Apple Lawyer Ted Olson: Creating Unlock Tool Would Lead To 'Orwellian' Society

Apple's lawyer, Ted Olson, explained in an interview with CNN that what the government is asking Apple to do is "limitless." Olson explained that if the tool that the government wants is created, any judge anywhere could essentially order to list to any customer's conversation, track location, and much more. The lawyer likened it to an Orwellian "big brother" type society. When pressed about how Apple could potentially help fight terrorism by creating a tool to access locked devices, Olson explained that while Apple will help the government defeat terrorism in every way that it can, it can't be done by breaking the Constitution.

pretending that back doors dont exist

[Rockoon]

Pretending that back doors don't exist is what will create an Orwellian society.

The back door is already there. Thats the problem. The problem isn't that the government wants Apple to use it, and certainly not that the government wants Apple to create one (remember the original narrative?)

Re:pretending that back doors dont exist

[Rosco+P.+Coltrane]

You miss to point: Apple - and Google, and Microsoft - would much rather do the big-brothering themselves for their own profit, and don't want to give that power to the government.

1984 is already happening, but Orwell got one thing wrong: the tyranny is coming from the private sector, not the government.

Re:pretending that back doors dont exist

[Rumagent]

Spot on!

Apple i perfectly capable of cracking your device. They are not fighting for privacy. They are fightning for the appearance of privacy because it is good for business.

It seems to me that either they follow the legal requests (which they are) or they get their shit together and create a phone that is actually secure.

Re:pretending that back doors dont exist

[alvinrod]

I believe they already have made one that's more secure. Apparently this particular attack vector only works on older iPhones, which the shooter had in this case. I wouldn't be surprised if the next phone is completely impossible (so much as anything can be at least) for even they themselves to hack. Apple makes all of their money from selling expensive hardware, not customer data, so they don't have much financial motive for needing an access to that data and their inability to do so only makes the hardware more attractive.

Re:pretending that back doors dont exist

I believe they already have made one that's more secure. Apparently this particular attack vector only works on older iPhones, which the shooter had in this case. I wouldn't be surprised if the next phone is completely impossible (so much as anything can be at least) for even they themselves to hack. Apple makes all of their money from selling expensive hardware, not customer data, so they don't have much financial motive for needing an access to that data and their inability to do so only makes the hardware more attractive.

What if the governements orders Apple to create iphones that are breakable ? Thought about that ?
People are fucking stupid and don't understand that technology is never the answer to a societal problem.
Politics is. Apple is doing the right thing. If the government wants to break the iphone they have at their disposal billions of dollars, talent and infrastructure beyond even what is available to Apple. So why don't they do it ? Because once the precedent of making a company do your bidding is made private companies are fucked for life. The government is playing the big game here. If they break Apple we'll never ever again have a computer industry that protects the consumer. We don't live (at least for the time being) in a dictatorship and the constitution is still valid. You can't just through it away because of crime or "insert any other bogey man of the week".

Re: pretending that back doors dont exist

[ColdWetDog]

Just where in the Constitution is this guarantee of privacy?

Re:pretending that back doors dont exist

[fustakrakich]

The 'private sector' owns the government. It created and maintains the government. The government serves its masters well, or it ceases to exist.

Re: pretending that back doors dont exist

The rights to unauthorized search and seizure, pretty obvious...

Re: pretending that back doors dont exist

The USA constitution doesn't guaranty privacy, no matter how much people wish it did. I wish my e-mail was constitutionally protected in the same way as my postal mail, but it isn't and never will be.

Re: pretending that back doors dont exist

[currently_awake]

The US supreme court added it in. (really).

Re: pretending that back doors dont exist

[beheaderaswp]

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

There is a while bunch of privacy law that hangs on this.

Re: pretending that back doors dont exist

Those who miss the fact that the entire US Constitution is designed to explicitly define where the gov't power ends and human privacy starts are too stupid to breathe. The Constitution points this out, explicitly and implicitly, in the 9th amendment:

"The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people."

Which translates to, "If we didn't think of a right and list it here, it devolves to the people by default NOT TO THE GOVERNMENT".

Re:pretending that back doors dont exist

[ranton]

The back door is already there.

Prove it or STFU

Apple has claimed it will take "two to four weeks [...] for six to ten Apple engineers and employees dedicating a very substantial portion of their time" to comply with the government's request.

If a company the size of Apple can spend about $100,000 of developer time to get to your data, I think it is only semantics to say the back door doesn't already exist. It would be the equivalent of me saying your house is secure from me breaking in because it would cost me 25 cents to create a master key to your home.

Re:pretending that back doors dont exist

[currently_awake]

If unlocking your phone is done by the OS, and Apple can update your OS without your consent, then they can always unlock your phone.

Re:pretending that back doors dont exist

[ranton]

If a person as rich as Bill Gates can spend about $11,000 of contractor time to finish his house, I think it's only semantics to say the house doesn't already exist

There, I fixed your analogy so it lines up with the scale of money we are talking about and so it fits the scenario better.

Re:pretending that back doors dont exist

[occasional_dabbler]

Why was this modded Troll? This is the best post on the thread.

Re:pretending that back doors dont exist

[ranton]

Actually Gates is worth about 1/3 what Apple is ($70 billion vs. $200 billion), so it should be $66,000.

It doesn't change the point that regardless of cost, the house doesn't already exist just because it's cheap (to you) to build.

To fit your analogy better, Apple has spent billions on R&D for the iPhone over the past decade. The end result is a phone that only requires $100k of additional development to break its security. If it is that easy to break into their own phones, I do contend they already have a backdoor; they just didn't finish putting the door knob on yet.

And lastly, from what I can find Apple has almost 8x the net worth of Bill Gates, although I wrote my original post after reading an article from last year when Apple's stock price was high enough they were worth almost 10x as much.

Re:pretending that back doors dont exist

[ranton]

Specifically it would take Apple that long to do it. For someone else to try and do it would be much harder as they would have to figure out a way to sign the code without having access to Apple's distribution certs or steal them somehow.

Knowing how to build a sledgehammer to bash in a door to gain access isn't the same as a backdoor existing.

But in this case, creating a wall weak enough that a sledgehammer can break into it is no different than building a backdoor yourself. We are talking about a phone with billions of dollars of R&D spending behind it that can be compromised by $100k of development. As I said in another post, they may not have completed a backdoor but they basically just need to finish installing the door knob.

