Slashdot Mirror
Apple Might Be Forced to Hand Over iOS Source Code to the FBI (theguardian.com)
Bruce66423 writes: In its latest filing, the FBI implies that, if the burden on Apple programmers of their alternative approach is too great, then Apple should release the whole source code to the FBI to allow them to do the work, quoting the precedent of the Lavabit confrontation. Clearly it is time for Apple to move offshore!? To recall, Lavabit abruptly shut down in 2013 when the FBI attempted to get the company to hand over the encryption keys for its secure email service. While the current situation seems to put Apple in the same ballpark as Lavabit, what gives the Cupertino-giant company an advantage is the immense support it is receiving from other Silicon Valley companies and personnel.
Many believe that the FBI doesn't really need Apple's help in unlocking the iPhone. Reports claim that the iPhone in question already has a "backdoor" which could allow the government-backed institution to access the data on the smartphone. Other widely reported theories include cracking the iPhone and manipulating the innards to trick the system into spilling out all the information. One proposed method, which requires the phone's NAND flash chip to be taken out, may not work, though. Daniel Kahn Gillmor, a technology fellow with the ACLU's Speech, Privacy and Technology Project, pointed out the risks in playing with flash memory. He said that an error in removing the memory could make the data unreadable forever.
Oh thank God. I was worried we may have a 24 hour break without this never ending saga appearing on the front page.
The FBI doesn't want anybody to be able to keep any secrets from it ever, with no regard to what impact this might have on commerce. They are attempting to use this case to ensure that they get complete authority and ability to decrypt everything at their whim. If they can offload the work to other companies for free, all the better, but the real win is that nothing anywhere can ever be kept secret from them for any reason.
That's all this is. Everything else is just politico/legalease/bullshit.
Dear FBI,
You can ALREADY start downloading OS X & iOS source code from here:
http://opensource.apple.com/
1% APY, No fees, Online Bank https://captl1.co/2uIErYq Don't let your $$$ sit in a no-interest acct.
Let's be honest, the FBI's goal isn't to access one iPhone. They want access to all encrypted communications. This should be obvious. Handing over the source code to iOS will probably allow the FBI the opportunity to look for other vulnerabilities that could be exploited to read private communications. This isn't acceptable. Furthermore, wouldn't Apple still need to cryptographically sign any build of iOS that would be loaded onto the San Bernardino shooter's phone? The FBI has carefully picked the fight in a case where there's no defending the deceased shooter to maximize public opinion being on their side. They're being disingenuous and it's obvious to anyone who's willing to look carefully at their claims. What is it that makes elected officials almost unanimously support reducing the privacy of the people when there's no such consensus among the people? And why isn't there an effort to impeach the leaders of these three letter agencies for their activities? Impeachment isn't limited to the President, and those who violate the Constitution as they do should be accountable through impeachment.
They start with an obvious overreach, asking for help to make the software. When apple complains, they say, well, then just give us the source and we'll do it.
Apple can either say the previous request is now possible, or the new, slightly lesser request. But it can't have both. It must capitulate.
FBI is getting in that phone, guys.
PS I said this would happen in a different thread and you voted it to -1, lol
What is meant by "an error?" It's a pretty broad term. Using a baseball bat to open it instead of the correct tools would be an error. So it's a pretty trivial statement to claim "an error in removing the memory could make the data unreadable forever"
A Gay man created the FBI as his private army which he used blackmail and extortion and total totalitarian rule to achieve it's sickening personal objectives.
And it is still the same today , a personal gestapo for the 1% ie bilderbergers, bohemeian grovers, and all the other faggy control freaks who want to know your every person detail.
. . . but it's difficult and there is a danger of data loss.
So what they want, is a master key, so they can unlock any iPhone whenever and wherever they want, without a big hassle. Or a warrant. So they're claiming they can't access it, simply because they want easier access.
Well played.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
farse will eventually be a "victory" for Apple, and the other big tech companies will stand united and say no to government backdoors. The damage from the NSA fall-out will be undone, and people will believe U.S tech products and services are safe and that their data is safe from prying eyes, but it is not, have not been, and will not be, but now the money-flow will come back and that is all that matters.
