back to article US DoJ files motion to compel Apple to obey FBI iPhone crack order

The US Department of Justice has today filed a motion compelling Apple to comply with a court order to help the FBI break into a killer's iPhone. On Tuesday, a magistrate judge in central California granted an order filed by the Feds that requires Apple to reprogram San Bernardino murderer Syed Farook's smartphone with a …

Page:

  1. bruceld

    If this was the dubya era...dubya would be ripping the freshly unencrypted apple device from Tim cooks boney shriveled hand.

  2. d3vy Silver badge

    So, the guy destroyed two other phones, the only remaining phone is his work phone.

    I'm willing to put money on it that there is nothing on that phone, because if it was me I'd not use my work phone which my work could take away at their whim to plan anything. If he has anything on it worth seeing then there would have been three destroyed phones.

  3. Anonymous Coward
    Anonymous Coward

    Today your Iphone

    Tomorrow it will be your brain.

    1. Mark 85 Silver badge

      Re: Today your Iphone

      They're getting close to it. Consider Google, Facebook, and Microsoft's attitude. We are owned, we just don't really know it.

  4. Bota

    Just set a custom pass code to something with more than 10 digits.

    See you in court, 125 years later ;)

  5. J J Carter Silver badge
    Boffin

    Back in the day...

    Just as well Alan Turing didn't throw a hissy-fit over cracking the Enigma code!

  6. J J Carter Silver badge
    Holmes

    Porridge time!

    Sharing a cell with Bubba up at the super-max penitentiary may change Cook's mind!

    1. Anonymous Coward
      Anonymous Coward

      Re: Porridge time!

      Cook might LIKE that, you never know

  7. This post has been deleted by its author

  8. thx1138v2

    Chain of evidence

    I'm not exactly sure about this but I don't think Apple can break that phone because the FBI can't turn the phone over to Apple without breaking the chain of evidence. That means that Apple would have to turn the software to unlock the phone over to the FBI with instructions about how to perform the procedure.

    If that is correct and considering that the government's demonstrated lack of security on their own networks that are hacked on a fairly routine basis it wouldn't be long before that code was turned out into the wild.

    Someone correct me if I'm wrong about the chain of evidence issue.

    1. Roland6 Silver badge

      Re: Chain of evidence

      Agree there are chain of evidence issues. The first one is confirming that if as some have suggested the phone has been 'updated' over-the-air whilst 'locked' (passcode changed) then it would need to be established that such updates haven't altered the contents of the phone. Secondly, it would need to be established that the Apple update doesn't change the relevant contents.

      I would expect that to 'safeguard' the chan of evidence, the phone will either be escorted or a room will be used at Apple so that the modified software and phone don't actually leave Apple during the investigation. Interestingly, this aspect of the case doesn't seem to have been covered. Because on cpompletion relevant systems and phones would need to be destroyed so as to protect Apple's existing security.

      1. Mark 85 Silver badge

        Re: Chain of evidence

        Supposedly according to some reports, this is exactly what the FBI offered. On Apple's premises, with an agent to monitor 24/7. Apple would hand over the data and then clean the phone and return it to the FBI for the evidence chain. The problem is there's so many conflicting reports floating around. Which ones do we believe?

        1. SolidSquid

          Re: Chain of evidence

          Actually, even if Apple were to agree to this, the chain of evidence issue still applies. Are the FBI going to fully audit the software Apple provides before running it? *Can* they fully audit it with the device still locked, since they won't know for sure what it'll be interacting with? If no to either, can anything on the phone be considered evidence any more, given they ran software which could potentially have modified data on it?

      2. gnasher729 Silver badge

        Re: Chain of evidence

        About the "Chain of evidence": All the data on that iPhone is encrypted. That means two things: You cannot read it (or more precise, you can read it but all you get is encrypted data that looks like garbage), and you cannot write it (or more precise, whatever you write will look like garbage). The firmware update wouldn't unlock the phone yet, so the firmware update, if done incompetently, could destroy data on the phone, but it couldn't write false data.

        But remember that the perpetrator is dead. He will never go to court, he will never be convicted. The FBI wants information about other people. They won't need anything on the phone for evidence. They won't arrest someone because their phone number is on this phone. They may get observed because of it, and then evidence may or may not be found.

