FBI v Apple spat latest: Bill Gates is really upset that you all thought he was on the Feds' side Bill Gates says reports of him backing the FBI in the ongoing saga with Apple over the unlocking of a killer's iPhone are inaccurate. Asked about widespread reports that the former Microsoft CEO and the world's richest man was taking the Feds' side, Gates told Bloomberg News on Tuesday that he was "disappointed" with the …
Comey, as a lawyer, should know that whether a precedent is set or not is not under the control of any of the parties to a case, and there is no way any of them can tailor their submissions to change this. Also I am troubled by the fact he claims he is only interested in unlocking this single iPhone 5c, because if that is really true he is not doing his job properly [1]. And if it's not really true, he's not really telling the truth.
---
[1] Don't get me wrong, I'd like the FBI etc. to have boundaries on what they can do, but in a sensible society these boundaries should be set by legislation and the courts, not by some voluntary backing off by the organisations when they think they have sufficient powers.
“I’m asking Apple to return to September ’14, a time when Apple made no complaints that the operating system it was using, iOS 7, was insecure,” said Cyrus Vance, district attorney for Manhattan during an interview last week with Charlie Rose on PBS. Vance also said that he had 175 iPhones waiting to be unlocked should the DoJ prevail in this case.
I strongly suspect the government (the FBI in this case) are already in possession of the information, but are after a legal cover in which to use this in a court of law. So the "ticking bomb" scenario of Gates and others imagination isn't even pertinent, never mind that Shami Chakrabart debunked it not so long ago.
"The law cannot always make it easy to do the right thing, but should never make it easy to do the wrong thing."
To Mr Gates, our richest asperger on Earth, ENTJ-type personality and alleged genius IQ...
The US government isn't goingly blindly when dealing with terrorist attacks. They are already monitoring data pipes, cell communications, the internet and it's "dark" recesses. Intelligence knows what they are doing, most of the time. They already siphon all data to and from cell phones, so what's the point of decrypting one?
Mr Gates you are naive to believe that the US government is "blind".
If anything all of this "publicity" could be a design to lull terrorists into a false sense of security. Good. Let them believe their communications are "safe".
This post has been deleted by its author
During the discussions on the UK security bill, it was also pointed out by a former NSA director (I believe) that the amount of data they're getting is so much it's actually making their jobs *harder*, not easier, because there's no way for them to parse through all of it. So even if they can't access some phones directly, doesn't mean they're not getting an absolute ton of information, and even if they *could* access that data, doesn't mean they'd be able to use it
Just reported as saying that A) Apple should help the FBI, B) that the request in question was pretty specific and didn't create a precedent and C) he likened Apple's refusal to having a ribbon tied around a hard drive, and Apple saying "We could cut that ribbon, but we don't want to"?
If that isn't taking the government's side, what is? "Yeah, Apple should totally provide the iPhone security crack to the FBI, on a solid gold flash drive delivered on a silk pillow, and have that group of pretty interns give the FBI guys some hummers on their way out the door."
That's the problem with a lot of reporting. Just because it was REPORTED that he said something, doesn't mean that what was said was ACCURATELY reported. As someone who has been quoted many times in the press, I can tell you that in my experience they get it wrong far more often than they get it right.
And as someone who's worked in "the press", I can wholeheartedly concur with that. To make matters worse, the story that one journalist writes will be read and further misinterpreted by other journalists who think they've seen something sensational that the previous writer missed, whereas in fact they've just spectacularly missed some glaring detail or nuance or context that completely changes the meaning.
(Journalists call it "burying the lede", when another journalist seems to have missed the most sensational aspect of their own story. But in my experience, two times out of three, journalists making that accusation have themselves missed the point of the story they're criticising.)
It's like Chinese whispers, except that it gets systematically louder with every iteration.
Remember, Microsoft is currently fighting a very similar battle against the Feds over access to its customers' data (on that server in Ireland).
I use a term which I don't if it's mine or someone else's. I call it "Journalizing".
Journalizing is when a journalist performs and interview or "research" and digs up enough information to create an article. They will for the purpose of "integrity" ensure that decent journalists will always be able to identify references and provide proof that they aren't actually lieing that someone said something. But they don't need to say the whole thing.
As proof that my daughter has an excellent future in journalism, when she was three, she told the nannys at the day care that "Pappa drinks a lot". She was quoting her mother who told her that "Pappa drinks a lot of coffee". This meant we had to spend an hour in a meeting/counseling because I, a person who drinks approximately 5 liters (little more than 1 bottle a month) of beer annually was being accused of alcoholism. And of course, when a 3 year old accuses you of drinking a lot, you can't ever argue against this because then it's just denial.