Maybe Apple would want to pack up and completely move to Ireland then...would it have more to offer than massive tax breaks? (http://qz.com/273631/how-apple-got-its-2-tax-rate-in-ireland/)
Thinking about the Apple situation, I noted that for years people have predicted that we would live in a corporatocracy.
And here we are, huddling in fear while giant organizations battle for our rights.
It is now too expensive for anyone except the upper 1% to go to court, so we are forced to hope and pray that some organization will take up the cause, leaving us on the sidelines rooting like sports fans.
Of course, those giant entities will only battle for our rights if it aligns with their other goals - Apple isn't opposing this out of their good nature, it's because doing it would cost the money and hurt their bottom line with future sales.
What a world we live in!
Oh for gods' sake. I wrote a whole comment saying basically, "I don't see the problem here," based on the worthless summary, and then looked at the article. It's not about source code, it's about the signing key. It acknowledges that right in the article title, but whoever submitted this got their head on backwards.
My fault, I suppose, for being lazy.
Great. Print it out and hand it over to the FBI
it's demonstration of Apple opportunism: turn a legal case in to a GIGANTIC AD
Well played.
Not really - They've backed Apple into a corner. In response, Apple has only two logical next moves - Send all their platform-level development overseas ("You can thank the FBI for the loss of those 1500 highly paid American jobs"), and make the encryption truly unbreakable (absent some unknown weakness in the algorithms themselves), both at rest and in-transit.
Apple may well lose this round - But they can salt that field so deeply as to make Uncle Sam wish he'd never asked. "Gee, sorry, did we just make all your expensive Stingrays almost completely useless, boys? Oops, our bad, wink wink nudge nudge!"
This is what governments do when they start leaning towars totalitarianism. And then they say "it's for your own good". Historically, this never goes pretty or well. This isn't about a phone, it's about getting all companies to acknowledge "whose boss". We jump, you say "how high" or else...you have no rights except those we allow you to have, and they can be revoked at any time it's convenient for us,,,hmm...America, home of the not so brave, not so free.
"Imagination is more important than knowledge" - Einstein
Apple can take care of itself.
Anybody who thinks apple is out to help you is painfully wrong
I can't believe any judge would find this reasonable.
This is equivalent to the police asking a warrant to search your house, and getting a key to every house in the country.
"It's a good computer... for I to BM on!" - apologies to Triumph, the insult comic dog
It's this pretty much seizing the source "for the public good", so they'd need to pay fair market value under Eminent Domain laws?
May I suggest Canada? It's nice and close, we speak English, and I bet you could buy all those empty Blackberry buildings pretty cheap.
Support Right To Repair Legislation.
That's just the honest truth, they are quite dumb but honest in their own right.
The trouble is that the smart people are sometimes dishonest in minute ways, the fight is just a spiral of negativity and both sides of the argument are to blame.
Apple is attempting to be socially responsible. The cell phone is a worse instrument for oppression than Orwell ever imagined. I can make your phone record every moment that you are carrying it. I can compress your voice so well that the existing storage is just fine for that. How long do you think it will be before that's happening for governments, if we embark upon this slope?
The problem is that if you attempt to be socially responsible, the government will do its best to damage your business. Or other companies will. So, corporations have to be cowards to survive.
Ultimately, we can't rely on a corporation for hardware that we can trust. It needs to be independently verifiable. Verifying software is possible. Verifying what is in an IC, less so at present time.
Bruce Perens.
Which country, exactly, can it go to where the government can't force the issue if it really wants to?
Ooh, ooh, I know!! They can follow Edward Snowden into the safe, comforting arms of Putunist Russia!!!
Yay!!!
"I don't know, therefore Aliens" Wafflebox1
Power is claimed, not granted. You, and your class, only have as much power as you claim.
And by "claim" I mean "stand up and fight for." And by "fight" I mean "make the top priority in your life, and put all your resources on the line to protect."
A casual conversation is not claiming power. Nor is writing your house rep and asking pretty please. Nor is voting. All of these things are using the options that have been given to you. Since they have been given to you, you can bet your bottom dollar they are pretty much worthless.
In today's world, for the most part, one claims power by acquiring and hoarding money. There is also the possibility of claiming political power through navigation of the political process, but the overlap between success at this and the possession of significant amounts of money is very high.
So people say things like "we should take the money out of politics" and I just laugh. That isn't how power works, and saying that accomplishes nothing.
