×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Deluged By Police Demands To Decrypt iPhones

Soulskill posted about a year ago | from the atf-struggles-with-slide-to-unlock dept.

Iphone 239

New submitter ukemike points out an article at CNET reporting on a how there's a "waiting list" for Apple to decypt iPhones seized by various law enforcement agencies. This suggests two important issues: first, that Apple is apparently both capable of and willing to help with these requests, and second, that there are too many of them for the company to process as they come in. From the article: "Court documents show that federal agents were so stymied by the encrypted iPhone 4S of a Kentucky man accused of distributing crack cocaine that they turned to Apple for decryption help last year. An agent at the ATF, the federal Bureau of Alcohol, Tobacco, Firearms and Explosives, 'contacted Apple to obtain assistance in unlocking the device,' U.S. District Judge Karen Caldwell wrote in a recent opinion. But, she wrote, the ATF was 'placed on a waiting list by the company.' A search warrant affidavit prepared by ATF agent Rob Maynard says that, for nearly three months last summer, he "attempted to locate a local, state, or federal law enforcement agency with the forensic capabilities to unlock' an iPhone 4S. But after each police agency responded by saying they 'did not have the forensic capability,' Maynard resorted to asking Cupertino. Because the waiting list had grown so long, there would be at least a 7-week delay, Maynard says he was told by Joann Chang, a legal specialist in Apple's litigation group. It's unclear how long the process took, but it appears to have been at least four months."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

239 comments

Is Apple being compensated? (5, Interesting)

APE992 (676540) | about a year ago | (#43699651)

If they're going to expect Apple to spend time doing their work for them are they are least compensating them for the time and energy necessary for this?

Re:Is Apple being compensated? (4, Interesting)

noh8rz10 (2716597) | about a year ago | (#43699719)

i see this story as being a GOOD thing, generally speaking. the feds are stumped by my iphone. now the only people we need to cockblock are in cupertino...

How ? (3, Interesting)

Taco Cowboy (5327) | about a year ago | (#43699977)

i see this story as being a GOOD thing, generally speaking. the feds are stumped by my iphone. now the only people we need to cockblock are in cupertino

The question is, how ?

The Apple platform is a closed platform, and they closely guard against any attempt to change their products (even after we have purchased them with our own money)

Until now, there is no way to safeguard our secret stored in i-Device from the prying eyes of Apple Inc

Re:How ? (5, Insightful)

BrokenHalo (565198) | about a year ago | (#43700933)

Until now, there is no way to safeguard our secret stored in i-Device from the prying eyes of Apple Inc

If you want something kept secret, you're a fool if you put it on your phone.

Re:Is Apple being compensated? (5, Insightful)

Shavano (2541114) | about a year ago | (#43700025)

You understand that in this case the police HAD a warrant. What's your complaint?

Re:Is Apple being compensated? (2, Insightful)

Anonymous Coward | about a year ago | (#43700323)

My complaint is that the police can fuck right off if they want to decrypt anything on mine.

Re:Is Apple being compensated? (5, Insightful)

Charliemopps (1157495) | about a year ago | (#43701221)

You understand that in this case the police HAD a warrant. What's your complaint?

That encryption is not encryption if Apple can "undo" it.

Re:Is Apple being compensated? (5, Interesting)

FuzzNugget (2840687) | about a year ago | (#43700047)

You're deluding yourself if you think a backdoor is a good thing.

No, this is overall a bad thing: Apple is able and willing to break the encryption on an iPhone, presumably through a backdoor or brute force.

Then again, we could all be mistakenly conflating "encryption" with "lock screen", which really speaks to the level of (in)competence on the part of law enforcement.

Hmmm, maybe this is a good thing (just not quite in the way you were thinking)

Re:Is Apple being compensated? (3, Interesting)

bytesex (112972) | about a year ago | (#43700103)

Maybe the backdoor isn't so much the crypto format itself - it's in the password to decrypt. After all - these companies have a thing for you sharing information 'in the cloud', right? What's to stop them from simply posting your password somewhere central - for recovery purposes on your (and apparently, other people's) behalf? I reckon 90% of users would find it super-convenient!

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700667)

Wow you people can't see the forest from the trees.

What you do is save the existing password, reset the password, login and do whatever, and restore the password.

That's how you do it on ANY system without tipping off the owner of the account or hardware.

Law enforcement likely asks Apple to "lost PIN" the device. Nothing fancy.

