Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Will No Longer Unlock Most iPhones, iPads For Police

Posted by timothy on from the just-what-they-want-you-to-think-part-827398 dept.

SternisheFan writes with this selection from a story at the Washington Post: Apple said Wednesday night that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user data. The move, announced with the publication of a new privacy policy tied to the release of Apple's latest mobile operating system, iOS 8, amounts to an engineering solution to a legal dilemma: Rather than comply with binding court orders, Apple has reworked its latest encryption in a way that makes it almost impossible for the company – or anyone else but the device's owner – to gain access to the vast troves of user data typically stored on smartphones or tablet computers. The key is the encryption that Apple mobile devices automatically put in place when a user selects a passcode, making it difficult for anyone who lacks that passcode to access the information within, including photos, e-mails, recordings or other documents. Apple once kept possession of encryption keys that unlocked devices for legally binding police requests, but will no longer do so for iOS8, it said in a new guide for law enforcement. "Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data," Apple said on its Web site. "So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."

14 of 504 comments (clear)

  1. Sanity... by Panaflex · · Score: 5, Insightful

    This is how things are supposed to be. The legal system was designed for individuals "to be secure in their persons, houses, papers, and effects."

    --
    I said no... but I missed and it came out yes.
    1. Re:Sanity... by oodaloop · · Score: 4, Insightful

      ...from the owner of the data, i.e the individual. Serve the individual the warrant. If he fails to hand over the info, charge him with contempt of court.

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    2. Re:Sanity... by Noah+Haders · · Score: 4, Insightful

      Americans understand that we should defend the rights of pedophiles and racists, because if it's ok to violate their rights then it's ok to violate everybody's rights. the police have more than enough tools for catching criminals without needing to violate the constitution.

    3. Re:Sanity... by Anonymous Coward · · Score: 2, Insightful

      self incrimination is frowned upon in the US.

    4. Re:Sanity... by FlyHelicopters · · Score: 4, Insightful

      Of course the court could just order you to turn over your password.

      Sure, but you also have the right to refuse... They can charge you with contempt perhaps, but you at least have that choice.

      Before, you didn't even have that much of a choice...

  2. So then they get another warrant ... by BarbaraHudson · · Score: 5, Insightful

    Then they're served with another warrant ... one that obliges them to put a back door into either the individual device, or their whole infrastructure. Without informing users that such a warrant has been served.

    Then what?

    It's like a game of chess where the values of the piece can be unilaterally changed by one side.

    --
    "Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
    1. Re:So then they get another warrant ... by gman003 · · Score: 4, Insightful

      THEY *HAVE* GOTTEN WARRANTS LIKE THAT. WORSE, EVEN.

      Remember Lavabit? They got a warrant to seize his private SSL key, so they could hijack connections from every user. The warrant only covered one person specifically but the order was for the SSL key itself, giving them the technical ability to read everything the users read. He even offered to modify his code so it would do it for just that one user, and they refused. The warrant even came with a gag order preventing him from talking about it.

    2. Re:So then they get another warrant ... by xdor · · Score: 5, Insightful

      They don't need a back-door.

      Sure they'll encrypt your files with a key they don't know just like they said. But to comply with law enforcement all they would have to do is intercept your password when you enter it. And that's done easily : keyboard driver update patch for target users: collects and forwards the password to the feds.

      That way they're still encrypted as advertised. And its possible that if you lose your phone or its confiscated that this would still be a plus. But I think this password intercept is how the feds would get access if they're monitoring you specifically.

  3. Re:Is this real? by Chatterton · · Score: 3, Insightful

    Even if it is real. How long before there is an amendment to the patriot act stipulating that every encrypted gadget should have a master key and that master key should be provided to uncle sam?

  4. Re:So everything is protected by a 4 digit passcod by DigiShaman · · Score: 4, Insightful

    Or, they simply use a $5 wrench.

    --
    Life is not for the lazy.
  5. Re:So everything is protected by a 4 digit passcod by LordLimecat · · Score: 4, Insightful

    and you forget the answer to your security question,

    The presence of a security question on any service indicates immediately that they almost certainly have access if served with a warrant.

  6. Re: So everything is protected by a 4 digit passco by alen · · Score: 5, Insightful

    some of us are old enough to remember when 128 bit keys were considered unbreakable

  7. Re: So everything is protected by a 4 digit passco by FlyHelicopters · · Score: 4, Insightful

    Yes, that is true...

    But it isn't logarithmic, it is exponential...

    A 256-bit encryption isn't twice as hard as 128-bit, and a 4096-bit is beyond silly.

    There might be fault with the method of encryption, perhaps a hack or a mistake in the code, but you won't brute force 4096-bit encryption. It would take more energy than exists in the universe, go look it up. :)

  8. Re:So everything is protected by a 4 digit passcod by Noah+Haders · · Score: 5, Insightful

    This is exactly the point. Police can serve a warrant on a person, but they can't take the legal wrench to apple.