Re:pretending that back doors dont exist

[Etcetera]

Specifically it would take Apple that long to do it. For someone else to try and do it would be much harder as they would have to figure out a way to sign the code without having access to Apple's distribution certs or steal them somehow.

*In best Wonka voice*
Tell me again how Homebrewed PS3 CFW isn't available

Re: pretending that back doors dont exist

[Mass+Overkiller]

The Constitution provides the rules to run the government. It does not provide the rights of the people. The rights of the people are automatic and "god" given. The Constitution restricts the function of government. Therefore, rights of the people are inalienable. The right to privacy is automatically granted. There is no need to establish it as a 'right'. The Bill of Rights is an affirmation of the inalienable rights already granted by 'the creator', or by the universe, or whatever. The Constitution is a document that creates and restricts government. It does not restrict the rights of the people.

Re: pretending that back doors dont exist

[gnasher719]

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The whole case has nothing to do with privacy. There's a legal search warrant to search the phone, and that search warrant wouldn't even be needed, because the owner of the phone agreed to it.

What the whole case is about is that the technology needed to crack this phone can be used by criminals or terrorists to crack any other phone as well.

Re:pretending that back doors dont exist

[Kjella]

Pretending that back doors don't exist is what will create an Orwellian society. The back door is already there. Thats the problem. The problem isn't that the government wants Apple to use it, and certainly not that the government wants Apple to create one (remember the original narrative?)

With enough C4 you can get into anything physical I own, that's not a backdoor it's just the degree of physical protection it has. Apple has taken the user's very weak lock (the PIN) and tried to put in a much more secure box but without dedicated hardware they had to do it in firmware. It's not a perfect solution but not many have the power to compel Apple to produce a signed firmware disabling it, don't let perfect be the enemy of good.

At worst, you're back to the user's shitty lock. At no point does Apple circumvent the user's security measures, they're just so pathetically weak it'll be brute forced immediately without Apple's protection. And they've improved it in their next generation hardware, closing even this loophole. Come on, it's the digital equivalent of a bicycle lock and you blame Apple? If you want real security, use full disk encryption with a strong password don't rely on a damn PIN.

Re:pretending that back doors dont exist

[gnasher719]

If unlocking your phone is done by the OS, and Apple can update your OS without your consent, then they can always unlock your phone.

Unlocking the phone requires the passcode. There is absolutely 100% no way to unlock the phone without the passcode. What the FBI wants Apple to do is remove a security feature that erases the phone after ten incorrect attempts. Which would be good enough because the phone uses a 4 digit passcode. With an eight digit passcode, nothing Apple or anyone can do.

Re:pretending that back doors dont exist

[thegarbz]

The back door is already there.

If it was we wouldn't be having this debate.

Re:pretending that back doors dont exist

[brantondaveperson]

can be compromised by $100k of development.

Not correct. It can be compromised by $100k of development by an organisation in possession of Apple's private signing keys, will only work on older phones, and can be defeated even on those simply by having a longer passphrase.

Re: pretending that back doors dont exist

The government is trying to compel a business to create special software.

Would this be akin to the government having a warrant to open a safe, but is unable to without potentially damaging the contents inside, so they compel the safemaker to create a special tool in order to get the safe open? Maybe this is a digital safe. But hopefully this idea is analog enough. If not...

Maybe the government has a search warrant to search one's house, but is unable to get inside of it. So the government tries to get the manufacturer of said house to device a tool to get into it.

Re: pretending that back doors dont exist

[sconeu]

And the Tenth.

The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.

Which translates to, "If we didn't say the Feds can do it, they can't."

Re:pretending that back doors dont exist

What the FBI wants Apple to do is remove a security feature that erases the phone after ten incorrect attempts.

It's a bit misleading to say that the phone is "erased" after ten incorrect attempts. It would take hours to wipe the memory on the phone and since it's flash it could never really be wiped anyway. However, it is possible to erase or at least damage beyond repair the part of the memory storing the decryption key for the individual file decryption keys. By destroying that key, which is what experts mean when they say the phone is "erased", the rest of the memory becomes unrecoverable without brute force guessing the destroyed key, which is orders of magnitude harder than breaking a 4 digit pin number.

Re: pretending that back doors dont exist

[sjames]

It does, sophistry notwithstanding. It simply isn't being respected.

Re:pretending that back doors dont exist

[oh_my_080980980]

I guess you missed that bit about Apple having to write a new OS in order to comply with the government's request. That is not a backdoor. There isn't a backdoor and you should look up what "backdoor" means. What this particular model of iPhone allows you to do is download an update. So Apple could hypothetically could push out an update, that would update the old OS with the new OS and allow the government access. Again, that's not a back door. Jackass.

Re:pretending that back doors dont exist

[oh_my_080980980]

You still don't know what a back door is...jackass...

Re: pretending that back doors dont exist

[buck-yar]

Correct, Constitution doesn't grant the right to privacy. In fact, it doesn't grant any rights. Govt doesn't grant rights. The Constitution defines the limits to govt, and enumerates its duties.

Where in the Constitution is the enumerated duty to force Apple to fabricate software?

Re: pretending that back doors dont exist

[Rockoon]

Where in the Constitution is the enumerated duty to force Apple to fabricate software?

The commerce clause, silly.

Re:pretending that back doors dont exist

[Plumpaquatsch]

The back door is already there.

Prove it or STFU

Apple has claimed it will take "two to four weeks [...] for six to ten Apple engineers and employees dedicating a very substantial portion of their time" to comply with the government's request.

If a company the size of Apple can spend about $100,000 of developer time to get to your data, I think it is only semantics to say the back door doesn't already exist. It would be the equivalent of me saying your house is secure from me breaking in because it would cost me 25 cents to create a master key to your home.

You very obviously don't understand - if Apple did what they are told to, after a couple of weeks the iPhone still wouldn't be "cracked", It just wouldn't be unreasonably hard to crack it anymore. Well, at least if the guy actually only used a 4-digit key to lock the phone,

Re: pretending that back doors dont exist

[david_thornley]

That has precisely nothing to do with the action in question. Nobody is saying there's any legal problem with breaking into the phone, particularly since it's fine with the owner of the phone. It's a question of the FBI trying to make Apple do something they really, really don't want to do.

Goodbye, Thirteenth Amendment?