Re:Is Apple being compensated? (1)

beelsebob (529313) | about a year ago | (#43701147)

Right... because changing the password hash on the disk totally changes how all the data is encrypted. Wait... no.

Re: Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700749)

There is a setting in the iPhone to erase itself after five failed attempts to enter the lock screen pass code. Law enforcement cannot try a brute force approach.

Apple is able to install a new OS; they have root access to do so. But there's no way that they're letting that secret out. Would you give out your private RSA key? Hell no.

Re:Is Apple being compensated? (4, Informative)

SeaFox (739806) | about a year ago | (#43700493)

i see this story as being a GOOD thing, generally speaking. the feds are stumped by my iphone. now the only people we need to cockblock are in cupertino...

No, I'd say this is a bad thing. A back log of getting these requests fulfilled will only be used as justification for there to be a regular law-enforcement back door built into a later version of iOS. "This process is taking too long and Apple is being burdened with fulfilling these requests, if only we had a way of accessing an iPhone ourselves without needing their assistance it would make things easier for all parties when investigating terrorism and child pornography..."

Re:Is Apple being compensated? (1)

Arancaytar (966377) | about a year ago | (#43700967)

An encryption that someone needs to wait only seven weeks to get broken by the manufacturer is not, in any sense, a useful encryption.

Re:Is Apple being compensated? (1)

MxMatrix (1303567) | about a year ago | (#43701035)

i see this story as being a GOOD thing, generally speaking. the feds are stumped by my iphone. now the only people we need to cockblock are in cupertino...

It might explain the popularity of iPhones among certain people.

Re:Is Apple being compensated? (4, Insightful)

Anonymous Coward | about a year ago | (#43699731)

You're kidding, right? The real issue is that Apple has a backdoor to decrypt its customers' private information. That is outrageous.

It is irrelevant how much Apple spends to operate that backdoor.

Re: Is Apple being compensated? (5, Informative)

Anonymous Coward | about a year ago | (#43699785)

Now you know and knowing is half the battle. Don't buy iPhone.

Re: Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700013)

ROFL. Yeah, I'll buy the first smartphone I find that the cops can't access, either with or without the manufacturer's support. Good luck with that .

Re: Is Apple being compensated? (1)

Thor Ablestar (321949) | about a year ago | (#43700445)

Buy anything where you can install your preferred encrypted OS and any connectivity module. For instance, I'd buy some CDMA modem for my OQO2 because encrypted FreeBSD runs well on it.

But IMHO problem is not that the smartphone contains something illicit. Problem is that after Microsoft bought Skype there is NO VoIP application which is fully anonymous so THEY can still compile your contact list from your traffic logs only and apply a rubberhose decryptor (We Russians say "Rectothermal decryptor") to all your contact list.

Re: Is Apple being compensated? (1)

Fjandr (66656) | about a year ago | (#43700559)

Unless you use a BES server hosted by someone else, a Blackberry fits the bill. Their communications can only be decrypted if you use the Blackberry servers. That's very easy to avoid.

Re: Is Apple being compensated? (1)

deains (1726012) | about a year ago | (#43701019)

Or better yet, don't store sensitive data on your smartphone. Android/Windows Phone are likely to have their own backdoors as well, so simply avoiding Apple doens't necessarily solve the problem.

Re: Is Apple being compensated? (2)

CastrTroy (595695) | about a year ago | (#43701273)

At least with Android it seems like it would be possible to install 3rd party tools that would encrypt the data such that it would not be accessible by a back door. You can completely replace many aspects of the operating system. It would probably be not-too-difficult to install different applications to deal with email, SMS, contact lists, and anywhere else sensitive information might be stored on your phone. Windows and iOS are too closed to do this in a dependable way.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43699903)

You're the one who's kidding right? Do you really want us to believe that some insignificant things like morals and ethics are more important than MONEY?! And not just any kind of Money but that of a Giant Corporation. A Giant Corporation who doesn't make Money by producing some petty resources like food, shelter, or security, but by Licensing Intellectual Property and selling Electronic Gadgets that are Crucial to the Survival of humans, not to mention the Money they Earn from significant Tax Breaks by local, state, and federal Authorities. Do you really want this poor Giant Corporation to lose A Little Money in order to do the right thing?

Let's get some perspective here, Nothing matters more than Money!

