"Error 53" might be the help called for.
US DoJ files motion to compel Apple to obey FBI iPhone crack order
The US Department of Justice has today filed a motion compelling Apple to comply with a court order to help the FBI break into a killer's iPhone. On Tuesday, a magistrate judge in central California granted an order filed by the Feds that requires Apple to reprogram San Bernardino murderer Syed Farook's smartphone with a …
COMMENTS
-
-
-
-
Saturday 20th February 2016 04:38 GMT Anonymous Coward
"Arguably that's not a big difference"
For some people it may be a subtle distinction, but it nevertheless a very important one. Software is legally of the same status as speech. Free speech protections in the US constitution mean the law can't compel you to say something you don't believe. Nor as a free citizen or free enterprise, do you have to supply your effort to an action you (or if an enterprise, your board) do not believe in. There is a profoundly important principle that we should seek to preserve, and that is that the government works for the people. At the best of times Politicians are wont to forget that, and it is always bad if they do, so it is always an important to fight to retain the distinction. This action subtly, but significantly tips the balance the wrong way and steps over the line. If the FBI win, the people of America will no longer be able to call themselves free citizens.
Of course many have been saying that for years, but until now those arguments have relied on the notion of psychological enslavement to the government (e,g, sheep like thinking) as distinct from legal enslavement.
BTW, I made this point on the Times editorial about this, in the same tone of voice. My comment was censored.
Also this strange amendment to a NYT article on the subject. Note, not recording there has been an amendment breaks their own strictly enforced editorial guidelines.
-
Saturday 20th February 2016 07:22 GMT frank ly
"Software is legally of the same status as speech."
Has a law been passed or judicial decisions been made which actually state that is so? Or, is it some kind of intellectual inference that has been made for the puprpose of argument?
"Free speech protections in the US constitution mean the law can't compel you to say something you don't believe."
I thought the protection was that the law can't compel you to make any statement that incriminates yourself (the 5th ammendment). Is there some kind of 'Galileo clause' as well?
-
Saturday 20th February 2016 09:03 GMT SuccessCase
"Has a law been passed or judicial decisions been made which actually state that is so?"
Yes it Is an established principle see here what an EFF lawyer says on it, (extract below):
"Reengineering iOS and breaking any number of Apple’s promises to its customers is the definition of an unreasonable burden. As the Ninth Circuit put it in a case interpreting technical assistance in a different context, private companies' obligations to assist the government have “not extended to circumstances in which there is a complete disruption of a service they offer to a customer as part of their business.” What’s more, such an order would be unconstitutional. Code is speech, and forcing Apple to push backdoored updates would constitute “compelled speech” in violation of the First Amendment. It would raise Fourth and Fifth Amendment issues as well. Most important, Apple’s choice to offer device encryption controlled entirely by the user is both entirely legal and in line with the expert consensus on security best practices. It would be extremely wrong-headed for Congress to require third-party access to encrypted devices, but unless it does, Apple can’t be forced to do so under the All Writs Act."
-
Saturday 20th February 2016 09:29 GMT SuccessCase
Oh, and re: "What about the 70 phones that Apple unlocked at Federal request that came before this?"
See, No Apple has not unlocked 70 iPhones for law enforcements
-
-
-
-
-
Saturday 20th February 2016 10:44 GMT Warm Braw
Just a key to making a key
While I'm very much on the side of Apple in that I don't see how they can be compelled to write software at the whim of the government or a court, the one thing stopping the court getting anyone else to do it is that Apple have the signing key for the firmware.
I suspect the court may be on firmer legal ground if it were to demand that Apple disclose that key so that the FBI could, at least in principle, get someone else to develop its hack. It is, after all, just information that happens to be in Apple's possession that might assist a lawful search. If it did, though, that truly would be the end of IT security as we know it.
-
Saturday 20th February 2016 16:13 GMT Adrian 4
Re: Just a key to making a key
Could Apple not revoke their signing key (replacing it with another) before handing over the old one to be used on the un-updated phone ?
The courts might send Apple executives to jail for disobeying the order, but those executives likely can't create any software. And can they force an employee to create software if that employee believes it to be immoral ? Surely the court would have to coerce someone with both the means AND the ability, such as an actual programmer.
-
-
-
-
This post has been deleted by its author
-
-
-
Friday 19th February 2016 19:37 GMT Alistair
Re: Here we go...
@ Chika:
The initial order was the slide. It does not matter *which* way this set of court issues go, the effective result is the same.
