back to article FBI says it helped mess up that iPhone – the one it wants Apple to crack

The United State Federal Bureau of Investigation (FBI) has absolved San Bernardino police of responsibility for changing passwords on the iPhone once used by suspected terror suspect, Syed Rizwan Farook. Last December, Farook and his wife Tashfeen Malik killed 14 co-workers, before themselves being killed by Police. It's …

Facepalm

Sometimes I wonder...

...if all our paranoia surrounding all the mass surveillance going on is justified. On one hand, yep, it does suck for sure. But on the other hand, they can't even seem to take two steps forwards with any evidence provided to them (while supposedly being on the job sober) without tripping or otherwise fumbling around.

28
4
Silver badge

Re: Sometimes I wonder...

Their (real or not) incompetence is no reason NOT to be paranoid about the datagathering. In fact, I'd take their incompetence as a reason to worry MORE as the chances of a false hit and an innocent person suffering the consequences become that much higher.

42
1

Re: Sometimes I wonder...

Pretty much spot on, I'd rather not have to worry about people accidentally spunking my data out onto the net while they pore through it.

6
0
Bronze badge

Re: Sometimes I wonder...

Sometimes I wonder if people are idiots, iOS is obviously not unbreakable, FBI can crack this, but would rather apple made it easier for them to do so. (Cloning hardware for exsmple to get unlimited attempts),

Apple are playing games, and using this to get PR and make people believe iphones are secure.

Perhaps it's no longer the Jesus phone, its now the jihadi phone.

4
27
Anonymous Coward

Re: Sometimes I wonder...

The Apple F-91W...

1
0
Bronze badge

Re: Sometimes I wonder...

The movie "Brazil" nailed it: Sure, The Authorities are incompetent toss-pots relying on decrepit and crumbling infrastructure - but - they are still capable of hauling your ass in and torture you to death as required by Protocol (and even if they happen to get the wrong guy, and they know about this, it's just easier to go on with the torturing than to do the Non-Conformance Report ....)

35
1

Speculation?

"Along the way, it's been suggested that Farook's iPhone has proved hard to crack because authorities in the county of San Bernardino handled the Phone without thought to the ramifications of iOS' lockout features. If true, such bungling would rather dent the argument that vendors need to make life easier for law enforcement authorities."

That whole paragraph is suggestion and FUD.

Provide evidence to back up your copy or leave it out, you can do better El Reg.

1
88

Re: Speculation?

One thing I love about my fellow commentards is their ability to downvote because they have failed to comprehend my comment.

5
98
Happy

Re: Speculation?

I don't think you understand people.

I'm right, you're wrong.

End of argument.

1
79

Re: Speculation?

And you don't get the smiley?

Things are going downhill here.

1
77

Re: Speculation?

I wonder if I will get the record for most downvotes in a single post?

I want a moderator to let me know once you've all given your ill informed votes.

4
70
Silver badge
Pint

Re: Speculation?

Keef asked "...most downvotes..."

Nah, you have to denigrate Linux (which is a really stupid OS, by the way) to get lots of downvotes. In recent months, my best was:

"...your Master Boot Record was delicious." 7 thumbs up & 24 thumbs down

Good luck.

18
12

Re: Speculation?

A few facts about the City of San Bernardino and San Bernardino County:

The City is in bankruptcy.

They don't employ the sharpest pencils in the box because they can't afford the wage scale available in Los Angeles or Orange Counties [neighboring counties, less than 2 hours commute time] for people with high levels of technical training. In addition, San Bernardino in general isn't known for being attractive to technically forward companies. These companies generally locate on the west side of Los Angeles [near LAX] or in Orange County so there isn't a large pool of potential applicants.

San Bernardino has had a gang problem for decades, being used as a dumping ground for Los Angeles area gang bangers who have been court ordered to relocate outside of Los Angeles County. This has had a depressing effect on the entire area especially in the areas of amenities that technical workers are looking for in a community.

