Thanks for the link. The claim from the FBI that it was "just" about marketing is a bit rich given that Apple is a hugely valuable brand, which will be affected by the outcome of these battles - and the FBI have no skin in that game. Apple would not be doing its job by its shareholders if it did not fight this - leaving aside claims of principle and morality. It's also dubious for Apple to claim it's not about marketing - because in a way, they are supposed to represent their market - a global one. Ironically, there's very little representation of the public all round, which is why this battle is being played this way. It's also interested from the Pew survey that a little over half US Americans support the order. I do wonder what that figure would be from people around the world. From a technical perspective, there is a fairly obvious market pressure to develop and offer phones which have well and truly pulled up the drawbridge - whether by Apple or other parties in other jurisdictions. One of the big problems I think is that the market demand for better privacy has been fuelled by the mass-surveillance problem, and the destruction of trust in the authorities - whereas before the deal that one accepted as a citizen is that warranted individual search was OK, that deal has been broken by the mass unwarranted surveillance, and hence the demand.
In this particular case, 'Privacy' is a canard. The level of privacy protection on Apple systems is chosen by Apple, not by their customers. 'You do not know and you have no need to know', as far as they are concerned. It needs to be recognised that the very same accusations of spying that's levied against Google and Microsoft is levied against Apple. Respecting user privacy is not their priority. Protecting their brand and intellectual property is. @deBoetie. " Ironically, there's very little representation of the public all round". I did take this out of context, but it is the crux of the Privacy argument too. I think the court will instruct Apple and the DoJ to come up with a negotiated settlement, whereby the FBI gets the info they need without any ongoing access and Apple gets to assure their customers that this was possible without putting security at risk - that being, user security and national security. Then we all get the warm fuzzies and move on. Win-win.
I must agree with you here. If it weren't for the so called "Patriot Act" (USA) and the bypass of the FISA court (Foreign Intelligence Surveillance Act) plus the revelations RE the NSA there wouldn't be so much polarization around these issues. It's a sorry situation that there is so much fear of the government that people would rather protect the phones of terrorists than risk their own privacy.
What? Bill Gates is advocating for a reasonable solution? “I hope that we have that debate so that the safeguards are built and so people do not opt — and this will be country by country — [to say] it is better that the government does not have access to any information,” he said. What a concept...
"Have more debate, build safeguards, strike an appropriate balance" isn't a solution. Lets call it an approach. One that *might* lead to a solution that *might* be reasonable in *some* peoples' eyes. However, such an approach could only be helpful if consumer rights groups, citizen rights groups, and genuine security/privacy experts are a major force in the proceedings. Commercial companies and government agencies have little if any credibility when it comes to consumer/citizen security and privacy rights. Plus, they literally should never be allowed in the same room together, unsupervised, because they will strike one of those backroom deals, wrapped in secrecy, topped with an immunity bow, with money from our wallets tucked into an attached card.
I'm having trouble believing that folks here at Wilders not the Great Unwashed believe any of this public BS. It's all been settled.
I believe that what was meant is that prior to the iCloud password being changed, the phone — when connected via a known wi-fi SSID — would contact the iCloud servers and would automatically login with the password which it had stored within a special repository which Apple calls the “keychain”. If the iCloud password was changed on the phone itself, then the phone would have known to update it’s local “keychain” at the same time as it registered the change with the iCloud servers. However, in this case, the iCloud password apparently was changed via a web browser or some similar means. This meant that the iCloud servers are expecting a new password, but the phone only knows the old password. What would happen from a user perspective is that once you log into, and open up your phone — which the FBI & Apple can’t presently do — then the user would be presented with an alert that the iCloud password has been changed via another device and that the user must re-enter the new password on this device in order to be able to continue to access iCloud services. In fact, Apple will also email you at the email address associated with the iCloud account every time a new device is associated with iCloud, or that the password has changed and on which device it was changed. ** EDIT: One other clarifying fact... one's iCloud password is not the same as the passcode use to enter the device itself. The two are separate. That's how the iCloud password can be changed, but the local phone passcode remain unchanged. One is a password for a web service (like your Facebook password), and one is a password for the device (like the password you use to log into your computer). **