[Applehu+Akbar]

We of the dark side are often accused of invoking the slippery slope argument too soon. But in this instance, if the FBI is able to convince courts that forced labor is a valid tactic to use in a terror investigation, it already has nine new cases (more according to some sources) for which it wants Apple to be forced to write custom crack code in hopes of solving. And every single one of these new cases involves the drug war, not terror.

Re:Goodbye, Thirteenth Amendment?

[Immerman]

Of course they involve terror.

The FBI is terrified that they'll stop getting their customary kickbacks from the drug cartels.

Re:Goodbye, Thirteenth Amendment?

It's not just a demand for forced labor, they're trying to compel legally-protected speech, and to set a legal precedent in the process.

Re:Goodbye, Thirteenth Amendment?

[currently_awake]

If they can be forced to help unlock a phone after the terror attack, then why can't they be forced to install spy programs on a known terrorist phone before the attack?

Re:Goodbye, Thirteenth Amendment?

[ooloorie]

But in this instance, if the FBI is able to convince courts that forced labor is a valid tactic to use in a terror investigation, it already has nine new cases (more according to some sources) for which it wants Apple to be forced to write custom crack code in hopes of solving.

This is no different from anybody else having to comply with a court order: it can be costly and the penalties for non-compliance can be harsh. This is nothing new.

As long as they can break into the phones they produce, courts can order them to do so (some courts may order reimbursement of their expenses). If Apple wants to avoid such cases in the future, they should design phones that they themselves cannot break into. That is entirely legal.

Re:Goodbye, Thirteenth Amendment?

[Applehu+Akbar]

"If Apple wants to avoid such cases in the future, they should design phones that they themselves cannot break into. That is entirely legal."

Apple has already designed iOS to be not decryptable. The FBI, like any other possessor of an encrypted device, is welcome to try writing the facilitating software it would take to allow a brute-force attack on the iPhone. Instead, it is trying to compel Apple to write the software for it, knowing that this would make it easier to break into other such devices in the future and to establish an exception to the Thirteenth Amendment as precedent. Apple disagrees with this legal maneuver.

Re:Goodbye, Thirteenth Amendment?

[Applehu+Akbar]

Yes, the FBI wants to establish "writing special break-in software that we could write ourselves if we weren't terminally clueless" as a compulsory labor exception like prison time, the draft or jury duty. Welcome, oh bootlickers, to the wonderful world this would open up to you as developers.

Re:Goodbye, Thirteenth Amendment?

[david_thornley]

Courts do not have unlimited authority. Apple is claiming that this oversteps the bounds of legal court orders.

Re:Goodbye, Thirteenth Amendment?

[ooloorie]

Courts do not have unlimited authority. Apple is claiming that this oversteps the bounds of legal court orders.

Yes, but that is an "undue burden" argument, not a "forced labor" argument; Applehu Akbar's argument was bullshit. Apple's argument may or may not be valid.

Re:Goodbye, Thirteenth Amendment?

[ooloorie]

Apple has already designed iOS to be not decryptable

That's simply false. Apple has code signing for OS updates plus insecure cryptographic hardware.

Instead, it is trying to compel Apple to write the software for it, knowing that this would make it easier to break into other such devices in the future

Again, that is also false. There is no reason to believe that such software would work for other devices.

and to establish an exception to the Thirteenth Amendment as precedent. Apple disagrees with this legal maneuver.

That is utter and complete bullshit. You do have "perform labor" when a court orders you to do so as part of a subpoena; that is not "forced labor" any more than being called up for military duty is "forced labor". A court may find that the FBI's request is an "undue burden", but such a finding has nothing to do with the 13A.

Re:Goodbye, Thirteenth Amendment?

[Applehu+Akbar]

Actually I wish you were right about the ease of decrypting an iPhone, because that would make the FBI's case even weaker. You're saying it could easily break into the iPhone by hiring its own developers, but instead chooses to go mano a mano against a company with far more money than it does, and be willing to shred the US Constitution - in an election year - to support its crappy case?

Re:Goodbye, Thirteenth Amendment?

[ooloorie]

You're saying it could easily break into the iPhone by hiring its own developers

No, it's not easy, it's a lot of work: without Apple's help, they need to get a hardware debugger, a couple of people able to use it, a couple of old iPhones with the same software version, and then try to identify the location where the unlock count is kept/updated. Then they need to take the target 5c and change the unlock count in hardware.

I think the NSA could do it easily: they probably have both Apple's source code and their keys.

but instead chooses to go mano a mano against a company with far more money than it does, and be willing to shred the US Constitution - in an election year - to support its crappy case?

I seriously doubt any of that was the FBI's intention. They had a phone from a mass murderer and wanted help getting at the data, that's all. This isn't even a privacy issue because the shooter didn't even own the phone, it is a government issued phone.

But the real issue here isn't the FBI's intention, it's the fact that Apple is presenting itself as a white knight protecting our liberty and the Constitution, when the simple fact is that their phones are not as secure as they could or should be, and that the kind of legal protection Apple is asking for is useless: it may stop the FBI, it won't stop the NSA or foreign governments. I really don't care what the outcome of the legal case is: it's irrelevant. What I care about is that people get a fucking clue, demand good crypto from their manufacturers, and realize what a shitty job Apple did on those phones.

Let's just be honest

[Masked+Coward]

While I happen to agree with Apple's position in this case, I think it's important to be intellectually honest here.

When pressed about how Apple could potentially help fight terrorism by creating a tool to access locked devices, Olson explained that while Apple will help the government defeat terrorism in every way that it can, it can't be done by breaking the Constitution.

Let's not pretend that Tim Cook, or virtually any executive at Apple, gives a shit about the US Constitution.

It's just really annoying when I see these shysters get indignant and hide behind the same Constitution that they continuously mock and use as a punchline.

Re:Let's just be honest

[bill_mcgonigle]

Maybe I'm missing something here?

The 4th Amendment 'guarantees' the people privacy against government intrusion until a judge decides it's OK for the government to search. Search. Not find, search.

The government can already get the data off this 5C if they want. Heck it doesn't even have the Secure Enclave. They can scrape the epoxy off the memory chips and read the data out in their lab. Did you see Snowden's recent video where he shows an example of this? They have a very precise robot-guided router to automate the process.

Incidentally, is anybody asking why they haven't done this already if they fear there's terrorism related data on this phone?

What they want, instead, is a electronic version of the General Warrants that contributed to starting the War for Independence - they want a guarantee of being able to find, not just search, on every device they'd like to look at.

