Slashdot Mirror
Apple Files Final Response In San Bernardino iPhone Case (reuters.com)
An anonymous reader writes: In its final briefing before a court showdown next week, Apple said, "The court must consider the national debate surrounding the issue of mandating a backdoor or the dangers to the security and privacy of millions of citizens. According to Apple, the government also believes the courts can order private parties "to do virtually anything the Justice Department and FBI can dream up. The Founders would be appalled." In response to the government, Apple said, "the catastrophic security implications of that threat only highlight the government's fundamental misunderstanding or reckless disregard of the technology at issue and the security risks implicated by its suggestion." According to TechCrunch, Apple made an interesting change in its strategy in the court on Tuesday. From its article, "The tone of today's filing and subsequent call was much more cold and precise. Apple got some time to consider the best way to respond and went with dissecting the FBI's technical arguments in a series of precise testimonies by its experts. Where the FBI filing last week relied on invective, Apple's this week relies on poking holes in critical sections of the FBI's technical narrative." Edward Snowden also made a remark about the hearing. He tweeted, "Today I learned that "#Apple has way better lawyers than the DOJ."
"We refer you to the reply given in the case of Arkell v. Pressdram."
The FBI/DoJ will force the technology industry to move outside of the United States if their request is granted. Moreover, the US government will be on the hook when Apple says 'you owe us an eleven-figure settlement for the loss of our operating system'.
---- The above post was generated by the Turing Institute. Maybe.
#Apple has way better lawyers than the DOJ.
People cost money.
Better people cost more money
Lawyers are people.
Apple has more money than the DOJ.
Therefore Apple has better Lawyers than the DOJ.
Can you find the flaw in this reasoning? Can you suggest an additional statement that would correct that flaw?
Correct! The flaw is in the third statement. Lawyers are not people. The correction is to add the following statement:
In the context of The Judicial System, a suit filled with human shaped excrement, counts as people.
In the meantime Apple is working on doubling down on their encryption by also encrypting the iCloud data based on the key on the device.
I've never owned an Apple product in my life, but I'm thinking about it now. It's good to see someone standing up to the growing police state, even if the only presidential candidate that even hinted at opposing it just dropped out.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
>> Apple: The court must consider the national debate surrounding the issue
I'm not sure Apple understands how courts work then, or they're grasping at straws. (Ideally, courts work off of law, legal precedent, etc. and they don't just listen to the "mob on the street"; that's a key differentiator between a "nation of laws" and dictatorships.)
Even if the DOJ has the best lawyers on the planet - how would you ever measure it? - maybe the DOJ just has the weaker position.
They say this because the All Writs Act is only supposed to be used to fill a gap that Congress has not addressed. If there is national debate about something, and Congress refuses to take up the issue, it can be said that Congress has addressed the issue and has rejected a law mandating backdoors, meaning the All Writs Act could not be used.
Apple is a corporation and shouldn't have rights.
The New York Times is a corporation and shouldn't have rights. Therefore the government should be able to compel them to print only pro-government articles and editorials.
that's what the government will owe Apple when they lose.
and they will lose.
time for a settlement... DOJ whimpers off to its cave, and if they wish, its employees will have the option to purchase at retail list price the iThingies of their choice.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Same here. I have never liked Apple or their products, but with the insane shit that Microsoft started pushing with the released of Spyware 10 and Apple vigorously defending privacy, I think my next computer and/or phone may just be one of theirs.
and their briefs make cogent legal and technical arguments. besides which, the judges and prosecutors don't want random wackos and suspects reading their email and collecting their photos for dissemination later.
if this is supposed to be a new economy, how come they still want my old fashioned money?
If all the precedents went one way, then there wouldn't be a need for a judicial decision. The fact that precedents are going in a variety of directions is where higher courts - and this is almost bound to go to the Supremes - have to decide which way to jump.
I've never owned an Apple product in my life, but I'm thinking about it now. It's good to see someone standing up to the growing police state...
