Slashdot Mirror
DOJ Threatens To Seize iOS Source Code (idownloadblog.com)
An anonymous reader writes from an article posted on iDownloadBlog: The DoJ is demanding that Apple create a special version of iOS with removed security features that would permit the FBI to run brute-force passcode attempts on the San Bernardino shooter's iPhone 5c. Meanwhile, President Barack Obama has made public where he stands on the Apple vs. FBI case, which has quickly become a heated national debate. In the court papers, DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state." Footnote Nine of DoJ's filing reads:
"For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."
As Fortune's Philip-Elmer DeWitt rightfully pointed out, that's a classic police threat. "We can do this [the] easy way or the hard way. Give us the little thing we're asking for -- a way to bypass your security software -- or we'll take [the] whole thing: your crown jewels and the royal seal too," DeWitt wrote. "With Apple's source code, the FBI could, in theory, create its own version of iOS with the security features stripped out. Stamped with Apple's electronic signature, the Bureau's versions of iOS could pass for the real thing," he added.
"For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."
As Fortune's Philip-Elmer DeWitt rightfully pointed out, that's a classic police threat. "We can do this [the] easy way or the hard way. Give us the little thing we're asking for -- a way to bypass your security software -- or we'll take [the] whole thing: your crown jewels and the royal seal too," DeWitt wrote. "With Apple's source code, the FBI could, in theory, create its own version of iOS with the security features stripped out. Stamped with Apple's electronic signature, the Bureau's versions of iOS could pass for the real thing," he added.
signature/brains
Didn't think this could get much stupider. But...
Don't step on the baby.
DOJ's response to Apple's claim that the DOJ is trying to make a police state? You guessed it: create a police state.
Note to everyone: burn your backdoors. Do it now. Apple wouldn't be in this mess if the phone was secure against updates while locked.
See that "Preview" button?
What's to stop Apple immediately releasing an update which 1. installs new keys, and 2. revokes the keys in possession of the FBI? i.e. before the FBI has enough time to modify and release their own version?
"Install this update NOW before law enforcement gets access to your phone?"
Or am I missing something?
If that's a feasible option, they're probably working on it right now.
They sentenced me to twenty years of boredom
As a Portland resident, this hits home to me... I'm locked-n-loaded -- come and get 'em! Dun-diddly.
It shouldn't be the FBI's job to lobby for or against policies with such wide political implications. It's conflict of interest, and outside of their role as part of the Executive Branch. They are to carry out of the orders of the other branches and formal political process, NOT to make or pressure policy.
They can state their preference on political issues as they relate to crime fighting and prevention, but to aggressively push for a stance or policy is another thing.
Table-ized A.I.
With exactly this reasoning cited in the article.
... then isn't the derivative work that they make copyright infringement?
File under 'M' for 'Manic ranting'
Let's see...
Corporation = Person
Person = Bill of Rights protection
Corporation = Bill of Rights protection
The USA Federal Government can demand anything they want to demand.
The USA Constitution puts limits on what has to be provided.
Illegal or even unfair seizure of property, requires appropriate payment from the USA Federal Government.
So POTUS Obama and Regime, "Where's the money?"
Otherwise, the USA Courts will tell POTUS Obama and Regime to buzz off.
(Who would have thought the crazy IP laws, Copyright Laws, etc. would turn around and bite POTUS Obama, his Regime and his Feds in the ass?)
They only need the key for digital signature, the FBI has the technical expertise to hack the binaries just like black hats. Its all about the key.
If we end up in the horrible situation where this is going to happen then morally Apple must do it. If Apple makes the changes they can also include code that restricts this version of iOS to the single phone in question. A new court order will then be needed for any other phone. However if the FBI is left to make the changes there will be no such restriction, this version would run on any phone and a court order may not be necessary for its use.
Its a classic negative / negative decision. Both options suck but one sucks significantly worse. Apple is morally obliged to help protect its customers as best it can and that means the FBI can't be the one making the changes.
You know that "oppressive government" people are always talking about?
Here's the baby pictures kids!
Chas - The one, the only.
THANK GOD!!!
In the court papers, DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state."
Of course it could lead to a police state. That's what this is all about, abuse of spying capabilities.
We just found out this week that your giant US-to-foreign email conversations database the NSA shares with you allows warrantless reading of the to: and other fields, not only without a warrant, but without even any tracking and logging .
This is the core of the Constitutional issues the Constitution is supposed to prevent -- people in power having the ability to spy on political opponents, using government powers.
What is to stop, or even notice, a rogue agent working for a politician spying on opponents on their behalf? Nothing, and not even a secret court nor the elected congressmen who are on a national security committee, and are nominally supposed to make sure it isn't abused, can even detect the abuse.
How are we to know this software won't be copied and abused to crack some stolen politician's phone? Of course this assumes you are stuffed looking at who they call, anyway, to feel out their political support networks, the meta info, that itself could be abused, and is warrantless.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
What's to stop Apple from creating a new corporation overseas and have them hold the IOS source code there? Apple USA no longer has access to the source code, and the new company tells the US Government to go suck an egg.
The government could launch a massiv DDoS against Apple's update servers and spoof their IP addresses to update all the devices in the wild to their custom firmware...
ELOI, ELOI, LAMA SABACHTHANI!?
Wait, I'm white. Does this affect me yet?
Do you honestly think that Google won't voluntarily comply if Apple caves?
ELOI, ELOI, LAMA SABACHTHANI!?
Yeah, we really need an amendment for the right to bear iPhones...
Most linux users don't know this, but the man pages were named after Chuck Norris. Chuck Norris fsck'ing hates noobs!
Since you're from Oregon, I'd thought you'd have turned on a TV and seen how effective a certain other movement's attempt to start a revolution fared against the feds. These neo-revolutionaries are in waaaaay over your head. Best to do what the rest of us are doing and learn to live with what you don't like.
Ever heard of LOGJAM, DROWN or FREAK?
IT'er my ass.
Solving Unix problems since 1989...
Armed response is way premature and is the last result when all peaceful means are exhausted.. On the other hand filing a motion for an injunction prohibiting this until the matter has been fully litigated would be a wise move. This is clearly a constitutional issue... We have a Constitution and Bill of Rights for just this reason...
but there is right and wrong and I think they should pack up and leave the US. I think that would be big bump for others to follow. As a Apple hater and a Canadian I for one would welcome the Apple job creating Overlords into Canada with open arms.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Private property rights (that would have defended Apple in this case) were were killed in the USA the moment government was able to apply the Sherman's Act to dismantle Rockefeller's Standard Oil. This is not new, the only people who think this threat by the government Mafia is anything new are the ones who want to discriminate against some (for example discriminating against Rockefeller's right to private property is cheered by a large number of people).
Apple is the modern day Standard Oil. This case against them is the application of Sherman Act against Standard Oil. If nothing is done, 100 years from now idiots will be saying that government using its oppression to destroy Apple's private property rights was the correct thing...
You can't handle the truth.
it is all George Bush's fault. right?
I know you're just trying to be funny, but when the shit hits the fan the military and law enforcement will be on our side, not the government's.
Hand over the source code and digital keys — encrypted. If the government wants to unencrypt it, the NSA can provide a spare computer or two. If not, oh well.
isn't DOJ law enforcement? or are you saying wait for shit to hit the fan first.
Come and get what? You're such a lunatic gun-toting yokel you don't even know what this discussion is about.
Wait 4 years till the import restriction legislation gets passed and kicks in.
iTear? is that a new fbi app
You really should read up on American history... start with Watergate. The reality is that fully encrypted communication channels are the lesser of two evils here... and fully encrypted communication is no different than "taking a walk in the woods" 200 years ago. The underlying idea is that thought is not a crime, speech is not a crime, and full access to my device only gives you my thought and speech. This has nothing to do with guns, you are mistaken about that. Gun control is about individual protection... encryption is about national protection.
Which has more power: the hammer, or the anvil?
And seriously, who the hell is gonna hack your mobile phone?
Russian hackers looking for banking information and passwords on stolen phones, comes immediately to mind.
I live ze unknown. I love ze unknown. I am ze unknown.
> And seriously, who the hell is gonna hack your mobile phone?
I really hope you're never put in charge of anything important.
Fear mongering is the new "reality distortion field".
You know those TSA approved luggage locks? The Washington Post did a story on them, and included pictures of the master keys.
Someone saw this and used the photos to make a functional 3D-printed set of keys. All of those TSA approved locks are useless now.
It is impossible to make a backdoor that only the "good guys" can use. It *will* get leaked, stolen, or cracked.
All this will accomplish is allow the gov. to peek into lazy and stupid criminals communiques. Apparently the FBI thinks the majority of the bad guys fall into this category. They may be right, as it stands now, but if they win, that may be the event that causes bad people to get smarter. The response may be worse than the current situation, and everyone's security will be placed at risk because of it.
You are obviously not in touch with reality, or US laws concerning encryption.
Wrong... you can't sue a government agency into oblivion... only it's people.
Which has more power: the hammer, or the anvil?
Apple already evades paying US taxes, I'd be happy to see them leave.
You know that oligarchy people are always talking about?
FTFY
I know you're just trying to be funny, but when the shit hits the fan the military and law enforcement will be on our side, not the government's.
Duh-lease, don't make me laugh. What's the FBI? Time to move the source code and the signing key to Germany.Germany has a special hate for domestic spying. Heck, even set up a head office there and move the staff in charge of security there.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Can the government compel someone to say something they do not wish to?
As long as code is free speech (Bernstein v. the U.S. Department of State; Brown v. Entertainment Merchants Ass'n). And as long as the ruling of Citizens United v. FEC stands, it seems to me that Apple has a First Amendment right to STFU.
I hope this results in Apple stuffing the EFF war chest to keep that organization going. And the ACLU has made strong statements in support of Apple, but I predict the ACLU won't become involved in the case.
“Common sense is not so common.” — Voltaire
How did the police even do their work back in the days before smart phones? Talk about a complex of entitlement vs doing hard work.
I as a citizen at this point I could care less if that phone contained codes to disarm a nuclear bomb. I choose civil rights over government entitlement.
I so want the government to storm into apple like they say. Let's make this a presidential issue. This has totally blown up in the democrats faces. They better switch sides or there is no way Hillery is going to get elected which before now I would have said was guaranteed.
I suspect all companies in the future will implement combinations of keys that can't be compromised though any one countries government.
OK - so OLD phones will be subject to this problem but new phones need a new signature from now on.
Funny, all those rights didn't stop the government from rounding up the American citizens of Japanese ancestry into concentration camps.
Rights is what government lets you have when it's convenient. They all go into the trash the moment they become a hindrance.