Even with the Secure Enclave machines they can still work hard to extract the keys once they have physical access to the device. We all know nothing is secure once there is physical access.

Will they have to brute-force some PIN numbers? Of course. Searching can be hard work - nobody ever expected otherwise.

The idea that the government has the power to mandate an encryption bypass is antithetical to the nature of the 4th Amendment. Heck, Ben Franklin himself is famous for using multiple cyphers to coordinate said War *because* they had no privacy against the Colonial powers in their communications. Nobody thinks they suddenly forgot about all that when they were framing the Bill of Rights.

Re:Let's just be honest

[bill_mcgonigle]

Let's not pretend that Tim Cook, or virtually any executive at Apple, gives a shit about the US Constitution.

Whether he does or doesn't isn't terribly relevant. Tim "cares" about the privacy of his users. The 4th Amendment "cares" about the privacy of the people. They're aligned.

The Constitution that authorizes the government restricts the powers of said government. The government specifically is not authorized to obtain General Warrants; what they're asking for is the digital equivalent of King George's abuses.

Now, one might argue that the USG is no longer, practically, bound by the Constitution. But if that's the case, it's no longer authorized either. Most people would rather pretend it somehow is than admit they're living under despotism.

There's also another argument that the people need a fresh reminder of how abusive governments can be, every few generations. Jefferson wrote frequently on this, but then again he thought the Constitution should expire every 19 years so that each new generation could enter into the agreement voluntarily, and not be bound by the decisions of their ancestors.

Re:Let's just be honest

You got a link or two for the things you mentioned in your post? Not doubting you, I'm legitimately interested.

Re:Let's just be honest

[friedmud]

Even if you "scrape the epoxy off the memory chips and read the data out" all you're going to be reading out is encrypted bits. Yes, by reading out those encrypted bits it could be possible to then try to brute-force attack the encryption... but you make it sound like they could just read the data directly... which is not true.

Re:Let's just be honest

[memeplex]

The reason they don't just open the phone and read the data is that it's encrypted with 256-bit AES, which they can not decrypt any time before the sun explodes.

Re:Let's just be honest

[Masked+Coward]

Whether he does or doesn't isn't terribly relevant. Tim "cares" about the privacy of his users. The 4th Amendment "cares" about the privacy of the people. They're aligned.

I'm not sure whether or not Tim Cook cares about user privacy, but I agree about the 4th Amendment and that in this instance, their positions are aligned.

Now, one might argue that the USG is no longer, practically, bound by the Constitution. But if that's the case, it's no longer authorized either. Most people would rather pretend it somehow is than admit they're living under despotism.

Fucking spot-on, man.

Re:Let's just be honest

[brantondaveperson]

I think that on the 5C and earlier, the key portions that a required to perform a brute-force on the PIN are available on the flash. But it's hard to find accurate information on this. Certainly, on the 5S and later, reading the flash memory won't help you.

Re:Let's just be honest

[brantondaveperson]

the sun explodes.

Careful, making threats like that on a public forum could get you on a no fly list.

Apple speaking out 2 sides of their mouth

[andydread]

While I'm on Apple's side in this one. The argument that this is against the constitution is, well...arguable.

The constitution says:
"The right of the people to be secure in their persons, houses, papers, and effects,[a] against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized"

So we need a sworn court order which, to be fair, has been attained

Maybe I'm missing something here?

Re:Apple speaking out 2 sides of their mouth

[whoever57]

Maybe I'm missing something here?

Please don't post in stories on which you are completely uninformed. This particular case has no 4th amendment issues. The phone belongs to the San Bernadino heath department, so there never was an expectation of privacy.

The issue here is whether Apple can be forced to do something that they don't want to do. Something that is against Apple's business interests, something that may have 1st amendment issues, something that may negative consequences for the security of Americans.

Re:Apple speaking out 2 sides of their mouth

[kenwd0elq]

The "unreasonable" part. It's "reasonable" for Apple, on receipt of a court order, to turn over to the FBI all data in its possession concerning the terrorists, which Apple has done.

Demanding that Apple force its programmers to write custom software THAT DOES NOT NOW EXIST to allow the FBI to break into one particular iPhone is "unreasonable", and I think Cook, and Apple, are correct here.

Further, concerning the 1789 "All Writs Act", signed by George Washington back before there was much Federal law at all; if the All Writs Act can be perverted so far as to demand that Apple write software that does not exist, then what government demand does it NOT permit? Because if there aren't any limits to THIS PARTICULAR LAW, then the Constitution died in 1789, barely two years after its ratification.

Re:Apple speaking out 2 sides of their mouth

Maybe I'm missing something here?

Yes, the popcorn. Here's a bowl. Enjoy the show.

Re:Apple speaking out 2 sides of their mouth

[whoever57]

However, the FBI screwed it up by changing the password to the cloud storage so the phone can no longer be paired to the cloud

Either the FBI is very incompetent or that was a deliberate act by the FBI to create the situation that now exists. A situation that is the best possible scenario for the FBI to force Apple to unlock a phone.

The FBI has lied about this case time and time again. They even had the gall to blame the San Bernadino health department for resetting the password.

I am not convinced that there was a screwup, but instead the FBI got the password changed, knowing exactly what the consequences would be.

Re:Apple speaking out 2 sides of their mouth

[sumdumass]

Wouldn't any law written in 1789 be limited by both the US constitution as written and any subsequent amendments? I mean the law would have been passed 2 years before the bill of rights (10 of the first 12 amendments) was ratified in 1791-2. Furthermore the 13th amendment bars involuntary servitude except as punishment for a crime. Certainly any law would have to take that into consideration.

Perhaps if Apple was a cake maker or photographer this would be a lot simple to sort out.

Re:Apple speaking out 2 sides of their mouth

[MrKrillls]

"Demanding that Apple force its programmers to write custom software THAT DOES NOT NOW EXIST to allow the FBI to break into one particular iPhone is "unreasonable", and I think Cook, and Apple, are correct here."

Exactly. The FBI should have asked. And Apple would have and should have refused, as they have.

Instead, the FBI screwed up and then are trying to strong-arm Apple into repairing the mess the FBI made. Typical overreach and use of force instead of brains.

Re:Apple speaking out 2 sides of their mouth

[kenwd0elq]

Perhaps Apple should agree to write that software for the FBI, but the Professional Services fee should be TEN BILLION DOLLARS, paid in advance.