  9. psychonaut

    due process

    isnt it as simple as

    apple say that the encryption cant be breached. as usual for apple, they are correct, even if its not true.

    court says you have to help having followed due legal process.

    apple say its not possible / we wont do it (same thing)

    apple cannot say anything else because then they are shown to have lied and lose face / customers / reputation.

    its not like the court are saying "make a back door for every phone". they are saying "if its possible, which it looks like it is, then you must help if a court has decided that it is relevant in this case".

    technically i suppose, if there is a backdoor creatable for one phone, then it could in principal be applied to every iphone (pre the soc encryption) , but i dont think this is the same thing. it can only be applied to another phone if a court decides that it is legal to do so.

    i dont understand why this means that freedoms are under attack. isnt it the same thing as wire taps - (should) only be available to law enforcement if a court decides its applicable? (im not saying they havent abused this as per 5 eyes etc etc, but the principle of the thing remains - i dont understand why it isnt the same situation)

    1. Charles 9 Silver badge

      Re: due process

      "technically i suppose, if there is a backdoor creatable for one phone, then it could in principal be applied to every iphone (pre the soc encryption) , but i dont think this is the same thing. it can only be applied to another phone if a court decides that it is legal to do so."

      The emboldened part is exactly the issue. If Apple is compelled to do it and complies, it opens a can of worms because it becomes a proof of concept. And note that the government cannot really be trusted these days, so once they know it's possible, what's top stop them asking for more cracks, only THIS time using the secret "can't tell anyone you're being investigated as we don't really exist" courts. Not only that, being legally compelled to perform an assertive action (like writing code) provides legal precedent for compelling Apple to lie about any warrant canaries (they could use national security statutes to trump fiduciary duty).

      1. psychonaut

        Re: due process

        but the proof of concept is already here (or near as damn it). apple can change the firmware on the phone. its doable. it just hasnt been done yet, but it is possible.

        just like its doable for them to tap your phone (and legal i believe if there is a court order)

        1. Charles 9 Silver badge

          Re: due process

          Change the firmware without user intervention? When was that demonstrated on a locked phone?

          1. psychonaut

            Re: due process

            i thought that had been said already - firmware update via usb (only from what ive read - i dont actually personally know that to be doable)

            1. Danny 14 Silver badge

              Re: due process

              I doubt the firmware update will be via the front door. Apple JTAG-esq updates more likely.

  10. J J Carter Silver badge

    Securidee theatre, people!

    Let's get real. The NSA has the decrypt tech and/or can legally compel any US company/citizen to covertly co-operate or face jail-time sharing a cell with Bubba. And they do jail time for admitting they've covertly co-operated.

    Why the Feds took this into the public-domain is anyone's guess, more likely that not it's a turf-war with another TLA.

  11. hotdamn

    There's nothing private about that phone. I belongs to the county and is public. Apple is making a big stink out of nothing.They are making a stand that will lose.

  12. Anonymous Coward
    Anonymous Coward

    A lot of fiction here :(

    Apple release phone X. Said phone will only permit updates which are signed by Apple iOS Whatever CA. At the time of the phone's release the future software direction will not be set in stone.

    They're mostly right when they say they can't decrypt the data, however they have the catch-all license to cheat - since they hold the private key for signing future iOS releases and can target it at specific IMEIs, Apple could quite easily sign a custom iOS for this particular phone and upgrade it. Once that's done, brute force it as long as you like and it won't wipe.

    It's all very well saying Apple can't decrypt it, but they hold the keys to the kingdom and can move the goalposts any time they like.

    1. psychonaut

      Re: A lot of fiction here :(

      agreed - they could choose to write an update that bricked the phone (error 53 anyone??) or just make it so that it only plays snake. or make it look like windows 8 or whatever.

      they could also choose to get that update to not restrict the number of password guesses and to change the amount of time between guesses. its all the same thing. you can either change the code or you cant. once you can change the code of the os and get it to update, you can do anything you want.

      afaik (just from the stuff ive read) , they can get it to update to a new custom version of ios from a usb update

      they dont have to release that into the wild, and they could destroy it after it is written. they could kill the guy who wrote it. they could tie it to that phones serial number. all the rest is details. i dont see why it is such a problem. the only problem is it means that if a court orders it, apple could unlock anyones iphone 5c (but probably not the later variants with the soc security). it just makes apples stance of "its totally secure" to be proved false.its the reality distortion field at work again.....holding it wrong...holding it wrong...(echo to fade....)

    2. gnasher729 Silver badge

      "There's nothing private about that phone. I belongs to the county and is public. Apple is making a big stink out of nothing.They are making a stand that will lose."