Various corporate entities have claimed a whole lot of power (by taking it away from us). That's the reality. You can cry about it, you can adapt to it, or you can stand up and claim some power.
Good luck.
"Gee, sorry, did we just make all your expensive Stingrays almost completely useless, boys? Oops, our bad, wink wink nudge nudge!"
Cellular networks don't work the way you think they do.
If you could go back in time and expose J. Edgar Hoover as a cross-dressing sadomasochist BEFORE he managed to seize control of the FBI, would it still be the same kind of power-mad agency?
I often wonder if it would be a milder government law enforcement agency with narrower authority if Hoover had been sidelined for some other bureaucrat, or if what the FBI has become is essentially an inevitability -- a byproduct of the bank robberies of the 1930s, the security panics of the 1940s, the Red Scare and anticommunism, the cold war and the 1960s civil unrest.
Perhaps it would still be what it is, but somehow with a different tone had it not been one man's personal kingdom for 40 years, a man who scared most Presidents into leaving him alone.
Where would they send those jobs? I doubt there's a foreign country with enough skilled workers whose government wouldn't make the same demands or worse. This type of BS is not unique to the US federal government.
Mutually assured destruction, it's not just for nation-states.
All Apple needs to do is delete their private key.
They still have the trump card here.
"He said that an error in removing the memory could make the data unreadable forever."
Well, considering that's the current state of the data, they really have nothing to lose.
Is it just my observation, or are there way too many stupid people in the world?
I will say this again: Some mathematician/programmer needs to develop an unknown encryption method
that may or may not use keys, and proliferate it. I would prefer that a key be used as a false clue, but that's just me.
As for the protection of the actual code - there are experts on that who can be hired.
So... That lies past Elliptic Curves?
And could the mathematics of quantum gravity be used?
Or a boolean nightmare?
Or even alternate languages ( synthetic... mathematical.. logical...) ?
Just so no one knows except the person who develops it....
Canada seems to work pretty well for OpenBSD...
It's closer, so you could probably keep talent at least somewhat local. The $CAD is also at $0.76USD, so there's a potential savings in the currency difference too. Plus we're quite friendly, bacon and (real) maple syrop for your pancakes is plentiful, and if you come west the weather is quite lovely in many areas. Sure when talking about the hue and shade of your new icon schemes we'll ask you to spell it as "colour", but that's a small price to pay. Too bad our neighbouring government is a bunch of authoritarian pricks, but at least we seem to cleaned that up a bit on our end for now.
Now I'm no rocket surgeon or whale biologist but surely apple could release could provide the 'hacked' OS which enables what the FBI wants then release a firmware update which prevents it on current phones?
Cellular networks don't work the way you think they do.
If you believe their lies about only using Stingrays to capture call metadata, I have a bridge to send you...
Forcing Apple to turn over trade secrets so that the FBI can hack it themselves actually bothers me a lot less than the FBI forcing Apple to do their job for them, with no compensation, which would be an even worse precedent. Couldn't any secrets in the source code be ferreted out eventually by disassembling the executable image? I don't think Apple encrypts the executable, do they? Give 'em the source code, and then change in the next release any trade secret that creates a security hole if leaked to wrong the people. Still makes work for Apple, but still not the worst case.
I've abandoned my search for truth; now I'm just looking for some useful delusions.
In Soviet Russion, encryption break you!
I've abandoned my search for truth; now I'm just looking for some useful delusions.
The burden is ethical, not financial. Finding people who could sleep at night after doing this is the trouble.
Inheritance is the sincerest form of nepotism.
This is nothing more than a power struggle, it is the government trying to prove that they have more power than corporations and apple saying "i dont think so"
This is the slippery slope for the government, they spent decades giving more and more power to the corporations and now that they are sliding full speed down their own slippery slope they are trying to stop the ride. This is a power play that they cant win because if they win in the courts, they lose economically as apple would be stupid to stay in the US.
The people have no say in this any more, we are not the customers, we are the product... nothing more than bags of flesh to be traded and exploited like slaves (which works even better when we spend so much time fighting each other over stupid differences like race or religion)
The government is trying to regulate a PHONE because "terrorism" -- but of course, won't lift a finger to impose any regulation on the other, more important device used in terrorism -- the GUN itself.
