Not an "Apple Guy" or an iPhone Guy, But Wow. Just... Wow!

W

WayneF

Senior Member
There is a passcode to use the phone, and I think also a possible passcode to protect secured information. The problem is that about ten failed access attempts deletes the secured information. Intended to be failsafe secure.

I'm still puzzled why the FBI cannot practice with a hardware debugger on a duplicate phone, and when they get it figured out, then it seems like one simple breakpoint in the correct phone should do it. Obviously there must be more I don't understand. But Apple could do it much faster.
 
J

J-see

Senior Member
AC016 said:
I don't think Apple should be telling the FBI how to do it though, but Apple should help them. Any future or current cases that are similar, should all go through the court system as well. Just my thughts.
Click to expand...

When Russia goes to court, tech companies could help decrypt Snowden's stuff. I wonder if that would be a good idea too.
 
J

J-see

Senior Member
WayneF said:
There is a passcode to use the phone, and I think also a possible passcode to protect secured information. The problem is that about ten failed access attempts deletes the secured information. Intended to be failsafe secure.

I'm still puzzled why the FBI cannot practice with a hardware debugger on a duplicate phone, and when they get it figured out, then it seems like one simple breakpoint in the correct phone should do it. Obviously there must be more I don't understand. But Apple could do it much faster.
Click to expand...

The six-digit PIN allows for a million combinations, and is only available on iPhones running the iOS 9 operating system and above. Farook’s phone runs iOS 9. Still, a computer could run through all the possible combinations in less than a minute and break into the device — if it weren’t an iPhone.

Apple’s smartphones require users to enter passwords manually. That takes time. Worse for the would-be hacker is that the phone punishes you for failure. As any iPhone user who’s struggled to enter their PIN one-handed while, for example, walking along and chatting with a friend, knows, if you fail to enter your password too many times, the phone locks you out for a minute.

The phone is programmed so that the lock-out time increases after multiple failures. Six failed attempts pushes the lock-out time to five minutes. After the ninth failed attempt, users have to wait an hour before they can try again.

After the 10[SUP]th[/SUP] failed attempt, the phone erases all its data. Meaning the cryptographic brute-force method just doesn’t work on iPhones, if you don’t manage to get lucky in the early going.
Click to expand...

Yes, the feds can hack your iPhone. No, it isn?t easy.

Even if you could avoid the delete, worst case scenario the time-outs would cost you more than a decade to unlock this single phone.
 
Last edited:
Horoscope Fish

Horoscope Fish

Senior Member
WayneF said:
I'm still puzzled why the FBI cannot practice with a hardware debugger on a duplicate phone, and when they get it figured out, then it seems like one simple breakpoint in the correct phone should do it. Obviously there must be more I don't understand. But Apple could do it much faster.
Click to expand...
What you don't seem to understand, or want to accept, is that the people that develop encryption technologies aren't stupid. There are two known technologies used by Apple to harden the iPhone against intrusion: One is called TouchID and the other is TrustZone. Apple hybridized these technologies starting with a highly modified version of TrustZone to begin with. They then implemented Secure Enclave to further harden the iPhone against all currently known forms of intrusion. If you understood how TouchID, TrustZone and Secure Enclave all work, and work together with Apple's unique implementation strategy, you might better see why your repeated references to using a software debugger to thwart them is ridiculous.

And now I'm done talking to a wall.
 
AC016

AC016

Senior Member
Horoscope Fish said:
What you don't seem to understand, or want to accept, is that the people that develop encryption technologies aren't stupid. There are two known technologies used by Apple to harden the iPhone against intrusion: One is called TouchID and the other is TrustZone. Apple hybridized these technologies starting with a highly modified version of TrustZone to begin with. They then implemented Secure Enclave to further harden the iPhone against all currently known forms of intrusion. If you understood how TouchID, TrustZone and Secure Enclave all work, and work together with Apple's unique implementation strategy, you might better see why your repeated references to using a software debugger to thwart them is ridiculous.

