back to article Apple fires legal salvo at FBI for using All Writs law in iPhone brouhaha

Apple has filed a motion to effectively bin an earlier court order forcing it to help the FBI break into a San Bernardino killer's iPhone. The Cupertino giant said the Feds' demands were a "wild overreach" and would grant the US government a "dangerous" power. The extensive motion to vacate [PDF] tears apart the FBI's claims …

  1. Someone Else Silver badge
    WTF?

    Comey, the Master of Overreach

    Comey bleats:

    But then I step back and say law enforcement, which I'm part of, really does save people's lives, rescue kids, rescue neighborhoods from terrorists, and we do that a whole lot through court orders and search warrants of mobile devices. So if we're going to move to a world where that is not possible any more then the world will not end, but it'll be a different world.

    Such rhetorical garbage, "a world where that [the ability to save people's lives , rescue kids, rescue neighborhoods from terrorists] is not possible". Such hyperbole (as John Fugelsang aptly points out, those that engage in hyperbole are worse than Hitler) is of course bullshit, but stock-in-trade for those like Mr. Comey.

    Mr. Comey, please go and humbly ask any of the other TLA agencies (especially the one whose acronym starts with 'N') as to how impossible it is to "save people's lives, rescue kids, rescue neighborhoods from terrorists, blah-de-blah-blah-blah"...er... decrypt a piece of encrypted text. You may be surprised by their answer. Or not.

    1. Anonymous Coward
      Anonymous Coward

      Re: Comey, the Master of Overreach

      Hereby invoking Godwin's Law...

      1. h4rm0ny

        Re: Comey, the Master of Overreach

        I for one am sick to death of people thinking that "Godwin's Law" posts are either especially insightful or deeply witty. Please! Can we just get through a single thread without a bunch of people waiting to leap in and go "GODWIN'S LAW!"

        You know what Nazi Germany was, by the way? State-managed corporatism. I.e. if the ruling party said 'do something', a company better do it regardless of whether they received adequate payment or if it was just a legal requirement. Not unlike the US government telling Apple they must develop new firmware just because the FBI wants it.

        1. Fred Flintstone Gold badge

          Re: Comey, the Master of Overreach

          I for one am sick to death of people thinking that "Godwin's Law" posts are either especially insightful or deeply witty. Please! Can we just get through a single thread without a bunch of people waiting to leap in and go "GODWIN'S LAW!"

          Calm down, and read this, it's Friday.

          You're welcome :).

        2. Anonymous Coward
          Anonymous Coward

          Re: Comey, the Master of Overreach

          "Nazi Germany"

          This. So much This.

          Also the former Soviet Union, North Korea, China, and a host of other dictatorships, that mr Comey conveniently fails to mention as precedent of what is suggested here.

          Comey is a freakin communist who hates freedom and free enterprise, a bureaucrat without soul.

          The threats to our children ("terrorists will get them unless you do as i say") is outright disgusting, and the man should be thrown in jail just for that.

          1. Anonymous Coward
            Anonymous Coward

            Re: Comey, the Master of Overreach

            Can we at least accept that Godwin is an unashamed troll? And a good one at that?

      2. Someone Else Silver badge
        Facepalm

        Re: Comey, the Master of Overreach

        Hereby invoking Godwin's Law...

        Perhaps, my dear Coward, you might consider reading the entire post, instead of merely scanning it for keywords...and perhaps also read up on what Godwin's Law really says. If you had done either of these, you'd see that this is not an instance of Godwin's Law at all. The good Mr. Fugelsang was engaging in irony, as the phrase "is worse than Htiler" is itself hyperbole.

        Sheesh!

        1. Anonymous Coward
          Anonymous Coward

          Re: Comey, the Master of Overreach

          Perhaps he/she/it was just bored of your ranting and wanted you to shut up? Just sayin'...

    2. James 51 Silver badge

      "rescue neighborhoods from terrorists"

      Shouldn't this be drug dealers or gangs? I think the <insert enemy du jour> didn't quite scan here.

      1. Mage Silver badge
        Big Brother

        Re: "rescue neighborhoods from terrorists"

        Unsocial behaviour, gangs, corporate greed, personal greed, lack of GOOD government regulation, drunkeness, bad driving, un-controlled guns, over-eating, drug dealers, theft, weather, flu etc are all far worse threats than Terrorists. Esp. in USA.

        Apart from "9-11" how many people on USA soil have been killed by terrorism or even war since 1916 (last 100 years)?

        1. Bob Camp

          Re: "rescue neighborhoods from terrorists"

          The word "terrorism" has such an overly broad definition in the U.S. now that this act is considered an act of domestic terrorism. Pretty much any random shooting incident involving several people is considered to be a terror attack. The phone's owner is therefore a terrorist.

          Besides, many people were killed at Pearl Harbor and that was a U.S. territory at the time. So to answer your question, at least 1,117 have died on U.S. soil.

          1. Splork

            Re: "rescue neighborhoods from terrorists"

            Your definition gives 1,117 have died over the 100 years apparently ignores 9-11. But let's say it was 10 times more making it 12,000 over 100 have died from "terror" attacks. Compare that to this statistic I found with a quick search:

            "There were 30,057 fatal motor vehicle crashes in the United States in 2013 in which 32,719 deaths occurred. This resulted in national motor vehicle crash death rates of 10.3 deaths per 100,000 people and 1.11 deaths per 100 million vehicle miles traveled.

            Fatality Facts - Insurance Institute for Highway Safety"

            I believe we can safely infer that a "terror" attack is one of the less probably ways out of a million ways to die in the west...

    3. Anonymous Coward
      Anonymous Coward

      Re: Comey, the Master of Overreach

      I had a "motion to vacate" just after breakfast this morning.

  2. Doctor Syntax Silver badge

    If at the end of the legal process Apple is required to do this they still have the option of carefully selecting a suitable employee http://dilbert.com/strip/2011-09-04

    1. thx1138v2

      Love that Dilbert. Of course they could give Wally three more people to help him gather and correlate the data and then they could have it in six months or so.

      1. I. Aproveofitspendingonspecificprojects

        All the way through the article I was stopped from concentrating on it by wondering who it was that got mind wiped Mat Damon, Ben Afleck or -who was the other one?

        Anyway once the sooooper-cool nerds divine their duty, do they get terminated or isolated?

        Or a long stay in a country far far away?

  3. Brian Miller

    "the world will not end"

    "So if we're going to move to a world where that is not possible any more then the world will not end, but it'll be a different world." -- James Comey

    So he knows that the world will not end. And he also bloody well knows that first, the FBI is at fault for this problem, and secondly that very probably there's nothing on the device regarding terrorism. Did the Paris shooters use any encrypted technology? No, it was all normal messages.

