joined:Jan 18, 2008
I'm not an apple user, but my understanding of the situation is that apple encrypts iphone data using a passcode or fingerprint. Then if someone tries to unlock the phone 10 times it erases all personal data. First of all that seems really scary. That gives anyone with someone's iphone the ability to wipe their phone even if they don't have the password. But anyway, on the the actual point of this thread.... If their data is ACTUALLY encrypted with a passcode, it doesn't matter what software apple installs on the phone, you'd still need the original passcode to decrypt it, right? The only thing I can think is that apple could install something that would override the 10 try lockout and allow a brute force attack. If there is some other method people can think of, I'm interested to hear it.
The practical application is in regard to encrypted data in database for a website. The safest option is to encrypt it with a password only the end user knows. That way even the db admins, or anyone who might physically steal the server couldn't get access (short of a brute force attack). But if the user forgets their password there is no way to retrieve the data.
The next option (as far as I'm aware), is to have a global passcode that is "as secure as possible." Which is separate than a user's login password. That way if they forget their login password, it can be reset without losing the data. This is less secure because anyone with access to that passcode has access to everyone's data.
Since apple claims they absolutely can't retrieve the data, it sounds like their system is most like the first scenario. So I don't see how they could even do anything that would grant the FBI the data.