What if the FBI already easily broke into the iPhone...what if this whole court battle is a ruse?
Picture this: the FBI loses, but very, very publicly. It will be a huge win for privacy and the public. Apple will be our champion. People will switch to Apple products, thinking they will be safe from government intrusion, "terrorists" and those wishing to do us harm will use Apple products. All while the FBI knows how to break in, giving everybody a false sense of security. Apple wins, the FBI wins, privacy loses.
We're no strangers to security theater. Just look at Homeland Security for that: they accomplish nothing, but (try to) put on a good show.
Wouldn't it make more sense for the FBI to QUIETLY admit they cannot break into something? Perhaps they did start quietly, but then Apple made it public.
Why, then, would the FBI let it remain so loud and public? Wouldn't they want to sweep their failure under the rug? Say, "We already cracked it, but just want a simpler way."
I'm not a conspiracy theorist (although it can be argued that's what I'm doing here), but this whole thing doesn't make sense to me. The FBI has basically invited anyone who wants to hide anything from them to put in on Apple devices. That can't possibly be conducive to their goals.
Just food for thought.
Picture this: the FBI loses, but very, very publicly. It will be a huge win for privacy and the public. Apple will be our champion. People will switch to Apple products, thinking they will be safe from government intrusion, "terrorists" and those wishing to do us harm will use Apple products. All while the FBI knows how to break in, giving everybody a false sense of security. Apple wins, the FBI wins, privacy loses.
Dude, I don't know what you're smoking, but that's some good shit.
I'm not a complete idiot... Some parts are missing.
I'm not sure Apple understands how courts work then, or they're grasping at straws. (Ideally, courts work off of law, legal precedent, etc. and they don't just listen to the "mob on the street"; that's a key differentiator between a "nation of laws" and dictatorships.)
I'm pretty sure Apple understands how courts work having won and lost multiple cases. The next few sentences say as much:
But to determine whether this is an issue capable of judicial resolution under the All Writs Act and the Constitution, the Court not only can consider this broader context, it must do so. Indeed, the Justice Department and FBI are asking this Court to adopt their position even though numerous current and former national security and intelligence officials flatly disagree with them.
Apple isn't asking the court to weigh the opinion of the "mob on the street" as that is a mis-characterization of their argument. It's almost a strawman argument. Apple is pointing out that former national security and intelligence officials disagree with the FBI's position. Apple didn't even mention the arguments of other tech giants on the matter (which supplied amicus briefs themselves).
Well, there's spam egg sausage and spam, that's not got much spam in it.
Apple is a corporation and shouldn't have rights.
Plus, Apple is defending the morally reprehensible position of not letting device owners install whatever software they want whenever they want.
On top of that, iOS isn't fully open sourced, and Intellectual Property is Imaginary Property Anwyay, so forcing Apple to give up iOS to the world doesn't matter since it's worth nothing.
Oh, wait, I'm sorry is this not the regular SJW thread but the special thread where all of those talking points are intentionally thrown out the window because Apple is doing something that is emotionally appealing to the mob?
1. You're correct about a lot of people misunderstanding what corporate rights are, so no criticism from me there.
2. I'd be happy if Apple let you unlock the bootloader and attain superuser access. But that's totally irrelevant to this case. If you unlock the bootloader of an Android phone, it wipes all the data. That's the only thing the FBI is (putatively) interested in.
3. I would also be happy if iOS went fully open source. Nobody cares about that part though. What the DOJ is trying to swindle is Apple's signing keys.
Apple is a corporation and shouldn't have rights.
The New York Times is a corporation and shouldn't have rights. Therefore the government should be able to compel them to print only pro-government articles and editorials.
I've made this same argument numerous times when arguing about the "Citizens United" decision. People opposed to the ideas that "corporations" can "have rights" are really throwing out the baby with the bath water. The corporation itself really does not have the rights--it's the people who form that corporation (stakeholders, employees/volunteers, what have you). Arguing "corporations shouldn't have rights" is to argue that people, when acting in concert, lose rights that they have individually.
