There's a lot of talk and media attention on the FBI's request for Apple to help break into the phone of a terrorist. There's also a lot of confusion and misleading information surrounding that whole debacle, which I would like to clear up.
The phone's contents are encrypted on its storage medium. That makes the request different than a simple unlock - just moving the storage device to a different reader wouldn't help. There's no backdoor, and no "master key" that Apple can use to decrypt anybody's data. The encryption key is derived from a password, but guessing passwords really quickly wouldn't work because the storage controller would slow down the requests and eventually destroy the data after too many failed attempts. Picking apart the storage medium and circumventing the controller would likely result in the destruction of the data because the physical medium is so tiny and delicate.
Therefore, the FBI is asking Apple to create an alternate program ("firmware") for the storage controller that would allow rapid guessing and eventually decryption. The FBI can't make it themselves because they don't have Apple's firmware-signing key; the updated firmware wouldn't be accepted without a valid signature.
Apple doesn't want to give the FBI a signed alternate firmware because the FBI and the government could use it on other devices to invade the privacy of non-terrorists. So far, they've defied the court order.
Related reading: Cryptography wins
No comments:
Post a Comment