And now I'm done talking to a wall.
Click to expand...

I read an article a few days ago and they mentioned that the FBI is somewhat lucky that the phone is a 5C and not the "regular/full version" of the iPhone or however you want to put it. I believe this had something to do with the Secure Enclave. The article stated that if it were a "regular" iPhone, both the FBI and even Apple would be out of luck. I need an iPhone....
 
B

Blacktop

Senior Member
AC016 said:
I read an article a few days ago and they mentioned that the FBI is somewhat lucky that the phone is a 5C and not the "regular/full version" of the iPhone or however you want to put it. I believe this had something to do with the Secure Enclave. The article stated that if it were a "regular" iPhone, both the FBI and even Apple would be out of luck. I need an iPhone....
Click to expand...

So Apple is admitting that the 5C is not a real iPhone but something that they threw together for the peasants that can't afford a real iPhone?
 
AC016

AC016

Senior Member
Blacktop said:
So Apple is admitting that the 5C is not a real iPhone but something that they threw together for the peasants that can't afford a real iPhone?
Click to expand...

Apple, as far as i know, has said nothing of the kind (notice that i used quatation marks). It was the article that i was reading, that had made the distinction between a 5C and a 5S, for example. The 5C does not have a secure enclave; therefore, making it not as hard to crack as let's say a 5S. Apple can comply with the FBI court order ? Trail of Bits Blog
 
Horoscope Fish

Horoscope Fish

Senior Member
Blacktop said:
So Apple is admitting that the 5C is not a real iPhone but something that they threw together for the peasants that can't afford a real iPhone?
Click to expand...
HA! As if Apple would acknowledge the peasantry!

No, the 5C is slightly less secure than current iPhones because it's older is all. Newer iPhone = BFMP tech.
 
R

rocketman122

Senior Member
they opened the phone a long time ago. this is some bs pr show. they can open any phone they want. cia nsa and fbi have access to any info they want from them. people are too naive. read beyond the stupid media. when the whistle guy came out about the nsa google facebook and others all came out trying to defend themselves. this is the same. they opened the phone already but trying to show theyre goody two shoes. and they should open it. just open it quietly and hush hush. no one needs to know and a lot can be gained from it. 14 people dead and they wont open it..cmon now folks..
 
W

WayneF

Senior Member
Horoscope Fish said:
What you don't seem to understand, or want to accept, is that the people that develop encryption technologies aren't stupid. There are two known technologies used by Apple to harden the iPhone against intrusion: One is called TouchID and the other is TrustZone. Apple hybridized these technologies starting with a highly modified version of TrustZone to begin with. They then implemented Secure Enclave to further harden the iPhone against all currently known forms of intrusion. If you understood how TouchID, TrustZone and Secure Enclave all work, and work together with Apple's unique implementation strategy, you might better see why your repeated references to using a software debugger to thwart them is ridiculous.

And now I'm done talking to a wall.
Click to expand...


What do you imagine Apple could do that the FBI cannot?

And I said hardware debugger, which can externally control the microprocessor.

If the phone firmware can do it, and if Apple can do it, then the FBI can do it (manipulate firmware, with a HW debugger for example). It would take the FBI longer without source code, but learning it would still certainly be possible (routine hacker operation). Hardly rocket science, simply where is the firmware IP when it pauses for the protection code? Then to figure out a jump point to mimic a successful try (where does the IP path go when a good password is entered?) The ten tries can be bypassed by learning on a duplicate phone, then applying the final breakpoint to the target phone.

What the FBI really wants is easy future access of any iphone, for any reason.
 
Horoscope Fish

Horoscope Fish

Senior Member
WayneF said:
And I said hardware debugger, which can externally control the microprocessor. If the phone firmware can do it, and if Apple can do it, then the FBI can do it (manipulate firmware, with a HW debugger for example). It would take the FBI longer without source code, but learning it would still certainly be possible (routine hacker operation). Hardly rocket science, simply where is the firmware IP when it pauses for the protection code? Then to figure out a jump point to mimic a successful try (where does the IP path go when a good password is entered?) The ten tries can be bypassed by learning on a duplicate phone, then applying the final breakpoint to the target phone.

