Slashdot Mirror
Apple To FBI: Encryption Rules Out Handing Over iMessage Data In Real Time
Mark Wilson writes that Apple has balked at a court order to provide the FBI with the contents of text messages among users of its iMessage service, claiming that the encryption it uses to protect these messages makes handing over the messages themselves impossible. From the article: The Justice Department obtained a court order that required Apple to provide real time access to text messages sent between suspects in an investigation involving guns and drugs. Apple has responded by saying that the fact iMessage is encrypted means that it is simply not able to comply with the order. The stand-off between the US government and Apple could last for some time as neither side is willing — or possibly able — to back down.
... give them what they are asking for? Just hand over the encrypted data and say "good luck with that".
This is an ex-parrot!
As I understand the iMessage, Apple hides some of the key selection process from end users. (This is considered a good thing - without it, fewer people would use it because it would be like using PGP.) If Apple was compelled, they could also encrypt outgoing messages with one of the FBI's public keys and either send the same message across the wire (where the FBI could pick it up) or send a second message encrypted just for the FBI to the FBI. Either method would be discoverable, but Apple could paper over that issue in its interface because it controls the software. (Apple could also limit the discoverability of such a "feature" by using its phone home key request to request the FBI's key for and encrypt only certain monitored people's communications - that way most security experts WOULDN'T see a change.)
Long story short, Apple COULD provide real-time access to encrypted messages, but it would take a little work to sneak that in, and eventually someone would find it.
Pretty well defines what is good.
Once the industrialized countries outlaw encryption, I don't know how the banking system can survive.
But, of course, the US govt. will continue using encryption for their docs.
Also, "Black-box" testing uncovers several ways the NSA could tap iMessage (from 2013)
http://arstechnica.com/securit...
Just send the encrypted messages. That way you're complying with the order.
Apple knows good and well that the DoJ could easily fool some ignorant/fascist Judge to conclude that Apple was being "unresponsive" to the Request, or even worse, was deliberately "Obstructing Justice".
Isn't this wonderful? From the Fourth Amendment, we now have a situation where Privacy == Obstruction.
How in the FUCK did THAT happen?!?
If the FBI really wants access, they could get an NSL issued, forcing apple to comply by compromising their own system..and they couldn't tell their customers about it.
Until this is fixed, there's no way in hell I will believe any grandstanding on the part of any vendor.
How in the FUCK did THAT happen?!?
The voters keep reelecting corrupt politicians. How could it NOT happen??!
“He’s not deformed, he’s just drunk!”
Isn't this wonderful? From the Fourth Amendment, we now have a situation where Privacy == Obstruction. How in the FUCK did THAT happen?!?
Because the Fourth Amendment doesn't guarantee you absolute privacy, it grants "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures", meaning until a court has issued an order to grant such access "upon probable cause". In this case the court issues such an order. The question is, given the circumstances, what Apple is legally required to do. Hint: they are not required to change their software to create the ability for the government to get access, only to give the government what they already have access to.
This is iMessage not your iTunes account. The 'keys' are generated per-device and the private key remains there, if you lose your device or access to it you have to generate new ones. Also if your device has the Apple 'secure enclave' TPM, good luck anyone getting access to it without your unlock password.
Actually, I'm surprised they still feel somewhat obliged to justify anything. We're past the stage they should actually say "shut up and comply or we'll kill you and your family".
Human beings rationalize. It's not like the intelligence agencies take away your privacy rights because they're trying to be the bad guys--they're trying to be the good guys and save everyone and go after the big bad criminals, it's just that their profession gives them a really warped view of what privacy should look like and the consequences of losing it. Basically they trust themselves with your information so most of them don't seriously believe or really understand how much of a threat it is to democracy for a government force operating mostly in secret to have that information.
It's a little like trying to make today's Americans understand the vitriol of the Protestant-Catholic wars, or the Sunni-Shiite divide. There's no real frame of reference or an inability to project that frame of reference onto the conflict.
I wonder if these fights are just disinformation to try to convince criminals/terrorists that they can use iMessage. The government lets a criminal get away with it in a case they don't really care about or can convict them without it anyways and makes a lot of press, and then has access to it in all the cases they do care about.
iMessage is designed with warrants in mind if you read over the protocol documentation. Each device has its own key and is tied to your Apple Id. If you have a iPhone, a Macbook, and an iPad each device has its own encryption key. When someone sends you an iMessage, Apples sends them the public key for each of the 3 devices and then the encrypted message is sent to each device which uses its private key to decrypt the message.
When a warrant is issued, all Apple has to do is add a 4th, "FBI device" to your Apple Id and anyone sending you an iMessage also gets encrypted with that key.
As Apple controls the user interface and they provide no way to view how many keys an iMessage is being encrypted with, there is no easy way to see if an extra key for ease-dropping is being used. There may be ways if one monitored the size of the traffic, but I am not aware of that work being done. Anyone who had the need to make sure they weren't being spied on by the government, wouldn't use iMessage.
This message is encrypted with Quad ROT-13 to protect the author's copyright under the DMCA.
How in the FUCK did THAT happen?!?
The voters have no choices BUT corrupt politicians. How could it NOT happen??!
FTFY!
Bullshit. They have primaries, and a process for putting anybody on the ballot they want. Voters are just lazy and submissive, and antipathic towards each other.
Yes, the primaries, where we get to choose between a small group of pre-vetted candidates, thus giving us the illusion of choice.
Similar to the upcoming US election results
No way would the FBI want to do this, since it would set the precedent that surrendering the encryption key to that data would be self incrimination.
They have a vested interest in the encrypted data being treated as legally the same as the unencrypted data, since they don't want legal precedent for a fifth amendment defence on encryption keys being ruled on by a court. There's no solid case law on that one way or the other right now.
My father and his friends all worked for Big Blue during their golden years selling/installing mainframes and I've had a PC in the house my entire life. Never once have I ever considering paying for over-hyped over-priced Apple "toys" until now. I simply cannot ignore the facts anymore that Apple makes the best phones on the market with sound security while Android and Windows erode away, and articles like this go a long way towards making me feel confident about my purchase. I'm very impressed with my 5s.
So, stick your other foot in the water and buy a MacBook Pro and run OS X on it. You'll wonder why you ever waited this long. Trust me.