Godfather Of Encryption Explains Why Apple Should Help The FBI

An anonymous reader writes: Famed cryptographer and Turing Award winner, Adi Shamir, has an interesting if not surprising take on Apple's current legal tussle with the FBI. While speaking on a panel at RSA Conference 2016 earlier this week, the man who helped co-invent the vaunted RSA algorithm (he's the 'S' in RSA) explained why he sides with the FBI as it pertains to the San Bernardino shooter's locked iPhone. It has nothing to do with placing trapdoors on millions of phones around the world," Shamir explained. "This is a case where it's clear those people are guilty. They are dead; their constitutional rights are not involved. This is a major crime where 14 people were killed. The phone is intact. All of this aligns in favor of the FBI." Shamir continued, "even though Apple has helped in countless cases, they decided not to comply this time. My advice is that they comply this time and wait for a better test case to fight where the case is not so clearly in favor of the FBI."

What a crock

[zieroh]

What a crock full of shit.

Re:What a crock

And from someone who really ought to know better.

What this tells me is that being the "Godfather of Encryption" is not mutually exclusive with being a dunce on operational security.

Waiting for a future, better case would sure end up looking foolish when the government argues, "What's the problem? You agreed to do this exact same thing before, in the San Bernardino case..."

Re: What a crock

[Desler]

Only if you're an idiot. It's only about the one phone until precedent is made.

Re:What a crock

[rtb61]

Well to be accurate he is on the payroll of Weizmann Institute of Science https://en.wikipedia.org/wiki/.... So rather than being on the FBI payroll he is more likely on the Mossad payroll and actually spends most of his time specialising in "Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. In the broadest sense, it is the study of how differences in information input can affect the resultant difference at the output. In the case of a block cipher, it refers to a set of techniques for tracing differences through the network of transformations, discovering where the cipher exhibits non-random behaviour, and exploiting such properties to recover the secret key." https://en.wikipedia.org/wiki/... ie breaking encryption. So yeah, self serving dick wants to make his life easier, so basically what ever he says, do the fucking opposite and do not trust anything from him.

Re: What a crock

[nytes]

No, it's about the other 14 iPhones the FBI has lined up behind it, and the 175 iPhones New York city has after those, and so on.

Re: What a crock

[MobileTatsu-NJG]

One day , just think from the victims families point of view . it's just about one iPhone data .

You say that as if there wouldn't be victims of government overreach.

Re:What a crock

That's only one opinion. Ron Rivest, the R in RSA, disagrees with Shamir over this one. As the S in the abbreviation, Shamir is the man in the middle.

Re: What a crock

[AHuxley]

AC re 'it's just about one iPhone data ". Its about been conscripted to create a portable master key for a generation of US phone products. Once created, a generation of hardware and software is open to anyone who can buy or ask for or use the same keys. A generation of phones are then at risk.
"‘Take this tool and put it on a hard drive, send it to the FBI,’ and they’d load it onto their computer,” http://nypost.com/2016/03/02/f... (March 2, 2016)

Re:What a crock

[Shoten]

And from someone who really ought to know better.

What this tells me is that being the "Godfather of Encryption" is not mutually exclusive with being a dunce on operational security.

Waiting for a future, better case would sure end up looking foolish when the government argues, "What's the problem? You agreed to do this exact same thing before, in the San Bernardino case..."

Should he know better? I'm not sure. On one hand, Shamir is really good at math. But math has almost nothing to do with Constitutional law, which is what this is really about.

There's a big difference between who can create/build a certain technology, and who should be trusted with knowing how and when to use it. A lot of people conflate the two, but they are incredibly different skillsets.

Re: What a crock

[Shoten]

Only if you're an idiot. It's only about the one phone until precedent is made.

This.

And Apple's statement to this effect has already been proven true...for there are multiple cases where the FBI has asked for "just this one phone" to be unlocked in this manner. There are literally more than a dozen parallel efforts, in addition to this one particularly high-profile one, to get this to happen.

Re: What a crock

[plover]

Shamir is also being disingenuous when he said, "even though Apple has helped in countless cases, they decided not to comply this time." Apple's cooperation in the prior cases was in recovering unencrypted data. They have never provided a way to decrypt data when they don't have the keys, or recover keys locked in the secure enclave.

Re: What a crock

More importantly, knowledge of math has nothing to do with right and wrong.

