|
|
|
|
|
|
by xnull
4242 days ago
|
|
|
Prior to the "Secure Enclave", only a very small amount of certain data was encrypted on the device (past the alive-time of the device and where data _could have been encrypted_), the encryption keys were based on information about the device that Apple knew or were accessible through access to the device (which Apple would provide) in tandem with ~12 bits of entropy provided by the user, and Apple served up encrypted data as well as unlocked the device and provided unencrypted data for law enforcement. Now that Apple does not have access to the UIDs built into the "secure enclave" they can not provide decrypted content directly. However they will still hand over encrypted data and manufacturers do have these UIDs. The user can still provide ~12 bits of key entropy. Apple currently makes it extremely difficult not to store most information on iCloud, sets the default to store data on iCloud, and this data is provided to law enforcement. This data is encrypted but Apple will decrypt it for law enforcement. CALEA (and others, as discussed in the thread) _do__ apply. It's why Apple needs to claim that they don't have the keys "unless ... the carrier possesses the information necessary to decrypt the communication." |
|
|