![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
drwexEverything that follows is my own speculation. I have no insider info, but I do have a brain that I like to think is capable of logical thought.
If you're not a geek and/or haven't heard about this, Digg has a summary explainer: http://digg.com/2016/tim-cook-apple-backdoor
So Tim Cook says Apple won't help the government unlock this phone (despite, apparently, having done so before). I think this is a lot of smoke and mirrors, for publicity and both sides are not battling for now, but for the future. Follow along:
1. If you gave me that iPhone, the two months since the San Bernadino shootings, and the resources of the FBI I'd have that phone cracked. Here's one brute force way - try password guessing. In theory the phone will lock after 10 failed attempts but who cares? The FBI owns the physical device and it's trivial to bit-level clone the locked software box onto a virtual machine. If you make 10 wrong guesses and lock your virtual copy of that box you just wipe it out and make another clone against which you can try 10 more guesses. With FBI-level resources you could spin up a few million parallel copies of that lock and be trying tens or hundreds of millions of password guesses per second. Again, given two months and a reasonable level of resources, you can expect you'll get it.
1a. I further reason that the FBI (and the government) have much better cryptographers than me working for them. If I can think of an extremely stupid solution that works in two months I'm quite certain that the government's crypto experts can come up with a much better solution. All this is assuming that the NSA hasn't already pwnd the iPhone, which I think there's a good chance already happened.
So now the FBI is in possession of the data it says it needs Apple's help to get. Why go through this charade?
2. I believe that the government is planning to arrest/charge at least one more person and they are looking for a legal shield that will let them introduce evidence from the phone in ways that aren't subject to 4th Amendment challenges. If they can say with a straight face (and remember, the spooks are very good at lying with straight faces) that the evidence came about due to Apple's cooperation with a legal order then it's legal; if they got that data by breaking the phone, it's almost certainly tainted evidence.
ETA: the FBI also needs a legal cover that cuts off nosy questions from defense attorneys about the (secret) methods actually used to retrieve the data. In a court case judges often give attorneys wide latitude in the discovery phase.
So if anyone with half a brain can reason that the government already has the data why isn't Apple just rolling over, and why is the US Government making a big deal of it?
3. I believe this is a shadow-puppet play staged partly for the US public, which is likely to be scared by more terrorist boogeyman stories and fall in line bashing Apple, but mostly for the non-US public. Cook no doubt has a very good idea of what the potential revenues are for iPhone sales outside the US (growing, with China as a huge untapped market) and inside the US (shrinking). Cook's defiance is saying to non-US buyers, "We won't sell you out to the USA, so buy our phones." If he rolls over, then Apple's rivals are going to make hash of Apple's marketing in those lucrative overseas markets. We like to think of Apple as a US company but it has made more than half its revenue outside the US for years. If they lose some US iPhone sales over this but bolster their overseas reputation then Apple comes out ahead.
The US security state freaks out any time a corporation puts some level of encryption in the way of its giant data vacuum. Remember, this is the same security state that cried foul when Google started encrypting traffic between Google data centers (because the security state was gleefully hoovering up all that lovely bulk unencrypted data). The security state desperately want to make Apple look bad and try to cement in the public imagination the idea that encryption is just for criminals and terrorists. Based on what I'm hearing outside of tech circles they're doing a good job of that.
Anyone see flaws in this reasoning?
If you're not a geek and/or haven't heard about this, Digg has a summary explainer: http://digg.com/2016/tim-cook-apple-backdoor
So Tim Cook says Apple won't help the government unlock this phone (despite, apparently, having done so before). I think this is a lot of smoke and mirrors, for publicity and both sides are not battling for now, but for the future. Follow along:
1. If you gave me that iPhone, the two months since the San Bernadino shootings, and the resources of the FBI I'd have that phone cracked. Here's one brute force way - try password guessing. In theory the phone will lock after 10 failed attempts but who cares? The FBI owns the physical device and it's trivial to bit-level clone the locked software box onto a virtual machine. If you make 10 wrong guesses and lock your virtual copy of that box you just wipe it out and make another clone against which you can try 10 more guesses. With FBI-level resources you could spin up a few million parallel copies of that lock and be trying tens or hundreds of millions of password guesses per second. Again, given two months and a reasonable level of resources, you can expect you'll get it.
