a safe that had Drugs in it that you had a order to search from the judge.

2 hours ago, iNow said:

As shared earlier in this (old) thread, we also believe a technique to get at the data was provided by Israeli intelligence and they got it anyway

Well, it would not be that hard to do, basically just knowing how CPU commands work.

3 hours ago, Roamer said:

Yes it is.

Specifically, they ask for software changes making it easier to hack an iphone, which could be used on an iphone NOT in their posession.

If you have an iphone in your possession that you need to hack, you only need an engineer to physically open it and retrieve any data from it.

 

I agree, but they need not change anything, that command would be too big to be below machine code, even Reformat HDD is still CMD which is larger than a machine code command, just error it as it passes through the CPU.

Edited by Vmedvil
Link to comment
Share on other sites

Quote

The FBI wants to initiate a “brute force” attack on the iPhone of the San Bernardino shooter. It would use a computer to generate and test all the possible combinations of the iPhone’s password until it gets in. Depending on the composition of the password, that could take as little as 13 minutes and as long as a lifetime. But there’s a problem. The iPhone in question will brick itself after 10 failed attempts. That’s the backdoor the FBI wants — a firmware update to allow for unlimited tries without any slowdowns (after six failed attempts the phone will lock out a user for increasing amounts of time).

https://nerdist.com/heres-why-the-fbi-cant-hack-an-iphone/

 

Knew I remembered something to that effect. Been awhile and they got in anyways so...

Link to comment
Share on other sites

8 hours ago, Vmedvil said:

That would be like a low level supercomputer connected to the phone trying to decrypt it.

No, the Proccessor command would halt the pipe that is machine code for Halt processor pipe in the phone instantly, send that to a computer sometime and see what happens, basically if you send that in the middle of a command like that it will error the command, then the computer will think it is stacking on that command and stop trying to do it.

(Push Call, Halt Pipe)

(0x9A , 0xF4)

If you are really worried about it, you can add loop on it.

(Push Call,Loop,Halt Pipe)

(0x9A , 0xE0, 0xF4)

That will completely freeze the phone.

Processor Instruction listing in Machine Code.

Yes it would be be able to be admitted in court, as long as they had a search order from the judge, at that point it doesn't matter, how they search it it is all legal, It would be the same as unlocking a safe that had Drugs in it that you had a order to search from the judge.

Well, it would not be that hard to do, basically just knowing how CPU commands work.

I agree, but they need not change anything, that command would be too big to be below machine code, even Reformat HDD is still CMD which is larger than a machine code command, just error it as it passes through the CPU.

Ya, I am about to eat my words I didn't think it was possible but there is a Brick Processor command in Iphones (0xFFs), that no that wouldn't work screw Apple.

Ya, if they made something like this there is no way to keep it from bricking (Call to Interrupt, Brick)(0xCD,0xFFs)

Even if you (Call to Interrupt, Halt Pipe) =(0xCD, 0xF4) 

It would still brick probably. 

I assumed Apple was dumber or smarter than that, that is a huge design flaw/protection mechanic, If you wanted to brick Iphones they have a built in way to do it.

Edited by Vmedvil
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.