Willie.Lu: 我对FBI 和苹果之间纠纷的一些个人看法

我对FBI 和苹果之间纠纷的一些个人看法:
作者:卢伟教授,无线系统,总体设计和安全专家 (见:Willie.Lu)

(1) 无线通信的加密技术包括传输加密和信源(内容)加密。传输加密分为窄信道加密(包括语音和短信)和宽信道加密(数据)。由于窄信道资源极其有限,所以加密度很浅,很容易解密。宽信道可以用牺牲数据区来换取深度加密,所以加密度可长可短。一般的窄信道很容易解密,只要几台仪器就可以解密。宽信道视情况有容易,也有很难的解密。
(2)无线传输由于是无线介质,完全开放给覆盖区内的任何人,所以总体来说没有有线通信那样安全,除非是军方会牺牲大量的无线数据信道区来加长码子以增加解码的难度,但绝对不会在民用商业通信中使用,否则商业价值太低。所以通常的无线解密专家会利用这一特点在传输的空中(over the air)进行拦截解密,效果都很好。如果等到过了无线传输这一层(基站以后的有线网络)解密就非常难了,因为有线网不差带宽,可以用巨大的带宽来换取很深的加密。
(3)同样道理,手机中的信源加密相对简单,因为要考虑到有限的无线传输资源和手机终端的处理能力,但离开无线区到有线网后(基站以后的有线网)信源会重新深度加密, 就很难解密了。所以,信源解密必须在靠近手机的无线区内完成。这就是为什么我常说“只要把车停在你家外面一个晚上, 你如果打五个电话,我就能把你手机接管了的道理”。
(4)无线通信的保密体体现在几个部位:手机终端(User's property),无线网和通信数据中心(Operator's property ), 内容提供商数据中心(content provider's property).
(6)事实上,所有无线网络营运商(operators)和数据中心都已经允许联邦政府接入其加密的数据,联邦政府的技术专家也都能解密大部分的数据包括窄信道信息(voice和short message)和那些浅加密的宽信道信息(大部分data).  目前只有那些深度加密的宽信道信息不容易解密, 其中包括那些通过WiFi高速上网获取的重要信息(重加密,或private加密)并存在后台的内容提供商数据中心, 需要厂商配合才能快速完成解密。另外,手机终端内的内容(如个人资料,有版权的图片,商业机密等)因为属于用户的私人财产, 也不容易接近用户,联邦政府就不容易获取这些信息。
(7) 通常讲的“unlock phone"指的是同一部手机可以自由地更换注册的SIM卡,可以自由地使用不同Operator的无线网(只要是同一制式,而且是注册用户)。而这次苹果的“unlock phone”指的是对上诉数据的解密,两者完全不同概念,必须分清。因为对联邦政府而言,Operators (AT&T, Verizon, etc) 早就允许政府自由接入无线网用户了,即使不允许,联邦政府也可以轻易地从无线区截获用户信息,但所有获得的都是加密过的信息,有些数据很难解密,这是联邦政府需要苹果帮忙的事。

[[ 如果我为苹果辩护 ]]:
5)对苹果董事会成员来说,毕竟大家更看重财务收入,商业用户是上帝,政府只是收钱的经纪(tax collector), 不用太担心政府。
6)联邦政府应该找Operators, Users, 而不应该找苹果来获取这些信息,因为苹果只是储存或拷贝他们的信息。

[[ 如果我为联邦政府辩护]]:
3)联邦政府只要求苹果公司解密那些深度加密的宽信道信息, 而不是所有信息,所以这个要求不算过分,毕竟美国公司有义务协助联邦政府,只要是为了公众安全。
4)联邦政府有权对公众数据中心(而不是私人数据柜)进行监管,包括苹果的内容提供商数据中心(如 iCloud Data Center)。 如果苹果不配合,联邦政府可以自行强制进行大量解密操作,并可能会严重影响苹果用户的商业使用,最后把苹果拖垮。

This is tentative educational material subject to verification and further research. Viewers take own responsibility in reading, understanding and using the information herein.

(Personal Views only, for educational purpose, nothing is waived.)
The FBI Has Successfully Unlocked The iPhone Without Apple's Help
http://www.npr.org/sections/thet ... without-apples-help

The high-profile public and legal dispute between the government and Apple is officially over after the FBI managed to unlock the iPhone used by one of the San Bernardino terrorists without Apple's help.

The Justice Department says it has successfully retrieved the data from the phone and is asking the court to vacate its order for Apple's assistance.

"Our decision to conclude the litigation was based solely on the fact that, with the recent assistance of a third party, we are now able to unlock that iPhone without compromising any information on the phone," U.S. Attorney Eileen M. Decker said in a statement, adding that the investigation will continue to ensure that all of the evidence related to this terrorist attack is collected.

The Apple-FBI Debate Over Encryption
The government is not saying exactly what data were found on the phone. DOJ spokeswoman Melanie Newman says the FBI is currently reviewing the information on the phone, consistent with standard investigatory procedures.

This means it took FBI experts about a week to test the third-party tool that allowed them to crack the iPhone pass code. For weeks, the FBI had said only Apple could help investigators lift the iPhone security features that stood in the way of its guessing the pass code. But last week, the government said a third party showed the FBI a new method that didn't require Apple's help.

Apple CEO Tim Cook introduces the latest version of the iPhone on Monday in Cupertino, Calif. The company's legal fight with the FBI may be at an end, or at least a detente, if a third party's suggestion lets the agency hack into the San Bernardino shooters' encrypted iPhone.

Apple released a statement saying the government should never have tried to force the company to cooperate:

"From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. This case should never have been brought.
"We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated."
The end of this legal standoff also means that no legal precedent gets set for the scope of government's power to compel an unwilling company to cooperate in an investigation, for instance by writing special new software as in Apple's case.

"It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties or through the court system when cooperation fails," DOJ's Newman said. "We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors."

As we have reported before, the government may have unlocked the password on the phone by tinkering with the hardware — given that the investigators have the physical phone — or by exploiting an obscure flaw in the iPhone software. A discovery of a software vulnerability would be a major reason for the FBI to keep the tool secret and reuse it in other investigations involving older versions of iPhones, like the iPhone 5C at stake here.

Apple's lawyers have previously said they would push for the government to disclose the third-party tool.
this is even worse for apple. because FBI hacked the phone with the help from a third party, which means iPhone is even more unsafe. much worse than apple unlock it themselves.
