Apple vs the FBI

[BobK]

Couldn't they simply remove the flash chip or chips from the device and read them something other than an iPhone? I doubt that the program that erases everything after 10 wrong keys are entered would be inside the flash chip.

The data is presumably encrypted, but there are only 10000 possible 4-digit keys, easy enough to crack.

Bob

 

[Colin Mitchell]

It just shows how incompetent the FBI is.

 

[Gryd3]

Couldn't they simply remove the flash chip or chips from the device and read them something other than an iPhone? I doubt that the program that erases everything after 10 wrong keys are entered would be inside the flash chip.

The data is presumably encrypted, but there are only 10000 possible 4-digit keys, easy enough to crack.

Bob

Dealing directly with the hardware makes sense... but it's so much easier to plug it into a PC via USB and type in codes that way... so apple should weaken a couple aspects of their firmware to accommodate XD
It's kind of scary that a consumer hand-set is such a roadblock to such a feared agency...

 

[AnalogKid]

1. Couldn't they simply remove the flash chip or chips from the device and read them something other than an iPhone?
2. I doubt that the program that erases everything after 10 wrong keys are entered would be inside the flash chip.
3. The data is presumably encrypted, but there are only 10000 possible 4-digit keys, easy enough to crack.

1. No. When you want a few million pieces of a custom chip *per month*, you pretty much get anything you heart desires. If you want to same a few square millimeters and milli-pennies by combining an ARM engine and its memory on one chip, then that's what you get. I haven't seen an iPhone teardown in a while, but he assumption that its physical architecture is like a laptop only really small is not supported by other high volume low cost device designs.

2. I'm sure it does. We use secure hard drives for MIL data recorders. Toggle one interface pin and everything is gone in milliseconds with deep overwriting that is better than any electron microscope.

3. Back to #1, if the access counter and the data are on the same chip, then even depotting the part down to the bare silicon won't get you in.

ak

 

[AnalogKid]

It's kind of scary that a consumer hand-set is such a roadblock to such a feared agency...

Actually, it's been an open secret for a decades. The computing horsepower to manage a 256-bit encryption system used to be government-level technology. Now it's on your hip for $99. The math techniques have been around for almost 100 years, and the hardware for a 100,000-bit encryption key is sitting on my desk - and it's 5 years old. "Real" secure communications never have been easier or cheaper. It doesn't matter what the agency is or its resources. Back in the 90's Intel pumped out 50 million Pentiums a year. That ended crackable encryption forever.

ak

 

[Colin Mitchell]

The whole point is this.
Once thy get the crack, and use it once, they say they will destroy it.
This will not happen.
Already every state in the US has hundreds of phones that need cracking for court cases.
Already personal documents held by the government have been leaked "Wiki-Leaks" and disgruntled workers will eventually leak all the phone codes to the web.
You cannot trust the government. They all employ smart, brilliant, ning nongs (Wiki Leaks) that have leaked information in the past.
At the moment a back-door entry has not been provided.
Is the government going to pay Apple to produce this?
Apple has never been required to provide anything more than a back entrance via a password created by the purchaser.
Up to now this has satisfied all purchasers. The FBI is not a purchaser and if they don't like the limited technology - DON'T BUY AN APPLE PHONE.
The government actually wants accurate GPS tracking of all phones in the US, all text messages and all voice messages to be stored for 5 years.
Can you imagine the storage capacity!!!
That is their actual underlying DEMAND.
Of course it would be a wonderful tool for rounding up the criminals.
And I don't have any problems with my individual phone.
But it just goes to show what will be gradually introduced in the near future.
It's called ABSOLUTE CONTROL.
I'm innocent and it won't affect me, but it's technology used to the nth degree and eventually it will be added to all cars.
You will be charged road tax for every inch you travel as well as speeding fines when you travel one mile an hour over the recommended sped.
Believe me, it was predicted 40 years ago by . . . . . .

 

[cjdelphi]

If android had a pin code enabled, what prevents someone removing that protection and recompiling then flashing it?

If possible, why is apple standing in the way? What is apple hiding?

 

[AnalogKid]

What is apple hiding?

A revealing question. Do you play prosecutor, judge, and jury often?

What if Apple is merely keeping a promise? What if all of the disruption is being caused by nothing more than that?