Re:Is Apple being compensated? (4, Insightful)

node 3 (115640) | about a year ago | (#43700251)

You're kidding, right? The real issue is that Apple has a backdoor to decrypt its customers' private information. That is outrageous.

It would be, were that the case. But it's all but certainly not. There's no way Apple would put an actual back door into their products.

If you had read the article, you'd notice that the process takes four months. If they had a back door, it would take a few minutes. Also, had you read the article, you'd notice that Google will reset the password and send that to law enforcement.

But I'm sure that's not outrageous. Lol!

It is irrelevant how much Apple spends to operate that backdoor.

That's true, but only if there was an actual back door.

However, in all fairness, if you have proper evidence that Apple has a back door, I'll be right there with you. That would be wholly unacceptable.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700503)

There's no way Apple would put an actual back door into their products.

Of course not. Doors are thick and they would look ugly, no matter their skeuomorphic value.

Re:Is Apple being compensated? (3, Informative)

gd2shoe (747932) | about a year ago | (#43700753)

The summary implies that it did only take a couple of minutes... after months of sitting on a shelf while Apple dealt with the backlog of other phones needing to be unlocked by law enforcement.

Re:Is Apple being compensated? (4, Insightful)

AmiMoJo (196126) | about a year ago | (#43700819)

No, the backlog is 4 months. Nobody knows how long actual decryption takes, but the nature of these things is that it will either be minutes or thousands of years with a supercomputer dedicated to the task. Apple claims [apple.com] that it uses AES with a 128 bit key, so if they can unlock it that quickly they MUST have a backdoor to the encryption key.

This is absolute proof that they have your encryption key on file somewhere. Others have already verified that they do indeed use AES 128.

To cover themselves legally Apple will have to evaluate every request that comes in, handle the evidence securely (maintaining the chain of custody) and then handle the potentially sensitive and illegal decrypted data in a way that doesn't expose its staff. It's no wonder there is a backlog.

Re:Is Apple being compensated? (2)

Cyberax (705495) | about a year ago | (#43701009)

Dudes, Apple holds your encryption key in escrow to allow device restores. That's even disclosed in their freaking policy.

OS != Data (0)

Anonymous Coward | about a year ago | (#43701279)

IF you've put data on the system and encrypted it, then you can replace the OS or get it reset (which is the same thing, or should be).

If resetting the OS changes the encryption of the data you added, it's not encrypted, and if the key signing for the OS is also the key signing for the data you add, its not encryption.

Re:Is Apple being compensated? (4, Informative)

kasperd (592156) | about a year ago | (#43701055)

Apple claims that it uses AES with a 128 bit key, so if they can unlock it that quickly they MUST have a backdoor to the encryption key.

The input provided by the legitimate user for decrypting the content has way less than 128 bits of entropy. So they just need to brute force that input. What Apple can do, which the forensics people might not know how to do, is to extract the encrypted data and put it on a computer, where brute forcing can happen without each input having to be entered through a touch screen. Any security one might think this adds, is nothing but security-through-obscurity. Real security of the encryption could only be achieved by the user entering some sort of password with sufficient entropy. A 39 digit pin code would be sufficient to make AES be the weakest point. But would anybody use a 39 digit pin on their phone? Anything less would make the pin be easier to brute force than AES.

You can shift the balance a bit by iterating the calculation which produces a key from the pin code. A million iterations would probably be acceptable from a user experience perspective, but that would only reduce the required number of digits from 39 to 33. A milliard iterations would not be good for the user experience, since they now have to wait quite some time after entering a pin. And with the pin still needing to be 30 digits in length, they'll often need to re-enter it multiple times, before they get it right.

Re:Is Apple being compensated? (1)

AmiMoJo (196126) | about a year ago | (#43701217)

I don't know about the iPhone but Android lets you enter a password for encryption, not just a PIN. You enter it once when the phone is turned on, so it isn't a big inconvenience to pick a secure one.

It isn't a question of if Apple can unlock the phone due to the user choosing a poor password. They can always unlock it. Someone else can confirm if they were just stupid and only allowed you to enter a PIN number instead of a real password, or if they have a copy of the key.

Re:Is Apple being compensated? (5, Interesting)

blaster (24183) | about a year ago | (#43700305)

Apple does not have a backdoor per se. But Apple does have the device signing key and can thus completely compromise the chain of trust. The only thing stopping you from compromising a phone with a 4 digit passcode in seconds by brute forcing it is the fact that software rate limits attempts, and the option to have it delete its intermediary keys after 10 bad attempts. If you have the ability to load an arbitrary kernel it is trivial to bypass both of these, but only Apple has that capability, at least on devices without jailbreaks that can be executed them while locked.