And since there are, reportedly, 8 or 9 other Federal prosecutors in the possession of locked iPhones who plan to use the FBI's precedent to make their OWN case (these cases are all drug related, not terrorism), then Apple will have set the price for this service. No discounts!

Re:Apple speaking out 2 sides of their mouth

[sumdumass]

What does that have to do with anything?

Re:Apple speaking out 2 sides of their mouth

[R3d+M3rcury]

Further, concerning the 1789 "All Writs Act", signed by George Washington back before there was much Federal law at all.

Actually, I'm wandering a bit off-topic, but this "All Writs Act" could be awesome.

Recently, Northrop-Grumman announced their new B-21 strategic bomber. They're going to build them at a cost to the taxpayer of $800 million per.

Nope! "All Writs Act!"

That's right, with the "All Writs Act," all the government needs is a court order saying that this is important for "National Security" and, bingo, Northrop-Grumman has to figure out how to build it for free!

(Yes, I'm being facetious.)

Re:Apple speaking out 2 sides of their mouth

[jader3rd]

Because if there aren't any limits to THIS PARTICULAR LAW, then the Constitution died in 1789, barely two years after its ratification.

There are limits. The word 'reasonable' and that it takes a request from one branch of government, and another independent branch to sign off on it. If either one believes that what is being asked is not reasonable, then it doesn't apply.

Re:Apple speaking out 2 sides of their mouth

[Solandri]

The 4th amendment is actually irrelevant in this case. The phone belongs to the San Bernardino County government. It was a work phone assigned to the shooter, not the shooter's personal phone.

That's a crucial fact which keeps being omitted from this debate. Apple's argument holds no water if this software can only be used at the device owner's request. It's not the government coercing them to hack an iPhone that they fear. It's Johnny's mom and dad coercing them to hack Johnny's iPhone they fear (times a couple dozen million parents). They don't want the bad PR of having the capability to hack Johnny's iPhone, but having to explain to parents why they won't do it for them.

Re:Apple speaking out 2 sides of their mouth

[jader3rd]

Demanding that Apple force its programmers to write custom software THAT DOES NOT NOW EXIST to allow the FBI to break into one particular iPhone is "unreasonable"

But what if the software does exist? Asking "Hey, can you change a couple of variables, and recompile" is not very burdensome. As for the driver to allow for PIN guesses via some other method than the touch screen, that sounds more likely to be unreasonable. But what if the code already exists? It's not too hard to imagine that Apple already has some test assembly that they use in test labs for testing PIN entries on physical devices.

Re:Apple speaking out 2 sides of their mouth

[Darinbob]

All Writs Act essentially just says that the courts can do stuff without needing micromanaging from congress.

Re:Apple speaking out 2 sides of their mouth

[kenwd0elq]

That doesn't comply with the court order, which requires that the software shall run ONLY on the target device and NO OTHERS. If it were a matter of changing some variables and recompiling, then it would violate the court order. Since Apple would violate the court order in ANY event, then they're correct to choose THIS course of action - to do nothing.

Re:Apple speaking out 2 sides of their mouth

[kenwd0elq]

Don't SAY stuff like that, not even in jest! Some congresscritter (or staffer) is likely to be lurking here, and get the idea that this might actually WORK!

But there is case law concerning the All Writs Act; demands made regarding it are required to be "reasonable", which the FBI's demand in this case is not.

But now Apple will spend a billion dollars litigating this all the way to the Supreme Court, and Apple is pretty sure that's how far it'll go - because you don't hire the former Solicitor General of the United States, who represented the U.S. at the Supreme Court, unless you're pretty sure that's where it is going.

And the fact that Ted Olson took the case is a pretty clear statement that he doesn't think this case is about terrorism. Olson HATES terrorists; his wife was on the airplane that hit the Pentagon on 9/11/01.

Re:Apple speaking out 2 sides of their mouth

[MrKrillls]

Good point but I think it requires a bit of supposition.

Re:Apple speaking out 2 sides of their mouth

[MrKrillls]

Interesting, but after one capitulation at whatever price, the rest would be mere price negotiations.

Re:Apple speaking out 2 sides of their mouth

[Plumpaquatsch]

Demanding that Apple force its programmers to write custom software THAT DOES NOT NOW EXIST to allow the FBI to break into one particular iPhone is "unreasonable"

But what if the software does exist? Asking "Hey, can you change a couple of variables, and recompile" is not very burdensome.

Yes. And that is what they will claim in the next cases already piling up, because then, not now, the software will exist.

Re:Apple speaking out 2 sides of their mouth

[Plumpaquatsch]

All Writs Act essentially just says that the courts can do stuff without needing micromanaging from congress.

Unless congress has already done that micromanagement, then they can't. In this case it's called "Communications Assistance for Law Enforcement Act".

In the section of CALEA entitled “Design of features and systems configurations,” 47 U.S.C. 1002(b)(1), the statute says that it “does not authorize any law enforcement agency or officer —
(1) to require any specific design of equipment, facilities, services, features, or system configurations to be adopted by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services.
(2) to prohibit the adoption of any equipment, facility, service, or feature by any provider of a wire or electronic communication service, any manufacturer of telecommunications equipment, or any provider of telecommunications support services.

Uh, no, it wouldn't...

[rsilvergun]

not that it would make a world of sunshine and happiness either. But Orwell's book wasn't about out of control government, it was about the negative impact of television and other forms of mass media. It always bugs me that even schools don't bother to cover this until maybe when you hit college.

Sure, I agree with Apple on this one (though I'd argue they're less concerned about freedom and more so about having to pay to write backdoors and clean up the brand damage from said backdoors). But can we stop trotting out Orwell as our anti-gov't poster boy please? The man was a socialist for Pete's sake...

Re:Uh, no, it wouldn't...

[BarbaraHudson]

Sure it was about out of control government - who do you think were controlling the media?

Re:Uh, no, it wouldn't...

[Ol+Olsoc]

But can we stop trotting out Orwell as our anti-gov't poster boy please? The man was a socialist for Pete's sake...

Any full blown 'ist is indistinguisable from another.

Re:Uh, no, it wouldn't...

[fustakrakich]

who do you think were controlling the media?

The businesses that own it. They get people to vote for compliant politicians.

We're already there

[Nunya666]

Thanks to the NSA and the Freedom Act, we're already there.

Kudos to Apple for trying to limit the scope of the problem, but they can't prevent something that already exists.