I've worked with journalists over the years and I've learned that you should pretty much never take anything the say on face value because 99% of what you find interesting about them is journalizing. You always have to ask yourself "Was this the whole quote or a partial quote which sounds more fantastic when presented this way?"
>"Journalizing"
I think there is an astounding thing going on in France on this.
Rocard, as parti socialiste PM (nothing to do with socialism, communism or whatever, just a neo-lib, basically) said something like this:
"France cannot accept all the impoverished immigrants on this planet, however, it must take its share."
Le Figaro, a French newspaper, on the same journalistic level as the Daily Fail, loves to leave out the second part of the quote.
Well, yes. For this phone, as will the next and the next and the next... ad infinitum ad nauseam. The first one is the hardest battle. Ideally, they all should be hard battles with each case on it's own merit. Unfortunately, that doesn't seem to be the way the system works.
The old saying applies: Give a mouse a cookie and soon, he'll want a glass of milk.
There is nothing wrong with supporting your own country's law enforcement. I do however get a little upset that Mr Gates might advocate destroying fundamental privacy rights by attempting to equate circumventing useful encryption of plain text with cutting a ribbon around a hard disc.
Dinosaurs from IT's former days should be seen and not heard.
The ribbon analogy is actually very apt.
Apple did not create an iOS they can't decrypt. They could have, they probably should have, but they didn't.
That's the ribbon analogy. Apple can let the FBI in trivially, just like cutting a ribbon. They're refusing to, but tomorrow they could decide to. If they lose this court battle they will have to.
Why should it be a problem if the FBI want to use the same technique on multiple iPhones? As long as they get warrants from judges authorising it, as would appear to be the cases here, it's just treating an iPhone the same as any other source of evidence. I don't care if they unlock 1 or 10 or 1000 iPhones each year, as long as they're evidence in criminal investigations that have received judicial oversight.
Apple (and other tech firms) need to realise that, if they don't want to be compelled to unlock or backdoor or unencrypt their products, they need to make it technically impossible for themselves to comply, rather than just stamping their feet and saying NO DON'T WANNA. It's not a hard concept to grasp.
And don't believe for a second that a genuine concern for customer privacy is at the heart of Apple's refusal. They've happily complied in the past when the order to unlock the phone was kept sealed and secret. It's only now that it was made public, with the calculus of reputational damage (and hence loss of precious money flows to their offshore havens) that has entered their minds, that they're making such a massive fuss about it.
Well said. This isn't the police or a politician it is a judge who has ordered access. All our laws come back to having this person look at the case on its merits and then make a judgement. We have been doing it this way for 100's of years. I can't believe Apple want to protect the rights of someone suspected of multiple murders when a judge has looked at the balance of evidence available and believed that this request is a valid one.
And all this crap about Skeleton keys and weakening the IOS is rubbish. Apple sign each version of IOS on each handset individually as anyone who has jailbroken their iPhone will know. They could load their modified IOS on the said phone, sign it with a short expiry time and recover the passcode in their own offices (the same place the damn source code is accessible) and give the FBI 6 digits. No need to let anything out of their sight or share any code/keys.
"Gates' larger point is that, in future, terrorist acts may be larger and scarier than random shootings and could include nuclear or biological threats. Under these scenarios, the government "shouldn't be completely blind," he argued, but there should be "safeguards" to prevent abuse."
I understand this point of view because exceptional circumstances can justify exceptional measures.
The problem is that law enforcement and government not only do not draw the lines where common sense would put them - they don't seem to accept any lines at all.
They argue for exceptional powers to prevent exceptional threats but then, once they have them, they become part of the day-to-day operations and any restrictions on their use - whether through narrow conditions laid out in law or requirements for court-orders or even just approval and oversight - are shot down as preventing law enforcement from having access to the tools they need to do their jobs and therefore responsible for putting lives at risk.
In short, law enforcement demand access to exception powers but refuse to be bound by any limitations on the use of those powers.
So, while the solution Gates discusses seems at least somewhat reasonable, it is simply not going to happen because the other side aren't willing to compromise.
"he argued, but there should be "safeguards" to prevent abuse"
We tried that and Edward Snowden proved it doesn't work.
As there's been no apologies by anyone from any US government agency - not like they would anyway - there's no reason for anyone to trust the FBI or any other organisation to just let this special version of IOS be used just for this one device or the NSA to get a copy and reverse engineer it all, so as far as I am concerned, they can all get stuffed.
But, let's not talk about guns at all for a while. Let's call it technology. The US constitution gives citizens the right to acquire, posses and use technology that can be used in mass killings- either by terrorists or even toddlers. There is a massive lobby that supports this technology. This technology is also a big income stream for the US. Unfortunately - this technology kills more people in the US - than any other country in the world.