So, lemme get this straight: you want to impose all these restrictions on my phone, listen to my every phone call, read every email and text message, look at pictures of my GF, and basically peer into my personal life and the personal lives of every American, all because you won't even regulate keeping an eye on someone when they buy 50000 rounds of ammo and large capacity magazines?
Dude, I have to show my driver's license to buy cold medication, but you won't even perform simple background checks when someone buys a gun?
This country is truly fucked up.
If telephones are outlawed, then only outlaws will have telephones.
Who cares that some guy who went rampage owned an iPhone?
I so hope that he would owned iPhone, Android, Windows Phone and couple old Nokia NOS phones or so that FBI could force the encryption to be opened. Oh, and one blackberry too with the special edition for USA President.
It would have been hilarious.
Really, it doesn't matter what phone he had. The blame is on the government own corruption, causing people feel so bad in the USA that they want to do something such that.
If you mean vacuuming everything up, metadata and data included, I agree with you. The NSA has had the power to do real time voice analysis since at least the inception of Project Echelon.
However, there is no way to keep the data secure when you are going to involve a third party (in this case a cellular carrier). Their collective motives may not align with Apple.
That's why cellular networks don't work the way you think: Apple can do nothing to stop the carriers from protecting your data.
Does anyone believe that the FBI has programmers who could even *build* iOS with the source code, but no active assistance from Apple? Much less then get their patched OS right enough to actually not destroy the contents of the iPhone in question. Apple should definitely take them up on this offer: no assistance but enjoy the source code.
They didn't build a spaceship campus for nothing... Wait until that fucker takes off into space... so long and thank you for the fish! =D
Let's see - forcing Apple to hand over source code is basically the government expropriating private property, right? And Apple considers their source code copyrighted, right? And how many files are there to make up the entire build? If you apply the statutory value (per copyright law) of $250,000 per file (certainly not unreasonable according to the **AAs), how many millions of dollars is that?
Then the new Apple Campus would be totally written off as a waste!
Then Apple will have to give the FBI access to their private keys?!? The hardeward DOES require proper signing! Then what -- the FBI could have all our phones installed with FBiOS? No.
âoeThe wall between art and engineering exists only in our minds.â -- Theo Jansen
If Iphone sales are about 200M units/year. There is some significant value to the S/W making that possible.
If it was known that the FBI had the source for said S/W the sales would be expected to drop by some percentage (maybe 10-30%).
This is a real cost of what the FBI is asking for.
Is the FBI offering to pony up the cash to pay for what they are asking for?
If the result is to push Apple to another country, the cost the the US in general is much higher.
Kind of the like a final push to move the Apple supply chain from the US.
I you believe that the economy is the ultimate arsenal of democracy, this seems the reverse of what should be happening from a national security standpoint.
Seems like somebody at a higher level than the FBI should look at the situation and think though the consequences.
It should be interesting to see if we have an administration with the capability.
That's not clear. It would certainly be a lot of trouble, but they could set it up so that new model Apple-Apple communication over the networks (including cell phone) would be unbreakable. But it would be a LOT of trouble, and I can't imagine them bothering to do so. The metadata would still be obvious, of course.
The real weakness of the current system is that if you record the initial handshake which establishes the session key, then it is *relatively* easy to decrypt things, even with otherwise secure encryption. And you're going to need to factor in that the NSA is known to be working on quantum computers. (What success is unknown, so you've got to assume success.) This means that current approaches aren't useful even with longer keys. You need something else (and I'm no expert). It's made more difficult because you can assume the feds will buy and study any mass-market device.
I think we've pushed this "anyone can grow up to be president" thing too far.
I would personally take a job in the Philippines and continue to take my California Salary. Live like a king, fraction of the cost of living, and better quality of life with the given income level.
It wouldn't be hard to convince most of the single, male, developers to relocate overseas.
You missed that they also want Apple's signing key. That's the important part.
I think we've pushed this "anyone can grow up to be president" thing too far.
They don't really need to send the development team overseas, just the signing key. It would suffice to require all upgrades to be signed with not only their own key but also a distinct key held by an independent and neutral third-party (or group of third-parties) outside of U.S. jurisdiction, with instructions to refuse any image-signing requests made under duress.
