back to article New York judge blocks FBI demand for Apple help to unlock iPhone

A New York magistrate has decided the All Writs Act isn't the right key to force the lock on a drug dealer's iPhone. While the decision has no direct impact on the FBI-versus-Apple case in the San Bernardino investigation, it's being celebrated by some as at least representing judicial opinion that there are limits to …

  1. Palpy

    Mmmm, yes, it is "just one phone...

    ...and that's all! Oh, wait, and this other one too."

    "And we have a hundred more here in the bin. JUST these ones, we promise."

    1. redpawn

      Re: Mmmm, yes, it is "just one phone...

      and one Onstar and one smart TV and one router...

      At least it wasn't a secret court this time.

      1. Preston Munchensonton
        Pint

        Re: Mmmm, yes, it is "just one phone...

        At least it wasn't a secret court this time.

        ^ this

        Have an upvote and a beer.

  2. JeffyPoooh
    Pint

    "...extraction of data rom devices..."

    ...from...

  3. allthecoolshortnamesweretaken

    "impermissibly absurd results" - nicely put.

    Also nice to see a judge with some sense of proportion.

    1. dan1980

      Actually, it's really just a single result - if the All Writs Act can be used the way the agencies want to use it then the Act becomes one that grants the Government the right to force any private citizen or company or institution to work for them against their will, so long as some link can be drawn between the actions demanded and the case in question - regardless of if there is any specific connection for the individual or company being forced to comply.

      I.e. it gives agencies the right to use the courts to grant them arbitrary powers beyond those bestowed upon them by congress and statutes.

      As a normal person, I can't see how the FBI wanting to force a group of people to create something they don't want to create can possibly be "agreeable to the usages and principles of law". This judge, at least, agrees but the other one appears to think that this kind of thing is fine.

      1. Mark 85

        The TLA's feel it is their "right" and "duty" to force this type of thing. It possibly also goes back to the cop jumping on the running board and telling the driver to "follow that car"... whether the driver is late for work or whatever. Ok.. that's a stretch.

        I'm looking at this as good thing. We have a judge saying "no" and another judge saying "yes". Once the appeals start, they willl probably end up in the Supreme Court. The questions then are: "which case will be first to set the precedent?" and "what's the makeup of the Court -- hard-core-Constitutionalists or the-Constitution-is-a-living-document-believers".

        This is bound to get murkier and more divisive as more of these cases go to trial.

        1. Anonymous Coward
          Anonymous Coward

          Maybe

          "what's the makeup of the Court -- hard-core-Constitutionalists or the-Constitution-is-a-living-document-believers".

          Any supreme ever since Roosevelt spat with them around his 100 days will shoot down in flames an application of All Writs Act which grants the government unlimited and uncontrolled power. I do not think that the "constitutionalism" vs "living document" discussion will be part of the consideration. Or at least we can hope so.

      2. Alan Brown Silver badge

        "This judge, at least, agrees but the other one appears to think that this kind of thing is fine."

        Fairly common. USA lower court judges frequently don't believe the constitution applies to them.

        The 1st and 9th circuit court of appeals have ruled that filming police is perfectly illegal, yet a district judge in the 3rd circuit has not only ruled the other way, but called those decisions out and challenged them on it. It could end up being a career-limiting decision.

        1. Alan Brown Silver badge

          " filming police is perfectly illegal"

          erp. LEGAL, dammit. Filming them is legal.

          I'm still awaiting the 3rd circuit results, this will likely end up in the Supremes.

    2. TRT

      Re "Also nice to see a judge with some sense of proportion."

      It's probably a judge with something to hide. Been browsing something he shouldn't have on his iPhone.

  4. a_yank_lurker

    One Juirst

    There is at least one real jurist in the US who takes seriously the Constitution and is willing to call the ferals out.

  5. PJF
    Thumb Up

    Either..

    Kill that Judge (not) or select him to the U.S. Supreme Court (NOW)

    How did he last this long in the US, and in NY???, with a brain?!!! Unheard of!

    He should be vetted into the USDC yesterday! Someone with a level head!

  6. Anonymous Coward
    Anonymous Coward

    Joe Public

    Fighting the bad guys with one hand and the Government with the other.

  7. Anonymous Coward
    Anonymous Coward

    Well it sets the right sort of precedent

    But can you trust Apple as to whether the Actualité actually matches the Perception?

  8. Anonymous Coward
    Anonymous Coward

    Appealing the judges descision

    Very risky approach. At the moment using the AWA to force Apple to unlock its phones has remained at the judge's discretion. Take to the appeals court and loose and you now have a bind precedent that applies to that circuit (and will be taken into account by all other circuits). Take it further to the Supreme Court and loose and that is game over.

    1. Anonymous Coward
      Anonymous Coward

      Re: Appealing the judges descision

      I fear, however, that that is the goal: setting a precedent at a level high enough that any later challenge to that will cost an extravagant amount of effort and money. That pretty much kills off the ability of smaller companies to date challenge an FBI demand.

      In my opinion it is a pretty vile abuse of the US legal system.

  9. Anonymous Coward
    Anonymous Coward

    Beware of Pyrrhic victories...

    ... the more Apple et al. assert a single phone can't be accessed, the more pressure will rise to access *any* phone through true backdoors and not specific access procedures.

    Meanwhile, in Italy, an iPhone 5 running iOS 8 is being accessed through the use of an hacking tool to assis in a trial about people disfigured with acid - the main suspect is asserting he wasn't there nor he induced his accomplice to perform the crime.