Re:What a crock

[Solandri]

Yeah, because MGM vs. Grokster and Capitol Records vs. Thomas-Rasset did so much to advance the cause of filesharing rights vs IP law.

You want a good case which burns away irrelevant fluff and centers the issue solely on the principles at stake. If you pick a bad case, the court could decide against you based on that fluff, inadvertently setting a precedent which influences the balance of those principles. The principles at stake in this case (or what people are hoping this case will be about) are an individual's right to privacy and a company's right of self-determination against government coercion, vs. the government's duty to keep society safe. Here are the flaws I can see with this case:

• Privacy rights and the 4th Amendment aren't relevant. It's not the shooter's phone. The phone belongs to the San Bernardino County government.
• The shooter was indisputably guilty of the crime. You want the test case to highlight how the power the government is asking for could be abused, not one which validates the government's argument. That way the rights violation is real while the benefit the government is arguing for is hypothetical. Not the other way around.
• Even if you argue that the shooter's privacy is somehow relevant, he's dead. It's questionable if or to what extent privacy rights survive after your death. If we're going to have a test case about privacy rights after death, I'd rather it be of an innocent guy wrongly accused by the government and his reputation consequently smeared. Not some guy who was indisputably guilty.
• The shooter was a terrorist, and his victims were innocent. I wish this weren't a factor, but it is. The best way to get a guy off a murder charge is to convince the jury that the victim deserved to die. The polls showing a slim majority of Americans supporting the FBI in this wouldn't be coming out that way if this were the FBI asking Apple to help it break into some grandmother's phone because she might have poisoned an axe murderer who hacked her grandkids to bits.
• The strongest argument supporting Apple in this case is that the government cannot coerce an individual or company to do something against their will. Well, the exceptions to that in general law are pretty much all tied to a state of war or national emergencies. People can be drafted into military service. Stores' inventories can be confiscated for redistribution as the government sees fit. This being a terrorism case comes uncomfortably close to meeting that criterion.

Waiting for a future, better case would sure end up looking foolish when the government argues, "What's the problem? You agreed to do this exact same thing before, in the San Bernardino case..."

All the points I listed above can be used to refute that argument. That's why this is a bad case. Heck, even the recent New York case (defendant is a drug dealer, but he is the phone's owner, and he didn't kill anyone) is a better case.

Re: What a crock

[Zontar+The+Mindless]

Not to mention that the victims are dead, we already know who killed them, the killers themselves are also dead, and cracking an iPhone is not going to bring any of them back to life.

Re:What a crock

[Aighearach]

Specifically:

...Apple has helped in countless cases...

is horseshit. This idiot should learn the basic facts before opening his trap. I read court filings on this just in a past few days (widely reported) that include the information that Apple has never provided this type of assistance.

There are currently over a dozen cases where the government is attempting to use the All Writs Act to force Apple to do this sort of work; all of those are pending and under challenge or appeal.

Zero is not "countless" even for small values of countless. ;)

Re: What a crock

[Aighearach]

They're currently asking for this help on over a dozen iPhones, it is only one phone per case but it is not and never was about a single phone, even before any new precedent. Indeed, this weeks ruling from NY went into that and the inaccuracy of the claim that it only involves one phone.

Re: What a crock

[dissy]

One day , just think from the victims families point of view .

You mean the families that ALSO say it is wrong for the FBI to have the ability to decrypt iPhones world over?
http://news.slashdot.org/story...

it's just about one iPhone data

Repeating a lie, that you are damn well aware is a lie, over and over will not make it any more true.

Re:What a crock

That's only one opinion. Ron Rivest, the R in RSA, disagrees with Shamir over this one. As the S in the abbreviation, Shamir is the man in the middle.

So you're saying that this is a man-in-the-middle attack?

Re:What a crock

[WaffleMonster]

What this tells me is that being the "Godfather of Encryption" is not mutually exclusive with being a dunce on operational security.

My guess he realizes Apples argument is nonsensical gibberish.

My data is only secure so long as someone does not create a tool after the fact to compromise it... What kind of bullshit is that? Why is this technically ridiculous position worth defending politically in front of millions of people scared out of their minds of terrorists and whom do not know jack about underlying technology?

The FBI is laughing their assess off right now at the stupidity of the tech industry. Apple is succeeding in re-railing the train Snowden derailed.