If you want to make sure your data is secure then use a full password and not a PIN, which will make Apple's ability to run code moot since brute forcing it will not be practical any more. You can look at https://acg6415.wikispaces.com/file/view/iOS_Security_May12.pdf/343490814/iOS_Security_May12.pdf [wikispaces.com] for more info on the actual architecture.

Re:Is Apple being compensated? (1)

Thor Ablestar (321949) | about a year ago | (#43700469)

The expression "Apple does not have a backdoor per se" basically cannot be proven unless you have a full source code. Moreover, nothing will stop a real hackers from desoldering a flash and attaching it to reader. And also: I've never seen a modern device which does not have some JTAG or similar debug port that can be useful to program the very bootloader that verifies the digital signatures of bootable code. Times when BIOS was pluggable are gone.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700523)

The expression "Apple does not have a backdoor per se" basically cannot be proven unless you have a full source code. Moreover, nothing will stop a real hackers from desoldering a flash and attaching it to reader. And also: I've never seen a modern device which does not have some JTAG or similar debug port that can be useful to program the very bootloader that verifies the digital signatures of bootable code. Times when BIOS was pluggable are gone.

Full source code and chain of custody all the way to your device, and then the same for hardware schematics and any other firmware. Take your irrational fear of proprietary software and go home.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700895)

your post might have made sense if this wasn't a news article about a company decryting inforamtion.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43701105)

decryting inforamtion

Those are not words, are they? Can anybody decrypt that post?

Re:Is Apple being compensated? (1)

tlhIngan (30335) | about a year ago | (#43700587)

The expression "Apple does not have a backdoor per se" basically cannot be proven unless you have a full source code. Moreover, nothing will stop a real hackers from desoldering a flash and attaching it to reader. And also: I've never seen a modern device which does not have some JTAG or similar debug port that can be useful to program the very bootloader that verifies the digital signatures of bootable code. Times when BIOS was pluggable are gone.

Except around the 3Gs era, Apple started hard-encrypting the flash to prevent that very attack.

And JTAG ports can be disabled by software - I've worked on devices where once a fuse was blown, the JTAG lines were disconnected internally and thus inaccessible.

And yes, Apple is the only one that can do it because they hold the keys. If you need to load out special software, only Apple has the private key to sign and run whatever tools they have. And they can probably read out the filesystem, figure out what the keys are and brute force what they need to brute force.

Of course, the article doesn't say Apple has any success at all - perhaps they can crack the 4 digit passcodes that bypass the 10 code self-lockout and erasure. But you can enable a more secure form using a complex passcode. And supposedly you can enable even more sophisticated encrypted and protections.

Or hell, we don't even know how may phones are in the queu or how long it takes Apple, It could take Apple 4 months to decrypt the iPhone. Or they may have a backlog because only one person is decrypting them and he can only do one a day or something.

Re:Is Apple being compensated? (5, Interesting)

blaster (24183) | about a year ago | (#43700677)

Would you have preferred if I had written "Apple does not actually need a backdoor per se in order toto perform the actions mentioned in the article?" My point was that what law enforcement is asking does not require a backdoor, since a lot of posters seem to think it implies there must be one. Furthermore, security researchers can and do look and see how all the signing keys etc are structured on running systems even without source code access. Is there a chance there is still something hidden, sure, but there is also a chance someone snuck a root exploit into an innocuous looking commit in an important open source project. Source code access generally does lead to more trustworthy code, but it isn't so black and white as you claim. In the end we depend on people to validate what we use, and just having the source available is not in and of itself validation.

As for the rest of the your comments, you simply don't know what you are talking about, but you would if you had actually read the PDF I linked. First off, rewriting the bootloader via JTAG is not an option on a lot of SoC's and embedded devices once they have had some of their internal fuses blown. From the PDF:

"When an iOS device is turned on, its application processor immediately executes code from read-only memory known as the Boot ROM. This immutable code is laid down during chip fabrication, and is implicitly trusted. The Boot ROM code contains the Apple Root CA public key, which is used to verify that the Low-Level Bootloader (LLB) is signed by Apple before allowing it to load."

