At a news conference on Thursday devoted largely to
combating terror threats from the Islamic State,
Mr. Comey said, “What concerns me about this is companies
marketing something expressly to allow people to hold
themselves beyond the law.”
The state and the law are separate entities, Mr. Comey. It concerns me that, in your mind, you have conflated the power of the state with the normativity of the law.
In the twentieth century, the modern state gained the power to destroy all life on Earth. In the twenty-first century, the modern state and the modern citizen gained the power of private machine-assisted telepathy, memory, and computation. The state and its avatars must recognize that it cannot and must not have the ability to exercise absolute power over citizen's thoughts, computations, and communications if it wishes to foster a healthy and free society.
The state and its avatars recognize that they can and must have the ability to exercise absolute power over citizen's thoughts, computations, and communications if they wish to fester in society.
> The state and its avatars must recognize that it cannot and must not have the ability to exercise absolute power over citizen's thoughts, computations, and communications if it wishes to foster a healthy and free society
This sounds lovely, except it's just absolute nonsense. For many thousands of years states have maintained the power to restrict citizens communications and almost since the invention of the telegraph they have been able to be monitored in some form. Despite this we are freer than ever.
Healthy and free societies are not built upon a base of unlimited freedom, that is all but anarchy.
The most important takeaway of the "post-Snowden Era" is that both companies and the government lie.
Apple now is in the damage control mode, trying to undo the massive credibility hit dealt by Snowden revelations. But since they were in bed with the NSA for several years prior, I really doubt they have an option of divorce. If they were strong-armed into cooperation before, it'd be foolish to assume that they can get out of it on such a flimsy technicality as a in-device encryption. So what's likely to be happening is that Apple started encrypting, the state started saying "Oh, noes! It's unbreakable. Buy American again." and behind the scenes they still cooperate in a less in-your-face fashion. Something as simple as initializing PRNG on the device in a predictable manner - piece of cake to do, very hard to detect, but exploitable on the spot with a bit of foreknowledge. Where there's a will, there's a way. And the will is there.
And it's impossible for a 'normal' citizen to have an idea if and when they are. We simply have no clue or expertise to possibly pick apart statements made and then verify them—as you said in regards to initializing PRNGs. For example, most in the technical communities have no idea how PRNGs work, let alone how to test if they are true. I know I don't.
Well dudes, you screwed it up for yourselves with illegal wiretapping, the perhaps legal but still outrageous secret court orders and the attitude you presented when all this came to light. Fuck you.
"I'd hate to have people look at me and say, 'Well how come you can't save this kid?' 'How come you can't do this thing?'" said Mr Comey in a briefing. [1]
A separate article on the same sort of thing. But, I can't help but laugh at how the instant canned response from the FBI was "WON'T SOMEONE THINK OF THE CHILDREN".
It's pathetic, even more so because it keeps working.
How would you design a law enforcement system that could work without secret court orders? If court orders were all issued by open courts, then any non-idiotic criminal organization would have someone in attendance at all relevant hearings to alert them when the court issues an order that affects them, such as a warrant authorizing a wiretap.
This makes me extraordinarily happy, perhaps this is the first major step in the struggle against government spying on innocent citizens?
On another note, is anyone disturbed by how even the idea of people being able to store their private data securely being seen as inherently criminal by high level officials? What does that say about these people in power, they literally view your right to privacy as dangerous. Sickening.
> What does that say about these people in power, they literally view your right to privacy as dangerous. Sickening
Your right to privacy is dangerous. Imagine trying to investigate a murder with unlimited privacy. Unless someone saw the killer kill, you've no chance.
The new security in iOS 8 protects information stored on
the device itself, but not data stored on iCloud, Apple’s
cloud service. So Apple will still be able to obtain some
customer information stored on iCloud in response to
government requests.
Some? I think the importance of this qualification has been overlooked everywhere it's been reported.
It has been reported everywhere I've seen it. It's pretty clear that it means Apple will be able to give information that you have let them give by storing it on iCloud.
> Breaking the code, according to an Apple technical guide, could take “more than 5 1/2 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers.” (Computer security experts question that figure, because Apple does not fully realize how quickly the N.S.A. supercomputers can crack codes.)
Uh, what? Surely the journalist has missed an important technical detail here, right?