Of course, they should also ensure that no image other than the one already installed on the device can execute until after the device has been unlocked, short of a full factory reset.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
Any country cheap enough that they could buy the entire thing, government included. Apple could probably afford any of several countries, but Luxemborg would have the advantage of being a member of the EU, and thus hard to act against.
I think we've pushed this "anyone can grow up to be president" thing too far.
I have a bridge to send you...
Ingenious. Give the bridge for free but ask for shipping costs.
Seriously, if this is about terrorists, why not NSA? They are the ones that are supposed to listen in, as well as protect western tech. In fact, this was a terrorists, and it is NSA that is supposed to crack the iphone, not FBI.
While I support tech companies working with NSA (quietly), allowing the FBI to have access to source/phones/network/etc is akin to giving it to chinese gov. it will be massively abused and misused.
I prefer the "u" in honour as it seems to be missing these days.
You'd need to move all the developers there. Otherwise, one developer faced with a court order, men with guns and black fatigues and threats of instant jail for refusal could check out all the source code and hand it over to anyone with a large-enough thumb drive.
"I don't know, therefore Aliens" Wafflebox1
We already know the forensic tech that initially worked on the phone has made it impossible to recover the data. The phone iCloud account data has changed, and other steps taken as well to gain access to include resetting the phone. The FBI should just give up, I seriously doubt that with Apples help any data is on this phone to recover.
I'm a law & order conservative, have been my entire life. But, I believe in the RULE OF LAW, and the PROTECTIONS guaranteed in the bill of rights. This illegal (as most of them are) alphabet agency has NO RIGHT to the proprietary software of a private corporation. The source code belongs to the corporation, that created it. The FBI isn't so much wanting to crack this phone, as it is having the keys to the kingdom. They do not like the idea (nor does the NSA, CIA, or other of the illegal alphabet agencies), that they can't snoop on American's without having the keys to do so. This country isn't a sovereign free country, as it was before all of these illegal alphabet agencies were created out of thin air. We are, to an extent a government controlled police state, pure & simple. Until such time as the American people rise up and toss our current government alphabet agencies to the ground, they will continue to take more and more of our liberties. Why do you think there is such a push, to rid this once great nation, of the 2nd amendment? Once that happens, if it does, you might as well kiss the other 9 bill of rights out the window.
Comey is wrong, or rather, not trustworthy, because the world that FBI Comey has said he want in a recent house hearing, that is a world where everything is available with a warrant.
However.. just because something is available with a warrant, doesn't mean everything ought to be available with a warrant.
Cue David Hume's "is, ought problem".
https://en.wikipedia.org/wiki/Is–ought_problem
Believe it or not, the list of countries where a business is less likely to be forced to do the government's dirty work for them than in the US is actually pretty small, and grows smaller by the year. Apple need to move to unbreakable encryption as soon as possible, but don't kid yourself into thinking that providing it won't be illegal one day and we'll be left with only open source steganography for privacy.
1500 job, think closer to a millions of jobs.
If Apple looses, ALL US IT gear will need to be considered to have spyware/backdoors.
The 96% of the world not living in the US will have to reconsider all of its IT infrastructure and how secure it may be. The US will have to be put at the same level as China/Russia.
We are talking hundreds of billions of dollars damage to the US economy.
We are already putting new IT gear on pause while we wait for the outcome and looking at what costs will be incurred to shift much of our systems to Linux.
Apple, Microsoft,Google,Cisco, HP, Dell, etc etc etc will ALL suffer if Apple looses.
You can trivially build computer storage that the FBI can't crack. If you have $300 (remember to spend some of that on a real keyboard rather than a numeric keypad, which you get tired of using after 4 keypresses) then you have more cryptographic resources than the FBI has cryptanalysic resources. Anyone can be a titan, next to the FBI's ant-like stature. If you did that, the FBI would have no choice but to resort to the $5 wrench (and if we maintain the context of this particular case, the $5 wrench wouldn't work; go threaten some 3-month-old corpses if you don't believe me).
The reason Apple is in court isn't that they can afford it and you can't; it's because they are the third party that some fuckwit outsourced their data security to, instead of doing it themselves. (A fuckwit, I remind you, who didn't care about anything, which is why he is dead, and is also why you don't need to worry about his problems becoming your problems. If you are trying to protect your data, then no precedent that affects you, is going to come out of all this.)
