Former US anti-terror chief tears into FBI over iPhone unlocking case A former counter-terrorism chief has laid into the Feds over its ongoing Apple iPhone battle – saying FBI director Jim Comey is exaggerating the need for access and that if agents really wanted into the phone, they would just send it to the NSA. Richard Clarke was national security advisor and head of counter-terrorism to …
He confirmed a couple things a lot of us commentrolltards have been speculating about here:
1. If the FBI really wanted the data from *that* iphone, they (or NSA) could simply remove the flash chip like those Chinese supermarket phone repair guys in the youtube videos, copy the data, and brute-force the password, limited only by available compute power.
2. Raping the Constitution is the real goal.
1. No. They'd hack the hardware, possibly reading the security key from the processor with electron microscopy, side channel attacks etc. Brute forcing AES256 is limited "only by available compute power" but you couldn't fit the required compute power into the visible universe. There may be another way to break it but it isn't brute forcing.
2. Yes.
They'd hack the hardware, possibly reading the security key
For a 4-8 digit (digits only) PIN? Gimme a break. That can be brute forced on a desktop PC once data is available. It is simply a matter of sourcing the data and it can indeed be done by taking the flash out and reading it off-line.
For a 4-8 digit (digits only) PIN? Gimme a break. That can be brute forced on a desktop PC once data is available. It is simply a matter of sourcing the data and it can indeed be done by taking the flash out and reading it off-line.
Yawn. Read El Reg passim to work out why that isn't feasible as I really cannot be arsed to explain it for the nth time.
My understanding of the system Apple is using , and I may be wrong so bear with me, is that the iPhone has two numbers that are used to generate the decryption key needed to get at the user data in the flash.
One part of the key is the 4-6 digit PIN set by the user, the second is a larger key that is stored in a single chip in the iPhone. The key in the chip is generated once when the chip is made, randomly and there is no record kept of that key. If the key in the chip is erased then its game over.
When the user puts in their PIN the OS hands the PIN off to the chip and the chip hashes the PIN with the larger key it has in its internal flash. The OS never gets the key in the chip. The chip then passes the hashed value back to the OS and the OS uses that to try and decrypt the user flash storage. If the OS can't decrypt the flash it asks the user to re-enter the PIN, with the delay between attempts getting longer each time, and if you enter the wrong PIN 10 time the hidden key in the chip gets erased. And then its going to take until the heat death of the Universe to decrypt the user flash.
I believe, guessing this part actually, that the 10 count is done in the chip, the OS just signals the chip that it got the right PIN and was successful in reading the user flash and the chip resets its attempt counter. So the only way to prevent the chip from erasing the hidden key is to hack the OS so it never signals the chip that the PIN was wrong.
So what the FBI wants Apple to do is;
disable the delay between the PIN entry attempts
keep the OS from telling the key chip that the PIN was wrong so it doesn't increment the fail counter
add an I/O channel so the PIN can be entered using something other than the phone's touchscreen
Have the OS signal a successful decrypt over some I/O channel so the system brute forcing the PIN will know to alert the operators
and finally Apple has to sign the new binaries with there private key so the FBI can load the hacked OS into the iPhone's firmware.
If Apple does those then the FBI can brute force the 4-6 digit PIN with a 286 running a script in a few days/weeks depending on the how many attempts per second can be carried out. And then the FBI would also have the legal precedent of using the "All Writes Act", which is NOT a warrant as defined by the US Constitution to force Apple and other companies to provide the Feds with access to a users encrypted data.
I might be totally off base with the above but I think I got the gist of it right.
> I might be totally off base with the above but I think I got the gist of it right.
AFAIK you are mixing up two designs.
The iPhone 5S has the "secure enclave" chip, which contains a generated secret key to decrypt the data. The only way to get at that key is to pass the correct PIN to the secure enclave. Pass 10 wrong PINs to the chip, and it will destroy the key rendering the data inaccessible. The security is enforced by the hardware, regardless of the OS. The only way to get at the key is to enter the correct PIN or try to extract it by cracking the chip open in het hope that you can figure it out using electron microscopy and such. Brute forcing does not help because the encryption key is generated randomly, so you need to work your way through the whole key space which is mindbogglingly huge.