I had the same thought. If we allow upper, lower, and digits, that's 26+26+10 = 62 possible characters per space. With six spaces, that gives 62^6 = 56,800,235,584 possible passwords.
Now if we take their figure of 5.5 years to crack a phone's files and divide, we get 327 seconds (more than 5 minutes) per password they check.
Something is off, though perhaps it's my math so please do double check it for me.
Edit: Argggg. Good corrections. My main problem is that I did my final division in the wrong direction. Fix that by taking a reciprocal: 1/327 = 0.003 seconds. And then correct that by a factor of 2 to assume they get each password in half possible time: 0.003 * 2 = 0.006 or roughly 6 milliseconds. Thanks for the quick check folks.
There could be truth in that number depending on what encryption algorithms are used. Some take significantly longer than others to apply.
On a tangent, I trust Apple's competence but I have seen no information on the technicalities of this feature. I would like to hear specifics so we can estimate how secure the design is based on facts.
If I were the NSA, I would publicly ream Apple about the fact that I can't access the encrypted data on iPhones.
I would privately thank them for putting in another backdoor that actually lets me read all the data I want from them.
It's a win-win. Apple gets to look like a privacy crusader. The NSA gets access to all phones. And best of all, iPhone users get to believe that their phone is unhackable, so they won't take the same precautions to hide their illegal activities.
"The notion that someone would market a closet that could never be opened — even if it involves a case involving a child kidnapper and a court order — to me does not make any sense."
The whole point of our system is that this guy can be as ignorant and disrespectful of our liberties as he likes, without actually endangering our society.
Which isn't to say that attitudes like his won't do damage. Really we ought to have officers -- in ALL stations of government -- with a far better understanding than this. Who, exactly, appointed this guy?
The hilarious part about all this is that companies do market and sell closets that cannot be forcibly opened. This product is commonly known as a safe.
The problem is Comey spent his entire career on one side of the system - the prosecutorial side.
People at high levels of government (Director of FBI, US Attorney, etc) should at least spend some time on the other side to better understand how the whole system works.
Of course it won't happen - all the career paths to the top are through the prosecutorial side. That leds to people like Comey, the AG for Swartz case, etc have such overbearing attitude about our rights.
You would have to be very gullible to believe this show, I would not be surprised if this is done in cooperation with the government. They want you to use propitiatory software and own personal surveillance devices such as phones and Apple wants to sell your their product. They both would win from such a scenario. I do not buy it, the least I can do for Snowden is to be very skeptical.
Police did the same dance with BlackBerry, they claimed to the media it was impossible for them to spy on calls and texts but we all know now that was a ruse to encourage criminals to use them. UK riots they had no problems handing over decrypted messages to the police. The Datalocking company, who ran their own BB Enterprise servers and peddled "unbreakable encryption" were remotely accessed by the FBI and keys pulled, with the help of Blackberry themselves of course. Any customs agent in the western world can plug a locked BB into a little device they have that unlocks the screen immediately. Finspy/mobile malware let's the police monitor communications in real time too (and iOS).
Samsung Android phones the proprietary modem can r,w /sdcard and /data unless you either install Replicant or use some kind of permission controls like SEAndroid to lock out modem.img access to everything. Apple likely has a similar proprietary baseband with full remote control over the whole application OS they can offer the FBI to quietly activate targeted spying.
Plot or not, it is naive to think your personal data is safe at a super commercial company like Apple. I see it as
the typical 'Apple' way of selling things; pretending what they make is better, faster, more secure bla bla bla.
Apple targets a huge market of people not understanding technicalities, this is a typical example.
> Mr. Comey said, “What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law.”
This is a huge blanket blaming statement. Our intent can be protecting someone's privacy without ever addressing their intent to do harm to another. And, given the propensity of people who don't wish harm on others, I'm totally OK in supporting and pushing for these types of protections in consumer goods.
If anyone has tried to go beyond the law here, it's the NSA.
I think the big issue here isn't that Apple is now encrypting iPhones. In general, being able to secure the data on your phone is a huge benefit for the average consumer. People lose their phones all of the time, and you have no idea who is going to find your lost phone and what they're going to do with the data on it. Given the amount of sensitive data people throw on their phones without thinking, Apple is probably doing more to prevent petty crime and identify theft by encrypting the data on iPhones.