Some people say that this technology only kills people if it falls into the wrong hands, but unfortunately the technology is so abundant that there's no way of stopping this from happening.
Instead of exploring - what seems to be a cultural problem - let's put a quick stop to the unnecessary killings - either by terrorists - or toddlers.
Let's present two options:
1) Restrict access to this technology immediately. It'll take a few generations, but eventually there will be a decline of this technology being used against innocent people. Reward people to hand in this technology for destruction - like they do in war zones.
2) Keep selling the technology to potential terrorists or people that let toddlers access it. Then install a surveillance system that gives law enforcement agencies the power to persecute terrorists - AFTER - they've committed mass killing. I say after, because -BEFORE- would imply total surveilance of all citizens a.k.a the movie Minority Report, which is of course illegal.
So - AFTER - the mass killings the FBI will somehow crack open the killers phone and say - "hey look, the bad guy called another bad guy somewhere overseas". Let's order a drone strike, shall we ?
What a load of shit!
The FBI and Government should crack down on Gun manufacturers to ensure their guns either don't end up in terrorist hands or are unusable to be used by terrorists. Too hard ? Well, so is cracking the encryption of an iPhone.
It should be no surprise to anyone that there already are quite a few similar cases, or that they do not involve terrorism. It irritates me quite a bit that the FBI, Apple, and probably at least 95% of the commentariat, here and elsewhere, seem not to recognize that for the BS it is. There are many more than 12 such cases in some stage that might follow on this one; the New York Times mentions 9 (probably included in those mentioned here) and the district attorney for Manhattan (NYC) has said he has 175, not one of them reported connected to terrorism as far as I know. Search warrants have been a standard tool of US law enforcement agencies for more than 200 years and will continue to be, hopefully, far into the future. It is immaterial whether the crime being investigated is terrorism.
The fundamental question is whether and on what basis the government can compel non-government actors to assist in ways that they can, to carry out proper warrants. The government thinks they can, and that absent authority specific to the case, they can use the All Writs Act as authority for it. Apple opposes this for reasons they shortly will be producing in court and makes a number of alarming claims publicly that collectively suggest they think the US is seriously at risk of becoming a tyranny and is using an old and possibly obsolete law to move toward that. Orin Kerr, who probably understands the legal issues at least as well as any of them and has no skin in the game, isn't sure.
The government needs to come clean and confess that this is not about terrorism but the whole range of criminal investigation, where in a world where digital data is increasingly the norm they have a reasonable need to be able to execute search warrants, sometimes with outside help. Along with that, they need to point out that procedures and rules are in place intended to see that warrant requests are reviewed before being granted and that improperly obtained evidence is subject to challenge and dismissal if the prosecutor tries to use it; and that the system is imperfect because people are imperfect and sometimes venal. Those of us in the US were supposed to learn those things in high school Civics and US History classes, but a lot of that knowledge seems to have been lost since.
Apple needs to come clean as well, tune down their overwrought alarmist rhetoric, and admit that making the OS modification the government wants will not put untargeted iPhones at measurably more risk than they are now as long as the government has to come to Apple for help to use it. That the software, which the FBI, NSA, and some thousands of other actors, government and non-government, domestic and foreign probably could develop but not use (we certainly hope) without Apple's help, is not the equivalent of a master key; that Apple already has and will retain the real master key that they use to sign the software they distribute. That Apple will continue (we should hope) to make their products as secure as they can consistent with the national laws under which they and their customers must operate, and will continue efforts against government abuses wherever they operate.
The question wether a phone targeted by a search warrant is running a cloud based backup is not relevant if there are things that the backup system overlooks or if the backup was not done. The apparent fact that the FBI and San Bernardino County committed an error that might have disabled backup may or may not apply to any other of the phones in the warrant queue.
Maybe Apple and other tech companies would help the government and law enforcement agencies if they hadn't such a bad track record?
The bad track record in that there appears to be no accountability for law enforcement agencies, including inntelligence agancies.
Once a technology (say surveilance) becomes available - it will be used. Not only against foreign citizens or nations, but US citizens, too.
Ontop of that - they actively undermine security standards. There's also hypocricy where other countries ( say china) gets accused of all sort of crimes against freedom/privacy, just to find out it is the US thats the biggest offender.
All in all, the US government and associated agencies have a serious image problem. They need a man on Mars right now ! - because people are sick and tired of the whole post 9/11 FUD.
People WANT to associate something positive with their government. But they not gettng what they want.An iPhone instead can bring a lot of joy.