Think about how amazing that is. If you heard of a company or government department who did that, you would say they're shockingly negligent. Their CIO needs to be fired immediately. If you even heard that a private individual did that with their desktop computer, and then it went sour, you would "blame the victim" because even at the low-stakes level of a single person, it's blatantly stupid. But somehow all the rules of common sense are suspended when the PC is handheld.
"My passphrase is four decimal digits long." (Seriously, imagine someone saying that. Your mind inserts the word "duuuh" at the beginning of the sentence, doesn't it?)
"I don't have my computer's root password, but Dell does." (Did the same thing happen when your imaginary actor read this line?)
Apple is a little more motivated to fight than usual, because this case shows the public that we're all doing things wrong. Apple doesn't want you to know that. Google doesn't, either. But I do. I want you to know that most of our sentences about handheld PCs start with an implicit "duuuh," and there's saliva dripping off the sentence as it hangs in the air, waiting for some insensitive clod child to point and laugh at the obvious.
And I wonder if maybe someone at the FBI wants it too, because that's sure-as-fuck what they are proving to everyone. They're pointing their gun at Apple's face but making eye contact with us and saying, "see what happens when someone else is in charge of your computer." (Heh. Now that I think of it, wasn't it the FBI who wanted this whole story public, and Apple who wanted it sealed?)
(In that respect, this case is delicious, but you should be wondering what real security and rights stories are happening right now, from which this is intended to distract you.)
Who knows, maybe the FBI is fucking tired of how our stupidity with regard to handhelds is making things easier for criminals. There could be some very selfish reasons for them wanting us all to learn a little common sense.
BTW, disclaimer: I'm as lazy and dumb as you are. Don't waste your time calling me a hypocrite; I'm not denying anything.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Even if they could ever figure out how to build it, by that point it's unlikely there would be enough people still running that generation of hardware for it to matter much.
The ONLY metric the US is number 1 in, make that 2 is:
Military spending
and your prison population.
Health, education, welfare, social mobility, freedom of speech, democracy, racial harmony, crime, etc etc etc you are NOT number 1 and in some cases nowhere close.
You can vote for whoever you wish, and honestly I hope everyone does. That said, the general populace will vote for the candidate they wish too. If you believe that your vote for a 3rd party will make your 3rd party candidate the winner, I can say with certainty that you are delusional.
The majority of people vote for who they see and hear the most, and happens to be a member of the party they believe best fits their world view. You won't hear much about 3rd party candidates, and the little you hear will be distorted to shape people's opinion's for them. We have not had fair coverage of a 3rd party candidate since Ross Perot, and in this incarnation of the US it won't happen. Ross Perot scared the hell out of the elites.
This is why Ron Paul was never referred to as Ron Paul on the "news". Ron Paul was referred to as "that crazy/cookie/insane Ron Paul", and his policies were only mentioned as "scary/bonkers/conspiracy theory/crazy policies".
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
So what they want, is a master key, so they can unlock any iPhone whenever and wherever they want, without a big hassle.
No, no, no, no. All they want is a key to this one phone. Honest. That such a key would also work to unlock every other similar phone is pure coincidence. That wasn't their intention. Really. Though now that you mention it ... when we are done here, we have this stack of seized iPhones we want to talk about.
It's rather simple. Stop supporting this, don't prove their ideas or methods are or aren't possible for them. Stop responding. They are collectively using highly technical sources online essentially for free.
It's hypothetical bullshit anyway. If they think they can win in court, let them try. Otherwise they are simply empty threats looking to enrage people. I'm not saying Apple is innocent here either, the whole thing smells like a PR stunt - look how secure our phones are.
If some dumb ass wants to build a house of cards, let them pound all the sand they want. Why should I waste my time proving you wrong? In the end you either will be or wont. There is no discussion or reasoning here. You're not going to magically find a law forcing them to stop, what you will do is continually enable them at your own cost.
Which means that there's noone who really believes that sort of logic. But it could make an argument to slow the proceedings down.
it might be publicly available. I mean, though the FBI is not the most porous three letter agency of the federal government, it could be hacked to obtain the iOS code and then distributed. Or there might be a Snowden in the agency.
If they can make the crypto mathematically equivalent to a one-time pad, no amount of quantum computing is going to crack it since all messages of the correct length are equally valid. The key exchange itself would then have to be compromised, which would have a limited window of opportunity.