The big issue as I see it, though, is that Apple isn't advertising this as a means of protecting yourself from criminals. Instead, they advertised it as a means of preventing Apple from complying with warrants. Warrants constitute an violation of a person's privacy which is explicitly allowed in the constitution. There's a good reason we have them, and a process that's been in place for a few centuries to limit their abuse. More often than not, the bad guy is not the federal government, and the public is served by allowing the police to investigate specific individuals under reasonable suspicion with specific limitations as authorized by the courts. If people have a problem with the way warrants are issued or how the police carry out investigations, they should seek to change that process, not try to circumvent them.
This isn't going to keep out the NSA. It only affects that data physically residing on your phone, and when was the last time the NSA had your phone physically in its possession? This likely isn't going to stop actual law enforcement officials from getting access to the data on your phone. Unless you're typing in a strong password every time you pull your phone out of your pocket, the FBI will likely be able to brute force your phone to gather evidence with little difficulty, providing the courts allow them to do so. On that front, the only thing this has really accomplished is allowing Apple to give the middle finger to the feds in an attempt to appease a customer base who thinks the government is out to get them.
If you look at all the links on this thread to the moral panic various cops have been goaded into spewing, it's not like they aren't doing their part to make Apple's point.
It's the government's fault that this is a feature that companies would a) build and b) market as a key feature. The public finds this attractive because of their nefarious activities. We reap what we sow.
The benefits of being able to crack phones quickly in the few cases where it is in the public interest to do so do not outweigh the harm that would be done to the public if it were possible. Further, the types of people that really want to harm us are using third party or custom tools that encrypt everything anyway.
The feds and local police will lose a few more low-level drug cases, and maybe a few insider trading cases, due to Apple's security enhancements. I'm OK with that.
So what are the actual rate limits on unlock code discovery?
If you're typing in passwords, it might take a while.
If you've disassembled and imaged the storage device, and have physical access to the hardware security module (HSM), does that improve your rate or ability to parallelize?
I've been a little annoyed at how the FBI (for itself and again as proxy for the NSA) is playing helpless, as if the Director of the NSA or FBI is going to be stuck tapping unlock codes into a suspect's phone while the countdown timer on a 100 mega-pedophile nuke ticks down, somewhere in The City.
Apple's position here is that my private iPhone data belongs to me. If the government suspects me of criminal behavior, the search warrant should be directed at me, not Apple. I'm not a lawyer, but I think this makes perfect sense.
The next logical step is for Apple to encrypt my private iCloud data as well, and protect it from anyone except me (not sure if the technology exists to do this yet.)
> Locking out intrusion is a huge value proposal for cellular manufacturers.
Is it though? The implementation can be tricky to get right, building it in takes resources, and (perhaps until recently) most consumers do not seem to value that kind of safeguard for their communications. Enabling encryptoed encrypted increases the cost to the manufacturer, all for something that most people did not think was important (before there was strong evidence that there was a lot of warrantless wiretapping going on).
A 6 letter alphanumeric password, do they think people use old laptops to generate the possible passwords?! It should be at least 128 or 256 if they're being serious about security and preferably much much longer than that.
128 bits of entropy should suffice to make brute forcing impossible.
That corresponds to a 22 character mixed-case alphanumeric password. (62 choices per character, 62^22 > 2^128). But only if the characters are chosen randomly by a password generator; characters chosen by a human will have patterns and therefore lower entropy.
80 bits of entropy should still be enough to occupy a large amount of specialized hardware for a long time. That would correspond to 14 characters.
[+] [-] silentOpen|11 years ago|reply
In the twentieth century, the modern state gained the power to destroy all life on Earth. In the twenty-first century, the modern state and the modern citizen gained the power of private machine-assisted telepathy, memory, and computation. The state and its avatars must recognize that it cannot and must not have the ability to exercise absolute power over citizen's thoughts, computations, and communications if it wishes to foster a healthy and free society.
[+] [-] freakonom|11 years ago|reply
The state and its avatars recognize that they can and must have the ability to exercise absolute power over citizen's thoughts, computations, and communications if they wish to fester in society.
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] hahainternet|11 years ago|reply
This sounds lovely, except it's just absolute nonsense. For many thousands of years states have maintained the power to restrict citizens communications and almost since the invention of the telegraph they have been able to be monitored in some form. Despite this we are freer than ever.
Healthy and free societies are not built upon a base of unlimited freedom, that is all but anarchy.
