Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoJ Wants Apple To Decrypt 12 More iPhones (macrumors.com)

Posted by timothy on from the but-each-one-is-a-one-time-exception dept.

tlhIngan writes: The Wall Street Journal (paywalled) is reporting that the Department of Justice is seeking Apple's help in decrypting 12 other iPhones that may contain crime-related evidence. The cases are not identified, though a list of the 12 phones in question has come out, but it is not known what level of Apple assistance is required (i.e., how many of those cases are waiting on the FBI request for special firmware to be developed and to be used on "one more phone"). It appears Tim Cook's assertion that hundreds of requests are waiting on this software may not be a fabrication, and the goal is not about just one phone, but to set a precedent to unlock more phones. As TechDirt (which also lists those 12 cases, a list which certainly does not encompass all the phones the Feds would like to peer into) puts it, "[O]nce again, Director Comey was flat out lying when he claimed the FBI has no interest in setting a precedent."

25 of 285 comments (clear)

  1. The duck quacked by Tablizer · · Score: 5, Insightful

    Tim was right: gov't wants to open Pandora's box.

    --
    Table-ized A.I.
    1. Re:The duck quacked by ShanghaiBill · · Score: 5, Informative

      Here are a some non-paywalled links:

      http://www.reuters.com/article/us-apple-encryption-idUSKCN0VW0BM
      http://www.macrumors.com/2016/02/23/doj-vs-apple-12-court-orders

      If the new owners of Slashdot really want to improve this site (and I have seen no evidence that they do), a good first step would be stop linking to stories that are paywalled, or that prohibit adblockers. There are always plenty of alternatives.

    2. Re:The duck quacked by knightghost · · Score: 4, Insightful

      DOJ actively works against citizen's interests. In this case, they are demanding a WMD that will be used by governments and criminals against hundreds of millions of people.

      The FBI already has tremendous search capability and that is increasing given how corporations track people then sell that data.

    3. Re:The duck quacked by NatasRevol · · Score: 4, Informative

      Here's a link to an article showing that there's hundreds or thousands of state/local cases waiting for this exact precedent.

      http://www.nytimes.com/2016/02...

      To that point, the New York City police commissioner, William J. Bratton, and the Manhattan district attorney, Cyrus R. Vance Jr., criticized Apple after it refused to comply with the court order and said that they currently possessed 175 iPhones that they could not unlock.

      Charlie Rose recently interviewed Mr. Vance and asked if he would want access to all phones that were part of a criminal proceeding should the government prevail in the San Bernardino case.

      Mr. Vance responded: “Absolutely right.”

      --
      There are two types of people in the world: Those who crave closure
    4. Re:The duck quacked by flopsquad · · Score: 5, Funny

      Tim was right: gov't wants to open Pandora's box.

      Pandora's Box, whoa!! Slow down, pardner. We just want to investigate 12 phones! That's only 11 more than the 1 phone we claimed was The Only One That Needed to Be Unlocked.

      I mean, when you really think about it, 11 is a pretty small number. You can't even get a dozen eggs with only 11 in there. Would you not crack a handful of eggs to Stop Terrorists From Killing Us All? They probably have sarin gas hidden under an orphanage, and that blood will be on Tim Cook's hands.

      Oh, and we're gonna need to use this for a few CP stings, just the very worst of the worst, really only like 350 devices. What's 350? I mean, that's not even 10 minutes worth of seconds! Can we not spare a few minutes to Keep Your Children Safe? Being against decrypting these phones is basically like letting a predator live in your basement and eat your Goldfish crackers while you tell the cops you've never met him.

      Right, and there's about 10,000 devices involved in drug crimes we'll be needing to do this for. Drugs are bad, and you don't want your kids being Forced at Gunpoint to Try Meth, right? It's not like it's *your* phone, it's a bunch of violent thugs who were born this way, like Lady Gaga.

      There's no other way to stop a black market that we ourselves created than to step just a tiny tiny bit on civil liberties. Terrorists, pedophiles, and cartel assassins don't really *need* civil liberties that badly, do they? Maybe the extra civil liberties we're taking from them we'll give to you good people, like in a tax credit or something.

