back to article Apple will throw forensics cops off the iPhone Lightning port every hour

Apple isn't backing down from a move to lock down the iPhone’s data port to increase security for users, even though it means thwarting some of the password-cracking tools used by forensics experts. In the latest beta versions of iOS, Apple includes a feature called USB Restricted Mode, which disables the data connection of …

  1. msknight Silver badge

    Tim Cook...

    Playing a brave game, or a dangerous one? Answers on an encrypted post card to....

  2. karlkarl

    Re: Tim Cook...

    Nope, they are just playing a childish one.

    "I want to be in control mummy!!!"

    Oh well. I am hoping this kind of behavior will help create new laws against locking down shitty hardware in the future.

  3. Joe Gurman

    Re: Tim Cook...

    Rather decent hardware, actually, and it's the FBI and local police departments who are throwing the hissy fits. Despite all the bad-mouthing here, Americans actually do have civil liberties, one of which has repeatedly been defined by the courts as privacy.

  4. Anonymous Coward
    Anonymous Coward

    Re: Tim Cook...

    >Americans actually do have civil liberties, one of which has repeatedly been defined by the courts as privacy.

    Americans only have civil liberties for Americans, if you're not American you don't have any in their view.

  5. Anonymous Coward
    Anonymous Coward

    Re: Tim Cook...

    Americans actually do have civil liberties, one of which has repeatedly been defined by the courts as privacy.

    So why's GDPR such a worry to US data slurpers?

  6. eldakka Silver badge

    Re: Tim Cook...

    Americans only have civil liberties for Americans, if you're not American you don't have any in their view.

    That is legally incorrect, although that might be the view of most Americans, it is not the caselaw.

  7. Alan Brown Silver badge

    Re: Tim Cook...

    "That is legally incorrect"

    Perhaps, but it's the de-facto state of things.

  8. hplasm Silver badge
    Pint

    Kudos!

    I must tip my hat to Apple, for Atomic Level awkwardness security-mindedness!!

  9. Stu Mac

    Re: Kudos!

    Totally gets my support!! mass surveillance is a sop to targeting the minorities who are really of concern. IMHO fork them up as much as you like but leave me TF alone.

  10. frank ly Silver badge

    Just wondering

    "Since cracking the six-digit passcode may take up to 22 hours (or longer for a passphrase), then brute-force methods used by the cracking tools are likely to cease to work."

    Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts? Or did they and the hackers have found a way to bypass it?

  11. msknight Silver badge

    Re: Just wondering

    There may possibly be a way around this. If the phone gets its time signal from the network, simply put it next to a stingray and feed it the same time and date. Might work... depending on how they are counting the hour duration.

  12. Waseem Alkurdi

    Re: Just wondering

    You could also "hack" the RTC chip (theoretically).

    Another attack is done using NAND flashing - in which the chip is backed-up at zero passcode attempts, then the iPhone is bruteforced until it gets locked out, at which the NAND is restored ... Sort of like savestates in an emulator.

  13. detuur

    Re: Just wondering

    I can't imagine that the RTC or NAND being relied on by the Secure Enclave Processor would be vulnerable to external hardware attacks. They are most likely part of the same die as the processor which means it's impossible to access them directly.

  14. DougS Silver badge

    Re: Just wondering

    It isn't clear how Cellbrite et al's PIN finder works, though presumably Apple got their hands on one at some point so you would think they should have been able to fix whatever they were doing to brute force the passcodes.

    This fix is more elegant though, since 99% of the time you haven't entered your password within the last hour even if the cops get your phone while it is unlocked (or force to finger/face unlock it) the USB port will be disabled.

    I have to think that the FBI is going to have a hissy fit about this - but they're going to play it coy and wait for a headline terrorist incident or school shooting investigation that is hampered by this before they do to try again to get the public on their side like they failed to do with San Bernadino.

  15. Anonymous Coward
    Anonymous Coward

    Re: Just wondering

    The whole point of these devices is that do exploit a "hole" in the security and they do get around the 10 tries - and most users probably don't have the nuclear delete option turned on anyway.