[+] [-] huhtenberg|11 years ago|reply
Apple now is in the damage control mode, trying to undo the massive credibility hit dealt by Snowden revelations. But since they were in bed with the NSA for several years prior, I really doubt they have an option of divorce. If they were strong-armed into cooperation before, it'd be foolish to assume that they can get out of it on such a flimsy technicality as a in-device encryption. So what's likely to be happening is that Apple started encrypting, the state started saying "Oh, noes! It's unbreakable. Buy American again." and behind the scenes they still cooperate in a less in-your-face fashion. Something as simple as initializing PRNG on the device in a predictable manner - piece of cake to do, very hard to detect, but exploitable on the spot with a bit of foreknowledge. Where there's a will, there's a way. And the will is there.
[+] [-] lukeqsee|11 years ago|reply
And it's impossible for a 'normal' citizen to have an idea if and when they are. We simply have no clue or expertise to possibly pick apart statements made and then verify them—as you said in regards to initializing PRNGs. For example, most in the technical communities have no idea how PRNGs work, let alone how to test if they are true. I know I don't.
[+] [-] sbmassey|11 years ago|reply
[+] [-] happyscrappy|11 years ago|reply
Is this supposed to be a joke?
[+] [-] praptak|11 years ago|reply
[+] [-] Ntrails|11 years ago|reply
A separate article on the same sort of thing. But, I can't help but laugh at how the instant canned response from the FBI was "WON'T SOMEONE THINK OF THE CHILDREN".
It's pathetic, even more so because it keeps working.
[1] http://www.bbc.co.uk/news/technology-29378172
[+] [-] tzs|11 years ago|reply
[+] [-] krija|11 years ago|reply
On another note, is anyone disturbed by how even the idea of people being able to store their private data securely being seen as inherently criminal by high level officials? What does that say about these people in power, they literally view your right to privacy as dangerous. Sickening.
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] hahainternet|11 years ago|reply
Your right to privacy is dangerous. Imagine trying to investigate a murder with unlimited privacy. Unless someone saw the killer kill, you've no chance.
[+] [-] kaffeinecoma|11 years ago|reply
[+] [-] mhurron|11 years ago|reply
[+] [-] flavor8|11 years ago|reply
Uh, what? Surely the journalist has missed an important technical detail here, right?
https://www.grc.com/haystack.htm
[+] [-] sopooneo|11 years ago|reply
Now if we take their figure of 5.5 years to crack a phone's files and divide, we get 327 seconds (more than 5 minutes) per password they check.
Something is off, though perhaps it's my math so please do double check it for me.
Edit: Argggg. Good corrections. My main problem is that I did my final division in the wrong direction. Fix that by taking a reciprocal: 1/327 = 0.003 seconds. And then correct that by a factor of 2 to assume they get each password in half possible time: 0.003 * 2 = 0.006 or roughly 6 milliseconds. Thanks for the quick check folks.
[+] [-] theGimp|11 years ago|reply
On a tangent, I trust Apple's competence but I have seen no information on the technicalities of this feature. I would like to hear specifics so we can estimate how secure the design is based on facts.
[+] [-] SnacksOnAPlane|11 years ago|reply
I would privately thank them for putting in another backdoor that actually lets me read all the data I want from them.
It's a win-win. Apple gets to look like a privacy crusader. The NSA gets access to all phones. And best of all, iPhone users get to believe that their phone is unhackable, so they won't take the same precautions to hide their illegal activities.
[+] [-] 13throwaway|11 years ago|reply
[+] [-] payne92|11 years ago|reply
[+] [-] chernevik|11 years ago|reply
"The notion that someone would market a closet that could never be opened — even if it involves a case involving a child kidnapper and a court order — to me does not make any sense."
The whole point of our system is that this guy can be as ignorant and disrespectful of our liberties as he likes, without actually endangering our society.
Which isn't to say that attitudes like his won't do damage. Really we ought to have officers -- in ALL stations of government -- with a far better understanding than this. Who, exactly, appointed this guy?
[+] [-] rohansingh|11 years ago|reply
[+] [-] vermontdevil|11 years ago|reply
People at high levels of government (Director of FBI, US Attorney, etc) should at least spend some time on the other side to better understand how the whole system works.
Of course it won't happen - all the career paths to the top are through the prosecutorial side. That leds to people like Comey, the AG for Swartz case, etc have such overbearing attitude about our rights.
