Slashdot Mirror
DoJ Says Apple's Posture on iPhone Unlocking Is Just Marketing (reuters.com)
New submitter kruug writes: The U.S. Department of Justice filed a motion seeking to compel Apple Inc to comply with a judge's order for the company to unlock the iPhone belonging to one of the San Bernardino shooters, portraying the tech giant's refusal as a 'marketing strategy.' The filing escalated a showdown between the Obama administration and Silicon Valley over security and privacy that ignited earlier this week. The Federal Bureau of Investigation is seeking the tech giant's help to access the shooter's phone, which is encrypted. The company so far has pushed back, and on Thursday won three extra days to respond to the order. Reader Lauren Weinstein writes of this tack: "The level of DOJ disingenuousness in play is simply staggering."
Assume that every other hardware manufacturer that is NOT getting threatened by the Federal Government has already rolled over.
Tim Cook: thank you. All you other bitches: FOAD.
On the one hand, Apple tried to make a deal and keep the whole thing secret. So that makes it seem like Apple was willing to go along (for at least this one case) as long as it was kept quiet.
On the other hand, it doesn't really matter. If Apple is doing it as a publicity stunt, then it's doing it because the customers want it. Frankly that's better than a corporation trying to "do the right thing" that people don't want.
"First they came for the slanderers and i said nothing."
I also hear there's a bridge between Manhattan and Brooklyn for sale.
The DoJ is just trying to make the devices secure.
Kudo's to them for making Apple fix the vulnerabilities in their products.
Apple did nothing to keep this secret. It's already known they have assisted the FBI before.
Instead what happened is no-one cared, not even Apple, until the FBI demanded essentially that Apple break hardware security. That is where Apple drew the line; that is what brought all of the attention to bear.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Give me a break. Who would be naive enough to think Apple would refuse to cooperate with the U.S. government in such a case? Yes, they'll "refuse" on public, get some headlines for "standing up for privacy" and then quietly do what they were told one way or another.
The FBI has the hardware. At the software level it should be game-over. So what is stopping them from copying the phone's memory, putting it in an emulator or another phone, and brute forcing the 5-digit PIN. Every time it self destructs, they load up another copy and continue until the correct PIN is found. What am I missing here?
Apple knows that complying with this order will essentially destroy most, if not all of their overseas business. If they comply with this order, they will lose anyone who is even remotely suspicious of US govt motives; this includes literally billions of non-Americans around the world. The net result would simply be people moving to phones that are perceived as more secure, there's an easy market opportunity for a non US based company to put out 'secured' phones (for example, a phone that rejects all firmware updates in addition to the secure area tech) and gain all the business that Apple would lose.
The question is, of course, if the government knows this, and I'm pretty sure the law enforcement/'intelligence' personnel here are so scoped into their mindset that they're totally unaware of this, and would reflexively brush it off as hyperbole (hint it isnt).
What the discussion may be about is the fact that the normal iOS keys are weak (4-6 digits), so what the government may be asking for is an operating system update that removes a limit on the number of unlock attempts before the phone erases itself. However, again, Apple should not be able to push such an update to an existing phone without having the user unlock the phone first.
So, while the government position is generally bad, it also seems that, in addition, there is something fishy about Apple's use of encryption on iOS.
Seems likely, anyway. On the other hand, the FBI's posture is just a constitutional overreach and attempt to institutionalize the ignoring of due process, so they're about even.
It seems to me that they blew it by saying "no" instead of "we can't". The marketing is that even Apple can't break the encryption, but now they seem to be saying they don't want to. This of course begs the question, can they? If they can, even if they choose not to, then their marketing has always been BS.
A) bring iPhone into Apple facility.
B) OOPS! Destroyed phone in freak Ives latte spill.
C) LOSS
How much could the government fine Apple? A million dollars? 100 million? A billion? Whatever!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The keys on the new phones are only five digits. They should be able to find the key in a matter of seconds.
Except you have only ten attempts to enter the correct five digits before the data is automatically wiped. A security feature that prevents a brute force attack to unlock the iPhone.
DOJ knows nothing about justice then. Let a backdoor get put into encryption, then all hackers should target all politicians, judges, law enforcement officers and attorneys and see what it means to have a backdoor in encryption.