  16. DougS Silver badge

    Re: Just wondering

    You don't have to turn on the 'nuclear' option, just use a password instead of a passcode. They wouldn't even try to brute force that, it would take forever.

  17. eldakka Silver badge

    Re: Just wondering

    @frank ly

    Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts? Or did they and the hackers have found a way to bypass it?

    I think that "found a way to bypass it" is implicit in this sentence from the article:

    An analysis was undertaken by Malwarebytes in March that suggested it took advantage of undisclosed flaws in iOS.

  18. Anonymous Coward
    Anonymous Coward

    Re: Onanism

    > most users probably don't have the nuclear delete option turned on anyway

    Most users store and back up everything on iCloud, which is easily subpoenaed.

    https://www.linkedin.com/pulse/how-when-apple-discloses-your-data-law-enforcement-matt-washchuk/

  19. R 11

    Poor DJs. If only there was a technology that could safely allow the output of audio data to speakers and which doesn't require two-way exchange of data exposing the inner workings of the phone?

  20. Dave 126 Silver badge

    In this context the iPhone is usually a control device - iPhones have always had MIDI baked in.

  21. Waseem Alkurdi

    You mean the 3.5mm headphone jack?

  22. graeme leggett Silver badge

    Or the Line Out on the 30pin connector.

  23. Sgt_Oddball Silver badge
    Headmaster

    Bluetooth then?

  24. Dave 126 Silver badge

    So there's three of you who think that DJs use audio out from an iPhone instead of balanced output from a FireWire/Thunderbolt soundcard? Okaaaay

    Some DJs will use an iPhone as an XY control surface (ersatz Kaos Pad) in conjunction with with other devices. Some will even take advantage of its gyros and accelerometers. Either way, its just a control device.

  25. R 11

    I think you misunderstand. A professional DJ can likely afford a dedicated device. Indeed if they're smart, that's exactly what they'd do in case some app gone rogue destroys their set.

    The amateur DJs, be they playing music for themselves, their friends, or another small gathering probably don't have a separate balanced output system. They have an iDevice and speakers.

  26. DougS Silver badge

    Lightning isn't USB

    It can act as USB, but it can also act as Lightning. That is, disabling the USB functionality doesn't have to disable the Lightning functionality, so any sort of digital audio Lightning connection wouldn't be impacted by this change.

  27. jaywin

    So there's three of you who think that DJs use audio out from an iPhone instead of balanced output from a FireWire/Thunderbolt soundcard? Okaaaay

    And here's another, except in my case I've worked with world class DJs and plugged up the 3.5mm jack to phono cable into the mixer for them. Besides, using a balanced out when going into an unbalanced input on a DJ mixer is a bit pointless dontyathink?

  28. Inspector71
    Trollface

    A "real" professional DJ drops the needle on those SL-1200 MkII's.

  29. DougS Silver badge

    Yes, but those using the classic SL1200s (ah, I remember them well from my club DJ days...) will have time coded 12" 45 rpm records for when they want to use a digital source, whether that's off an iDevice, computer, or what have you. Very very few DJs are still 100% analog.

  30. Inspector71

    Agreed but nostalgia apart, there is/was a greater sense of theatre with a box of 12's, a pair of SL-1200s and working the crossfader on an SH-DJ1200. I was a very poor amateur but when you saw DJ Shadow or Z-Trip or DJ Hype do a vinyl set live (as I have several times over the years) it was some experience.

    It's all too perfect today where you can fade in the breakdown to the thousandth of a millisecond and you can pretty much pre program your set. Even the old school DJs who have embraced the digital age still have a little xtra something to my mind as a lot of them still use it in an analog way with all the imperfections that implies.

    I know, I know, rose-tinted.

  31. DougS Silver badge

    Ah well I knew the days of being good with the turntables were numbered when a friend who ran a mobile DJ company showed me his latest toy - a Numark board that had two CD players with pitch control and a "mix" button. It was only a matter of time before the million monkeys took over all but the priciest venues because few patrons can tell a live performance from a computerized or pre-staged one - they might notice a blown mix but 1) not realize it means the DJ is performing live and 2) prefer the "perfect" pre-staged one anyway.