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Wasn't this more-or-less the plot of Cryptonomicon?
They should just design their own redstar os and the companies that actually design operating systems should force insecure shit down their throat. I'm sure that would change how they look at security and the government will back off encryption.
And the EU recognizes US banking/taxation laws. Feds could get a warrant to freeze the accounts of employees until one of them caved.
Canada used to have a long-standing fund to pay lawyers for people who differed with the government on matters of public policy. It was defunded during a previous government, but seem to be coming back.
davecb@spamcop.net
I have been looking around, but haven't really found any mobile phone that is truly dumb, as in only a simple phone with no other feature. I am envisioning something that would have just enough memory to store the simple OS and an allocation for an encrypted phone book, but with no space reserved for a call log or anything else. True simplicity. That is what I would like to buy. Hopefully someone will make a very simple product like this in response to all this nonsense.
Excuse me if this is a stupid question, but can Apple issue some update to the specific phone in question which would allow them to give the FBI keys to making firmware for this phone but not the other bazillion iProducts out there?
Or does updating the phone in question without unlocking it basically mean doing what the FBI originally asked Apple to do in the first place?
Cities and development campuses, research parks around the "free" world will be very attractive for that. Local political leaders will allow crypto exports, tax breaks for new local hi tech jobs with any big brand.
Other nations have enough real human informants, other direct methods and will get all metadata not to have to care about message content for export telco designs. They did not waste all their efforts on contractors and signals intelligence and would still have real human skill sets.
Once the US gov starts conscripting its brands to design with a gov front door, back door, trapdoor as policy it will be interesting to see the international reaction.
Buying a phone with the 5 eyes, US (federal, state, city) law enforcement and any contractors, ex staff and former staff "inside" by default is a huge security risk.
Greek wiretapping case 2004–05 https://en.wikipedia.org/wiki/...
SISMI-Telecom scandal https://en.wikipedia.org/wiki/...
shows what weak turnkey telco products can do to a national telco network.
Now add the fun of weak junk US gov conscripted crypto keys been sold to anyone around the world with the cash and connections.
Domestic spying is now "Benign Information Gathering"
In a recent WSJ article it was stated that the courts consider code to be an expression of speech, protected under the constitution. As such, Apple should invoke their 5th amendment rights.
I would fully approve of Apple using the entirety of its cash reserves to litigate the FBI into oblivion if those goddamned thugs follow through on this threat. A billion dollars on an ad campaign to inform the public of the FBI's criminal history, including such things as sending a letter to MLK demanding that he commit suicide, and paying for the truck bomb used in the first world trade center attack would be a good start.
The FBI is not, and has never been a law enforcement agency. They have no interest at all in protecting the public. Their only motivation is to increase their power through any means, legal or not.
J. Edgar Hoover was a sick, twisted man who viciously oppressed homosexuals, despite being one himself. The cult he started is beyond reform: it must be abolished, and every person currently employed by the FBI must be absolutely prohibited from ever holding any employment again at the taxpayers' expense, or holding any position of public trust.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
If the FBI gains the ability to backdoor every iPhone, then a future FBI thug won't have to send empty threats to a future civil rights leader like that goddamned faggot* Hoover did to MLK. He'll be able to just load up that innocent person's phone with kiddie porn or any other incriminating material, and then send him a message that says "hey, look at your phone: you'd better kill yourself".
* Damned right, i called him a faggot. He fully supported government oppression of homosexuals despite being one himself.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Bah. Aside from anyone on this forum, no one will care if Apple loses as long as their Netflix and Candy Crush still work.
Try also telling them that China has just as much right as the FBI do to the code.
The USA sanctions Ireland and the rest of the world just blockade the USA, and seize the assets abroad, arrest the businessmen and non-privileged US government agents and throw them out of the UN, WTO and repeal TRIPS/TPP/et al.
Meanwhile, US citizens still demand their Iphones and get them and throw out the government in charge.
The FBI can access this phone - but they don't want anyone to know this so they have to be seen to be forcing Apple to do it. If they magically get access without Apple then that raises a lot of questions.
Just my 2 euros worth
I have some thoughts in my head that I shared with someone via voice in person, and they can't compel us to divulge said thoughts on command. Guess they're completely fucked as this happens every day!