Before you start talking about how the citizen soldiers or the police force will not stand for such things, most heinous acts in history are easily justify by a singular excuse of "just following orders."
ELOI, ELOI, LAMA SABACHTHANI!?
Yeah, we really need an amendment for the right to bear iPhones...
We do. It's the amendment two over from the right to bear arms. Apple has two amendments that gives them the right to not work for, nor speak on behalf of the FBI along with the aforementioned right to not give up their legal property.
Now this is merely a matter of whether the DoJ are loyal to the only thing that gives them authority or are loyal to those that wish to be our masters.
No matter who makes those changes, the problem is the same... If Apple makes it and just lets the FBI use it, then the FBI will just keep on asking in the future whenever they need their help, and Apple keeping it around means that there will exist a possibility that it might get misappropriated from Apple. By expecting Apple to cooperate with the FBI, the government is basically telling Apple to play Russian roulette with its own IP. What sane person would voluntarily pull a trigger of a loaded gun that was pointed at their own head, even if they knew that most of the chambers were empty?
File under 'M' for 'Manic ranting'
That would constitute contempt of court - which is a bad idea. Nice thought though.
Apples next move - open source iOS
A man spends the first half of his life accumulating stuff, the second trying to get rid of it all.
I remember seeing movies about life in Germany under Hitler. Whether accurate or not, random people were walking on the street and officers would mutter that command to people, and if they didn't have what was wanted - bang! You might disappear. It strikes me that where we're going in the US (land of the free!) is this direction. The government HAS to be able to see ALL of your papers - only they are now electronic records. And there CANNOT be anywhere that you can put things that the government shouldn't be able to get in. I wonder how we justify being able to take a walk of two people in the woods, without the government being able to "know", upon warrant, what was said? Should we also have microphones recording at all times so that *everything* is discoverable? And what about the government that starts bending the rules of court-issued warrants, to Hoovering up of ALL records on the phone, or the internet? "It's all for your protection, and for the children....".
The argument against backdoors is not against law enforcements' ability to gather evidence. Most of us would like to give law enforcement every ability to legally obtain all the evidence they need.
The argument is against the very concept of backdoors and the fact that have been proven time and time again that a backdoors means no security at all, not just no security against governments, but no security against foreign governments, scammers, hackers or anybody at all.
Backdoor == no security.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Perhaps the hard line stance isn't too important where you liove, but here we have law enforcement that routinely breaks the law (including blackmailing the president). We absolutely do need absolute protections to back up our often ignored Constitutional rights.
Once you're up in front of a court. playing games like that gets your legs chopped off. It's too late for the present scenario, but the need to move Apple overseas - which also lets them avoid a lot of corporation tax - is now apparent.
The US doesn't have effective gun control laws, so getting shot is a much higher risk in the US. Now they want to break encryption, which means that getting hacked can only be a higher risk.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
They would be chopped off at the legs for that
Yes, because the people you belittle and laugh at are now suddenly going to turn around and help you because "MUH RIGHT TO HAVE AN IFONE IS BEING INFRINGED".
Sorry to disappoint you.
I keep hearing people claim that there is a debate, but that is complete bullshit. The Feds are making demands, and people keep providing the same reasons over and over on why the Feds demands are wrong. There is no debate because the authoritarians in power don't care about right and wrong, or rights beyond their own. (They have them, you don't.)
I personally have no trust that if this went to the Supreme Court there would be a favorable outcome. Remember, Corporations are people, and the Feds can re-distribute _YOUR_ wealth however they see fit.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Yea, China feels strongly about people's civil rights.
FFS.
As soon as the notoriously inept FBI gets their mitts on the source code and private keys we'll see it leaked in no time. It's a huge win for consumers who will soon be able to root and run iOS the way we enjoy Android.
I hope TPB is ready for it.
Trump assured us, in a recent debate, that if he gave unconstitutional order to the military, they would obey him.
I don't know if he's right, but it's clear that he, and the significant portion of Americans who are blindly following him, think he's right.
I'm a life-long Republican, but if push comes to shove, I'll vote for whoever wins the Democratic nomination to keep Trump out of office. I think he really is that bad.
Apple isn't morally obliged to break constitutional rights, any more than they are morally obliged to break into your house and go through your sh*t.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
I just need to set up about a half dozen various companies in different locales with various privacy laws, and offer a binary signing service. They sign with their key, and then each of the various independent companies wholly owned in various jurisdictions also signs them, and only once that's happened is the signature correct for the device to authorize.
There's some M of N signers trust webs out there, as well as some block-chain signing type things. Basically implement that, make it international, have the companies be independent entities with no tie to each other or their customers. Then you would have to coerce/steal keys in a half dozen various jurisdictions to get a binary authorized.
So then the world gets 2 iphones - unbreakable and gov-rapeable. Guess which will be in bigger demand by those working in government, such as the FBI?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Could apple contract with a foreign person, outside the jurisdiction of any U.S. Court, to do all the key signing that apple currently does? The sub-contractor would work according to a contractually specified algorithm, that basically says to signs what apple wants it to sign, but refuses to sign anything coerced. The sub-contractor would store the signing key outside the jurisdiction of any US court. If this scheme is ruled illegal and apple is pushed to the wall, apple could move all of itself offshore, and the Justice department could take responsibility for the resulting job loss.
It is amazing to even try to conceive that the ham-handed FBI, with politically appointed leaders (aka morons who have no idea about building hardware/software and who are trained and incentivized to kick doors down, not pick locks) would be remotely qualified to even understand the ramifications of creating/modifying source code, signing it, and pushing it to carefully designed hardware. Much less qualified to execute on that task with a few government programmers, when it took an organization of 100s of people years to develop what is now the iPhone hardware+software encryption infrastructure.
Just for your reference, the reason the encryption keys are so important / secret is that:
-- All recent (>4 year) Apple hardware has built-in encryption-dedicated processing hardware
-- This hardware has firmware burned-in with Apple public encryption keys that validate that any code has come directly from Apple without modification, on startup
-- This key validation structure is designed to ensure that only code signed by Apple's private key can run on the phone
-- Every iPhone has the same public keys burned on it, because that's how public keys work.
So if Apple is forced to give its private keys to the FBI (assuming the remote likelihood they even knew what to do with it), the FBI would have the ability to encrypt and sign software for any of these iPhones. The idea (legal argument-wise or technically) that "this is about one phone" is laughable.
Forcing someone to disclose encryption keys would be a huge violation of the First Amendment. If there is anything that qualifies as speech and knowledge, it is an encryption key / secret. Then on top of this, there is the question of whether the people at Apple who are in charge of the encryption keys (yes, individuals) would even voluntarily turn it over if given such a blatantly unconstitutional order.
I'm sure that even people within the FBI laugh at the notion that they could develop such code without fucking it up, deploy it, and maintain the secrecy of the keys and source code from outsiders.
And final note by the way, this legal filing was written so poorly as to be a joke. It reads like a summer intern wrote the brief after being dictated it by the paralegal to the Assistant US Attorney dashing out of a meeting.
.... there is a lot of encrypted source code.
Seriously... they won't give up those keys either. And those keys are far more difficult to crack.
Another consultant who stuck it out.
"We are the Priests, of the Temples of Syrinx..."
More or less. We needn't worry about the police state anymore because it's already here. They're threatening to seize Apple's intellectual property without due process. If they can get away with doing that, then they can get away with taking anything from anyone for no reason whatsoever. Sounds like a Police State to me, with Comrade Obama leading the charge.
Afaik all of the current top candidates on both sides are against strong encryption.
If you know otherwise please do let me know.
Minimum threshold fixed. Thanks!
This isn't oppression yet. Wait until people start disappearing. Then you'll have oppression.
Seven puppies were harmed during the making of this post.
Because no other governments in the world will decide this is a good idea.
Time to move the source code and the signing key to Germany.Germany has a special hate for domestic spying.
Germany has a special hate for foreign governments and organizations spying on its citizens. No guarantee it would use its laws to project anyone not its citizen.
Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
Those TSA-approved locks were already useless against someone with a $40 set of linesman's pliers, but your point still stands.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
Imagine the damage that would be done to Apple if the FBI got their way and then the next Edward Snowden came along and released Apple's signing keys.
The argument against backdoors is not against law enforcements' ability to gather evidence. Most of us would like to give law enforcement every ability to legally obtain all the evidence they need.
Then most of you are fools.
Or, put another way, a person's thoughts and speech is not evidence. If it wasn't said in public, it isn't something the government should be able to use against anyone, no matter what the crime or alleged crime. If you don't allow terrorists to have their thoughts and private speech safeguarded, yours isn't either.
Fucking coward.
Remember that pesky clause at the end of the 5th ammendment? "... nor shall private property be taken for public use, without just compensation." According to the stock market today, "just compensation" for Apple's IP is somewhere in the $600 Billion range.
" that they all knew was used to handle classified data "
Yup, right ;)
" You're a paid Hillary! shill "
Hah!
If the State is comfortable issuing a court order to force apple to write code it doesn't want to write and stealing the code it has written. Then why are we wasting so nearly 1.5 trillion in tax payer money on Lockheed Martin. The DOJ could just write a court order that they have to build the F-35 and save us a butt load.
What surprises me from John Oliver's take on this is that Lindsay Graham said we need to step back. Even he now knows that it's not a workable strategy for the government to get access to the phones.
"Who are you?" "No one of consequence." "I must know." "Get used to disappointment."
Would this work?
http://getthemonourside.blogsp...
Science & open-source build trust from peer review. Learn systems you can trust.
Time to move the source code and the signing key to Germany.Germany has a special hate for domestic spying.
Germany has a special hate for foreign governments and organizations spying on its citizens. No guarantee it would use its laws to project anyone not its citizen.
So, here we have two people in a row that either don't seem to be sarcastic about the situation or were too subtle for words to convey properly.
Did either of you pay any attention at all to any part of the rest of the world during the NSA scandal? Germany was literally the second country that Snowden pointed out was spying on its own citizens, and they were in cahoots with the NSA to share information.
According to Edward Snowden, the feds have the capability to get into the phone already. I'm not surprised by this at all, it's so obviously a power grab to set precedent and feed the backdoor to local police so they can start sending drug dealers to jail even more frequently. This is a really scary story, has anyone ever seen anything like this? They're basically breaking down the door and demanding compliance. Fuck everything about this.
640k ought to be enough for anyone.
Another lifelong Republican here, and what I'm hoping is that in burning down the old house we will get some new parties out of this. Can we hope for a Science And Technology Party being one of them?
Does the court judge have authority to violate copyright? Copyright comes from the Constitution, not some local law.
"We do. It's the amendment two over [wikipedia.org] from the right to bear arms"
In addition, forcing Apple to do work for the government against its will is a Thirteenth Amendment violation. We haven't had one of those for some time.