    I never liked re-using the same mixes very often unless they were really something, so I was always doing something different. I'd make cassette recordings for people for $20 for whatever I happened to play during that 90 minutes. It was always fun to listen to the next day, since I was usually so drunk by the time things got really hopping I couldn't remember what I'd played. I learned some of my favorite mix combinations listening to what I'd drunkenly come up with the night before :)

  32. Inspector71
    Coat

    Doug S

    Then came Traktor and then you didn’t even need hardware. Nowadays you literally can “phone in” a set.

    Mine’s the one with a pair of Sennheiser HD25s in the pocket.

  33. DougS Silver badge

    Yep, it got easier and easier as technology continued to progress. I downloaded a DJ app for my iPhone a while back intending to fool around and see what it can do but never got around to it. Maybe this weekend I'll check it out now that its top of mind again.

    The ironic thing is that while I correctly assessed that being a skilled DJ would matter much less when computers could do the job for you, I totally missed that a small number of DJs would be able to make millions of dollars a year in the future. Not that it would have helped me had I chosen that as a career path - it isn't about skill it is about star power. Unless Paris Hilton really is such an amazing DJ that she's worth $300,000 for a night's work!

  34. Inspector71

    It's less DJing now and more live "producing" now that you can essentailly have a complete recording studio on your MacBook. Layering not just effects but actual instruments over the tracks and then doing the mixdown live as you go. Be it automated or manually tweaking it with a controller. The next step is no doubt going to be an AI DJ. (shudders)

    In the end the real skill of a DJ is not being able to put together a seamless mix or knowing where exactly to place the drop or being able to scratch 3 decks at once, it's simply about choosing good music to create a mood as it always has been. Be it in a hip club at 2.00am or your cousin's wedding.

    Right I'm off to Discogs....

  35. Anonymous Coward
    Anonymous Coward

    Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    Because the tool works by replacing a JLE with a NOP - so you can't count failed attempts.

  36. Anonymous Coward
    Anonymous Coward

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    Would that prevent the option of incrementally increasing the delay between incorrect password attempts?

  37. Milton Silver badge

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    I still think there is nothing better than a 10—12-character alphasymbonumeric passcode. The Adversary can try a million times a second for half a billion years and see where it gets him.

    I won't rehearse the passwords again because I've said it here before. To summarise:

    • Make up something ridiculous, non-dictionary and memorable because you can say it—like "sq8-Ed2ph01e" (squat-ed-to-foal)

    • Make up a nemonic if you need to, e.g. a short fat guy called Ed having a baby horse: hard to forget that image once you've pictured it

    • The Adversary has 12 random (to him) characters, each from among about 70 possibilities if you include upper/lower alpha, numeric and a few symbols

    • That's 13,841,287,201,000,000,000,000 combinations

    • To go through half of those at 1 million/sec would take just under 439 million years

    I agree the system should introduce progressive latency after X failed attempts, but even if it doesn't, you can easily create a passcode which is (a) unbruteforceable and (b) resistant to errors by Apple and weaknesses in its hardware.

    And Reg: FFS get a less hopelessly incompetent Captcha system.

  38. Charles 9 Silver badge

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    Now repeat it over and over and you start asking, "Now was it correcthorsebatterystaple or donkeyenginepaperclipwrong?" Even with mnemonics you can get mixed up, especially if you start mixing up mnemonics.

  39. karlkarl

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    How did they patch the binary at that level? Surely they could just keep on patching and NOP out the entire password check? ;)

  40. Anonymous Coward
    Anonymous Coward

    Re: Surely they could just keep on patching and NOP

    because you need the password to unlock the main memory - it's used to generate a unique key.

  41. Tikimon Silver badge
    Thumb Up

    Easy good passwords, here I go again...

    Apologies if you've seen me bang on about this before. I figure every time it's new to a few more people. It just WORKS! My most clueless users do this with no problem.

    Start with a sentence you can remember. SAY IT to yourself silently, and type every first or second letter (depends on length). Capitalize the first letter, add punctuation at the end. This method means it's not necessary to actually remember the password itself! There's no need to remember which letters were changed to what. It's stupid easy.