Modern codebreaking is HARD

[Immerman]

If Apple is doing their job right, that's not possible - a flawless implementation of a decent modern encryption algorithm would take the combined computational resources of the entire planet many thousands of years to break a single code. Even most accidental flaws don't reduce that time to something terribly useful.

Unless of course someone has a functional quantum codebreaking computer, then it should only take a few hours, depending on speed. Has anyone heard if there are any cryptographic schemes in use that would be resistant to quantum codebreaking? Seems like that should be a really high priority considering that there may or may not already be such machines in existence, and if not there almost certainly will be within a matter of a few years or decades.

Re: Modern codebreaking is HARD

[bsdaemonaut]

This has little to do with the actual algorithm. The government plans to simply brute force the 4 digit code. The change involved is to remove the 'retry' limit that would cause erasure. Apple could have deployed the best encryption available and it's still just a couple of hours max to brute force your way in. Hell, a human being could sit there and do it. It was silly of them to provide a way to update the OS without unlocking the phone and that's likely what they'll change.

Re: Modern codebreaking is HARD

[Immerman]

Certainly that's what they'd like to do, but if it were as simple as that they would simply copy the data off the device and brute force it on any PC within minutes since there are so few PIN options. Sadly(for them), as I understand it the PIN only grants access to the hardware-embedded encryption key, not directly to the data itself. So they need Apple's cooperation to bypass the lockout safeguard.

And that strategy has nothing to do to with the NSA building a codebreaking supercomputer, which is the idea I was responding to.

Isn't There A Less Biased Source?

[Bing+Tsher+E]

Pardon me, but isn't there a less biased source to link to for this issue?

9to5mac sounds like a fanboy site. Are we going to have stories linked to Infowars, Free Republic or DailyKos about Hillary before long?

Re:SPiPhone

[Mister+Transistor]

Nah, call it the FBiPhone!

Adjust accordingly

[ByTor-2112]

So basically, your phone is still your enemy, and anyone with physical access to the device will eventually be able to defeat all of your safeguards. This same situation exists with laptops and other computers. Even if your entire system is encrypted, at some point you must enter a key. It would seem that anyone with physical access to the hardware can intercept that key by some means. The only "hard" problem is this ex-post facto style access where the keyholder is dead. I guess the cops will have to stop shooting first and develop better non-lethal methods.

My question is, since we now must assume that everything the FBI is proposing has probably been done, is anything safe? If you start from an initial state of not even trusting your hardware, how can you establish trust?

Re:'society' allows 1000s of us to die starving da

[Ol+Olsoc]

100% preventable,, mostly kids, our spiritual & physical allies all over the wwworld... calling it/us society must be another madison ave, tackdick? like cold or civil war? all part of our wmd on credit greed fear ego based never ending holycost.. talk about a fairytail... truth+mercy=justice !in the moms we trust!.

Holy crap, see what happens when you hid a stoner's Fritos?

facecrime

"It was terribly dangerous to let your thoughts wander when you were in any public place or within range of a telescreen. The smallest thing could give you away. A nervous tic, an unconscious look of anxiety, a habit of muttering to yourself – anything that carried with it the suggestion of abnormality, of having something to hide. In any case, to wear an improper expression on your face (to look incredulous when a victory was announced, for example) was itself a punishable offense. There was even a word for it in Newspeak: facecrime, it was called."

"The telescreen recieved and transmitted simultaneously. Any sound Winston made, above the level of a very low whisper, would be picked up by it; moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever the wanted to. You had to live- did live, from habit that became instinct- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized."

-Some quotes from 1984

Mmm Irony

[Greyfox]

That feels like a rather ironic statement given the fact that Apple and Google are at the forefront of invading your privacy so they can better jam advertisements down your throat.

Re:Mmm Irony

[pauljlucas]

Google, yes; Apple, no. In case you hadn't realized it, Apple is in the hardware business. Google is in the advertising business. Everything they do is to further advertising. Everything.

100% Agree

[DaMattster]

As the subject reads, I'm in total agreement with Mr. Olson. Mandatory backdoors in encryption systems lead to no good endings. I would sooner not sacrifice my privacy to catch the relative few who abuse encryption.

"Lead us to 'Orwellian' society"?

[papamicd]

You mean we are not there yet?

4th Amendment protections

[zorro-z]

This issue is much simpler than it's being made out to be. The 4th Amendment to the US Constitution reads as follows:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

So, if the US Government got a proper search warrant, then Apple is legally obligated to do as legally ordered and unlock the phone- in this instance. Just as a single instance of issuing a search warrant doesn't allow for all future searches to take place without one, any future requests to unlock phones require their own proper search warrants. If the US Government doesn't have a proper search warrant to unlock the phone, then Apple has the perfect legal right to tell them to pound sand.

Re:4th Amendment protections

[rkww]

So, if the US Government got a proper search warrant, then Apple is legally obligated to do as legally ordered and unlock the phone

It's a bit more subtle than this: can the US Government order a programmer to write a program they don't want to write ?

Re:4th Amendment protections

[david_thornley]

The search warrant is irrelevant. It was a work phone, and the actual owner has given permission. The Fourth Amendment has nothing to do with this.

Apple is legally obligated to hand over what information it has, and Apple has done so. Apple doesn't want to be forced to write special software to break the iPhone's security, and does not believe they can be legally required to do so.

Duplicate Data they already have.

I don't see why they need access.

1). Is it the contacts list? why. Every phone call made or received is logged in the phone companies billing systems to include date, time and length. This database is already supplied to the Uncle Sam.

2). Every voice mail? Every voicemail recorded on the phone companies server is never really deleted. The phone owner thinks so, but Uncle Sam probably gets a copy anyways since the disk drive space to save a low resolution file is pretty small.

3). Every text and email sent? I don't think the emails and texts are encrypted since one may send to a different vendors phone which may not have the same encryption method or keys. Moreover, the amount of disk drive space to save them and give Uncle Sam a copy is small. In fact, Uncle Sam already can get a copy in an investigation.

4). What apps were installed? This may be of interest so that they know what others may have installed that do similar actions. It could be an encrypted talk app beyond the phone companies control. Maybe same cached message they may be looking for. Hmmm, Uncle Sam is interested in whether you have Angry Birds on your phone.

So, the amount of info that Uncle Same probably already has vs. what might be on the phone will probably provide no more insight.

