Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoJ Says Apple's Posture on iPhone Unlocking Is Just Marketing (reuters.com)

Posted by timothy on from the whereas-your-adherence-to-the-constitution dept.

New submitter kruug writes: The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge's order for the company to unlock the iPhone belonging to one of the San Bernardino shooters, portraying the tech giant's refusal as a 'marketing strategy.' The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week. The Federal Bureau of Investigation is seeking the tech giant's help to access the shooter's phone, which is encrypted. The company so far has pushed back, and on Thursday won three extra days to respond to the order. Reader Lauren Weinstein writes of this tack: "The level of DOJ disingenuousness in play is simply staggering."

13 of 339 comments (clear)

  1. Just threaten their tax arrangements by Anonymous Coward · · Score: 0, Insightful

    All the Gov need to do is threaten Apples tax arrangements, watch that phone get unlocked in a day.

  2. Apple - standing alone by Swampash · · Score: 5, Insightful

    Assume that every other hardware manufacturer that is NOT getting threatened by the Federal Government has already rolled over.

    Tim Cook: thank you. All you other bitches: FOAD.

    1. Re:Apple - standing alone by ooloorie · · Score: 4, Insightful

      That's not the deal at all. Apple can't decrypt it. The FBI wants them to remove the safety measure where the phone will discard the encryption key altogether after 10 failed attempts at guessing the passcode.

      Yes, that is likely what this is about (see my other posting). And if they can push a software update with this safety feature to an existing phone without the user unlocking it first, then Apple's software is not secure. That's exactly my point.

      That is, Apple is right that such an update would make future iOS devices much less secure, but what this whole spat reveals is that the current system is already not secure precisely because governments can make demands like the US government is making. That is, the fact that we're even having this debate is due to a bad implementation of cryptography on Apple iOS.

    2. Re:Apple - standing alone by ooloorie · · Score: 3, Insightful

      What the FBI wants is for Apple to develop a hacked version of iOS that can be loaded onto the phone and allow external inputs to try different user unlock PINs as well as get rid of both the 10-attempts limit as well as the time-between-tries limit.

      Yes, that is probably what the FBI wants. My point is that if Apple can push such a software update to an existing phone without the user unlocking the device first, then iOS cryptography is broken already. And that is likely the case, because if Apple couldn't push such an update to an existing phone without unlocking it first, then it would make no sense for the court to try to force them to develop such an update, since the court can only order Apple to develop such a tool for a specific case, not for future cases that aren't before the court yet.

    3. Re:Apple - standing alone by Aighearach · · Score: 3, Insightful

      You accuse me of "misinformation," I'm throwing down the gauntlet on that! You're a liar to accuse me of that. If you disagree, disagree, don't make a false accusation.

      You accuse me of "misinformation," and then you verify my statement! As you said, "firmware is just a piece of software." Right. Is a piece of software tied to one computer, or can it also be run on other computers? Is that indeed part of the nature of software?

      You're saying that you believe that adding an ID check to the software source code somehow locks it so that it can only be used with one device. I'm a software developer, and I say you're full of shit and don't even realize that software can be easily altered later to work with a different ID. There is no way to "lock" it so that can't happen. Even if it is a compiled binary file, it is easy to find and replace the ID because they already know the ID of the phone it would be written for.

      Don't claim I'm "spreading misinformation" when you don't even understand the details. Yes, I am saying it is "technically impossible" for Apple to write firmware that is locked to one device, because of the very nature of what software is. The only way that a piece of software can be locked to one device is if that device has a custom CPU and there are no other devices that can run the code. But iPhones don't come with individually customized processors, all the phones of the same model have the same processor and can indeed run each other's firmware.

  3. Can someone explain why the FBI needs Apple? by sheetsda · · Score: 3, Insightful

    The FBI has the hardware. At the software level it should be game-over. So what is stopping them from copying the phone's memory, putting it in an emulator or another phone, and brute forcing the 5-digit PIN. Every time it self destructs, they load up another copy and continue until the correct PIN is found. What am I missing here?