The reason for the 2nd amendment is to protect us from our government - but the fact is that so far we have not come to the point where taking up guns for such a purpose would be legitimate. The point at which it becomes legitimate is the point when the government is both disregarding the Constitution _and_ the democratic will of the people. It is harder to oppress an unwilling armed populace than an unarmed one. A few nuts marching around with their weapons talking about rebellion when most of the people (rightly or wrongly) think everything is OK is not what the founders were thinking of when they put in the second amendment. Even if they (the nuts) could stare down the tanks and heavy artillery, they really have no legitimate mandate to impose their will on the rest of their fellow citizens. On the other hand if the President directs the military to go kill anyone who wears glasses (this actually did happen in one country in the last century) it will be a lot harder for the military to carry out those orders if the citizens are armed.
That would be great for business for Android, until they eventually suffered the same fate.
www.cyanogenmod.org
Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
Refuse to pursue clear, obvious mishandling of State secrets by its own SecState. Ignore the use the IRS to attack political opponents. And now threaten to seize assets of a company that has done nothing wrong. Absolute fascism on display. 2017 cannot come soon enough - and as long as it's not Hillary, I don't care - Bernie or Trump would be fine. Anyone to tear down the fascist bureaucratic facade that is the Federal Government today.
Browsing at +1 - no ACs, I ignore their posts. So refreshing!
Maybe other governments, unlike the US, will do more than pay lip service to privacy rights. The US doesn't even bother to do that any more.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
And it's time to end that. The US never will, but ...
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Much of the military will be on the citizen's side, but law enforcement has been operating in full-on "us vs them" mode against the citizenry for decades now. They're completely comfortable kicking in their fellow Americans' doors and shooting them in the street.
If you want a vision of the future, imagine a youtube comments section scrolling - forever.
It's an interesting comparison. You might also think about how speech is handled in the US vs Europe - in both places speech is "free" but both places put limits on libelous speech, while European countries (mostly) additionally put limits on hate speech. Broadcasts are also censored in both places to a greater degree than other forms of media distribution, and there are obscenity laws in both places - though exactly what qualifies as "obscene" is poorly defined and largely up to the subjective interpretation of judges.
The fact that hate speech is allowed in the US is a point of pride for many Americans, even though they themselves may not be hateful people. Taking what they consider to be an absolutest stance on free speech is seen as a pillar of Freedom (TM), Liberty (TM), and so on. There's a lot of absolutism in the US. It requires a curious degree of double-think to take this view of absolutist free speech while at the same time condoning all of the censorship, obscenity laws, laws against libel, etc., and when confronted on this point a person who has defined their stance to be one of free speech absolutism has to make a call whether to backpedal or double-down. Naturally, they almost always double-down and say that they think those things shouldn't be prohibited either. And yet. Those things still exist and enjoy considerable popular support, as does the ability to disseminate hate speech.
It's easy to see how that parallels with weapons - pillar of Freedom (TM), etc. It's vitally important to protecting stuff that weapons not be restricted in any way, because tyranny, except for the sort of weapons which would actually be effective against a modern army. (I have a sad hole in my gun cabinet in the shape of a surface-to-air missile.)
So how about encryption and information security? All things being equal, I expect we'll go down the same road with this one. We're already doing that with personal information and privacy - lots of lip service to how important it is, and that's all. Encryption is complicated by the fact that it can't be controlled, any individual with root access to a device can encrypt it in an unbreakable way, but nevertheless it can still be prohibited. This approach would be almost as effective.
So, to answer your question: I don't know. When absolutism is sincerely believed and acted upon it is very seldom beneficial, but the American mindset seems to be "absolutism or nothing" and in that context it does help to prevent the further erosion of rights. Even if it may require a little double-think.
[The Congress shall have power] "To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries."
So if congress chooses not to make a law, then there is no law.
(you might say, "doesn't that conflict with the first amendment?" and some legal analysts would say "yes, yes it does, and the first amendment takes precedence for various reasons." That is of course not the mainstream view, though).
"First they came for the slanderers and i said nothing."
Black men in the US have a 1-in-21 chance of being murdered over their lifetime. That's a heck of a lot more likely than your lifetime risk of dying from a car accident. So no, not insignificant.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
So the government really is trying to take our guns.... :-D
Check out my sci-fi/humor trilogy at PatriotsBooks.
Living in Europe I've pretty much only been exposed to this case from the various updates here on Slashdot, so please don't take me for a troll when I ask why the phone is even important.
Anyone these two people were in contact with will have ditched anything connecting them. Any plans for future attacks will have been either scrapped or rendered moot by the deaths of the two terrorists. Any call lists etc. would probably be a LOT easier to acquire from the phone company.
So what kind of data can even exist on the phone that was not rendered worthless within a couple of days, let alone the months that have passed by now?
-=This sig has nothing to do with my comment. Move along now=-
When you give us the voting machine source.
I know you're just trying to be funny, but when the shit hits the fan the military and law enforcement will be on our side, not the government's.
Yeah, just like how all those military and law enforcement personnel stood up to the tyrannical government when it unsuccessfully tried to send US citizens off to internment camps in 1942.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
You mistake the situation: A gun-control analog would be to fit every gun with a remote-controlled "off" switch (that can then be hacked), not a restriction on how can have guns.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
I hope whoever has the screenplay rights to this DOJ/Apple stuff turns it into a great movie! I can't wait!
Once a backdoor is put in it means everyone in the world has access to it .
Let me put it this way. Would you make 1,000 copies of your home house keys, label each with your address and then give them to the 1,000 nearest police departments. Trusting that not one would-be misplaced?
Software encryption backdoors are just like that. Blind trust that millions of easily reproduced copies won't end up in the wrong hands?
i thought once I was found, but it was only a dream.
No, the correct moral stance is for apple to refuse and force the government to take the keys by force. In the extreme case possible destroy them themselves rathe than surrender them.
That would be the Rosa Parks/Mahatmas Ghandi move. Deciding to go along with it in the hopes of not doing more damage than necessary would be the Werner VaunBraun move (My job is to make the rockets go up, where they come down isn't my department), and going along just to avoid consequences would be the "just following orders" move.
Apple may just decide they can live with $200b in revenue....
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Wouldn't it be faster if they just outlawed business, innovation, science and technology, religion, commerce and probably fire too? They could put out incentive programs to thugs, the mentally retarded and people seen swinging from trees going after low hanging fruit too.
That guy has threatened to arrest "rascal" Apple CEO, if it comes up.
So, would sheriff Judd hesitate to arrest Cook himself?
If this (FBI can already get in) is true then I would assume that Apple would have a reasonably good idea that it is true. If so then Apple should say so when next in court - that would remove the FBI's entire reason for demanding the source & keys which would put them back to zero. However: the Apple lawyers will be much cleverer than I am and probably have already considered this.
You mean Russia?
But...but...that would imply that the free stuff the government promises us isn't really free.
Look at how many people followed Hillary!'s orders to set up an illegal email server in her shitter that they all knew was used to handle classified data.
I haven't been following this story closely, not living in your fine country, but I'm curious: How many was it?
Obviously the lower bound is one; it only takes one person to set up an email server. Obviously there is no upper bound, since there must be government bureaucracy involved.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
AC beat me to it. Pussy.
Do it, DOJ. Go ahead and do it. Apple will push one final update with that signing key, updating the signing key for future updates, them immediately push another update, signed with the new key, to disable rollbacks. You'll be able to use the source and signing key for devices which don't receive that first update, which will include any currently in your possession, but you won't get shit beyond that.
Go for it.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
I don't buy arguments secure boot loaders make systems appreciably any safer. Physical access is game over no matter what. Successful remote root exploit is also game over in terms of at least exfiltration of data even if attack can be rendered non-persistent after reboot it can also be accomplished with protected media.
The real purpose and biggest winners from secure boot loaders are vendors who use them to prevent people from modifying the computers they purchased.
I don't buy any excuse supporting the current system of planet scale trust anchors where compromise of a single private key stands to compromise millions or billions of systems world wide. This is both standard operating procedure across the industry and also happens to be perfectly inexcusably insane.
We are abusing PKI in ways that promote compromise and unnecessarily endanger users. There simply is no reason for this. All that needs to be done is for global trust to be limited for the purposes of service discovery and bootstrapping to off-ramp more localized sources of trust.
If you do this damage associated with key compromise is significantly limited and would be a useless thing to request in any court.
I look at third party doctrine, patriot act sec 215 and real world examples of Operator receiving NSL+gag order for private key even though they offered to comply with request to write code to get data without compromising others.
So yes I don't agree with DOJ threats nor the patriot act, third party doctrine, warrantless bulk data collection...etc..etc. I don't believe Apple should be forced to hand over private keys nor bless system images they don't want to bless no matter what. It isn't proportional and compelled speech is not consistent with a free society.
Having said all that what we're doing today is wrong and dangerous. In many ways the government requests are a wakeup call highlighting implementation and structural failures... Technical people involved and the industry as a whole needs to quit whining and bitching about government requests and spend more time thinking about how they fucked up.
No on the contrary I've lived in countries that really have oppression and I'm shocked at what whiny little bitches Americans have become. I'm not in favor of a surveillance state but you guys don't know how good you still have it. The screw can be turned quite a bit more before society breaks. You'll see.
Seven puppies were harmed during the making of this post.
I wasn't aware that my $50 set of linesman's pliers could be considered a hacking tool, or that anyone would use locks chitzy enough for them to cut..... should I worry about the TSA confiscating them --- if I put the pliers among the "just in case" items within my luggage?
Here is the thing.
As a fellow Oregonian, those Federal Lands are already shared lands. I have access to them, because they're Federally owned. The idea of taking those lands and giving them to "the county" to sell off to private parties, well guess what? I would no longer have access to those lands.
The only reason Oregonians didn't take up arms and join militias and go take back our shared lands, is that the FBI wanted to get them out their own (very slow) way.
We may be liberal, we may oppose many wars, but don't think Oregonians are unwilling to take up arms and defend the United States of America.
I just checked the political news, and I wouldn't be at all surprised if there is a Civil War II in my lifetime. We're here, we're ready, and we support the Constitution. The real one with words, not the imaginary one that says "no hippies, mmmmmkay"
This is so down the thread no one's going to read it, but here's my $0.02.
The US only has one good thing going right now for them: the IT and Technology sector. It has no manufacturing (that's all down in China now), and besides Google, Apple is the only big one in the game.
If the FBI forces Apple to give out their source code, this is how is see it playing out:
- Not only the US but the rest of the world loses confidence in Apple products.
- Apple stock drops like a sack of potatoes.