    No, the world will not end. And it will be the same world.

    1. Anonymous Coward
      Anonymous Coward

      Re: "the world will not end"

      No, the world will not end. And it will be the same world.

      Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent.

      If Apple win this one then it officially becomes easy for a terrorist network to operate clandestinely before and after such atrocities as San Bernadino, with compartmentalisation provided and guaranteed by iPhone. Anyone else out there think that is a bad idea?

      The problem with this debate is that the loud majority selfishly assume that something bad will never happen to them. They even expect and demand law enforcement agencies prevent it. You do know what zero policing results in, don't you? The FBI an other law enforcement agencies must be close to giving up wasting their time.

      One wonders what Apple's attitude would be if Tim Cook had been personally affected by San Bernadino.

      The strength of a society can be measured in how well it adapts to new things and new threats. If the US cannot reconcile the need for effective policing with the expectations of the population then unfortunately events like 9/11, San Bernadino and Oklahoma City become more likely, not less likely.

      Oh, and changing th iCloud password is a good idea. It prevents an accomplice deleting data.

      1. John Robson Silver badge

        Re: "the world will not end"

        "Oh, and changing th iCloud password is a good idea. It prevents an accomplice deleting data."

        Do you really think that Apple deletes data when you ask for it to longer be on your cloud storage?

        1. Andy 66

          Re: "the world will not end"

          Changing the icloud password prevented remote deletion of the iphone's contents through logging into icloud.com->erase iphone content.

          However, apple's response on that is interesting - if changing the icloud pass prevented auto-backup of information, then shirley the iphone already created a backup before the pass was changed. Ergo, apple has the required info in it's icloud storage servers.

          It also begs the question, what exactly is backed up from an ios device apart from the small number of items checked/unchecked in settings->iCloud that can be useful for law enforcement

      2. James 51 Silver badge

        Re: "the world will not end"

        "nearly impossible to investigate and harder to prevent." Makes you wonder how Irish Terrorism didn't take over the world in the 70s.

        1. Mage Silver badge

          Re: "the world will not end" Irish Terrorists

          Despite being funded by naive people in USA and supplied by Libya. (Early before the Provos (current SF & IRA) split with officials, the Russians did help them a bit, inc blowing up NATO microwave links in N.I.).

          I'm implacable in my disdain for Apple Marketing and Pricing, but I'm on their side on this one.

        2. Lysenko

          Makes you wonder how Irish Terrorism didn't take over the world in the 70s...

          There never was any. Not according to the FBI[*]. The phrase you were searching for is: "Heroic Freedom Fighters".

          A segment of the US population were/are still so obsessed with their revolution that they're ambivalent at best about British soldiers getting blown to bits. Plus there are lots of votes to be had around Boston.

          [*] Neither the FBI nor the State Department ever registered the IRA as a terrorist organisation.

        3. Mark C 2

          Re: "the world will not end"

          Which Irish terrorism is that then? Or do you mean IRA terrorism - idiot.

        4. Raoul Miller

          Re: "the world will not end"

          Especially since that flavor of terrorism was almost entirely funded by the USA.

          In a great irony, one of the loudest (and most ignorant) proponents of strong action against brown people "terrorism" was actually a major fund raiser for the IRA throughout the 1970s, 80s and 90s - Rep Peter King, a staunch Republican in both the US and Irish meanings of the word (https://en.wikipedia.org/wiki/Peter_T._King#Support_for_the_IRA )

      3. Allan George Dyer Silver badge

        Re: "the world will not end"

        Hey, atrocities are already nearly impossible to investigate and harder to prevent.

        Worse, if this backdoor is developed, it will be impossible to stop it from getting out. What the FBI has today, totalitarian governments will have tomorrow, well-funded terrorists will have next week and criminals will have next month. Success against these terrorists will be founded on defeating the ideology of extremism: persuading people that killing doesn't make the world a better place.

        Actually, instead of changing the iCloud password, wouldn't a much better idea be backing up the data then waiting for someone to access/delete it and tracing them?

      4. BoldMan

        Re: "the world will not end"

        >Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent.

        What a load of unmitigated bollocks!

      5. Anonymous Coward
        Anonymous Coward

        Re: "the world will not end"

        Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent.

        If Apple win this one then it officially becomes easy for a terrorist network to operate clandestinely before and after such atrocities as San Bernadino, with compartmentalisation provided and guaranteed by iPhone. Anyone else out there think that is a bad idea?

        You have absolutely no idea what you're talking about, or how terrorist activity is ACTUALLY monitored. About 80% of that is not about data, but about META data, information, I may add, which the FBI even has uncontrolled access to and on which basis the NSA actually issues kill orders to drones. In addition, you seem to forget that the security you want to break on pretty much a global basis (because that's what you get with backdoors) is the EXACT SAME security that prevents the criminal organisations that fund terrorists from stealing your money, and which protects the informants that brief us on what they're up to at great risk to their lives.

        What is attempted here will benefit few, but will harm so many that the people attempting this should be locked up for crimes against humanity. Even terrorists won't be able to cause harm on such a large scale.

      6. Anonymous Blowhard

        Re: "the world will not end"

        "Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent."

        Good job you're AC; the "C" is particularly apt, given your fear of "any atrocity affecting you personally".

        But be realistic, this isn't about saving any meaningful number of American lives; the odds of being killed by a terrorist in the USA or Western Europe are vanishingly small, like one in fifty million per year. The FBI are trying to push terrorism as a major thing that's worth spending tens of billions of tax dollars on, but the number of Americans killed by dogs in 2015 is twice the number killed by terrorists on American soil, so shouldn't the Federal Dog Catchers have twice the FBI's budget?

        The TLAs have been hyping terrorism since the end of the cold war as a way of justifying their increased budgets; they won't be happy until every tax dollar is spent on "anti terrorism" and the US economy exists only to fund their fantasies; fear is their main tool in controlling public opinion on this, and they need to keep this centre stage as much as possible.

      7. Domquark

        Re: "the world will not end"

        "Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent."

        AC, you are a twat!

        In 1996, the IRA bombed Docklands (for all of you who don't know, it's a business district in London). Two people where killed. I knew those people, so that atrocity DID affect me personally. The bomber was caught, not by breaking into his iPhone (they weren't invented yet), but good old-fashioned Police detective work.

        You may have grown up in a nice safe environment, but believing that cuddly place will remain forever by giving security agencies carte blanche is nothing short of delusional.

        You may remember this in 20 years time, when jack-booted storm troopers are kicking down your door (enforcing your new world order of things) because you farted in the wrong direction.

