I have to agree with the FBI on this one, Apple and other companies shouldn't make such a big deal about it.
My above post doesn't convey my meaning anymore. Agree with the message that the stodgy hiring practices of the *** are holding the US back. I did say something in addition.
The Electronic Frontier Foundation (EFF) has this to say in support of Apple: https://www.eff.org/deeplinks/2016/02/eff-support-apple-encryption-battle
http://arstechnica.com/apple/2016/02/encryption-isnt-at-stake-the-fbi-knows-apple-already-has-the-desired-key/ "The FBI ... just wants to try more than 10 PINs." IMHO, Apple needs to take that ONE phone, set it up in one of its clean room labs and get to work.
Apple has to proceed carefully here because this is precedent setting. Ultimately, devices need to be accessible providing a court has deemed it necessary. This places an onus on the police to prove that the device may contain relevant information. If the suspect is alive, he could be held in contempt for refusing to unlock the device. If the suspect is deceased, it should be the manufacturer, not the police who is able to unlock and read the device. We don't want the police to have free access to the tools that would allow them to unlock, decrypt and inspect every device they seize, and we don't want them having backdoor access via OTA/intercept methods.
What's wrong with you people? This is nothing but smoke screen; Apple is more a submissive *** than Microsoft is. These type of arguments are only distractive.
The constitution protects against "unreasonable search and seizure", not all search and seizure. It is the court that authorized the search of the phone and ordered Apple to assist, not the FBI. The FBI did not cross a line, but in fact followed the rule of law by taking the matter to the court. From this site: http://appadvice.com/appnn/2016/02/should-apple-fight-a-court-order-to-hack-into-an-iphone-5c "On Feb. 16, a magistrate for the United States District Court for the Central District of California issued an order compelling Apple to “assist in enabling the search of cellular telephone, Apple make: iPhone 5C.” Apple is ordered to provide “reasonble technical assistance to assist law enforcement agents in obtaining access to the data” on the handset."
I think this entire issue/challenge might just eventually be taken up to the so called Supreme Court. Mobile Phone technology enters yet another phase of a challenge but this time as concerns Law vs Privacy limits. This saga is only just beginning.
This is precisely what the court ordered: https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf
The problem sort of depends upon how you view it. If you see it as "let the FBI into this one phone"... as the court order in paragraph / clause 1 sort of disingenuously tries to state by making reference to the very specific phone, model, S/N, and IMEI... then, yes, nearly everyone is going to say Apple's being ridiculous, let the FBI in. If, however, you read the rest of the court order as saying "build the FBI a tool that can hack any iPhone"... specifically paragraph / clauses 2 & 3 which require Apple to create a new Software Image File (SIF) that can be loaded on the specific phone in order to perform all the bypasses requested... then, I think more people begin to have pause, and are more willing to say no. The FBI is, in my view, purposely misleading the public and likely this judge into thinking this is just about the one phone. They know it's not. They've been wanting this backdoor tool for months now, and they've seized upon this San Bernardino incident as a great public relations case for them to get what they want. The problem here, to me and many others, is that other people -- crazy John McAfee, the Chinese, the Russians, etc -- could likely fairly easily build their own SIF that they could load on an iPhone for this very purpose. Although I'm no expert on this, I suspect that the only tricky part would be signing the code so that it looked like Apple-legit firmware that the phone would accept and run. But I bet they can do that. Our NSA seems to have no problems faking corporate code-signing certs (since they impersonated Microsoft for their auto-update attack on one of their malware projects). Rather than trying to help Apple make the encryption tighter and more foolproof for EVERYONE, the FBI wants to purposely undermine it.
(continuing as devil's advocate...) In clause 3 it states that the SIF would be coded with a unique identifier of the phone so it would only work with that phone. What is the problem with this? Is it that by creating the SIF Apple does all the heavy lifting for the FBI and they can reverse engineer it deal with the unique identifier limitation? I agree that's a real possibility and I don't how the situation with Apple Vs FBI effects it. And regarding this part of the statement on the EFF website i.e. "Even if you trust the U.S. government, once this master key is created, governments around the world will surely demand that Apple undermine the security of their citizens as well." what is there to stop governments around the world from pressuring Apple to do this regardless?
Doubtful. Odds are that there is nothing particularly interesting on this phone other than some crappy middle eastern music, some hideous photos of that wife, and a Quran browsing app. Also, odds are that the passcode is just some dumb 4 digit passcode like "1111", "2222", or "1234". However, let's say you are right... and the FBI finds a "contact list" with every single ISIS agent in the USA on the phone, with contact photos for each, and a list of upcoming attacks on this Farook guy's calendar. That would be nice. I agree. Although the FBI should be able to largely get that contact info already from phone records from the phone companies. More importantly, though, the cost of doing so isn't simply having Apple task a few programmers to program it for a couple weeks. Rather it's the cost to everyone that a tool now readily exists that can bust into any iPhone and it's signed by Apple. How many people really believe that tool won't leak into the hands of people with malicious intent and not just the Feds? The Feds will share it with a local police department for a case, and then some local cop will think its cool to put it out there via Torrent or something. And, BAM, next thing you know your phone is hacked and the dude logs into your banking mobile app cause you've got it setup on your phone, and they then billpay themselves the account balance. Not so funny now, eh?