1a. I further reason that the FBI (and the government) have much better cryptographers than me working for them. If I can think of an extremely stupid solution that works in two months I'm quite certain that the government's crypto experts can come up with a much better solution. All this is assuming that the NSA hasn't already pwnd the iPhone, which I think there's a good chance already happened.
So now the FBI is in possession of the data it says it needs Apple's help to get. Why go through this charade?
2. I believe that the government is planning to arrest/charge at least one more person and they are looking for a legal shield that will let them introduce evidence from the phone in ways that aren't subject to 4th Amendment challenges. If they can say with a straight face (and remember, the spooks are very good at lying with straight faces) that the evidence came about due to Apple's cooperation with a legal order then it's legal; if they got that data by breaking the phone, it's almost certainly tainted evidence.
ETA: the FBI also needs a legal cover that cuts off nosy questions from defense attorneys about the (secret) methods actually used to retrieve the data. In a court case judges often give attorneys wide latitude in the discovery phase.
So if anyone with half a brain can reason that the government already has the data why isn't Apple just rolling over, and why is the US Government making a big deal of it?
3. I believe this is a shadow-puppet play staged partly for the US public, which is likely to be scared by more terrorist boogeyman stories and fall in line bashing Apple, but mostly for the non-US public. Cook no doubt has a very good idea of what the potential revenues are for iPhone sales outside the US (growing, with China as a huge untapped market) and inside the US (shrinking). Cook's defiance is saying to non-US buyers, "We won't sell you out to the USA, so buy our phones." If he rolls over, then Apple's rivals are going to make hash of Apple's marketing in those lucrative overseas markets. We like to think of Apple as a US company but it has made more than half its revenue outside the US for years. If they lose some US iPhone sales over this but bolster their overseas reputation then Apple comes out ahead.
The US security state freaks out any time a corporation puts some level of encryption in the way of its giant data vacuum. Remember, this is the same security state that cried foul when Google started encrypting traffic between Google data centers (because the security state was gleefully hoovering up all that lovely bulk unencrypted data). The security state desperately want to make Apple look bad and try to cement in the public imagination the idea that encryption is just for criminals and terrorists. Based on what I'm hearing outside of tech circles they're doing a good job of that.
Anyone see flaws in this reasoning?
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2016-02-18 07:54 pm (UTC)One of the guys I know who develops code for hardware, discussed at least 2 methods of grabbing all the data off the phone in 1 go with a magnifying glass and a soldering iron... so.. yeah; this is theater.
no subject
Date: 2016-02-18 08:08 pm (UTC)no subject
Date: 2016-02-18 08:41 pm (UTC)no subject
Date: 2016-02-19 12:04 am (UTC)no subject
Date: 2016-02-19 11:13 am (UTC)no subject
Date: 2016-02-19 07:47 am (UTC)(http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html?smprod=nytcore-iphone&smid=nytcore-iphone-share&_r=0)
and Farook destroyed his personal phone - so the FBI wants us to believe that his work phone has vital info on it?
no subject
Date: 2016-02-19 11:13 am (UTC)And yes, the FBI is freaking out at Apple, Has been for a while. It's possible that the Feds simply miscalculated and didn't intend this level of showdown or they may have felt they would never have a more favorable example on their hands to make their case. The surface facts of the case make them seem very sympathetic. The shooters are right up there with child rapists in the public hate competition, so putting Apple in the position of seeming to defend someone so hated makes Apple look bad.
But I think the Times article continues to miss the degree to which Apple is not a US company, particularly in its revenue profile and growth opportunities.
no subject
Date: 2016-02-20 01:23 am (UTC)There are 10,000 possible passwords on an iPhone. Wouldn't 1000 parallel copies be enough, then? And doesn't that mean that your "two month" estimate should be a lot closer to "two hours"?
no subject
Date: 2016-02-20 02:23 am (UTC)no subject
Date: 2016-02-20 06:50 am (UTC)no subject
Date: 2016-02-20 11:50 am (UTC)