There is no such thing as a "secret back door" in technology. Once you open a back door, it's no longer secure. Period. End of story. The belief that only the Good Guys will have access to this is very naive.

Now, I understand the frustration by the FBI who wants to gain access to information that the San Bernardino shooters had on the phone. I think one of the things they requested from Apple was to somehow install a patch that would remove the 10-strikes-you're-out passcode policy so they could brute force their way in. The thing is, if such a patch existed, it would mean there was, in fact, a back door. One that I think would actually be quite easy for anyone to use if you were savvy enough with a jailbroken phone.

Apple has a great case here. It'll be interesting to see if the FBI will push it. Because I don't think "build us a whole new operating system" falls under reasonable help.

They want Apple to essentially create a new version of iOS that bypasses the phones security features and allows them to leverage external computing power to brute force the passcode. The FBI is huffing paint if they think such a thing is a totally safe one time deal for one phone and anyone who buys that the FBI is only going to use this once is likewise huffing paint.

Basically, the FBI is asking Apple to effectively compromise its entire product line and customer base. Even putting aside the disastrous security implications it would be disastrous from a purely business stand point for Apple. They would need to start all over again on R&D and everyone would basically have to buy a new phone.

The modern iPhone is a sort of suicidal black box. Any attempt at brute forcing it has to be run on the phone itself. But its device ID ( and thus key to its encryption ) cannot be retrieved by software running on the phone. Nor can it be retrieved with firmware because updating the firmware causes the phone to wipe the existing keys. Thus losing access to the data anyway.

The iPhone commits suicide if you try to brute force it on a software or hardware level. Even putting aside the iOS protections, the hardware design and architecture itself make brute forcing it's device ID effectively impossible. Even if you did somehow manage to find a way to leverage an external brute force attack on the device ID, the hardware has inbuilt protections that would drag the process out for years.

As for the device ID that the iPhone uses as the basis of its encryption; It is set during manufacturing and exists within a closed pipeline basically. Neither Apple nor the manufacturer know the device ID that gets set let alone record it and neither can even retrieve it.

That's why the FBI is having so much trouble to begin with and why they're asking to brute force the passcode instead of the encryption. The encryption would take years even if they could hook the phone up to an external computer network.

Brute forcing the passcode on the other hand would take about 20-30 minutes if it was possible to do it with an external computer network and without the phone committing data suicide on the 10th failed attempt.

There has to be some middle ground between "Fuck your company, give us full access" and "Fuck you, you get NOTHING".

Like have Apple download messages, send them to the FBI, then wipe the phone so the FBI can't figure out how to do it.

There is no middle ground. All data on an iPhone, including texts, photos, etc have been encrypted by default since iOS8 I think it was. There is no way to retrieve the messages without, in essence, undermining decades worth of security R&D.

Creating a back door is letting the genie out of the bottle. If Apple succeeds, they prove its possible and it will be replicated in the wild by hackers. Even if every engineer involved has his tongue cut out and gets shipped off to Gitmo. There's also no way the FBI is just going to do this once. Once there's a precedent they'll just go "well you did it last time" every time they want something.

It would be the death of Apple as a business. No one wants a smart phone the American government has full access too. People will abandon ship to the next company with solid security measures. As will The Terrorists(tm).

Then next up the FBI will be trying to order Samsung or HTC to break their phones for example. And it'll just move its way through the brand names till no smart phone manufacturer will touch the American market and no international market will touch American smartphones. -.-

I read an article (can not find it again) the other day that said Apple has done this (backdooring a phone/bypassing security) before but with older versions of the IPhone OS. I assume that from that article, say last 2 versions, have the stronger encryption/wipe feature.

Might that be this article?

http://www.thedailybeast.com/article...es-before.html

iOS7 and earlier to be specific. Since iOS8 all data on the phone, including text messages, photos and the like, are encrypted by default. Prior to that, it was not encrypted by default and could be extracted without having to crack said encryption. So yes, it use to be possible to extract some information from older phones if the owner did not go out of their way to enhance the phone's security.

That's not exactly backdooring though. As no encryption was in place to begin with on the data extracted. The data was just there and could be copied off of the phone. With the current generation that's not possible.

What the FBI is currently doing is basically using a legal ass pull applying a statute from 1789 that essentially lets them compel assistance from Apple. A judge in NY already rebuffed the government for trying to use the statute in this manner the last time they tried it. To quote him:

Judge Orenstein:

John McAfee says he'll do it for free:

http://truthinmedia.com/mcafee-will-...no-phone-free/

Apple suing McAfee into oblivion in 3..2..1..

He also sounds like a colossal prick. The entire last three paragraphs of that article are just overwhelming with their superiority complex. He compares his genius to Mozart, and claims he and his team will do in three weeks what major tech companies and government intelligence can't.

It seriously sounds like one of those stereotypical CoD kids who posts rants about how they're a Real Navy SEAL Sniper™ with a thousand confirmed kills, but with a keyboard instead of a gun.

This topic came up on another board I go to sometimes. No one there is taking the side of the government, except for one or two of the "Government is always right" types.

One of the members there had an interesting theory on this: He believes that the government doesn't expect to actually find anything on their phone. They've just always hated that something exists that they can't easily crack, and they're using this as an excuse to force back doors into things. Never let a good tragedy go to waste, right?

McAfee is a self absorbed idiot wanted in at least 3 countries for being a drug addled alcoholic. So... -.-

Even right now he's got a DUI/drug charge in Tennessee he's fighting if I remember right.


Pretty much. The San Bernardino shooters destroyed/wiped all of their personal electronics ( phones, laptops, computers ) as well as all documents, etc. What the FBI have is the guy's work phone, not his personal cell ( which he wiped/destroyed ). He didn't give a rat's ass about his work phone, hence its intact.

The FBI has tried to use this tactic twice before. The first time the judge allowed them to request any possible assistance from Apple but pointedly stated she would *not* compel Apple to defeat their own encryption. Only render any reasonable assistance in bypassing the passcode if possible.

The second time they tried it, the judge shut them down and told them off.

This is their third attempt and they're banking on it being a Terrorist Phone(tm) to finally get what they want.

Yes that was the article. Thanks