"Apple can lock the customized version of iOS to only work on the specific recovered iPhone and perform all recovery on their own, without sharing the firmware image with the FBI." " Apple has been told to get its customized iOS onto Farook's iPhone 5C during boot-up without having to unlock it – and the company hasn't denied it can do that. According to iOS security guru Jonathan Zdziarski, it is entirely possible for Apple to install a firmware update on a locked device ..." http://www.theregister.co.uk/2016/02/17/apple_iphone_5c/ These above statements were made by experts in the article.
What is preventing hackers from doing this sort of thing right now on all of the un-encrypted cell phones where people don't even use a lockscreen?
That people's lives/country could be at stake is totally irrelrevant to the term "UNREASONABLE search and seizure." in The Bill Of Rights. "Unreasonable" is used respectecting the scope, type of search authorized by a warrant, e.g., is an anal cavity search "Unreasonable." The fact that people's lives are/could be at stake has relevance only to the question of whether or not there is "probable cause" for the Judge to have issued a warrant of any type respecting the phone, it is irrelevant to the scope of the warrant that has been issued against Apple. That's the Law. However,the psychological impact on the judge of the stakes, in practice, undoubtedly influence his decision of the reasonablesness of the scope of the search, the Law notwithstanding. IMHO if there is any way the OS installed in the subject phone could be uncovered,recovered, in whole or in part, than this warrant is extremely dangerous. The FBI is not asking Apple to somehow extract the data. It is asking Apple to create software that would allow the FBI to extract the data. Could Apple deny the Chinese the same service? I know Apple sales are down in China, but they still derive a lot of revenue there. Also this is a very slippery slope. The warrant was Issued under the rarely used All Writs Act, a 200 year old statute. It is used where there is no other statute that is specifically applicable. There are no specific standards and little precedent. If this order is upheld, where does the FBI's, NSA's power end?? [Yes I know -- wherever they believe it does- As in It Has no End - at least until another Snowden emerges ]
Nothing... but most people running around with an unlocked iPhone don't probably enable the bank app to sign them in automatically as they have no expectation of privacy or sole control anyway. Rather it was just an example. There are millions of other alternative hacks to be done. More Jennifer Lawrence photos to be stolen whatever. People freaked out about it when those celebrity photos get out, and cursed Apple even though I recall the issue had to do with insecure iCloud credentials. Now, hackers and paparazzi won't need to work very hard... they pay someone to steal the person's iPhone, run the Apple-signed / FBI-approved brute-force hacking tool, and whammo they are in. Here's the thing. I don't expect the security on a phone to be like Fort Knox. But I don't want our government forcing vendors to create the tools to break-in either. If someone else does it, then... dang... Apple needs to step up their game and implement better security. But here the Feds have Apple boxing themselves, and I feel it's us, as users, that are taking the punches.
In which case Tim Cook should be saying something like: "Our devices already have a backdoor. They want us to use that already-existing backdoor to install an additional backdoor that will...". I can't remember where I saw the discussion, but some seem to believe that Apple can even update the firmware in the secure enclave of newer phones. Without device owner approval or ability to disable, and without resorting to extraordinary measures such as physically opening and tampering with chip internals, mind you. Edit: https://news.ycombinator.com/item?id=11116274 https://news.ycombinator.com/item?id=11128212 https://twitter.com/JohnHedge/status/699882614212075520 http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-order/ was updated
"Responding to the DOJ filing, a Senior Apple Executive said that the company had not stated that unlocking the iPhone was technically possible. Within 24 hours of the government taking possession of the San Bernadino shooter's phone, the Apple ID pass was changed, the executive said, adding that the backup may have been accessible prior." http://www.huffingtonpost.com/entry/us-apple-san-bernadino_us_56c7755de4b0928f5a6bcd29
I stand by what I said & someone else mentioned. This fight is only for the public. This is the only way it can be done nowadays. As a nationalist I approve. As a free thinker.... It's hard for me to see this in B&W sometimes. Oh yeah throw in the fact I hate crapple.
Do you really believe most people think it through and make considered choices about the security on their phones? I'd love to see a study done on it. Without actual data I would tend to assume that people treat phones the same way they treat computers, e.g. they don't have an initial logon password (enabled lock screen), they have the apps save login credentials so they don't need to be re-entered for each use, they use open public WiFi without VPN, etc.
I would hate for Apple to backdoor the iPhone in question. It would undermine security and privacy across all smartphone makers. I hope Apple win on appeal. This is going to the Supreme Court. Big ramifications if Apple are made to backdoor the iPhone in question.
