Reply to post: Why are people getting this so completely wrong?

FBI v Apple spat latest: Bill Gates is really upset that you all thought he was on the Feds' side

Alistair
Windows

Why are people getting this so completely wrong?

1) apple has not been asked to 'unlock' the phone.

2) apple has not been asked to 'break' their encryption of the phone

The court issued writ asks that apple create a boot time update of the software for the phone that is signed appropriately with apple's key, which will remove the functions in the OS that a) limit the number of attempts at the 'password' and b) remove the OS function that destroys the data on the phone when that limit is reached and c) adds a device path that will allow for mechanical input of the password to unlock the phone.

This specific writ is phrased such that the update should be specific to the individual phone. Essentially Apple has been asked to create an insecure version of the OS for a specific phone.

The use of the All Writs Act is peculiar in a legal sense and it is this factor that makes the overall request the basis of a legal precedent. This precedent will apply not only to Apple, and the version of the phone in question but to all systems where an update could be applied to modify an internally secured process, on any software driven device.

THAT is why we should all be screaming. Never mind that should someone leave a copy sitting around somewhere that it leaks out to the rest of the world it could be used as a template for pretty much anyone to do the same thing on any number of phones out there.

<Yes, it will be signed with Apple's own key -- however if it ends up on the loose, there are those that will spend ages working on getting that bit unlocked, and eventually someone will figure that out.>

Finally, if Apple successfully challenges the writ and wins their position in a court, this case will help make Comey's case for 'back doors in encryption have to exist for the government'

What needs to be recalled is that the FBI have the metadata on the phones communications over the provider's network - this is always collected, it is kept for a reasonable period - so they *know* that communications have taken place and what or who was on either end of that communication, what they do not have is the specific content of that communication. They have the backups up to a period of time before the events in question. They have not stated that they have any metadata indicating what they are after on the phone itself which for ME is the keystone against executing this writ.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon