So the FBI is asking Apple to build a tool that will unlock security measures of an existing iPhone, like the one in the San Bernadino shooting, and allow it to be read.
The problem with this is that no such tool should be possible to build. It should not be a matter of yes or no; it should be simply impossible for Apple to build such a tool without the private key of the user, which Apple does not have.
If it is possible to write a piece of software which can circumvent the protections of the iPhone without the user's private key, then Apple wrote its security software incorrectly. Either they wrote it with an appalling lack of security understanding; or they left in important backdoors, either knowingly or through ignorance. But if they wrote the software correctly and did not create backdoors of which they're aware, then the government's request is actually impossible -- cannot be done.
So which is it, Apple? Is the point moot because you did this right? Or have you already placed backdoors in the product which the FBI is now asking you to exploit for their benefit?
The point is there currently is no backdoor. FBI wants Apple to create (and sign) an OS update with a backdoor and install it onto the suspect's phone. Specifically the backdoor is to remove the rate limiting and 10 attempts limitation on trying the passcode.
If you have a very strong passphrase (not a 6-digit code) then even that should be unbreakable even with brute force. Of course, most users have the 6 digit code.
> The point is there currently is no backdoor. FBI wants Apple to create (and sign) an OS update with a backdoor and install it onto the suspect's phone.
If this is possible without the owner's permission, then the update mechanism is the existing backdoor. It just happens to also be the front door.
I think the missing information here is how the phone is encrypted. If it's done with the 4-digit numeric PIN, then the software could be built; it would take 10000 tries, but at less than .1 seconds per try, it would be able to crack the code in about 15 minutes. The current iPhone has a protection for this; after some number of tries, it will lock you out for increasing time intervals.
This is the only way that their claims might possibly be valid.
And a reminder, then: change your iPhone's password to a more complex one. If apple doesn't make this fake OS, someone will.
Edit: to expand on this, Apple's PR goal was to take advantage of the NSA mass surveillance scare. On-device encryption is not very relevant to that. iCloud security is much more important, and they've been quietly granting data from it to the Feds. Including iPhone backups which contain most of the data they're looking for.
I mean this sincerely: has the government used one of its 10 tries on the attacker's birth year? I hope the government has burned a couple tries on low-hanging guesses before going through this legal hassle.
I see what you're saying but this has never been done before. BIOS passwords could be bypassed by draining the battery. Encryption is practically the only way to protect your data, because the storage can be taken out of the phone and hooked up to something else if need be.
Making a new OS is just the easiest way for Apple to do this; there are other ways.
While I agree, this is not what OP's comment was about. He makes it sound like Apple is forced to write a decryption tool that exploits existing backdoors into the encrypted content.
Highly ironically, the current "Error 53" hullabaloo is exactly about what happens once security it tightened to the extreme.
iPhone 5s and newer have a Secure Enclave, which limits brute force-ability and can not be changed via a software update (there is a belief, though undocumented, that any firmware patches would also wipe the stored keys). Apple could not help the FBI to get into these phones.
The phone in question, however, is an iPhone 5c, which does not have a Secure Enclave.
The FBI is asking that it be built now and then loaded onto the already recovered phone.
> Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation.
Why the downvote? That is what I said. I merely used a slew of different words.
> The FBI is asking that it be built now
Because it's not possible _now_.
> and then loaded onto the already recovered phone.
Thus it becoming possible after they have built the new version of iOS, and since they cannot go back in time and build it, it would indeed be _in_the_future_ that it became available, if Apple complied, that is.
I didn't downvote but Cook's letter suggests that the backdoor needs to apply retrospectively to existing phones (not just future phones).
Hence the parent post's suggestion that the argument is moot -- if Apple has the capability to retrospectively backdoor existing phones it would imply that Apple didn't secure it in a foolproof way in the first place.
The problem with this is that no such tool should be possible to build. It should not be a matter of yes or no; it should be simply impossible for Apple to build such a tool without the private key of the user, which Apple does not have.
If it is possible to write a piece of software which can circumvent the protections of the iPhone without the user's private key, then Apple wrote its security software incorrectly. Either they wrote it with an appalling lack of security understanding; or they left in important backdoors, either knowingly or through ignorance. But if they wrote the software correctly and did not create backdoors of which they're aware, then the government's request is actually impossible -- cannot be done.
So which is it, Apple? Is the point moot because you did this right? Or have you already placed backdoors in the product which the FBI is now asking you to exploit for their benefit?