        "Power tends to corrupt, and absolute power corrupts absolutely" - John Emerich Acton

        "It is better that ten guilty persons escape than that one innocent suffer" - William Blackstone

      8. Someone Else Silver badge
        FAIL

        @ yet another AC -- Re: "the world will not end"

        If Apple win this one then it officially becomes easy for a terrorist network to operate clandestinely before and after such atrocities as San Bernadino, with compartmentalisation provided and guaranteed by iPhone. Anyone else out there think that is a bad idea?

        Considering the alternative implied by your rhetorical device, no I don't.

        Next question?

        Oh, and BTW, it seems that it is already "easy for a terrorist network to operate clandestinely"; ref. Paris/Charlie Hebdo...where no encryption was required nor desired.

      9. John Brown (no body) Silver badge
        Facepalm

        Re: "the world will not end"

        "Except that it will be a world where any atrocity affecting you personally will be nearly impossible to investigate and harder to prevent."

        How is that different to now? Pretty much every significant terrorist attack of at least the last five years have been committed by people the various security services have later admitted to already knowing about. How will backdooring an iPhone help?

  4. Uffish

    " rescue neighborhoods from terrorists"

    Is this the USA he's talking about? Does it mean yet more refugees if Apple won't unlock that damn iPhone?

    1. tekHedd

      Re: " rescue neighborhoods from terrorists"

      Saw what was written.

      Heard: "We're the good guys: give us unlimited power."

  5. Anonymous Coward
    Anonymous Coward

    Image a US where a suspect did not have the fundamental right to self incriminate themselves.

    People are regularly butchered into confessing.

    Then along comes a law where they get that right.

    Followed by the predictable bleating of law enforcement that they have their hands tied behind their backs. "How can they possibly convict people if they can't compel suspects to incriminate themselves?"

    Funnily enough, the sky didn't fall down and the world didn't end.

    1. Anonymous Coward
      Anonymous Coward

      coercion in the US is easy

      When even fairly minor crimes have life sentences as the max possible jail term and Prosecutors ALWAYS go for the MAX. Then the plea bargin farce takes place.

      The crim is left with a stark choice

      - Do not incriminate yourself and face life without parole

      - Reveal all and possibly get out in 15-20 years.

      Faced with that choice... which one would you go for?

      Prosecutors (District Attourneys) have to appear ultra tough because they need to get re-elected every few years, just like the Dog Catcher...(wtf). That is politicizing the justice system.

      IMHO Justice needs to be Politically Agnostic. It must follow the law not the current politicial whims.

      Just one of the things about the USA that is totally screwed up.

      1. h4rm0ny

        Re: coercion in the US is easy

        >>- Do not incriminate yourself and face life without parole

        >>- Reveal all and possibly get out in 15-20 years.

        >>Faced with that choice... which one would you go for?

        The only logical one: Revolution.

        1. Anonymous Coward
          Anonymous Coward

          Re: coercion in the US is easy

          They tried that once before. Look what it got them!

          1. Anonymous Coward
            Anonymous Coward

            Re: coercion in the US is easy

            They tried that once before. Look what it got them!

            Well, they're not in the EU so it wasn't a complete disaster :)

    2. Anonymous Coward
      Anonymous Coward

      That right implies law enforcement agencies have other legal means to investigate and look for evidences. Once the only mean becomes your confession, guess what happen? A democratic society needs that criminals are found and jailed - or we would have to get back to personal revenges.

      Beware of removing ways of looking for evidences... some people then may think they need to assert justice personally...

      1. BoldMan

        No a democratic system needs that INNOCENT people are NOT put in jail for crimes they didn't commit. There are far more innocent people than criminals - they are the ones that need protecting from a police force that thinks itself ABOVE the laws they are supposed to enforce.

        1. dervheid

          Police, Judiciary & Law Enforcement

          Therein lies your problem: once you allow the Police ,FBI etc. to take on the role of Law Enforcement, which belongs with the judiciary, rather than the law of deterrence, detection and apprehension of criminals, then the 'Judge Dredd' syndrome will take over, as can be seen.

          The system whereby senior law officials are elected is deeply flawed and open to politicisation and corruption, with areas of criminality becoming 'pet projects' for DA's/Judges in the run-up to election time.

          I am also continually amazed by the apparent reluctance of large sections of the US populace resistant to change in the 'Holy of Holies', the Constitution, given the regular reference to the various Amendments...

          Before you ask, no, I don't have an answer to your problems, apart from suggest that you rein your police forces back in, de-militarise them, and remind them who's who in the 'Protect & Serve' relationship.

      2. Anonymous Coward
        Anonymous Coward

        That right implies law enforcement agencies have other legal means to investigate and look for evidences.

        They do. Otherwise I think the American voter is due a refund to the tune of several billion per annum from agencies that clearly have thrown that money away if they say that the fate and security of the nation is now critically dependent on data held on the one off-the-shelf consumer device the killers did NOT wipe.

        All that might, all that money, and life as we know it depends on one phone that may POSSIBLY hold some data? Pull the other one. Are you sure you haven't started beer o'clock a bit early?

      3. Anonymous Coward
        Anonymous Coward

        > Once the only mean becomes your confession, guess what happen?

        If that is the case, then why are they even looking at you?

        If your confession is the only evidence, then they don't have a case at all.

        That's the whole point.

  6. Crazy Operations Guy Silver badge

    Completely pointless anyway

    The phone itself wasn't even the property of the killer, but rather a device given to him by his employer, the City of San Bernardino. He had two other phones, both of which were destroyed. The probability of there being anything remotely useful is practically nil, who would be stupid enough to put information about the attack they were planning on a device owned by their target when they had two other options already in use? And if it did contain anything useful, why didn't he destroy it like the other two phones?

    What really bothers me is how much attention has been paid to Apple rather than the IT department that failed to properly deploy Mobile Device Management software onto everyone's phones. They had such software installed on the vast majority of the phones they were given to employees anyway, so there was no reason why the Killer's phone wouldn't have it (in which case the city could've just reset the password themselves and none of this shit would've gotten anywhere close to the fan)

    1. DryBones

      Re: Completely pointless anyway

      Indeed. The real headline should be "San Bernadino County and FBI FUBAR, Try to Blame Apple"

      1. DougS Silver badge

        Re: Completely pointless anyway

        I think it is a good thing in the long run they screwed the pooch, as it forced this issue out in the open. And will create incentive for Apple to strengthen their protections even more - apparently the ability to install iOS updates in DFU mode (either in certain circumstances or completely) is headed for the chopping block. Without that, there would be no way for Apple to do what the FBI is trying to compel them to do. So by iOS 10 at the latest (but perhaps sooner) even if the FBI is able to set a precedent it will only matter for phones they've already collected, but not for the hundreds of millions of users that will be updated to the new version a few months after release.

