Yes but they also said that under their newest OS the phone's can't be unlocked at all, so knew OS means no way to get the data, hence "impossible".
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Apple Tells U.S. Judge 'Impossible' To Unlock New iPhones
- Thread starter HardOCP News
- Start date
Yes but they also said that under their newest OS the phone's can't be unlocked at all, so knew OS means no way to get the data, hence "impossible".
What's that got to do with what I'm saying at all? I'm talking about Apple farming their user's data. You know, usage, searches, or whatever else they feel like grabbing.
I'm not talking about a locked phone, in a court case, cause someone committed a crime and they want the data off the phone.
That's what this judge versus Apple thing is all about. Not a locked or unlocked phone (screen) but whether or not Apple has (backdoor) access to a phones data regardless. Either Apple is telling the truth or the government will be upset that they don't actually have that kind of access to user data that the government can try and make them give to them for 'national security'.
steakman1971
2[H]4U
- Joined
- Nov 22, 2005
- Messages
- 2,433
I would say Apple is probably telling the truth. A strong encryption algorithm is not easy to "break" - if Apple had a "backdoor", this would be a disaster for their security image. Who would trust it as you don't know who has a key?
Take a look at the algorithms used in popular password tools (such as KeePass, LastPass, 1Password, etc). Do you think the developers can easily access your encrypted data? I sure hope note - otherwise, you better find another solution.
Mathematically, you could try to crack the encryption. Given sufficient time and computing resources, I would imagine you could eventually brute force it. A cryptologist might have a better strategy to use.
Take a look at the algorithms used in popular password tools (such as KeePass, LastPass, 1Password, etc). Do you think the developers can easily access your encrypted data? I sure hope note - otherwise, you better find another solution.
Mathematically, you could try to crack the encryption. Given sufficient time and computing resources, I would imagine you could eventually brute force it. A cryptologist might have a better strategy to use.
Some of it's been around since iOS 3 and the 3GS, although back then jailbreaking could give you enough information to break it. A lot of the improvements from 4 onwards on older hardware does not apply unless you restore your device though.
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
Yea...Apple may well believe there's no backdoor key.
Ya. They're utterly beyond naive for thinking that. Remember how the NSA cracked SIM cards by hacking the SIM card manufacturers en masse? Remember how they beat the IPSEC protocol standard from the inside?
Apple may well not know of a backdoor....but they're utter fools to think for a second every major intelligence agency didn't figure one out a long time ago.
It doesn't sound like you, nor the majority of the people who have posted, know the slightest idea about the mathematics involved with encryption.
It's completely conceivable that the encryption Apple has employed for iOS devices is impossible to break within a lifetime.
Unlikely, as computer's just keep advancing. 128 bit encryption use to be tough. Now it's easy. Why new encryption methods keep coming out.
Today's Apple encryption might be hard, but maybe 5 years from now, it'll take 2 mins to crack with a quantum computer.
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
No I do know the mathematics and have studied them.
However you completely disastrously underestimate the sneaky and underhanded ends to which NSA, CIA, and all the other spy agencies will go to get inside someone's digital life. Just like the SIM card debacle. All you need to do is phish one employees email....you get their email...then you get their account info then step by step you gain access to the corporation's data and code....then you beat the encryption from the inside by simply walking around it and not having to beat it. If the NSA had a mole, all they would need to do is pay an Apple employee a hefty "bonus" to insert some code in iOS or iCloud to let them completely circumvent the encryption.
Stop pretending everyone is a f*cking boyscout who will play by the rules and act honorably. Spooks are out to get that info, and by god they'll get it. Apple may be completely ignorant about it...but to think for even a second that there's encryption security in place that cannot be beaten by the NSA is laughably childishly naive.
That's reaching at best right now. There are limits to everything and there may be limits as to what NSA super computers can crack (256 bit encryption doesn't sound uncrackable though...lol) . I'm also sure one guy isn't working on the code or implementing it a Apple without other people double checking it or running it through some kind of filter.
Apple isn't on top for no reason. They have some minds there, too.
AES Wiki (Under security)
I'm not sure if the government would allow AES 256 bit encryption for top secret government documents as a standard if it wasn't safe enough, still. Apple actually might be just out of reach of the governments prying eyes and they're not too happy about it.
In my opinion.
Paranoia is not the opposite of naïveté.
