Slashdot Mirror
Apple Is Served A Search Warrant To Unlock Texas Church Gunman's iPhone (nydailynews.com)
An anonymous reader quotes the New York Daily News:
Authorities in Texas served Apple with a search warrant in order to gain access to the Sutherland Springs church shooter's cellphone files. Texas Ranger Kevin Wright obtained the warrant last week, according to San Antonio Express-News.
Investigators are hoping to gain access to gunman Devin Patrick Kelley's digital photos, messages, calls, videos, social media passwords, address book and data since January 2016. Authorities also want to know what files Kelley stored in his iCloud account.
Fast Company writes that "it's very likely that Apple will give the Rangers the same answer it gave the FBI in 2016 (in effect, hell no!)... That may be why, in the Texas case, the FBI and the Rangers didn't even bother calling Apple, but rather went straight to court."
Investigators are hoping to gain access to gunman Devin Patrick Kelley's digital photos, messages, calls, videos, social media passwords, address book and data since January 2016. Authorities also want to know what files Kelley stored in his iCloud account.
Fast Company writes that "it's very likely that Apple will give the Rangers the same answer it gave the FBI in 2016 (in effect, hell no!)... That may be why, in the Texas case, the FBI and the Rangers didn't even bother calling Apple, but rather went straight to court."
The FBI knows EXACTLY what its doing here. They refused Apple's voluntary help just so they could have a nice court order to set future precedent. They are hoping the moral outrage surrounding the Texas massacre will be sufficient to overpower the rational thinkers. They are just using this tragedy to further their own goals of weakening encryption for everyone.
Why do we have to do the digital thing. What happened to asking all the people who knew him when is was in grade school, junior high, and god forbide, when he was in the AirForce, and they even thought he was crazy.
You do not need his phone data.
A court may demand that materials be handed over but I don't think a court can order anyone to hunt down materials or create processes to aid in an investigation. Apple could simply comply by inviting the feds to search every document and recording in house. In effect that would be useless as it would require thousands of people to look into things about which they had little understanding at all. Worse yet, law enforcement is not investigating the crime at this point. The crime is solved. The killer is dead. what the police now want is to study why the crime occurred and if anyone else could also be held accountable. That amounts to a huge fishing expedition rather than an act of law enforcement. Worse yet, why the killer acted out has no meaning unless it leads us to a way to stop others from going on killing sprees. Understanding does not always lead to a solution.
"We DEMAND that you break the laws of statistics and mathematics and decrypt these files immediately without the key!"
The judge ought to get a good laugh out of it at least. You just can't expect to use a court order to force someone to violate the laws of nature.
(you also can't use a court order to demand that a private citizen go out of their way to DO something for you - you can order them to STOP doing something, but not to assist you with your investigation - sorry officer but you can't make me do your work for you)
I work for the Department of Redundancy Department.
This move is pretty bold-faced dishonest and cynical in its attempt to sway public opinion to gain law enforcement more powers. There is nothing on the phone the rangers need. They know who did the shooting, they know what happened, unlocking the phone doesn't do anything for this case.
What this situation does do is give law enforcement the chance to set precedent that Apple needs to unlock phones for the government, or find themselves on the side of terrorism in the court of public opinion.
This is not about solving a case, this is about taking away privacy.
iPhones use AES encryption for the phone, so naturally they should respond with the FIPS AES document
Luckily all it takes to encrypt an unbreakable message on Slashdot is to use a Unicode apostrophe or quotation mark.
Fingerprints can't unlock phones if they haven't been unocked for a time - I think a week or so. They could have unlocked his phone with his fingerprint at the start. But they didn't do that in time, which is what Apple would have told them they needed to do if they had asked - could it be that they wanted to fight over encryption more than they wanted to know about the massacre? - so now the phone is permanently locked.
Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
Except just saying, "Unpossible."
But without the phone evidence how will they know who the murderer is?
What, they already know who the murderer is?
Ah, so they need the phone evidence to get a conviction!
Oh, the murderer is dead?
Well then, what do they need the phone evidence for?
What, indeed!
Perhaps they want to psychoanalyze the killer based on his social media profile.
Maybe they want to discover if he was part of a mass-murder club.
Have these law enforcement people nothing better to do?
How many paychecks are going into this project?
...omphaloskepsis often...
You expect the judge to actually understand cryptography?
I admire your faith in due process. I'd fully expect him to slam Apple for contempt because of it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
It may not be possible to decrypt the files, even for Apple
True enough. The /. headline is light on the details, but the story says the demanded three things: Contents of the iPhone, contents of an iCloud account if it exists, and extracted contents from a third LG phone.
They can hand over the contents of the iCloud account if they can match it up. It might be interesting to see what they do with the phone, and it depends quite a lot on the wording of the warrant. They may reply with "the phone is encrypted, but here is the encrypted storage contents". For the LG phone, they would likely reply that it is not their device and they have no corporate knowledge or corporate tools to handle it.
By the way, doesn't a search warrant only allow them to perform a search?
There are several legal tools, but typically there are subpoenas, warrants, and court orders. Police and other government agents prefer warrants as they are more difficult to legally fight, are often given in surprise or delivered aggressively, and give government lawyers and police the biggest net. Court orders take more time, and often require back-and-forth discussions with lawyers from both sides and with the judge.
Subpoenas are easier to obtain but also easier to fight. A subpoena allows for the business to sort through the records and decide what is inside or outside the scope. A warrant tends to use terms that are more vague, tend to not specify the exact issue under investigation, and allow for the government agency to dig through it (rather than the business) to determine if the information is relevant.