Say farewell to publicly available encryption.
http://forums.theregister.co.uk/forum/3/2016/02/18/opinion_against_feds_iphone_case/#c_2785394
-
Friday 19th February 2016 20:09 GMT Lysenko
Nope...
Three reasons:
1) Whatever trick Apple pull to get at the data (if they do so) they'll almost certainly plug forever in the next release to avoid a repetition.
2) If the US Congress tries to legislate to prevent that they'll very quickly find out the true meaning of "globalization". Huawei, YotaPhone and the rest would just love to take Apple's business.
3) Any legislation like the above throws Android under the bus as well, which would just result in Ubuntu mobile becoming relevant again.
Hubristic American pretentions about "universal jurisdiction" are just that. China and Russia are not going to cave in just because the "greatest country on Earth" [sic] decides to wave its dick about ... even if Captain Combover himself is the one holding the dick.
-
Friday 19th February 2016 20:15 GMT Yet Another Anonymous coward
Re: Nope...
1, The trick is already plugged in the iPhone hardware crypto unit
The data on this phone can be extracted by normal chip reverse engineering HW
2, Not just that. If Apple are required by the US to break the crypto HW in the new iPhone then they will be required to hand over the crack to every other government if they want to sell there.
-
Friday 19th February 2016 20:49 GMT Pseu Donyme
Re: Nope...
> 1) ... they'll almost certainly plug forever in the next release to avoid a repetition.
We'll see, as long as it is possible to do it with a special build of the firmware it would have to be the next hardware release though*. (Secure enclave doesn't apply to a 5c, but it doesn't really help since it too runs replaceable firmware - or that is my take from: http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html ).
* e.g. add a tamper-proof chip akin what is in a SIM to keep the encryption key which will only spit it out given the correct passcode (and unlike a SIM, will irrevocably erase its contents after those ten misses).
-
-
-
Saturday 20th February 2016 12:06 GMT Destroy All Monsters
Re: That is what laws and courts do.
I still don't understand what "freedom" has to do with it.
I think people are starting to mightily confuse things, disingeniously (Apple and its iPhans) or not (appreciators of freedom from the Omnipotent Government and opponents to unreasonable searches and seizures)
It is an open court decision, not a secret agency backdooring action, or plausibly deniable executive order from White House. It isn't even an UK-style "order to self-incriminate", forcing one to hand out encryption keys.
One can even appeal.
You know, in the olden days, court orders may be issued and mystery boxes might appear on the Main Distribution Frames in the phone company building. That had nothing to do with chilling effects, enabling Russia or China (evil bugbears) or involving constitutional problems. Yes, there are abuses. Thus, vigilance.
We have seen some utter crap in the last 20 years and many people now in powerful places or on Sunday morning TV should be hanged till dead for that crap, but this isn't in that set.
And how exactly do you, under the US Constitution, force programmers to write software
Am I in an Orlowski article? What does the US Constitution and forced programming have to do with it? Here's your answer:
1) Hire programmer
2) Transfer $$$ (duly taxed)
3) ???
4) Program written!
-
Saturday 20th February 2016 12:51 GMT Anonymous Coward
Re: That is what laws and courts do.
It is an open court decision, not a secret agency backdooring action, or plausibly deniable executive order from White House. It isn't even an UK-style "order to self-incriminate", forcing one to hand out encryption keys.
The problem with this court order is the disingenuous way in which both the FBI and now the DoJ are pretending that this is a one-off, whereas they full well know that there is no court that can prevent the abuse of the precedent that this action creates.
If you take the distracting "Apple" logo off this case and look underneath, you will see that it's not about Apple in isolation in one single, never to be repeated action. The way the US legal system works, this "one off" turns by its very existence into a template for repeats, and we all know how carefully agencies draw within the lines when it comes to keeping themselves to limitations (they ignore them with gay abandon).
THAT is the real game here - establishing precedent. Everything else is BS.
They could have had that help informally from Apple, and someone would have worked on a clone or found another way of telling the FBI "it'll take a while, and this is not possible with newer models" (which would be correct). By going public they have pretty much given the game away.
I can tell you what will happen when such a precedent is set: it will be impossible for any US company to sell to EU companies, because they have Data Protection laws to comply with. The "rinse and repeat" template that will set in the form of a legal precedent will basically declare the whole of the US IT industry off limits for European data. Equipment provided can no longer be trusted, and we already knew that data held in the US is non-compliant with EU privacy standards - this will merely put the final nail in.