 

[BobK]

1. No. When you want a few million pieces of a custom chip *per month*, you pretty much get anything you heart desires. If you want to same a few square millimeters and milli-pennies by combining an ARM engine and its memory on one chip, then that's what you get. I haven't seen an iPhone teardown in a while, but he assumption that its physical architecture is like a laptop only really small is not supported by other high volume low cost device designs.

2. I'm sure it does. We use secure hard drives for MIL data recorders. Toggle one interface pin and everything is gone in milliseconds with deep overwriting that is better than any electron microscope.

3. Back to #1, if the access counter and the data are on the same chip, then even depotting the part down to the bare silicon won't get you in.

ak

I just looked an iPhone 6s teardown. In addition to the Apple A9 processor + ram chip it has this:

Toshiba THGBX5G7D2KLFXG 16 GB 19 nm NAND Flash

So the flash is a separate chip as I surmised.

Now, it is possible that this chip is programmed to do the security check. Flash chips do in fact have programmable processors on them to map addresses such that the chip is uniformly used because they have a limited (though large) number of write cycles allowed. But I doubt that this is the case, since Tim Cook mentioned that they would have to create a special version of the OS (not the flash chip coding) in order to bypass the security feature.

So, take the flash chip and and the danger of erasing it is (most likely) gone.

Bob

 

[AnalogKid]

Such an obvious move that I have to wonder what else is in play to prevent that from working. As I alluded to above, it is possible to examine the surface of a magnetic disk with an electron microscope and "read" the data. The same thing is possible with a memory chip, although I think that the positioning accuracy required to read specific bits would be tough, and finding the locations requires knowing the chips error mapping and load leveling that you referred to. Tricky problem.

ak

 

[eetech00]

Such an obvious move that I have to wonder what else is in play to prevent that from working. As I alluded to above, it is possible to examine the surface of a magnetic disk with an electron microscope and "read" the data. The same thing is possible with a memory chip, although I think that the positioning accuracy required to read specific bits would be tough, and finding the locations requires knowing the chips error mapping and load leveling that you referred to. Tricky problem.

ak

so after you read the encrypted data..,what will you do with it?

 

[shrtrnd]

I, frankly, do not believe the FBI does not have or cannot get the resources to do what they want done here.
My opinion is, that this is a test case for any future attempt the FBI wants to make, setting a legal precedent for having done it.
I'm just reading between the lines of what I think is going on here.

 

[Gryd3]

If android had a pin code enabled, what prevents someone removing that protection and recompiling then flashing it?

If possible, why is apple standing in the way? What is apple hiding?

Flashing a custom ROM requires an unlocked bootloader which (when enabled) wipes the handset.
If you can trick it into a 'factory' upgrade to a modified rom, then it usually wipes itself anyway. The only data that remains is the contents of the /sdcard partition and contents on /ext-sdcard
If... you decide you want a custom rom yourself, the you break into your phone for them... they simply reboot into recovery mode and can pull data out.

 

[AnalogKid]

so after you read the encrypted data..,what will you do with it?

I don't understand your question. Knowing about a technology and using it are two very different things.

ak

 

[cjdelphi]

My phone is rooted, i use odin to flash it all the time, but if i removed the pin code check and flashed it, it would boot straight into android without asking for a pin..

 

[cjdelphi]

I wonder what i need to compile the linux based OS, my own android rom lol

 

[(*steve*)]

You need the source

 

[Gryd3]

My phone is rooted, i use odin to flash it all the time, but if i removed the pin code check and flashed it, it would boot straight into android without asking for a pin..

If you have a custom recovery installed (which is common for people with custom roms) then you can use it to upload and flash a .zip with modified files to disable the pin/lockscreen allowing someone to simply reboot and have access.

I wonder what i need to compile the linux based OS, my own android rom lol

You need the source

It 'is' open source... but many vendors don't actually share their custom portion of the ROM which includes things like the drivers/firmware for the radios, camera, etc. so most of the time a ROM built from scratch is missing a lot of core functions. The usual process involves modifying existing custom rom packages based on AOSP (Android Open Source Project)

 

[(*steve*)]

You need *all* the source.

 

[cjdelphi]

That could be tricky i'm not into writing drivers

But for the purpose of recovering data, any old compatible rom i'm able to compile from source ...

Something that can not be done for iOS because it's closed source, so i guess the fbi probably has this covered already for android!