If I understand what’s been said so far -
The “secure enclave” is encryption-connected to the processor, and the keys are stored in the secure enclave. So the regular RAM can only be decrypted by the key stored in the secure enclave. The secure enclave cannot just be connected to another processor and read. Monkeying with that will, I assume, brick the phone.
(In fact, there is a lawsuit pending for people who had a third party repair shop replace the start button. Since it’s also the fingerprint reader, it has to be securely connected to the processor and there’s a special procedure for that. Otherwise, the processor interprets it as an attempt to crack the phone and bricks it.)
So the problem is duplicating the RAM elsewhere does not work, it does not contain the 4-digits to 256-bit-key translator. Instead of 10,000 tries to decrypt the RAM you will need to do 2^256 (?) tries with large primes. I assume Apple has made the secure enclave as tamper and tap resistant as they could.
Your 64GB iPhone will only backup on Wifi since very few people have 64GB data plans. It’s bad enough it sends crap over 4G when you don’t want it to. Imagine doing backups, too. The cellular network would be flooded.
I suspect this is a fishing expedition - the FBI will leave no stone unturned to see if the couple that went postal on his workplace were really jihadists or just disgruntled employees. (I would imagine there are a helluva lot more spectacular places to go all terrorist if your goal was to make an impact). They probably don’t expect to find out anything, but it is a convenient case for forcing backdoors into consumer products and destroying the market for American technology. Maybe Samsung should get busy buying iPhones for the Middle East.
Thanks!
comes from being a long-time Apple user, I never read all the directions…
As you say, down in the fine grey print at the bottom is a clear message saying turn this on to wipe the phone after 10 attempts. I wonder if the FBI knows the setting is on or if they are just assuming worst case. If it is off, then it would just be a matter of time to get into the phone. Interestingly, I wonder how the FBI knows the passcode is set to the default 4 digits. The first thing I did was set the passcode to a custom length. And one can also choose an alphanumeric passcode. Either one would make the brute force method much more time-consuming. Especially if the brute doesn’t know the length of the code.
Perhaps that is an unstated or not discussed part of what Apple is supposed to provide-information on the details of the passcode. That may be accessible to a custom iOS.
