Last week, I wondered how law enforcement could ask Apple to help them decrypt iOS devices in a quick post called, "Apple doesn't magically decrypt".  Gruber's also confused, which is nice to hear.

Daring Fireball Linked List: Declan McCullagh: 'Apple Deluged by Police Demands to Decrypt iPhones':

I saw this report the other day and it confused me. My understanding is that the entire contents of an iPhone with a passcode (or pass phrase) are encrypted. If Apple can somehow decrypt the contents, then there’s a backdoor, and the possibility exists that someone else will discover the backdoor. (Let alone the problem of Apple being able to do it.)

Charlie Miller, who knows way more about this stuff than I do (and probably as much as anyone outside Apple), is also confused.

 Grubes links to one of Miller's tweets:

I'm still wondering about this: seems to say that apple can forensically examine iPhone 5 which shouldn't be possible

And then...

Thanks followers. Apple probably uses a signed ramdisk and then brute forces from there.

Now we're well beyond my understanding of encryption, which is admittedly pretty weak.  I mean, I know what a ramdisk is, and in theory it makes sense -- it's not like the phone's being hacked by something external, and I guess iOS sees that as less invasive and doesn't break out in a rash.  It's been the concept I've wanted to study in depth next for much too long.  I'd like to argue that Cryptinomicon is the novel of our first world's current generation (insofar as our generation is influenced by the digital), and part of that means, I think, that I should finally understand how encryption keys work.

Still, the implication that the encryption is breakable so easily scares me.  Whatever those keys are need to be longer.  This reminds me of the old saying, "A lock keeps an honest man honest."  If you can make a ramdisk and hack into someone's iOS device relatively quickly, it, like a car or most home locks, isn't really protecting you from someone determined to break in at all.

Labels: , , ,