And when seach warrants where invented 200 years ago - they probably had 'searching someones premises' in mind. Not reverse engineering phone encryption.
If that iphone was a house - the FBI would love to kick in that door, scream at people and pin them on the floor.... Here's that image problem again.
They must hate asking Apple for help....
Right now no back door vulnerability exists. The FBI want Apple to make one.
There are two major problems with this, one technical and the other legal.
1) Once a back door vulnerability has been created, it will become a target for malicious actors to steal and other Governments to demand access to (making it easier to steal). Eventually they will succeed, and then all iPhones of that hardware are pwned.
2) If a US technology company can be coerced into created a back door vulnerability in one product, all US companies can be coerced into making a back door vulnerability in all their products.
Which then exposes all US products to (1)
Thus if the FBI get what they want, nobody can ever trust any US product ever again.
The 'back door vulnerability', as such, already exists. The FBI, in this case, are asking Apple to circumvent a particular basic, timing-related security mechanism to reduce the time taken to exploit it, in their own building, using their own equipment, under their own control, to access this under a warrant obtained through judicial review. I'm depressingly unsurprised that the nature of the request seems beyond a few on here, but even i'm taken a-back in the Daily Mail level of ignorance displayed in much of this thread. I wouldn't trust the FBI as far as I could throw their headquarters, but that's not the issue here.
If it's a "particular basic, timing-related security mechanism to reduce the time taken to exploit it" then why can't the FBI do it themselves or maybe it's not so "basic" !
Maybe the FBI have used up 9 attempts of the 10 allowed !
Maybe the FBI want to create a precedent for Phone manufacturers, so forcing Apple etc to have to unlock Phones in the future - maybe thousands of them !
Or maybe the FBI want the Tech for themselves in their own phones but don't wanna pay iPhone prices !
I think if the NSA/FBI are allowed to have encrypted phones then why can't everyone, unless you are saying that the NSA/FBI phones have a back door already !
Why doesn't the Government make whatever local government department in San Bernardino that owns the bloody phone make a request (and maybe also file an amicus brief or whatever lawyers call it with the court) to Apple to help them unlock their phone.
I may be naive, but it seems to me that Apple would lose the privacy argument if the legal owner of the phone asked them to unlock what, IIRC, the FBI locked - and the FBI would not object.
[I don't know who the other 12 phones belong to.]
You're right, you don't get it.
The issue is not that Apple are unwilling to hand over personal information with the proper authority. What they are unwilling to do is write software that deliberately breaks their own security. It might be a theoretical risk that such a break could get into the wild, but it's still a risk to all of us, even with 'comforting' safeguards like it will only work on one phone. There's no comfort in knowing that a template for hacking into zillions of phones is lying around somewhere.
Stipulating that this is correct, because it almost certainly is, there are a few things those who argue this position should explain in some detail.
How does someone who has a copy install it on a stock iPhone? There appears to be difficulty involving code signing.
What prevents someone able to install such a break from creating it right now? It is likely there are thousands in the world with the necessary knowledge, skills, and maybe equipment. Hundreds of them will be in the US, and some of them will be on payrolls at the FBI, NSA, or a similar organization in another country.
If someone (not Apple) can create a package like what the US court has demanded, and someone else (also not Apple) can install it, is there a significant probability that they will get together?
Given plausible answers and corresponding success probability numbers, does the presumptive fact that the details of what Apple is supposed to provide will become known increase the total risk to iPhone security by a meaningful amount?
Re: There's no comfort in knowing that a template for hacking into zillions of phones is lying around somewhere.
Sleep easy children; no one knew for decades that Bletchley Park had compromised Enigma and had the equipment necessary to hack it, so people happily purchased it and used it for secret communications. Remember practically everything we now know about Bletchley Park and it's role in WWII has only been disclosed in the last 20 years.
So it will not surprise me if we discover that a team in Apple already have such a template and have been using it against Apple company phones that get handed in when employees leave...
No, Apple are not asked to write software that "breaks their own security". They are asked to write software that will exploit a weakness on a single device (an older model, newer models plug the hole) and will be useless for exploiting the same weakness of any other device, even if it gets into the wild.
Incorrect.
They are being asked to create a toolkit that can be used to unlock all iPhones of that model, on demand.
Consider the following question:
How could Apple test that this software works?
Can't test it on the target device without risking wiping it by mistake.
So the software can be applied to any and all iPhones. By definition.
On top of that, we already know of over one hundred other petitions for this.
So no, you are simply completely wrong in broad and in detail.
Frankly, did anyone really expect private encryption that is safe from government scrutiny under court order? That is just a bit naive. And a bit pointless too. Unless you plan som major crime, in which case you would be a fool anyway to rely on any mass-market off the shelf solution only.
