FBI: 1 Apple:0. The iPhone has been cracked

[Something Amyss]

I'm still shocked the FBI had such a hard time with this. Considering their equipment and how many security experts they have, you'd think it would be a breeze.

Basically, what AccursedTheory says here:

Not sure exactly how this was an FBI win. The FBI wanted a one stop skeleton key that would unlock every Apple product ever made or to be made. What they got was a security exploit from a third party that will likely be found by Apple and fixed within months.

It's basically just a return to the status quo - Hackers, whether it be people looking for your credit card information and personal nudes, or governments looking for terrorist data, are hacking into phones, and electronics manufacturers continue to try and plug the inevitable security leaks. Sounds like a draw at worst, and a win for Apple at best.

In fact, it seems like a win for all of us. A win against Apple could lead to other companies being required to do the same. That would mean that all our data would be left purposely vunerable to aid the FBI in "terrorist" cases, and I use scare quotes because we've already seen people who would like to use it for more so it's not even the tiniest of stretches here. I mean, I don't give a crap about Apple products personally, but such a precedent is dangerous for privacy. Especially since that would mean if anyone else got such a key, it would compromise security unilaterally for the company.

Yeah but who cares enough to remember and do something about it?

The funny thing is how little we trust the government and how willing we are to do much of anything to repair the system.

 

[The Enquirer]

I'm more worried about the legal precedent. There isn't one because there wasn't a court case. If this went to court and Apple won, that would have been the legal precedent. I'm willing to bet that there were doubts about an FBI victory in court so they may simply be saving the lawsuit for an opponent they feel they can beat.

So I may consider this a long term, yet to be fully determined, loss.

As per the OP: I don't know how the FBI cracking the phone would be considered a victory for them. Everyone with half a working brain had their suspicions that they would somehow get access to the information on the phone. Really, as a few others have stated, it's a Pyrrhic victory. The FBI got what they wanted but it'll only be a matter of time before Apple sends them back to square one.

 

[Callate]

Most of the analysis I was hearing through news on the radio was portraying this as lose-lose. The FBI gets asked why they weren't aware of the methods they could use to crack the iPhone when they were declaring in court that only Apple could provide them with what they needed; Apple gets asked if the iPhone was really as secure as they were declaring if it was able to be cracked by a third party.

 

[DoPo]

They weren't asked to make a generic backdoor, they were asked to adjust one phone to gain access

Those two are the same thing. Apple WERE asked to make a generic backdoor.

 

[Sampler]

They weren't asked to make a generic backdoor, they were asked to adjust one phone to gain access

Those two are the same thing. Apple WERE asked to make a generic backdoor.

it was a custom firmware to be signed to the serial number of the device, which they could load in house to minimise risk of code leakage. That is very different to a generic backdoor baked into the software.

 

[Nemmerle]

If they had to pop the top off a chip or something like that it's dramatically different from having a software exploit that does the same sort of thing in the end results.

More importantly however Apple were not compelled to compromise the security of one of their devices. They might yet be compelled in the future, but in so far as this weakens the argument that doing so is necessary it serves as some weak security for future improvements they might make or may previously have made on that front.

 

[FirstNameLastName]

Yeah, this isn't really a loss for Apple, or a victory for the FBI.

I mean, does anyone seriously have confidential data in their phone of all things, not a static computer, but a small device that is carried everywhere.

Yes. Any data I have not granted you, or anybody, access to is, by definition, not for you, or anybody, to have access to.

This might seem like the pettiest of all petty quibbles, but the sheer amount of commas in that sentence make it extremely awkward and unwieldy.

Welp, we're fucked if they can repeat the process with every iPhone and Android phone out there.

Not really. The fear was never that the FBI would break into our house, take our phone and attempt to hack it; people were concerned that a backdoor for the FBI is a backdoor for everyone.

 

[Nemmerle]

it was a custom firmware to be signed to the serial number of the device, which they could load in house to minimise risk of code leakage. That is very different to a generic backdoor baked into the software.

My understanding is that what Apple is being asked to do is create a boot image that can be loaded onto an external hard drive. iPhones don't trust images not signed by Apple on that front and Apple could make the image to only work on one device by authenticating against a device ID.

The concern that one would have there is once Apple created this vulnerability they would be obliged to use it in future cases. Which would be trivial to do regardless of whether they signed the image they provided in this case to authenticate against a single device or not. Once the software exists you resign as needed. Their defence against being required to do so is strongest before that ability exists.

 

[CrimsonBlaze]

I understood and respected Apple's position to not aid in weakening their encryption or provide a 'Master Key of Unlocking', even to aid the FBI, in order to avoid undermining their security.

I also feel for the FBI's strong stance to force Apple to help them solve crimes despite undermining Apple's security in the future.

All I can say now is that Apple can't expect the FBI to give up how they did it on the grounds of solve a possible 'security flaw.'

Apple didn't help, so the FBI went another route. Now that the FBI got what they wanted, Apple can't expect to them to blab on their success.

 

[Einspanner]

I understood and respected Apple's position to not aid in weakening their encryption or provide a 'Master Key of Unlocking', even to aid the FBI, in order to avoid undermining their security.

I also feel for the FBI's strong stance to force Apple to help them solve crimes despite undermining Apple's security in the future.

All I can say now is that Apple can't expect the FBI to give up how they did it on the grounds of solve a possible 'security flaw.'

Apple didn't help, so the FBI went another route. Now that the FBI got what they wanted, Apple can't expect to them to blab on their success.

These aren't children on a playground, that's not how it works. There are laws and regulations, and the FBI is EXPECTED to divulge the security flaw.

