which, based on a quick read of that - is a tool for flahshing devices to known points- and its for a restore point, which would have to be set (or perhaps its restoring to default, which would also erase data). IN addition, the ddevce has to be enabled for that.
So - no - they don’t already ‘have that’.
PurpleRestore is for flashing OS bundles onto the device. That necessarily erases any data that was there, which obviates the whole point of this exercise.
It can also be used to install prototype firmware or restore bundles via USB, which is exactly the mechanism the FBI proposes for the software they want Apple to make.
Its more than the mechanism - in order for the mechanism to work - there has to be something in the OS that says “yeah - you can alter the security profile of this phone via this tool”.
You aren’t getting that part of the point.
::grabs popcorn::
Sorry, not in any way intended disrespectfully. I simply have nothing to add but am curious about this line of discussion, let alone what legal process might be pursued if things stand as they are.
I would assume that, as part of any legal proceedings, the Tech point of whether a break-in can be done specifically or not will have to be ruled on. It is what forces the embedded backdoor discussion.
Finally: I am going to get very tired of phrases like “embedded backdoor.” After a bit of giggling. 
I don’t see the part of Tim Cook’s letter that says it is impossible to do what the judge has ordered. His letter seems squarely focused on that it is too dangerous to do what the judge has ordered.
If a judge orders me to do something technically impossible for me to do, I wouldnt bother arguing why it is a bad idea for me to do it. I’d just say it is impossible.
I realize I’m reading between the lines here, but it sure appears to me that Apple is being directed to do something that it could do, but it is strongly opposed to doing.
Thanks for posting a link to the article and letter from Apple.
One technical aspect of this doesn’t make sense to me. They are asking Apple to write this software after the fact, and install it on a specific iPhone to retrieve encrypted data. I’m not an encryption expert, but my understanding is that a backdoor would need to be put in place before this occurs, not after. I don’t see how the request for this one situation is going to decrypt anything. Encryption is not like a password protected file, that without the software asking for the password you could easily read the contents. Encryption is designed so that without the key, no one can decrypt it through any sort of master decryption key method.
As for them to modify the OS of the iPhone for backdoor future use is an entirely different issue.
If so, then that points to legal process as well. There would have to be a ruling as to whether Apple / Anyone is capable of this specific approach without a preexisting Backdoor on the device.
OK, they just want the software changed so it doesn’t lock the user out after many failed attempts. For this to work, they would need to create another interface to enter the password like through a USB connection.
But do they really need Apple to do this? Yes, it would be easier because Apple built the OS, but seems like without Apple’s help they could still accomplish this.
As for the brute force method to guess the password it would greatly matter how fast the iPhone can process a request. It might have to be running for years before it could guess the right password.
Encryption is handled by public/private keys - in order for the user to be able to read the information, they have to be able to decrypt it locally. So the encryption/decryption at this point is not the issue.
The issue is that the phone will wipe the data if too many login attempts are tried - and the FBI wants a tool to allow “unlimited” tries to hack the phone. (Or to disable the “wipe data” function, more or less). Since those security measures are in the OS, you would have to first update the OS to potentially allow this, and then create them a tool that would enable/disable that feature on an already locked phone.
Which would be a very very bad thing for the users of iphone - if the bits live in the OS to do this, there will be exploits for it that will be used by nefarious people -
That’s what I don’t get. Even if the FBI asked Apple to change the OS to allow a backdoor, it would do nothing to get information from the phone in question. And I see nothing in the present case that leads me to believe that the government is asking for a general backdoor. Cook bringing it up seems to be a case of him avoiding the question of protecting the rights of a mass murderer and changing it to the question of backdoors, which most people oppose.
And anyone expecting that their data will be safe if their phone is in the physical possession of the manufacturer is a fool.
Another way it could be done, btw, is if they can reproduce an image of the phone onto a VM, where they can disable the locking software and try as many passwords as they please. I agree that if doing this or other methods was impossible Cook would only have to say so, and not fight it in court. That he doesn’t makes me think it is possible, but it is not something he wants to admit to.
Isn’t the UK threatening to ban iPhones unless Apple builds in a back door? If the US jumps on board with that, Apple will find itself in a tough spot.
Not specifically, just as a consequence of our idiot government getting their knickers in a twist about end-to-end encryption. Nothing will come of it though.
I am sure Apple would be happy to restore any bundle the FBI wishes to the phone.
What bundle should they use, specifically?
I’m usually willing to give the government the benefit of the doubt, but this seems to be a particularly stupid way to go about it. It is inconceivable that a backdoor could be created that would not result in hackers exploiting it, especially state-sponsored ones.
My take is that they think it is impossible, but they can’t know that it is impossible.
We may be talking past each other -
If the FBI agent can unlock the phone - they will have the abiltiy to access any infromation on the phone, and any infromation that the user had access to - encyrption/decryption is no longer an issue.
The FBI isn;t so much asking for a backdoor - but a way to prevent the phone erasing its data after x failed login attempts. In order to facilitate this request, a ‘backdoor’ would have to be created to enable/disable that feature externally on a locked phone.
Its not a ‘backdoor’ in the sense of a way to directly access the phone data (ala a hard drive)
I do not know that the technology exists to ‘create an image of the iphone’ (its more than a hard drive) that wouldnt also be limited by the ‘erase data’ feature.
If you clone a HD and then work to decrypt it - thats a different fundemental problem/solution.
Its not impossible - its software - it not currently ‘possble’ (in that the needed code does not exist), but since Applie owns the OS and knows the security features themselves (having created them) - they could clearly find a ‘way’ to do this - and its a really really bad idea to create the needed way to do this, due to valid security and privacy concerns.
Unless I’ve missed something in the government’s request, it would only be useful on a phone that they physically have in their possession and would not involve turning on the mic or camera… at least not until they had unlocked the phone in their possession, which would make the mic and camera pretty useless.
Not that I’m defending the government here. Apple is doing the right thing. People have a right to use encryption, and any backdoor available to the government might as well be available to everyone.