  4. They're correct - because it's about survival by FireballX301 · · Score: 4, Insightful

    Apple knows that complying with this order will essentially destroy most, if not all of their overseas business. If they comply with this order, they will lose anyone who is even remotely suspicious of US govt motives; this includes literally billions of non-Americans around the world. The net result would simply be people moving to phones that are perceived as more secure, there's an easy market opportunity for a non US based company to put out 'secured' phones (for example, a phone that rejects all firmware updates in addition to the secure area tech) and gain all the business that Apple would lose.

    The question is, of course, if the government knows this, and I'm pretty sure the law enforcement/'intelligence' personnel here are so scoped into their mindset that they're totally unaware of this, and would reflexively brush it off as hyperbole (hint it isnt).

    1. Re:They're correct - because it's about survival by FireballX301 · · Score: 3, Insightful

      The average person might not give a fuck, but iPhone buyers outside US/EU are not average - they tend to be well off, or enterprise customers (who I can assure you will care very much so about this). More importantly, it'd be very easy for governments to spin this against the US and Apple - how easy would it be for the PRC to talk about how the US is spying on China, and mandate that all Chinese citizens/enterprise buy Xiaomi?

      You minimize the impact at your own peril.

  5. Re:Why is Apple acting like obstructionist... by __aaclcg7560 · · Score: 4, Insightful

    The keys on the new phones are only five digits. They should be able to find the key in a matter of seconds.

    Except you have only ten attempts to enter the correct five digits before the data is automatically wiped. A security feature that prevents a brute force attack to unlock the iPhone.

  6. brute brute by Anonymous Coward · · Score: 1, Insightful

    If the iPhone has separate memory chips (as opposed to being a single SOC):

    1) power down the phone completely, battery out, PS caps shorted

    2) physically remove the flash memory

    3) copy flash memory off in custom jig

    4) brute force without iOS or Apple hardware even being involved.

    OTOH, if it's an SOC, then the chip's surround (epoxy or whatever) has to be removed and the chip itself attacked to separate the flash from the rest of the hardware. Much tougher (but still doable, if there's good enough reason and the required budget and gear.) Then, step 4 as above.

    Nothing is inherently truly secure if you can get the storage device physically free of the encompassing controller(s.)

    But someone up higher probably had it close to right: It's not that people that smart won't work for the FBI, it's that the FBI is institutionally unable to hire people with those skillsets. If ever there was a federal agency with a stick so far up its ass you could build a treehouse on it, the FBI is that agency.

  7. Re:How did they try to keep that secret? by j-turkey · · Score: 3, Insightful

    That turns it into a comedy - the FBI going public and then accusing Apple of doing it for publicity. Did they employ some clowns thrown out of the NSA after Snowden or something? It sounds like something the Star Trek Set guy would do.

    Sort of...the FBI didn't do it for publicity. They did it to set precedent, and this case was chosen very carefully by the DoJ in order to achieve this (by tugging at heart strings and a sense of panic in the wake of terrorism). There are plenty of other investigations that they could have made similar demands under. If Apple cooperated with the FBI and it was done under seal, then it could not be used as precedent to use the courts to force Apple to do the same in future cases.

    --

    -Turkey

  8. Action vs No Action by duckintheface · · Score: 4, Insightful

    It is not a crime to do nothing. If Apple already has a key, they can be compelled under discovery to turn it over. But they can't be compelled to create one if it does not exist. You can't require someone to act against their will. That is called slavery.

    --
    "He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
  9. Re:The phone belongs to the county, not the shoote by Fallen+Kell · · Score: 3, Insightful

    For which San Bernadino is then looking stupid for not placing the phone under some kind of enterprise mobile device control allowing the true owners the ability to unlock the phone and read the contents.... This is why none of the news and 3 letter agencies are stating the real fact of ownership, because then they look inept for not doing basic device control.

    --
    We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"