Might as well just hand over the keys to your house, cars, combos to your safes, SSN, etc. What a bunch of fucking idiots. They have no clue at all what this means. A backdoor in something like this means someone else can crack it too. They need to get over this, it's a shift in the way things have been. They can get into your house because a burglar can too. They can get into your safe, again, because a burglar can too. But can they get into a safe that is buried 10 feet underground and you're the only person who knows where it's at? Not likely. What if all messages were delivered via paper, in person and then burned after being committed to memory and everyone killed themselves after committing the act they were planning? Then there would be no trail for cops to follow either. Sure it's more difficult to do that, but it's doable. \
We as a free people, deserve to have some privacy and our government is trying to erode every last bit of that away.
If Apple refuses then the tanks roll in so to speak, and if they comply then they will lose potentially a lot of business because the rumors will be valid about 'back-doors'. I assume there is some other crap at play since this smells like a rat.
Dave Ross, commentator on CBS Radio, proposed: Our vaunted security agencies state, loudly and publicly, that they are incapable of reading an iPhone. Apple refuses, loudly and publicly, to do anything to help, and points to our own constitution for protection. One can easily imagine a rush of bad guys to get iPhones so they can harm us with our own technology. And in the meantime . . . . are the security agencies REALLY incapable of reading it, and is Apple REALLY unwilling to help them, or is it all a honeypot meant to steer those bad guys towards a particular product?
It's not true, you can have the 4 digit pass code or you can have a 256 character alphanumeric password if you so decide. That and the fact that a brute force will lock it out entirely. I know this for a fact too, my son tried to break the 4 digit passcode on my iPad, I have nothing important on it so I don't need to lock it down that tightly, the password is simply to keep my kids off of it except for when I allow them to be on it. My son tried to unlock it, and I ended up having to factory wipe the iPad to be able to access it again.
It seems to me that would actually be a whole lot easier than all of this.
File under 'M' for 'Manic ranting'
There is a way, dot period. You don't know what you are talking about. Please, take time to search what this case revolves around regarding the breaking of the encryption. Hint: Washington's Post has a nice article about it. The iPhone is a iPhone 5c and is perfectly "breakable" provided some conditions.
Achille Talon
Hop!
I'm confused by Apple's (and slashdotters') response to this whole thing. I can't see that Apple is in the right here. This case has nothing to do with the actual encryption. There's no back door we're talking about here. Turning off the device wiping safety feature is something Apple can do without affecting anyone else. If the worry is that the government would keep this firmware and use it on anyone's phone, well, they apparently have the power to compel this anyway. And Apple has always had the power to do that. I don't see this as a privacy and security issue above and beyond the status quo. If the question was either, can you crack this encryption for us, or can you add a backdoor to the encryption, then the answer is clearly and legitimately no and a court could have to accept the first and be convinced of the second: it's not physically possible to crack good encryption, and it's a bad idea for everyone add a back door.
But as to the question, "can Apple disable the bad passcode wiping function?" yes they absolutely can. Hence the court order. Apple cannot say this is impossible for them to do. Hence by refusing to comply they are clearly in contempt of court. Will be interesting to hear how they plan to battle this out in the courts (and why they would want to).
I am clearly missing something here.
After all is said and done I doubt the FBI will find much of value on the phone. I'll be the first to admit good, old fashioned detective work is still the key these days, though law enforcement apparently wants things to be quicker and easier electronically.
They don't say it's impossible. They say it sets a dangerous precedent, which people tend to agree to.
I also see why people have issues with Apple doing what they are doing right now - but it's not illegal to exhaust all legal means!
Windows 2000 - from the guys who brought us edlin
If that were the case then I don't think the FBI would have such a problem unlocking the phone.
I know, there are political reasons for why the FBI could be pushing this angle so hard even, if they do have the ability to unlock it. But the fact that they would push at all implies that it is not a trivial process and, perhaps, a non-zero chance of failing and wiping the device by accident.
My eyes reflect the stars and a smile lights up my face.
It's pretty simple.
Get A Warrant.
A court order.
Stop trying to end run and slurp up all the info.
As all of us who are aware of the actual capabilities know, it's not like there aren't other illegal means for them to get the info anyway.
They just want to not have to do their jobs as prescribed by the US Constitution and get all our stuff for free.