        Hopefully the other improvement they make is allowing a user selected key to be used to backup all iCloud backups (instead of just the portions containing more sensitive data like passwords and data in the Health app) That's the reason I've never used iCloud backups and continue backing up in iTunes, but it would be much more convenient to have nightly backups to iCloud instead of "every few weeks when I think about it" backups to iTunes. I understand the reason they don't do that, because if you forget your iCloud password you're screwed..but make a choice, it doesn't have to be mandatory I just want the option!

        1. Anonymous Coward
          Anonymous Coward

          Re: Completely pointless anyway

          So by iOS 10 at the latest (but perhaps sooner) even if the FBI is able to set a precedent

          They will exactly do that - set a precedent. So the ability will not go to the chopping block. It will be improved and productized as a part of the GovtOS package and its supporting GovtCloud services.

          1. DougS Silver badge

            @AC

            They will exactly do that - set a precedent. So the ability will not go to the chopping block. It will be improved and productized as a part of the GovtOS package and its supporting GovtCloud services.

            The precedent will be irrelevant because Apple will lack the ability to load this "GovtOS" package onto the phones once DFU mode updating is removed. Which I hope doesn't wait until iOS 10 - the sooner the better!

            The only counter would be congress passing a law that requires Apple (and every other tech player) leave a backdoor to allow loading a hacked OS to break into their products. That's a huge step over what is being discussed in this case - and exactly what Apple is warning about. I think a lot of the support for the government's position would dry up if Apple (and all those in their corner such as Microsoft, Google, Facebook, Twitter et al) could stand up and point "See! I told you this was about more than one phone and they wanted a backdoor into everyone's phone!"

      2. h4rm0ny

        Re: Completely pointless anyway

        I suspect they figured this would be a high-profile incident - mad gunman, etc. - that they'd get a lot of angry public support on which would put Apple on the back-foot. "Apple helps vicious killer!" sort of thing. Unfortunately for the FBI, it's not having that effect. Well, it appears to have worked on Donald Trump but apart from him I mean...

        1. Anonymous Coward
          Anonymous Coward

          Re: Completely pointless anyway

          " "Apple helps vicious killer!" sort of thing. Unfortunately for the FBI, it's not having that effect. Well, it appears to have worked on Donald Trump but apart from him I mean..."

          Well it's true that Apple helped Donald Trump, but it's not fair to imply they helped him deliberately.

    2. bri

      Re: Completely pointless anyway (@Crazy Operations Guy)

      Well, MDM is quite often used to deploy policies and enable provisioning/wiping company data (its own apps for instance). It can thus enforce locking and other security policies, but it can't unlock your phone per se (well, they can factory reset/wipe it if so configured, but it wouldn't help in this case, quite the contrary) - they need PIN IIRC, not MDM password (which could be remotely reset).

      Or it can for instance monitor phone's location, but FBI has better data from cell phone operator, so such a feature is not that useful here either, IMHO.

      I can't see how even reasonably configured MDM could possibly help here. Having said that I completely agree with your first paragraph.

      1. Ike Aramba

        Re: Completely pointless anyway (@Crazy Operations Guy)

        "Well, MDM is quite often used to deploy policies and enable provisioning/wiping company data (its own apps for instance). It can thus enforce locking and other security policies, but it can't unlock your phone per se (well, they can factory reset/wipe it if so configured, but it wouldn't help in this case, quite the contrary) - they need PIN IIRC, not MDM password (which could be remotely reset)."

        @bri. The above is incorrect - San Bernadino were using MobileIron on some of their devices, the unlock command is pretty starightforward in there (select the user > actions > unlock in the admin portal), as long as it had some network connectivity and power they would be able to get in.

        See http://www.reuters.com/article/us-apple-encryption-software-exclusive-idUSKCN0VS2QK for more details.

      2. CrazyOldCatMan Silver badge

        Re: Completely pointless anyway (@Crazy Operations Guy)

        > but it can't unlock your phone per se

        It can - or at least the one we use (Mobile Iron) can..

    3. Anonymous Coward
      Anonymous Coward

      Re: Completely pointless anyway

      Criminals sometimes do stupid thing. He may have believed there were nothing important on the iPhone, but he may have been wrong and there could be still valuable data on it.

      Most criminals are not like 007 supervillains, they luckily make mistakes. Sometimes it's exactly looking at apparently innocuous data you can get important clues.

      1. Anonymous Coward
        Anonymous Coward

        Re: Completely pointless anyway

        Criminals sometimes do stupid thing. He may have believed there were nothing important on the iPhone, but he may have been wrong and there could be still valuable data on it.

        Most criminals are not like 007 supervillains, they luckily make mistakes. Sometimes it's exactly looking at apparently innocuous data you can get important clues.

        That again fails the logic test. If the criminal was that stupid, there would also have been clues in the meta data the FBI can access without even having to get a court order.

    4. KR Caddis

      Re: Completely pointless anyway

      You made a new and excellent point; the County already has,or could have routinely had information on call recipients,duration,and in the case of an incoming calls,the caller's number. No rocket science there..

      So what do they want? Recordings of conversations? After the disclosure of NSA's hijinks, we are all to assume now that every phone conversation is vetted. That clearly does not happen or the whole San Berdu even wouldn't have occurred, Clearly it did therefore listening in after the fact does nothing to protect neighborhoods, citizens, etc. from anything. The FBI is lying about tat,or, as others aptly put, justifies billions spent for naught but bigger and more automatic weapons.otherwise useless armoured vehicles and publicity.

    5. John Brown (no body) Silver badge
      Joke

      Re: Completely pointless anyway

      "The phone itself wasn't even the property of the killer, but rather a device given to him by his employer, the City of San Bernardino....And if it did contain anything useful, why didn't he destroy it like the other two phones?"

      Destroy a City owned phone? Have you seen the penalties for something like that? Of course he didn't destroy it. They might have sacked him!

  7. Graham Marsden
    Childcatcher

    Pandora's box

    Once the box is open, you can never get what it contains back inside. So who's next to tell Apple that they must use this software/ write another custom version for them for an equally "good" reason?

    1. tom dial Silver badge

      Re: Pandora's box

      Who's next? The US government and the Manhattan district attorney, in some order, followed by a probably fairly small number of others in both the US and other countries. That is why they should develop the modifications, if they lose the case, with enough care to make them reusable. The government may pay a high price for the first time, but are not likely to be so willing to pay the same high price for the next and subsequent requests for the same service. The government has people on their payroll who know something about software (and operating system) development, despite what one might conclude from such things as OPM and State Department IT oversight.