- Apple is forced to downsize: massive layoffs
- Poor sales of Apple products make having the source for iOS irrelevant (no one is using them) and the FBI ends up with its finger up its ass anyway.
The issue isn't someone cutting the lock - it's bypassing it without your knowledge even after the fact.
When the TSA has the keys, they have access and you acknowledge that (you used a lock you know they can open). When a third party also has the keys, do you acknowledge their access too?
(This argument assumes of course you're not using zippered luggage that can be bypassed and restored with a ballpoint pen).
Now apply the same argument to your iphone. If the guvmint have their own copy that they might install on your device without you knowing, is that okay? What about a rogue party?
This is what you get for all of your beloved "regulation" of the industry. Because Google, MS and most of the other tech giants own federally-regualted properties (cable lines, phone lines, etc.), they have to pretend to agree with the government or they'll be targeted for arbitrary selective enforcement of arcane and poorly worded regulations intended to tie up business of properties which these tech companies bought with borrowed money (so they won't be seeing any return on the money... in fact will take loses, but will still have to service the loans). So Apple is the only company which can afford to take this stand because they, by some accident, managed to make so much money on 1 product line. If they had multiple product lines, they probably would depend on uncle sam's permission to spit as well.
Any guest worker system is indistinguishable from indentured servitude.
It doesn't matter if they have already obtained or not. If they were to obtain it without Apple's permission, then by copyright law, any derivative work that they make from that would still be copyright infringement. Worse, if they were to get it and the source code should happen to get misappropriated from the NSA or leaked out somehow, they could end up being liable for the potentially unbounded number of unauthorized copies that would ensue until the duration of the copyright expired.
File under 'M' for 'Manic ranting'
Sure... but there already *is* a law for copyright. The question then becomes does a judge have the authority to knowingly allow someone to break an existing law without legal consequence for that violation? I'm pretty sure the answer is no.
File under 'M' for 'Manic ranting'
Your notion that "private speech is not evidence" runs directly contrary to, oh, 300 years of law and precedent? Maybe even more?
Opening and reading mail with a properly obtain warrant, for example, has always been legal.
The key part here is the warrant requirement. That, in theory, is what prevents the government from just doing bulk wiretapping, and ensures that it's not an "unreasonable" search for Fourth Amendment purposes.
Of course, in practice, they have created rubber-stamp courts like FISA that sign warrants for bulk collection. And those are bad and, arguably, unconstitutional, and should be gone. But for a case like this, when there's ample evidence of a crime being committed by a specific person, a warrant specifically targeting this person and their means of communications is perfectly reasonable.
Which is why they trade data with the NSA, who does it for them. Look into the "Echelon" program: various nations involved in it skirt domestic laws against monitoring their citizens by exchanging data with other nations who have no qualms about monitoring other nations.
In addition, forcing Apple to do work for the government against its will is a Thirteenth Amendment violation. We haven't had one of those for some time.
I thought of this immediately. However, I think that actually has to do with "Doing labor without compensation.", and I heard that the Federal Bureau of Incineration originally told Apple to keep track of their costs, presumably to compensate them, in order to defeat a 13th Amend. argument.
Even better: the gun with the remote controlled off-switch can also be commanded to fire whether or not someone's finger is on the trigger.
-- I have monkeys in my pants.
the FBI ends up with its finger up its ass anyway.
The FBI has had their finger up their ass since the day they were created. Hoover had a bit of a secret life.
-- Will program for bandwidth
The question then becomes does a judge have the authority to knowingly allow someone to break an existing law without legal consequence for that violation?
Yes, if there is a law that allows the judge to do so (just like there are laws that allow police to speed in certain situations). The FBI is arguing that the law allows, indeed mandates, that Apple help them.
"First they came for the slanderers and i said nothing."
Don't think the government isn't worried about a real movement. Those guys were never well supported but people are getting more and more fed up with the Feds. It's only a matter of time before things get ugly for real. Sooner or later it'll blow up somewhere. I'm really disappointed with the President. He's not even a good liberal, just another establishment stooge. President Hillary is up next, the Senator from Goldman Sachs. What kind of shit is this?
Maybe we could build a government for the people and by the people? Nah! Never happen.
What would it cost apple to exchange a new(er) iPhone with the embded hardware to prevent an OS swap from enabling snooping encrypted data for all the vulnerable phones in the wild. Think of the opportunities for upsell after luring customers to a retail location with pushy salesdroids.
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
In (post) Soviet Russia, the oligarchy talks about YOU!
-- I have monkeys in my pants.
No, unless we fundamentally change the system of government we have. What we need is called "proportional representation" along with the "single transferable vote" system. This would enable more than two parties, which is the end result of the "majority rule" we have in the US. If our Legislature had seats allocated per registered, voting members of various parties in proportion to their district's population vs countries population; and voted on party seats only within those parties...but since we have a "winner takes all" majority rule, it's pretty much impossible for any third party to overcome the 51% mark.
The purpose of those locks isn't really to prevent someone from stealing from your luggage. It's so they can't do it without you realizing it. They don't even need pliers, just cut through the fabric with a knife. But again, the point is I will KNOW that someone got into my bag, and be able to hold the airline (or whoever) responsible.
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
If we don't act like "whiny little bitches" about it now, while we still can, then when we really are a police state, it'll be far too late. Excuse us if we'd like to avoid that.
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
From the document (emphasis mine):
Apple asserts that functional source code in a corporation's commercial product is core protected speech, such that asking it to modify that software on one device—to permit the execution of a lawful warrant—is compelled speech in violation of the First Amendment. This claim "trivializes the freedom protected in Barnette and Wooley"
Before reaching the specifics of Apple’s claim, it is important to start with a threshold observation: the “essential operations” of the American legal system rest upon people sometimes having to say things that they would rather not say—such as when a witness is subpoenaed and sworn to speak the whole truth and nothing but the truth.
I don't know if they're being intentionally thick, but there is a huge difference between telling someone "tell the truth" and "this is exactly what I want you to say". This is very, very dangerous.
... a person's [...] speech is not evidence.
So there's no such thing as testimony? People can't be held in contempt of court for refusing to answer a question (not counting self-incrimination)? While the crime can't be speech alone (except direct threats, yelling "Fire!" in a crowded theater, etc.), speech can absolutely be used as evidence.
(Notice I removed the "thoughts" part from your statement, that was on purpose.)
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
How do you like your Patriot Act now bitches!
I've calculated my velocity with such exquisite precision that I have no idea where I am.
That is of course not the mainstream view, though
Only if most people haven't actually read the First Amendment (Congress shall make no law...).
Oh, right..
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
Apple isn't morally obliged to break constitutional rights, any more than they are morally obliged to break into your house and go through your sh*t.
If there is a court order then there is no breaking of a constitutional right. The constitution forbids searching your stuff without a warrant, but with a warrant / court order you can absolutely be searched.
... name that is the only way to ensure the modified iOS will be limited to a device and can not be reused with other devices without another court order.
The problem is that while a court may not be able to order Apple to do work for the FBI a court can probably order Apple to hand over a key. If we get to such a situation then Apple would be morally obligated to do the work for the reason previously described
The absolutely worst case scenario is if Apple refuses to do the work and is forced to hand over a key, allowing the FBI to user their version of iOS anywhere. Letting that happen would be the greatest moral failure for Apple.
No matter who makes those changes, the problem is the same...
Absolutely not. In the Apple scenario the code is locked to a device and a new court order will be required for every other device.
In the FBI scenario the code will not be locked to any device, will run on any, and the FBI is free to use it on any device they have possibly without a court order.
So the options are require a court order per device or allow any device to be unlocked at law enforcement's discretion.
Apple keeping it around means that there will exist a possibility that it might get misappropriated from Apple ...
That is complete non-sense. There is nothing special about the code. The FBI could patch existing binaries, black hats could patch existing binaries. The only thing that prevents modified code is the key for signing. That is the only thing that matters. Apple could publish iOS source code with the unlocking and it makes no difference, the situation is the same as if binaries were patched by outsiders. Nothing runs unless signed with the key.
No, the correct moral stance is for apple to refuse and force the government to take the keys by force.
No, because then the government creates the alternate iOS without any device locking. The government could then use this version without court oversight.
Deciding to go along with it in the hopes of not doing more damage than necessary would be the Werner VaunBraun move (My job is to make the rockets go up, where they come down isn't my department), and going along just to avoid consequences would be the "just following orders" move.
A very poor analogy. Werner did nothing to limit damage. He just went along to purse his scientific curiosity/passion regardless of the consequences. Matter of fact he probably increased damage, if he had not contributed progress would probably have been slower. He made a conscious decision to use the Nazi's as a funding source regardless of consequences. Complete psychopath.
This argument has been suggested, but it presupposes an expansion of eminent domain to human labor. This has not happened yet, even with the current SCOTUS.
Apple isn't morally obliged to break constitutional rights, any more than they are morally obliged to break into your house and go through your sh*t.
I understand you're not from the U.S., but only the Government can "break" (deny you) (your) Constitutional Rights. A Person (including a Corporate "Person") cannot affect another's Constitutional Rights, period.
It's a difficult concept even for most U.S.-ians to understand; so I really don't blame you at all for your statement.
As an IT'er, i've always followed that encryption etc... is good and shouldn't be made easier to break for the government... That it's an all or nothing story etc... But i like to make parallels to other things. And i'm now wondering... how is this any different than gun control?
It's not different at all.
Secession is the right of all sentient beings.
I don't make a habit of answering rhetorical questions.
Seven puppies were harmed during the making of this post.
Those TSA-approved locks were already useless against someone with a $40 set of linesman's pliers, but your point still stands.
I'm very curious how, like a key, using nothing but your linemans pliers you can remove the lock, rummage through and replace items in the luggage, and then put the lock back on leaving no trace of break-in what so ever.
Specifically that last part. It never worked for me with bolt cutters or torches.
Could you detail your methods for me please?
I believe this is the selling point (such as it is) of so-called "smart-gun" technology.
DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state."
How dare you suggest that our court order could lead to a police state? Just for that we are going to take whatever we want!
I'm an American. I love this country and the freedoms that we used to have.
So the options are
You are forgetting the third option: Just drop it. The shooters are dead. Anyone who assisted them who has half a brain will have left the country by now. Plans and targets will be changed.
Just walk away, FBI.
Have gnu, will travel.
However, It was a different era and there was one hell of a war going on at the time.
You think it was so different? The leading Republican candidate today is running on a policy which includes "registering" Muslims. Admittedly, he may not be serious. Perhaps, the proposal would never be implemented. Still, he didn't lose popularity over that particular proposal...
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
Anyone who was in law enforcement or the military in 1942 is in their 90's at least.