I cannot support that notion.
What part of "shall not be infringed" is so hard to understand?
The FBI isn't used to being told "no". At least not by anyone who isn't easily intimidated into changing their mind.
As I understand it they (quietly) asked Apple to unlock the phone and Apples said "that's impossible" so the FBI more loudly said "then make it possible, or else.", and Apple responded with "HELP HELP I"M BEING OPRESSED, COME SEE THE VIOLENCE INHERINT IN THE SYTEM".
It's more likely that we're seeing the governmental equivalent of when a parent says "I will turn this car around" and the unruly child says "yeah? do it then". Than that there's a conspiracy to make people think Apple hardware is more secure than it is in order to promote use of a compromised system. Especially when teh security of iPhones is public knowledge and the principles behind it quite sound.
Apple has complied with past orders for data. Data. Previous versions of iOS did not encrypt all data like newer versions do. So when ordered to supply unencrypted data off a phone, they did. Newer iOS versions encrypt everything and thus they are not able to do so.
Well, there's spam egg sausage and spam, that's not got much spam in it.
If you read the sequence of briefs from Apple (and the Assistant US Attorney) since the middle of February (when Apple brought on former Solicitor General Ted Olson, heavy firepower), the gap in legal analysis and writing capabilities is painfully obvious.
In the previous govt brief (all of the briefs history on this site as well), it is outright embarrassing how the govt's legal team (or maybe summer intern) has sunk to having to accuse Apple of marketing tactics, unpatriotic behavior, and reductio ad absurdum examples to support its position. Honestly, if I were the judge, I'd be calling the govt into chambers to rebuke them for such shoddy arguments and telling them to put more skilled people on the task, given the importance.
For those who didn't read the previous Apple one or this one (which are both quite similar), in reply to the govt Apple cleanly and convincingly dissects each of the govt's arguments point by point, and an outsider reading this for the first time would be easily convinced about the merits.
-----------
By the way, I add a few points here for other commenters/readers so that some baseline facts are easily available. Just for your reference, the reason the encryption keys are so important / secret is that:
-- All recent Apple iPhones have built-in encryption-dedicated processing hardware
-- This hardware has firmware burned-in with Apple public encryption keys that validate that any code has come directly from Apple without modification, on startup
-- This key validation structure is designed to ensure that only code signed by Apple's private key can run on the phone
-- Every iPhone has the same public keys burned on it, because that's how public keys work.
So if Apple is forced to give its private keys to the FBI (assuming the remote likelihood they even knew what to do with it), the FBI would have the ability to encrypt and sign software for any of these iPhones. The idea (legal argument-wise or technically) that "this is about one phone" is laughable.
Forcing someone to disclose encryption keys would be a huge violation of the First Amendment. If there is anything that qualifies as speech and knowledge, it is an encryption key / industry trade secret. Then on top of this, there is the question of whether the people at Apple who are in charge of the encryption keys (yes, individuals) would even voluntarily turn it over if given such a blatantly unconstitutional order.
Then why would they make this massive fight against a backdoor in the US?
1) Because they are a US-based company.
2) Because that is an actual matter of law. What's being discussed in this little mini-thread is just supposition.