The iPhone 5C does not have the secure enclave chip, so iOS mimics the functionality in software. In that case, the (randomly generated) decryption key for the data is stored somewhere where you can read it directly (I'm assuming in the flash, but I may be wrong on that), encrypted with the hash of the PIN code. So if you want to decrypt the phone, you enter a PIN, iOS uses that PIN to decrypt the decryption key, which in turn can be used to decrypt the data on the phone. iOS keeps count of invalid PIN entries, adds a timeout after each entry and erases the decryption key after 10 consecutive invalid PINs. This is all done in software, which means that you can turn it off. To brute force your way in, you need to extract the encrypted decryption key, and try to decrypt it with all possible PIN entries to see which one sticks. This is trivial.
In this case, the iPhone 5C is used, which means that forcing your way in should not be that hard provided you have access to the data on the flash. The security experts are all implying that it is not rocket science to read the data from the flash and just decrypt the phone contents, it is well within the capabilities of the NSA, if not other agencies or even companies.
The point is that if the data on the phone was really that important for national security, it would have long been decrypted and analyzed. Now the FBI are just using it as emotional blackmail in the hope of establishing precedent compelling technology companies to give access to that data.
Maybe. Or maybe not.
What do you prefer? Criminals and their accomplices are found secretly by the NSA (and only if the NSA is interested, some ugly crimes don't bother the NSA at all) and sent to the nearest Guantanamo (or eliminated) without a trial (just because they are suspect enough), or evidences found under a valid warrant are brought to a court where people can defend themselves publicly, and only if find guilty by a a jury people are sent to a jail?
I'm sure the NSA & friends prefer the former - almost no accountability, the menacing power of "you don't know what we know".
Even Apple is asserting the former is better because it doesn't touch, it even favour, its business.
I don't like it.
But I believe too the FBI used the wrong crime for its request. An ugly one without NSA interest would have changed many cards on the table. Terrorism scares politicians more than the average people. Other crimes touch them more closely. Funny, anyway, people will defend the NSA to favour Apple... and I'm also quite sure the NSA can make Apple some secret proposals Cook can't refuse... but of course what's important is just good PR.
@AC
by your reckoning, the NSA is the problem by conducting secretive operations without proper judicial oversight. That is what this whole issue is about, proper judicial oversight of requests made by the government and her enforcement agencies.
@ Morzel
almost right,
the issue is that the 5c records attempts in software which can be tampered with by doing as the FBI propose without first authenticating to the device, the 5s and above record attempts in the hardware chip which are immune to this attack as changes to what happens after x attempts can only be made once the user has authenticated.
I would expect pass/fail determination and counting, and encrypt/decrypt to all be in hardware both for speed and so that no part of the process can be hacked from software. That only leaves hardware vulnerabilities and techniques such as chip shaving but I would have expected the chip designers to have designed so as to make that difficult. There is a lot of money tied up in both providing and breaking DRM systems so making it as difficult as possible to break the security has had a lot of effort.
If is even conceivably possible to break security using a custom OS then the design is inadequate. The OS can provide another layer to protect against hardware flaws but the hardware should be designed to be secure without additional software.
I'd go a bit further and say they want to own everything on the Internet. A lot of us have saying (and getting DV'd for it) that this case is solely about the precedent.
I need to go shoot the toaster as it seems to be telling the FBI everything that goes on lately.
On the other end, probably the NSA doesn't want to lose some of its power and budget. If a court order is enough to access a criminal device, the NSA will lose some power, and may find difficult to assert it needs to access *any* device. It could be also some internal fight among three letter agencies, the FBI may not like to be forced to ask the NSA access (and be told only what NSA allows...), while the NSA may not like the FBI uses some information in public trials, and may prefer to keep everything secret as it usually likes.
... Gothic ITALIC NARROW font in various random point sizes from 2 to 72 point ...printed with fugitive ink ... in light yellow on light green mottled paper ... of varying sizes ... with Rounded Corners (TM) ... a random selection of portrait and landscape ... well shuffled ... without page numbers ... then cross shredded for security ... after use in the cat litter box for a fortnight ... well fermented and delivered in a closed welded shut container ... after being compressed into an effigy of excellent likeness to the addressee ...