"Frankly, did anyone really expect private encryption that is safe from government scrutiny under court order? That is just a bit naive. "
If that killer had used 8 random digits and letters as the passcode instead of just 4 digits, nobody would be able to crack it. The FBI's problem is that this phone will erase itself after ten wrong passcode attempts, and that is what they ask Apple to prevent. Typing in 10,000 passcodes is just a day or two work. 8 digits and letters is impossible to crack.
The firmware update *could* be used on any iPhone 5c, but it has to be signed for a *specific* phone.
Only Apple have the signing key and as the security of all of their phones depend on this hopefully the key(s) is very well protected! Equally, one would hope that the strength of the signature is comparable to (probably better than) the encryption of the phone's memory. It would be as easy to crack a phone as it would be to forge a signature. What's more, the effort required is the same for each phone - it isn't a case of "crack one crack 'em all".
Apple has two problems:
1. Acknowledging that their phone is inherently insecure (they *can* hack it). They might have to end up admitting that even with Secure Enclave they can get access to *your* phone.
2. Setting a precedent - "You did it for that phone, now do it for this".
Of course the true conspiracy theorist knows that the FBI has already recovered all the data and this is just a smoke screen to cover the backdoor in 256 AES...
Whether Apple would be more responsive to a request from the owner is a good question, and might be covered in the printed material that comes with an iPhone and the owner agrees to by opening the package or activating the phone. Even if it is, and denies all hope of Apple pass code recovery assistance, it would be interesting to see it tried. I seem to recall reports that some software EULA provisions have fallen when challenged in a court. The government would likely agree in this case, but that probably would not affect their stance in others where the owner does not consent or cannot be found.
That approach does not seem plausible in most cases, however, since the owner (if available) may not consent to the search. In those cases, the US or district attorney probably should negotiate access with the owner to allow the search and give up (or enter) the pass code to facilitate it. The negotiations might, for example, involve a combination of contempt of court punishment, plea bargaining, and forbearance in prosecuting the owner (but not others) based on information found, all of which are more or less standard techniques. Direct request to Apple (or other manufacturers) should be a last resort for cases in which the information cannot be obtained more directly.
I was willing to take the FBI's request at face value, but this means that the lying scumbag knew very well what he was asking.
Good on Apple's lawyers to have shed light on these shenanigans.
Bad on the government to have once again demonstrated that we simply cannot trust them.
How the country is going to solve the trust issue is beyond me, but a solution will have to be found. The country cannot continue like this and expect democracy to work.
.. but there was no other conclusion possible.
I have worked with IT, government, law enforcement and lawyers for a long time and if there is one thing you learn in a business as complex as the one I am in in, it's lifting up the lid and look underneath (and be prepared to sometimes be hit by the stench).
This stank even without lifting the lid, and what bothers me most (as I said before) is the apparent collusion between the FBI and court to attempt to create this illusion that it was a one-off, certainly now it emerges that they are doing this in many other places simultaneously.
I find that questionable because it reveals an of the impartiality we are to expect from a judge.
> ... apparent collusion between the FBI and court to attempt to create this illusion that it was a one-off
The subtlety (such as it was) is that the court order claimed this to be a one off - in the sense that the order applied to a single instance (as do each of the other myriad cases). That might well be fair enough IF there was some uniformity between the legal world and the technical world.
OTOH, Apple's response makes that point that implementing the legal one-off unavoidably necessitates breaking security on every one of that model of phone (and maybe others).
... You are closer to the truth than you actually think.
There are dozens of other locked smartphones.
All have video evidence where an african american citizen gets tasered and brutaly beaten by 10 caucasian police officers at the same time.
Apple, Samsung and Google have offered to help, but the FBI declined.
A smartphone in the wrong hands is a dangerous weapon! And millions of people around the world are now on the loose with smartphones.....
Why all the fuss?
Yes, off course Apple has to assist the FBI. The best thing they can do is to explain how the crypto works and point at the best way of doing a brute force attack.
I think "assisting" is being wrongfully interpreted as "you have to insert a backdoor in your system". It is not the same thing.
He's done a tremendous amount of good with he wealth and he's not afraid to speak out on important issues, but I'm still not entirely sure why he had to on this one.
Come on Bill, with all that money you could be off having a nice relaxing time playing Wii Sports, why bother?
The irony is that both Microsoft and Apple snoop on their own customers. On the Windows platform, Media Player secretly phoned home with media library listings. Apples does the exact same thing but calls it "Genius" "Siri" and "Album Art" - more like insidious, asking consumers to sign a 46 page agreement that all their information will be sent to Apple's server farm in exchange for providing a small convenience. Chances are the information the FBI seeks is already stored in the cloud as well as the phone.