      The arguably appropriate approach in most cases (under present laws) will be for the police and prosecutor to work it out with the prospective defendant phone owner as part of the charging and plea negotiating that is a part of most criminal cases. There are a lot of options that can, and should, be considered before the effort of brute forcing a phone, for which Apple suggests a cost of $125,000 or more in addition to the law enforcement agency's cost of doing the brute force crack. The fact that the brute forcing might take years (or with longer pass codes, centuries and far longer) provides law enforcement organizations increased incentive to deal with owners of encrypted computing devices of various types that they wish, and have valid warrants, to search.

      It is unfortunate that this has been tied to "terrorism," as it really has to do only with crime and its investigation and prosecution. News reports indicate there are upwards of 200 iPhones for which some law enforcement organization would like Apple's assistance. Almost certainly most have no relation to terrorism (like the case Apple already has been opposing for months) and the need for a warrant might well be eliminated by an appropriate combination of pressure and plea bargaining in quite a few of them. There will be residue, which I expect will be small, where that will not or cannot succeed (e. g., because no living person knows the pass code, and where the manufacturer could be tasked to assist, if it is possible.

      1. Gray
        Boffin

        Re: Pandora's box

        "...appropriate combination of pressure and plea bargaining in quite a few of them,,,"

        Sort of on the order that sees some 95% of all felony convictions in the US gotten through plea bargaining? Take the lesser sentence, or face the maximum sentence allowed under law? Or would that possibly expand to include an automatic trigger for failing to reveal the password: presumptive guilt plus fifty years in federal prison for failure to comply.

        Not my idea of a brave new world.

        1. James 51 Silver badge

          Re: Pandora's box

          " Or would that possibly expand to include an automatic trigger for failing to reveal the password: presumptive guilt plus fifty years in federal prison for failure to comply."

          Don't forget in the UK already has this password law in place.

        2. tom dial Silver badge

          Re: Pandora's box

          Plea bargains have been standard practice for a long time, in the US and probably many other countries where they bother to have formal trials as an option. They are not inherently evil, but also are not necessarily symmetric. This works sometimes for a defendant, as when he or she is able to afford a decent private sector attorney, and other times, probably much more often, for the prosecutor, as for defendants represented by less experienced or overworked and underpaid legal aid attorneys. It is not entirely clear whether this serves the public or the defendant well or poorly, and it is not clear whether it would make much difference in the small fraction of cases where giving up a smart phone pass code would be an issue.

          The notion that failure to cooperate leads to a presumption of guilt is pretty much nonsense, I suspect. Defendants are not required to cooperate more than minimally with an investigation, and failure to do so carries no legal presumption of guilt and cannot be punished. This should be no different.

    2. Cynical Observer

      Re: Pandora's box

      Who's next?

      Well if the UK passes the Investigatory Powers Bill then it could be the UK in any one of three different approaches. - and you would never know about it as all of them include gagging components which would prevent Apple/<insert manufacturer of choice> from disclosing that they have been so ordered.

      This from the team at the Electronic Frontier Federation......

      The UK's Proposed Spy Law Would Force Apple to Secretly Hack its Phones Too

      Much as I hate the walled garden that Apple has with its ecosystem, I have nothing but huge respect for the stand taken by Tim Cook and can only hope that the other technology companies continue to stand shoulder to shoulder with him.

  8. a_yank_lurker Silver badge

    FBI = Feral Baboons of Incompetence

    The only reasons this is even being discussed is Keystone Kops and ignorant shysters essentially conspired to cover up their criminal antics by blaming Apple and demanding Apple save them from their crimes.

  9. noj

    but when you look at it a different way...

    "Today's filing points out that the legal action wouldn't have been necessary if the FBI hadn't stupidly changed the shooter's iCloud password..."

    Given the political and legal maneuvering of Comey et al, I would say the word "stupidly" could reasonably be replaced with "shrewdly".

    1. tom dial Silver badge

      Re: but when you look at it a different way...

      An argument that almost certainly does not apply in most of the numerous other substantially identical cases.

  10. Conundrum1885 Bronze badge

    Re. icloud

    Its interesting to note that this would also allow FBCISA to crack all the random MB's hiding on auction sites, in fact I theorized that much useful data could be hiding on them.

    Hence when my 4S died due to total entropic failure, it got sold on minus the MB and I took the $100 hit on it.

    I've still got it here someplace, actually got some data off despite it sitting in a damp leaky shed for 3+ years.

  11. noj

    perhaps Apple should install a panic button

    I just saw a Silent Circle iPhone app feature update that allows wiping all conversation history. Its under SC Settings and labeled "Wipe Silent Phone" with the description "Clear application data and log out."

    It would not take a lot to install the same feature on the iPhone. I already clear all cache and cookies after each browser session. Combine that with the ability to wipe all text history, phone history, and location history and I'd have just one button to push. I like that.

    1. I. Aproveofitspendingonspecificprojects

      Re: perhaps Apple should install a panic button

      Wouldn't it be more secure to move to China or some ocean jewel with no extradition treaties with Samuel's uncle?

      They already have a boat.

      1. Anonymous Coward
        Anonymous Coward

        Re: perhaps Apple should install a panic button

        Do you believe Apple can sell iPhones in China without ensuring the Chinese government can break into them at will?

    2. Anonymous Coward
      Anonymous Coward

      Re: perhaps Apple should install a panic button

      I just saw a Silent Circle iPhone app feature update that allows wiping all conversation history. Its under SC Settings and labeled "Wipe Silent Phone" with the description "Clear application data and log out."

      It would not take a lot to install the same feature on the iPhone. I already clear all cache and cookies after each browser session. Combine that with the ability to wipe all text history, phone history, and location history and I'd have just one button to push. I like that.

      I'd be careful with Silent Circle, but let's leave that aside for the moment.

      The iPhone already has that facility - that's what the wipe after PIN code failure does. It's based on a double key concept. First it creates a container with a random generated key. It then packs the access key in a header for which you need to access the phone with the right PIN (which, by the way, can be a complete phrase - I use a 7 digit code because it only shows the numeric keypad - easier :) ). If you fail to enter the right PIN enough times it will simply scramble that header so you're left with a data container that has the usual 256 bit crypto and a random, very long password which is pretty much equivalent to having wiped the data (lesson 1 in crypto: never forget your password). The header construct is so that you can change the access PIN/password without having to re-encrypt the data - it's a fairly well established approach to containers and you'll find it also in software such as Truecrypt/Veracrypt.

