William D. Cohan for Fast Company:
The district attorney of Manhattan, Cyrus Vance Jr., and the city’s cybercrime unit have built this electronic prison for a very specific purpose: to try, using brute force algorithms, to extract the data on the phones before their owners try to wipe the contents remotely…
Welcome to ground zero in the encryption battle between state and federal law enforcement officials on one side, and trillion-dollar tech giants Apple and Google on the other. About five years ago, with the introduction of its iOS8 operating system, Apple decided to encrypt all of its mobile devices—protecting both consumers and criminals from prying eyes…
All of the phones are hooked up to two powerful computers that generate random numbers in an attempt to guess the passcode that locked each device… “All of these phones are in various states of being attacked,” explains Steven Moran, the director of the High Technology Analysis Unit. He shows me one phone where 10,000 random sequences have been tried. That would have been enough to crack a four-digit key, which has 10,000 possible combinations. But beginning in 2015, Apple began requiring a six-digit passcode—boosting the total permutations to 1 million.
MacDailyNews Take: This brute force method is precisely why those concerned with security don’t use four-digit passcodes. Instead, use long, alphanumeric passwords and, even if there is a GrayKey box on every corner, your data will remain secure.
Use at least seven characters – even longer is better – and mix numbers, letters, and symbols.
To change your password in iOS:
Settings > Face ID & Passcodes > Change Passcode > Passcode Options: Custom Alphanumeric Code
Guide to iOS estimated passcode cracking times (assumes random decimal passcode + an exploit that breaks SEP throttling):
4 digits: ~13min worst (~6.5avg)
6 digits: ~22.2hrs worst (~11.1avg)
8 digits: ~92.5days worst (~46avg)
10 digits: ~9259days worst (~4629avg)— Matthew Green (@matthew_d_green) April 16, 2018
Apple argues that it is protecting our privacy by ensuring that no one—not even Apple—can gain access to our most intimate personal data. Vance is skeptical that Apple doesn’t have a secret backdoor. “They get into my phone all the time because they upgrade my operating systems and they send me messages,” he says.
MacDailyNews Take: Idiot.
The problem is that criminals also use Apple and Android phones, and the data hidden inside them — GPS coordinates, text conversations, transcripts of voicemails — are often essential for prosecuting them.
MacDailyNews Take: Oh, really? And what did you do before 2007? Or rather the guy who preceded you?
Oh, we know, he did actual police work – instead of lazily wiping his ass with the U.S. Constitution and complaining that it’s too rough.
At the core of the issue is the U.S. Constitution:
AMENDMENT V
No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.
Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety. – Benjamin Franklin, Historical Review of Pennsylvania, 1759
This is not about this phone. This is about the future. And so I do see it as a precedent that should not be done in this country or in any country. This is about civil liberties and is about people’s abilities to protect themselves. If we take encryption away… the only people that would be affected are the good people, not the bad people. Apple doesn’t own encryption. Encryption is readily available in every country in the world, as a matter of fact, the U.S. government sponsors and funds encryption in many cases. And so, if we limit it in some way, the people that we’ll hurt are the good people, not the bad people; they will find it anyway. — Apple CEO Tim Cook, February 2016
Ultimately… the U.S. Supreme Court will likely have to weigh in on this issue. — MacDailyNews, May 4, 2017