      Look, while we're at it, Sony and UMG are telling us that lots of phones have pirated music and movie content. This is Probably Responsible for Kanye West Being $50 Million in Debt, and you don't want him to starve in the streets, do you?

      We just want to use this court-sanctioned decryption process in a targeted, limited way to inspect every device that comes within 150 miles of a border or port of entry to the US. And any time someone is stopped or questioned by law enforcement. And at random checkpoints. But they'll have juice and cookies at the checkpoints! And shackles, but mostly snacks!

      It's Kanye West fachrissakes! He's a musical genius, said it himself! And while we're looking for any unauthorized copies of any music, movie, or software, or evidence of participation or support of any act of piracy, we can *also* check for terrorism links, CP, drug use references, GPS data that would indicate a traffic violation, evidence of any past criminal activity, plans to stage disruptive protests, and other unamerican activities.

      And just to pacify you civil liberties nuts, this means we won't have to target those other 10,362 people! Don't say we never did anything for you.

      Pandora's Box... lord you anti-government nutters and your hyperbole!

      --
      Nothing posted to /. has ever been legal advice, including this.
    5. Re:The duck quacked by RavenLrD20k · · Score: 5, Informative

      Ummm...I've seen you here for a very long time, and with such a low UID, you've been here a while... have you never used the Submission system before to know how it works? You know, the community user (not an editor) goes out on the internet, finds an article that he thinks would be good for the site, posts a summary with (hopefully) a link... and then the "editors" (I wonder how much of the firehose acceptance procedure is automated, given the amount of times I've seen early stories have had broken links that had to be, and eventually were, fixed) will pull that submission in to display on the front page.

      Judging by the fact that your MacRumors link seems to have been added to the summary and noted as the primary link in the headline; as well as a link to techdirt added post user quoted summary...I think it's safe to say that the human editors have gone back and added some of the more open links that you've suggested, albeit keeping the original user submitted WSJ link. Already that's marginally better than how it used to be with direct copy and only an edit if a story /summary posted was wildly inaccurate...and often not even then.

      How fast do you really expect this site to change under new ownership, anyway? We've already made our distaste for overwhelming change very much heard with the previous masters (slashdot beta...yes, it was a bad design...but boy did we as a community let them know how we felt about it). I frankly don't blame Whipslash & team from taking their time with deciding on what changes to start implementing. They even devoted a full article/discussion to getting community opinions on the matter. They know we're the sort that run for the pitchforks and torches whenever something is slightly amiss (you can put yours down for the moment...seriously), and they're not going to want to upset that balance for fear of revolt or (worse for them) mass exodus.

      In summary: The new /. team is going to need at least a few months to get the new code worked out and I wouldn't be surprised if it's all going to be stuff that we as a community wouldn't even notice unless we were completely focused on the subtle. As a WebDev rolling out a new site for my company, it took us over a year of planning and 6 months of coding to get things to where a completely fresh new site was rolled out (granted...as a software house, we move slower than what appears to be the norm). All the back end automation stuff is probably going to be streamlined and fluffed to serve the new masters before we start to see ANYTHING on the front end.

    6. Re:The duck quacked by Shoten · · Score: 4, Insightful

      If the new owners of Slashdot really want to improve this site (and I have seen no evidence that they do), a good first step would be stop linking to stories that are paywalled, or that prohibit adblockers. There are always plenty of alternatives.

      I think the solution is for people not to submit links that are paywalled, or that prohibit adblockers.

      --

      For your security, this post has been encrypted with ROT-13, twice.
    7. Re:The duck quacked by erapert · · Score: 5, Insightful

      Why is this modded funny? Isn't there a mod option for "deadly serious" or "too real to be funny"?

    8. Re:The duck quacked by whipslash · · Score: 4, Interesting

      You're right on

    9. Re:The duck quacked by whipslash · · Score: 5, Informative

      When the news broke it was originally reported by only the WSJ so we wanted to provide the breaking news before waiting for another site to regurgitate the news. Once they did, we updated the story (which was submitted to us by a user and voted up in the firehose).

      No evidence that we want to improve the site huh? Well I answered hundreds of questions here on how we can improve Slashdot: https://ask.slashdot.org/story...