      The problem is that you don't actually understand what this is all about. It isn't about the perp's data. Apple has delivered all the data that was available on iCloud for example, which included a six week old backup with all the data of the phone. Phone operators have delivered lists of phone calls that were made with the phone. The phone belonged to the county which should have the passcode to access the phone.

      The problem is that the FBI asks Apple to create a firmware update with the potential to destroy the iPhone security for every iPhone in the world, including the iPhones of police officers, fire fighters, army personnel, hospital workers, politicians, undercover agents, and so on and so on.

  13. stuff and nonesense

    Police/Feds looked in the wrong place..

    Don't know if it has been said BUT the phone was in posession of the perp however it belonged to the health department.

    Surely the police can subpoena the health department and the health department as the owners of the phone ask Apple for help...

    1. Danny 14 Silver badge

      Re: Police/Feds looked in the wrong place..

      how can they help? I give people phones here at work, they password it and I can do little other than request a remote wipe. I cannot unlock the phones without the password.

      1. Charles 9 Silver badge

        Re: Police/Feds looked in the wrong place..

        Can't you install administrative software onto the phones so that you CAN override those passwords?

  14. Anonymous Coward
    Anonymous Coward

    If Apple is forced...

    They should program the phone to appear to be securely wiping the memory, while playing a funny tune, then - after minutes of torture - print on the screen, 'Just kidding' and carry on as directed

    Because it'd be funny.

  15. Anonymous Coward
    Anonymous Coward

    Anyone posted this yet?

    Applicable cartoon..

    https://pbs.twimg.com/media/CbqPx0bWIAEC5vO.jpg

  16. Supa

    Chris

    "It's believed the pair have possible links to terrorists abroad."

    I thought it was the US government that had links to terrorists abroad...

  17. razorfishsl

    By the power of Christ I compel you.......

  18. Oengus Silver badge

    Custom iOS

    I wonder how much Apple would charge me to create a custom iOS?

    Maybe the FBI are approaching this the wrong way.

    Create a specification for a custom version of iOS with the requirement to allow agents to access each others phones in the field. The OS needs to be installable from any Agency computer onto any iPhone, connected via USB, whose IMEI (or Serial No or other unique identifier) is on the FBI central phone database. It can only be installed via USB/Lightning when connected to the FBI network with access to a "licensing" system. Updates can only be done when connected to the FBI network.

    Of course Apple can provide a quote for the job and make the cost high enough to be financially attractive. If the FBI accept the quote and meet the terms of the quote Apple will do it. Because it is a "commercial in confidence" transaction the details will never be revealed. Apple will have their commercial integrity intact. The FBI will have their iPhone access. All parties will be happy. The public will never know they are being fleeced...

    Of course Apple will have a new revenue stream creating Custom iOSes and charging annual maintenance fees to keep them up to date.

  19. Anonymous Coward
    Anonymous Coward

    It's less of a hack

    It's just a peek really

    - Fabulous Bumbling Idiots

  20. Anonymous Coward
    Anonymous Coward

    Infamy, infamy!

    They've all got it in for me!

    - Tim

  21. Anonymous Coward
    Anonymous Coward

    Hmmmmm

    If he destroyed his other phones but didn't break his work phone, doesn't that mean that the bad stuff was probably on the broken phones?

    This is just a fishing exercise for extended rights, masquerading as public 'safety'.

    Assbadgers

  22. athame

    A whole new angle on being locked into Apple

    Hmmm - so Apple worked so hard to keylessly encrypt customer data that once locked out they can't do anythng about it? Yep I'd call that a PR coup but it may also be highly likely and true.

    What if Apple just say they can't? OK it means Apple may appear stupid on one level but it gets them off the hook and it's as good as "won't",

    Anyway if the NSA is so great at snooping and catching "tersts" (Yes that's single vowel American speak for what we Brits call Ter-ror-ists) why don't the Feds just ask them to do it?

    I can picture it now ... unwilling hackers strapped into chairs and receiving electric shocks, waterboarding and sleep deprivation for everyline of unsuccessful code they write and finally rewarded with a Texas burial...

    A bit like how it may have been for those programming the original Mac under the harsh tutalage of the late SJ. ;-)

  23. Unbelievable!

    It will set a precedent. Whether known or not..

    ..all software houses will now become a target of GCHQ/NSA "secret techniques" so that such places cannot hold the arm up the back of the legal requestor for the future. Such agencies won't ever need to 'ask' again. :(

  24. This post has been deleted by its author

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019