How do I know this? I live on the Mojave Desert, within northern San Bernardino County with a very large mountain range between where we live and the City of San Bernardino.

46
0
Silver badge

Re: Speculation?

Have an upvote for adding something new to the debate. Sorry for you to have to live in that county but as you say, there are some nice geographic features between you and them.

16
0
Silver badge

@Keef Re: Speculation?

I wonder if I will get the record for most downvotes in a single post?

I suspect your down votes pale into insignificance compared to Eden's!

11
1
Silver badge
Thumb Down

Re: Speculation?

One thing I love about my fellow commentards is their ability to downvote because they have failed to comprehend my comment.

Have a downvote for being a self-righteous cock.

I'd like to give you another downvote for caring about the downvotes and another ten for complaining.

68
2
Anonymous Coward

Re: Speculation?

One thing I love about my fellow commentards is their ability to downvote because they have failed to comprehend my comment.

The question is if that is really an inability to comprehend or you being incomprehensible. The general content of this site suggests the latter. Whining about it won't change that.

35
1
Silver badge

Re: Speculation?

Given the hack on the Mint website over the weekend it all depends on what you say about it because you might actually have a point. Unlikely but possible.

0
4
Silver badge
Trollface

Re: Most downvotes...

Naaahhh.... I think that record belongs to Martin milan with his 200+ downvotes...

3
0
Silver badge

Re: Most downvotes...

Naaahhh.... I think that record belongs to Martin milan with his 200+ downvotes...

That's amazing! At least he didn't start moaning about the down votes (or did he, too lazy to check).

5
0

Re: Most downvotes...

I'm don't think I read that to downvoted it. Pity it's too late to do it now.

0
0

Re: Speculation?

"Los Angeles area gang bangers"

*snigger*

3
2
Law

Re: @Keef Speculation?

"I suspect your down votes pale into insignificance compared to Eden's!"

You mean Eadon, or has a worse troll popped up from under the bridge? :(

I would have guessed Eadon too, but can't prove it as his entire el reg life was deleted by a vengeful (but just) moderator:

http://forums.theregister.co.uk/user/34672/

2
1
Anonymous Coward

Re: Most downvotes...

I'm don't think I read that to downvoted it. Pity it's too late to do it now.

That sentence doesn't parse 100%, but I assume you said you found it a pity you could no longer add to the downvotes. Well, this not the Guardian - you still can. I just did, just for entertainment's sake :)

3
1
Anonymous Coward

Re: @Keef Speculation?

"I suspect your down votes pale into insignificance compared to Eden's!"

You mean Eadon, or has a worse troll popped up from under the bridge? :(

What I don't get is that you keep bringing him/them up, and so continue to give these people oxygen AFTER they have been removed. FFS, shut up about them and move on.

3
3
Law

Re: @Keef Speculation?

"What I don't get is that you keep bringing him/them up, and so continue to give these people oxygen AFTER they have been removed. FFS, shut up about them and move on."

I didn't bring him up.

I think I've mentioned him twice since he was banned years ago - hardly counts as keep bringing him up.

Suggesting one of the worst trolls in El reg history when talking about who had the most downvotes is a pretty legit time to bring him up.

If trolls upset you that much perhaps the comments section of el reg isn't for you.

Maybe you should chill out a bit.

3
1
Happy

@Charlie Clark

I'd like to give you 10 upvotes, but El Reg limits me to one.

0
0
Anonymous Coward

there might be information on the phone

That seems like a very open statement to justify all future invasions of privacy. There appears to be no limitations on the particular request as to whether the person is alive or dead and sets a dangerous precedent to force manufacturers to unlock a device or make them vulnerable based on a presumption of guilt rather than innocence.

Yes I know that the particular individuals are dead and guilty as hell, but law being built on precedence makes this a risk to all. The following paragraph is also worrisome

The FBI worked with San Bernardino County to reset the iCloud password on December 6th, as the county owned the account and was able to reset the password in order to provide immediate access to the iCloud backup data.