      Note, however, that the price you pay for this is a vulnerability to a denial of service attack. Someone else typing a PIN 10x times will leave you with a wiped phone which you'd have to restore from a hopefully encrypted backup (if you have one). This is also the method used by informants who have to go into a dangerous situation to avoid the classic shortcut to PINcodes - they "preload" the system with 8 PIN failures.

      1. noj

        Re: perhaps Apple should install a panic button

        @AC and "The iPhone already has that facility..."

        What you say may be true. And I have a very long alphanumeric passcode that would insure more than 8 tries. But then that means having to have an argument with customs and the delay it entails in crossing a US (or any other) border where the passcode might be requested.

        Rather, I'd like to just wipe everything I consider sensitive on my way to the border with a single button. That way when access to the phone is requested I could honestly say, "Sure. I have nothing to hide," hand over the phone and the passcode and everyone is happy.

        A side note: There is the possibility of malware being placed on the phone while in their possession. I already backup my phone regularly and always just before I travel. If my phone is accessed by the authorities when I get back home I would wipe the phone completely and restore from backup. That may not be a bulletproof solution but its the only one I can think of. Other suggestions are welcome.

        One last thing: "I'd be careful with Silent Circle..." Please elaborate. I don't use SC (can't talk anyone into using it) but I follow their product development. I would ask that you include Signal Private Messenger in your comments since I do occasionally use Signal. Thanks.

  12. Neil Barnes Silver badge

    One thing I don't understand

    And which I haven't seen discussed anywhere: What are 'they' trying to find? Isn't the flash memory a single chip which could, presumably, be imaged completely independently of any operating system? Yes, the data would still be encrypted, but at that point it's down to a brute-force attack, no? Or is the encrypted data considered sufficiently secure as to be impenetrable, hence the brute-force on the smaller attack surface of the user password?

    1. Steve Todd

      Re: One thing I don't understand

      The data on that chip is encrypted using 256 bit AES. The key is stored inside the CPU and needs to be unlocked using the users PIN before the data can be accessed. Trying to break 256 bit AES directly is massively impractical.

      1. Neil Barnes Silver badge

        Re: One thing I don't understand

        Thanks, I'd missed that detail somewhere along the story.

    2. John H Woods

      Re: One thing I don't understand

      Brute forcing an AES256 bit key is out of the question: it would take on average 2^255 tries; allowing a minimum of a nanosecond per try; ten million of those amazingly fast computers with an algorithm that exploited an as yet unknown weakness yielding a trillion trillion trillion fold speed-up and it would take you more than ten million times the current age of the universe.

      The only form of "imaging" I can see helping here is electron microscopy; imaging the data is a non-starter.

    3. Pseu Donyme

      Re: One thing I don't understand

      In an earlier related discussion a fellow commentard suggested replacing the flash with an emulator with a copy of the original data. Since this could be restored to original (or maybe be read-only to start with) it would defeat the erase-after-10-passcode-mismatches feature (provided that the flash is the only persistent storage in the device as it likely is (?)). The increasing delay between tries would still be there, but this might be worked around to some extent by rebooting the device with the original flash content loaded into the flash emulator.

      1. Steve Todd

        Re: One thing I don't understand

        @Pseu Donyme, the way that the system is wiped is simply to throw away the AES key, which is stored in the CPU. A copy or emulation of the flash memory wouldn't help here.

        1. Pseu Donyme

          Re: One thing I don't understand

          @Steve Todd, the way I have understood it, there is a 256-bit constant unique to each chip baked into it at manufacture. The AES-key(s) are derived from this and the passcode. The constant (AFAIK) is physically read-only*, it cannot be overwritten. Unless there is persistent, writable storage outside the phone's flash, a flash emulator should work to defeat the retry limit as anything to be wiped would have to be in the flash which would be restored as needed (or possibly be read-only altogether). What I think is overwritten when the 10 try limit is hit is some more key material stored in the flash without which the AES-keys needed to decrypt the file system cannot be derived. Likewise the delay would be defeated (to some extent) by a reboot with the emulated flash restored, if the only place to keep a persistent copy of the retry counter is the flash.

          *or strictly speaking not even quite that from software point of view: it can't be accessed directly, only fed to to the AES-hardware. Still, firmware can brute force the passcode as it can generate the AES keys for all passcodes and see what decrypts.

          1. DougS Silver badge

            Re: One thing I don't understand

            You guys should read the iOS security guide Apple publishes. It is 60 pages of great detail into how they handle all this. Short story - imaging the flash won't do you any good. Long story, read the document :)

      2. Anonymous Coward
        Anonymous Coward

        Re: One thing I don't understand

        In an earlier related discussion a fellow commentard suggested replacing the flash with an emulator with a copy of the original data. Since this could be restored to original (or maybe be read-only to start with) it would defeat the erase-after-10-passcode-mismatches feature (provided that the flash is the only persistent storage in the device as it likely is (?)). The increasing delay between tries would still be there, but this might be worked around to some extent by rebooting the device with the original flash content loaded into the flash emulator.

        That's where the problem hides: the data is tied to a key that burned into the hardware, and apparently it is close to impossible to extract that key (it's exactly the "close to" that the FBI is using to to wedge open Apple - later iPhones are impervious to the attack the 5C could be subjected to as later models have even better protection).

        It's the same idea that should normally be used on systems holding data such as passwords: "salting" the encryption with a locally stored value means that a copy would be useless elsewhere as you miss part of the key.

    4. noj

      Re: One thing I don't understand

      @ Neil Barnes: "What are 'they' trying to find?"

      IMO the short answer is, they (FBI and more) are trying to find out if they can force a US company to install a backdoor in its product. It has absolutely nothing to do with finding anything useful on the phone itself.

  13. LDS Silver badge

    What about forcing a phramaceutical company...

    ... to produce a life-saving drug it doesn't want to produce because it costs too much for just a small set of patients, but still wants to keep the patent, so nobody else can make it either?

    What about that nice guy who recently bought patents and made prices tens or more times - or more - higher?

    What about the people who risked their life to help to stop dangerous criminals?

    1. Steve Todd
      Stop

      Re: What about forcing a phramaceutical company...

      That "nice guy" bought the rights for a drug that is out of patent. There is nothing stopping another company from making a generic except for the FDA.

      There are many diseases around the world that aren't worth researching a cure for (last time I looked it costs about $1bn to bring a new drug to market). If governments think that it has social value to create a cure then they need to put their hands in their pockets, not expect the drug companies to spend that kind of cash out of charity.