Waiting for a future, better case would sure end up looking foolish when the government argues, "What's the problem? You agreed to do this exact same thing before, in the San Bernardino case..."

To wit the answer must be: "We re-architected our security hardware and no longer possess the *capability* to circumvent query limit and delay."

Any other answer is an indication data stored on the iPhone was never secure in the first place.

Re:What a crock

[JaredOfEuropa]

It is about more than just laws, principles and precedent. It really is about operational security, as well as the kind of oversight (or complete lack thereof) we have on the application of cyber-surveillance by government institutions. As Apple have said:

"The notion that this is something only about opening one lock or that there is some degree of locks that can't be opened with the tool that they're asking us to create, is a misnomer," Sewell added.

Apple evidently worries that the FBI will keep whatever tool Apple creates, and use it to break into other iPhones in other cases. Those cases are most likely not always legit, and there is a further risk of the tool getting into the hands of others. At best that will be allied secret services, but who knows. The point is: giving this tool to the FBI ultimately compromises the security of every single iPhone out there, or so Apple claim. It is the same as using encryption with the governent having a back-door key, and we should not want that, for the same reasons.

Re: What a crock

[tburkhol]

But the math does say you can build a secure phone where only the owner has the key.

No, the math says the phone is secure if only the owner has the key.

Apple chose to retain that key making it a political issues, not a technical one.

Again, not quite. Apple wrote the operating system that allows the owner sole access to the key, and they can rewrite the OS to violate that exclusivity. Whether they can be forced to retroactively modify their OS to expose their customers' private data is the political issue.

Re: What a crock

[buck-yar]

So what is that NSA meta data program for then?

Re: What a crock

[tburkhol]

the victims" families appear to fall within the set of currently living people and therefore according to your position, they matter too.

How do those families benefit by viewing whatever data is stored on the phone? Or maybe better: what data could be stored on the phone that would benefit those 14 families to a greater extent than the harm done to 700,000,000 iPhone owners?

Stored data I imagine might include a manifesto, might include the text of messages exchanged with co-conspirators, might include a map to a buried nuclear bomb set to go off in 24 hours. A manifesto is not very useful. Potential co-conspirators can already be identified from meta-data available by subpoenaing phone records.

That leaves the buried nuclear bomb. That bomb has been the motivation for all of the NSA, CIA, and FBI's invasive surveillance, not just back to 2001, but for as long as those agencies have existed. It may or may not be a figment of their collective paranoia, but the argument is powerful and irrefutable. There might be critical information about an imminent, catastrophic attack stored anywhere, therefore, immediate, unfettered access to everything might prevent massive damage and casualties. There might even be critical data steganographically encrypted in Suzie's lolly, and we won't know for sure until we take it away and test it. We have the 4th amendment to enshrine the security and privacy of the individual over bogeymen invented by the state.

Re: What a crock

[BlueStrat]

The fbi is willing to let APL control everything in this particular case:

Wrong.

Look up the actual court order.

The text of the court order instructs APL to place the tool on a hard drive and give it to the FBI to use.

Are you stupid or are you a shill?

Of course the two are not mutually exclusive, and as often as not, correlate strongly. Particularly when the shills work for government.

Strat

Re:What a crock

[shawn2772]

To wit the answer must be: "We re-architected our security hardware and no longer possess the *capability* to circumvent query limit and delay."

They probably already did this in the 5S and later. The 5C does not have the "secure enclave" chip, which means there is no secure hardware on the device, all of the security is implemented in software.

Also, it should be pointed out that the signed software approach is quite secure against anyone who doesn't have the software signing keys, or the capability to compel the holder of the signing keys. That's actually just fine if the goal is to defend the data from access by private snoops (e.g. spouses, even technically sophisticated ones, corporate espionage, etc.) and criminals.

Consumer devices will never be secure against state actors with unlimited funds and sufficient motivation (e.g. NSA, GCHQ, Mossad, etc.), so really the only cases where the approach is inadequate are cases where (a) the owner of the signing keys (Apple) wants the data or (b) a government with the power to compel the owner of the signing keys wants the data. Apple has no reason to prevent their own ability to circumvent (though they do need to protect against use of this ability by rogue employees), since they know their financial interest is strongly on the side of securing the data, and legitimate companies generally do not expend effort on securing data against law enforcement officials of democratic regimes that have due process and rule of law.

