Does anyone think the FBI for real cracked AES encryption? I want to hear some hypotheses on how it was done from people who might understand what they're talking about. Deep learning? Quantum computing?
>>53750740
No.
They know this would've gone to the supreme court and they would've lost the fight entirely and been even more restricted in what they could do.
Guarantee they're either going to come out and say they didn't find anything on the phone or it's never going to be brought up again in the media.
What are you on about?
Experts kept on saying they already have ways to break it and now they did it. What's the surprise there?
And where does it say they broke AES?
They broke/bypassed a single implementation of it, nothing more.
>>53750740
How about just soldering off the flash memory, backing it up and then just trying 10^4 or 10^6 passcodes?
NSA supposedly can't spy on US citizens. So, "Israel cracked it" could be a legal way of having NSA look at it.
>>53750771
as much as scalia injected his personal opinions into his rulings he wouldn't have stood for this. he even said heat locators on houses were unconstitutional due to slippery slope ramifications
>>53750740
They just bruteforced the passcode with a nand dump, or they have a backdoor already.
Backdoors are ALWAYS there just to be discovered later as "Bugs". So they patch them without being liable for damages later.
A pretty prime examples of this:
http://arstechnica.com/apple/2012/05/debug-code-in-os-x-1073-exposes-passwords-for-legacy-filevault-network-users/
https://nakedsecurity.sophos.com/2014/02/24/anatomy-of-a-goto-fail-apples-ssl-bug-explained-plus-an-unofficial-patch/
https://pentest.com/ios_backdoors_attack_points_surveillance_mechanisms.pdf
http://www.iphonehacks.com/2015/09/ios-9-lock-screen-security-flaw-anyone-bypass-passcode-access-photos-contacts.html
To understand what I mean by "bugs" you could look at this first: http://www.underhanded-c.org/
Make no mistake, apple has always secret "ways" to leak your information for goverments for months until some clever user discover them so they patch them, but when they patch 1 "bug", they already have 2 more already implemented.
iOS is full of sekrit backdoors, the FBI managed to find one.
Point is iOS is now the most unsecure mobile OS out there right now.
>>53750955
>Point is iOS is now the most unsecure mobile OS out there right now.
Android is.
>>53750740
They probably just made multiple backups of the ios image and brute forced the passcode
>>53750980
>Android is.
It used to be, now iOS will take it's place.
>>53750740
The phone was protected by a passcode, they might have manged to circumvent the protection that prevents from making too many false guesses in succession thus becoming able to do a bruteforce. Though even bruteforce is useless against a good passcode.
>>53750848
I'm pretty sure the device checks to see if all of it's original components are in place, if not -> wipe
>>53751144
That's false, a device can't know if the nand is original or not, its just an storage medium, hell I have replaced hundreds of broken screen with chinese parts. They just cloned the nand and bruteforced their way to enter the device.
>loosing
>we need 2 look at this iphone for some reason lol let us in
>NO WE WONT DA PRIVASE OF OUR USOR IMPORTANT OR SOMETHIN
>watever
>we got in
>FUCK
>>53750817
This. Side channel attacks are a threat to every encryption algorithm, no implementation is perfect. Apple has maintained blatant backdoors in their products for years anyway.
>>53750993
>what is stagefright?
>>53750740
Check Snowden's documents. There is already a backdoor in all Apple's products. Obviously they used it.
>>53750740
Of course they didn't crack the AES algorithm you fucking retard. They performed a side channel attack, like any attack that works against an encryption spec.
>>53751399
A vulnerability that has already been patched. Meanwhile, iOS surpasses Android in quantity of vulnerabilities.
They literally did a brute force method, they turned off the auto delete at 10 attempts feature, and made a backup
Then they just tried every single numeric combination
>>53750740 (OP)
>homosexual liberal defending muslims
If the San Bernardino shooter was white, Tim Cuck would have presented the iPhone to the FBI with it in his asshole
>>53751552
Millions of devices haven't been patched and ASLR can be reliably bypassed. You're right though, ios is full of vulnerabilities.
>>53751193
It was either this or a side channel attack, the backdoors apple have in place for situations like this don't work unless you've entered the passcode after booting the device (which is why this whole ordeal started in the first place, fbi got the shits because the backdoor wouldn't work and they decided to blame apple for it).
