Just heard James Comey, the Director of the FBI, testifying in front of Congress regarding the contretemps between Apple and the FBI about opening up the IPhone of the San Bernardino terrorist ... hoping to find more about possible further plans or accomplices. The interesting aspect of this testimony was that the FBI was not just asking for the simple solution of providing it with the access code (which I previously suggested that they do) but the FBI wanted Apple to disable two functions in this particular IPhone:
- the function that erases everything in memory after ten tries at entering the access code, and
- the function that requires a few second pause between each attempt at entering this access code (thwarting super-computer attempts to try every possible combination)
Now, to me, this request is an around-the-barn way of getting into this particular IPhone vs. my previous recommendation and suggests that the FBI has its eye on bigger fish to fry in the future ... and is probably why Apple is pushing back.
However, Apple's Tim Cook's riposte that all security mechanisms would be futile in the future if Apple relented in this instance is also a little disingenuous. Why not just offer to provide the access code in this instance in the manner I had suggested? And then see what happens.
10 comments:
What I am hearing is that an update can be applied to a locked and encrypted phone. As the hardware ID is (1) embedded in the phone, (2) not revealed to the user at any time, (3) is part of the encryption key, an update that forces this specific hardware id to set its unlock code to a specified value could enable entry.....
... but to what end? Apple turned over six week old cloud backup data unencrypted, the perps notebook and PC likely have lots of info, and the phone service providers have call records.
The bigger issue is that the FBI has a dozen otherlocked phones. And then we start to slide. Many police departments have locked phones that are related to crimes that do not conjure terrorism. How many lawyers on either side of case want to know what's on a phone? It gets slipper...
What do you do when when Putin hands you 50 phones to crack? Or the leaders of China or North Korea or Pakistan for fuzzy reasons that dissenters are fomenting revolt.
Then what does Apple do? Have a Board of Arbitration that decides whose request is worthy and legitimate? Or it gets out of the box entirely such that you drop a phone off at a booth in the mall to get it cracked.
What would be big enough to really push this over the top? Well, you gotta think that if the current iPhone technology were pervasive in 1962, Lee Harvey Oswald's cell phone data would be damned interesting.
Please read the afterward on the first Apple vs. the FBI for how Apple bends over for China
Reflecting on this a bit, the pilots that flew the planes into the Wold Trade Center were so methodical in their planning that there really (AFAIK) isn't much more to know about them or their motives.
That is described as being very different. It is unclear whether they revealed anything about "spyware"... whatever that would be. Accepting that cloud backups are probably best kept with each nation is a good idea... we really do not want their user's data. And I assure you that no source code or architectural designs left Cupertino or ever will. None of this expresses cracking an individual user's device. Apple did not bend over for China IMHO, they just assured sovereign status. Trust me, the Chinese are not cracking locked devices.
For more on same see: http://www.latimes.com/business/technology/la-fi-apple-china-20160226-story.html
Post a Comment