How legally did the county own the account? On death doesn't the contents of account become owned by Apple? A few years ago I believe that it was mentioned widely that Bruce Willis had no ownership rights over his iTunes content so could not bequeath it in a will.

12
3
Silver badge

It's a county-owned phone. Farook didn't own it nor pay the account. Thus, the "account reverting Apple" wouldn't apply.

I'm suspecting that there may be some law action requiring that employees will need to supply their passwords on all company or government owned equipment.

Where I work, if an employee terminates, they can take the phone with them. If they choose not to, we ask for the login to unlock it and clean it for the next user. If the employee dies, we're up the creek and phone gets tossed.

16
0
Silver badge

@Philip Clarke

". . . to force manufacturers to unlock a device . . ."

No, it's worse than that - they wish to force the manufacturer to create a custom set of lock-picking tools for use by the government.

27
1
Silver badge

Re:"On death doesn't the contents of account become owned by Apple?"

I should bloody well hope not, but thanks for the heads-up. One more reason for me not to post anything on "the Cloud".

11
0
Silver badge

Irrespective of the circumstances, the requirement for a search warrant to search a cell phone, reinforced in Riley v. California in 2014, still rules. Granting of a search warrant does not carry with it a legal presumption of guilt; the legal presumption is innocent until determined otherwise by a guilty plea or a trial. The presumption for a search warrant is "reasonable cause," and is considerably more relaxed.

1
0
Silver badge

>On death doesn't the contents of account become owned by Apple? A few years ago I believe that it was mentioned widely that Bruce Willis had no ownership rights over his iTunes content so could not bequeath it in a will.

In the iTunes case you mentioned, the terms of the music licences meant that they couldn't be transferred to a beneficiary - the music licence in effect ceased (upon the death of the original buyer) and it didn't revert to Apple.

In any case, user's own data is covered by different EULAs than purchased music. If all data on a phone became the property of Apple, no company would allow iPhones anywhere near them - and we would have heard an almighty stink about it.

3
0
Silver badge

"There appears to be no limitations on the particular request as to whether the person is alive or dead"

This isn't an unmixed curse. At least it removes the incentive to ensure the phone user isn't a live suspect.

1
0
Silver badge

iHard

Except the Willis vs Apple suit was made up, even if it did make for an interesting discussion about Apple's T&Cs

1
0

County owned phone?

"It's a county-owned phone. Farook didn't own it nor pay the account."

Wait, so they are asking Apple to unlock a phone that they legally own? County purchased the phone and paid for the service? And Apple refuses? Sounds like Gov't agencies and businesses should be considering removing Apple from their approved vendor list until they provide a master key for their devices that the owners (not the employee users) can use to recover the device and data.

1
5
Anonymous Coward

Slippery, slippery slope

Might be guilty of something.....

Might contain some evidence.....

There is only one way to be sure...... TAKE AWAY EVERYBODY'S PRIVACY!

Back when people kept their private thoughts, hopes, wishes and affairs locked up in their minds and in paper diaries, the Constitution guaranteed that such information could not be snooped on by the authorities unless there was reasonable cause for suspicion and a warrant issued by a judge. There is reasonable grounds for suspicion here alright but now the perps and their victims are dead. What more can we possibly learn? Potentially ripping open everyone's cupboards to establish a case and find every last shred of potential evidence is not the way forward.

Apple, even if it can do this, will lose any credibility as a company that cares about its customers' privacy. The Feds and elected leaders have already lost this credibility and continue their downward spiral and race to the bottom. People are getting increasingly pissed off, losing trust and feeling bad. That is the real problem, and it won't be fixed until people feel reasonably safe again. Stuff like this definitely doesn't help.

As is stands, privacy is pretty damn precarious today. People walk around with their entire lives stored on electronic devices, inside emails, and so on. They should be able to protect this data against official prying eyes by any means available, unless they are being arrested. This needs to be re-established as a principle and respected by law enforcement and government reps. The government doesn't need to have eyes everywhere, no one does.