Warrants are also typically delivered in surprising ways ostensibly to prevent destruction of evidence and reduce risks to the police involved. For businesses this usually means isolating people and making legal demands while they are alone and in shock, hoping they forget that they need to call a lawyer and have the right to not say anything, warrants are for searching and not for interrogation. For individuals or residences, that typically means smashing down people's doors when they know residents aren't home, or showing up at 3:00 AM with guns, tear gas, and assault gear. There are naturally good and bad ones. One has a few professionally dressed officers that politely knock at the door and say "Good evening Mr Smith, I have a warrant to search the premises, please step outside", and which one throws in a flash-bang device and shouts "This is the police! Get on the ground now! Put your hands on your head! We have a warrant!! Shut that baby up NOW or I'll arrest both you and the child for interfering with an investigation!"
//TODO: Think of witty sig statement
The FBI wanted Apple to create a customized version of an OS which they didn't want to make. This warrant, however, sounds like it only asks for the iCloud files which reside on Apple servers. Serving them with a warrant to reveal information which they do have is an appropriate law enforcement action. It is quite different from what the FBI wanted -- create a product which didn't yet exist.
Any guest worker system is indistinguishable from indentured servitude.
They could stop selling phones to terrorists.
The shooter was a mentally unstable Texas gun nut. So, you know, a Patriot.
#DeleteChrome
PIN: 0000 ... Nope. ... Nope. ... Nope. ... Nope. ... Nope. ... Nope. Now phone is hopelessly locked. Well, we tried.
PIN: 0001
PIN: 0002
PIN: 0003
PIN: 0004
PIN: 0005
[... restore memory contents from backup made before brute-force attempts began....] ... Nope. ... Nope. ... Nope. ...] ... Success!
PIN 0006
PIN 0007
PIN 0008
[... restore from backups as needed
PIN 1234
If it weren't for deadlines, nothing would be late.
iOS passcodes can be six digits now, not only four. It will take you longer than you think.
... because it sells Apple stuff.
Consumers want secure devices and Apple knows damn well that if they provide access, buyers will move on to the company that says they won't.
It little behooves the best of us to comment on the rest of us.
They could start by enforcing the laws that already exist, and by sharing relevant information of public record that would have been relevant.
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
For it to be contempt of court, you'd have to appear in court. Apple execs have nothing to do with the case, so their lawyers would tell them not to show.
And I use my fingerprint, not a passcode
If you're worried about law enforcement then that's a bad idea since (at least in the US) there's no question about whether you can be compelled to open a biometric lock such as a fingerprint scanner.
Passwords on the other hand are still hinging on the 5th amendment protections about incriminating yourself. I'm not sure how that one will play out. On one hand, what's the difference between a password and a fingerprint in terms of just unlocking your phone? They both do the same job so why wouldn't they fall under the same rules? But the other side is that there's no way for law enforcement to make you tell them your password (in the physical sense rather than the legal) which leads to the potential for forceful coercion or torture and other such tactics that the 5th was written to try and protect you from.
We probably won't see a conclusion to that argument until such time as we have a live suspect who owns a phone that literally can't be unlocked at all, even with the full assistance of the manufacturer (which could happen regardless of what Apple does if the suspect has written their own encryption scheme, or uses a third party system from another country that isn't bound by US law even a US-based company that simply gave themselves no possibility of a back door at all, or so forth.)
We might have already seen it if Apple hadn't left themselves the ability to force a firmware flash on a locked phone like they did, allowing for at least a potential back door even if its not a simple one.
They already have all the information -- its on that phone they're trying to unlock. There are two questions here:
1) Can Apple be legally obligated to unlock phones at the behest of the FBI? If so, what sort of precedent does that set? Will we start seeing mass fishing expeditions and having your phone unlocked any time you're caught jaywalking? How much burden are they going to be allowed to place on Apple just in terms of the amount of time it takes to process and respond to all these unlock requests? At what point would it be considered undue burden?
2) Can Apple actually unlock the phones? The last time this came up the answer turned out to be "sort of." They had the ability to disable the bricking after too many failed unlock attempts, which meant sure some intern at the FBI had to sit there punching in 10,000 codes one at a time until they got it.. but they could do so. Are newer versions of iOS susceptible to that attack? Even if they are, how does it apply if the phone was locked with that doodle grid, or worse a long password, rather than just a 4 digit numeric code? Even without the bricking mechanism that's going to take a long time to break.
OK each of my "questions" had a lot of sub-questions but you get the idea. And that's not even getting into implications against the 4th amendment (and perhaps 1st as well.) That's purely just the argument between the FBI and Apple without considering the rights of the phone's owner or the rights of anyone they communicated with.
The dead guy can no longer own anything, presumably ownership of the phone now passes to an heir (the mother maybe or a sibling). These heirs seem to be willing to co-operate with the police, so the new owner of the phone should ask for help from Apple to get into what is now their phone.
Nullius in verba
This only works on really old iPhones. The count is kept in the Secure Enclave since the iPhone 6 I believe.
Cwm, fjord-bank glyphs vext quiz
If Apple can update the firmware to prevent bricking the phone then they can update the phone to match any pin.
That's not how it works. The iPhone doesn't check that you entered the correct pin. What it does is calculating a decryption key for one key stored in the CPU (which cannot be extracted by any means), one key stored in the flash drive (freely readable), and the pin. Someone needs to enter the correct pin. Without that, the iPhone is totally incapable of reading most data on the phone.
(There is some data that is encrypted _without_ the pin code. That makes it possible for example to use the calculator, take photos, call emergency services without entering the pin).