back to article iOS flaw exploited to decrypt iMessages, access iThing photos

Johns Hopkins University professor Matthew Green says a hard-to-exploit zero day vulnerability in iOS encryption allows skilled attackers to decrypt intercepted iMessages. Replication steps for the bug have been withheld until Apple releases a patch for the latest stable iOS 9 version. Green told The Washington Post he and …

  1. Anonymous Coward
    Anonymous Coward

    FBI presumably salivating

    Probably not.

    They will do anything, but salivate if they lose the Casus Belli to have the authority to command any corporation to do anything with their products and services as they see please.

    1. Charles 9

      Re: FBI presumably salivating

      But it should let the cat out of the bag. Apple could point to that and very clearly say they don't need to be involved. Use that exploit since THEY'RE a state-level agency. The court obviously can't order to Apple to do something unless there's no alternative, which this exploit clearly presents.

      1. Charles 9

        Re: FBI presumably salivating

        And would you look at that? The FBI's actually backing off! Seems the revelation of this new exploit crumbled the foundation of their case since it's now proven they don't need Apple's help to get into the phone, and by law you can't compel something when an alternative is available (necessity is required).

        1. Matt Bryant Silver badge
          Happy

          Re: Charles 9 Re: FBI presumably salivating

          Of course, after Cookie made out that the World (well, iBone users) would be DOOOOOOOOMMED, with everything up to and including a plague of baby-eating locusts, if anyone was able to read the data on the iPhone in question, it would seem the iBoners best switch to a more secure phone.

    2. Anonymous Coward
      Anonymous Coward

      Re: Obama presumably salivating

      FBI Obama presumably salivating

      Fixed it for ya.

      http://www.theregister.co.uk/2016/03/11/president_barack_obama_encryption_sxsw/

      Amid the row between Apple and the FBI over the unlocking of a mass murderer's iPhone, President Barack Obama has told the tech world to suck it up and do what the Feds want.

      1. Matt Bryant Silver badge
        Facepalm

        Re: AC Re: Obama presumably salivating

        ".....Obama presumably salivating....." Probably not, he's too busy "sealing his legacy" in Cuba to actually worry about anything that affects the proles, be they USians or otherwise.

  2. Anonymous Coward
    Anonymous Coward

    A 4 digit pin just doesn't have sufficient entropy on its own. You have to trust the hidden key part of the algorithm is absolutely secure, which it never will be given physical access.

    What's needed is a diceware style interface for rapidly picking words from a finite dictionary, using a touchscreen. That way the key alone could withstand brute force attacks.

    1. Charles 9

      Physical access can break ANYTHING open since they can just use side-channel attacks coming from things like EMR to deduce whatever secret is needed. Worst comes to worst, they can decap the chip physically (defeating any booby-traps along the way). That's why they say that physical access = Game Over.

      1. Brewster's Angle Grinder Silver badge

        "Physical access can break ANYTHING"

        The FBI have a phone that refutes that.

        1. Charles 9

          No, it's just they don't WANT to break it physically. They're trying to mandate a legal backdoor by judicial precedent.

          1. Brewster's Angle Grinder Silver badge

            The tinfoil hats are strong with these ones.

            "They're trying to mandate a legal backdoor by judicial precedent."

            Yes, they do want a legal back door. But they want it because access is (1) physically impossible, (2) prohibitively expensive or, if you're ultra paranoid, (3) they don't want to reveal the technique they are using.

            Reason #2 amounts to reason #1. They might conceal a technique because it's patchable or because it's so outrageous that everyone would demand it's made illegal, if it's not already. But it doesn't matter what you know, if you can't bring it before a court it's useless.

            1. Charles 9

              Re: The tinfoil hats are strong with these ones.

              "Yes, they do want a legal back door. But they want it because access is (1) physically impossible, (2) prohibitively expensive or, if you're ultra paranoid, (3) they don't want to reveal the technique they are using."

              Well, the article says that, according to these researchers, (1) doesn't apply (it's proven possible), (2) is unlikely (though it takes state-class resources, it's unlikely to be too costly for a state), and (3) is moot (the secret's already out).

            2. Doctor Syntax Silver badge

              Re: The tinfoil hats are strong with these ones.

              You forgot 4. They want a precedent that can be gradually widened to get a backdoor inserted into any S/W they choose. That's the really dangerous one.

        2. FuzzyTheBear
          Pirate

          Assuming ....

          You assume that the FBI is being thuthfull when they say they can't , which of course is a serious mistake. Never trust the agencies to come out and tell the truth. NEVER .

    2. SuccessCase

      It's not the 4 digit pin of course. It's the user's Apple password. The 4 digit pin is only used to grant access to a local physical device. Anytime services are set-up, the user's Apple account password is required and that also supports two factor authentication.

    3. Anonymous Coward
      Anonymous Coward

      "A 4 digit pin just doesn't have sufficient entropy on its own."

      I never really understood why PINs always seem to be limited to 4 digits. Most people don't have a problem remembering a 7 or 8 digit phone number so why not use the same number of digits for a PIN?

      1. Anonymous Coward
        Anonymous Coward

        Wording changed slightly...

        "Most people don't have a problem remembering a 7 or 8 digit phone number so why not use the same number for a PIN?"

