Frazzled wrote:


Its now being reported the government has asked to crack multiple phones, so its not just a one time thing.

If Apple does it for the US, I am sure China will be "on the phone" pun intended within micro seconds (assuming they haven't hacked it already).
What if its uncrackable with current technology?

 Frazzled wrote:

 Ketara wrote:
The whole issue appears to be being spun heavily both sides.

Apple creating a new form of OS that can be loaded without unlocking the phone to permit access does not automatically build a backdoor into every device as they're saying. It's not a general security risk unless the FBI upload it to the internet. And it is problematic for the security services if they literally cannot access devices used by terrorists and criminals any more.

But there's no way the FBI will just delete it once it's been created. They will hang onto it. I doubt any power on earth could remove it from them once it's been created. Not to mention the dubious ethics of forcing Apple (who have no relation to the case) to spend money and man hours developing software not in existence. It also means that once it is known the FBI can do that, you're effectively shooting Apple's sales in the foot.

I (personally) believe that whilst companies should help state security where appropriate, it is not necessary for them to be assuming the technical and financial responsibility of counter-intelligence services, especially to the detriment of their own market advantage. If the software already existed, I would advocate them letting the FBI use it (just this once, and on a case by case future basis), but building it?

No. The way this should have been handled is with Apple privately contracting (for an appropriately sum of money) to build a piece of software that does what is asked by the FBI, for the FBI, under very strict contract conditions (namely the usage on a single phone), with it being written into the contract explicitly that this was for one use. Have that one use be in an Apple building somewhere under Apple oversight and control, and then let them bury it in a vault somewhere in Switzerland after the data has been retrieved from the one device. That keeps it secure and means the Government has to go through them again if it needs to unlock more phones, on a case by case basis.

That would have been the logical thing for both sides to agree on here. Instead we have Apple trying to play Guardians of Justice and abdicate their moral responsibility, and the FBI trying to pass the buck for doing their job. Not impressed with either.

Its now being reported the government has asked to crack multiple phones, so its not just a one time thing.

If Apple does it for the US, I am sure China will be "on the phone" pun intended within micro seconds (assuming they haven't hacked it already).
What if its uncrackable with current technology?

A federal magistrate-judge in New York City has ruled that the U.S. government can't force Apple to hack an iPhone to investigate a drug dealer.

It's a win for Apple, which is being pressured by federal law enforcement agents to help it break into iPhones in at least 13 instances across the country. Apple says doing the federal government's bidding would undermine the security features in hundreds of millions of iPhones around the world.

So far, the Department of Justice is relying on the All Writs Act, passed in 1789, which gives judges broad discretion in carrying out the law.

But on Monday, Judge James Orenstein said federal investigators can't use that law to pull this off.

The U.S. government's argument doesn't justify "imposing on Apple the obligation to assist the government's investigation against its will," the judge wrote.

Orenstein said law enforcement is inappropriately trying to use powers that it hasn't been given by Congress.

"[T]he question to be answered in this matter, and in others like it across the country, is not whether the government should be able to force Apple to help it unlock a specific device," Orenstein wrote. "[I]t is instead whether the All Writs Act resolves that issue and many others like it yet to come. ... I conclude that it does not."

This particular criminal case involves a methamphetamine dealer, Jun Feng, who was arrested in 2014 and cut a plea deal with prosecutors. Last year, the Drug Enforcement Agency got a search warrant to look through Feng's iPhone 5C to track down his fellow drug dealers and customers. But the device is running the iOS 7, and agents couldn't crack the passcode to see the data inside.

The DEA asked for Apple's help. Apple initially said it would help -- but now it's unwilling. The U.S. Department of Justice claims Apple is being inconsistent.

"Apple ... only changed course when the government's application for assistance was made public by the court," the department said in a statement on Monday, implying that Apple is merely doing this to save face and seem protective of customers' privacy.

On a call with reporters, an Apple senior executive said Monday the company did offer to help -- but only if the U.S. government makes a lawful request.

"We will produce information when there is a lawful order to do so," the executive said. "But Judge Orenstein, on his own behalf, said he would not issue this order."

Federal prosecutors plan to object to Orenstein's decision and take it up with the U.S. district judge overseeing the case.

"This phone may contain evidence that will assist us in an active criminal investigation and we will continue to use the judicial system in our attempt to obtain it," the department said.

American Civil Liberties Union staff attorney Alex Abdo called the ruling "a victory for privacy, security, and common sense."