What the FBI really wants is easy future access of any iphone, for any reason.
Click to expand...
Clearly you need to contact the FBI and, really, the entire security industry that has created these sophisticated encryption solutions, so you can tell them all they're doing it wrong.
 
AC016

AC016

Senior Member
images.jpg
 
W

WayneF

Senior Member
Horoscope Fish said:
Clearly you need to contact the FBI and, really, the entire security industry that has created these sophisticated encryption solutions, so you can tell them all they're doing it wrong.
Click to expand...

Sorry, I cannot tell the FBI how to acquire their backdoor into all future iphones. :)
 
Horoscope Fish

Horoscope Fish

Senior Member
WayneF said:
Sorry, I cannot tell the FBI how to acquire their backdoor into all future iphones. :)
Click to expand...
I meant specifically how to use a hardware debugger to "externally control the microprocessor" of the iPhone's TrustZone.

According to your post this is a, "routine hacker operation".
 
W

WayneF

Senior Member
Horoscope Fish said:
I meant specifically how to use a hardware debugger to "externally control the microprocessor" of the iPhone's TrustZone.

According to your post this is a, "routine hacker operation".
Click to expand...


Yes, that is my thinking. I have not done hacking, but have done debugging. I know how computer processors work, and know how the hardware debuggers can totally control what a microprocessor does. Breakpoints, altering registers and memory, including IP to jump around differently, is their purpose. If the processor can do it, the debugger can control and alter it. No question about that. Unless you are claiming the iphone processor cannot do it either? If it is instead done by magic, then maybe not? :) But I think the iphone OS and processor decide to verify security and then either continue on or not. It is nothing to skip such checks.

So I don't think the FBI request is about this one phone, I think the goal is all future phones.
 
Horoscope Fish

Horoscope Fish

Senior Member
WayneF said:
But I think the iphone OS and processor decide to verify security and then either continue on or not. It is nothing to skip such checks.
Click to expand...
No. The iOS processor does not "verify security". Security routines are handled by hardware that is isolated, and physically separate from, the iOS and its processor.

Further, you can not bypass the encryption as you describe because it requires manual input from the keyboard. Magic not required but manual input IS. Manual. Not electronic. And the whole point of requiring manual input is that manual input can not be spoofed, or bypassed, with things like hardware debuggers. You're thinking it can but it can't. And since you can't bypass manually inputting the pass code using the keyboard, you can't bypass the Time Outs. As I said before, it's almost as if people who design encryption technology actually know something about bypassing security measures to begin with.
 
R

rocketman122

Senior Member
I know one thing..that itunes software is a crime against humanity. for curiosity I asked as many people as I could who had an iphone if they use itunes and maybe 5% said yes. the other said complicated. I say not intuitive. crap software. thats why I left and no freedom. give me androids drag and drop. idiots decided in ios 7 to make an sbsettings drop down settings.
 
W

WayneF

Senior Member
Horoscope Fish said:
No. The iOS processor does not "verify security". Security routines are handled by hardware that is isolated, and physically separate from, the iOS and its processor.

Further, you can not bypass the encryption as you describe because it requires manual input from the keyboard. Magic not required but manual input IS. Manual. Not electronic. And the whole point of requiring manual input is that manual input can not be spoofed, or bypassed, with things like hardware debuggers. You're thinking it can but it can't. And since you can't bypass manually inputting the pass code using the keyboard, you can't bypass the Time Outs. As I said before, it's almost as if people who design encryption technology actually know something about bypassing security measures to begin with.
Click to expand...

So you are claiming that even Apple could not possibly comply with the court order to help this access case? Then why did the FBI request it and the court order it? The FBI has discussed it with Apple, Apple just won't do it. If the firmware and processor and Apple can do it, so can the FBI. Perhaps not as skillfully for the first while, but they can learn.
 
Top