 

[Serio]

It's not a win for either side, honestly. Apple aren't getting anything out of this, and the FBI may have damaged their public image by dragging them to court over it. It's just a game of whack-a-mole right now. The FBI tracks down one security hole; Apple finds it and patches it. That is, until either party concedes.

 

[Dragonbums]

Well, it's official. The FBI managed to crack the iPhone without Apple's assistance, and has dropped the case in court, citing help from an independent party to do it

http://www.bbc.com/news/world-us-canada-35914195

John McAffee hasn't said anything yet, but some theorize he's the one who helped the FBI, because of his public proposal a few weeks early.

What do you think?

I mean, of course the FBI could crack it if they really wanted to. The thing is is that they wanted to bully Apple and in the future other companies into doing it and making backdoor access easier for them.
I'm glad with the outcome. Make them fucking work for it.

 

[Laughing Man]

A lose of Apple,

It was actually Apple that used the word Backdoor first in a response statement to them being asked to wipe the number of attempts to unlock an Iphone before it deletes the data. All the FBI wanted was a system that would give them more than ten turns so they could brute force the unlock code. The word 'Backdoor' gives the impression that all you do is plug something in to the phone and bam all your data is now someone elses and I suspect that Apple chosen to use that word in their statement specifically because of that impression. What worse is Apple could have helped, and then burned the data in house or patched the feature out at a later date.

However Apple they decided that with civil liberties and the government peaking in to our day to day lives being such a buzz headline grabbing story as of late they were going to milk this publicity cow for as much customer positive feedback as they could generate and now it's blown up in their face.

No we won't help the FBI in a controlled way that gives us full understanding and the ability to fix the exploit used at a later date instead we will take the moral high stance and then go begging the FBI to tell us how they finally broke in to our product.

http://www.latimes.com/business/technology/la-fi-tn-apple-next-steps-20160330-story.html

 

[CrimsonBlaze]

I understood and respected Apple's position to not aid in weakening their encryption or provide a 'Master Key of Unlocking', even to aid the FBI, in order to avoid undermining their security.

I also feel for the FBI's strong stance to force Apple to help them solve crimes despite undermining Apple's security in the future.

All I can say now is that Apple can't expect the FBI to give up how they did it on the grounds of solve a possible 'security flaw.'

Apple didn't help, so the FBI went another route. Now that the FBI got what they wanted, Apple can't expect to them to blab on their success.

These aren't children on a playground, that's not how it works. There are laws and regulations, and the FBI is EXPECTED to divulge the security flaw.

I'm 50/50 on if it is actually a security flaw. My money's on either a former Apple employee/enthusiast took it upon himself to help the FBI or that a team of hackers came up with a method to bypass the encryption rather then exploit or weaken it.

 

[Einspanner]

I understood and respected Apple's position to not aid in weakening their encryption or provide a 'Master Key of Unlocking', even to aid the FBI, in order to avoid undermining their security.

I also feel for the FBI's strong stance to force Apple to help them solve crimes despite undermining Apple's security in the future.

All I can say now is that Apple can't expect the FBI to give up how they did it on the grounds of solve a possible 'security flaw.'

Apple didn't help, so the FBI went another route. Now that the FBI got what they wanted, Apple can't expect to them to blab on their success.

These aren't children on a playground, that's not how it works. There are laws and regulations, and the FBI is EXPECTED to divulge the security flaw.

I'm 50/50 on if it is actually a security flaw. My money's on either a former Apple employee/enthusiast took it upon himself to help the FBI or that a team of hackers came up with a method to bypass the encryption rather then exploit or weaken it.

While those things are possible, it's unlikely that they'd have emerged in full form within a couple of weeks, rather than months to a year. Far more likely is that they did what they always had the ability to do, and that's clone a bunch of NANDs to bypass the 5x limit.

 

[CrimsonBlaze]

I understood and respected Apple's position to not aid in weakening their encryption or provide a 'Master Key of Unlocking', even to aid the FBI, in order to avoid undermining their security.

I also feel for the FBI's strong stance to force Apple to help them solve crimes despite undermining Apple's security in the future.

All I can say now is that Apple can't expect the FBI to give up how they did it on the grounds of solve a possible 'security flaw.'

Apple didn't help, so the FBI went another route. Now that the FBI got what they wanted, Apple can't expect to them to blab on their success.

These aren't children on a playground, that's not how it works. There are laws and regulations, and the FBI is EXPECTED to divulge the security flaw.

I'm 50/50 on if it is actually a security flaw. My money's on either a former Apple employee/enthusiast took it upon himself to help the FBI or that a team of hackers came up with a method to bypass the encryption rather then exploit or weaken it.

While those things are possible, it's unlikely that they'd have emerged in full form within a couple of weeks, rather than months to a year. Far more likely is that they did what they always had the ability to do, and that's clone a bunch of NANDs to bypass the 5x limit.

Yeah, I believe that's what happened. With this method, the FBI treads on mid ground, bypassing Apple's encryption without actually crippling it. This way, the FBI can just muscle their way into trying every code possible rather than flat-out exploiting a security flaw, which realistically, they're always going to exist with or without the federal government twisting Apple's arm.

 

[Laughing Man]

Except that cracking the phone was never in doubt, and never what the FBI wanted. They wanted either a golden key, or a precedent to have Apple allow them to covertly unlock a phone.

Did they? Who said that? My understanding was that the FBI wanted Apple to disable the limit on unlock code attempts so that they could then brute force the phone without risk of erasing the data. Not sure where this golden key, by passing all encryption non sense came from?

'As such, the FBI is using an archaic law from 1789 called the "All Writs Act" to demand Apple's help: The bureau wants Apple's engineers to create a new version of iOS, specific to the iPhone 5c, that would circumvent security and allow an iPhone to be more easily broken into using what's called a "brute force attack" ? trying the passcode over and over again until the right one is found.'