3. DOJ Files Motion to Compel Apple to Assist FBI

DOJ Files Motion to Compel Apple to Assist FBI

To me the ability to update firmware or the OS in a way that bypasses cryptographic protections means that the cryptographic protections suck.

To my knowledge, the OS data itself is encrypted, but with a key that's protected by a hardware-specific unique identifier, not by the passcode. So that means you can't just access the flash memory directly and see the contents, but the device can boot without a passcode - and could potentially perform an update without a passcode.

This contrasts with user data which is encrypted with keys that are protected by the passcode in addition to the hardware ID. Apple doesn't have any way to get at this without knowing your passcode.

There are a number of reasons why different types of data get different levels of security on iOS. But importantly, remember that the iPhone does not protect the integrity of the OS by encrypting the partition so that no one else can read/write to it. That's not why system data is encrypted in the first place. The iPhone ensures the integrity of the OS by making sure that each part of the boot process is code-signed by Apple's certificate.

This means that if you are able to provide a valid version of iOS that is properly code-signed by Apple, the device will happily oblige and replace the system data with the new version. There are no encryption keys required for this process - it's a question of signature validation.

As far as your question...

"Why would Apple allow forcing a custom OS without wiping encrypted data?"

Remember, the iPhone has no idea this is a custom OS - this is an official build, verified with Apple's code-signing certificate. This is just as normal of an upgrade as iOS 8 to iOS 9, as far as the device is concerned.

The reason why they can't prevent valid upgrades without a passcode is because it would simply be a software failsafe and nothing more. The FBI could just simply add a demand to remove this failsafe from iOS. In other words, the FBI would just demand that in addition to the weakened version of iOS + brute forcing tool that they want created, they also want Apple to remove the code which clears user data keys if you can't provide a passcode on OS upgrade.

/r/apple Thread Parent Link - abcnews.go.com
Previous
Next

Recently removed from /r/apple

Apple Music Classical has been released Microsoft Wants to Launch Xbox Games Store on iPhone What's the appeal of Apple? Apple is finally removing scam authenticator apps ! Great news. Apple retail employees testing 'Buy Now, Pay Later' service Daily Advice Thread - February 01, 2023 Biden targets Apple in op-ed on Big Tech regulation, need for improved competition Tim Cook scheduled to meet with Republican lawmakers Would you like a better alarm clock? No, Apple is (almost certainly) not ruining their ANC with firmware updates Google Tensor G2 vs A15 benchmarks iPhone 14 Battery Capacities For All Four Models Revealed Ahead of Launch Samsung can’t stop talking about the iPhone 14, and it’s getting a little creepy Apple investors are being asked to vote against giving CEO Tim Cook his $98.7 million pay package for 2021 Apple investors are being asked to vote against giving CEO Tim Cook his $98.7 million pay package for 2021

More Random Comments

When I released this song it was the least watched at release and I missed out on a record deal. But you guys spread it so much to where it’s my most successful one and pursuing music without a label is now a realistic possibility. From the bottom of my heart, thank you. I owe my life to all of you Had to postpone our celebrations there but... RIP TikTok :) I’ve had a DSLR for a week and it’s been 100% therapeutic in dealing with the suicide of a friend Thoughts on Gazlowe rework? New Info - Game Master Update - Tri-Attack buffed [Serious] Who's the worst human being you've ever met? Wubba Lubba dub bub by GALENAS. (Hybrid) Justice Ruth Bader Ginsburg, Champion Of Gender Equality, Dies At 87 Supreme Court Justice Ruth Bader Ginsberg dead at 87 Sort by controversial Is being schizoid like being socially anorexic? 6250 computer networks is no joke...... Goddammit fruit flies. How do I get rid of these god damn fruit flies for good? Culture War Roundup for the Week of September 14, 2020 "It happened in Germany, so that's Germany's history."