      2. Charles 9

        Many people have trouble remembering more than a few of those numbers at a time. That's why we keep directories. If we're forced to remember a long PIN, we're likely to forget something else.

        1. Anonymous Coward
          Anonymous Coward

          4 digit PINs

          The 4 digit PIN isn't used to seed the encryption, it only unlocks the real encryption key. Read the iOS Security Guide Apple helpfully provides for a full explanation. So no worries about lack of entropy. Whatever this flaw is, it has nothing to do with the PIN and must be something in the way key exchange works for iMessage. Encryption is hard to get right, even for experts. Which is why the spooks probably like the idea of terrorists using some third party app like Telegram - they don't have all the experts an Apple or a Google can afford, and if they can screw up, and all the people reviewing OpenSSL can screw up, what chance does a guy writing an app like that have to get everything right?

          As for the length of PINs, you aren't limited, you have the choice to use passwords. I think with a PIN you might only get 4 or 6 digits, and maybe that could be relaxed but I think it would be better to not relax it and instead encourage people to use passwords.

      3. Anonymous Coward
        Anonymous Coward

        I never really understood why PINs always seem to be limited to 4 digits.

        Is this still the case on phones?

        Mines an 8 digit.

        1. Chemist

          "Mines an 8 digit."

          And I've got a debit card with 6 digit PIN although it isn't a UK one

  3. Christian Berger

    The FBI probably doesn't care

    a) They likely already bought the exploit on the exploit market.

    b) It's not plausible that they have problems getting to the data, at least not if they are as well equipped as the Dutch police:

    https://www.youtube.com/watch?v=AVGlr5fleQA

    What they want in the current case is a way to make the attack cheap enough so it can be used on large numbers of people. For a single case extracting the key out of a security chip is well within what Apple would charge for custom firmware.

  4. JeffyPoooh
    Pint

    "...shatters the notion....left no opening for... ...hackers..."

    "... it shatters the notion that strong commercial encryption has left no opening for law enforcement and hackers..."

    Yep. Same old, same old. Nobody should be surprised by this. Unless they're oblivious to history.

    Although this is not directly applicable to the FBI thing, it's evidence that this haystack still contains plenty more needles.

  5. Cuddles

    Nation-state?

    "Green says the attack applies to the latest iOS but would be largely restricted to "nation-state"-grade skilled attackers."

    This attack was discovered by some students at a university. Why would it take the resources of a nation-state to replicate and use it?

    1. noj

      Re: Nation-state?

      Up voted...

      Good point!

      Question for all: Have we ever heard of a zero-day exploit from our own nation states?

      1. Afernie

        Re: Nation-state?

        "Question for all: Have we ever heard of a zero-day exploit from our own nation states?"

        Why would they tell you dear citizen, of the many zero day exploits they possess but aren't legally authorised to use (but do anyway)? Hence the global scramble for incredibly dubious legislation designed to retrospectively make it all hunky dory instead of black bag and allow them to use their ill-gotten evidence (or planted stitch-up material) in a court of law.

        We live in some impressively fucked-up times.

    2. Charles 9

      Re: Nation-state?

      Just because you discover it's possible doesn't mean you have the resources to actually pull it off. Think "Traveling Salesman Problem". Simple to describe, utter nightmare to implement.

      1. Doctor Syntax Silver badge

        Re: Nation-state?

        Simple to describe, simple to implement utter nightmare to run to completion.

        FTFY

    3. Old Handle

      Re: Nation-state?

      My guess (without having read any of the details, mind you) is that they set up unrealistically favorable conditions in their lab. So they have a proof of concept, but it doesn't mean they're equipped to pull it off on a real target.

      1. Anonymous Coward
        Anonymous Coward

        Re: Nation-state?

        Not only did they probably choose favorable conditions, if you want to do this in a targeted way you'd have to capture and decrypt everything. So no worries about someone setting up a WAP and doing this.

    4. 404

      Re: Nation-state?

      The implication being that without the courageous brilliant leadership of Le Professor, it would take a nation-state with comprehensive reading skills like he has, to discover a security hole in IoS. Ordinary plebs like us could never find such a thing...

  6. Anonymous Coward
    Anonymous Coward

    So, Apple has backdoors to their OS

    but they're actively withholding them from law enforcement agencies. Isn't this supposed to be an offense ? I mean they're not supposed to cave in to law enforcement requests and modify their code but ostensibly closing an existing one could raise some eyebrows among government agencies. I hope Mr. Cook knows the difference between preaching to his followers on Twitter and being grilled in front of a US senate committee.

    1. Doctor Syntax Silver badge

      Re: So, Apple has backdoors to their OS

      The likelihood is that it's one they don't know about so they're withholding nothing. If you RTFA you might spot that it pretty well implies that.

  7. arobertson1

    Key = 4 digit passcode + serial + salt. Salt = phone number? I hope not!

    1. gnasher729 Silver badge

      Key = 4 digit passcode + 256 bit unreadable encryption key in the CPU + 256 randomly generated device key stored in flash memory.

      Passcode can actually be any number of digits, or digits and letters.

  8. Cynic_999

    My guess is that it involves a flawed RNG implementation.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like