[+] [-] droptableusers|11 years ago|reply
[+] [-] dobbsbob|11 years ago|reply
Samsung Android phones the proprietary modem can r,w /sdcard and /data unless you either install Replicant or use some kind of permission controls like SEAndroid to lock out modem.img access to everything. Apple likely has a similar proprietary baseband with full remote control over the whole application OS they can offer the FBI to quietly activate targeted spying.
[+] [-] 0x0|11 years ago|reply
[+] [-] unknownBits|11 years ago|reply
[+] [-] kordless|11 years ago|reply
This is a huge blanket blaming statement. Our intent can be protecting someone's privacy without ever addressing their intent to do harm to another. And, given the propensity of people who don't wish harm on others, I'm totally OK in supporting and pushing for these types of protections in consumer goods.
If anyone has tried to go beyond the law here, it's the NSA.
[+] [-] csandreasen|11 years ago|reply
The big issue as I see it, though, is that Apple isn't advertising this as a means of protecting yourself from criminals. Instead, they advertised it as a means of preventing Apple from complying with warrants. Warrants constitute an violation of a person's privacy which is explicitly allowed in the constitution. There's a good reason we have them, and a process that's been in place for a few centuries to limit their abuse. More often than not, the bad guy is not the federal government, and the public is served by allowing the police to investigate specific individuals under reasonable suspicion with specific limitations as authorized by the courts. If people have a problem with the way warrants are issued or how the police carry out investigations, they should seek to change that process, not try to circumvent them.
This isn't going to keep out the NSA. It only affects that data physically residing on your phone, and when was the last time the NSA had your phone physically in its possession? This likely isn't going to stop actual law enforcement officials from getting access to the data on your phone. Unless you're typing in a strong password every time you pull your phone out of your pocket, the FBI will likely be able to brute force your phone to gather evidence with little difficulty, providing the courts allow them to do so. On that front, the only thing this has really accomplished is allowing Apple to give the middle finger to the feds in an attempt to appease a customer base who thinks the government is out to get them.
[+] [-] Zigurd|11 years ago|reply
[+] [-] downandout|11 years ago|reply
The benefits of being able to crack phones quickly in the few cases where it is in the public interest to do so do not outweigh the harm that would be done to the public if it were possible. Further, the types of people that really want to harm us are using third party or custom tools that encrypt everything anyway.
The feds and local police will lose a few more low-level drug cases, and maybe a few insider trading cases, due to Apple's security enhancements. I'm OK with that.
[+] [-] ipsin|11 years ago|reply
If you're typing in passwords, it might take a while.
If you've disassembled and imaged the storage device, and have physical access to the hardware security module (HSM), does that improve your rate or ability to parallelize?
I've been a little annoyed at how the FBI (for itself and again as proxy for the NSA) is playing helpless, as if the Director of the NSA or FBI is going to be stuck tapping unlock codes into a suspect's phone while the countdown timer on a 100 mega-pedophile nuke ticks down, somewhere in The City.
[+] [-] chmaynard|11 years ago|reply
The next logical step is for Apple to encrypt my private iCloud data as well, and protect it from anyone except me (not sure if the technology exists to do this yet.)
[+] [-] Fundlab|11 years ago|reply
[+] [-] privong|11 years ago|reply
Is it though? The implementation can be tricky to get right, building it in takes resources, and (perhaps until recently) most consumers do not seem to value that kind of safeguard for their communications. Enabling encryptoed encrypted increases the cost to the manufacturer, all for something that most people did not think was important (before there was strong evidence that there was a lot of warrantless wiretapping going on).
[+] [-] jahewson|11 years ago|reply
[+] [-] jahewson|11 years ago|reply
[deleted]
[+] [-] PeterBarrett|11 years ago|reply
[+] [-] wcoenen|11 years ago|reply
That corresponds to a 22 character mixed-case alphanumeric password. (62 choices per character, 62^22 > 2^128). But only if the characters are chosen randomly by a password generator; characters chosen by a human will have patterns and therefore lower entropy.
80 bits of entropy should still be enough to occupy a large amount of specialized hardware for a long time. That would correspond to 14 characters.
[+] [-] ghshephard|11 years ago|reply
[+] [-] ionwake|11 years ago|reply
[+] [-] rgrieselhuber|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]