HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
For a second there, it sounded like Apple was saying it can't figure out how to bypass your passcode. I'm sure that's not the case. 
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Apple No Longer Unlocking iPhones For Police, Search Warrant Or Not
- Thread starter HardOCP News
- Start date
You know, its just like when someone has an encrypted drive and the court orders the guy to give up his password. It shifts burdon back to the courts and people its accusing of crimes versus apple. I hope it really is impossible for them to get access to the data. I doubt it is, but hope etc.
D
Deleted member 136890
Guest
Hahahahahahha bull mf'r shit. Apple is talking out the other side of their mouth again. Common now Apple atleast tell the truth for once.
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
I guess if you really want to keep things a secret, it's face to face meetings and burying stuff in your back yard...
If it was easy for Apple to do so, it'd be easy for others to do so. If there was a backdoor and Apple could bypass it, it'd be found by someone and it'd be a huge security hole. Not something I'd want in my business.
If it was easy for Apple to do so, it'd be easy for others to do so. If there was a backdoor and Apple could bypass it, it'd be found by someone and it'd be a huge security hole. Not something I'd want in my business.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
Thats what they're doing. The encryption/decryption key lives on the iOS device itself.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
Ur_Mom
Fully [H]
- Joined
- May 15, 2006
- Messages
- 20,689
I hope that the American people have learned their lesson to NOT give a lot more power to the government due to a 'terrorist attack' or whatever.
Also - I'd love for it to "go dark" for them. American's encrypting all their data. Maybe it's a sign that they don't want people looking through their shit. Seems pretty clear to me.
True for the device.. if I understood correctly, they will still hand over data from the 'icloud', and I saw no encryption mentioned for the remote storage (cloud is such a stupid name to me)
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
That is also encrypted... with the same key as the device (which is only stored on the device itself, not in the could or on apples servers). As an additional layer of security, that passcode is also entangled with the devices UDID, making bruteforcing the 'backup' in the cloud not feasible
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
here's another article about it
http://arstechnica.com/apple/2014/0...ion-under-ios-8-making-handover-to-cops-moot/
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
It's not limited to just 4 numeric characters. And as the article points out, it also entangles it with the devices UDID to make it a much more complicated to decrypt
I am talking about the device itself. While yes you can make a more difficult passcode. How many people who own iPhones actually use something other than the 4 digit numeric passcode? Maybe 1% or less, even more likely.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
You can't fix stupid. The end user will always be the weak link. For the security conscious, however, this is awesome news.
However, after a few failed attempts on iOS, even with a 4 digit code, it will lock you out for 'x' amount of time (iirc, 5 or 10 mins). You also have the option to wipe the phone after 10 failed attempts.
So while it's not as secure, it still offers even people that use a 4 digit password a nice level of protection.
BettiePage
Limp Gawd
- Joined
- May 16, 2007
- Messages
- 315
Nothing is wiped... the data is still on the phone you just can't see it by default. But I am sure the gov can still access it after a "wipe" unless all the data blocks are written over and "wiped" again.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
it doesn't do a multipass wipe (solid state), it destroys the stored encryption key rendering all data on the drive useless garbage.
Here's the problem.
But, if Apple is required by law to release data on order from Government and they take steps to make that impossible, all the Government has to do is Charge or Fine them for purposefully taking steps designed to circumvent their legal responsibility. They are playing with fire here.
At best for Apple, the Government might ignore it and let them slide. Next up is not so good, they simply force Apple to change their OS so that they can be in compliance with US Law or even worse, the US Government simply destroys Apple, maybe not so bad for us at all, but would suck for Apple.
Then you have the follow-on of new laws written to make it abundantly clear to US businesses that they can't get away with something like this.
Now some of you are going to jump on my ass for simply telling you how things are likely to play out. That Apple has a responsibility to comply and they can't obviate that responsibility by saying, "Sorry Bro, No can do" cause the Feds are going to say, "Do it or we will fine you for every instance of a failed release of information and the fine will not be small. Maybe the Government will try to play this low key and let the Judges sort it out for them., try to take a hands off approach. Or maybe they will keep it all back-room secret like other meetings they sometimes have with tech companies.
Either way, I think Apple is taking a huge risk because they have now publicly stated that they have engineered their own refusal to comply with US Law.
But, if Apple is required by law to release data on order from Government and they take steps to make that impossible, all the Government has to do is Charge or Fine them for purposefully taking steps designed to circumvent their legal responsibility. They are playing with fire here.
At best for Apple, the Government might ignore it and let them slide. Next up is not so good, they simply force Apple to change their OS so that they can be in compliance with US Law or even worse, the US Government simply destroys Apple, maybe not so bad for us at all, but would suck for Apple.
Then you have the follow-on of new laws written to make it abundantly clear to US businesses that they can't get away with something like this.
Now some of you are going to jump on my ass for simply telling you how things are likely to play out. That Apple has a responsibility to comply and they can't obviate that responsibility by saying, "Sorry Bro, No can do" cause the Feds are going to say, "Do it or we will fine you for every instance of a failed release of information and the fine will not be small. Maybe the Government will try to play this low key and let the Judges sort it out for them., try to take a hands off approach. Or maybe they will keep it all back-room secret like other meetings they sometimes have with tech companies.
Either way, I think Apple is taking a huge risk because they have now publicly stated that they have engineered their own refusal to comply with US Law.
oh, wow.. besides being a better article, seems Apple is quite serious about this stuff. If they start fighting the government's blanket invasions (via the NSA, whatever), we will know it is true. Man, iphone a serious consideration for the first time for me.