Further options no doubt available.
I'm told fermentation can generate considerable heat >>
I have no love for the NSA whatshowever, but I do find their rather underplayed attitude of : "Dear FBI, could you pull your head out of your arse, and maybe ask us Mandated Professionals for this kind of thing, because we, y'know... are supposed to be able to do that and all.., and may already have a solution to your problem." quite hilarious. Internecine warfare at its best.
Barack Hussein Obama is an Al Qaeda cell.
The Clinton and Kennedy mafia put him in charge of the US in the White House and people on drugs voted for him just for the colour of his skin.
Trump is Clinton supporter and trojan horse virus so the Clinton mafia rules.
So the US is under muslim terrorist control.
That is what is really going on.
That's that English Sounding Cunt who tells Americans How Stuff Works..
https://www.youtube.com/watch?v=zsjZ2r9Ygzw
The uploader has not made this video available in your country.
Good Fucking Job Too. Do not need traitorous twats like John Oliver subverting passage of the Investigatory Powers Bill through the UK Parliament.
Pssst, anyone managed to blag a copy?
Obviously it's just for the giggles so I can read when he tries to get back into the UK and Ms May gets someone else to shove a huge rubber glove up his arse and inflate it with an air hose whilst someone else kicks his computers about the place for a couple of hours in 'immigration control'.
Fuck me... Watching John Oliver is harder than pledging allegiance to ISIS.. I'll get back to me home made bombs.
Here you go...
Let's go via Russia and Turkey... You know... Those countries that fuck over their people, their internet and their journalists.
http://spys.ru/free-proxy-list/TR/
185.81.155.59 3128
So... I cannot watch 'The Traitor' John Oliver via my ISP in the UK, because 'the uploader has not made it available in my country', so I have to use a Turkish Proxy found via a Russian website in order to gain access.
It makes me fucking glad there are citizens still alive in regimes more oppressive than the UK/US who are kind enough to provide such a service. I may have got the gladness of that one wrong... go bomb some Kurds so I can get better Internet Connectivity.
Sometimes it is just easier to do something - and NOT ask for forgiveness (NSA) - than going the legal route and ask for permission (FBI).
Look at all the media attention you have created.
The NSA will help cracking the phone this time, but only if Comey asks politley and wears a woman's dress while doing so.
They give the phone to their computer forensics lab (which they have), the lab unsolders the chip (which they can), they run a brute force cracker on the possible PIN combinations (digits only, most likely under 8), which they also can. You can do that on a fat enough desktop for crying out loud.
They give the phone to their computer forensics lab (which they have), the lab unsolders the chip (which they can), they run a brute force cracker on the possible PIN combinations (digits only, most likely under 8), which they also can. You can do that on a fat enough desktop for crying out loud.
The data is keyed to a chip in the phone which has a code unique to that phone (consider it a salt, although it's a bit more complex than that). If that chip goes, so does the data, so they can't just fool around with it because it's a 10-shot max unless they find a way to back up the one variable that this battle is about: the chip that holds the master keys to the crypto stores in memory. Without that chip, it's no longer a 4..8 digit PIN, it's a full AES256 key space.
If it was easy they would have done it already. Not that that is the real goal of this debate, but the issue IS complex.
I feel a right smug bastard now for every single comment I made that was down voted about the NSA already having this ability and that this whole thing is just theatre.
Feel free to down vote if you still disagree or think I'm being a petulant arsehole though to be fair, I have on many occasions been down voted for my own stupidity, which is a good thing.
AC "...the NSA already having this ability..."
RC "Every expert I know believes the NSA could crack this phone."
Well, it's not been proven. Yet. But based on inductive reasoning and history, it's very unlikely that the iPhone 5c is going to be wheeled into a museum as the first perfect example of uncrackable hardware. There are plenty of people, of the sort that make presentations at CCC Conferences, that could very likely find an opening.
Thing is, Richard Clarke has been extremely, outrageously, wrong before.
But this time he's likely right.
As is our AC "smug bastard". :-)
It's about legal precedent rather than pure theatre.