So the stuff in flash might be rewritable, but it won't be executed unless it is signed. Reading the raw flash is also completely useless, because all data written to it is AES encrypted via a DMA engine in the SoC that uses various different keys, but all of them are tied to or derived from values fused into the processor and not readable via software or JTAG (they are routed directly to the DMA block and never exposed). That means the brute force needs to be attempted on the SoC in that particular iPhone, or you need to drastically increase the search space. A suitably advanced attacker code probably also obtain the SoC keys by decapping the chip, dying it, and looking at the fuses with a scanning electron microscope, but I generally don't worry about an attacker with sorts of resources; they would probably just beat my PIN out of me...

Re:Is Apple being compensated? (1)

Runaway1956 (1322357) | about a year ago | (#43700849)

Except - the PDF linked to specifically states that the encryption is dependent on the silicone within the device. The chip identifiers on the device are part of the encryption. Storage removed from the device are unreadable, until the storage media is returned to the device.

"The content of a file is encrypted with a per-file key, which is wrapped with a class key
and stored in a file’s metadata, which is in turn encrypted with the file system key. The
class key is protected with the hardware UID and, for some classes, the user’s passcode.
This hierarchy provides both flexibility and performance. For example, changing a file’s
class only requires rewrapping its per-file key, and a change of passcode just rewraps
the class key."

Without the UID, soldering that storage media into anything at all renders the data unreadable, and unrecoverable.

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43701177)

That whole statement is incorrect. iOS password cracking is done on the device itself, which is not limited to a maximum number of attempts as it bypasses that logic. Takes about 45 minutes to crack a 4-digit numerical password by brute force. Look up the Elcomsoft tools for details.

Re:Is Apple being compensated? (1)

pitchpipe (708843) | about a year ago | (#43700809)

The real issue is that Apple has access to its customers' private backdoor, and that they don't like lube.

You had some words switched around there.

It is irrelevant how much Apple spends to operate that backdoor.

Agreed.

Re:Is Apple being compensated? (1)

Cyberax (705495) | about a year ago | (#43701003)

Are you stupid? Apple holds your encryption keys in escrow so you can restore them if you accidentally forget them. Everybody with a couple of functioning brain cells should know that if a company can restore password for you then they can do this for law enforcement as well.

Re:Is Apple being compensated? (1)

Anonymous Coward | about a year ago | (#43699737)

Why do you care?

Re:Is Apple being compensated? (0)

Anonymous Coward | about a year ago | (#43700637)

Apple built it, and if crims move to the iDevice, Apple are obligated to help, free.

What, you're surprised? (0)

Anonymous Coward | about a year ago | (#43699669)

IPhones are stolen. IPhones are used by criminals. And of course, everybody is a terrorist.

Not like they can ask the NSA for their secret keys though. Or the Machine.

iPhones Encrypted (0)

Anonymous Coward | about a year ago | (#43699683)

iPhones are encrypted?? Since when?

Is this talking about getting past the 4-digit lock screen? Or decrypting encrypted data stored on the device?

Re:iPhones Encrypted (3, Informative)

Anonymous Coward | about a year ago | (#43699701)

Since the 4. The flash is encrypted with a device key. Remote wipe simply cycles the key.

Previously parts were encrypted, but not all.

Re: iPhones Encrypted (0)

Anonymous Coward | about a year ago | (#43699781)

They have hardware encryption and passphrases, though 4 digits are still an option.

The encryption keys are burned in during manufacturing.

Apple has a very good description of the process online somewhere.

Re: iPhones Encrypted (1)

node 3 (115640) | about a year ago | (#43700265)

Are you sure the keys are burned in during manufacturing? When you remote wipe an iPhone, it wipes the key and the contents become inaccessible. If the key itself is hard coded in hardware, that's not exactly possible to do directly.

Re: iPhones Encrypted (1)

Rosyna (80334) | about a year ago | (#43700299)

Are you sure the keys are burned in during manufacturing? When you remote wipe an iPhone, it wipes the key and the contents become inaccessible. If the key itself is hard coded in hardware, that's not exactly possible to do directly.

And if they were hardware keys, Apple could extract those. They can't. See Apple's iOS Security Guide [apple.com] page 15 for reference.

I must be missing something. (4, Informative)

jtownatpunk.net (245670) | about a year ago | (#43699723)

The summary talks about decrypting the data on the phones. The articles talk about getting past the lock screen on the phones. Those are two entirely different things. On my phone, I have to first enter the decryption code before I'm presented with the lock screen.