Once the media was able to portray them as a bunch of old coots holed up in a bird sanctuary ...
I wouldn't unduly laud "the media" over that. It's not like it took a lot of effort.
One word. Jailbreak.
File under 'M' for 'Manic ranting'
The government enjoys sovereign immunity. Basically the laws of the country don't apply to the government, except in a few cases where the government decides it does apply. It's up to the Supreme Court to impose Constitutional limitations on excess expansion of government power. Except the last few decades they've been going nuts allowing just about anything under the Commerce Clause.
>>>move the source code and the signing key to Germany
Not to Germany. Rather putting the source into encrypted file system spread across multiple independent countries. (RAIJ, Redundant Array of Independent Jurisdictions). You can have the file system fragments here in the United States, the German, Irish, Chinese, Brazilian, . . . are of course not covered and need to be addressed in each country.
Microsoft backs Apple, even while Bill Gates doesn't.
One word. Jailbreak.
A silly word given that the owner must intentionally install the jailbreak. A 3rd party can not "jailbreak" someone else's phone.
So the options are
You are forgetting the third option: Just drop it. The shooters are dead.
As you said, that is not one of Apple's options. And if you want to get all technical ... the phone was not the shooter's, it is the employers. And the employer gave the FBI authorization to get into the phone.
Apple isn't morally obliged to break constitutional rights ...
There is also no constitutional right in this case because it is the employer's phone and the employer has given the FBI permission to access it's property.
I understand you're not from the U.S., but only the Government can "break" (deny you) (your) Constitutional Rights. A Person (including a Corporate "Person") cannot affect another's Constitutional Rights, period.
Actually yes a private person/organization can. Many of our Constitutional Rights only protect us from the government, not from individuals. Slashdot could censor this conversation, government could not. If a private person searches through your stuff and finds something illegal, calls the police, then the police now have probable cause to get a warrant ... so long as the person was not originally acting as an agent of the police. Things are far more complicated than you suggest.
If I'd kill my neighbor, police would have rights to search my appartment. If I'd had a safe at home, they'd have right to search it too.
And everyone is ok with that.
If I'd have an old style answering machine, police would have rights to access it.
And everyone is ok with that.
But if I have a device by certain company, suddenly it is not ok, where is the bloody logic?
Backdoor already exists, because Apple has created it: phone can be upgraded without owner's concent.
Contrary to Apple's CEO claims, FBI asked to crack "this very phone" in a way, that would not allow that very software to be re-used with other phones.
That was much work (and it costs money) and that was a problem. Now FBI is fine doing all that work itself, no forced labour on Apple, isn't that logical?
The US has thousands of hellfire missiles and the people have around 400 million guns (there are a lot less than 10 million owned by the govt at all levels.) Do the math,
Right, but the consequences are the other party's, not yours, and may still potentially be held accountable for taking that action.
File under 'M' for 'Manic ranting'
Problem is that Trump is a level 50 mud thrower and Americans have a short attention span. If it comes down to Hilary and Trump, Trump will just start throwing and Hilary will be on the defense for her entire campaign. The issues won't even come up. Trump vs Hilary? I think Trump will win. At least Sanders would have a chance against Trump because there's nothing to throw at him. Trump would be forced to talk issues, in which case, he would lose. If the DNC wants a chance at this, they need to back Sanders or the Dems are out.
"Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
I understand you're not from the U.S., but only the Government can "break" (deny you) (your) Constitutional Rights. A Person (including a Corporate "Person") cannot affect another's Constitutional Rights, period.
Actually yes a private person/organization can. Many of our Constitutional Rights only protect us from the government, not from individuals. Slashdot could censor this conversation, government could not. If a private person searches through your stuff and finds something illegal, calls the police, then the police now have probable cause to get a warrant ... so long as the person was not originally acting as an agent of the police. Things are far more complicated than you suggest.
Actually no, they aren't.
In neither of your examples is the non-government actor violating another's Constitutional Rights.
In the first example, Slashdot is not run by the Government; rather, it is a Privately-Owned website. Therefore, Slashdot has every right to "Censor" anything and everything. It could use an automated Thesaurus, and replace every other word in only your posts with its Antonym. Their site, their rules.
In the second example, you may have a Civil Suit against the "private person" for Trespassing and/or theft; but they did not violate your 4th Amendment Rights by snooping in your stuff nor by their snitching on you for telling the Police about the Meth Lab they stumbled across.
If that's the way you read it, you need to go (back) to school. Or, you need to commit suicide, taking as much of your family with you as is practical.
Government can already take what they want. They use "Imminent Domain" you are forced to vacate your home as it's torn down.
Interesting. We have something you don't like coming from a sitting democrat administration and you somehow are insistent that it is the republican's fault.
The first missle the gov fires at a US citizen's home inside the US is likely the last. Those are launched from aircraft that require pilots. Pilots whose families are not safely thousands of miles away from the "threat", pilots who are not thousands of miles from the "Threat". Even more importantly, those pilots did not sign up to attack fellow US citizens. They swore an oath to support and defend the Constitution, not the Government. There is a difference and the military knows the difference. Yes there are those who would simply follow orders, but most would not. Just following orders is not a valid excuse for an illegal order.
The threat you postulate, Mr AC, is not significant.
I'm too lazy to compose a creative sig.
The problem all those war game scenarios have is that while the military will play along with the game knowing it is just a training exercise; the military predominantly supports the right wing views (if not the more extremist movements) and is not likely to blindly follow orders as they do in the games.
On more than one such exercise I've heard many a soldier (enlisted and Officers alike) state that should such a situation really occur their response would be rather different.
I'm too lazy to compose a creative sig.
In neither of your examples is the non-government actor violating another's Constitutional Rights.
Uh, that is what I said, and that is what I was trying to demonstrate. "Many of our Constitutional Rights only protect us from the government, not from individuals." :-)
I don't think he actually wants the gun loons to start a civil war. Read between the lines, or at least, read the lines.
Additionally it was a conscript military at the time, with only officers having any degree of free will in how they chose to obey orders. Nuremburg ended the concept of just following orders. And today's volunteer military is clearly and frequently instructed in the concept of unlawful orders and the duty to disobey them. Yes there are always those who will blindly follow any order but most will not.
I'm too lazy to compose a creative sig.
Yeah, chillax everything's fine, let them do what they like, it won't get worse, rights and freedoms don't need to be defended. Good fucking advice bud.
I do not want your cheap brainburning drugs. They are useless for work. And I am a working man today.
And Florida's Polk County Sheriff Grady Judd needs to be played by James Best (Sheriff Rosco P. Coltrane) That guy has threatened to arrest "rascal" Apple CEO, if it comes up.
So, would sheriff Judd hesitate to arrest Cook himself?
This can't be real? If it is I weep for for you.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
That assurance is just further proof that he is an idiot who lives in a world of his own. The military would not obey just because he gave the order. This is one of my biggest problems with him. He thinks that running the country will be like running his companies. As CEO what he says is the law. As President it does not work that way. He is not going to have the absolute authority he has in the corporate world.
The military swears to defend the Constitution, not the President or the Government.
I'm too lazy to compose a creative sig.
*in my best impersonation* "Well, it looks like them Duke boys sure got themselves into a mess of trouble this time."
"So long and thanks for all the fish."
The FBI by their own admission can't even publicly beg enough competent tech folk to work for them, yet somehow they will be able to keep the stolen iOS code secure while having the high-level chops to correctly remove what they don't want.
The government has stopped with the baby steps is is now making giant strides towards a totalitarian hell out of the US...
The lesser of two evils is still evil incarnate this time around...
Your ellipsis chopped off the most important qualifier: private.
Being accused of a crime must never be justification to retroactively strip away protection of thought and private speech.
What was said in a walk in the woods is not something the government has any right to know.
I know you're just trying to be funny, but when the shit hits the fan the military and law enforcement will be on our side, not the government's.
Which is probably driving interest in the development of automated weaponry:
http://www.bbc.com/future/stor...
https://en.wikipedia.org/wiki/...
http://www.theguardian.com/tec...
I, for one, do not welcome our robotic overlords....
blindly antisocialist = antisocial
Is it really necessary to have every normal mobile phone properly encrypted so law enforcement can't even access it if there is useful data on it?
Yes. As you mentioned encryption is basically all or nothing. Either it is strong enough that it will survive the heat death of the universe or it is broken. If it takes the government a year to crack it now it will take a run of the mill cyber criminal a day in 5 years. Also governments seem to always grow in their abuse of power over time so the correct question is "Do you want someone like to have unfettered access to your information?". If you can't think of anyone to substitute in then you obviously don't have a good imagination, especially since it wouldn't just be people in your own country.
Time to offend someone
Go back even further. You have J. Edgar Hoover, and Joseph McCarthy still in living memory.
Time to offend someone
For better results just use a $0.10 Bic pen. Then just reseal, call it good, and don't even bother fucking with the shit lock.
Time to offend someone
"Wouldn't it be faster if they just outlawed business, innovation, science and technology, religion, commerce and probably fire too? "
If this election year results in a multiparty system, that will be the Greens' job.
Make sure, not even you can hack your users.
- All security must be real, not only security by obscurity (even obscurity of a signing key)
- All software updates and installations must be approved by the user
- Remote Unlock Features need to be strictly opt-in
Then the FBI can try to push a malicious update to my iPhone and i can just decide not to install.
Please be nice to other countries. Don't make fun of them. You might need them when you need to fight for your freedom. Would not be the first time you fought an opressive governement and not the first time e.g. the French would come to your aid.
Don't fight for your country, if your country does not fight for you.
[citation needed]
Finland tried, and look how that turned out. I think they're owned by Microsoft now or something.
However, the Blackberry (Canada) has always had strong encryption (for irony I believe Obama had one for that very reason), and has been up front about it. They have fallen on hard times the last few years. Perhaps if Apple capitulates and becomes less secure, Blackberry might innovate something and become more successful again.
One of the first things taught to locksmiths when opening a safe is "open the lock, don't look inside." Apple is not morally obliged (or legally allowed to) do *any* searching on the phone. They will never "go through your sh*t", that's the FBI's job. Apple was asked to make the lock easier for the FBI to open. This new request is to get the design for said lock so the FBI can make it their own that is easier for them to break.
The scary part here is, if the FBI succeeds, there would be no way to differentiate between an Apple lock and an FBI lock. Using an act that was written well before any of todays technology was even dreamed about, is it legal for the government to ask for the key? or for the blueprints for the lock? What if that key was a master key for millions of locks? What if the lock could be easily replaced without the owner knowing?