The principle that our data is still private, secure and personal and deserves constitutional protection is what is at stake here. We can always justify a little less privacy for a little more security. Then one day we can all wake up with no privacy and probably no security either. We make trade-offs to remain free and conduct lives without fearing excessive government interference, over reach and meddling in our private sphere.

Even without the the legal and technical difficulties raised by the FBI's case, this trade off question alone is sufficient reason to throw the case out and prevent the establishment of another dangerous precedent.

The FBI thinks it will learn something from this company phone. All they ask in return is irreparable damage to a global company's reputation and weaker security for everyone's private data.

This is bat shit insane and has to stop. I know it is an election year, but this is not a trivial problem here.

The sooner the control freaks understand this, the sooner we might get some sanity into the debate. Right now, we are descending ever faster into cloud cuckoo land and it is only getting worse.

10
1
Anonymous Coward

Re: County owned phone?

Wait, so they are asking Apple to unlock a phone that they legally own?

This is not like asking Mercedes to unlock a car, it's a bit more complicated than that. It's more like buying a super secure safe which has all sorts of countermeasures installed to protect the valuables you bought it for, and you're demanding the manufacturer breaks in because you were stupid enough to change the combination without looking.

County purchased the phone and paid for the service?

They paid for a secure device, because the county has an obligation to protect its information too. Now someone else has set the password, all of a sudden all that security is a problem. The bit they seem to forget is if this phone is indeed broken, they can't trust any of the other phones they bought anymore either.

Worse, with the precedent this sets they will have to buy abroad to get any secure phones, because the precedent would give any agency the leverage to pretty much harrass any tech company to death.

So, maybe this is an attempt to sponsor Sailfish or Jolla? The problem there is that this would amount to harming US interest to benefit parties abroad, and I think I've once heard the word "treason" mentioned if such happens. Kinda ironic to see the US legal system do that to itself..

4
1

Re: County owned phone?

The county paid for a popular phone. Doubtful anything county related was super secret and requires a high level of encryption. This is being played out as privacy rights, but I doubt the employee actually has any right to privacy on this phone from his employer. Even if he hadn't gone on a shooting spree of his co-workers. I know that my employer has the ability to read my corporate emails, log my corporate IM, logs/proxies all my Internet activity, and can access anything on the encrypted drive of my laptop. Some businesses record phone calls on the company PBX. This is more about property rights. The county owns the equipment, not the employee.

I personally think Apple sees this as a 'slippery slope' concern. They don't want to be deluged with subpoenas from a bunch of different LEAs with varying technical capabilities. This time they are being asked to turn off a couple security items, next time it could be 'decrypt this for us'. Some have mentioned that Apple is concerned about their 'unbreakable' image and the affect on sales. I doubt that there are many mainstream people out there that are going to be worried that law enforcement can get a subpoena and unlock their phone. There are no protests over CALEA, and it has been in place since 1994.

Regardless of what eventually happens, I still think gov't/corporations who purchase corporate assets should require that the vendors provide them with a method of accessing those assets regardless of what the employee does. Those assets are owned by taxpayers and shareholders. Suppose an employee changed the locks on a company car. Should the automaker/dealer refuse to register a new key for the owner? (this is similar now that keys have RFIDs and software that control whether the actual key functions)

0
1
Silver badge

@HereIAmJH -- Re: County owned phone?

Doubtful anything county related was super secret and requires a high level of encryption.

As I recall, he worked for one of the health type departments which necessitates following HIPPA. And that opens up another can of worms. If the phone were lost, then other people's private heath information would be accessible to anyone who picked the phone up.

Boils down to "screwed if you do, screwed if you don't".

4
0
Anonymous Coward

Re: County owned phone?

Regardless of what eventually happens, I still think gov't/corporations who purchase corporate assets should require that the vendors provide them with a method of accessing those assets regardless of what the employee does.

It does - that's what MDM is for. However, you can't blame Apple if an idiot in your organisation screws it up, which is what happened here.