Ocellaris
Fully [H]
- Joined
- Jan 1, 2008
- Messages
- 19,077
Pretty sure you don't understand how encryption works... Just because a company enables encryption doesn't always mean they can decrypt the data.
D
Deleted member 93354
Guest
Skripka
[H]F Junkie
- Joined
- Feb 5, 2012
- Messages
- 10,791
It isn't paranoia if they are out to get you. Did this teach you nothing?
http://arstechnica.com/tech-policy/...nsa-and-gchq-leaving-cell-networks-wide-open/
GHCQ were sure they were safe and that their measures unbeatable too...boy were they idiots. Quit talking about "breaking" encryption like it is some wicked nearly-impossible mathematical feat (strictly speaking the math by itself is)-the math may be hard but gaming the people responsible for the math is easy and something groups like NSA have been doing for decades.
GHCQ should teach you that NSA most likely already has keys to iPhone and iOS. Whether Apple knows it or not.
D
Deleted member 93354
Guest
This is why perfect forward secrecy is so effective. Even if Apples master keys were cracked, it would be damn near impossible to decode for everyone
While the Snowden leaks confirmed that the NSA was intercepting and decrypting an enormous amount of internet traffic, they also revealed that there were several communications protocols that they had been unable to break.
Apple is on top as a developer, the NSA is on top as a breaker and master of encryption and signals collection. Even after a year of reading about some of the tricks the NSA pulls it doesn't even scratch the surface. I've done Signals Collection, the other day we were talking about drones and jamming them and some drone guy thinks his drone can't be jammed because it changes frequency too fast. Too easy I say, all I have to do is jam them all, broad spectrum jamming has been around for awhile and it works just as well for jamming a lot of radios as it does for jamming one radio that thinks it's too smart for school.
What I am saying is that these guys look at everything from entirely different angles and see solutions and oportunities the average guy, even the really smart guy, wouldn't think of.
You're generalizing and making assumptions. Quoted from your linked article:
"To steal the SIM encryption keys, MHET exploited a weakness in SIM manufacturers' business routinethat SIM card manufacturers tend to deliver the corresponding Kis to mobile carriers via e-mail or File Transfer Protocol. "
That situation isn't a one size fits all. And guess what? The encryption method in this instance wasn't even broken. This 'hack' was the equivalent of stalking a coworker and finding out he keeps his passwords in a notebook sitting on his desk. The keys in this instance were also incredibly easy to come by because the SIMs, like chip-less Credit Cards, contain the keys in an easily readable format. This is NOT the case with iOS encryption.
This statement is disastrously naive. There aren't 'universal' keys that can be stolen. The unique decryption key is generated from the moment the user creates a passcode on the device and is only stored on the user's device hardware and it is only valid for that one passcode/device combination.
Whatever, I must be too old, can't make sense of this at all.
D
Deleted member 108676
Guest
This forum amazes me. Apple does something that should be applauded, yet, because its Apple its not good enough or they're lying.
For fucks sake.
For fucks sake.
Kalabalana
[H]ard|Gawd
- Joined
- Aug 18, 2005
- Messages
- 1,313
So the older iPhones are accessible, the latest are not, Steve Jobs was not alive for the latest iPhones, and was alive for the old ones.
I don't think your assessment of Steve Jobs in any way influenced this story.
http://hardforum.com/showpost.php?p=1041923597&postcount=23
Alright, plenty want to take pot shots and make absurb cross takes on my posts, but after 40 posts no one wishes to address this one. Like I said, just ignore it, this isn't happening right. So many of you flip your wigs and raise your voices in rabid indignation but I point this out for like the 10th time and no one wants to touch it.
Is it you don't know how to approach such a thing? Do you think it's a false claim, undeserving of your attention?
Where are your fine ethics and morals when thousands of Americans are under a massive surviellance program every day of their lives both at work and in their private lives?
Where is your outrage?
Where is your indignation and anger?
How can you claim the moral high ground and ignore this?
Fucking hypocrites
Alright, plenty want to take pot shots and make absurb cross takes on my posts, but after 40 posts no one wishes to address this one. Like I said, just ignore it, this isn't happening right. So many of you flip your wigs and raise your voices in rabid indignation but I point this out for like the 10th time and no one wants to touch it.
Is it you don't know how to approach such a thing? Do you think it's a false claim, undeserving of your attention?