Well.. we've been letting the government bowl over basic civil liberties to the point where an FBI employee has been quoted as saying "The constitution doesn't matter". We let them do it since 9/11 and...are we safer: no. We said the new spying tactics would make us safer, and yet all we've done is ask for more saying we are NOT safe. Not only that, the government is demanding the ability to compromise at well systems that are made to secure our data and privacy, making us even LESS safe. We were complacent, we wanted to feel "safe" we allowed the federal government to do what ever it wanted in the name of "national security" and now may have "national insecurity". "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety". Ben, I'm sorry, it appears we've failed to learn from your wisdom.
"Imagination is more important than knowledge" - Einstein
Lol! I wish I could mod this up! Well said.
Which has more power: the hammer, or the anvil?
If the DOJ did "seize" iOS source code, what would that look like? It's an intangible. Would they expect a flash drive with plaintext files on it? What would guarantee that the files on the drive actually *were* iOS source and not some decoy?
In neither of your examples is the non-government actor violating another's Constitutional Rights.
Uh, that is what I said, and that is what I was trying to demonstrate. "Many of our Constitutional Rights only protect us from the government, not from individuals." :-)
I apologize. I realized that was what you meant after I Posted my Reply.
;-)
Apparently, it is words that are "far more complicated". Glad to see we're on the same page, buddy!
Why don't you get back to us when the "temporary" state of emergency in France is lifted.
file:
It's worse than that.
Say that Apple helps the FBI and somehow this case goes to court--let's pretend that data on the phone leads to a new suspect and now they're going to prosecute the guy.
This new suspect would now have the right to demand the phone AND the software that cracked it. After all, how would we know that Apple didn't just write some software that plugged some sucker's name into the iMessage logs and handed that over to the FBI? The defense would want to have that software analysed by an independent audit. At that point, the software is no longer just living inside some vault at Apple. The tool they created must pass legal muster and be admissible in court or everything is useless.
If Apple's in for a penny, they're in for a pound. That's the situation they're desperately trying to avoid. Even in the case of just one phone, it's not just about the phone.
The nuclear option then would be open-sourcing iOS.
Maybe we deserve this world ?
Look, you compare gun control and encryption control again and I'm going to shoot you right in the heart with the AES-256 algorithm. Then I'm going to hide the evidence in a gun. The perfect crime.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Learn to read. It's not one in 21 every year, but one in 21 over the course of their lifetime. Oh wait - an anonymous coward - you post AC so nobody can know just how stupid you are. Your opinion is worth nothing, same as your reading skills. So, kindly fuck off . Or if you can't do it kindly, fuck off anyway.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Now, the key is not itself evidence, so worst case scenario, Apple destroys it. End of problem. Then they offer a rebate on the next, unbreakable, iphone.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Those lands are federal lands BECAUSE they were stolen from the ranchers who owned them previously. Out west, the Federal government has been stealing land from people left right and center, then they are happy to rent the land back to the poor ranchers who need somewhere to graze their cattle.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
The idea behind the smart gun is to have a gun that only a designated person can use, not one that has any remote control. If I have a gun only I can fire, then it can't be taken and used to shoot me. It is a lot less likely to accidentally discharge (if "accidentally" is the right word here; would "unintentionally" work better?) if someone finds it. These would be big advantages if I could get them without giving anything up (except making the gun more expensive).
The big perceived problem with the smart gun is that it might not decide to fire if I pull the trigger. If you ever actually have to pull the trigger, you (or someone else) is in really big danger, and the situation is unlikely to be forgiving enough for the gun to reboot, install updates, and let you try again. The fact that you are attempting to fire the thing makes you a prime target, and in a lethal situation that's a suboptimal position to be in while effectively unarmed.
A gun with an external kill switch means there's yet another thing you need to worry about if you actually need to fire. Approximately no one would buy that gun if they could buy a regular smart or dumb gun.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
I don't believe this is in any way related to spying. Germany would want the same things the FBI wants, they want to search the phones after lawful warrants have been issued that allow the government to search the phone.
The FBI request specifically states that they wanted Apple to create a modified firmware that was specifically keyed to the phone to be searched. They don't want some kind of generic patch, but if Apple keeps refusing, that is what we will end up with. Would you prefer that the police were never able to search anything? Is that really the world you want to live in? The Fourth Amendment is pretty clear in that the police can search your items after proving a probable cause and detailing what needs to be searched. The request from the FBI is along the same lines as a request to a safe company to open a criminal's safe to retrieve the stolen jewels, or requesting access to a safety deposit box in a bank that is known to likely contain stolen property. It is a courtesy to ask for Apple, or a bank, or a safe company to open the item first.
[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
https://www.law.cornell.edu/we...
Or are you anticonstitutional and believe that the constitution should be interpreted instead of read?
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
It is everyone's constitutional right to be a conscientious objector. The government can't force you to do that which you object to for reasons of conscience, and must provide alternatives for you to perform any service for them. This is definitely a matter of conscience.
Since the key is not evidence, just destroy the damn thing. Or send it to Snowden to destroy. Or me. Or anyone else who thinks the government is way in the wrong. There is no obstruction of justice at this point because there is no proof that there is any evidence on the phone. As for disobeying a court order to hand over the key, what's the worst the government can do to someone not under the jurisdiction of a US court?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
You seem to misunderstand the idea of "sovereign immunity". The government can only be sued if the government allows itself to be sued. The government is unlikely to allow itself to be sued for copyright infringement in such a case. IANAL, but I'd be surprised if the government allowed itself to be sued for such things - in particular, stuff that the government doesn't actually do (the damage in case of a leak is from a lot of individual criminals, even if it was only made possible by government malfeasance).
You don't have a Constitutional right to a copyright. Congress has Constitutional authority to create such laws, which means that almost all the specifics are statute and case law rather than Constitutional law. I don't know the copyright law in detail, and I don't know what other limitations on liability there may be in other Federal statutes.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
You would have to ensure that there are multiple copies in various (not all) jurisdictions, or it makes it possible for any one entity to hold the source hostage.
Easier to just move to Ireland and take the tax $$$ with them.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Horseshit. You made that up from whole cloth.
Find a Constitution, read the thing. It covers this.
I expect that this election will have the highest rate of third party votes of any, as many people I talk to seem to feel the same way. I don't want to see either of them in office.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
FYI, despite what the media keeps indicating, there are more than two political parties in the US. Last presidential election, I believe there were six total candidates that made it to the final ballot, not two. Therefore, Trump and Hillary are not the only selections for president (if they both win their nominations, which looks pretty likely today).
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Yes, the FBI has permission. What they can't do is force a third party to do something for them. They can ask, but that's about it. And since this is an order to perform something, as opposed to not doing something, the penalty for contempt is civil. Destroy the key and have everyone pull the mafia hit in a restaurant stunt - 100 witnesses, and nobody saw anything.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
As far as I have heard, there was only one person involved in setting up the server, and he has agreed to give testimony as long as he is not prosecuted for it himself.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
http://humanevents.com/2014/04...
It does cover it, however, it is a very specific case that is allowed, does this seizure count for that? If they are allowing the ranchers to graze their cattle on the property being seized, why did they even take the property in the first place?
The specific clause of the Fifth amendment:
nor shall private property be taken for public use, without just compensation.
So, how is it being taken for "public use" when the government isn't even using it for anything but allowing the ranchers to graze their cattle still? What "public use" is it being put to?
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Locksmiths should be taught the exact opposite - willful ignorance is not an excuse for aiding the commission of a crime, so saying "I didn't look" is not a get-out-of-jail-free card.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
As for disobeying a court order to hand over the key, what's the worst the government can do to someone not under the jurisdiction of a US court?
Want to test the Extradition Agreement between Canada and the U.S.? While I most certainly agree that there should be no repurcussions, I'm pretty damned sure that if you tried that, it would not end nicely for you...
Pen into the zipper. No tools required and after you're done just slide the zipper around to reset.
Suborbital [spaceflight] is the special olympics of spaceflight. - Rei
Doesn't mean I have to go out and create a brand new tool for them - that's what government contracts are for. The POLICE can search, but they can't order you to create new tools to aid in their search. Now the FBI already has the phone, so there.s no need for a writ to seize or search it. It's just that the FBI can't search it. That's their job. They can't do their job, so sad, but all they can do is request, that same magic word you used for opening a safe or a safety deposit box.
Besides, there is NO PROBABLE CAUSE here - there is no proof that the phone contains information they need, just a (very weak) suspicion. The other phones were destroyed by the perps, but this one wasn't which is a pretty good indicator that this whole thing is not about any supposed evidence on the phone, but about breaking into thousands of phones, which they now admit they want to do, after first denying it.
Ordering apple to basically destroy their market by doing this is the same as confiscation without compensation. The US doesn't like it when other countries nationalize US assets, so stop being hypocrites. Besides, the US cannot afford the damage claims, both from Apple and from individual users.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Remeber one of the major rules of security: If you have physical access to the machine, you have access to the data. If the machine can decrypt the data, then whomever has the machine can decrypt the data.
If the FBI is even remotely intelligent, the first thing they did upon seizing the phone was crack that sucker open and disconnect the battery to prevent any data self-destruct or remote wipe mechanisms from functioning. To consider the case where the FBI wants to brute force it like they have been claiming, there are probably a few different ways of getting at the data. The first thing you would want to do is get a byte-for-byte copy of the flash contents. This can probably be done via JTAG, but if it can't or it is considered too risky to try, the flash chips can be unsoldered from the board and sent read commands directly via a dev board. It is not like such hardware is hard to get or restricted in any way. Once the data from the flash chips is backed up, you can brute force without risk of losing something useful. Does anyone know of any reason this wouldn't work?
This means that all the instructions required to boot and decrypt the data are now available to be dissected offline, since the phone couldn't decrypt the data without those instructions. All that is missing is whatever the secret is that is used to encrypt the user data.
One exception to the "immediately unplug the battery" rule might involve putting the phone in some sort of ICE mode via JTAG without rebooting it so as to get a RAM dump of the running system. If Apple were sloppy, they might have left a copy of the secret in plantext somewhere in memory. I don't know if it is possible to inject instructions into an iPhone via JTAG that would allow this without rebooting the phone, but I'm sure that could be figured out on a test device first. Maybe "immediately remove the battery" should be replaced by "immediately put the phone in a Faraday cage with a charger."
In any case, what is most distressing about all of this is that both Apple and the FBI are clearly using this situation and the courts to get press that is favorable to their agendas. Apple wants everyone to think they are super pro-security, anti-government power, and the FBI wants everyone to think that they can't decrypt an iPhone without a backdoor. This is all just theater.
If it's not illegal here, the government won't extradite. It's not illegal here to disobey a US judge's orders. That's been proven time and again. :-) So, test away.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Apple can move the code offshore and out of the reach of the FBI. Simple enough considering the development sites that exist for them in Ireland and elsewhere.
