OT: F**k Apple

When something like this appears, I always ask myself "why is this happening"? If the popular answers seems a bit fishy, I assume that something else is going on. I'm suspicious here.

After reading a few articles on the topic, it seems to me that everyone is missing the point. This is not about recovering the email, address book, history, photos, or whatever from the iPhone. All that is on the owners desktop or on the Apple cloud, whichever one the user configured to sync and handle their backups. The email is IMAP4, which keeps a duplicate on the mail server of everything that's in the iPhone's mail store. I'm sure the FBI has all that already in hand, with no danger of destroying the data after 10 failed PIN attempts. They could also just unsolder the flash RAM chips, and save the contents using a common programmer without any risk of losing the data to failed PIN attempts. Sure, it's all encrypted, but that can be undone by brute force or more elegantly if one knows the Apple encryption algorithm (PIN + phone serial number). In other words, the FBI doesn't really need the phone unlocked.

Why is the FBI asking for help from Apple when the NSA would be a more logical alternative? My guess(tm) is that the NSA, FBI, CIA, and the rest of the alphabet soup security organizations are rather protective of their turf and don't want to have anything to do with each other. They usually fail to communicated with each other, as what happened between the CIA and FBI before the World Trade Center incident.

The San Bernardino terrorists might also have wiped their backup computer or vaporized the iTunes backups on both the computer and the cloud. If so, why didn't they do the same to the iPhone? Could it be that there's nothing of value on it?

What makes the phone so important that the FBI would engage in a high profile assault on Apple and our rights to privacy to get inside? My guess(tm) is that this is the ideal court test case for forcing any company to either install a back door, to reveal their security mechanisms, or simply to weaken encryption. The terrorists are dead, so they can't complain that their privacy is being violated. Oddly, the FBI has failed to conjure a believable justification for needing the iPhone data, but I'm sure that's just a temporary oversight.

The FBI will probably claim that they need this to protect the public from terrorists. Essentially, they're asking us to trade in our privacy, personal security, and liberties for some FBI protection. Ben Franklin said it best in many ways:

Now that John McAfee has offered do to it for free: I expect that every marginal organization and individual to make similar offers. I can just see Vladimir Putin or Xi Jinping offering to hack the iPhone for free. This should be interesting...

--
Jeff Liebermann     jeffl@cruzio.com 
150 Felker St #D    http://www.LearnByDestroying.com 
Santa Cruz CA 95060 http://802.11junk.com 
Skype: JeffLiebermann     AE6KS    831-336-2558

Iz it zafe, azzhole?

Any idiot who thinks that a chip needs to be unsoldered before it's data can be probed has already advertised a huge technical weakness to the world.

It's not my utterances I'm worried about, or yours.

A security state gone berserk is no laughing matter. The politicians and judges are the *first* ones who should be scrambling for a leash to put on Comey.

All of this has happened before. It doesn't usually end well...

-- john, KE5FX

Even with the data they do *still* collect, their biggest problem is having enough personnel to wade through it all.

snip

I should add... Skilled, AND oath abiding as qualifiers to "personnel".

People don't do that. That's what the computers are for. 10 acres here, 20 acres somewhere else, 65 MW there, 100 MW over that way.

Put 'em all to work 24/7/365 and after a while they'll notice that you buy hummus and have roast lamb a couple of times a year and you bought gas at a gas station when a suspicious guy who lives next to a liberal Muslim stopped for coffee and you stop at the pizza store that has a Syrian immigrant owner and you're toast when the purge begins.

--
Grizzly H.

What's stupid about having a cheap convenient gadget that does phone, email/texts, video conferencing, note taking, voice recognition, net access, camera, video and so on? Nothing at all.

What's stupid about putting mild harmless private data on it? Nothing. The only thing stupid is when people put high risk data on them.

NT

One might ask.. Why are they _storing_data_ on their "smart" phones at all? ...Jim Thompson

--
| James E.Thompson                                 |    mens     | 
| Analog Innovations                               |     et      | 
| Analog/Mixed-Signal ASIC's and Discrete Systems  |    manus    | 
| San Tan Valley, AZ 85142     Skype: skypeanalog  |             | 
| Voice:(480)460-2350  Fax: Available upon request |  Brass Rat  | 
| E-mail Icon at http://www.analog-innovations.com |    1962     | 
              
I love to cook with wine.     Sometimes I even put it in the food.

I put data on mine because it's useful to have it away from the pcs for an assortment of reasons. Obviously I wouldn't put anything sensitive on there.

NT

reading the flash is easy, how do you decrypt the data read from the flash?

--
  \_(?)_

Yeah, firmware upgrades should not install on locked devices. maybe later devices work that way.

--
  \_(?)_

I will say you got your name right.

How exactly will anyone know what I buy or where?

--

Rick

If you use credit cards or debit cards that information is all known and probably recorded in various places. If you carry a smart phone your location is known within tens of meters at any point in the day (or night). If you use google and gmail, your searches and mail is already being machine parsed and analyzed.

It's not like the old days of East Germany where large numbers of people were required- there are software tools that can quickly sort through the data and come up with matches.. there will be collateral damage.

*Not* using credit cards, debit cards and cell phones, along with other factors (ie. not just being a cantankerous old fart and Luddite), could be a red flag.

--sp

--
Best regards,  
Spehro Pefhany 
Amazon link for AoE 3rd Edition:            http://tinyurl.com/ntrpwu8

What is being advertised to the world is that Apple have superior security. So good that even the USA TLA's can't break it.

--

John Devereux

*IF* you use credit cards...

How is using cash any sort of red flag if they don't know who you are?

--

Rick

It's not possible to read the AES 256 keys out of flash by any means, in or out of the phone. It's beyond the reach of NSA. The multi-trillion $$$ cyber-security infrastructure of the U.S. has been defeated. Actually it was defeated back in 2012. The relevant discussion starts on page 10:

Looks like they're going to have to wait for the 2nd or 3rd generation of quantum machines before they can access that data.

Your profile indicates that you are going to extra-ordinary lengths to avoid a credit trail. Why *do* you have no credit trail, citizen? What are you hiding?

What exactly are you doing that requires you to only ever use cash? That is the behaviour of terrorists!

Welcome to our List, no flying for you, and have this red flag.

--

John Devereux

They're using the governments own encryption of choice, AES 256, to which e ven NSA gives approval for storage of Top Secret data. Then they bury the k eys in unreadable hardware. And they have bunches of keys generated on the fly with keys protected by other keys. The AES 256 is considered so powerfu l that destruction of a file's key is logically equivalent to erasing the f ile from memory.