Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Director Says Unlocking Method Won't Work On Newer iPhones (cnn.com)

Posted by BeauHD on from the narrow-slice dept.

Even though the FBI was able to gain access to the San Bernardino terrorist's iPhone without Apple's help, the Apple-FBI saga continues. It was reported yesterday the FBI is telling members of Congress of the methods used to break into the iPhone 5c. The most recent tidbit comes from FBI Director James Comey in regard to how many iPhones are at risk from the unlock tool.

An anonymous reader quotes a report from CNN: FBI Director James Comey said Wednesday that the government had purchased "a tool" from a private party in order to unlock the iPhone used by one of the San Bernardino shooters. "Litigation between the government and Apple over the San Bernardino phone has ended, because the government has purchased, from a private party, a way to get into that phone, 5c, running iOS 9," Comey said. The FBI director also said the purchased tool worked only on a "narrow slice of phones" that does not include the newest Apple models, or the 5s.

18 of 78 comments (clear)

  1. WE PROMISE by axewolf · · Score: 5, Funny

    You know we would never lie to you....

    You KNOW that

    1. Re:WE PROMISE by diesalesmandie · · Score: 5, Informative

      You know we would never lie to you....

      You KNOW that

      Its been said numerous times that the iphone 5c is less secure than the more recent models, they could be telling the truth. Sounds more like they are setting themselves up to have another legal battle against apple. The US government cant even protect their own data yet they want direct access to private communications of US citizens. To me that just says they just want more control.

      --
      This is my sig, there are many like it but this one is mine
  2. motivations.. by Anonymous Coward · · Score: 3, Insightful

    "The people we bought this from, I know a fair amount about them, and I have a high degree of confidence that they are very good at protecting it, and their motivations align with ours," he said.

    So their motivations are the systematic destruction of Americans' civil rights?

  3. Anti Circumvention Laws by Layzej · · Score: 5, Interesting

    FBI Director James Comey said Wednesday that the government had purchased "a tool" from a private party in order to unlock the iPhone

    I wonder how that squares with 17 U.S.C. Sec. 1201 of the DMCA which prohibits the distribution of tools that enable a user to circumvent access controls.

    1. Re:Anti Circumvention Laws by NicBenjamin · · Score: 2

      The way the law applies to the government is completely different then the way it applies to you because the government has Powers and you have Rights. In this case they are proceeding as part of a lawful investigation. That means they are using their capital-P-Power of "Search," and the only laws that restricts their use of that power are the ones governing that power. So Fourth Amendment, a bunch of case law, some statutes that explicitly deal with law enforcement, etc. unless there's some clause of the DMCA that says "and this means that search warrants can't circumvent encryption" you're barking up the wrong tree.

      And if you read the actual law everybody's safe. It explicitly does not apply to law enforcement. It does not apply to reverse engineering, encryption research, or security testing.

  4. Was he under oath? by mi · · Score: 2

    If he was not under oath, he could lie easily. If he was, however, then he probably was telling the truth — lawmen tend to take that sort of thing seriously.

    But he was quite explicit about continuing to search for other methods... The man is doing his job, I would not be jeering the way you do.

    --
    In Soviet Washington the swamp drains you.
    1. Re: Was he under oath? by TheReaperD · · Score: 3, Insightful

      He's doing part of his job. The parts of his job he is conveniently ignoring is upholding the Constitution and the civil liberties of US citizens.

      --
      "Be particularly skeptical when presented with evidence confirming what you already believe." -
    2. Re: Was he under oath? by fnj · · Score: 2

      You left out some vital stuff.

      Their avowed core values:

      Rigorous obedience to the Constitution of the United States;
      Respect for the dignity of all those we protect;
      Compassion;
      Fairness;
      Uncompromising personal integrity and institutional integrity;
      Accountability by accepting responsibility for our actions and decisions and the consequences of our actions and decisions;
      Leadership, both personal and professional; and
      Diversity.

      Only the last of those is gag-worthy.