-
Saturday 20th February 2016 16:25 GMT KeithR
Re: That is what laws and courts do.
"Am I in an Orlowski article? What does the US Constitution and forced programming have to do with it? Here's your answer:
1) Hire programmer
2) Transfer $$$ (duly taxed)
3) ???
4) Program written!"
Which is not remotely relevant to the point under discussion, which is the efforts of your courts to try and force Apple to do just that, against its will.
-
-
-
-
-
-
Saturday 20th February 2016 12:54 GMT Lysenko
Ubuntu is just as subject to US law...
No it isn't. Open source isn't subject to any national legislation. If the US tried this (again) it would go the same way as 56bit key limits. I used to have a nice sideline bolting proper crypto into some US products crippled by retarded export rules ... and that wasn't even open source.
-
Monday 22nd February 2016 10:02 GMT SolidSquid
Re: Nope...
> Nope. Ubuntu is just as subject to US law as any other software. It doesn't have some magic exclusion.
Nope, Canonical is UK based, not US, so isn't bound by US law. Technically they could probably be compelled by the UK courts, but given the UK HQ is largely a technicality there's nothing to stop them just moving to a new location to avoid it
-
-
-
-
-
-
Friday 19th February 2016 19:36 GMT Wommit
So a government agency has used old laws, out of their original context, to force a company (could be a person too,) to create something that every security expert in the world says is a very bad idea.
The UK police often use laws in ways that their originators never envisaged, and in ways specifically denied by parliament. So we have a lot of experience of this type of thing.
IMHO this case should go all the way up to the Supreme Court. Perhaps the US Congress could clarify the law being used.
-
Friday 19th February 2016 20:04 GMT Anonymous Coward
No, not really
The "old laws" that you speak of were quite specific: no unreasonable search and seizure unless warranted by court order or mitigating circumstances.
The government went through all proper procedures to gain the right to ask Apple to bypass the auto-kill feature. They have known assailants, known accomplices, known criminal activities, directly attributable evidence, went through court procedures to request unlocking in front of a judge, followed the case through all legal steps necessary to attain the right.
THAT is what the "Old Laws" says you have to do.
You think that, because you're Neu Tek and Oh, So Special!, that the laws don't apply to you...nor, to this case. But they DO.
There is **EVERY** reasonable statement that what the government is looking to do in this case is precise in definition, limited in scope to this case alone and within the powers both granted them and necessary to uphold justice and impose punishment on the guilty.
I'm sorry that you think that the use of your Shiny is out of bounds of all legal ramifications. Privacy is granted...as long as you play by the rules. For the government to ask for the privacy of highly suspected criminals to be denied is within all legal precedence and is arguably protecting us (as long as that is the limit! Each case on its own merit, no blanket declarations allowed).
-
Saturday 20th February 2016 16:37 GMT KeithR
Re: No, not really
"For the government to ask for the privacy of highly suspected criminals to be denied is within all legal precedence"
That's not the point, and you know (or should know) it.
Nobody's trying to protect the privacy of a dead terrorist. Indeed, I assume that US law is analogous to law in the civilised world like the UK, where "personal data" of a deceased person is explicitly outwith the scope of the Data Protection Act.
The issue is - clearly - about what happens next if Apple does fold, and the implications for the privacy of those of us who aren't criminals/terrorists/dead...
-
Saturday 20th February 2016 19:34 GMT Anonymous Coward
Re: No, not really
Your definition of reasonable and mine seem to difer.
what the government is looking to do in this case is precise in definition, limited in scope to this case alone and within the powers both granted them
With respect, the claim of this being a limited, contained, one-off exercise is disingenuous, and should not have been made by parties who are well versed in US law. The very fact that they have attempted to make such a claim whereas they are certain to have a more than passing familiarity with the very basics of US law is what made quite a lot of alarm bells go off at once.
In US law, there is no way to limit the scope of a verdict as it is precedent driven. You cannot avoid setting a precedent, and once it is set, it significantly lowers the barrier for a repeat because that's how the whole system works, and it's been working like that for decades. There is no possible way to prevent the far wider ramifications of being able to force a company to commit commercial suicide by damaging its own technology which took many man years to get it right.
In short, the very fact that people who should know the very fundamentals of US law are claiming this exercise is limited in scope and a one off in clear defiance of the facts they are certain to know is enough of a reason to slow this one down pretty sharpish.
Law enforcement has legal powers to compel collaboration, but it does not have the legal power (at least, not until this story has reached the very end of the legal process) to demand that a company - and by consequence of the precedent set an entire multi billion dollar industry - commits seppuku.