I agree. Besides, all the police need to bypass the passcode is the PC/Mac it was last 'synced' with. They were very specific about it being Iphones and Ipads that are 'inaccessible'.
I'm pretty sure Apple's legal counsel has more insight on evidence laws that you and I do not mean that in an insulting manner. They would not do this lightly. I'm sure they ran this through an army of lawyers to check their liability.
You want Apple to tell the truth for once? Steve Jobs is rolling w/ laughter in his grave.
This has nothing to do with Evidence laws, Military Intelligence Organizations are not concerned with such things because their targets are not US Persons. The NSA is a DoD Agency, they are charged ammong other things with conducting SIGINT against Foreign Targets and sometimes those Foreign targets are on US Soil and by phones from Apple. The law says if the NSA requests that data then Apple has to give it up and I don't think the Feds are going to accept excuses when Apple has come right out and said that they are doing it on purpose so they can avoid compliance.
As soon as you stop looking at this from a US Person's point of view you start to see the issue clearly. If Apple's lawyers view this as solely a US Citizen's Privacy issue then they are looking at it wrong and completely misunderstanding how tenuous this position is. They serve customers who are protected and they server customers who are not protected and they must be able to comply with Federal requirements to produce the records on those legitimate targets as the Law demands.
We'll see how far it goes. If anything its a stunt to make people think that Apple is your best friend and you can't go wrong buying an IPhone6 with IOS8.
As soon as you stop looking at this from a US Person's point of view you start to see the issue clearly. If Apple's lawyers view this as solely a US Citizen's Privacy issue then they are looking at it wrong and completely misunderstanding how tenuous this position is. They serve customers who are protected and they server customers who are not protected and they must be able to comply with Federal requirements to produce the records on those legitimate targets as the Law demands.
We'll see how far it goes. If anything its a stunt to make people think that Apple is your best friend and you can't go wrong buying an IPhone6 with IOS8.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
How so? For your phone to even communicate with itunes/a pc, it needs to be unlocked.
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
There is NOTHING stopping Apple from handing over your data backups from iCloud when it's requested w/a warrant... they just don't have the ability to decrypt it (nor do the Feds or anyone else for that matter... at least at the moment). Only the end user does.
There is nothing illegal about that. Thats like saying it's illegal for individuals/businesses to use encryption (with their own keys). I think Apples motivation, in large, is the fappening hack... which allegedly was made possible with forensic tools... used by law enforcement.
MrCaffeineX
[H]ard|Gawd
- Joined
- Aug 22, 2011
- Messages
- 1,604
Perhaps he means that there is a way to extract the information from an iPhone backup conducted by iTunes on a PC/Mac? Unless iTunes encrypts the backup, then it is available on the PC/Mac afterward, isn't it?
dr.stevil
[H]F Junkie
- Joined
- Sep 26, 2008
- Messages
- 9,266
I see what you're saying. iTunes, by default, syncs it to icloud, completely encrypted. Additinally, you can choose to store it locally in the event you don't want to use iCloud... encrypted or un-encrypted (users choice. There is a small check box to choose which one you want to use)
The talking heads on CNBC's Closing Bell were just saying this is bad for US 'National Security' when trying to stop a terrorist. So, if you support this move from Apple you're basically kicking kittens and children right into the hands of the terrorists.
You support terrorism?
Correct
You can try and argue your way around it, I'll just wait and see how it shakes out. but I know what the end result will be and it will be that the Government will get what they want because what they want is legal and proper in this matter. My opinion, like everything else, we'll see how it turns out.
This is easy to get around legally for Apple. All they have to do is move. If the US government comes demanding with the threat of a massive fine, Apple can simply say we will take our billions in tax revenues and go to X country. That would be a kick in the balls to the US government. Not only could Apple absolve themselves of the legal reach of Uncle Sam, they could also piss off a lot of people in the USA by blaming their leaving on the governments incessant demands for information that only about 10 people not in government believes they should have access to anyway. So the government does not get their info, is responsible for chasing away billions of dollars in tax revenue and one of the most liked companies in America. Seems like a real win for the government.
Because moving has anything at all to do with national laws these days. Maybe talk with some Google people about how swell it is being an American Business operating in China and having immunity from Chinese law
Because moving has anything at all to do with national laws these days. Maybe talk with some Google people about how swell it is being an American Business operating in China and having immunity from Chinese law
Apple can get away with things that Google can't. Apple doesn't host time sensitive data centers. Time sensitive in the sense that Google search requires as low of latency as possible. Apple could afford to move all of their data centers to a country that won't hassle them and its users would experience a 15 second delay on their itunes purchases. This involves more than just moving their country of corporation. This would require a major move of everyone and everything Apple has. Not saying they will ever do this but it is a handy threat to have in their pocket of ways to tell the government to fuck off.
it's not relevant because there is no legal basis for requiring businesses to decrypt private information for law enforcement. sure, they can compel Apple to hand over what they have access to with a proper warrant, but they can't require Apple to actually crack users' encrypted data.
"It also mentions that when an iOS 8 device is not associated with a Wi-Fi network, and the processor is asleep, the device uses a randomized Media Access Control address.
"Because a device’s MAC address now changes when it’s not connected to a network, it can’t be used to persistently track a device by passive observers of Wi-Fi traffic," the document also states."
Apple really making large strides protecting its customers from prying eyes. It's going to be tough to hate on but we're only two pages in so...yeah
"Because a device’s MAC address now changes when it’s not connected to a network, it can’t be used to persistently track a device by passive observers of Wi-Fi traffic," the document also states."
Apple really making large strides protecting its customers from prying eyes. It's going to be tough to hate on but we're only two pages in so...yeah