John McAfee, Internet Treasure

"Yeah, that technique might work for the DOS version of Leisure Suit Larry. Not for an iPhone."

Now I'll probably lose my admission to the world hackers' community, however, I'm gonna tell you. You need a hardware engineer and a software engineer. The hardware engineer takes the phone apart and it [sic] copies the instruction set, which is the iOS and applications [sic] and your memory, and then you run a piece, a program called a disassembler which takes all the ones and zeroes and gives you readable instructions. Then, the coder sits down and he reads through, and what he's looking for is the first access to the keypad, because that's the first thing you're doing when you input your pad. It'll take half an hour. When you see that, then you reads the instruction for where in memory this secret code is stored. It is that trivial. A half an hour.

Previously, previously.

Tags: , ,

19 Responses:

  1. jrrs says:

    I remember using a disassembler "back in the day" when DOS was the predominant OS. Copy protection sometimes could be thwarted by simply replacing a call instruction with an appropriate number of NOPs.

  2. Old Geezer Programmer says:

    If you know how to read machine code it doesn't matter what machine it is. Just because Apple and Microsoft have made life easier and easier by taking the programmer further and further away from the machine, doesn't mean that machine code does not exist.
    Try writing a driver for any peripheral.
    It is so sad to me that the programmers today know so little yet they think they know so much. Like Mr. McAfee said, Join me at a coding table and i will kick your ass.

    You probably have no idea what that is or means.

  3. Otto says:

    Look. Give the man a break. He's been drinking and hiding in Belize for a while. Modern encryption is probably news to him. Let the crazy person be crazy. It's way more fun. :)

    • JPD says:

      Perhaps he really wants to eat a shoe on live television, and he just needed an excuse.

    • Rich says:

      Give the man an iPhone so idiot journos stop saying what he says.

      Better idea, don't so they keep saying it, because it's more fun.

  4. Chris Davies says:

    Kids these days with their cryptographic coprocessors and their secure hardware keystores. Why, in my day we'd simply beat the computer with a stick until it gave up its secrets.

    Anyway, does anyone want to place a bet as to whether this whole rigmarole is proof that whatever key derivation function Apple uses is actually secure and doesn't have some NSA derived backdoor that reduces its effective entropy to about zero, or that terrorism just isn't considered sufficiently serious for the people handling the case to be let in on the secret?

    • Chas. Owens says:

      I doubt anything short of a nuke loose in the US is worth revealing that sort of back door. What would be more likely is the NSA would crack it and then leak info to the FBI so they could do "parallel construction". But this case isn't about what is on that phone, it is about setting a precedent that they can break into any phone they want.

      • phessler says:

        if this is about precedent, they are doing it in a really strange way.

        "dear congress and courts. we know for a fact there is no relevant evidence on any of the phones we are asking about. please ignore us pissing you off, and give us the deets anyways. love, fbi.

        ps. I'm in ur base, killing ur dudez"

    • Nick Lamb says:

      All the key derivation functions an actual crypto person would use seem fine. While there has been a flip-flopping on whether we believe the NSA are acting like good guys or bad guys when it comes to design, the closest we have to a smoking gun, after so many years, is one constant in one algorithm where they didn't choose a nothing-up-my-sleeve number. Suspicious, no doubt. And I'm not here to recommend you use that algorithm. But hardly convincing evidence.

      Far more likely IMHO is that Apple and/or the NSA actually have a list of iPhone UIDs. Apple say they don't, but it's just so tempting when minting arbitrary random identifiers to keep a list of them "just in case". If the NSA tampered with the design I guess the "random" UID could be N*M mod 2**256 where M is a 256-bit constant - the resulting values look "random" to the eye and by careful choice of M can be normal (in the statistical sense) so that some randomness tests wouldn't spot any problems. Then they wouldn't need a list at all, the rough manufacturing date would give them a small range for N and that gives you a relatively small number of possible UIDs. But just keeping a list really isn't that hard.

      With the UID for that specific phone, anyone technical can try all 10000 possible PINs with the key derivation function and unlock the phone's storage, sidestepping the firmware entirely. But if you believe Apple, the only way to get the UID is to have a chip fab take the thing to bits the hard way. Which is expensive, destroys the phone and thus, is fine by me. Nobody's going to start using that trick on their daughter's new boyfriend, or the neighbour with the barking dog, let alone every passenger arriving at JFK.

      Anyway, the top line JWZ quoted may be beaten by this slightly drier comment in the same thread

      "I don't know why people are saying it's drivel. I used to crack Commodore 64 programs with much the same method when I was a teenager, so unless computers and software have changed dramatically in the last 30 years it should still work"

      • Ben says:

        Anyway, the top line JWZ quoted may be beaten by this slightly drier comment in the same thread

        "I don't know why people are saying it's drivel. I used to crack Commodore 64 programs with much the same method when I was a teenager, so unless computers and software have changed dramatically in the last 30 years it should still work"

        That one made me laugh out loud. I'm a sucker for bone-dry humor.

      • yuubi says:

        > the closest we have to a smoking gun, after so many years, is one constant in one algorithm where they didn't choose a nothing-up-my-sleeve number

        If you're thinking of the dual-EC pseudorandom generator, we also have a patent application, filed before the standard issued, for a method of backdooring that algorithm by choosing P and Q. One of many sites with details.

        • Nick Lamb says:

          Yes we do. But the fact that the NSA knew how to do something naughty isn't proof that they did it. In fact, if this method hadn't been patented at all, and was only freshly discovered six months after the NSA chose that value, wouldn't you be suspicious anyway? You should be.

          Cautious optimism is my preferred approach with the NSA. You won't catch me using dual-EC, but you also won't find me shying away from AES-128 just because Rijndael wasn't everybody's first choice of cipher.

      • bryan says:

        > "I don't know why people are saying it's drivel. I used to crack Commodore 64 programs with much the same method when I was a teenager, so unless computers and software have changed dramatically in the last 30 years it should still work"

        oh man. just brilliant.

  5. Leonardo Herrera says:

    From there I got here. Wha?

  6. nikita says:

    He is right, you know. The part of the encryption key on which everything else hinges is stored in the clear: as the unique per-chip identifier embedded in the processor (which, if you were benevolent, you could call "memory"). So, if your "hardware engineer" is good enough you will get the key as a sequence of "ones and zeroes ". After that you only have to try 10000 combinations to recover the full key.

  • Previously