Apple (AAPL, Tech30) is facing pressure in 10 other cases nationwide to help agents break into 13 phones.

These cases are being closely watched, because they pit the federal government against the richest tech company on the globe. They raise serious questions about the authority of law enforcement to force companies to help in hunting down criminals.

In a well-publicized case involving the FBI trying to break into an iPhone 5C belonging to one of the San Bernardino shooters, Apple is arguing the U.S. government can't force it to write code.
--CNN's Laurie Segall contributed to this report.

Snowden wrote:The global technological consensus is against the FBI. Why? Here's one example: https://www.aclu.org/blog/free-future/one-fbis-major-claims-iphone-case-fraudulent

The largest chip on the back (outlined in red above) is the NAND flash, where all the data is stored, including both the encrypted filesystem and the Effaceable Storage.

The FBI can simply remove this chip from the circuit board (“desolder” it), connect it to a device capable of reading and writing NAND flash, and copy all of its data. It can then replace the chip, and start testing passcodes. If it turns out that the auto-erase feature is on, and the Effaceable Storage gets erased, they can remove the chip, copy the original information back in, and replace it. If they plan to do this many times, they can attach a “test socket” to the circuit board that makes it easy and fast to do this kind of chip swapping.

If the FBI doesn't have the equipment or expertise to do this, they can hire any one of dozens of data recovery firms that specialize in information extraction from digital devices.

Jeff Mason wrote:Sidestepping Apple dispute, Obama makes case for access to device data

AUSTIN, Texas (Reuters) - U.S. President Barack Obama on Friday made a passionate case for mobile devices to be built in such a way as to allow government to gain access to personal data if needed to prevent a terrorist attack or enforce tax laws.

Speaking at the South by Southwest festival in Texas, Obama said he could not comment on the legal case in which the FBI is trying to force Apple Inc. to allow access to an iPhone linked to San Bernardino, California, shooter Rizwan Farook.

But he made clear that, despite his commitment to Americans' privacy and civil liberties, a balance was needed to allow some intrusion when needed.

"The question we now have to ask is: If technologically it is possible to make an impenetrable device or system where the encryption is so strong that there is no key, there's no door at all, then how do we apprehend the child pornographer, how do we solve or disrupt a terrorist plot?" he said.

"What mechanisms do we have available to even do simple things like tax enforcement because if in fact you can't crack that at all, government can't get in, then everybody is walking around with a Swiss bank account in their pocket."

The Justice Department has sought to frame the Apple case as one not about undermining encryption. A U.S. Federal Bureau of Investigation court order issued to Apple targets a non-encryption barrier on one iPhone.

The FBI says Farook and his wife were inspired by Islamist militants when they shot and killed 14 people on Dec. 2 at a holiday party in California. The couple later died in a shootout with police.

"Setting aside the specific case between the FBI and Apple, ... we’re going to have to make some decisions about how do we balance these respective risks," Obama said.

"My conclusion so far is you cannot take an absolutist view."

Obama was speaking at the South by Southwest festival in Austin about how government and technology companies can work together to solve problems including making it easier for people to vote.

 Co'tor Shas wrote:
And this is why I roll my eyes whenever people call him progressive.

 Co'tor Shas wrote:
And this is why I roll my eyes whenever people call him progressive.

 Grey Templar wrote:

 Co'tor Shas wrote:
And this is why I roll my eyes whenever people call him progressive.

Its a weird dichotomy of our politics.

Republicans are socially conservative and financially liberal.

Democrats are socially liberal and financially conservative.

 Breotan wrote:

 Grey Templar wrote:

 Co'tor Shas wrote:
And this is why I roll my eyes whenever people call him progressive.

Its a weird dichotomy of our politics.

Republicans are socially conservative and financially liberal.

Democrats are socially liberal and financially conservative.

I'd say Democrats are even more financially liberal than Republicans. They just have different spending priorities.

 whembly wrote:

 Co'tor Shas wrote:
And this is why I roll my eyes whenever people call him progressive.

Um... he's advocating for "big governance".

Seems progressive to me...

 jmurph wrote:
That is hilarious.
FBI: We need Apple's help to get to terrorist secrets!
Apple: No way! That would compromise our impregnable security!
FBI: Never mind, we got someone else to do it. Turns out it wasn't even that hard.
Apple: Wait, what?