      People risking their lives to stop criminals have to follow the law in the same way that we do. The problem is that the FBI is trying to redefine the law to let them do whatever they want.

      1. LDS Silver badge

        Re: What about forcing a phramaceutical company...

        Wrong. There are known drugs to cure rare diseases that aren't in production but patents are held so nobody else can make them (and maybe derive other drugs for other diseases from them). It's just the production, not the research.

        But you're right, Shkreli just bought the marketing rights for the US, the effect was the same, unless you got that drug illegally from abroad.

        Universities founded by governments still do a lot of researches and prepare researchers from which pharmaceutical companies then reap the benefits (especially when governments pay for the drugs...) - and of course they care about just how many money they can make, not how many lives they can save. It's no surprise that corruption is very high in drugs sales, with pharmaceutical companies blatantly corrupting the whole health system to increase revenues.

        That's why I'll never put my life in the hands of a private company.

        There are people who helped police to capture criminals putting their life at risk - in a perfectly legal way. Maybe carrying a microphone/cam, and so on. Sure, they weren't compelled, they just thought it was the right thing to do.

        Maybe FBI is trying to redefine the law, but Apple as well. Apple aims to become a sort of Switzerland, and Switzerland bank secret was never about rights, it has always been about money. Apple right now see no money coming. One day, as soon it sees money coming, it will change mind, don't worry.

        1. Steve Todd

          Re: What about forcing a phramaceutical company...

          If a company has spent a billion dollars bringing a drug to market they wouldn't have done so without there being a large target market. Having discovered a drug and got it through approval they've spent a lot of money. They want to make that back. Just sitting on it gets them no return. Worst case they can license the production to another company for specific uses and get SOMETHING back. At the end of 17 years it becomes generic and anyone can make it (quite how the FDA seems to have screwed up generics is beyond me). After the approvals process that's more like 10 years.

          You seem to be confused over the law. The FBI are trying to extend the reach of the All Writs act in order to force Apple to do something they don't want to do. Apple don't want to do it because it's bad precedent (no matter what the FBI would have you believe, having done this once there'd be a queue of government agencies and police forces demanding that they do it again). It would also be next to impossible to refuse the same aid to foreign governments like the Chinese. Apple aren't asking to be exempted from the law, they are asking that there be limits placed on law to prevent this kind of request being made of ANY company.

    2. Cynical Observer

      Re: What about forcing a phramaceutical company...

      @LDS

      Your question about the pharmaceutical company needs to be posed the other way.

      Would you be happy with the state compelling a pharmaceutical company to produce the drugs required to allow it to administer a lethal injection?

      Your initial question hinges on the premise that producing a lifesaving drug can only be seen as something positive - and therefore no reasonable person would object.

      The counter question opens up the moral issue of whether or not the death penalty is morally acceptable? There are many reasonable people on each side of that debate and for some, such a state directive is not only unacceptable, it is morally repugnant.

      The debate over privacy versus Governmental access is equally one that has reasonable people on either side and as such it is a debate that must be had, in public and though some form of consensus or majority opinion it will have to reach a determination. I for one hope that the determination is to hold in check the powers of the state and its agencies - the loss of privacy is something I would consider even more terrible than a loss of free speech.

  14. Sir Runcible Spoon Silver badge
    Big Brother

    Sir

    "or forcing a software company to insert malicious code in its autoupdate process that makes it easier for the government to conduct court-ordered surveillance."

    Was that a dig at Microsoft do you think?

    1. Anonymous Coward
      Anonymous Coward

      Re: Sir

      Was that a dig at Microsoft do you think?

      That depends on whether you consider Microsoft code itself benign.

      Otherwise, the sentence is far easier:

      "or asking a software company to insert malicious code in its autoupdate process that makes it easier for the government to conduct court-ordered surveillance."

  15. SW10
    Joke

    Terminology

    I tell you what, the next time uses the term "comfort break" in a meeting, I shall deny it and suggest we move for a motion to vacate.

    1. Anonymous Coward
      Anonymous Coward

      Re: Terminology

      Why? Got a phone stuck up there? :)

  16. floppy

    safe cracking

    I can't understand why Apple is resisting a logical attempt by law-enforcement to gain access to files of a known criminal, whether he be a terrorist or not.

    What is asked for is in essence no different then the police engaging a locksmith to open a locked door or a locked safe.

    What Apple seems to be implying is that the agents of law and order cannot be trusted not abuse a tool that (probably already exists in the development labs in Cupertino) even though any access would logically be controlled by the courts.

    I have a sense that Apple sees itself and the users of its products above the the law and is attempting to abuse the right to privacy (which is itself a relatively new concept in law) in order to impune the same courts that created that same right to privacy upon which Apple bases its resistance.

    No one manufacturer can place itself and its product above a reasonable request of the government in the course of the protection of the people. Technology must be subservient to the laws of the community.

    Stating otherwise is 21-st century egotism extended ad absurdam!

    Shame on you, Apple!

    1. Steve Todd

      Re: safe cracking

      Nowhere near that simple.

      The safe company has developed a safe that is guaranteed uncrackable, thus making it a valuable item to potential safe owners. The FBI is demanding that the safe company develop a completely new tool to open a safe of this type that was owned by a criminal (which may, but probably doesn't, contain information about his crimes). They've also managed to reset the combination to a random number they don't know. They pinky swear that the tool will be used only this once. Meanwhile they have a queue of other safes that they also want opening, as do the police and foreign governments. Due to the rules of evidence the safe company will also have to document how the tool is created and how it works. Result: no one with that type of safe can rest easy, and the FBI can apply the case law to other manufacturers also so there will be no such thing as a secure safe. The methods will leak out and burglars will soon be able to open them also.

      1. tom dial Silver badge

        Re: safe cracking

        One omission: in the analogy, only the safe company be able to use the tool. Burglars would not, unless they can acquire whatever it takes to use the tool along with the tool and its documentation.

        One slight misstatement: in the analogy, the FBI did not reset the safe combination. Nothing in the physical safe analogy corresponds to what the county or FBI did. There is no such thing as an off-site backup to the safe contents.

        A second misstatement, as to the order: every such order, by the nature of such orders, is almost sure to speak to exactly one device. It is known that there was at least one other, and probably a dozen or so previous ones, each speaking to exactly one device, and that the Manhattan DA claims 175 iPhones, each of which is likely to be the subject of a nearly identical one-device order if the government succeeds.

        These are largely immaterial to the case at hand and, as such, are emotion laden noise.

    2. Anonymous Coward
      Anonymous Coward

      Re: safe cracking

      egotism extended ad absurdam

      You may want to educate yourself on the "why backdoors are bad" debate, and then read up on the forums here - there are enough logical debates here.

