Should Encryption Be Permanent?

[msj]

I love Trump's response to this on twitter:

Of course, Google says that they are backing Apple on this.

Face palm.

Who encrypted his brain and won't give him back the key?

[TimG]

The encryption is a combination of a pin

Encryption is only as good as the weakest link. In this case the PIN is the weakest link which is why the FBI are looking for a way to guess the PIN. Of course new iPhones now have fingerprint readers which, if used in combination with the PIN, would make even the hack that the FBI is looking for useless. Edited February 19, 2016 by TimG

[cybercoma]

Encryption is only as good as the weakest link. In this case the PIN is the weakest link which is why the FBI are looking for a way to guess the PIN. Of course new iPhones now have fingerprint readers which, if used in combination with the PIN, would make even the hack that the FBI is looking for useless.

The thumbprint scanner is bypassed with the correct pin. It just makes it faster for the user to unlock. It doesn't replace the PIN.

And you're right. The PIN is the weakest point, except right now it's impenetrable. After 10 attempts the phone is wiped. Even with that disabled, someone needs to manually try all combinations. It would take a ridiculously long time (in the neighbourhood of 5 years for the 6S). So the FBI is insisting a back door that eliminates the 10 failed attempts barrier, allows them to connect a device to try combinations, and removes the 80ms delay between attempts. If Apple adds that back door to their phones, it makes everyone vulnerable to their phones being hacked.

[TimG]

The thumbprint scanner is bypassed with the correct pin. It just makes it faster for the user to unlock. It doesn't replace the PIN.

I am suggesting Apple could release an update that would give the option of requiring both for people who concerned about the hack. Another feature would wipe the phone automatically if it is not unlocked within 24-48 hours. This is a fight the FBI cannot win in the long term.

If Apple loses this case I hope they insist on doing the work themselves and refuse to give the FBI anything that they can use without a proper warrant.

Edited February 19, 2016 by TimG

[Big Guy]

This story is getting stranger and stranger:

http://abcnews.go.com/US/san-bernardino-shooters-apple-id-passcode-changed-government/story?id=37066070

I do not understand the technology but I do know when somebody is peeing on my leg and telling me that it is raining.

[msj]

US President candidate and alleged murderer John McAfee on this: http://video.cnbc.com/gallery/?video=3000495078

Hilarious video!

He does make some interesting points but the idiocy of the journalists is what alarms me the most.

[msj]

Of course, Google says that they are backing Apple on this.

I withdraw this comment.

Google is clearly walking a line between a politician and a weasel: http://www.slate.com/blogs/future_tense/2016/02/18/why_google_facebook_and_microsoft_aren_t_joining_apple_s_fight_over_data.html

[kimmy]

If Apple loses this case I hope they insist on doing the work themselves and refuse to give the FBI anything that they can use without a proper warrant.

That would be my hope as well... but to me it sounds to me as if the feds are using this case to pressure Apple to provide a skeleton key that they can use any time they want, at their own convenience. "With proper judicial oversight, of course!"^*

* actual oversight may vary.

-k

[kimmy]

It sounds as if the phone was tampered with after it was already in federal possession to make it inaccessible. Does this seem suspicious?

-k

[eyeball]

I remaim convinced that if we souveilled our governments to the extent they intend to surveil us that most problems would simply evaporate.

[Big Guy]

Looks to me like this is becoming a question of who is correct regarding the state of technology:

One opinion is that Apple can create a "back door" software program that will grant anyone access to the phone.

One opinion is that no such software can be created.

One opinion is that the phone can be physically dissected and the data gathered in that manner.

One opinion is that any attempt to dismantle the phone will cause the data to be lost.

I understand very little about this particular issue and how advanced we are. Which (if any) of the above is correct?

[TimG]

Does this seem suspicious?

It seems incompetent. That said, I am not convinced it would make a difference since the stuff on the cloud is protected just like the stuff on the phone according to Apple: https://support.apple.com/en-us/HT202303

That said Apple does seem to claim that the encryption keys are known to Apple for stuff on the Cloud but I am not sure why since they could have done the same thing they did with the phones (maybe to allow users to recover data after forgetting the password).

[eyeball]

Looks to me like this is becoming a question of who is correct regarding the state of technology:

It's much more about the correct way to govern ourselves. With a surveillance state or the other way around where the state is always looking over it's shoulder. The idea that we should be aiming the Telescreens in the other direction, towards the state, needs to go viral.

The inability of people who are governed to control the people who govern us has been the bane of human existence since we climbed out of the trees. The problem looks like its starting to come to a head just about everywhere around the planet now. If we don't get it right, if we maintain the old ancient status quo that is, we'll likely knock ourselves so far back on our ass we'll be there for a 1000 yeas or more.