Indeed, although the 5S and the 6-series probably do make it impossible for Apple to comply with similar demands for those devices, I really doubt that was the rationale for adding the security chip. I'm the lead engineer for similar components on Android, and while I've been pushing to include a secure element chip for some time, the rationale has never been to keep US courts from being able to compel access, it's always been about strengthening security against corporate espionage (which signed software solutions do address, but not completely) and to make penetration costlier for oppressive governments and intelligence services. I say "costlier" since they can't really be kept out completely.

I'm not certain that the secure enclave actually keeps Apple from being able to comply with this sort of request, either. I expect that the software in that device is also field-upgradable, since there are compelling practical and security reasons for enabling upgrades. Bugs are always a risk, and being able to fix them is a really good thing. But if the software can be upgraded, then it can be "upgraded" to remove security features. This can be limited in various ways; it's common, for example, to have secret keys burned into hardware which simply cannot be extracted by software because the software never has direct access to them, and any security that derives from the secrecy of such keys can't be subverted by software changes. But brute force mitigation possibly can be upgraded away, even with the secure enclave chip.

The bottom line here is that these are really hard engineering problems. Not that it's hard to design so that key components are non-updatable... that's easy. But it's also very risky, because it leaves you without any options when said components turn out to have problems. I think it's flat wrong to characterize Apple engineers' failure to secure the 5C against Apple as any kind of incompetence, which is your clear implication.

Re: What a crock

[arth1]

That article (and theory) is wrong. Apple could easily write a very small patch that would run on 1 phone (tied to the unique ID). And then just like every other OS update, it's signed by Apple's secret key. If anyone changes 1 or more bytes, the phone won't accept the patch. It will never run on any other phone.

What I think you and many others fail to understand is that once Apple signs the firmware for the San Bernadino phone, they have created precedence, and the TLAs will demand that they do the same over and over again for any number of other phones. Or even for a general firmware patch pushed through to all users.
If Apple no longer can choose what they sign and don't sign, it's the feds running the show. It's as bad as handing the feds the signing key, but even a bit worse from Apple's point of view, as they have to provide the work too.

Re:What a crock

[c]

On one hand, Shamir is really good at math. But math has almost nothing to do with Constitutional law, which is what this is really about.

US Constitutional law, specifically. Shamir is an Israeli, so it's natural to expect that he's going to balance the rights of individual Americans versus the state a wee bit differently than those who have to live with the consequences.

Re:What a crock

[nine-times]

It's not just about Constitutional law, but also about security principles. My sense of his argument is that he's saying, "You may want to put up a fight some other time, but in this instance, you know that they're guilty, so you should do what the government is asking." In other words, "Security is important, but in this one instance the person should probably be authorized, so build a new backdoor into the system for that person that allows them to circumvent your security protocols."

If this guy is any kind of security expert, he should know that it's a bad idea to build in backdoors that are permanently excluded from going through security protocols. Honestly, sometimes you want to build some way to circumvent a security measure in case of an emergency, but any such method to circumvent security should fit into a larger security scheme, and it should have its own security measures to disallow abuse. Simply introducing an uncontrolled backdoor is irresponsible.

I disagree

[jtownatpunk.net]

Once the tool/method is created, it exists. Even if the tool never leaves Apple, they could be compelled to use the tool in future cases. Tool.

Re:I disagree

You're mistaken in your logic.

The fact that the tool could exist means that the design of the iPhone is itself compromised, so they could be compelled, or somebody could unlawfully construct a version on their own.

That means you need to concern yourself with a real secure design instead of fighting over this issue.

Don't sacrifice a Queen to save a pawn.

Re:I disagree

[hawguy]

But the tool wouldn't work on newer iPhones. I think maybe what the guy is trying to say is that it would make a better test case if Apple truly had no way into the phone.

how would that be a case at all?

FBI: Apple, we need you to unlock this phone.

Apple: We can't.

FBI: No really, do it. Babies might die and stuff.

Apple: No, really, we can't, here's why.

FBI: Oh ok. Well you shouldn't have built a baby killing phone.