No I think they are just confused (4, Informative)

Sycraft-fu (314770) | about a year ago | (#43699769)

Most phones aren't encrypted and usually the company can bypass it. For example with Android phones tied to a Gmail account, Google can bypass the lock screen. So if you forget your password, that is a recovery mechanism. Also data can be accessed if you physically removed the flash chip from the phone and put it in another reader. Lock screens are protection against most kinds of attacks, not high level security. Most people don't need high level security though, so it works well.

You can also encrypt your phone. Well I presume you can encrypt iPhones, having not owned one I don't know. You can encrypt Blackberries and Androids. There you set a key and it does basically a full-disk encryption type of thing. You have to enter the key to access the device at all (whereas lock screen lockouts will allow some stuff to happen) and there is no recovery. If you forget the password, you're boned, flash the device and start over. Few people do that because it is not pushed and is inconvenient.

It is also more security that is generally useful. Most people are worried about someone running up a phone bill, or getting at your account information or something if they steal a phone. A lock screen stops that. Device encryption is needed only against more serious threats, hence most don't use it.

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43699839)

Is there any encryption that makes good a 4 digit key?

Re:No I think they are just confused (1)

Trax3001BBS (2368736) | about a year ago | (#43700113)

Is there any encryption that makes good a 4 digit key?

I've seen a phone "hacked". Person was in the hospital and concern for some reason that their phone
was password protected; his brother opened it with 2480 - quite proud of themselves as well :}

2480 the universal password :} A pattern pass with 10 attempts is a good scheme, if you don't start at the top left.

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43700197)

You are correct that any password/PIN short enough to be used for a lock screen is too short to offer any real protection with encryption. That's why you can use a different password for encryption than the lockscreen on Android.

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43699961)

New enough iPhones (4s included, not sure about previous models) automatically hardware encrypt their userspace storage when the user has a passcode lockscreen enabled. Most users only have a 4 digit passcode at the lockscreen, but enough failed attempts there will cause a hard lock, and direct access to the storage chips won't help if the encryption is good enough. Longer lockscreen passcodes can be enabled with enterprise profiles for the really paranoid/security conscious.

Re:No I think they are just confused (1)

Anonymous Coward | about a year ago | (#43700171)

Longer lockscreen passcodes can be enabled with enterprise profiles for the really paranoid/security conscious.

You don't need an enterprise profile. It's under Settings / General / Passcode Lock. Set Simple Passcode to Off, and you can enter an arbitrary passcode.

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43700261)

and direct access to the storage chips won't help if the encryption is good enough.

Encryption isn't magical. If you have a 4 digit passcode then it's useless for anything but a lockscreen. Why? In order to decrypt the phone, the encryption key must be generated from information stored on the phone (e.g. serial number) and information provided to it (the passcode). Any information stored on the phone is easily read by someone with physical access. The passcode only has 10,000 possible values, so even with a ridiculous amount of PBKDF, a workstation with direct access could iterate through the entire keyspace in a couple minutes. So it doesn't matter if you're using 128-bit AES somewhere in the process if the weakest link is a 13.3 bit passcode.

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43700699)

The passcode only has 10,000 possible values...

  • 0000
  • 0852
  • 1234 (the same as on you luggage.)
  • 2580

What's the other 9.996 possible values?

Re:No I think they are just confused (0)

Anonymous Coward | about a year ago | (#43700891)

Given that Apple aren't complete morons, there will be a randomly-generated part of the key stored somewhere. When the phone is reset, that part is wiped, making the rest of the data impossible to decrypt. While it's intact, there are only 10000 possible keys, but once it's gone there are 2^256. This is all fairly well known, and it's what makes it possible to securely wipe the phone without having to write to every single flash block.

Taking a wild guess (which, given the article, is the best any of us can do): When too many incorrect codes are entered, the phone disallows further attempts, but doesn't wipe the stored part of the encryption key. Apple almost certainly aren't capable of decrypting a phone when the entire key is lost, but probably do have a way of obtaining the stored part, so they can brute-force the unlock code.

Re:No I think they are just confused (1)

Trax3001BBS (2368736) | about a year ago | (#43700083)

Most phones aren't encrypted and usually the company can bypass it. For example with Android phones tied to a Gmail account, Google can bypass the lock screen. So if you forget your password, that is a recovery mechanism.