      Their solemnly sworn oath:

      I [name] do solemnly swear (or affirm) that I will support and defend the Constitution of the United States against all enemies, foreign and domestic; that I will bear true faith and allegiance to the same; that I take this obligation freely, without any mental reservation or purpose of evasion; and that I will well and faithfully discharge the duties of the office on which I am about to enter. So help me God.

    3. Re: Was he under oath? by KingBozo · · Score: 2

      Well the iPhone case didn't violate the San Bernardino persons rights, since it was the employers phone and the employer gave consent to search the phone. It may/may not have violated Apples rights under the constitution, but since they pulled the case it has not been ruled upon.

      Second If you use a Stingray to intercept the call you would not be violating the robbers 4th Amendment rights, since there is probably cause. What you would be doing in violating everyone one else's rights who's cell phone connects to the Stingray and their data is captured, this is where the constitution comes into play with being secure in ones papers. Although a cell phone is not paper and could be ruled differently depending on the courts, but I would consider it as violating everyone else's rights.

      IANAL.

    4. Re:Was he under oath? by nbauman · · Score: 2

      If he was not under oath, he could lie easily. If he was, however, then he probably was telling the truth — lawmen tend to take that sort of thing seriously.

      But he was quite explicit about continuing to search for other methods... The man is doing his job, I would not be jeering the way you do.

      Half true. I heard of lawyers who were disbarred for lying under oath, and as a result lawyers take it seriously.

      However, prosecutors do lie all the time, and get away with it. It's a rare judge who calls them to account for it.

      http://www.slate.com/articles/...
      For Shame
      The criminal justice system encourages prosecutors to get guilty verdicts by any means necessary—and to stand by even the most questionable convictions. Can one crusading court stop the lying and cheating?
      By Lara Bazelon
      Slate
      April 7 2016

      Cops, on the other hand, lie routinely, and almost always get away with it, even when they get caught on video. It happens in New York City all the time.

      There was a demonstration against the Iraq war, where among their many violations of the Bill of Rights, the pigsxxxcops indiscriminately arrested people who were on the steps of the New York Public Library, demonstrators and uninvolved bystanders alike, and charged them with assaulting an officer.

      Assaulting an officer is a felony, and if they insisted on defending themselves in court, they would have to pay thousands of dollars in legal fees, and would have been likely to get a felony conviction and a jail term, since juries usually believe pigsxxxxcops over defendants. So the prosecutor forces them to plead guilty to a misdemeanor that they never committed.

      This time, there were videos, including the pigs' own videos, as well as the videos taken by bystanders, which clearly showed that the defendants weren't assaulting an officer, but instead were assaulted by the pigs without justification. I think they may have sued the city for false arrest. But I know that none of the pigs were charged with perjury. I once heard a city official on the radio explaining why they didn't. He said cops sign affadavits under oath all the time that they had seen a crime when they really didn't. In other words, the "everybody does it" defense. They basically admitted that cops routinely lie. One good thing that came out of it is that those cops can never appear on the witness stand themselves, because the dense lawyer can always bring up their false statements under oath in the past.

    5. Re: Was he under oath? by andymadigan · · Score: 2

      Here's a question, if a warrant were required to use a Stingray (it is, in some places) and if the Stringray intercepts everyone's calls, shouldn't the warrant have to cover all of the phones that would be affected? And if that's the case, how could you possibly justify searching the communications of someone you know isn't a suspect?

      Imagine if the police said they wanted a copy of every bank statement issued by Bank of America in the last ten years, because they had evidence that the proceeds of a robbery had moved through that bank. Now imagine they wouldn't tell you how long the irrelevant information would be kept or what they would do with it. Of course, in reality, the police don't tell judges that they're using a Stringray, and they certainly don't tell them what extraneous information they'll pick up. They also don't obtain a warrant, but they do get a court order. I wonder if there's even a prohibition against the police department selling the information they collect to a third party.

      Unless there are very strict rules about what the police can use the information they captured for and how long they can keep that information, yes, I'd rather let the robber get away. It's only money.

      --
      The right to protest the State is more sacred than the State.
  5. A private party? by CRCulver · · Score: 4, Funny

    FBI Director James Comey said Wednesday that the government had purchased "a tool" from a private party...