It's just the usual LEO being a fuckwit problem. The "we're the good guys, we need to do this thing that would be illegal otherwise because of bad people" that is the thin end of the wedge to shooting and torturing innocents because they are "probably bad 'uns".
Hence why there's all this FUD about "for this phone and this phone only" and expanding All Writs to include *anything* a company can be made to do. It's entirely for the legal precedent, so that protection of the elites, I mean the people, can be carried on most effectively.
If they *really* needed info from this phone, it would (or has been) already accessed by those agencies that are less worried about chain of evidence or court approval. Maybe something has been found, so that now a chain of evidence that can be publicly revealed must be produced.
Of course, the fact that as soon as one enforcement agency has precedent for this, ALL enforcement agencies, of all governments, have the same rights. If the FBI is allowed a custom image for cracking phones, then so is the FSB.
You can be a stupid petulant arsehole and still be correct. :)
To me the subtext of Mr. Comey's statement is "If the FBI get their way then the world will rapidly fill up with aftermarket encryption which will make our work much more difficult. (How can we tell them to shut up and back off without blowing our hand?)"
I'm unhappy about giving the FBI more power. Although their job is nominally law enforcement they have a historical function similar to other state security police -- they identify, track and neutralize threats to State Security. Since this has historically included anyone that the director didn't like personally (and included such terrorist leaders as Martin Luther King) this is not an agency you want running around unless its on a very short leash.
There is also the little problem of the NSA displaying its capability which may cause criminals to change what they do. If they switch to one-time pads (the oldest method ever for crypto) that valley of expensive room heaters isn't going to help either.
I've dealt with US provided information, and the first thing you run into is that what you get is always deliberately degraded so you don't get a sense of true capacity of whatever they use to generate the data. Yes, they are not stupid.
As anyone who has studied their code-breaking history (or read Cryptonomicon, although I suspect there is a strong correlation between those two conditions) can attest, there are actually attacks against OTPs when they are actually used in the real world. Though probably less so today since it's easier (but still not easy) to generate proper random numbers nowadays.
OTP Maker:
Hardware noise source. FFT to ensure it's flat white noise. Hashed-slice, invert and trivially shuffle the bit string at several scales to ensure it's not biased. If you're still worried, XOR it against another separate hardware noise source. Be very cautious of PS noise on analog side. The resultant bits should be nicely random, but review claimed randomness at this point. Electronics only several cubic inches so far. Break up the random bit string into one kilobyte files. Write the same files to two TB-class drives, or as required. Filenames can be uniquely hashed-sequential. This entire hardware OTP Maker is visually indistinguishable from a two-slot SATA disk copier. Might take a week or more per TB.
Each drive is a TB-class OTP, should be enough for anyone. Still need to physically distribute the OTPs. When any 1 kB file is used by Alice and Bob as a OTP, securely wipe that file immediately. Air gap the encryption and communications functions of course. Beware SSDs with their hidden sectors. Beware HDDs leaving 'physics' traces behind. Beware drives containing processors (they all do, but not another TB of processor 'hidden' non-volatile of course). Still, thermite the drives at end of life.
OTPs are good to transmit relatively short messages, so you can destroy your side key once sent, and what is left doesn't leak anything about what was used previously.
To protect stored data they are not so useful - you need a key as long as the data, and you need to keep that key available to access data, so you need to still protect it - you would end with just a long key encrypted with a shorter one, you're going just to add a mostly useless step.
You should not also reuse an OTP twice (the "one-time" part), and local data may be instead modified over and over, and backups would then lower security.
Spin off a subsidiary that's incorporated outside the US (exactly where is a question for their lawyers to ponder) that owns the signing keys.
"Sure, we can provide you the source code subject to the usual NDAs, but we can't provide you the signing keys, we don't own them"
It would complicate the process of signing code if they had to ship it off to a little office in Vanatu or wherever to get that done, but that's preferable to allowing the government to hack up their own versions of iOS. Then they really would be able to subvert the security of any iPhone in the world! But I'm sure they'd assure us it would only be used in the presence of a lawful court order - just like the "lawful" court order that enabled the NSA to create PRISM...
You know as soon as it does it, it's a foreign company no longer protected by US law? And thereby even less protected than they are now? Try to place a complain from Vanatu "the NSA stole my keys!". And it could be even easier to find a US judge that allows the stolen keys to be used in the US....
