There is a big difference. iPhones that have iOS lower than 8 have back doors. The new iPhone iOS is encrypted to the point that Apple cannot unlock it themselves. Yes they have unlocked phones in the past but supposedly have written them self out of having the ability to do it from here on and into the future. Not lies.

The second linked article claims apple still can get in. If they couldn't get in, then there would be no press on this as Apple wouldn't be saying no we won't do this, they would say no we can't do this.

The only way to "get in" beyond their own encryption is to build a brute force cracking device, which is possible - because they wrote the encryption, but it would be able to work on any and all Apple phones and THAT is what they are refusing to do. Yes before iOS 8 they did have a backdoor bypassing the password system, that no longer exists, leaving brute force as the only option available.

I don't think there exists a current mechanism for Apple to decrypt the phones on iOS8 and later. They did an absolutely great job of ensuring that - the full encryption key never leaves the physical 'secure enclave' of the device and is other wise broken into 3 pieces.

The device’s unique ID (UID) and a device group ID (GID) are AES 256-bit keys fused (UID) or compiled (GID) into the application processor and Secure Enclave during manufacturing. No software or firmware can read them directly; they can see only the results of encryption or decryption operations performed by dedicated AES engines implemented in silicon using the UID or GID as a key. Additionally, the Secure Enclave’s UID and GID can only be used by the AES engine dedicated to the Secure Enclave.

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

And great summary of this - here.

not that I agree with it at all, but there's a big difference between case by case unlock requests and "hey can we access any phone we want any time" backdoors

you don't get it... it means backdoors are already there...

oh right I forgot. they just want it legal now

The entire thing is a limited hangout that will be used to legitimize backdoors. Congress is already considering forcing the issue to make sure the NSA gets what it wants, and companies will take a public stance against these measures for the PR while continuing to spy on you with reckless abandon.

I know people who have done forensics on the source code and the communications for IPhones. As far as anyone can tell, the private key is stored in a bitlocker type chip on the IPhone, and it never leaves.

The only weakness I can surmise is in the chip itself. If the chip can be induced to give up its key, through any means, then it is insecure. I think they call it the Secure Enclave Coprocessor. https://www.apple.com/business/docs/iOS_Security_Guide.pdf

They boot the initial system from a ROM, which is very, very awesome. The initial rom checks the next level to make sure it is signed by apple.

Unless Apple is in on this scheme, the device is secure.

If Apple IS in on this scheme, it will be a smoking gun on that Secure Enclave chip, or in the boot ROM. It will be evidence of their collusion burned into every Apple phone.

The ROM code will be broken if it isn't already.

If they try to subvert an IPhone by sending OP codes remotely, sandboxers will catch them, and better, they will be able to use the OP codes and log to show the system being subverted. In that case, it will be at Black Hat or DefCon next year.

BUT I AM SICK OF THE LIES.

So stop repeating them.

you don't get it... it means backdoors are already there...

The second linked article claims apple still can get in. If they couldn't get in, then there would be no press on this as Apple wouldn't be saying no we won't do this, they would say no we can't do this.

The only way to "get in" beyond their own encryption is to build a brute force cracking device, which is possible - because they wrote the encryption, but it would be able to work on any and all Apple phones and THAT is what they are refusing to do. Yes before iOS 8 they did have a backdoor bypassing the password system, that no longer exists, leaving brute force as the only option available.

I don't think there exists a current mechanism for Apple to decrypt the phones on iOS8 and later. They did an absolutely great job of ensuring that - the full encryption key never leaves the physical 'secure enclave' of the device and is other wise broken into 3 pieces.

The device’s unique ID (UID) and a device group ID (GID) are AES 256-bit keys fused (UID) or compiled (GID) into the application processor and Secure Enclave during manufacturing. No software or firmware can read them directly; they can see only the results of encryption or decryption operations performed by dedicated AES engines implemented in silicon using the UID or GID as a key. Additionally, the Secure Enclave’s UID and GID can only be used by the AES engine dedicated to the Secure Enclave.

https://www.apple.com/business/docs/iOS_Security_Guide.pdf

And great summary of this - here.