As for "replaced the camera with a laser" ... we're discussing phones here. Really secure phones are going to be secured with tamper-evident seals; indeed, they already are to some extent (e.g. Apple, Samsung et al use water sensors to verify whether a phone's been dunked in the bath before they decide whether or not to honour a warranty that doesn't cover water damage).
]]>Hacking into computers is like common burglary - they typically don't try to pick the lock on the front door. They will see if it is left unlocked, and may occasionally copy a key or force the door, but they will usually prefer to find some other way in (like a window, air vent, etc.) And, almost all of the time, they will rely on the occupant having used inadequate security on those routes or having forgotten to secure them properly. And sometimes that will be because the occupant bought 'secure' windows/vents/etc. that were easy to open if you know how and have the right tools.
]]>When my house was broken into over 20 years ago there were two interesting point.
The guys doing the break ins were doing them based on their friends of friends at high school talking about when they were "off" kid watching duty due to people being out of town. I was actually in town with family out but got home late and found the mess. At least I wasn't 1000 miles away at the time and having to return.
The very best deterrent according to the police was to have a dog that barked and sounded big. Rate of entry on those houses was way lower than those without.
http://www.newsmax.com/TheWire/fbi-arkansas-homicide-iphone/2016/03/31/id/721672/
Looks like the San Berndardino deal was an opportunity for Apple to make it look like only Apple could hack iphones and only with a court order. Their play would have been to take the offer and go on pretending to be unhackable. Now everybody knows iphones can be hacked by the FBI and any of their friends..
]]>The short answer: Nothing -- at least from the technical aspect of the software to do so -- prevents apple from making a new iOS, and signing it only for that one device, to permit unlimited numbers of PIN attempts. Even if the device had the security enclave (the "s" models), that still would not stop them, because while the security enclave is a separate CPU, running separate code, it still runs an apple signed blob that apple can update.
The technical answer: 1: Depending on how Apple stores and accesses their master key, this may be seriously impractical for anything more than a one-off. 2: There is no real difference in this model and earlier models, except for the change that the user-data is protected by a 4 digit PIN, and if there wasn't a software driven counter to restrict PIN tests, the PIN isn't a barrier.
The real answer: This is more about establishing trust in Apple than anything else.
The long details: https://marcan.st/2016/03/untangling-ios-pin-code-security/
That same page shows two ways to attack the iPhone, or any other such system. First, we have the technology to read the CPU's master secret password off the CPU. In the worst case, that can be used to do brute-force attacks on decoding the memory and data with just sufficient GPU/CPU time. The more practical method is the reply attack. Yes, the computer will wipe the storage master key after 10 failed attempts. But you can image the raw, encrypted memory, make 5 attempts, and then restore the raw, encrypted memory and try again.
Newer phones make this procedure more complicated, but not fundamentally different.
"iPhone security currently relies on Apple promising not to release firmware that would break their security model, and the FBI is simply asking Apple to break that promise. The “backdoor” is already there: that Apple can write new versions of iOS and sign them."
"The core issue at hand is that, currently, all iPhones fully trust firmware signed by Apple."
]]>I think that they want to be the next clearing house / exchange thingie (whatever it's called) that carries all the payment information. After all, even if they only get 10 cents per transaction, that adds up -- and I'm sure that they will charge more (insert complaint about 2% to 5% plus 25 to 40 cents here).
Equally, it is a case of "Trust Linux, where no one will defend you? Trust Google/Android, who at least puts an entity behind Linux / a target you can sue if they mess up? Trust Apple?"
Given the choice of "Do we trust Apple for security, or do we trust Google for security", who would you trust at this point?
Who else is in the market? Samsung? LG? They market Google stuff, and don't keep them up to date. And, Google does co-operate with Law Enforcement rather trivially.
What's next? Will the next version of Android include a file system with encrypted data, and Google refusing to help law enforcement? I actually suspect the answer is yes.
]]>Problem is none of these were on by default and also androids more easily crackable than iOS.
]]>One should never underestimate the wiliness of extremely experienced bureaucrats. They can demolish your strategy and look at you, blinking innocently, and explain "surely you understand this was all done with your approval. After all, you HELPED!"
]]>