Apple's Message to Customers

[SauRoNZA]

I know it's said in jest, but after iOS they will come for Android...

As I recall Android isn't encrypted by default and you need to opt-in. Because of that there is probably some vulnerability.

Just shows you that either Apple's encryption is this good or the FBI sucks if they need to force them to help them.

 

[backstreetboy]

And that's why iOS 8 introduced encryption which prevents Apple from accessing the data, but we all know you're just here to troll.

Lol there's already a backdoor now they act like they are fighting it...

 

[morkhans]

Lol there's already a backdoor now they act like they are fighting it...

Please show us this back door you speak of.

 

[backstreetboy]

Please show us this back door you speak of.

I already did...

 

[ngwe23]

Wasn't Blackberry in a similar position years ago. Bottom line is that these governments are data hungry. That is the only way they can keep tabs on the populace and information is power. Ultimately apple is fighting a loosing war. Resistance is futile.

 

[ngwe23]

As I recall Android isn't encrypted by default and you need to opt-in. Because of that there is probably some vulnerability.

Just shows you that either Apple's encryption is this good or the FBI sucks if they need to force them to help them.

Well, you are wrong.

 

[SauRoNZA]

Well, you are wrong.

It wasn't always the case.

So it's on by default now? And since when?

 

[ngwe23]

It wasn't always the case.

It wasn't always the came, in the same way that it wasn't always the case with Apple.

So it's on by default now?

Yes, on by default.

And since when?

Android 6.0

 

[SauRoNZA]

Is it proper hardware encryption on Android now or still software only?

 

[R13...]

Well, you are wrong.

They apparently had back door access to droid iOS and blackberry in 2013 not sure if that's changed.

 

[LazyLion]

Apple is just being obtuse here and trying to score Brownie Points.
The government is not asking them to build a back door and hand it over to them.
They are just asking them to open this one phone.

 

[backstreetboy]

It wasn't always the case.

So it's on by default now? And since when?

http://arstechnica.com/gadgets/2015...-mandatory-device-encryption-for-new-devices/

For device implementations supporting full-disk encryption and with Advanced Encryption Standard (AES) crypto performance above 50MiB/sec, the full-disk encryption MUST be enabled by default at the time the user has completed the out-of-box setup experience.

 

[SauRoNZA]

Apple is just being obtuse here and trying to score Brownie Points.
The government is not asking them to build a back door and hand it over to them.
They are just asking them to open this one phone.

And if there is no backdoor...they themselves can't open it.

By design.

 

[icyrus]

Apple is just being obtuse here and trying to score Brownie Points.
The government is not asking them to build a back door and hand it over to them.
They are just asking them to open this one phone.

No they are asking for the means to unlock this one phone. What do you think they will do once they have the means, just use it for one phone? No, once this tool exists it will be used repeatedly and it will leak all across the world.

For the people who think Apple should comply here, would you still feel the same if it was China or Russia requesting this tool?

 

[ngwe23]

Is it proper hardware encryption on Android now or still software only?

Encryption MUST use AES with a key of 128-bits (or greater) and a mode designed for storage (for
example, AES-XTS, AES-CBC-ESSIV). The encryption key MUST NOT be written to storage at any
time without being encrypted. Other than when in active use, the encryption key SHOULD be AES
encrypted with the lockscreen passcode stretched using a slow stretching algorithm (e.g. PBKDF2 or
scrypt). If the user has not specified a lockscreen passcode or has disabled use of the passcode for
encryption, the system SHOULD use a default passcode to wrap the encryption key. If the device
provides a hardware-backed keystore, the password stretching algorithm MUST be cryptographically
bound to that keystore. The encryption key MUST NOT be sent off the device (even when wrapped
with the user passcode and/or hardware bound key). The upstream Android Open Source project
provides a preferred implementation of this feature based on the Linux kernel feature dm-crypt.

https://static.googleusercontent.com/media/source.android.com/en//compatibility/android-cdd.pdf

Hardware.

 

[ngwe23]

They apparently had back door access to droid iOS and blackberry in 2013 not sure if that's changed.

Every one including Apple and Microsoft was open to the governments. Non of their devices were encrypted except for BB, which is why they were always in trouble with governments.

 

[ngwe23]

Apple is just being obtuse here and trying to score Brownie Points.
The government is not asking them to build a back door and hand it over to them.
They are just asking them to open this one phone.

But how would they do that without a door, Einstein? Also have you heard of the word "precedence"?

 

[bwana]

I already did...

What you showed was what was possible, given the right circumstances, with an operating system two to three generations ago. You've failed to provide any indication that it is possible now.

So please, show us this back door you're referring to.

 

[LazyLion]

But how would they do that without a door, Einstein? Also have you heard of the word "precedence"?

It's all explained in the request, genius.
Customised ROM that prevents any data from being deleted and allows for repeated pin inputs with no delay.
Simple.
And then once this is opened, the customised ROM is then destroyed.

 

[morkhans]

I already did...

Nope. Given the time of the court case the most current iOS version was 7.