No. Follow the legal prescribed procedures and stop acting like the Stasi.
-- Tigger warning: This post may contain tiggers! --
They dont need a warrant, The phone in question was his work phone. He worked for the government.
If the iPhone has separate memory chips (as opposed to being a single SOC):
1) power down the phone completely, battery out, PS caps shorted
2) physically remove the flash memory
3) copy flash memory off in custom jig
4) brute force without iOS or Apple hardware even being involved.
OTOH, if it's an SOC, then the chip's surround (epoxy or whatever) has to be removed and the chip itself attacked to separate the flash from the rest of the hardware. Much tougher (but still doable, if there's good enough reason and the required budget and gear.) Then, step 4 as above.
Nothing is inherently truly secure if you can get the storage device physically free of the encompassing controller(s.)
But someone up higher probably had it close to right: It's not that people that smart won't work for the FBI, it's that the FBI is institutionally unable to hire people with those skillsets. If ever there was a federal agency with a stick so far up its ass you could build a treehouse on it, the FBI is that agency.
They HAVE a court order. Apple is arguing that the court order is like a military draft, forcing Apple to become an agent of the security agencies, and incidentally costing them something at the same time. I'm betting this will go all the way up to the Supreme Court, by which time some kind of "secure facility" compromise (and remuneration agreement) will have been prepared in the background.
'nuff said.
https://www.youtube.com/c/BrendaEM
But the fact that they would push at all implies that it is not a trivial process and, perhaps, a non-zero chance of failing and wiping the device by accident.
A defense attorney could challenge the data recovery admission as evidence in public court, forcing the FBI to reveal exactly how they were able to unlock the phone to recover the data. The government does not like reveal sensitive information in public courts, which often withdraws the evidence and/or let the case collapse. The workaround is to set a legal precedent that would force companies like Apple to do the data recovery for them.
It is not a crime to do nothing. If Apple already has a key, they can be compelled under discovery to turn it over. But they can't be compelled to create one if it does not exist. You can't require someone to act against their will. That is called slavery.
"He took a duck in the face at 250 knots." -- William Gibson, Pattern Recognition
Because it's a 'give us everything we might feel like' court judiciary order, not a panel of federal judges limiting the search appropriately.
Let me put this simply for you. The Constitution allows me to only search your home. Or your car. Or your phone. Or your kid's backpack. But I have to specifically limit what I ask for, and for each thing, I need a legal reason to search and I can't just EMPTY YOUR HOUSE, YOUR CAR, YOUR PHONE, AND YOUR KIDS BACKPACKS and use all of it to find anything I feel like. I have LIMITS.
The problem is Apple is saying "where is the limited court order" and the Stasi is saying "we want to take everything and not tell you what it's for and why we need it" and then they burn your house and your car down and sell your kids' backpack contents on eBay in Japan.
Do you get it NOW?
-- Tigger warning: This post may contain tiggers! --
if the phone had the details of where a bomb was placed on the apple campus and it was set to go off april 1st. Would they let their campus go boom or would they decrypt it? I already know this post is going to get downvoted into oblivion...
For which San Bernadino is then looking stupid for not placing the phone under some kind of enterprise mobile device control allowing the true owners the ability to unlock the phone and read the contents.... This is why none of the news and 3 letter agencies are stating the real fact of ownership, because then they look inept for not doing basic device control.
We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
In other news, the DOJ/FBIs' insistence that Apple can, but won't, unlock the phone or do some magic that allows them to access the phone's content is also marketing. They're trying to make us sheep believe they need access to all our secrets to keep us safe. I'm not buying their pitch that OMG terrorists, mass shooters, criminals or other element can or will destroy our country if the Feds can't access everyone's devices and accounts.
That will be difficult, or not possible, with a piece of evidence. Apple cannot possess the phone at any point. Anything sent to, or run on the phone MUST NOT alter any non-volatile storage AT ALL.
In the end, I'm pretty sure there's nothing of merit on the phone anyway. But, by doing this once, they've been proven to be able to do it AGAIN.
It was only a few years ago that SFPD officers and Apple employees were busting down doors together to recover (lost, not stolen) iPhone prototypes. Did Apple Impersonate Police To Recover the Lost iPhone 5?