Where are your fine ethics and morals when thousands of Americans are under a massive surviellance program every day of their lives both at work and in their private lives?
Where is your outrage?
Where is your indignation and anger?
How can you claim the moral high ground and ignore this?
Fucking hypocrites
Ocellaris
Fully [H]
- Joined
- Jan 1, 2008
- Messages
- 19,077
http://hardforum.com/showpost.php?p=1041923597&postcount=23
Alright, plenty want to take pot shots and make absurb cross takes on my posts, but after 40 posts no one wishes to address this one. Like I said, just ignore it, this isn't happening right. So many of you flip your wigs and raise your voices in rabid indignation but I point this out for like the 10th time and no one wants to touch it.
Is it you don't know how to approach such a thing? Do you think it's a false claim, undeserving of your attention?
Where are your fine ethics and morals when thousands of Americans are under a massive surviellance program every day of their lives both at work and in their private lives?
Where is your outrage?
Where is your indignation and anger?
How can you claim the moral high ground and ignore this?
Fucking hypocrites
Your post is like over sensationalized nonsense and a lot of people just don't give a shit. Not every thread needs to be saturated by tinfoil hat doomsayers.
D
Deleted member 93354
Guest
And if it's a really smart drone it will return to base on it's on once it realizes it is being jammed.
Validate heading against a GPS and compass. If they are in disagreement, validate based on sun position and time or if night time against the moon or stars.
It's not impossible to counter act countermeasures.
D
Deleted member 93354
Guest
http://hardforum.com/showpost.php?p=1041923597&postcount=23
Alright, plenty want to take pot shots and make absurb cross takes on my posts, but after 40 posts no one wishes to address this one. Like I said, just ignore it, this isn't happening right. So many of you flip your wigs and raise your voices in rabid indignation but I point this out for like the 10th time and no one wants to touch it.
Is it you don't know how to approach such a thing? Do you think it's a false claim, undeserving of your attention?
Where are your fine ethics and morals when thousands of Americans are under a massive surviellance program every day of their lives both at work and in their private lives?
Where is your outrage?
Where is your indignation and anger?
How can you claim the moral high ground and ignore this?
Fucking hypocrites
cry me a f'ing river. You're the one who decided on his own to work for them. Just like my employer has the right to spy on me. Should I be crying like a pansy ass like you?
Not a hypocrite.
The government should be in fear of the people, otherwise if the government gains too much power then repression begins. This is the very sentiment of the forefathers. Gov't MUST be held accountable to the people. Not the other way around. The government makes you live in fear saying, "If we don't get this you will die" BS That is the people living in fear of the government. And that was your very statement. "Apple if you don't give me this, I will f'ing crush you." That is not democracy.
Any country that puts any major attack on us is just asking for their ass to get kicked. If you can't stand a bloody nose for being the big player on the block, then you shouldn't be on the f'ing playground.
Democracy and Freedom are not free, but have to fought for. By passive peaceful disagreement I am fighting for the freedom of everyone on the net even if I don't agree with their ideals.
I understand that which is why it comes down to current day technology and its capabilities. The NSA may not have actual the tech (computing power) needed to counter AES 256 encryption right now (or maybe they do). The only other real way would be to use a mole and even that is possibly a long game and could take years to accomplish if ever. However Apple being worth hundreds of billions buys them some real high tech security in this world. I'm also sure the NSA fails at some stuff all the time, they just don't like it publicized.
And remember the government is currently complaining that they want this backdoor from Apple which implies they currently don't have it. Maybe they do and are just putting on a front for the public or maybe they really don't and that's why they had tried to make it law to have them built-in (and failed) because they currently can't just do it no matter how hard they want it right now with current tech. I'm sure there's a way and I'm sure they'll eventually find it but that doesn't mean they've already found it and by the time they do we'll more than likely have moved onto something that requires even newer techniques to counter.
I don't feel this analogy fits here. A drone is controlled remotely, encryption is self contained. Apples and orangutans.
Oh mighty Apply user. Along with a fresh Yelp Critic Elite Gold badge just for you, please tell us how Android = spyware?
Except that Apple has been known time and time again to be insecure. Sure, Apple will probably try it's best to close out vulnerabilities, but we already seen their track record. Why break the encryption, when there's usually other ways of going around it.
