Comment on Leaked Cellebrite Tool Docs Reveal List of Phones That Can Be Unlocked
fmstrat@lemmy.nowsci.com 3 months agoFamiliar, but based on your first comment about the benefits of hardware encryption over software encryption, and thus iOS being better than Android, perhaps you’re misinterpretting the specifics?
For the first point, the SE only stores keys at rest. The keys and hashes are still in memory when booted, otherwise the device wouldn’t be able to function. This works the same as software encryption, the key itself is just encrypted and stored on “disk” instead of in flash when off.
For the second, Apple’s software signing keys would not give the FBI access to a device. There is nothing to “turn over”. The signing of new software to bypass the lock was to remove the 10 retry reset. As above, there is no benefit to hardware encryption over software here.
The benefit hardware encryption brings is potential speed (which is certainly valuable, but not necessarily more secure or harder to crack).
underisk@lemmy.ml 3 months ago
I’m not claiming iPhones are superior. I don’t care about dumb OS wars, just don’t put things on your phone expecting that they can’t be retrieved. That’s the only point I’m trying to make here.
fmstrat@lemmy.nowsci.com 3 months ago
This was the hardware vs software comment I was debating, not the rest.
Also, software signing keys (like those requested by the FBI) would work for enabling brute force since that’s a change to the software, but not for direct access into SE. That would be like saying a firmware update could grant access to a LUKS partition without the passphrase. Not possible. If it was, no open source encryption would ever work.
underisk@lemmy.ml 3 months ago
The only thing that has successfully managed to thwart the FBI in their attempts to break into a phone was Apple’s hardware based encryption. To such an extent that they took legal and legislative actions to try and circumvent it. The specifics of how the encryption works is irrelevant to this argument, and you are more than welcome to consider that point conceded.
Lojcs@lemm.ee 3 months ago
If it’s not the “Apple’s” and also not the “hardware based encryption”, what’s the argument then? As you pointed it out FBI only needed apple’s help since they didn’t have a working exploit and dropped it once a new one was found. In the latest case with android once again their existing tools didn’t work but cellibrite had an unreleased one ready to use, so they didn’t need to go to court in the meantime.