1
1

@ mark85

Where I work, we use a mobile device management system so that if a user forgets their unlock codes, or returns a device to us when they leave, but fail to tell us the code, we can remotely unlock the device / clear the password.

Our devices are Android, but the system we use supports iOS, I believe it does this by installing a profile on the iOS device. I did some testing with my personal (iOS) device and it lets you add and remove apps, and change settings, set up email accounts, so I wouldn't expect unlocking to be out of the question......

1
0
Silver badge

"That seems like a very open statement to justify all future invasions of privacy. "

Well, frankly, if you go out and murder a bunch of people, I think your rights to privacy have just been cancelled. OK?

0
4

@Mark 85

If it's a company owned phone and you can't recover the phone for a dead person, you're using the wrong software to secure the phone. We use MaS360. One of it's components is that the user can reset his PIN, but I'm sure there are other ones out there. The process requires access to his email account. You go to the website, request the PIN reset, reset the PIN. The next time the phone synchs the PIN updates.

Yes, the software needs to be installed before hand. Yes, if they use a personal email account instead of a company issued one you're still out of luck.

2
0

Re: Slippery, slippery slope

No slippery slope here.

They WERE guilty of something, and died while committing the crime. Their phone is thus evidence and Apple DOES have a civic duty to make all reasonable efforts to provide the data. Given the limits on the modification the government has requested, the effort is certainly reasonable.

0
2
Anonymous Coward

Re: Slippery, slippery slope

No slippery slope here.

They WERE guilty of something, and died while committing the crime. Their phone is thus evidence and Apple DOES have a civic duty to make all reasonable efforts to provide the data. Given the limits on the modification the government has requested, the effort is certainly reasonable.

You're deliberately avoiding the consequences this has in US law because that would seriously undermine your own argument.

Due to the way US law uses precedent as a method not having to go through the same arguments every time, this order being successful would AUTOMATICALLY result in this becoming precedent, or - expressed in language you can maybe comprehend - an easier route to getting permission for this again and again. Thus, the "this is a one-off" claims are quite simply false and as far as I can tell (based on the expected legal expertise of the people making that statement) potentially wilfully misleading.

By its implications, the request is not quite as "reasonable" as both the court and the FBI wants us to believe, but you knew that or you would not have carefully omitted it from your multiple posts.

3
0

Re: County owned phone?

It's not like the car example, they can reset the phone and use it again, but that will wipe the data. If a company wants to keep control of company phones they should be using something like Blackberry with their own server. If they buy consumer phones, or do BYOD then they can't expect to have full control.

0
0

This is despicable.

The most depressing and worrying aspect of the widespread support for Apple in this case is that it reflects very clearly the complete collapse of trust in the government and law enforcement agencies that has occurred in recent years.

If the people cannot trust their government to do the job for which it exists - to protect them and to promote their common welfare - all else is lost.

- B. Obama

Non-cooperation with evil is as much a duty as cooperation with good.

- M. Ghandi

(ask yourself where the "evil" lies in this case)

Then again, by way of balance, we perhaps should also consider:

Love your country, but never trust its government.

- R.A. Heinlein.

39
1
Silver badge

Re: This is despicable.

Why is a lack of trust in the government and law enforcement depressing? They have only themselves to blame - in particular the course of action that they decided to pursue after 9/11 where they said "screw the Constitution, we want access to everything without warrants or review".

Fortunately Snowden opened our eyes to what was going on, so we (and companies responding to what consumers want) can take steps to block them from doing this. The change Apple made in iOS 8 to hold the key to unlock an iPhone only on the phone was made in response to that. Previously Apple held a copy of the key, to help their customers who forgot their password or needed to unlock the phone of a decreased relative or whatever, but the way the government was acting thinking "all data are belong to us" meant this was no longer tenable.

49
2
Silver badge

Re: This is despicable.

If the people cannot trust their government to do the job for which it exists - to protect them and to promote their common welfare - all else is lost. - B. Obama

And that being the case, all is lost.

18
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017