      In the 3 weeks we have owned the site we have removed the "Jobs" section, discontinued "Videos" (by popular demand), fixed the search bar, have the groundwork laid to roll out https in the next week or two, and are well on our way to supporting Unicode.

    10. Re:The duck quacked by whipslash · · Score: 4, Insightful

      We're not being paid to steer you into paywalls. In fact we have made a concerted effort to stop linking to paywall sites. However, when the news is breaking we'd rather you guys have the news, and update the story as soon as another source is available.

    11. Re:The duck quacked by Pfhorrest · · Score: 4, Insightful

      As someone who doesn't pay a whole lot of attention the the behind-the-scenes stuff going on about Slashdot, I just want to say that you guys, whoever you guys are now (I wasn't even aware of a change of ownership and have no idea who the new owners are), seem to be doing a good job so far or at the very least exhibiting the attitude of someone who'll do a good job.

      --
      -Forrest Cameranesi, Geek of all Trades
      "I am Sam. Sam I am. I do not like trolls, flames, or spam."
    12. Re:The duck quacked by thegarbz · · Score: 4, Funny

      so we wanted to provide the breaking news

      Oh man you're going to ruin my relationship with my girlfriend. We had a good thing going here. I would sit in the study on the computer, she'd be in the living room on the TV. I'd read a slashdot article and start a sentence with "Hey did you hear...." to which the answer would always be "Yes that was in the news 2 days ago, stop reading slashdot"

      I wish this was made up.

    13. Re:The duck quacked by NatasRevol · · Score: 4, Insightful

      It doesn't matter.

      That's the whole point.

      Once the precedent is set, it's a free for all.

      --
      There are two types of people in the world: Those who crave closure
  2. Hipster Terrorist? by wkwilley2 · · Score: 5, Insightful

    The San Bernadino phone was just the start, pretty soon, it will be "DOJ wants the backdoor keys for all your iPhones"

    --
    Have you ever fallen asleep at the keybhanusdiog?
    1. Re:Hipster Terrorist? by clodney · · Score: 4, Interesting

      Where I think this is going to get interesting is what happens next.

      From my perspective, and I assume from Apple's, they have a security vulnerability in the current version of iOS: anyone with the Apple signing key can sign firmware, which can then be loaded onto the phone without unlocking the phone first. This custom firmware can then defeat the measures designed to prevent brute forcing of the users passcode.

      Regardless of whether they win or lose the current court battle, I expect Apple to fix the vulnerability in the next version of iOS. I think that is as simple as altering the operating system so that if new updates are applied without an unlock, the original OS/firmware wipes the phone *before* applying the update. That plugs the hole because before the brute force friendly firmware gets installed, the data is destroyed.

      Suppose Apple loses the case - I doubt this new version of firmware technically counts as contempt of court, but certainly after having had their cooperation be compelled by the government, said government will not be happy if Apple decides to make sure they can't get forced in that particular way again, and I would expect some level of retaliation by the courts/government.

    2. Re:Hipster Terrorist? by MitchDev · · Score: 4, Informative

      With increasing delays on how long you must wait to try again after about 5 failed attempts...

    3. Re:Hipster Terrorist? by Marco+Polo · · Score: 5, Informative

      Depends on how long "Jest laying around is" 2 hrs and 21 mins then yes.

      Depending on how long you have it you can LOCK it for a few mins and They can't use it.

      TRY - wait time ---- Total Time
      1-5 -- none ---------- none
      6 ---- 1 minute ------ 1 minute
      7 ---- 5 minutes ----- 6 minutes
      8 ---- 15 minutes --- 21 minutes
      9 ---- 60 minutes --- 81 minutes
      10 -- 60 minutes ---141 minutes
      11 -- black screen -- wiped device

    4. Re:Hipster Terrorist? by DarkOx · · Score: 5, Insightful

      What is amazing to me is this isn't even a fourth amendment/privacy/fifth amendment/rights of the accused/exclusionary evidence/ type question. Its a question of very very basic freedom.

      Apple sells a phone, they are not necessarily in any on going business relationship with the owner of said phone after that happens. The DOJ argues though that they should be able to phone them up and demand they create something which does not today exist (an unlock tool or firmware without protections). So Apple who was not a participant in any crime, an accessory, or in material possession of evidence etc now must act.

