Facebook and Twitter back Apple's privacy stance Silicon Valley heavyweights Facebook and Twitter have rallied behind Apple in its privacy dispute with the United States Federal Bureau of Investigation (FBI). For those of you who've spent the week under a rock, the FBI wants Apple to craft a custom crack of the iPhone owned by Syed Farook, who with his wife Tashfeen Malik …
It wasn't owned by him. His employer owned/owns the device, he merely used it. The distinction is important since it impacts on whether 4th Amendment protections against unlawful searches would apply if the warrants were somehow invalidated (they wouldn't).
@Lysenko
The 4th amendment argument is not particularly relevant here - is it. This is not about the right or lack of to search the phone. This is about the technical ability and the preparation and availability of a mechanism that renders void the protections on a phone.
My biggest concern is that no one seems to be prepared to acknowledge that if encryption is trashed, a huge chunk of the on-line commerce that we depend on goes with it. Who in their right mind is going to rely on Internet shopping or on-line banking when you have no faith in the systems that are supposed to provide confidentiality.
I still remember the days when you had to go into shops and carry products home, go to the bank with with drawl slips; pay for things with cheques and/or credit cards that were put in a machine with carbon papers.
The gubbermint seems intent on winding us back to some time in the 1980s.
Agreed. It isn't relevant to the substance of the matter, but under other circumstances it could be a speed hump on the way to a authoritative ruling.
I was just pointing out that the FBI want Apple to do this with the complete agreement and support of the owner of the phone in question.
Apple's point is that what the owner of the phone (and the FBI) wants done is excessive, dangerous and harmful to their business. I may want Apple to similarly water down security on a phone I bought for my son or daughter, but that doesn't mean that Apple is obliged to think that cooperating with me is a good idea.
This isn't about cooperation with a search, it is about compelling someone to do positive product development work by judicial fiat.
Whether the resulting product is a good idea or not is incidental to the question of whether the court has the power to hijack labour like this in the first place without congress first nationalising the company or enacting some sort of conscription.
This post has been deleted by its author
It's rather ironic that this comes at a time when the US have just negotiated Privacy Shield to convince the EU they are serious about protecting the privacy of EU citizens...
I have a feeling that even the FBI is here but a pawn used in The Great Battle For The Backdoor XXXIV (there have been many, but I lost count). It is evident in how quickly the emotional "supporting criminals" got laid on top when Apple said No because it knew what publicly agreeing would do in a legal system that works by precedent.
The issue is you should change the FBI so it adheres to constitutonal principles. Just neutering fully the FBI is not the right solution. People are becoming less and less aware that goivernemnt is not a bunch of aliens landed here - government is made by citizens.
Any Omni Consumer Products company will never protect you - it will just try to extract more money from you. Cook took this stance only because he saw no money coming from it. Whenever Apple will see a good business unlocking iPhones, it will do.
There are big issues in governments today, and as long as citizens are just shortsighted and can't look beyond their iPhone screen, they will never be fixed. It's pretty stupid to let OCPs slurp enormous amount of data as long as they promise to keep your phone away from the FBI - as long as they can't sell it for money.
Change the FBI so it won't attempt to seize your data "just in case". Change the government so it won't ask the FBI to do so, and remove officials that thinks mass surveillance is good, instead of chasing true criminals. But let the system cripple, and the only winners will be criminals - including those inside the governenment and FBI. And don't believe your PIN protected mobe will save you.
I am a little disappointed that more of my ilk are not seeing this way. Apple is disingenuous on any stance. If the FBI abuses its power, its an abuse, the fact it is neccesary to investigate and prosecute crime is indisputable. Apple on the other hand is entirely dependent on their ability to sell whatever garbage they have produced. If Apple wasn't sitting on a literal mountain of cash, I believe they would simply comply.
This is closer to citizen's united than most people want to believe.
The previous poster said it well, and I only want to add, this may be perceived as a battle in the back door war, but perhaps it is a necessary battle for law enforcement. Consider the public service value of conserving their resources if they have cooperation of vendors.
Somebody makes battering ram, but I don't think they promote criminal behavior just to ensure the need.
if a court agrees that a private company has no obligation to comply with a warrant requesting that they help open a box to which they have the key, then that sets a precedent too
i.e. banks no longer need to provide info on money laundering - they have their clients' info, locked in a box to which they have the keys
we live in a civilised society, that requires compromise
the dramatic posturing by apple/others is pure pr guff
if all the wailing ninnies truly believe the fbi etc. has any interest in them at all, they have a seriously misplaced idea of their place in the world, i'm sure you could eliminate at least 99.9% of these delusional fanbois with no lasting impact on humanity beyond improving the gene pool
They don't have the key, that's the point.
The FBI are demanding Apple make a key so that next time, when someone blackmails Apple's cleaner they can get their ex-wife's iphone unlocked.
As it stands, you (or Putin) can point a gun at an apple employee and they still cannot unlock an iphone for you. Changing this is not desirable.
no, you are wrong
apple DOES have the key, this is a matter of fact, it is the key that signs the software update
this key enables signing of a crafted image that can then be used to auto update the device, this in turn will allow brute forcing the user's unlock code required to gain full access
btw apple was lying when it said there is no backdoor, there demonstrably is, this is it
only apple has the key to the backdoor, but it has it
apple lies
no, you are wrong
apple DOES have the key, this is a matter of fact, it is the key that signs the software update
this key enables signing of a crafted image that can then be used to auto update the device, this in turn will allow brute forcing the user's unlock code required to gain full access
I think you will first need a couple of years learning how encryption works before you should dare to form an opinion, let alone utter it in public.