FUD and Confusion

[WheezyJoe]

You are absolutely right. There is a court order, and a public one at that, so the 4th amendment is not at issue. That's what distinguishes this from the whole Snowden thing, where government intelligence-gathering entities either act without a court order, or else on a secret court order by a secret court (which is really the same thing, 'cause who knows what happened, 'cause it's a secret).

No, the thing going on here is that Apple is being asked, or even forced, to compromise their own product using means available only to them. If I understand correctly from this article from Ars Technica, that means is their private key, used to push updates to iphones. By using their key to push a custom update to this iphone to shut off some of this iphone's security measures, the FBI would have an easier time brute-forcing the PIN and thereby unlocking this phone.

Obviously, Apple doesn't want to comply. But there's plenty of precedent for why they should. Again, this is all above-board and legal... not a back-door deal done in secret where the CIA gets a special key to unlock any iphone. Instead, this is like the cops getting a warrant to a bank's safety deposit box. The bank has one key, but the owner's key is not available - so, to comply, the bank is going to have to take a drill to their box and break the owner's key socket. But with the right warrant, banks comply.

Methinks Apple's problem is the appearance of their products being hackable with compromised privacy, something dogging Microsoft and Windows 10. Methinks Apple wants to appear to offer an active role in defending the privacy of their users, whereas competitors like Google and Microsoft make it their business to snoop on their users for ad revenue. Methinks Apple is making a fuss over this because they're afraid consumers might flock to Android in the misguided belief that Android is more safe from a legal search sanctioned by a warrant.

Methinks the only issue here is whether Apple can be compelled to help the FBI break this phone. Unlike the bank and it's safety deposit box, the phone doesn't belong to Apple. It rightfully belongs to the cops as evidence in a crime, and before that it belonged to some shmuck who shot a bunch of people, and they can do what they want with it. It just so happens that Apple has something that could make breaking into it a lot easier, but Apple is arguing that they have no responsibility or liability to do so - once the phone is sold, it's out there and Apple's done... if a consumer wants to apply an update from Apple via the private key, that's their decision and that by no way implies Apple take some responsibility over the device and how it's used. Therefore, just because Apple has a private key that can help in hacking the phone, their argument is the government has no authority to compel them to use it, because although the user of the phone might have committed a crime with the phone, Apple didn't play any part in such crime and therefore are under no obligation to get involved.

Methinks, therefore, maybe Apple has perhaps one legitimate concern: complying might suggest they are somehow complicit in an alleged crime committed with their product because of the privacy measures they bake in. Unfortunately, there can be a fine line between volunteering to help with the government, and being obligated to assist the government because of some legal connection with the bad guy establishing a liability. Once Apple gives it up over this phone, Apple fears prosecutors everywhere will start hitting them up with thousands of break-this-iphone warrants, until Apple has to dedicate an entire skyscraper-full of engineers and lawyers to deal with it all. Come to think of it, that's a shitty business to be in (and I wonder how Microsoft and Google would handle it, because they'd be next).

Re: FUD and Confusion

Or, having a CEO who was a gay man in Alabama in the 60's, they might, actually value privacy.

Look it's probably a whole bunch of factors, but in essence , there are things that Apple will have architected so they can't access the data (eg FaceTime or ICloud Keychain), things they have stated where they won't access the data (even for their own use) as a matter of policy, and things they will access in specific circumstances (eg ICloud backups, or Apple Music usage stats)

The governments position is to force the company to change what it's list of won'ts a are. That is a pretty heavy handed approach, and Apple is right to push back in court and test if the government has that power.

Why ?

Achieving the can't status universally is hard, and much of the world functions on the basis of won't - ie people choosing to do the right thing eg everything from having a bad day and not mass mirdering innocent people in a rage, to deciding to stop at a traffic light.

I think it's disingenuous to describe Apple's code signing mechanism as a back door, as they have clearly taken a position that they don't want to use this in the way the government wants. The idea that you can buy such a complex device from a vendor and not understand that doing so is an implied expression of trust in the vendor is bizzare. Would you walk across a crosswalk and trust the drivers would a) respect the lights and b) not run you over if you were a few seconds late at the end of the crossing ?

There's less societal contract between you and the drivers of those cars than there is between you and the company you buy your phone from

Re: FUD and Confusion

[ooloorie]

Or, having a CEO who was a gay man in Alabama in the 60's, they might, actually value privacy.

If they actually valued privacy, they wouldn't create a phone that they themselves can break into, because the obvious and natural consequence of that is that courts and spy agencies will order them to break into it.

I think it's disingenuous to describe Apple's code signing mechanism as a back door, as they have clearly taken a position that they don't want to use this in the way the government wants.

No, what is "disingenuous" is pretending that a phone that Apple can easily break into is in any way secure.

The idea that you can buy such a complex device from a vendor and not understand that doing so is an implied expression of trust in the vendor is bizzare.

It may be bizarre to you, but it isn't unreasonable. For closed source devices, legal cases and responses to subpoenas are the best way of ascertaining the security of a phone or PC, because that information is public and there are stiff penalties for lying. So, if a company consistently responds to a subpoena with "you can do to us whatever you like, it is technically impossible to get at the data", it's a pretty good bet the data is secure. If a company responds with "we could get at the data, we just don't want to", that's telling you that the phone is technically not secure. And that's the situation we have with Apple. I think the best outcome for privacy would be for Apple and Tim Cook to be threatened with contempt of court and forced to comply with the court order, and subsequently be hit with a massive class action lawsuit for not implementing bullet-proof security on their phone. Maybe such a public relations and financial disaster would force Apple to change their ways.

Re:FUD and Confusion

[WheezyJoe]

Okay... how does Apple build a phone they can't break into, but is capable of updates and bug fixes?

Remember, the means by which the FBI proposes Apple "break into" the phone is to push an update that just happens to omit some security features, like the self-imposed delay for processing subsequent PIN attempts. So, no updates? Bugs remain unfixed? No recourse if you accidentally brick your phone if you, say, forget your PIN?

Re:FUD and Confusion

[ooloorie]

Okay... how does Apple build a phone they can't break into, but is capable of updates and bug fixes?

Easy: the contents of the phone are encrypted with a long random key that is stored securely in a crypto processor. The crypto processor also checks your pin for unlocking. If you make too many pin entry attempts, the crypto processor erases the key internally, rendering the data on the phone irretrievable. There is no way to reset the pin entry count that's kept inside the crypto processor without actually giving the correct pin. Updates to the phone OS software don't affect the crypto processor or its built in firmware.