1) apple has not been asked to 'unlock' the phone.
2) apple has not been asked to 'break' their encryption of the phone
The court issued writ asks that apple create a boot time update of the software for the phone that is signed appropriately with apple's key, which will remove the functions in the OS that a) limit the number of attempts at the 'password' and b) remove the OS function that destroys the data on the phone when that limit is reached and c) adds a device path that will allow for mechanical input of the password to unlock the phone.
This specific writ is phrased such that the update should be specific to the individual phone. Essentially Apple has been asked to create an insecure version of the OS for a specific phone.
The use of the All Writs Act is peculiar in a legal sense and it is this factor that makes the overall request the basis of a legal precedent. This precedent will apply not only to Apple, and the version of the phone in question but to all systems where an update could be applied to modify an internally secured process, on any software driven device.
THAT is why we should all be screaming. Never mind that should someone leave a copy sitting around somewhere that it leaks out to the rest of the world it could be used as a template for pretty much anyone to do the same thing on any number of phones out there.
<Yes, it will be signed with Apple's own key -- however if it ends up on the loose, there are those that will spend ages working on getting that bit unlocked, and eventually someone will figure that out.>
Finally, if Apple successfully challenges the writ and wins their position in a court, this case will help make Comey's case for 'back doors in encryption have to exist for the government'
What needs to be recalled is that the FBI have the metadata on the phones communications over the provider's network - this is always collected, it is kept for a reasonable period - so they *know* that communications have taken place and what or who was on either end of that communication, what they do not have is the specific content of that communication. They have the backups up to a period of time before the events in question. They have not stated that they have any metadata indicating what they are after on the phone itself which for ME is the keystone against executing this writ.
It's because they are not getting it wrong - they can see beyond the smoke that you're still busy inhaling.
You can strip the Apple logo off this request, and even that it's about terrorists - the essence of this order is that it goes to great lengths to create an illusion.
It is asking Apple to develop a method that will help the FBI break the security of the iPhone, which is basically asking a commercial company with a successful product to commit commercial suicide.
But that's what you see. Behind the smoke is that fact that the US legal system is based on precedent, and that declares all exhortations that this is a one-off, never to be repeated, entirely exclusive, not sharable effort (etc etc) as absolute total bullshit - if this is successful, it established a legal template to ask for it again and again.
This was diagnosed pretty much the moment it was reporting, so I'm not going to repeat all that. Just note that Apple has now filed a deposition that PROVES this was not a one off - apparently this trick is tried in some 12 other places too.
The worst bit is that this means we've had a supposedly unbiased judge participate in an effort to hide the precedent setting nature of such orders, and that is a dangerous sign indeed as that seems to suggests a frankly questionable amount of collusion.
What you're looking at is a new attack vector in the Battle for the Backdoor, nothing less. Everything else is just fluff and misdirection.
"It is asking Apple to develop a method that will help the FBI break the security of the iPhone, which is basically asking a commercial company with a successful product to commit commercial suicide."
I don't think anyone is so dumb that they take for granted that their precious iPhone data is so safe that a massive government effort to access it would fail. You need to be off the cloud and any kind of backup service, and totally destroy the hardware, to have any kind of insurance. Probably be off the grid alltogether as well.
I'm pretty sure that if the cost of accessing your mundane data is above a rather small amount of dollars, trying to access it won't happen unless you have committed a major crime.
I don't think anyone is so dumb that they take for granted that their precious iPhone data is so safe that a massive government effort to access it would fail. You need to be off the cloud and any kind of backup service, and totally destroy the hardware, to have any kind of insurance. Probably be off the grid alltogether as well.
I'm pretty sure that if the cost of accessing your mundane data is above a rather small amount of dollars, trying to access it won't happen unless you have committed a major crime.
Well, if it's that easy, the government would't NEED Apple's help, would it? There would be no need for this order, and the 12 other "one-offs" that aren't..
The NSA wouldn't help the FBI with something like this. You don't expose what your capabilities are. FBI are on their own on this one.
Regardless of all this, even Apple has to comply with the law.
My point was that do people really think that devices are 100% secure? It seems bizarre if they do.
Apple's software signing key probably has been a highly sought after target for a long time, because having it enables one to make, distribute, and install software far more intrusive than the government demands. Now that iPhone vulnerabilities have become more public than previously, will be more highly sought after going forward irrespective of whether Apple creates the required software or not.