You see, there is a little extra problem that starts showing up here, which is what has not been mentioned before. If this "let's use a legal crowbar to get backdoor crypto in via harassment" method is successful, you will have to turn to the Chinese to buy any kit safe for government use.
The reason we use COTS kit is because it's cheaper than making special versions for government, and by breaking COTS you open the door for those Evil Terrorists™ to turn the tables on intercept and listen in to the home life of all those government officials with handy families. In short, it's the shortest path to making it a lot unsafer for everyone. Not immediately - I'd give it about 3 months before the avalanche starts.
Personally I don't care about Apple, and I had a laugh at Zuckerberg talking about security as if he knew what that word actually meant. But I do care about a government that has already grabbed a lot more power than it should have post 9/11 and has not only handed little of it back post emergency, but seems to have developed a taste for more. I guess we have a bit of Putin envy here, and it's not where we need to go, at least not if we want to remain truthful to what at one point was termed a democracy (you know, with rights and a Constitution and stuff). It is that far wider picture that is disturbing, because we are doing all of this on the thinnest of assumptions that there is actually something on that phone - at present we don't even know this.
What you're saying is that the whole of the IT industry needs to be shafted and the security of all people needs to be jeopardised because the combined resources of multi-billion dollar funded government agencies, spies and hangers-on are dependent on POSSIBLE data that may hide on one tiny consumer device to identify POSSIBLE further terrorist because all that might (and already existing legal support) it not capable of doing it without. OK, so what the f*ck have they been doing all those years? Buy yachts for themselves with all that money? Build world's biggest room heater?
I am absolutely for assisting law enforcement, but that does not mean it should happen through weakening our safety. "Please leave all your doors and windows wide open to help us catch the murderous thugs and rapists who are roaming your neighbourhood" is IMHO not an approach that deserves support, sorry.
-
Monday 22nd February 2016 10:12 GMT SolidSquid
Re: No, not really
> You think that, because you're Neu Tek and Oh, So Special!, that the laws don't apply to you...nor, to this case. But they DO.
It's not a question of whether the laws apply to new technology or not, it's whether the courts can compel a company to do a significant amount of work (in this case writing up a work around for their security systems) which will have a clear detrimental effect on the company itself, despite the company having done nothing illegal
Even under the same rules which would allow the FBI to get a warrant to search a safe, which is the closest parallel I can think of, they wouldn't be able to get one in this case, as that would require the FBI to provide evidence of *what* they know is on the phone, whereas they've just asserted that they think there's more data there than in the iCloud
-
Friday 19th February 2016 20:06 GMT EddieD
Apple will certainly take this as far as they possibly can - we've seen many times in various patent disputes how far Apple will take litigation.
I hope that they do. As has been pointed out, it seem fairly certain that there's nothing on the phone, as the owner was using iCloud backups, and was fairly thorough with the destruction of his other devices.
I still like the idea (iDea?) of Apple sayin okey-dokey, bring it here, attaching it to a device and "accidentally" bricking it.
-
Saturday 20th February 2016 16:31 GMT KeithR
"The UK police often use laws in ways that their originators never envisaged, and in ways specifically denied by parliament"
Not true in any meaningful sense. Most of the law the UK police actually use is current and extremely purpose-specific: and it's a very rare thing indeed that a UK Court, the DPP or the CPS will try and shoe-horn a current offence into an archaic piece of legislation it wasn't intended to cover.
The idea of old laws - like the one allowing pregnant women to urinate in a policeman's helmet - still being is a funny meme, but complete cobblers, for the most part.
-
-
Friday 19th February 2016 19:37 GMT Zog_but_not_the_first
No longer a problem
Now that McAfee's on the case
-
Friday 19th February 2016 19:40 GMT Anonymous Coward
Here's what you do tim...
...tell the feds that you're going to unlock the phone. When they hand it over to you smash the twatting fuck out of it with a lump hammer! Then hand it back to the junior G-man and say "There y'go buddy, i've cracked it for ya".
Please let me know if this has helped.
-
Friday 19th February 2016 20:51 GMT Matt Bryant
Re: AC Re: Here's what you do tim...
".....When they hand it over to you smash the twatting fuck out of it with a lump hammer!....' Sure, because being charged as an accessory to multiple murders after the fact by the deliberate spoliation of evidence, plus interference with a Federal investigation, would just be so smart.
/Hmmmm, may need to add some sarcasm tags for some of the posters here.