A backdoor just makes things easier, less time consuming, and less resource intensive. It's pretty much guaranteed that an intelligence agency like NSA can get into an iPhone, but why pour your resources into it, if you can force the developer to make a door for you.
If you reread that part of my post that you're now quoting you'll see that I was talking about the NSA getting a mole into Apple physically (their physical high tech security in place). You're talking about their software now using my words that were talking about a mole inside Apple the company.
Usually does mean not always, right (usually it works on Android but not on IOS)? Apple is the most closed off ecosystem for smartphones, right?
Maybe Apple patched up all the NSA's once working vulnerabilities or maybe Apple kicked their trojan apps out of the market place recently. Or maybe getting onto the phone isn't the same thing as getting all the data they need from the layer of the phone that they want it from. Maybe Apple knows more than you and I know and Apple is tired of the NSA playing spy games inside their business and its customers devices. I'm just throwing stuff out here to see if something sticks though.
Why didn't you say it was 100% guaranteed? I know why, because it's not. The NSA is offensive but defense is very strong these days and getting stronger everyday (for companies that actually care).
They can't as of right now but correct me if I'm wrong.
"Our business model is very straightforward: We sell great products. We dont build a profile based on your email content or web browsing habits to sell to advertisers. We dont 'monetize' the information you store on your iPhone or in iCloud. And we dont read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple." - http://www.apple.com/privacy/
Apple has over $200 billion in cash on hand, and they didn't have to market any user data to third parties to earn it.
"We and our partners use various technologies to collect and store information when you visit a Google service, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services we offer to our partners, such as advertising services or Google features that may appear on other sites. Our Google Analytics product helps businesses and site owners analyze the traffic to their websites and apps. When used in conjunction with our advertising services, such as those using the DoubleClick cookie, Google Analytics information is linked, by the Google Analytics customer or by Google, using Google technology, with information about visits to multiple sites. Information we collect when you are signed in to Google, in addition to information we obtain about you from partners, may be associated with your Google Account." - http://www.google.com/intl/en/policies/privacy/
Sorry, thought you were talking about buying high tech security like encryption. As there really isn't any actual high tech physical security, that stops a mole. Look at Snowden for example.
Sorry, my bad. I'll just say always then. There's always vulnerabilities in software or operating systems.
Maybe reverse of all that is true and Apple is just saying it all, while opening up the phone to the US government.
Actually, defense is worse than it's ever been. Only getting worse as time goes how. How many companies have gotten hacked this year?
That's true. On Oct 1st, they said they won't force companies to do such. Hopefully, no other countries come out and force them to either.
From what Apples says, that's not the case. Google's primary business is advertising. Apples primary business is selling your devices and apps. My guess is they mostly just collect analytics.
Regardless, I don't know why steve thinks this is impossible. If they don't know the private key, then isn't it kinda like Spider Oak (who can't help you if you lose your password).
Stops, no, minimizes, yes. No one would claim they can be 100% successful at anything though. I'm also sure there were steps that could've helped prevent Snowden from doing what he did and I'm also sure some new policies were put in place after Snowden to help prevent it in the future. I'm sure Apple has some pretty high tech physical security as well (Intelligent monitoring, split responsibilities, etc).
And they're ever changing, too. That's a great reason to break encryption right there. Imagine if the door to your house was in a new spot every so often. That would sure be annoying, especially if you're in a hurry.
And risk their entire company's reputation? That sounds way less plausible. If that were the case then we probably wouldn't be hearing about Apple telling a judge they can't unlock a phone right now. They would've just not brought the topic up at all. We're only talking about it because this debate is happening with Apple and the courts.
Worse than ever? Older firewalls were simple packet filters. I'm pretty sure it's just that more people are online now and thus more company's are being targeted more now online than ever before. To assume they don't adapt to it though in anyway is naive. Especially considering they see others getting hacked and don't want it to happen to them. Are some lazy, absolutely, some are not though.
I think that's what this is all about. The government(s) want to see how hard they can push the big corporate players around without them calling foul in the public spectrum.
Really? Oversensationalized. What if it was you under this microscope?
http://www.foxnews.com/politics/2014/03/10/us-officials-plan-system-to-monitor-behavior-workers-with-security-clearances/
http://thehill.com/homenews/administration/195326-presidents-goal-for-nsa-reform-no-more-edward-snowdens
http://www.pbs.org/newshour/rundown/us-intelligence-officials-monitor-federal-employees-security-clearances/