    It looks Apple has nothing to say if someone else accesses its phones. Thus it's not a matter of rights, just convenience.

    1. SolidSquid

      Re: Beware of Pyrrhic victories...

      > It looks Apple has nothing to say if someone else accesses its phones. Thus it's not a matter of rights, just convenience.

      Someone else accessing a phone has nothing to do with Apples rights though, forcing them to build software to bypass security features against their will though runs into issues with first amendment rights (since writing software was apparently ruled to be covered by the first amendment by the supreme court).

      1. This post has been deleted by its author

    2. Lysenko

      Thus it's not a matter of rights, just convenience...

      The rights in question here are not citizen's rights to privacy, rather Apple's right not to be unwillingly conscripted into government service by the court.

      Apple has no standing to complain about any law enforcement organisation anywhere hacking into its devices so long as it is authorized under local law. The key difference is that the Italian court are not demanding that Apple actively assist and enable the hacking attempt so there is nothing for Apple to legitimately protest about (countries aren't bound by EULAs except in so far as they choose to be).

    3. Big_Ted

      Re: Beware of Pyrrhic victories...

      Wonder if this was a jailbroken phone ?

      If so then it would be much easier to access than a vanilla Apple phone

  10. This post has been deleted by its author

  11. Velv

    Given even the FBI director thinks the issue is too big for the Courts and should be settled by Congress then all similar cases should be rejected until Congress rules. No precedent has been created, try and do the right think 'Merica.

    1. Alan Brown Silver badge

      "Given even the FBI director thinks the issue is too big for the Courts and should be settled by Congress "

      USA courts have a record of striking down laws that clash with the constitution and one compelling speech would go down in double quick time.

  12. P0l0nium

    What happens if ???

    What happens if you "simply" desolder the flash memory and read it out .. ??

    Do they Encrypt/Decrypt "on the fly" ??

    Anyone know??

    1. Vic

      Re: What happens if ???

      What happens if you "simply" desolder the flash memory and read it out .. ??

      You get an encrypted dump that is unreadable without the key.

      The key is held (enciphered) within the CPU still in the phone.

      Vic.

    2. Anonymous Coward
      Anonymous Coward

      Re: What happens if ???

      The data in the flash chip is encrypted. If you could read it out, into the RAM of a machine optimized for brute-force cracking, you could certainly crack the password faster, with unlimited tries.

      That might be feasible if the flash is a separate chip. If it's part of a multi-wafer SOC chip (along with the CPU etc) the chances of removing it without damage could be slim to none. I don't know but I'm guessing it's too risky whatever the case. Either that, or the FBI can't afford it so they want Apple to do it for them.

      1. Vic

        Re: What happens if ???

        The data in the flash chip is encrypted. If you could read it out, into the RAM of a machine optimized for brute-force cracking, you could certainly crack the password faster, with unlimited tries.

        Faster - yes. In a feasible time? No.

        Vic.

        1. Palpy

          Re: What happens if ???

          Vic's right. This whole topic has been an education for me. If I understand correctly (which is unlikely, but give me some rope to hang by) then Apple has been pretty careful. The phone's chipset has a 256-bit encryption key burned into the silicon. (I think more modern iPhones have a couple of them.) This is combined with the user-set PIN to encrypt the phone's memory. So if you extract the flash, or download its contents, that hardware key is lost. Then you end up not having to break just the user's PIN, but a much harder key. It's a long road even with a fast machine -- we are talking more years than any FBI agent will live. Even if he was hired in the cradle.

          1. DugEBug

            Re: What happens if ???

            Wouldn't it be easier for the FBI to reverse engineer the OS so as to take out the part that wipes the phone after 10 failed password attempts? Then they could 'guess' the password ad infinitum...

            1. Mike 16

              Re: What happens if ???

              Reverse-engineering the code would be difficult, but a baby step compared to getting that code signed with the private key Apple devices use to validate updates (As I understand the situation. YMMV). If the FBI could somehow get _that_ key ( https://xkcd.com/538/ ), it's game over. Of course nobody would believe that U.S. L.E.O.s _ever_ do that sort of thing.

            2. Vic

              Re: What happens if ???

              Wouldn't it be easier for the FBI to reverse engineer the OS so as to take out the part that wipes the phone after 10 failed password attempts?

              The phone will only accept signed updates - so as well as killing the 10-tries lockout (which isn't too hard), they also need to work out Apple's private signing key (which is mathematically infeasible).

              That's why they're abusing the law to try to bend Apple to their whim.

              Vic.

  13. Cynic_999

    One way out of the potential legal writ would be to tell the FBI that they will engineer a solution, but as that entails pulling their most experienced programmer off his current project, which will cause a delay to a forthcoming billion dollar product launch, it will cost in the region of $xMillions. The court has, after all, already ruled that Apple are entitled to charge a fee for the requested code development.

    It's what my company does - never refuse a customer request, but if it's something we don't want to do, price it out of the market. We were once paid a 5 figure sum for changing about 10 lines of code.

    1. Mike 16

      Jack up the price?

      I have heard from some young ladies in a certain line of work that the "outrageous price" ploy does not always work. Sometimes you end up kissing Mr. Toad. And at least he's spending his own money, unlike the DOJ.

  14. Inachu

    If the iphone was not updated then they can use the DNS backdoor method.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like