Who you replied to is correct the article is of the pass code
FTA : Quote "the Apple legal specialist, told him that "once the Apple analyst bypasses the passcode,
the data will be downloaded onto a USB external drive" /Quote

I have a Google tablet (Motorola_XOOM_MZ604) the only way to bypass the password is to reset the unit.
Now one may do this then run forensics on the SSD, but that to is a lot of work (money).

The Google Tablet is the only password I've bypassed (by resettng) for a friend
I would hope the rest are the same or it's not a password. As for back doors
that's why rooted devices are the best, install a different ROM for better features as well as security.
Yet I've never trusted a super user program that wants money for full features and most ROMs do come with one.

Re:I must be missing something. (1)

Anonymous Coward | about a year ago | (#43699789)

All iPhone flash storage since the 3GS is fully encrypted. The keys are stored in NVRAM on the baseband, so fairly simple to retrieve.

If you set a passcode though the keys are then 'encrypted' using your passcode. That's why on a passcode-protected device you can't sync to iTunes or deploy from Xcode without unlocking it once.

Re: I must be missing something. (1)

LostMyBeaver (1226054) | about a year ago | (#43700847)

Pretty convince you've hit the nail on the head. This isn't an issue of cracking encryption but simply gaining initial access to the phone via pin

War on Drugs (5, Funny)

pitchpipe (708843) | about a year ago | (#43699895)

Court documents show that federal agents were so stymied by the encrypted iPhone 4S of a Kentucky man accused of distributing crack cocaine that they turned to Apple for decryption help last year... Because the waiting list had grown so long, there would be at least a 7-week delay...

As soon as they are able to get these phones decrypted, this war on drugs will be won!

PhoneView (1)

TeamSPAM (166583) | about a year ago | (#43699901)

Maybe I should buy a copy of PhoneView (http://www.ecamm.com/mac/phoneview/) and setup my own computer forensics firm.

How does Apple Decrypt it? (5, Interesting)

Frankie70 (803801) | about a year ago | (#43699911)

Unless the iPhone has a backdoor - the effort required for either Apple or others should be the same. Does this mean that the iPhone has a backdoor?

Re:How does Apple Decrypt it? (0)

Anonymous Coward | about a year ago | (#43700005)

Likely just a master encryption key.

Re:How does Apple Decrypt it? (2)

Nerdfest (867930) | about a year ago | (#43700091)

Just? If Apple can decrypt your phone, they're not doing encryption right.

Re:How does Apple Decrypt it? (2)

Yvanhoe (564877) | about a year ago | (#43700279)

What is their incentive for doing it right anyway? Since when do people check the result of security audits on the smartphone they want to buy?

Re:How does Apple Decrypt it? (0)

Anonymous Coward | about a year ago | (#43700541)

Just? If Apple can decrypt your phone, they're not doing encryption right.

If Alice can decrypt your data, she's not doing encryption right.

Do you listen to yourself?
If your icloud account can lock/unlock your phone, and you never never personally keyed in any crypto information.. wow.. you're so close to figuring out what a chain of trust is.

Re:How does Apple Decrypt it? (1)

steelfood (895457) | about a year ago | (#43700095)

Even if they had one, it seems it's not one that is so simple as to make unauthorized decryption effortless. I would rather think that they purposely included some design flaws into their scheme, and are using those known flaws as an exploit to (much) more easily get to the key.

Re:How does Apple Decrypt it? (2)

mlw4428 (1029576) | about a year ago | (#43700723)

So a company purposely makes shitty security so that they can break their own security whenever they want and people are OK with this? Sounds like an even better reason to stick/switch to Android. At least an open-source product has a better chance at security over some proprietary bullshit.

Re:How does Apple Decrypt it? (0)

Anonymous Coward | about a year ago | (#43700135)

Doesn't need to be a backdoor: can just be knowledge about the best part of the wall to use the jackhammer on. But even if it is "just" that: several weeks point to an excryption scheme that is too weak.

Re:How does Apple Decrypt it? (1)

Anonymous Coward | about a year ago | (#43700193)

Unless the iPhone has a backdoor - the effort required for either Apple or others should be the same. Does this mean that the iPhone has a backdoor?

Have /. fallen so far already?

How difficult it is for Apple to have some mechanism to brute force their own passcode or password API? The summary already mentioned it is for unlocking seized iPhones, so those are presumably not remote-wiped, but merely locked. The only "special" capability Apple needed is to try the combinations without triggering the auto-wipe.

