[saurik]

You seem to still fundamentally misunderstand the situation, as you seem to be challenging me to build the tool today and get Apple off the hook, as if that was all that mattered.

I can build the tool. What I can't do is sign the result. The only thing any of us are missing is the 4096-bit RSA encryption key used to sign the firmware. The way we load this tool onto the iPhone 4 is using a vulnerability in their bootloader that lets us bypass the signature check. There is only 512 bytes of data at question here, not some insurmountable amount of work.

[acqq]

> he only thing any of us are missing is the 4096-bit RSA encryption key used to sign the firmware.

Ah, so Apple's encryption does actually work.

That's the essence of the good encryption: everything is known, except the key. You are not supposed to have it. FBI, hopefully, isn't supposed to have it too. That's why we have laws. Checks and balances and stuff. Laws made for specific cases, not "we can do anything."

[saurik]

If this were a normal door lock that someone possessed the master key to, the FBI would have just requested access to the master key temporarily. The FBI is not operating outside the law here: they have a court order. While in some ways it would be more horrific, I'd almost rather see them ask the more analogous question "we would like a copy of your master key" to see how Apple responds, as they'd no longer be able to pretend like it would take them a lot of time to build what the FBI wants: the FBI would just be asking for literally 512 bytes of data that Apple has that stands between them and their goal.

[acqq]

It's not just what FBI orders, it's the unprecedented legal basis for the order, All Writs which simply states that they can order whatever they want. ("Why?" "Just because!")

Which is very bad if it is accepted this time.

[rrego]

You're really missing the point. Yes the only relevant code that is going to be run on that device will code signed by Apple. I don't think FBI will have direct access to this "key".

The FBI wants Apple to create "malicious" code/update/software version that would allow for multiple decryption attempts among other things. Apple CAN comply with these requests, probably easily. However, by doing so they will destroy trust in Apple signed code and set a precedent.

It doesn't matter WHO has the key because Apple will be acting in proxy.

[acqq]

I don't think you are responding to my post? At least I can't see which part of my post you comment, that is, what I am missing.

The issue here is if All Writs is a good legal basis for the precedent of "change your product."

[rrego]

Ah. I'm conflating multiple threads. I was referring to this https://news.ycombinator.com/item?id=11157666

I agree with you about All Writs, I don't see any precedent for "change your product". Thanks for pointing my mistake out.

[studentrob]

It sounds like you could really make use of that key