    I'm sure that John McAfee has already spent all the money on bath salts.

  6. It is allowed by (e) and (j) by raymorris · · Score: 5, Informative

    It is not a violation to test the security, if you don't then use the results of the test to infringe copyright:

    (2) Permissible acts of security testing. â" Notwithstanding the provisions of subsection (a)(1)(A), it is not a violation of that subsection for a person to engage in an act of security testing ...

    It is also not illegal if done by or for the government:
    (e) Law Enforcement, Intelligence, and Other Government Activities. â" This section does not prohibit any lawfully authorized investigative, protective, information security, or intelligence activity of an officer, agent, or employee of the United States, a State, or a political subdivision of a State, or a person acting pursuant to a contract with the United States ...

    1. Re:It is allowed by (e) and (j) by SvnLyrBrto · · Score: 2

      If the rumors (I think they're still just rumors at this point anyway.) about who provided the tool are true though, the "third party" is a company operating out of Israel. So the DMCA would not apply to the tool developers. Nice and neat little way for the FBI to circumvent any applicable US laws, courts, and due process, that. And certainly not a channel they'd close down by enforcing any laws that they couldn't enforce anyway, or getting the Israeli government to enforce whatever anti-piracy laws they might have there.

      --
      Imagine all the people...
  7. That's why I quoted (j) for you by raymorris · · Score: 4, Informative

    That's where (j) comes into play. That says it's NOT illegal to examine the security and build tools to break IF you don't then either use or market the tool for copyright violation under the act.

    It ends up being like (Constitutional) gun law - using a gun in the commission of a felony is a separate crime, but having a gun is lawful if you don't use it for another crime. Similarly, building a hack tool intended for copyright infringement is illegal, but the tool is not illegal if there's no infringement, actual or intended.

    Ps - whenever I post what the law is, people get mad at me, arguing that shouldn't be the law. I didn't write the law, I just read it.

  8. Pps: I write hack tools for a living, so I pay att by raymorris · · Score: 3, Interesting

    Ps, at work my team is Vulnerability Assessment > Tools. My official job title is Vulnerability Assessment Engineer. Basically, I write hack tools for a living, so the law on the subject is a tad important for me. This is something I pay attention to.

    On the other hand, it's illegal for me to possess slim jims REGARDLESS of intent, since the locksmith licensing laws changed where I live. I should have taken advantage of the grace period after the law was enacted to get my locksmith license.

  9. Another scary thing he said recently by Anonymous Coward · · Score: 2, Interesting

    Here's something else he said the other day, quoted in Thursday's Columbus Dispatch: “I can imagine a world, maybe, where a local police department, in a case they can’t otherwise solve, can send us a device, with the understanding that we’re never going to testify, we’re never going to tell you how we opened it, so you’re never going to able to use what’s on the phone as evidence, but it might be a lead to something that would be useful,” he said.

    To me, his casual assumption that all local police departments will routinely do parallel construction based on secret FBI information is scarier than whether they know some secret iPhone backdoor. Chain of evidence goes out the door, because terrorism.

  10. From no license to 648 hours of school in Texas by raymorris · · Score: 2

    When I did locksmith work in Texas, no license was required. Several years ago they passed a licensing law. To be fully licensed to work on your own, you need 648 hours of school plus 1(?) year apprenticeship, or two years apprenticeship and I think just the 48 hours of classroom. There was a grandfather provision in the licensing law saying anyone who had already been working as a locksmith could get a license without the new training requirement. I somewhat wish I had done that, just so I could legally carry my picks and auto entry tools, even though I haven't worked as a locksmith in a long time.

    The same office regulates private investigators, locksmiths, people installing security systems, and some others. There is some overlap between these fields, so any of the licenses will, in practice, allow you to do work somewhat in the other fields. To investigate a crime, you need your private investigator license, and computer hacking is a crime. Therefore, a computer security person checking out a hacked computer is supposed to be a licensed PI. Setting up security for a computer network? That's a security system, and you're supposed to be licensed. I was licensed as a private investigator, allowed to work for a licensed company, and I may go proceed with that to have my own licensed company at some point.