      This quite literally sets the precedent the DOJ can conscript and individual or organization who has ever sold or manufactured something to assist in an investigation! We are supposedly not slaves! This very concept should be offensive to all freedom loving Americans and frankly anyone who isn't siding with Apple on this "Hates Freedom."

      Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves. --William Pitt

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  3. All together now by Anonymous Coward · · Score: 4, Informative

    "This is my surprised face."

    Meanwhile: "...New York City police commissioner, William J. Bratton, and the Manhattan district attorney, Cyrus R. Vance Jr., criticized Apple after it refused to comply with the court order and said that they currently possessed 175 iPhones that they could not unlock."

    So that's 188 on the list so far...

    1. Re:All together now by Anubis+IV · · Score: 4, Informative

      Indeed. Here's the New York Times article that's the source for that information about New York already having 175 iPhones lined up to be unlocked if this precedent gets set. The FBI's assertion that this is just about one case is pandering to the public's short attention span by downplaying the ramifications this case would have on others.

  4. Bruce Schneier says by Okian+Warrior · · Score: 5, Interesting

    My go-to person for security issues is Bruce Schneier. Here's what he says about the issue:

    The current case is about a single iPhone 5c, but the precedent it sets will apply to all smartphones, computers, cars and everything the Internet of Things promises. The danger is that the court's demands will pave the way to the FBI forcing Apple and others to reduce the security levels of their smart phones and computers, as well as the security of cars, medical devices, homes, and everything else that will soon be computerized. The FBI may be targeting the iPhone of the San Bernardino shooter, but its actions imperil us all.

    He elaborates on this in another section:

    This is an existing vulnerability in iPhone security that could be exploited by anyone.

    There's nothing preventing the FBI from writing that hacked software itself, aside from budget and manpower issues. There's every reason to believe, in fact, that such hacked software has been written by intelligence organizations around the world. Have the Chinese, for instance, written a hacked Apple operating system that records conversations and automatically forwards them to police? They would need to have stolen Apple's code-signing key so that the phone would recognize the hacked as valid, but governments have done that in the past with other keys and other companies. We simply have no idea who already has this capability.

    The best solution I've seen so far, from right here on Slashdot, is to have future firmware updates require the phone to be unlocked. IOW, the user is presented with an alert, and the user must type in the passcode before the update is applied.

    This would seem to solve the problem for future releases, Apple could legitimately say that there's no way to unlock the phone.

  5. Camels nose ... by gstoddart · · Score: 5, Insightful

    This will open the floodgates of making all of these companies be responsible for developing tools for law enforcement to demand access. And then law enforcement will demand they simply be given those tools to avoid the whole pesky court system and due process.

    Welcome to the future, where law enforcement wants it to be illegal for you to have information they cannot access, and failure to allow yourself to be spied on is a criminal act. You can't have any freedom and security because they need to remove it to protect your freedom and security.

    You have nothing to fear if you have nothing to hide, citizen.

    In Soviet America, phone unlocks you.

    But keep telling yourselves you don't live in a surveillance society, one day you'll believe you have always been at war with Eurasia. Failure to comply is now a thoughtcrime.

    What happened to those oaths to defend and uphold the Constitution, instead of wiping your ass on it?

    --
    Lost at C:>. Found at C.
  6. DOJ is bored and wants nudes by wardrich86 · · Score: 4, Funny

    DOJ is requesting remote backdoor capabilities to all phones so that they can browse for hot nudes at any time anywhere. They originally wanted it to stop terrorism, but then realized that every other thing they've done to try to stop terrorism seems to have failed miserably. The DOJ is happy to announce that this time their plans will be used 100% as expected, and will for sure have great success.

  7. Hacking is irrelevant, only the precendent matters by taustin · · Score: 4, Interesting

    Once the precedent is set, the feds are only a national security letter away from telling Apple (and all other phone an IoT manufacturers) that "your next routine iOS (or whatever) update will have remote access to everything that we can activate without your involvement, and if anyone finds out it exists, you go to prison." That's not a hack, that's a built in back door, as part of the OS, and no security can possibly protect you from the manufacturer's deliberate intent.

    The precedent is the only thing that matters here.