“Apple has instituted a number of software-based protections against brute force attacks, specifically an (user-selected) option to delete the contents of the disk after 10 failed passcode entries and a five-second delay between passcode entries. In addition, the passcode must be entered on the device’s touchscreen,” Ben Thompson writes for Stratechery. “The FBI is asking Apple to remove these limitations: allow more than 10 passcode tries, remove the five-second delay (there would still be an 80-millisecond delay if the computation is done on the device due to a hardware limitation), and allow passcodes to be entered by a separate device instead of a human finger.”
“Consider a sports analogy: in a game like basketball you need to play both defense and offense; the FBI, given their responsibilities, is primarily concerned with offense — uncovering secrets. However, the agency’s haste to score buckets has the effect of weakening the United States’ defense,” Thompson writes. “This is particularly unnecessary because the United States already has the best offense in the world! Consider the iPhone in question: the fact of the matter is that the data could be extracted without Apple’s help.”
“The first potential method would be to leverage a zero-day exploit that would allow the device to run code that is not signed by Apple; in other words, it is almost certainly possible that someone other than Apple could install the necessary software to bypass the 10 passcode entry limitation (the National Security Agency (NSA) is widely thought to possess several zero day exploits),” Thompson writes. “The second potential method would be to extract the data from the memory chips, and then de-cap the phone’s processor to uncover the device’s unknown UID and the algorithm used to encrypt the data, and then conduct a brute force attack on the passcode a separate computer designed to do just that.”
“Both of these processes are hugely difficult and expensive, which means they can only realistically be done by agencies with massive resources. Like, for example, the NSA — which is a big advantage for the United States,” Thompson writes. “If there is strong security everywhere (i.e. everyone has the same defensive capability), then the country with the biggest advantage is the country with the most resources to overcome that security (i.e. not everyone has the same offensive capability). To lower the bar when it comes to defense is to give up one of the United States’ biggest strategic advantages.”
Read more in the full article here.
MacDailyNews Take: It’d be shortsighted and simpleminded for the U.S.A. to fritter away such a strategic advantage while also trampling U.S. citizens’ privacy rights.
SEE ALSO:
Congressman Ted Lieu asks FBI to drop demand that Apple hack iPhones – February 23, 2016
In the fight to hack iPhones, the U.S. government has more to lose than Apple – February 23, 2016
Here are the 12 other cases where the U.S. government has demanded Apple help it hack into iPhones – February 23, 2016
John McAfee blasts FBI for ‘illiterate’ order to create Apple iPhone backdoor – February 23, 2016
Some family members of San Bernardino victims back U.S. government – February 23, 2016
Apple supporters to rally worldwide today against U.S. government demand to unlock iPhone – February 23, 2016
U.S. government seeks to force Apple to extract data from a dozen more iPhones – February 23, 2016
Apple CEO Cook: They’d have to cart us out in a box before we’d create a backdoor – February 22, 2016
Tim Cook’s memo to Apple employees: ‘This case is about more than a single phone’ – February 22, 2016
Obama administration: We’re only demanding Apple hack just one iPhone – February 17, 2016
[Thanks to MacDailyNews Readers “Fred Mertz” and “Arline M.” for the heads up.]
President Obama, SHame on you for stripping away Civil and privacy rights that define our nation.
You are no better than the obstructionist Republikkkans.
Americans, kiss your independence and freedoms goodbye – Too lazy to fight forn your right to party?
Don’t complain, you get what you sow – President Trump
There is so much importance to what President Reagan said. If only the issues could be kept on track. If only the noise of political corruption and loon level philosophies and selfish concerns could be removed and thrown aside. If only money could be removed from elections. If only corporate personhood and their lobbyist puppetry of our elected officials could be extinguished. If only our elected officials would simply obey the laws instead of weaseling their way around them. If only common sense and science could guide us into an improved future, instead of an exploited and diminished future when we question the survival of not just our lives, but all life on miracle planet Earth, our only home.
*sigh*
Well, well, well… The talking point was that it was this one specific iPhone the FBI wanted to get into. Now I hear in the news that the FBI wants Apple to unlock even more iOS devices. Give them an inch and they, the government, will take a mile. I do not trust their willingness to NOT abundantly abuse any privilege granted! Snowden proved that.
http://fortune.com/2016/02/23/apple-versus-fbi-other-iphones/
Whether we believe in our capacity for self-government or whether we abandon the American revolution and confess that a little intellectual elite in a far-distant capitol can plan our lives for us better than we can plan them ourselves. You and I are told increasingly we have to choose between a left or right. Well I’d like to suggest there is no such thing as a left or right. There’s only an up or down—[up] man’s old—old-aged dream, the ultimate in individual freedom consistent with law and order, or down to the ant heap of totalitarianism. And regardless of their sincerity, their humanitarian motives, those who would trade our freedom for security have embarked on this downward course… You and I have a rendezvous with destiny. We’ll preserve for our children this, the last best hope of man on earth, or we’ll sentence them to take the last step into a thousand years of darkness. — Ronald Reagan, “A Time For Choosing,” October 27, 1964
“Now I hear in the news that the FBI wants Apple to unlock even more iOS devices. Give them an inch and they, the government, will take a mile.”
Large (and expanding) government is a two headed dragon. Not only is large government self serving, the larger it is the more power they have to take away – without recourse.
If American law was used to force Apple fro create a special instrument to bypass the lock on iPhones, then the inevitable consequence would be that Chinese law would be used to force Apple to make that same instrument available to the Chinese authorities. The same would apply to many other countries too.
All the time that such an instrument does not exist, there can be no demands that other countries must have it too, but the moment that the FBI were to force it’s creation, it will not only exist, but will end up being used around the world.
If things really did get silly with regard to the American authorities, it would make more financial sense for Apple to stop selling iPhones in the US than to risk having them banned in the rest of the world until that cracking instrument were handed over.
I wonder how the American public would react if the iPhone 8 or 9 was only available for export and not sold in the U.S.?
There’s nothing stopping Chinese law now, regardless of the outcome of this FBI matter. All sovereign nations decide their own laws.
That’s always been the case, but so long as no iPhone cracking instrument exists, Apple can claim that it’s far too difficult to create one. If the FBI forced Apple to create one, then Apple can’t possibly claim that it’s too difficult, so China won’t hesitate to demand their copy of it and will apply whatever pressure they feel is warranted.
It won’t just be China getting heavy about this, it will be virtually all countries.
Even if they don’t create it for the FBI, another government could demand that they do, or else…
The Chinese have been waiting for the U.S. government to take the PR hit. If the U.S. crosses this line, the Chinese will be able to dodge the negative PR when they copy it.
They technically want to lower the bar for the whole world. But you could be sure ROTW isn’t waiting.
Several things are on the table. UK and Germany have similar provisions to lower the bar, as does the US. A strong defense knows no borders. The better it is, the harder the offense has to work to overcome those defenses. Imagine that it’s not the American people they are worried about, but it is the jurisdiction they have to work with. Can you legally compel Apple to crack open a Russian citizen’s iPhone, especially one you don’t want anyone to know you have? An American born person who committed a terrorist attack at home, provides the playing field they need to accomplish a global reaching goal.
I am trying to understand motive. I am trying to be as understanding of the situation, as if I had to make the choice myself.
A global Defence -vs- National Offense (best interests)
We also have to consider the global crisis of identity theft is apart of the defensive balance sheet.
Why is it, that over the last 8/9 years, we felt so safe. What is different today? Add to that, Zero Day exploits, how do we know if we were ever or will ever be safe? Siding with strong encryption seems like a good place to start. Now offensivly governments have to go back to old school spying to get the data they want.