Smart phones, irrespective of manufacture, in addition to communication devices, are pretty capable general purpose computers and may well contain material not hinted at by communication metadata, and also not backed up to any cloud service that can be tasked with a subpoena or warrant. Accordingly, device search warrants be an issue in the future, probably increasingly so.
Have another upvote for a clear description of the basic facts and issue.
Hmmm, so Bill Gates thinks this will not set a precedent? This is the same guy who "vastly underestimated how important and how quickly the internet would come to prominence" (1995 Road Ahead biography https://en.wikipedia.org/wiki/The_Road_Ahead_(Bill_Gates_book) ) and founded the company that seems to be consistently getting whats going to happen in the future wrong and so is always playing catch up with everybody else.
Where as Apple say it will set a precedent, i think i know who i believe is right. They seem to know where things are heading.
There's no room for nuance when it comes to government (or corporate) intrusion into our private lives. Either you are with us or you're against us. Bill Gates has a long history of the latter, and there's no amount of good he can do to redeem himself. He is now irrelevant at best.
It's crystal clear to me: government must not violate our freedoms for the purpose of protecting our freedoms.
They're not violating your freedoms. They have a search warrant. You don't have to provide your password, but the government has the right to hack into it any way they can.
The issue here is if the government can order a company to assist hacking one of their products. I don't see why the government can't order a company to do that if they have a search warrant. There's no protection under the law for Apple, and a judge has agreed. It would have to be on a case-by-case basis. And yes, there are dozens of cases where this has come up. So what? Is it that hard to believe that criminals might use smartphones?
However, I don't think the government can order Apple to introduce a backdoor into all of their products. That would cut Apple out of the loop and entrust their product's security to the government. You'd know that backdoor password would leak out, and then *everybody's* phones would be affected.
It would have to be on a case-by-case basis.
Read the more insightful comments why this is NOT on a case by case - go back to earlier articles for detail. It's been said at least 100 times, if not more, so I can only assume you just crawled from under a rock.
Dozens of different judges have given dozens of different rulings on each of those phones individually? I didn't see that in any of the articles or comments. I understand precedent, but judges don't always blindly follow precedent, hence the case-by-case argument.
When the government seizes your phone using a legal court order, it's no longer your phone and the information on it is no longer your information. It's theirs. They can do what they want with it. You may not like it, so either stop putting sensitive information on smartphones or go change the law. But good luck with that, because deep down people want the bad guys' phones to be unlocked by the government. They'll take security over liberty every time.
Finally, Apple is saying that they don't trust themselves enough to keep that special iOS version in-house. They believe the software will get leaked. And yet you trust them with protecting your personal data after they admitted that they can't even protect their own software? Really?
Either way, the data on a smartphone isn't nearly as secure as everybody thinks it is. It's making people second-guessing the security of smartphones. And that's why this case is getting so much attention.
A bit over the top, but not seriously off base. When the government seizes your phone based on a warrant, the phone does not cease to be yours, nor is the data no longer your data. You lose the right of privacy to the extent the warrant specifies, and the government probably can damage the device if necessary, although you might be able to claim compensation for physical damage or destruction.
Yup, they surely can, but before using it the FBI/NSA/CIA and probably the local Chinese takeaway all take several copies each, just in case they need to use it again and again and again etc etc etc !!!!
It's unlikely that Gates did not have an intimate understanding of exactly what the FBI is asking of Apple and what the broader implications of that are.
I'd say that, given that he claimed that Apple has the data the FBI are asking for when they've already handed over all the data in the iCloud account indicates otherwise.
So it's only for this specific case, no precedent, oh, sorry, apart from those twelve others that you've discovered are also pending. (You have no idea how many there are that you don't know about, of course.)
And it's only in cases of really really serious scary crime like terrorism, oh, sorry, except for those other twelve cases which are, um, not to do with terrorism.
And they wonder why nobody trusts them?
The State is not your friend!
Yes.
He's also the guy who started a software company then went on to change the commercial world and become the richest man alive.
He's made mistakes, just like the rest of us, but he knows tech and the tech world.
He's occasionally used some questionable business tactics, but he's accomplished enough (and given enough away) for me to ask - what have *you* done that warrants such snark?
He's occasionally used some questionable business tactics
Err, no, he never used any other tactics, from plain theft (Stack) to monopoly abuse (multiple cases in various countries). The most vile tactic in my opinion was his use of "charity" to buy what he wanted in various countries, that was even worse than misleading the educational idiots* establishment into thinking they could get it all on the cheap, and as soon as the idiots* establishment was locked in, predictably the prices went up. I reckon that's what got him his UK OBE. Gates had left when Microsoft damaged the way ISO worked to get its own standard in (which it appears to have abandoned now it has served its purpose of keeping them in play in government), but he certainly established the behaviour that made that even worth considering.
