Mmmm, yes, it is "just one phone...
...and that's all! Oh, wait, and this other one too."
"And we have a hundred more here in the bin. JUST these ones, we promise."
A New York magistrate has decided the All Writs Act isn't the right key to force the lock on a drug dealer's iPhone. While the decision has no direct impact on the FBI-versus-Apple case in the San Bernardino investigation, it's being celebrated by some as at least representing judicial opinion that there are limits to …
Actually, it's really just a single result - if the All Writs Act can be used the way the agencies want to use it then the Act becomes one that grants the Government the right to force any private citizen or company or institution to work for them against their will, so long as some link can be drawn between the actions demanded and the case in question - regardless of if there is any specific connection for the individual or company being forced to comply.
I.e. it gives agencies the right to use the courts to grant them arbitrary powers beyond those bestowed upon them by congress and statutes.
As a normal person, I can't see how the FBI wanting to force a group of people to create something they don't want to create can possibly be "agreeable to the usages and principles of law". This judge, at least, agrees but the other one appears to think that this kind of thing is fine.
The TLA's feel it is their "right" and "duty" to force this type of thing. It possibly also goes back to the cop jumping on the running board and telling the driver to "follow that car"... whether the driver is late for work or whatever. Ok.. that's a stretch.
I'm looking at this as good thing. We have a judge saying "no" and another judge saying "yes". Once the appeals start, they willl probably end up in the Supreme Court. The questions then are: "which case will be first to set the precedent?" and "what's the makeup of the Court -- hard-core-Constitutionalists or the-Constitution-is-a-living-document-believers".
This is bound to get murkier and more divisive as more of these cases go to trial.
"what's the makeup of the Court -- hard-core-Constitutionalists or the-Constitution-is-a-living-document-believers".
Any supreme ever since Roosevelt spat with them around his 100 days will shoot down in flames an application of All Writs Act which grants the government unlimited and uncontrolled power. I do not think that the "constitutionalism" vs "living document" discussion will be part of the consideration. Or at least we can hope so.
"This judge, at least, agrees but the other one appears to think that this kind of thing is fine."
Fairly common. USA lower court judges frequently don't believe the constitution applies to them.
The 1st and 9th circuit court of appeals have ruled that filming police is perfectly illegal, yet a district judge in the 3rd circuit has not only ruled the other way, but called those decisions out and challenged them on it. It could end up being a career-limiting decision.
Very risky approach. At the moment using the AWA to force Apple to unlock its phones has remained at the judge's discretion. Take to the appeals court and loose and you now have a bind precedent that applies to that circuit (and will be taken into account by all other circuits). Take it further to the Supreme Court and loose and that is game over.
I fear, however, that that is the goal: setting a precedent at a level high enough that any later challenge to that will cost an extravagant amount of effort and money. That pretty much kills off the ability of smaller companies to date challenge an FBI demand.
In my opinion it is a pretty vile abuse of the US legal system.
... the more Apple et al. assert a single phone can't be accessed, the more pressure will rise to access *any* phone through true backdoors and not specific access procedures.
Meanwhile, in Italy, an iPhone 5 running iOS 8 is being accessed through the use of an hacking tool to assis in a trial about people disfigured with acid - the main suspect is asserting he wasn't there nor he induced his accomplice to perform the crime.
It looks Apple has nothing to say if someone else accesses its phones. Thus it's not a matter of rights, just convenience.
> It looks Apple has nothing to say if someone else accesses its phones. Thus it's not a matter of rights, just convenience.
Someone else accessing a phone has nothing to do with Apples rights though, forcing them to build software to bypass security features against their will though runs into issues with first amendment rights (since writing software was apparently ruled to be covered by the first amendment by the supreme court).
This post has been deleted by its author
The rights in question here are not citizen's rights to privacy, rather Apple's right not to be unwillingly conscripted into government service by the court.
Apple has no standing to complain about any law enforcement organisation anywhere hacking into its devices so long as it is authorized under local law. The key difference is that the Italian court are not demanding that Apple actively assist and enable the hacking attempt so there is nothing for Apple to legitimately protest about (countries aren't bound by EULAs except in so far as they choose to be).
This post has been deleted by its author
The data in the flash chip is encrypted. If you could read it out, into the RAM of a machine optimized for brute-force cracking, you could certainly crack the password faster, with unlimited tries.
That might be feasible if the flash is a separate chip. If it's part of a multi-wafer SOC chip (along with the CPU etc) the chances of removing it without damage could be slim to none. I don't know but I'm guessing it's too risky whatever the case. Either that, or the FBI can't afford it so they want Apple to do it for them.
Vic's right. This whole topic has been an education for me. If I understand correctly (which is unlikely, but give me some rope to hang by) then Apple has been pretty careful. The phone's chipset has a 256-bit encryption key burned into the silicon. (I think more modern iPhones have a couple of them.) This is combined with the user-set PIN to encrypt the phone's memory. So if you extract the flash, or download its contents, that hardware key is lost. Then you end up not having to break just the user's PIN, but a much harder key. It's a long road even with a fast machine -- we are talking more years than any FBI agent will live. Even if he was hired in the cradle.
Reverse-engineering the code would be difficult, but a baby step compared to getting that code signed with the private key Apple devices use to validate updates (As I understand the situation. YMMV). If the FBI could somehow get _that_ key ( https://xkcd.com/538/ ), it's game over. Of course nobody would believe that U.S. L.E.O.s _ever_ do that sort of thing.
Wouldn't it be easier for the FBI to reverse engineer the OS so as to take out the part that wipes the phone after 10 failed password attempts?
The phone will only accept signed updates - so as well as killing the 10-tries lockout (which isn't too hard), they also need to work out Apple's private signing key (which is mathematically infeasible).
That's why they're abusing the law to try to bend Apple to their whim.
One way out of the potential legal writ would be to tell the FBI that they will engineer a solution, but as that entails pulling their most experienced programmer off his current project, which will cause a delay to a forthcoming billion dollar product launch, it will cost in the region of $xMillions. The court has, after all, already ruled that Apple are entitled to charge a fee for the requested code development.
It's what my company does - never refuse a customer request, but if it's something we don't want to do, price it out of the market. We were once paid a 5 figure sum for changing about 10 lines of code.
Biting the hand that feeds IT © 1998–2022