#DeleteChrome
See my other post. That's not how it works. Lawyers put a spin on pass judgements and then the judge decides who more accurately interpreted past judgements or how well it applies to the case at hand. It's not lying, it's reframing the facts to suit their argument. Of course it's absolute horseshit but it stops short of outright lying. The law system does not work the way you think it works.
any company that CARES about preserving your privacy via their software should be considering a plugin-style architecture where the crypto code is fully decoupled from normal software development and is done entirely outside of US (and UK and oz and ...) control.
eventually, some day, the feds ARE going to do a raid of US companies and they will storm the place, take what they want (robber barons, anyone?) and any company that has NOT pushed its critical modules offshore will be in a sad and sorry situation. and us users, too!
its clear the might of the US government wants what it wants, just like a baby. they have no idea what they are really asking, but like a baby, it does not care, it simply feels a need an cries to anyone who is in earshot that it NEEDS something.
the only defense is to move the critical modules offshore and in no ONE SINGLE PLACE. any one place can also be raided.
in fact, I would take a lesson from the pirate bay! they seem to have worked out a strat where they are sufficiently distributed and no take-downs really affect them anymore.
--
"It is now safe to switch off your computer."
All while the FBI knows how to break in, giving everybody a false sense of security.
Judge: What was the source of this information?
FBI: Uhm... a hunch?
Yeah, you see, they'd have to admit the ability in open court for it to be useful. Otherwise, they have to explain to the court how they got information that only existed in one place: on the phone. And if they make up some bullshit, while the court may buy it in isolation, that bullshit does not live in isolation, it lives in a world where the defense attorney can point out that the data the FBI claims to have only exists on the device the FBI claims they can't access, so the data is inadmissible as evidence because either the FBI is lying about the content (e.g. they made the data up because they couldn't actually get at it) or lying about how they got it.
Our legal system has its flaws; this is not one of them.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Pleading 'not guilty' isn't a statement of 'I didn't do it,' it's a statement of 'I claim my rights, and you now have the burden of proving me guilty.'
Pleading 'guilty', on the other hand, *is* a statement of 'I did it.' Which is why pleading 'no contest' or 'nolo contendre' is sometimes a thing; "I'm going to be found guilty, so I'm not going to bother fighting it." If you plead guilty, however, that can be used against you civilly. If they accept NC, it isn't.
Some other countries also have a third determination beyond 'guilty' and 'not guilty' which is 'not proven.' I.e. 'We know you did it, but good for you, not enough evidence.' You can also get, in some cases, a declaration of factual innocence.
It's all very complicated.
Vintage computer games and RPG books available. Email me if you're interested.
You might have read that. But only ignorant trolls have actually said it.
There are two types of people in the world: Those who crave closure
Didn't Apple provide just exactly this to China (where China can flash whatever modified iOS version they so choose with public keys that work?) I hope I'm mistaken, but remember reading that.
No.
There has been iOS targeting in China, but the way it's implemented is by using an enterprise enrollment key to redirect the App purchases to a pirate version of the App store that supplies the enterprise enrollment certificate to the iPhone, and which then gives you access to pirate content, which is basically a bunch of Apps that were purchased, and then re-signed with the enterprise key for the iPhone enrollment.
Because these Apps are res-signed, the original signature doesn't matter, and so along with the pirate App itself, they tend to stuff malware into the App bundle.
There's another Slashdot story today that talks about "installing malware without jailbreaking", and it comes down to precisely this: You enterprise enroll the iPhone, and then get third party (read: pirated content with malware attached) for the Chinese "App Store", which is running the enterprise certificate.
Apple shuts down these certs (and bad actor developer signing keys) any time they find Malware. But it's hard, in a country of 1.5B people, to shut down everyone who happens to be buying the next cert so that these bad actors (and state actors) can stay in business.
NB: It's actually *worse* than alluded to by the other article, since they can include certificate authority certs as well, which allows the vendor -- or the Chinese government -- to MITM attack SSL connections, by re-signing the certs for the site with the signing cert for the authority cert, and then just monitor all the SSL using a transparent proxy that decrypts all the traffic for analysis. This is, by the way, the reason you do not want to use a BYOD iPhone, if the company forces you to participate in enterprise enrollment of the device.
If the FBI requires access they can get a court order forcing the owner to give up their PIN, the device manufacturer should have nothing to do with it. Cases where the owner is dead will be few and far between - and mostly irrelevant. The fact that the FBI is so aggressive in this case indicates that they want access without a court order and we all know where that leads. I hope Apple does not cave.
