I'm not sure I understand this. Apple seems to be limiting all discussion to in-situ mechanisms of cracking, but no one is talking about external means. For example ICE-level debuggers require sophisticated hardware that is not easily available to everyone. Likewise, the XBOX encryption was very difficult to crack without Ghz hardware.
Just put the critical path in the prom and then bypass the prom with your own hardware-level circuit. The device itself can be keyed so that only Apple hardware bypass is allowed to connect in this way. Now you have a physical bypass that is difficult if not impossible to get around, but enables warranted access by agencies that own the limited hardware. This also has the advantage of human cost. You can't easily apply this method to millions of phones without a huge cost in time and effort. Even if the device is stolen, it limits exposure to phones in the physical possession of the hardware bypass which is surely better than compromising millions of phones. And so what that the critical path patch exists out in the open? Knock yourself out and make an emulator that will unlock hw emulated phones (which is a difficult task, not even the IOS emulator is a true hw emulator), but it won't work on the actual hardware unless the prom is swapped which is hardly trivial.
The key signing argument has little weight by the way. DVD manufacturers had the same stance and the root key was leaked to the public. How can Apple guarantee the same won't happen with their keys?
It seems both Apple and the FBI are withholding something, but on face value the technical requirements should allow warranted access. The fact that they don't is a flaw in the technology design.
Case law surely has precedents in this area? Can safe manufacturers be required to make bypass mechanisms for bank vaults? What about non-criminal property law? Say a family member dies and the legal estate needs access?
Just put the critical path in the prom and then bypass the prom with your own hardware-level circuit. The device itself can be keyed so that only Apple hardware bypass is allowed to connect in this way. Now you have a physical bypass that is difficult if not impossible to get around, but enables warranted access by agencies that own the limited hardware. This also has the advantage of human cost. You can't easily apply this method to millions of phones without a huge cost in time and effort. Even if the device is stolen, it limits exposure to phones in the physical possession of the hardware bypass which is surely better than compromising millions of phones. And so what that the critical path patch exists out in the open? Knock yourself out and make an emulator that will unlock hw emulated phones (which is a difficult task, not even the IOS emulator is a true hw emulator), but it won't work on the actual hardware unless the prom is swapped which is hardly trivial.
The key signing argument has little weight by the way. DVD manufacturers had the same stance and the root key was leaked to the public. How can Apple guarantee the same won't happen with their keys?
It seems both Apple and the FBI are withholding something, but on face value the technical requirements should allow warranted access. The fact that they don't is a flaw in the technology design.
Case law surely has precedents in this area? Can safe manufacturers be required to make bypass mechanisms for bank vaults? What about non-criminal property law? Say a family member dies and the legal estate needs access?