The FBI made this issue public.
Trying to make Apple look like the bad guy, to generate public sympathy.
Yes, I got it the first time, and I wrote that some kind of "secure facility" . . . oh, wait, sorry, I wrote a lot more in another posting separately. Yes, a search warrant has limits (though police are frequently known to go beyond them). OTOH it's not quite as specific as one would like to think, especially if written properly (like any sneaky contract). If they get a warrant to search your home for evidence of a particular crime, say a particular kind of weapon, they CAN go through every room and every item because you might have hidden it anywhere. There was an interesting article in the NY Times pointing out that Apple changed policy about a year ago; they used to work with law enforcement more easily, and then started insisting on specific paperwork at around the same time that they started emphasizing security. They're right. You and I are in violent agreement. Next time, don't be a jerk by assuming that the other person is a jerk.
If there are 10,000 possible passphrases and you can try ten per hour, then you can unlock the phone within, at most, 42 days.
Which is probably less time (and certainly less costly) than this court fight. I wonder if Apple could write and test the custom software in 1000 hours? Likely not, if it's done right.
If you're a zombie and you know it, bite your friend!
The DoJ says that Apple's stand on not unlocking the terrorist's iPhone is "just marketing". JUST marketing? This is GENIUS-level marketing. I'm a PC and Android guy, but I'm tempted to buy a 128GB iPad just to show some solidarity with Apple. Most of us Libertarians don't have much use for the big-government stance that Apple has always shown, but if this is the case that it takes to put some daylight between Apple and the Socialists, then I guess I can't complain.
The entire thing is a Trojan horse. The FBI and federal law enforcement agencies in general have spent the last three years trying to find the perfect case; a terrible person with an iPhone and some plausible excuse as to why the feds have to demand that Apple break their own encryption schemes. And here comes Syed Farook, the poster child for terrible, with a locked iPhone that's actually owned by the San Bernardino Department of Health. If there weren't 12 bodies, I'd suspect that it was staged by the feds.
The cops tried, and starting last year, Apple has been refusing to help. Back in iOS7, it wasn't that much of a chore for Apple to unlock a phone - but that's exactly WHY Apple wrote iOS8 and iOS9 to make it nearly impossible for Apple to break into newer iPhones. And even the hack that the Feds are demanding for Farook's phone wouldn't work on an iPhone 6 or newer, because they've enhanced the security in the hardware layer itself.
Of course, I read that the New York DA has a list of a few DOZEN cases they plan to file and demand Apple's help on, if Apple rolls over on this one.
I hope they don't. Apple, take this all the way to the Supreme Court!
Because if you fail to enter the appropriate key too many times it locks down the device.
BeauHD. Worst editor since kdawson.
> just marketing
Yes, much like your instructions to create a 1984-like warrantless panopticon is just political marketing by politicians preening in front of voters.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
This would be a duplicated effort. The large companies involved and the mindless apathetic user are already doing a pretty good job of ruining the tech industry.
If it ain't broke, don't fix it.
The DOJ's position of the matter is marketing. Giving hyperbole speculative statements about what they MIGHT find to justify setting a precedence that the government can limit how much encryption its citizens can actually own.
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
The US federal government has been acting like a barely trained 800 pound orangutan with a moderately educated owner at the leash. When the government sees an obstacle you get the orangutan owner saying "Right turn, Clyde." (Is that too obscure of a reference?)
The government has had success with having their trained ape beating results out of the public and the public has responded. We created something that their trained ape can't just beat out of people. Had the government not been so willing to break into our records then we would not have developed such encryption so quickly and used so widely.
Basically the government made this bed and now they have to sleep in it. Forgive me if I have little sympathy for their problem.
I am armed because I am free. I am free because I am armed.
Brilliant! You should call the FBI immediately and let them know!
Last post!
Even with MDM solutions you can't unlock the phone. You can *wipe* it, and if you control the email for the iCloud account you can even restore it to factory default and reuse the hardware. But you can't just open it and see what's inside.
Wow, at least click on the link I provided
I read through everything there which is more than you did, moron.
The FBI then made its tailored request, which Apple asked to be placed under seal
So Apple didn't hide anything THEY did, they asked the FBI request to be sealed. Moron.
Did I mention you are a moron?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
To what end?