As I understand it they (quietly) asked Apple to unlock the phone and Apples said "that's impossible" so the FBI more loudly said "then make it possible, or else.", and Apple responded with "HELP HELP I"M BEING OPRESSED, COME SEE THE VIOLENCE INHERINT IN THE SYTEM".
The FBI/DoJ should never had made the request public. They expected to shame Apple into complying (because of terrorism) and the opposite happened.
The sad thing is that Apple has a better reputation of trust when it comes to trust the our government.
He's on Beta.
Do not argue with an idiot. He will drag you down to his level and beat you with experience.
Apple allows you to install whatever you want for iOS nowadays - you just need a Mac to compile and build the software. It's a regular feature of XCode and iOS 9, and there are emulators and other stuff for iOS.
Apple is enforcing it as open-source - the f.lux guys tried to do it with a binary and Apple asked them to stop abusing it. So there's something to give RMS a headache - a proprietary OS that allows/enforces open-source programs. Granted, you have to build them yourself as they don't allow binaries, but it's open source/free software so you can do that.
As for IBM - most mainframes IBM provided are leased, not sold. IBM will provide you with a mainframe, and depending on what you leased, is what you got. The hardware itself was often overprovisioned - if you asked for 32GB of RAM, IBM would give you 128 or 256GB of RAM in the unit. (The extra could be used in case a module went bad, for example). Or if you asked for 4 processors, IBM would have 8 or 16 in what you actually got. They could be used as spares ready to take over, or if you need it, you call up IBM, pay the upgrade fee, and magically your mainframe has the updated capabilities instantly.
All this is part of the lease. In fact, if you violate the lease by installing unauthorized OS software, IBM would immediately claim back their computer because it wasn't your computer to begin with - you paid IBM to lease the computer from them.
Judge: What was the source of this information?
FBI: Uhm... a hunch?
Yeah, you see, they'd have to admit the ability in open court for it to be useful.
Because the FBI would never use parallel construction in order to have a pat answer that had nothing to do with the real source of information.
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
is that they're biased. They're written on both sides as if nothing the other side wants has any validity whatsoever. That's fundamentally dishonest, but the court's supposed to take two dishonest arguments and pick the one that is least untrue.
Let's look at this like engineers for a moment, as opposed to debating like lawyers. Let's look at the facts and implications in a balanced way.
The phone in question almost certainly contains no useful information. What the government is looking for is a precedent saying that vendors have to provide them with a way into their products that is convenient enough to be used speculatively. This is the reason for the overheated rhetoric from the FBI; they're reluctant to admit exactly what it is they're looking for, because it has obvious and enormous potential for abuse.
But while Apple is right to focus on these potential abuses, I think they've overstated their case in several respects. Mainly, I think they've overstated the technical difficulty of providing the FBI with what it wants. Does anyone really think it would take man-months to change the number of PIN tries or the timeout between them? And I think they've conflated the security of the device with the security of the user's information -- which they have no problems handing over to the FBI if it's on the user's iCloud and the FBI has a court order.
Now here's what this all suggests to my mind a reasonable compromise. Apple could furnish the FBI with the data from the device, but not the tool used to extract the data. They can maintain a secure facility on their campus where Apple personnel extract the data; they would ten furnish the data to the FBI, along with the PIN and the device, restored to the software it had when they received it. The FBI would pay all expenses incurred along with a reasonable overhead fee. Now it's true the government could steal this version of iOS. But by the same token they could steal the iOS source code and Apple's signing key. So short of a black bag job, this would provide the government with data it was legally entitled to, and only such data.
And here's what I think the FBI would make of that proposal: they wouldn't like it. Because it'd be a hell of a lot more convenient to be able to break into any phone they wanted without having to pay anything (as we all know government employee time is free).
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I address that in the part of my comment you didn't quote.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.