(*) it wasn't exactly difficult to guess what is going on, but warnings don't help if the recipients consider themselves the fount of all knowledge and are thus deaf to anything but reality teaching them a harsh lesson. The problem is that the pain was passed on to students - the budget thus stolen could no longer be spent on anything that did contribute to education.
I was incredulous at reports suggesting Bill Gates favored the FBI. Glad he had a venue to counter the original erroneous reporting. This is a large and nuanced conversation which does not fit well in today's in your face - either-or attack style reporting. We have moved from carefully amassing facts, sifting for clues then reaching informed opinions in favor of steroid sensationalism. "You tell me that everyone who drank fluoridated water in the 1850's is dead. Clearly Obama is poisoning the people."
The raison d'etre for the FBI vs AAPL case is due to Congressional abdication of their duty to have this debate at a national level and weigh the balance between privacy - oddly something I feel our elected officials will feel a greater need to protect than for than average citizens, and getting law enforcement the tools they need to do their job. I doubt I could craft a law today that would not require serious changes due to advancing technology in a rather short period of time. Failure to adjust those laws could have unintended consequences worse than what they sought to cure. The Patriot Act's new capability to seize property by local police forces in a period of diminished budgets is one example.
Look at Juniper - the NSA had a backdoor built into their networking equipment - and that exploit was in the wild and being used by terrorists and criminals without anyone being aware. Meanwhile the probability of the San Bernardino terrorists having left something incriminating on his work phone is vanishingly small. He was careful to destroy his two burner phones and his attack caught colleagues completely off-guard indicating his discipline at presenting a clear outward "Walter White" face to his business interactions was completely divorced from his Heisenberg side. This is a setup for the other 12 cases the FBI is seeking to crack that are NOT terrorist related. Is that a bad thing? Bill Gates and I don't know - but feel a national debate is needed. People with names like Jared, Hastert, Schock, Weiner and Delay might have different ideas.
"In other words, what Apple has said repeatedly – that agreeing to create a version of its mobile operating system that can be used to bypass its phones' security would serve as a precedent for law enforcement to gain access to future phones – does appear to be true."
Coo, stap moi, never saw that coming.
Oh wait, yes I did, and said so.
I don't understand how others can be so bloody naive as to fall for the "just this once, eh?" line. I mean, haven't we all learned that a Utility is a One-off Job on its second or subsequent run? The thinking is endemic to the IT trade. You'd think people in the biz could spot it a mile away.
And then there're the Anti-Terrorist statutes that seem to be being a tad over-enthusiastically employed by the Five-Oh.
And then ther're the overly broad Sexual Offender laws that get misused in the same way.
And, of course, the RICO statutes. Intended as an emergency measure to dismantle otherwise untouchable organized criminal gangs, now used all over the place at the drop of a hat.
People are joking about who would vote for Trump, but the same thinking that puts Donald on the throne is in play every time someone says "well, it's just this one time, and very narrow circumstances".
We live in the age of overreach, and I'm beginning to think it will only stop when an exchange of EMP makes it impossible to communicate electronically.
What we need is Jorg X McKie and BuSab.
This post has been deleted by its author
"Apple had better comply. I suggest a $10 million dollar fine per day and that Tim Cook is sent to jail until Apple complies with the court order. Even Apple is not above the law not Microsoft though they often believe differently."
That court order is not legit - Apple has plenty of time to answer to the request, then the junior judge will make his or her decision, then we have a court order _at the lowest level_.
If Apple can't change the mind of the junior judge, they will appeal. And they can make more than one appeal. Eventually an appeal will be heard by a judge with brains. Apple might also bring expert witnesses, like Michael Hayden who might be willing to testify that breaking the security of the iPhone endangers national security. Then the FBI's problem that their "just one phone" lie has been exposed.
But what will happen most likely is that someone at the FBI will get impatient and will use up the last two tries that they have for guessing the passcode, and the phone gets erased, and we all have to put away the popcorn.
It's actually pretty simple.
If Apple CAN access the information, they should do just that. There are no implications for the future other than showing that it can be done, and if it can be done we might as well be told about it. Or do you think NSA can't do it if Apple can?
If Apple CAN'T access the information, then the discussion is over.
Simples
The bit of new information that this story adds for me is that there were 9 other requests but that they had been kept secret.
Why keep non-terror related requests secret but the one terror-related request public? That suggests to me that the secrecy had nothing to do with security and everything to do with politics. To me that lack of openess and transparency is more concerning than whether this (or any) iphone gets unlocked or not because it suggests that the justice system is not just.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