Follow the money: Apple vs. the FBI

By Charlie Stross
A lot of people are watching the spectacle of Apple vs. the FBI and the Homeland Security Theatre and rubbing their eyes, wondering why Apple (in the person of CEO Tim Cook) is suddenly the knight in shining armour on the side of consumer privacy and civil rights. Apple, after all, is a goliath-sized corporate behemoth with the second largest market cap in US stock market history—what's in it for them?

As is always the case, to understand why Apple has become so fanatical about customer privacy over the past five years that they're taking on the US government, you need to follow the money.

Apple wasn't very good about customer security in the early days of iOS. Early iterations of the iPhone notoriously lied about the security of SSL connections to email servers; my understanding is that this led to them being banned from some corporate and government accounts for a few years. But then they seem to have realized that security wasn't merely a useful feature to pitch to their customers, but a necessity. And the reason it's essential is Apple Pay.

When you're making $50-100Bn a year in profit, you can't put the money in a bank: you have to become a bank. And that's what Apple Pay is about, and that's why Apple have become fanatical about customer privacy and electronic civil rights (in one very narrow field)...

Ultimately the banks are going to discover—the hard way—that getting into bed with Apple was a bad idea, about the same way that getting into bed with Amazon over ebooks was a bad idea for the Big Five publishers. Apple is de facto an investment bank, right now: all it needs is a banking license and the right back end and regulatory oversight and risk management and it will be able to go toe-to-toe with the likes of Chase or Barclays or HSBC as a consumer bank, too. And Apple has a very good idea of how risky their customers' behavior is because unlike the banks and the credit card settlement network they're not running on incrementally upgraded legacy infrastructure designed in the 1950s. Note those two words a couple of sentences ago: "risk management". Banks are not in the business of holding your money or making loans; they live or die by how well they manage risk. Apple, like Google, has a much richer relationship with their customers than any bank. They can (for example), with a customer's position, know roughly where the customer's phone or watch is moving, and thereby spot faked payment credentials if someone clones the device and tries to use it to buy something a thousand miles away. The CC networks have velocity checking but it's a really crude metric for spotting fraud: Apple can massively improve on it.

And that gives the phone vendors an opportunity to leapfrog over the existing banking infrastructure in the efficiency of their risk management protocols, by reducing fraud while simultaneously knowing much more about their customers' habits and being able to spot potentially risky activity patterns early enough to reduce their exposure.

Here's my theory: Apple see their long term future as including a global secure payments infrastructure that takes over the role of Visa and Mastercard's networks—and ultimately of spawning a retail banking subsidiary to provide financial services directly, backed by some of their cash stockpile.

The FBI thought they were asking for a way to unlock a mobile phone, because the FBI is myopically focussed on past criminal investigations, not the future of the technology industry, and the FBI did not understand that they were actually asking for a way to tracelessly unlock and mess with every ATM and credit card on the planet circa 2030 (if not via Apple, then via the other phone OSs, once the festering security fleapit that is Android wakes up and smells the money).

If the FBI get what they want, then the back door will be installed and the next-generation payments infrastructure will be just as prone to fraud as the last-generation card infrastructure, with its card skimmers and identity theft.

And this is why Tim Cook is willing to go to the mattresses with the US department of justice over iOS security: if nobody trusts their iPhone, nobody will be willing to trust the next-generation Apple Bank, and Apple is going to lose their best option for securing their cash pile as it climbs towards the stratosphere.

 Tannhauser42 wrote:
If we're going to go with the conspiracy theories, I'll go with what I proposed earlier: this is just an elaborate cover-up to hide the fact that Apple has, and has always had, a backdoor in their system, but they just don't want anyone to know.

 Kilkrazy wrote:
We don't know how hard it was, but clearly it wasn't impossible. Now it's been done once, it might be easier and quicker the next time it has to be done.

 Steve steveson wrote:
What I find amusing is people in the media comparing this to a search warrant. This is more like the FBI demanding safe manufacturers produce universal keys.

 Steve steveson wrote:

 Kilkrazy wrote:
We don't know how hard it was, but clearly it wasn't impossible. Now it's been done once, it might be easier and quicker the next time it has to be done.

Possibly not. This was an iPhone 5 which has software encryption. The iPhone 6 has hardware encryption and should be significant more difficult to crack.

What I find amusing is people in the media comparing this to a search warrant. This is more like the FBI demanding safe manufacturers produce universal keys.