Here is a tip: there is no such thing as THE key - there are many keys in play in this situation.
The signing key for the software that guarantees its integrity.
The device access key that allows such software to load on the device (the reason why devices need to get rooted before you can install other code on it).
The encryption key that encrypts the relevant data container in the iPhone.
The fixed, unique hardware key burned into the chip that ties encrypted info to the physical hardware (the reason you can't just copy the lot to a load of VMs to brute-force it).
The key that encrypts the PIN number storage, and that holds the aformentioned access key to the data container. When you enter the right PIN, you enable access to the data storage container. That is done that way because (a) it makes it easier to change the PIN code without having to re-encrypt the data in the container and (b) it makes it possible to delete the big access key if you exceed the magic count of 10.
Come back when you have managed to put talking and thinking in the right order.
It's not necessarily the FBI and it's not their interest in people which is the point here.
It's that once the hack has been created, it is potentially available to anyone who is prepared to wield the right level of bribery or violence.
And it's not secrets like people's diaries that are the concern here, it's secrets like PIN numbers and banking passwords.
The internet runs on crypto - weakening it is a big deal.
What this might tell us is the FBI don't have any secret magic super toolkits to bypass iPhone device security.
Or do they? Maybe they have got into the phone already and know there is some useful evidence in there, but need a way of legitimising it so it is admissible in court without giving away the secret of how they came by it.
It means they're too proud to ask the NSA to unlock the phone for them! More accurately, they want the same kind of warrantless access to data that they can get from any data centre just by sending a fax. should be able to get all the metadata they need from Apple and the phone network.
They're in possession and have probable cause so they any data they can find is admissible, unless it was obtained illegally before the event. But that would imply they had the guy on their radar… let's not go there.
“We also appreciate the difficult and essential work of law enforcement to keep people safe. When we receive lawful requests from these authorities we comply."
This part seems to be saying that Facebook is siding with the authorities; given there has been no indication that the request being made by the FBI is unlawful.
"However, we will continue to fight aggressively against requirements for companies to weaken the security of their systems. These demands would create a chilling precedent and obstruct companies’ efforts to secure their products.”
As has been pointed out elsewhere, the authorities have not and are not asking Apple to weaken the security of their systems; the security of Apples products in users pockets will remain unchanged. In fact given the level of disclosure Apple has been gifted a sales opportunity to encourage users of it's older products upgrade to newer iPhones and versions of iOS; and hence increase their security! What Facebook are saying here is that they object to requests by authorities for backdoors etc. Hence in this context they are sending out a warning to the relevant authorities not to try and extend the scope of the current request to get Apple to include features in their shipping products that would weaken security.
You can only claim that there is no intention to expand the scope of this when you fully ignore what kind of precedent this sets. As an aside, Facebook proclaiming any interest in "security" was worth a laugh, but I'm going to park that for the moment.
This order asks two things.
Directly, it demands that Apple develops a backdoor (note that there are no statement on feasibility here either). Strip all the limiting waffle off the order, and this is what is being asked. Yes, it's "only once" and "only for these really bad people and oh my God think of the children" (an argument that we see time and time again when the asker is not certain that pure facts will be enough to get their way - always a red flag IMHO), but FBI + judge have really bent over backwards to make people ignore that fact that that is simply not how US law works because ...
INdirectly, because of how US law works, it would establish a precedent that the FBI (or anyone else who has sway with a judge) can demand a successful company to commit commercial suicide by reverse engineering the very security they have spent many man years developing and go public that they have done so (remember, this is about evidence that is eventually used in a public court of law). That precedent, by the way, entirely nullifies the claim of "we'll only ask for it this once" because it establishes in law a path to a repeat performance. "We did it here successfully already, so we can ask for it again here, Your Honor." Given that this order has been issued by a judge, it would not be unreasonable to assume this judge knows this full well, and it is thus worth keeping an eye on this person because I'm rather intrigued by their motivation.
This is what is really happening. It is not really about Apple, but I assume the thinking was that if they got Apple to cave, the rest of the industry would follow and they would finally have their much desired mega backdoor.
What will happen next if the FBI is successful is easy to predict: just look at what happened to the physical luggage backdoor the TSA demanded "for your safety". It's been used by thieves to empty your luggage of valuables quicker than New Labour emptied UK's Treasury, and you can even get 3D files to print those master keys in the comfort of your home. In short, you can kiss your security goodbye, and Silicon Valley would formally be declared as worth avoiding by EU business as it would lead to non-compliance with EU Data Protection laws - already a distinct possibility if Privacy Shield is not given some more legal teeth.
Of course none of this would have been an issue if the device had been an Android...
http://www.forbes.com/sites/andygreenberg/2013/07/22/pin-punching-robot-can-crack-your-phones-security-code-in-less-than-24-hours/#2fb4ef6158a8
Yes, yes, it's old, and I'm sure all Android devices now have an appropriately increasing delay between PIN attempts...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