The iPhone 5c already has a crypto processor, but the design isn't entirely secure. But it is easy to make cheap and secure designs instead; lots of smart cards, SIM cards, and phones have demonstrated that.

Re:Orwellian society versus

[jgriffith325]

Alert! 12 year old commenting. Only children think the world will be safe if only their parents are allowed to protect them.

We are thier now.

[Stan92057]

We are their now or are we all going to pretend the mass collection and saving of that data without warrants isn't breaking the constitution? If the use of stingray,mass collection of all text messages,emails isn't Orwellian i don't know what is. But its ok for corporations "a list far to lengthy to post" to spy on our every move to make a buck is ok??

Re:why trust Apple

[friedmud]

You have to trust someone.

Unless you want to write your own OS and create your own hardware you have no choice. Yes, you can use an Open Source OS so at least in theory it's possible to verify the code on your own... but there is so much firmware embedded in each and every chip you get there is no way you're going to be able to verify the phone from top to bottom.

In the end, you have to go by reputation and track records and make an informed decision. In my mind Apple has always been firmly on the side of privacy compared to many other companies.

So I guess the question back to you is: why _not_ trust them? Or, better: who do you trust more?

Good move Apple

[NotSoHeavyD3]

Since his wife was killed by terrorists on 9/11 he's a good choice to counter the fed's "But we need this because terrorists" argument.

Re: oh boy

It is simply not possible to build the required tool in a way that:

- it will only run on this iPhone

AND

- it can not be trivially adapted to run on every other iPhone

The first part is completely possible, but the second part is impossible - by building the tool, you have done 99.999% of the effort required to do it for another phone. Maybe not quite that for secure enclave devices, but certainly for everything pre-A7.

This isn't a 4th amendmant issue - it's a government owned phone. The same government that:

- bought, but did not use Mobile Device Management software that would have let them unlock the phone

- did not use Apple's free Device Enrolment Program, that can make MDM mandatory & non removable for institutionally owned devices

- did reset the ICloud password so the backup was no longer recoverable

For institutionally owned devices, Apple has already supplied a tool set to do exactly what the government needs here.

They chose not to use it, and now want Apple to build a new tool set that digs them out of the hole they found themselves in, due to their incompetence.

Re:Apple unlock

[gweihir]

Apple makes quite a bit of its profits not in the US...

Re:Is he implying all Judges are without principle

[gnasher719]

Is it really an issue of constitutional law? I now doubt it, because if Olson and Apple were so confident in their interpretation of the law, i.e. they were sure they had a case, why would they put so much effort into creating this media sideshow? Why are they trying to fight this in the court of public opinion?

Excuse me, but that was started by the FBI. If I British newspaper writes "Apple refuses to unlock TERROR PHONE", then surely you should admit that Apple has the right to do a bit of positive PR on its own.

Re: oh boy

[kenwd0elq]

One correction to that; the hack would only work on an iPhone 5C, and not on the 5S or any newer model.

By your definition, every device has a backdoor.

[Brannon]

with enough time and effort you can crack any device. Security has never been about 'perfection'...at any point in the history of mankind. Ever.

The whole point of security is to raise the cost (time, money, political capital in this case) that must be spent to break in. Seeing that the government is basically having to go 15 rounds with Apple to break into the iPhone of a deceased terrorist--that seems like pretty good security to me.

But I understand your confusion--which isn't to say that I'm excusing it, just that I think you're probably generally confused about technology in general.

Apple: stop the posturing and fix your phones

[ooloorie]

Apple can unlock your phone and access your encrypted data with a home-grown tool, but they are telling your your data is secure because they aren't cooperating with the FBI and making a big fuss about it in the media. In the day and age of national security letters and gag orders, that's a joke. If some mechanism exists by which Apple can unlock your phone, your phone isn't secure, and none of this public posturing helps: Apple may already have been ordered to create the tool they say they don't want to create and been silenced by a gag order at the same time. In fact, public posturing over an FBI request would be a good way of covering up their cooperation with spy agencies.

Apple: if you want to make phones that people can actually trust their data to, not only is the only proper response to FBI orders to unlock phones that "it is technically impossible", you will have to make that believable by having it stick in court. In addition, should also be much more open about the security architecture and software of your phones. Legal posturing and going on 60 Minutes are not convincing.

Re:Apple: stop the posturing and fix your phones

[oh_my_080980980]

Somebody is wearing a tin foil hat...

Re:Apple: stop the posturing and fix your phones

[ooloorie]

You're a bloody fool

Re:Apple: stop the posturing and fix your phones

[david_thornley]

National security letters can make Apple turn over information they already have, but can't compel them to write new software to break security. Since Apple is objecting on the grounds that they don't want to write the software, it's a reasonable presumption that they haven't written it already. If the Feds knew Apple had the software, they wouldn't be demanding that Apple write it, they'd just have the court tell Apple to use the software. It's theoretically possible that Apple has written the crack, but there's no evidence for it and some evidence against.

Apple is capable of making this tool because it has intimate knowledge of the security features and OS involved, and has the signing keys. Nobody else can perform this particular attack, so if Apple can manage to avoid it it's not a practical security vulnerability. Apple improved the security with later phones, and is likely to continue improving the security.

Apple isn't doing legal posturing. They're challenging a court order, which is action rather than posturing.

Re:Apple: stop the posturing and fix your phones

[ooloorie]

Apple is capable of making this tool because it has intimate knowledge of the security features and OS involved, and has the signing keys. Nobody else can perform this particular attack, so if Apple can manage to avoid it it's not a practical security vulnerability

Sorry, that's just silly. Figuring out where the unlock count is kept in RAM is a moderate amount of work, but it isn't rocket science. Furthermore, an attacker with access to the hardware doesn't need code signing, they can simply change the location in RAM directly. Finally, it is rather naive to think that Apple's source code and code signing keys haven't already been obtained by the NSA and foreign intelligence agencies.

The reason the FBI got a court order is because was the simplest thing to do and because this isn't a high priority to them anyway, not because the phone is secure against attacks.

Since Apple is objecting on the grounds that they don't want to write the software, it's a reasonable presumption that they haven't written it already.

No, that's not a reasonable presumption. If Apple had already written this software on the order of the US government or some foreign government, they could not, and would not want to, admit that they had already done so.

but we already live in an Orwellian Society

[aombk]

dont we?

Even the devil

[JohnStock]

.. gives to charity if it furthers his agenda.