If it's not illegal here, the government won't extradite. It's not illegal here to disobey a US judge's orders. That's been proven time and again. :-) So, test away.
Hmmm. Interesting... I guess all those Vietnam-War protesters were right to choose Canada after all!
That's easy to fix: just require signatures from both the foreign contractor and Apple. If either party is coerced, or the foreign contractor tries to sign something Apple doesn't approve of, the other party can withhold their half of the signature.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
Other questions come to mind: was it illegal (nobody seems to think Rice and Powell were acting illegally), how was it used to handle classified information (Rice and Powell were apparently doing similar things), and who knew about classfied information.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
Ladies and gentlemen, what we have here is an example of a well-thought-out solution! As expected, it came from someone other than the poster of the initial suggestion (who rather opted to defend it in the face of a critical flaw). This is the kind of discourse that used to make Slashdot great; is Slashdot becoming great again?
While this does solve the inability to employ any theft (or abuse) detection measures by keeping one of the signatures local, and prevents the 3rd party from abusing the key (through the same measure), it still doesn't address the issue of Apple signing dozens, if not hundreds, of binaries daily in the course of development and testing. It's possible (likely, even, given that you replied this far up in the thread) that you had not read those objections to anwyn's similar (but severely flawed) suggestion, so I won't hold that against your suggestion; I'll just point out that, from a practicality standpoint, the signing process needs to be able to happen as quickly as possible, which can't happen when a 3rd party is involved.
I'm interested to hear any solutions you may have for that which don't involve compromising the security of the system (e.g. allowing Apple to push to the 3rd party's system for automated signing, which would require leaving that system accessible via the internet, potentially allowing anyone else to do the same -- after coercing the other key from Apple).
And this is why I still believe that it is best for Apple to keep the one and only key local and employ theft (and abuse) detection measures. They can immediately release one final update signed with the stolen (or abused) key, to update devices to no longer honor that key, replacing it with a new one. In that way, only devices which people refuse to update remain vulnerable to update exploits via the stolen key, which we can consider to be a non-issue, since it is unlikely that a user who isn't installing any updates will install a rogue update. Sure, it could be forced onto their device by someone with physical access, but those really aren't the users we're worried about here, anyway.
Apple should ride this out, let the DOJ sue and, if the DOJ wins, hand over the source and key, then do the above.
As for why an additional 3rd party signature actually makes this less secure: a knowledgeable attacker would already have access to the other key before going after the key Apple keeps locally. Then, it becomes a race; can the attacker get their exploit distributed before the 3rd party signer signs Apple's fix? By taking the 3rd party out of the equation, you take away the attacker's potential advantage; only Apple needs to sign the fix and Apple can do that quite quickly.
Sure, that wouldn't help in this instance, with this phone. But, as has been repeated throughout every discussion on this topic, this isn't about this phone, it's about all the others.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
The consequences would materially affect Apple. You may be able to hold them 'liable', but at that point, the genie is out of the bottle.
If they had proof of what the phone contained, they wouldn't need to search it. They need to search it as there is a high probability that they didn't plan the attack all on their own, and had outside help. How would you expect the FBI to discover the truth of this without searching the phone?
It isn't like the FBI is refusing to pay Apple for the patch either, this isn't expected to cost nothing.
Also, as the state is the owner of the phone, probable cause isn't needed, as complete permission was already obtained.
I am very confused about the damage a patch that is keyed to a specific phone could do, they can't reverse engineer the patch any more than they could create their own as it still wouldn't be signed by the Apple code signing key. Not sure how you leap from "make a patch for this specific phone" to damaging Apple's reputation worldwide.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Mainly proving that it's HARD to get megacorps to comply I guess
If the free (libre) software / free whatever else community had managed to solve the last mile problem with regard to wireless communications, we wouldn't be in this mess. Consider a situation where the last mile connectivity is much more decentralized. There would be no "phone company" type carrier to be a single point of wiretapping or a coercive force keeping device firmware and software locked down. Consolidation of power, (wireless and media industries,) is what has caused the diversion of energy from writing freedom-preserving software to arguing about whether or not the FBI should get a backdoor in phones. The free (libre) software community can take some of these matters into their own hands by developing stuff that is an alternative to proprietary products.
Current WiFi, bluetooth, and other wireless standards could be used to implement mesh networking. IP is inherently decentralized. The internet was designed to route around points of failure. There are alternatives to captive mobile phone/broadband service that could exist now, with existing hardware. I don't know of anyone working on this stuff because nobody seems to talk about things like that anymore. I assume this is because the common forums for such discussions are all now owned and operated by entities that have consolidated significant power. I unfortunately don't know how to fix this when nobody seems to be interested in anything that smells like a DIY project.
Yes, the FBI has permission. What they can't do is force a third party to do something for them.
Yes, but its no longer a Constitutional Rights issue. A court could order Apple to provide the key so the FBI could do the work. However this yields to the worst outcome. An FBI version of iOS that works on any device. If Apple loses in court and is going to be forced to provide the key then it is Apple's moral responsibility to also do the work so that it will be locked to a single device. The FBI (and hackers and criminals) can no more alter this alternate version of iOS than they could the original version of iOS, both are protect by the digital signature and that key remains inside Apple if they do the work.
They can ask, but that's about it. And since this is an order to perform something, as opposed to not doing something, the penalty for contempt is civil. Destroy the key and have everyone pull the mafia hit in a restaurant stunt - 100 witnesses, and nobody saw anything.
Doubtful. They key is very tightly held within Apple, access restricted, probably monitored and logged. It is literally their crown jewel. And what you describe is criminal not civil, its not failure to comply, its an overt act so we have conspiracy and obstruction of justice. People would probably go to federal prison. Sentences harsh to make an example of them.
"For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."
First, they have to prove in court they have a legal right to seize the code and then show there is no other way, and that they can prevent it from being leaked absolutely, or post bond that if it is leaked Apple is compensated. Well, they can use an existing jailbreak for the level of iOS on the target phone. Then they can analyze and patch the iOS image to disable the check for number of attempts. And away they go ... problem solved. Then they have to destroy the code after it is loaded onto the phone. Per the court order that this applies to one phone. So they really don't need Apple after all, do they.
Second, if Apple is compelled to hand over the crown jewels as it were, they should stipulate that the DOJ staff can only have access on Apple's campus on a computer secured against tampering and USB or other access, disable everything wireless but bluetooth (or use a USB mouse and keyboard with extra ports filled with epoxy, and disable all wireless) or withdrawal of any files except the Govt OS image. So a non-network connected computer preloaded by Apple, and in a shielded room with wireless keyboard and trackpad. Computer in a locked box. Apple should be allowed to monitor them, and scheduled access only. And Apple can of course get access to the changes they are making. The signing cert never leaves the computer in the high security zone. Even with those precautions Apple should immediately invalidate the signing cert and reissue a new one and new images for all the previously signed OS images. App images. etc. Anything signed by that cart should have an upgrade. Create new cert, Create new app and os images, Suggested Strongly that people accept the updates for security reasons. Then give the FBI access if required to do so.
- Tjp
I am in wallow with my inner money grubbing capitalistic pig. ... Oink!
No problem. I was really tired when I typed and I was completely open to the idea that I left out a word or mangled an edit to screw up what I was trying to say. :-)
Apple US will become a design studio for Apple (insert best tax benefit country). All sales revenue will then go through that country. And considering some jurisdictions treatment of security is more sacrosanct than that of the US, given the incentives that having Apple development take place there would bring said country, Apple would move development there as well. Apple US would have a skeletal staff. The cost in US taxes and jobs would be substantial. Then Apple offshore profits then would be in part from US phone sales.
- Tjp
I am in wallow with my inner money grubbing capitalistic pig. ... Oink!
The court can order police, not ordinary citizens, to go through other people's crap.
The court would only be ordering Apple to produce a key. Which would be so risky for Apple that they would likely voluntarily sign FBI binaries, but better still do the iOS update themselves so it can be locked to a unique device, unlike an FBI created binary.
To order ordinary people to do so would also violate their right to refuse as a conscientious objector.
The government gets to decide what is a "conscientious objector" and many who thought themselves as such went to jail for failing to show up for induction.
Likewise the right to remain silent would not apply either since Apple is under no threat of self incrimination by unlocking the phone.
Now, the key is not itself evidence, so worst case scenario, Apple destroys it. End of problem. Then they offer a rebate on the next, unbreakable, iphone.
No, conspiracy and obstructing a federal investigation is very broadly defined. Its federal prison time for anyone involved in such an act, and the courts will likely lean towards harsh sentencing since the absolute worst crime in the eye of the court is to disobey the court.
Well, he looks mostly black, and generally that's all that matters to anyone.
This has been Apple's plan all along. Their brains will melt from dealing with all the one-pixel gifs
Requiem for the American Dream
No problem. I was really tired when I typed and I was completely open to the idea that I left out a word or mangled an edit to screw up what I was trying to say. :-)
And I think I was getting up to pee in the middle of the night when I replied; so I was similarly-mentally-challenged, LOL!
http://www.fox13news.com/news/...
Ahhaa
I guess we'll see if Apple are above the law. In principle, I see no reason why an army of lawyers can't put one above the law if membership in a police organisation can.
Requiem for the American Dream
I'll contribute to the kickstarter campaign for Civil War 2.0. Your whole system sucks ass.
Requiem for the American Dream
I guess mountain dew weren't in a sponsoring frame of mind.
Requiem for the American Dream
'Law enforcement' no longer enforce laws (breaking them trivially demonstrates this). I propose that this deliberately-misleading misnomer be corrected.
Requiem for the American Dream
The only argument you could make would be that the price the government paid was below market value. If that was true, those ranchers could sue for the difference. They don't file that suit, because it isn't true, and there is no Constitutional problem at all.
These are not lands that were recently taken, either, BTW. Or even lands that were ever taken. Most of Oregon is public land, and most of it was Federal land before Oregon became a State. These wannabe cowpokes don't even know the history of the land they want to steal.
These lands are heavily used. For example the ranchers who started the arson fire caused people recreating on that land to have to flee for their lives. These idiots live next door and just see a bunch of trees and hippies, no people. Right?
So I am assuming you have zero clue how much land we are speaking of?
http://bigthink.com/strange-ma...
The majority of several states are owned by the federal government. This isn't a national park, it is a totally different system.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
I will reply to you with the same thing I replied to the AC above you. Do you realize how much land we are talking about here?
http://bigthink.com/strange-ma...
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
You can't read, the exact words my ellipsis chopped off were "thought's and". Also, you are completely wrong.