>>53750848
Sort of. Cellebrite have a replay attack allowing for state rewind. Some other researchers named it NAND mirroring; it's a well-known technique already. I've seen it used on satellite cards back in the day to much the same effect.
I don't think it would work on Secure Enclave phones if the counter is in the internal enclave EEPROM (it damn well should be, but I don't know enough about SE internals).
We may have heard the last of this phone (there was of course nothing of relevance on it) but the FBI will be back. They have several other parallel cases.
>>53751202
fuc
>>53751957
y tho
>>53750740
>Apple is too good!
>"loosing"
obvious troll post
>>53750740
The cipher chosen for AES was backdoored from the beginning.
>>53753739
For fucks sake you imbecile this is NOT TRUE.
Rijndael is completely backdoor free. Take your troll shill baiting somewhere else you retarded autistic manchild.
>>53750896
That's fucked up.
We are not safe.
They didn't break any kind of encryption. They just used Cellebrite kit to clone the device's NAND through a custom reader, then reflashing upon every failed bruteforce. It's easy to do, just the kit to do it is expensive. It's how we read from broken phones in work (albeit we do have the client's codes in our case).
I think Apple agreed to unlock the phone/install a backdoor but under the terms that it wouldn't be released to the public as it would damage their reputation with customers.
It just so happens they rolled out a new software update that seems to change dick all and it's only been like a month or two since the last one.
>>53753949
So basically if you have a decent passcode you're good
>>53753995
Even without it you just rollback until you get it.
Someone in the thread already explained it, I just didn't see it because I'm posting on my phone while taking a shit.
>>53754027
>you just rollback until you get it.
I said "decent passcode" my shitter friend
>>53754050
Yeah, because then it just behaves like any other unlocked phone.
It may be possible that the FBI wanted to further erode the poor American freedoms a little bit with a president setting case in the courts to have a corporation aid the FBI and subvert the security technology they sell. But later reflected at the timing, media exposure and cost to win such a case in the courts was no as feasible as they had hoped.
>>53750740
I don't know if the FBI cracked AES encryption but I believe that the unnamed party did exactly what Apple said they themselves couldn't do, defeat the password protection.
If Apple was lying about that I wonder if Apple was also lying that working with the FBI would compromise all iPhones? If Apple wasn't lying I guess everyone better chuck their iPhone.
>>53750740
I highly doubt the FBI dropped the case because they wanted to avoid going to the Supreme Court. This was the best case they could hope for to take to SCOTUS. The legal owners gave the FBI permission, the case involved terrorism, and numerous third parties had come forth with solutions.
>>53750740
> I want to hear some hypotheses on how it was done from people who might understand what they're talking about. Deep learning? Quantum computing?
They did it with buzzword or with buzzword.
>>53750740
>Does anyone think the FBI for real cracked AES encryption?
The key is 4 digits m8...
>poo in loo
>Its not spelt loosing
What the fuck
>>53750740
They did not break any encryption. They bruteforced the PIN number. I heard it was a 4 digit pin on some news site. Anyway, it works like this.
>install iOS that removes bruteforce protection
>bruteforce
It's that easy.
>>53750896
Applefags have no input on this wonderful post?
>>53756065
what are they gonna say, "no u"?
>>53756065
I didn't check everything but the last "hack" isn't really a hack because the guy used his Touch ID registered finger to activate Siri. Also even if they do manage to dump the flash memory they still need to find the passcode which can easily be made unfeasible.
>>53750771
This. They're going to wait until they can find some small potatoes smartphone company, with less popular appeal, and then try their luck again
They didn't crack AES, they cracked a 4 digit passcode.
>>53752077
You understand it quite well...it wasn't an Apple 'backdoor' software driven hack...
The solution was actually quite simple if you think about it...
>>53753995
>>53754050
If it's a passcode decided by a muh moslem who's dumb enough to buy a appleshill, how hard is it to guess it? Maybe bruteforce wasn't needed since he wrote it down on his halal adult diapers?
>>53755516
>>53756008
Okay that's easier to crack than a tripcode here.
Not like it matters now. They spilled a glass of water on the phone and ruined it.
>>53750740
>I want to hear some hypotheses on how it was done from people who might understand what they're talking about.
they called cellebrite in israel who had exploit code for the iOS version. jonathan zdziarski already said they could've asked anyone named in the iOS security patch notes at any point and gotten PoC code for free