      Knowing some fragments of Latin doesn't mean you're right.

    3. Anonymous Coward
      Anonymous Coward

      Re: safe cracking

      'What is asked for is in essence no different then the police engaging a locksmith to open a locked door or a locked safe.'

      What is being asked for is the police engaging a locksmith to produce a key that opens all locks and all safes

      1. Bob Camp

        Re: safe cracking

        But Apple could tie the hacked software to a specific IMEI/MEID. The software wouldn't run if the IMEI/MEID doesn't match. That way, even if the software leaks out (which hasn't been a problem in the past) it wouldn't work on someone else's phone. So it's not "all locks" that's the issue.

        The issue is more like the FBI forcing Apple to hire full time locksmiths just for this purpose.

        1. Steve Todd

          Re: safe cracking

          If they've done it once then they can be compelled to do it again and again. After a while it becomes impractical to device lock the code, at which point it can then escape. It's a long, slippery slope.

          1. tom dial Silver badge

            Re: safe cracking

            " ... they can be compelled to do it again and again."

            Of course they could. Nothing is likely to stop, or even slow by much, the stream of criminal investigations or the much smaller stream of search warrants for computer devices. And there is nothing wrong or unexpected about it. What is wrong here is the apparent belief that warrants are issued routinely and in large numbers for illicit purposes, a proposition for which there is essentially no evidence in the US.

  17. This post has been deleted by its author

    1. Michael Thibault

      Relevance of this line from "The Matrix"?

    2. noj

      @Valarian: I often think of this one:

      "And where once you had the freedom to object, to think and speak as you saw fit, you now have censors and systems of surveillance coercing your conformity and soliciting your submission. How did this happen? Who's to blame? Well certainly there are those more responsible than others, and they will be held accountable, but again truth be told, if you're looking for the guilty, you need only look into a mirror. I know why you did it. I know you were afraid. Who wouldn't be? War, terror, disease. There were a myriad of problems which conspired to corrupt your reason and rob you of your common sense."

  18. You aint sin me, roit
    Big Brother

    GovtOS...

    Apple should create GovtOS to do what the FBI want, but add a splash page displayed when the phone is unlocked...

    "WARNING: the Feds have hacked your phone!"

    If you're not doing anything wrong you don't have anything to worry about...

    If you're a naughty boy you might consider smashing that cheap Tesco pay as you go phone that you use to contact the more dubious people in your life.

  19. Valerion

    GovtOS?

    Surely FBiOS would be a more suitable name?

  20. mike acker

    all writs is not applicable

    to envoke the All Writs act to force assitance you must meet the 3 tests

    the last one asks "is this necessary"

    in the case of AAPL: no: it is not necessary

    all that needs be done is: have the cops FedEx the "subject device" to Cupertino; include a check to cover the costs, and a copy of the search warrant as required by law .

    AAPL can the give the feds/cops the data they demand without releasing a backdoor package . cops that lose their personal side arms in bath rooms and leave them in cars in front of the white house and hang out in the brothels of Colombia cannot be trusted with sensitive software .

  21. Rick Brasche

    Come see the violence inherent in the system!

    Help help, I'm being repressed! -Apple

  22. Anonymous Coward
    Anonymous Coward

    Internet surveillance not the only way

    What happened to the art of surveillance excluding internet surveillance? There are other ways to survey than IT. In the first step those morons shouldn't have gotten weapons so easily, that's the big issue. If you restrict the access to guns and other destructive devices and institute a reporting procedure for any suspicious customer buying an unusual quantity of chemicals you'll prevent this just as well. And that would prevent, not give hints AFTER the event happened.

  23. Anonymous Coward
    Anonymous Coward

    this is not complicated

    Apple should unlock the phone as mandated by a legitimate court order. Tim Cook should go to jail until Apple complies. Once Apple unlocks the phone Apple should be fined $10 BILLION for defying a court order.

    1. Michael Thibault
      Headmaster

      Re: this is not complicated

      Unfortunately, AC, your post does not receive a passing grade. The brevity of it suggested that you might have been under the mistaken assumption that you were limited to a fixed number of characters. I took the charitable view, though, in assessing your contribution...

      Your analysis is not particularly deep; your prescription is, thereby, not particularly sophisticated. And the general thrust of your post goes against the (local) grain. Such are first efforts.

      I suggest more lurking/reading/education before you post again.

    2. tom dial Silver badge

      Re: this is not complicated

      Apple, like any other similarly situated person or organization, is entitled to a proper hearing in a court. Until that is done it is too soon to raise the question of punishing them, or how. If they comply with the order after (hypothetically) receiving an adverse decision, there will be no punishment beyond what they spent on attorney fees.

  24. MachDiamond Silver badge

    Already done.

    Let's say that I already know how to compromise a mobile OS yet I don't want to advertise that fact. If I could show (or fabricate) that I was able to get the information via more straightforward means, I would have plausible deniability.

    The metadata from that phone is already known since the telco and the N$@ log and store that information. While they may not have the full text (voice) of the communications, they will know who is talking with whom. Chances are pretty slim that this employer issued phone has anything worth the lawyers fees generated so far. The actors are dead, so there isn't going to be court case involving them where all evidence possible will be needed to give them the Chair.

    From numerous other stories, this one iPhone may be just the tip of the iceberg. The FBI is using the notoriety of the shooting as leverage. If precedence is set, the rest of the "requests" will go through much easier. If Apple loses, their phone business might take a substantial hit.

    1. tom dial Silver badge

      Re: Already done.

      First, the issue is not the warrant. The legitimacy of the warrant has not been challenged, so far as I have seen. Claims that it serves no purpose also are off base, since it the phone is a general purpose computer as well and may store data entirely unrelated to communication, some of a type apparently not backed up even when backups are operational, and other not backed up for the two weeks or so before the crime being investigated.

      Second, of course it's the tip of an iceberg; it's a search warrant, along with a demand for third party help to execute it. Search warrants are issued often in criminal investigations, and not often, if ever, otherwise. While the government may be counting on the notoriety of the particular case to help them, that is less likely to succeed with a judge than with the public, which seems to favor the government position by a significant margin. They may justly be criticised for that, but it is not the first case, and I have not seen where the government has said it was unique or would be the last.

  25. gnasher729 Silver badge

    Latest news is that the San Bernardino police have openly and publicly said that they don't expect there to be any useful information on that phone. They just don't want any stone left unturned. Now I'll say they have every right to make a thorough investigation, but "we don't want any stone left unturned" doesn't seem a good reason even for a search warrant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019