How many people use a simple 4-digit passcode vs password? It only takes 10000 tries to brute force the 4 digit passcode. And probably longer for password (how long a password would people use, for a device that you have to unlock many times a day and with usually with your thumb?)

No "backdoor" required, just physical control over the phone. But /.ers should have already known that once you have physical control over a machine, all bets are off.

The real question is, why isn't Google being flooded by the same demands from police? Are Android phones less secure and thus the police don't need Google? Or there are much fewer Android phones seized? Or do Google have a real backdoor thus it took so little effort to crack, so they are not deluged? Or are HTC/Samsung doing these cracking instead?

Re:How does Apple Decrypt it? (1)

Frankie70 (803801) | about a year ago | (#43700317)

How difficult it is for Apple to have some mechanism to brute force their own passcode or password API? The summary already mentioned it is for unlocking seized iPhones, so those are presumably not remote-wiped, but merely locked.
How many people use a simple 4-digit passcode vs password? It only takes 10000 tries to brute force the 4 digit passcode. And probably longer for password (how long a password would people use, for a device that you have to unlock many times a day and with usually with your thumb?)

Yes, that's why I asked - why is law enforcement not able to brute force it without Apple's help?

Re:How does Apple Decrypt it? (1)

nospam007 (722110) | about a year ago | (#43701025)

"Unless the iPhone has a backdoor - the effort required for either Apple or others should be the same. Does this mean that the iPhone has a backdoor?"

No, Apple removes the maximum number of tries for the password with an 'update' and runs a brute force from 0000 to 9999.

If you use a real long password, they're fucked.

Ban the war on drugs (0)

Anonymous Coward | about a year ago | (#43699993)

then there will be no need to decrypt iPhones in this case.

Can Apple decrypt the contents at all? (0)

Anonymous Coward | about a year ago | (#43700001)

The article doesn't say Apple decrypts what's on the phone, only that they can copy the contents off of the phone. You need factory tools to do that, because the standard firmware on the phone won't do any data transfer if you don't have the key it wants.

Brute-forcing the lock code (5, Informative)

Verteiron (224042) | about a year ago | (#43700175)

Brute-forcing an iPhone's lock code is relatively trivial with freely available tools [google.com] . This puts the device in DFU mode, so "Erase device on X unlock attempts" doesn't take effect. That version of the tools only bruteforces lockcodes, but there's no theoretical reason you couldn't try at least a dictionary attack on a password, too. Since it's also possible to dump the hardware key and a complete (encrypted) image, I imagine an offline attack on the image is possible, too. You wouldn't have to rely on the relatively slow hardware in the iPhone.

Using those tools I have successfully bruteforced the 4-digit lockcode to an iDevice running 6.0.2, and that's with no prior experience with or knowledge of iOS. I even used an emulated Mac to compile the necessary firmware patch. And that's just what I was able to do in with a few hours of fiddling. There are people who do this for a living, and tools dedicated specifically to extracting data from mobile devices. Are these PDs really saying they can't get into devices with simple lock codes?

Re:Brute-forcing the lock code (1)

node 3 (115640) | about a year ago | (#43700281)

You mean to say you were able to run through the ten thousand numbers between 0000 and 9999? You must be a super-hacker!

Re:Brute-forcing the lock code (0)

Anonymous Coward | about a year ago | (#43700517)

I set my lock code to the statistically least likely one to be guessed, which used to be 8068 until NBC plastered my PIN on the web:

http://www.nbcnews.com/technology/whats-safest-4-digit-pin-not-8068-anymore-1B5966082

Now I use the second most likely used: 8093

Re:Brute-forcing the lock code (1)

AK Marc (707885) | about a year ago | (#43700737)

Good to know. I occasionally used 8068, as my phone number is 473-8068. No, please don't call. But now that's it's posted, I can't use it anymore.

Blackbag Technologies (0)

Anonymous Coward | about a year ago | (#43700319)

Apple has been working with Blackbag [blackbagtech.com] for many years, but have recently been trying to take over the smaller company's business. I suspect the deluge of demands is because Apple simply isn't prepared to handle this amount of requests from forensic departments.

DMCA (1)

RenHoek (101570) | about a year ago | (#43701049)

This is good right? I mean with the DMCA even trivial protections are illegal to circumvent, so you remove the people who would be capable and interested in reverse engineering from the market. Then don't be surprised then when nobody can decrypt smart phones.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...