Re:I disagree

[dsmatthews9379]

The capability to create it already exists at Apple and so if they do make it, use it for this case and destroy it afterwards, you just end up back at the start, where the capability to create it exists and they are no more or less likely to be coerced into doing it by any other party. They shot themselves in the foot when they indicated so publicly that they could, but would not do it. Furthermore if you claim that they can't make and then securely destroy such tools you are also claiming that they can't securely do anything and the iPhone isn't secure. You can't have it both ways. Anyway the phone can be cracked, it would just cost a lot more money than if Apple did it. All Apple has to do is take the phone into a clean room with the equipment needed, get the codes, hand them and the phone back to the FBI and then completely destroy the contents of the clean room. Apple just do not want to do it because it devalues their product in the eyes of those who have secrets and naively believe that no other party can crack the iPhone.

Re:I disagree

[bitingduck]

The capability to create it already exists at Apple and so if they do make it, use it for this case and destroy it afterwards, you just end up back at the start, where the capability to create it exists and they are no more or less likely to be coerced into doing it by any other party.

That shows a profound misunderstanding of how the US legal system works. Once they've done it, then the probability of them being coerced again is identically 1. If the gov't is allowed to compel them to produce software, and especially produce particular features, then the government can:
a) repeatedly compel them to recreate the software to crack existing phones that can be cracked by that method. Then apple effectively has to either maintain a team to keep recreating and destroying the software (good luck hiring people who want that job. seriously tiresome) or keep the software intact and protect it. But they can't do that, because once it gets used in an actual criminal prosecution then the defendant will have the right to see the software. And every defendant it's used against will have that right. So then it's out.
b) compel them to create a permanent backdoor in all future versions (the precedent for government compulsion of particular features having been established, despite CALEA's wording to the contrary. And they can do it secretly through the FISA court, and it will be 5-10 years before we hear about it publicly. In the meantime, people will find the holes and exploit them (aside from NSA and FBI exploting them).

The technical possibility of that particular phone being hackable by sideloading a custom system is almost irrelevant to the case. It's the legal precedent that's important.

The Judge...

[Etherwalk]

The case is in front a former AUSA (i.e. lots of experience on the government side), but she went to Williams College for undergrad which means she's probably one of the more intelligent federal judges--making her likely to read and understand the tech industry's briefs. (About half of federal judges are really smart and went to top schools; about half of them may not be as smart but have been successful politically. They all have a good measure of experience.)

Ultimately, of course, the case is likely to get appealed, and if the loser at the 9th Circuit level decides it is a good test case, they will appeal it to Scotus.

There won't be a better test case

[penguinoid]

If you comply once, then you greatly weaken any objections to complying again.

Re:There won't be a better test case

[plover]

The summary is very misleading. Apple's compliance has only been in recovering unprotected data. They have never provided access into the Secure Enclave to recover the keys, and have never recovered data encrypted by those keys before.

The FBI hopes that by whipping up national hatred for these mass murderers it will spark a public outcry in favor of forcing vendors to provide defective encryption, U.S. government access to escrow keys, or other back door. Many Americans have been taught by the fear-mongers running the talk radio business to be so craven that they'll agree to any violation of anyone's rights because 'terrorists'.

Totally BS argument.

[BarbaraHudson]

The perps are dead, so there is no need to decrypt their phones in that case.

This is just fishing for information on other people, and it's pretty naive, since they destroyed 2 other phones. Would you use your company phone to plan a terrorist act?

Also, the phone isn't Apple's property. Let them go after the entity that owns the phone.

Adi "IANAL" Shamir

[nimbius]

Adi:
no one has argued the case isnt firmly in the hands of the FBI, or that they arent entitled to prosecute it. What we're highlighting and opposing is the biblical retribution with which the government seems intent upon pursuing this cases. the entire purpose of unlocking the phone at this opportune time is to create a precedent so that, in future endeavours and cases there is no point at which "favour" is ever questioned. the purpose of forcing apple to unlock this phone, or any device for that matter, is to create a legal standing by which any other device the government sees fit can be unlocked for any reason, however remote.

the facts stand: both killers are dead. their motives were known. their accomplices were known. their method is known. this is more than enough to convict a corpse.

Re:Adi "IANAL" Shamir

[LordWabbit2]

You're an idiot.
Maybe they actually do need to get into the phone, if so why did the FBI reset his account password so that even Apple could not get into his account and unlock his phone? They are using this specific case ("Oh my god Terrorrists!") because they are betting on public sentiment and morons like you to set a legal precedent that they can then use to beat the shit out of anyone who does not decrypt data for them. If you think the FBI are doing this for any other reason then you obviously ate wall candy as a baby (ie. lead paint, since I doubt you would figure it out).

Re:wasnt RSA paid to backdoor by nsa?