You go into the woods and have a conversation with someone in private. Later, you stand accused of a crime, and that person is called to testify against you. The conversation in the woods comes up in the questioning, and the witness may: a) testify as to what was said, b) commit perjury, or c) refuse to answer the question (potentially resulting in them being held in contempt). Assuming they are not going to risk jail time for you, they choose a), which means the conversation is now evidence. No one's rights have been violated.
Let's take an extreme example. A wife-beating husband threatens to kill his wife, in the privacy of their home, if she goes to the police. Are you saying that conversation should not be able to be brought in as evidence against the husband if she decides to press charges or get a restraining order?
Only crack the nuts that crack. You don't put the ones that don't crack in the sack.
I'm still not going to click links, it isn't like you linked wikipedia. Stop trolling links and learn to think for yourself.
Wow, you really are retarded. I think you are the first Slashdot commenter I have come across with that condition. It is your choice to ignore evidence, claiming I don't think for myself because you are too stupid to click a link and look at an image is sad.
I'll summarize for you. The federal government owns >40% of every western state. They own 84.5% of Nevada. They seized the land from these ranchers to "manage" it, somehow they can manage it better than the ranchers who legally owned the land, even though it is being used for the same purpose and loaned back to the original owner.
Wikipedia is about the last source for good information as they are more slanted than any of the news stations.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Stopped reading at the 5th word, that's how awesome a communicator you are. LOL
"You disagree with me, you're a bleepity bleep!" Sorry, no, that is not a discussion. If it was face to face I might be willing to continue, but on the internet? Get a clue.
Yeah, looks like the banksters want their own communist political party for an even bigger pissing contest, owning both the ones we have now apparently just isn't enough for them.
I don't care if you disagree with me or not. Choosing to ignore links to evidence you don't agree with it freaking retarded and you should be ashamed of yourself.
At this point it is obvious you have no interest in actually understanding the issue, you would rather call it horseshit when someone confronts you on your lies instead of actually understanding the issues and reading up on them. It is your loss, not mine, as I defend the constitution, where you just claim to.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
it still doesn't address the issue of Apple signing dozens, if not hundreds, of binaries daily in the course of development and testing
It isn't really necessary to have such stringent authentication for in-house development and testing images, provided measures are taken to ensure that they cannot be run on devices intended for production use. For example, a mechanism could be provided to place a device in development mode ("unlocking the bootloader") with the caveats that the existing encryption keys will be wiped and that the bootloader will present the user with a message at each startup indicating that the device is in development mode. In this mode images could either be left unsigned or require an internal Apple development-only signature (to prevent "jailbreaking"). Only the production images released for general use would require the extra overhead of a third-party signature.
a knowledgeable attacker would already have access to the other key before going after the key Apple keeps locally.
I think it would be just as plausible to propose that a "knowledgeable attacker" would already have access to Apple's key—which would be even more of a problem if Apple's key were the only key. There is no particular reason to assume that the third-party key would be any less secure. It could even be split among multiple jurisdictions with a history of political and cultural rivalry using an "N of M" signature protocol, making it even less likely that any one party could easily compromise or corrupt enough third-parties to either get a coerced image signed or prevent Apple from releasing their own genuine updates.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
I think it would be just as plausible to propose that a "knowledgeable attacker" would already have access to Apple's key—which would be even more of a problem if Apple's key were the only key
I'm going to assume you didn't read my entire post, as I actually address why that is not the case.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Signing keys don't have to be kept in just one country. Secret-sharing schemes allow you to "split" them up into as many pieces as you like, which can all be stored in different countries, either requiring them all to agree to make a signature, or requiring a certain number of them to agree. Having an insufficient number of pieces is no better than having none at all.
I'm going to assume you didn't read my entire post, as I actually address why that is not the case.
You assume incorrectly, and after re-reading your comment I still don't see any part which suggests a reason why the third-party's signing key would be less secure than Apple's.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
As for why an additional 3rd party signature actually makes this less secure: a knowledgeable attacker would already have access to the other key before going after the key Apple keeps locally. Then, it becomes a race; can the attacker get their exploit distributed before the 3rd party signer signs Apple's fix? By taking the 3rd party out of the equation, you take away the attacker's potential advantage; only Apple needs to sign the fix and Apple can do that quite quickly.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
And to somehow install an OS update on a locked device?
And to somehow install an OS update on a locked device?
Firmware can be rewritten so things behave differently on powerup.
Wouldn't it just be the damnedest thing if this happens to drag out for a few more months and another "tragedy" happens?
DOJ: "Now we have another Iphone from the Cape Cod Massacre that needs to be unlocked, the blood is on your hands Tim."
I wouldn't put it past our gov to do something like this, seeing as they love pulling on our heartstrings.
Have you ever fallen asleep at the keybhanusdiog?
Yes, mostly black. What's unclear about that? Facial structure and skin tone is similar to people we consider "black", but also has some features that are not considered "black".
The key is not evidence. They can destroy it as long as they haven't been ordered not to. Also, it is not obstruction of justice, just contempt of court. Move it physically outside the jurisdiction and destroy it, it's simply beyond the court's jurisdiction. As for conspiracy, prove it.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
So maybe Apple will decide to contest the concept of being charged and tried for contempt of court by the same judge, since it's obvious that there is no due process - no trial by an independent judge - and demand the judge recuse himself from any such trial, and from the original case as well. The current procedure for dealing with contempt of court is just that - a procedure - and one that runs foul of basic civil rights.
I've wanted to try that a few times, and came close one time when arguing a legal point with a judge - took him 5 minutes to realize he was wrong, but it got quite heated, and that was plan B.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The key is not evidence. They can destroy it as long as they haven't been ordered not to. Also, it is not obstruction of justice, just contempt of court. Move it physically outside the jurisdiction and destroy it, it's simply beyond the court's jurisdiction. As for conspiracy, prove it.
I don't think there is a single key for signing iOS. New keys can be generated. The device verifies the key is Apple's, its not looking for a specific known key.
Also I think obstruction is broadly defined. Willfully destroying something necessary to obtain evidence most likely counts. Destroying things likely to be sought by a court, though not yet ordered to be produced, counts I believe. It all depends on the interpretation of phrases like "reasonably believed", "reasonably expected", etc. Conspiracy, all that takes is two people with access discussing the possibility of destroying the key and then one person taking an action. One person offered a deal of leniency in order to testify is likely since I would expect pretty harsh sentences, the court wanting to make examples of people involved. Again, in the eyes of the court the worst crime is that of defying the court.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
You wrote "most likely". In other words, you are just making a guess with no basis in law. Neither the key nor the source code are evidence. Your supposition is (car analogy time) saying that your car, that had nothing to do with a robbery, shouldn't be destroyed because it was identical to the one the FBI shot full of holes and impounded, and is still in their possession, because they might want to use it to recreate the crime.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The key is NOT evidence. Therefore, destroying it cannot be destruction of evidence. And there can also be no conspiracy for destroying non-evidence. The evidence, if anything, is in the phone, which they already have possession of.
As I wrote: "Willfully destroying something necessary to obtain evidence most likely counts" for obstruction and conspiracy. Its about "blocking" the pursuit of "justice" sometimes.
You wrote "most likely". In other words, you are just making a guess with no basis in law. Neither the key nor the source code are evidence.
No, I'm merely being informal. Want formality:
"Obstruction of Justice
A criminal offense that involves interference, through words or actions, with the proper operations of a court or officers of the court.
Two types of cases arise under the Omnibus Clause: the concealment, alteration, or destruction of documents; and the encouraging or rendering of false testimony. Actual obstruction is not needed as an element of proof to sustain a conviction. The defendant's endeavor to obstruct justice is sufficient."
http://legal-dictionary.thefre...
Destruction of the key is concealment of documents.
Too bad that the "documents" you are referring to are not, in any judicial interpretation, evidence. The "due administration of justice" is interfered with when you destroy evidence. The key and source are not evidence. The "administration of justice" doesn't comprise seizing non-evidence.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone.
Nope. The document is indeed, as you point out, the data on the phone. They have the evidence. The fact that is concealed is between them and the phone's owner, not some 3rd party - especially since it was the FBI ordering the change of the password on the cloud service that made it impossible to just sync.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The act of destruction or concealment of evidence is all that is required, it does not matter who you are and whether you are a 1st, 2nd or 3rd party. Apple knows those keys are necessary to reveal evidence, destruction of those keys given such knowledge is obstruction. 3rd parties get in trouble all the time by trying to interfere, being a 3rd party does not prevent them from winding up facedown on the ground in handcuffs.
The key is NOT evidence. Can't you get it through your thick skull.The key MAY be needed, but the key is not itself evidence. And there is NO evidence that there is ANYTHING of evidentiary value on the phone. What happened to probable cause, etc?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
The key is NOT evidence. Can't you get it through your thick skull.The key MAY be needed, but the key is not itself evidence. And there is NO evidence that there is ANYTHING of evidentiary value on the phone. What happened to probable cause, etc?
How soon you forget, a couple of posts back you were agreeing with my: "The "document" is the data on the phone, the evidence, not the decryption key. Deleting the decryption key is the act that conceals the evidence, the data on the phone."
No one is saying the key is evidence itself, that is a figment of your imagination, your confusion.
Speaking of you forgetting things. Now note the subject line of this discussion, "No Constitutional Issue -- It's employer's phone ". Probably cause is not needed because the owner of the phone has given the FBI permission to examine it.
And the FBI can examine the phone to their beady little hearts content. Apple isn't stopping that. They're just refusing to help, since Apple isn't in possession of any evidence.However, there is no evidence that there is ANYTHING of value on the phone. Maybe the FBI shouldn't have ordered the cloud password changed. If anyone should be charged with hiding evidence, it's them.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
No, deleting the key does not conceal the document.
conceal
1. to hide; withdraw or remove from observation; cover or keep from sight.
2. to keep secret; to prevent or avoid disclosing or divulging
http://www.dictionary.com/brow....
The key obviously allows observation and disclosure so deleting the key is an act that prevents something from being observed or disclosed.
And the FBI can examine the phone to their beady little hearts content. Apple isn't stopping that. They're just refusing to help, ...
Unless they take your advice and destroy the key.
... there is no evidence that there is ANYTHING of value on the phone ...
Only probable cause would be needed for examination, and the fact that it was a communication device of the murder is probable cause. Evidence can be both positive and negative, for example the evidence may be that there is no data related to terrorism on the phone.
Maybe the FBI shouldn't have ordered the cloud password changed. If anyone should be charged with hiding evidence, it's them.
As a government agency they probably have legal immunity, unlike you, me and Apple. :-)
They would have lost against Apple and knew it - they didn't set a precedent as much as moved the start for the next round. And slowly like this rights of the people get eroded.