Twinstiq, game news
Only problem: we always cave to the US
Seriously, if it is BGA, it may represent a modest mechanical challenge (because you have to get the hot air just right), but that is it. The other case variants are easy. Once the chip is removed, you, of course, place it in a socket or an adapter where you can alternate between re-flashing or having the phone use it. Soldering it back in for every 10 tries would be the hight of incompetence. Then there is the possibility of replacing it completely, for example with a RAM-based emulator. This is really not that hard to do, you just need a person that has the relevant experience and maybe $1000-$2000 in equipment.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
While true, that's not useful, because of the contrafactual if. They can include one time pads in the ROMs, but since it's a mass market device, they will be accessible by anyone with the purchase price and some expertise.
They could do something nearly equivalent, but it would require an extreme amount of effort, and so, as I said, I can't imagine them doing it.
It's one thing to make a received communication undecipherable, it's another to protect something in transit. And even in the first case if nobody knows the key to unlock the code, then you can't retrieve the message yourself.
Now streaming communication can be secure AFTER then handshake, but if someones recording everything, they are also recording the handshake, and so they know the key that's been decided upon.
Foolproof encryption is impossible if there is physical access, and if it's desirable that somebody ever be able to read the message. You can do encryption that can't be cracked without the key, but coercion of key access is not an unknown part of the process. (OK, in this case the person you'd want to coerce it from is dead, but that may be equivalent to "you don't want anyone to ever be able to retrieve the message", which is one of the workable cases.)
The problem with one-time pads is that they depend on a shared secret, and if you overshare it, then it's no longer a secret. And no algorithm can actually be equivalent to a one time pad, much less be able to generate the precise same series of numbers as that on another machine. If you use a deterministic algorithm, then it's not random and is potentially crackable. If you don't, then you can't get the same set of random numbers as your partner. The only way around this is out-of-band communication.
I think we've pushed this "anyone can grow up to be president" thing too far.
Perhaps the Cayman Islands, then? Or make a deal with both Russia and the Ukraine to let them buy the Ukraine?
But I'm not sure that just because the EU recognizes US banking/taxation laws it would automatically enforce a case that was clearly unfounded. Particularly when the case against enforcement was supported by a powerful corporation. You might, of course, need to move all development out of the US. But the TPP and an equivalent treaty in process with Europe are going to make import taxes expensive to the imposing country. And the process being set up for trials isn't friendly to governments being charged by a corporation.
I think we've pushed this "anyone can grow up to be president" thing too far.
All developers don't need, or get access to, all of the code. So that argument fails. You would, of course, need to move many of them. I'm sure the EU would object to acquiring a lot of well paid tax payers and a company that generates huge amounts of cash.
The thing is, it would be a quite expensive proposition for Apple. I'm rather sure they COULD do it, but I'm even surer that they wouldn't.
I think we've pushed this "anyone can grow up to be president" thing too far.
So that argument fails.
Maybe.
I'm sure the EU would object to acquiring a lot of well paid tax payers and a company that generates huge amounts of cash.
I'm sure they'd love it, too. But one government or another would eventually tell Apple to pony up with the source.
"I don't know, therefore Aliens" Wafflebox1
Apple always is known to have very very reliable security systems. After many many tries even hackers couldn't break into OS7 and OS8 operating systems in the past. Why anybody, for that matter Apple should tarnish their hard earned trust and image by FBI's silly order. FBI should not depend to investigate with anybody's help but by themselves. If courts order this or that company to work against their products, this leads to open many cans of worms. Just to think that, if that Iphone was a Russian or Chinese product, could the FBI be able to order a foreign country to comply hacking to their own product?
Well played.
Apple may well lose this round - But they can salt that field so deeply as to make Uncle Sam wish he'd never asked. "Gee, sorry, did we just make all your expensive Stingrays almost completely useless, boys? Oops, our bad, wink wink nudge nudge!"
I'm surprised no-one has brought up the obvious question - if Apple gives up the keys to the US, you *know* the rest of the world will be lining up with similar requests/demands. I wonder what the response would be if Apple simply declared that if they are required to do so, they will do so for *everyone*. Put it online, publicly available (and then make sure the trick doesn't work in the next version).
politicians take notice of millions of people