Yes:

http://www.cnet.com/news/security-firm-rsa-took-millions-from-nsa-report/

Yep.

The ability to spy on law-abiding citizens grants an enormous economic advantage to those in power. They can do the financial equivalent of insider trading with impunity, and rake it in. That is just one way of many.

Strong encryption gives the poor some leverage against the rich; a chance to reclaim and protect some of the wealth that they generate through their labor. I guarantee, the rich will never abide this. Even if Apple wins, subsequent political and technological maneuvering will ultimately result in strong encryption available to the rich, but not to the rest of us.

This case is a lot like the presidential election: no matter who wins, we lose.

Re:What a bunch of ignorance

[hawguy]

Why does everyone think Apple has to create anything new? They already have the ability to do what the FBI wants. It's not a backdoor, it's not something they have to use on every phone...it's a simple code adjustment to turn off the poison pill and can easily be pushed to this one single phone. In fact, it can be built specifically for this one phone and it will only work on the one phone. Due to the way Apple already does their updates, they do this already as it is. They don't do mass updates to apps and iOS to all phones. each phone is unique and has it's own nonce. that's all Apple needs to match this code up to.

This isn't a technical issue. It's about people's opinion's on whether these douchebags have rights still and whether this actually violates them.
***Spoiler Alert*** They don't.

You don't seem to understand how slippery slopes work.

It's not "just one phone", and never was, it started at one and only one phone, because you know, terrorism, we need to read the phone of just this one terrorist and Apple won't help us! Then "Well there may be a dozen others that we'd like to break into". Then "Law enforcement agencies possess hundreds, or even thousands of phones they'd like to break into". And somewhere between "dozens" and "thousands", it becomes too unwieldy for the government to wait for Apple to unlock each one, so they'll require the tools to do it on their own.

And once they've proven that they can force Apple to create software at their bidding, they'll easily be able to force Apple to hand over the tools they need to decrypt phones at will. And really, there's no end to what they can force Apple to hack into their phones.

Re:has nobody thought

[AchilleTalon]

Obviously you haven't follow that case very carefully. The iPhone isn't locked using fingerprints, it uses a 4 digit password. And before you ask why they just don't try all the combination, after 10 trials the iPhone may have been setup to delete the data. In addition, there is a delay between each trial which render this method unpractical unless you remove the delay and the 10 trials limit, which is exactly what the FBI is asking Apple to do for this iPhone by flashing a new firmware on it remotely. Yes, this model doesn't require the user to authorize the firmware to be flashed. So, that is totally possible to do. And why do they ask Apple and aren't just do it themselves? Because the firmware must be signed with Apple's private key otherwise the security chip in the iPhone will block the firmware execution.

Re:What a bunch of ignorance

[Pseudonym]

You don't seem to understand how slippery slopes work.

If the FBI succeeds on this one, there will be a point in the future where some prosecutor argues in court that nobody has a reasonable expectation of privacy in their smartphones, in part because society at large was okay with how this case went down.

The frightening part is that the argument might work.

Re:Adi's correct

[tacokill]

Nothing prevents them (or anyone else) from doing exactly that right now. They are more than welcome to bang away on the phone as much as they want and if they get in, nobody will say a peep and all is as it should be.

The problem comes when the FBI compels/orders Apple to build a 2nd operating system. Forcing and compelling people and companies who are not accused of a crime is un-American and that is why this is going to court. Wanna compel Apple? Fine, go to Congress and pass a law like CALEA. But lets be clear.....a law forcing Apple to do what the FBI wants does not currently exist and that's why the FBI is relying on the All Writs Act to force Apple to do it.

Nobody has ever suggested the FBI (or anyone else for that matter) is prohibited from hacking the phone. They aren't. They are more than welcome to use whatever resources they have to hack it. But those resources do not include Apple, the company, or any of it's employees or tools unless allowed by law.

Re:here's why it's a crock

The government is not simply asking them to hand over the encryption keys, but to write and deploy code on its behalf. That would make Apple an agent of the government; if it can do that, it can make any company such an agent. What's to stop the government from commanding Apple or Microsoft to deploy code that allows them to listen through a computer's microphone? Or how about vendors of "smart" TVs: can the government command them them to install cameras and microphones in all their new models, which the government can turn on as it sees fit?

This is not a question about encryption at all, it's a question about making a private company a government agent.