    Example: "What we've got here is failure to communicate" (Cool Hand Luke) becomes

    "Whwegoheisfatoco..."

    There are no numbers and limited symbols. However it's a random string of letters that real people can actually remember and use. If there's an easier way to remember random-ish passwords, please share!

  42. Lee D Silver badge

    Re: Easy good passwords, here I go again...

    Quite.

    Choose a password that isn't brute-forceable. You then never have to worry about someone brute-forcing it, or changing it either (it's now considered BAD advice to enforce regular password changes on users ).

    To paraphrase the XKCD that we all know, after 20 years of effort we've trained everybody to use passwords that are easy for computers to guess and difficult for people to remember.

    The only thing that matters in a password in length. That's it. Not even complexity. A long a-z-only password beats out a short, complex password basically EVERY TIME, sometimes by factors of millions or billions.

    M to the power of N is much more heavily influenced by N (the number of characters in the password) than by M (the number of possibilities for each character). You don't need to get far out of stupid-password territory (8-10 characters or so) for it to always be true, even if someone decides to use the entire Unicode space as possible characters.

    And if you have a password that's not brute-forceable, you don't have to worry about someone attacking your number of password attempts per second (whether time-outs are incorporated or not) past the fact that they would DoS you in even trying a million combinations a second.

    Seriously, stop it and use real passwords. And avoid services that refuse to let you use longer passwords (HSBC banking stops at 12 characters, I believe) and/or which enforce ridiculous character sets on you (Apple iTunes accounts are terrible for this).

  43. badger31

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    @milton - Oh hell, no! That's a shitty password; impossible to remember and a pain in the arse to use. I'd rather take my chances with pa55word~

  44. mark l 2 Silver badge

    Re: Easy good passwords, here I go again...

    A long password with an uncommon symbols such as µ or » make it super secure as most brute forcers only tries common symbols available on the keyboard plus numbers and letter so would never crack it even if it were left running for 100s of years.

  45. Jonathan Richards 1
    Go

    Mixed mnemonics!

    Ha! As the years advance, I have adopted a mnemonic I'm never going to forget: it's for the password ErR,'avI'ad-me-d1nner_y3t?

  46. Omgwtfbbqtime Silver badge

    Re: Why didn't they operate a 1 hour lock-out after five (or whatever) failed attempts?

    I think i would stick with !d0ggggggggg as my 12 digit password or something similar.

    Easier to remember without writting it down and still a random target for the hacker to find.

  47. Anonymous Coward
    Anonymous Coward

    Re: Easy good passwords, here I go again...

    Not quite correct, if the password is alphanumeric and an actual word or combination of words, dictionary based attacks drastically shorten the time to "guess". If a single word length is possibly even a negative as the number of words at a given length reduces past beyond about 8 letters. Combinations of words are harder but still have the drawback of being drawn from a very limited subset of the possible combinations of words.

    Using first letters of words from phrases also has weaknesses as the letters are drawn from typically a very limited subset of possible combinations. If the pass phrase is long enough this may be mitigated, but only truly random combinations require random searches and are subject to the combination rules.

    And of course "truly random" combinations are very much harder to remember.

    Just FWIW

  48. doublelayer

    Re: Easy good passwords, here I go again...

    Technically true, but usually it won't work. Most systems will disallow things other than plain ASCII. Unicode and in some cases extended ASCII is out. In fact, there was one system I had to use that blocked a password using the question mark (?) symbol. Actually, it sent the password in but chopped out the question mark first, such that the original password would not work but the one with the mark excised would. Great job there. Rather than allowing a system to get confused, I tend to go for length plus a few punctuation marks; that way, nobody can just brute force the alphabet to get it.

  49. Mr. Flibble

    Re: Easy good passwords, here I go again...

    Which is fine unless you have to use foreign keyboards regularly, and then it becomes a bloody nightmare.....

  50. Doctor Syntax Silver badge

    Re: Easy good passwords, here I go again...

    "What we've got here is failure to communicate"

    Or was it "a failure"? or did I expand "we've" to "we have"? So many things to remember...

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018