Edited February 20, 2016 by eyeball

[dre]

It's much more about the correct way to govern ourselves. With a surveillance state or the other way around where the state is always looking over it's shoulder. The idea that we should be aiming the Telescreens in the other direction, towards the state, needs to go viral.

The inability of people who are governed to control the people who govern us has been the bane of human existence since we climbed out of the trees. The problem looks like its starting to come to a head just about everywhere around the planet now. If we don't get it right, if we maintain the old ancient status quo that is, we'll likely knock ourselves so far back on our ass we'll be there for a 1000 yeas or more.

Problem is its the government that would have to implement that regime, and that's a little like hoping the flies will get together and fix the hole in your screen door.

[cybercoma]

It sounds as if the phone was tampered with after it was already in federal possession to make it inaccessible. Does this seem suspicious?

-k

It wasn't tampered to make inaccessible by the Feds though. It was the local government who had access to the phone and changed the password, possibly wiping the phone in the process (I'm not clear on that). This is a case of the left hand not knowing what the right is doing.

[dre]

It wasn't tampered to make inaccessible by the Feds though. It was the local government who had access to the phone and changed the password, possibly wiping the phone in the process (I'm not clear on that). This is a case of the left hand not knowing what the right is doing.

Or the phone wasn't PIN protected, and the FBI grabbed the data, and then set up a PIN so that they could bring this case to the courts in an emotionally charged environment created by this nasty crime, and an environment where the "national security" card can be played, so they can get some fancy new powers to use for whatever they want.

That's what I would do

I wonder if the phone records when the PIN was set, and what the GPS coordinates were while it was set

[cybercoma]

That wasn't it. They changed the Apple ID password for the cloud. That's separate from your phone's PIN. I have an iPhone 6, so I'm quite familiar with its systems.

[cybercoma]

From: http://america.aljazeera.com/opinions/2016/2/fbi-fight-with-apple-is-a-big-farce-to-get-inside-your-phone.html

The device was actually owned by Farook’s employer, the San Bernardino county health department. Given the lengths he went to destroy evidence, it’s highly unlikely Farook would plan attacks using a company device, since it would be reasonable to assume his employer might be monitoring it. The phone was discovered by agents with the “Find My iPhone” feature turned on — a very strange setting to have activated on a device being used to coordinate terrorist plots

It's looking more and more like the FBI takes the public as idiots and are using this tragedy as a pretext to have a master key to everyone's devices.

[Moonlight Graham]

Apple has already provided the FBI with all the data from the iPhone in question.

Do you have a link for that? It wasn't in the OP article.

[Moonlight Graham]

What the FBI/US government is asking massive. To look into one case, they want a master key created that would be able to unlock any of the almost 1 billion iPhones sold throughout the world. To investigate the possibility of outside involvement in that case, they want to risk exposing all those iPhone owners to hacks by criminals and other governments. It also sets a historically important precedent, where any tech company could be ordered by the US gov to create backdoor programs to hack privacy encryption of their products.

Frankly i'm surprised the US gov didn't already have this available to them. Or maybe they do, but by doing this it will be admissible as lawful evidence in court.

Edited February 21, 2016 by Moonlight Graham

[cybercoma]

Ethical issue aside, what are they hoping to find on this work phone that was owned by the department of health? The other phone was destroyed on site during the arrest. Do terrorists really plot attacks on government owned work phones?

[msj]

Do terrorists really plot attacks on government owned work phones?

But but but, terrorists love irony!

It's satire they don't understand (like the regressive left and Charlie Hebdo, for example).

[eyeball]

Problem is its the government that would have to implement that regime, and that's a little like hoping the flies will get together and fix the hole in your screen door.

I didn't say it would be easy, but at least we know there's a hole that needs fixed. That's the first step.

[dre]

I didn't say it would be easy, but at least we know there's a hole that needs fixed. That's the first step.

Problem is that folks on the north end of the authoritarian//libertarian axis want more state power, more surveillance, and a more powerful and intrusive state security apparatus. So your "we" only includes a portion of the population, and pretty much none of the political parties.

And all it would take is one big terrorist attack to turn most of the population into fear-dumb retards screaming for soldiers on the streets and cameras up our asses.

[dre]

Ethical issue aside, what are they hoping to find on this work phone that was owned by the department of health? The other phone was destroyed on site during the arrest. Do terrorists really plot attacks on government owned work phones?

Maybe they don't expect to find anything and just want to win this case and set a precedent that gives them new power and tools from here on in.

Never let a good crisis go to waste!