Offshore money is tolerated because a lot of politicians and friends take advantage of it too. It doesn't work well in other cases...
As if US companies are protected by US law from that? Apple Keyco would need to rely on its own security procedures to protect the security of the keys. The NSA can't hack in since the keys would not be kept on an internet connected system, and they could insure they are only used in a locked and guarded TEMPEST shielded room.
I suppose they could send the CIA swooping in to kill the guards and break into the room where they are kept, but that would really undermine the government's position with most US citizens.
While I do not own an Apple product later than about 1995 for reasons unrelated to security, I certainly would hope that Apple presently implements every single one of the measures described, and others in addition. They would be seriously slack if they did not, in view of the fundamental importance of the secret signing keys to the security of Apple devices.
It might be noted in passing that keeping systems off the internet didn't keep the Iranian Natanz facility safe.
The Feral Baboons of Incompetence have not figured out that by destroy an OS because they are too lazy to get out of the donut shop sets a precedent that they can destroy any proprietary OS. The only way Apple or Slurp can prove there are not backdoors would be to open source their respective OSes. As long as the OSes are proprietary there can be a backdoor very quietly hidden but with an open source it is much harder to hide, the code being available to all.
Ironically, W10 may be the last true Winbloat and OS X may return to FOSS roots.
1. The NSA can do it, but they don't want people wondering what else they might be able to do...
2. The FBI want to be able to do it, and see this as a good way of setting a precedent ("He's dead", "He was a mass murderer", "He had links to other terrorists", "You're good, god-fearing Americans. You do want us to catch the terrorists. Don't you?").
Things will get interesting if the Feds get Apple's source. With Secure Enclave having the source *shouldn't" make any difference.
And while the security provided by Secure Enclave won't be perfect it *should* be a significant hurdle. Also, cracking one Secure Enclave *should* only gain you access to one phone (each Secure Enclave has its own unique ID and keys, generated internally, never exported).
It's a good thing that Apple has several billion dollars in cash, and is prepared to litigate this to the Supreme Court. (You don't hire Ted Olsen, former Solicitor General of the US, unless you EXPECT to take this to the Supreme Court.) I'm confident that the SC would side with Apple; even without Scalia, the rest of the Justices would consider this a slam-dunk. Except for Sotomayor, who owes her appointment to Obama.
But this would be a risky move for the government to take; this is SO overreaching that Apple might request personal sanctions against the government's attorneys for misconduct. The whole idea of "judicial immunity" is a judge-created fiction, and I think it might be ripe to be reined in or eliminated.
Whilst your first paragraph is probably correct, unless the FBI has a sudden attack of reason (has not happened yet!) sadly the second is not. For the same reason the UK has "not in the public interest" to cover up the admission that governement sanctioned agencies are indeed frequently home to Mr. F*ck Up.
The state can and does overreach itself - normally not through dint of sinister Machiavellian plotting, but more often that somebody had a 'good idea' about how to make their job easier without checking with the grown ups first. Once a senior minister, or agency chief, has voiced this arrant nonsence in public then it becomes very difficult to back down without the need to polish up their CV in the process.
For some reason best known to God or evolution (delete as appropriate) the mind set of these people sees no irony whatsoever in demanding exactly the reverse behaviour in captains of industry (with the notable exception of banking?). 'They' will tell you it is all to do with preserving faith in the institutions that form the very fabric of society - you might like to think you had a choice in whether you believe them or not; 'they' obviously know better.
Apple should be more careful.
If they aren't they will end up having to supply all source code for all their device OSs to the FBI.
I know we all would like to think we have rights, but trust me on this, the state will always trump the individual. Apple is a big legal entity with masses of cash and influence, but in the end they will be made to bend over just like everyone else.
Only it will be done behind closed doors to save everyone from embarrassement.
Why pass laws then? What is the purpose of the government? A vehicle to oppress their people legally? Motivated by a desire to establish 'legally' the power to do so?
Is anyone else seeing what establishing a 'precedent' REALLY means?
The FBI is a law enforcement organization. Enforcement. Not part of the legislative branch.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