I agree in part, disagree in part. The fact that Apple choses the current level of protection does not render their complaint as sophistry. As stated previously, Apple is arguing “the larger argument” around principles, creation of “backdoor” tools signed by them, handling of “follow on” cases, and whether tech companies will be allowed to continuously improve digital security going forward. The FBI is claiming that they are just arguing about access to this specific phone. To a degree, one’s views on the matter are colored by who you believe… and what the argument really is about. I understand those that are making the argument that this is no different than searching someone’s house. The FBI have a valid warrant and they can search the house or property listed in the warrant. I respect that. That’s the rule of law as we know it in America. But, to me at least, this case is not analogous to the house warrant. To me, the FBI has a warrant and they have asked the court under a 200 year old writ to force the vendor of a specific brand of house locks to make a special lock-picking tool. This particular brand of house locks is used in 50% or more of homes across the nation, and indeed, across the world. This particular brand of house lock has been purposely designed to *only* work with keys manufactured and stamped by the vendor of the house lock. The FBI isn’t asking for just one single key for the one single house (although they claim to be). The FBI is asking for a lock-picking tool made by the lock manufacturer that can be used on any house using that vendor’s lock. In the physical world, if someone in San Bernardino is a bank robber and the FBI has a warrant and they search his house… it doesn’t really affect me in Dallas one iota. It’s just a curiosity to me. However, if the FBI gets the vendor-made lock-picking tool, and this lock-picking tool is extremely easy to duplicate and share once made in the first place — and, indeed, no one can likely deny the possibility exists that tool could fall into the wrong hands — then, yes, absolutely that warrant and the creation of that tool *does* affect me. At a minimum, I think Apple deserves its argument to be made to the court system in a more considered fashion and that they should have the right to appeal and make their case. If they lose in the Appellate court, and possibly in the Supreme Court, then that is our system. But the FBI’s instance in the original 5 day compliance with a judge’s use of a 200 year old writ in what many (including myself) would consider a relatively novel approach to forensics in the modern digital world is *not* part of the slow and deliberative American jurisprudence system. Initially, the FBI was trying to bully and badger Apple into doing something that Apple obviously feels that they have the legal right to protest against prior to essentially automatic compliance.
Agreed. It is all a charade, the FBI probably had it open within the hour. The phone conversation probably went something like this: FBI: Tim, we are sending you a court order to unlock a phone. Tim: You know publicly we have to kick up a stink over the request. Need to keep the Apple Slaves thinking we still care. FBI: I know, dont worry we unlocked it using the signing key you gave us a few months ago. Its an election year and we just need to make sure our budget increases go through. Tim: Understood, just make sure that I get that on the approved government vendors list. Incredibly difficult to secure an electronic device when the adversary has physical access. It is also worth noting that the FBI has the phone in a locked state (it has network access) which is even easier. If it was a turned device that was turned off and encrypted with LUKS then it is probably more resistant.
@driekus Thank you, finally some acknowledgement of the truth. The elephant is in the room & the emperor has no clothes.
Protecting against someone who has gained physical access and/or access to the system while it is somewhat up and running/communicating is certainly more difficult. However, as you would likely know but some other visitors might not, those would not be problems an engineer would give up on. In fact, those types of problems are approached head-on in some defense and other applications. Raising the bar makes sense, even when you know ahead of time that there are some who could clear it. For even those who could clear may deem some cases not worth spending money/time on and there will be others who can't do it even if they wanted to. I question whether or not Apple can be convinced to raise the bar, and the same goes for all other mainstream players. Even if not, we need to do everything we can to try to establish/preserve a right to raise the bar.
http://www.csoonline.com/article/30...-other-ios-devices-waiting-for-backdoors.html Even that story isn't clear cut as the FBI are saying Apple didn't object to some of the orders involving other iOS devices. This case gets more and more convoluted.
Apple Is Said to Be Trying to Make It Harder to Hack iPhones http://www.nytimes.com/2016/02/25/t...e-working-on-an-iphone-even-it-cant-hack.html
Hearing video The Encryption Tightrope: Balancing Americans’ Security and Privacy https://www.youtube.com/watch?v=g1GgnbN9oNw Length: 4:00:15
http://arstechnica.com/security/201...shoe-because-he-doesnt-know-how-iphones-work/ John McAfee; Surely cannot be that simple.
Maybe if the Apple team hired children. ANY responsible encryption scheme employs a hash along with algo's, salt, etc.. to derive it. Only be entering the correct passcode and running through the algo scheme seeking validity, does it return a TRUE response opening the system. I am speculating based upon my code work with LUKS, TrueCrypt, VeraCrypt. There should be NO place on the surface of the hardware media where a "plain text" passcode is stored. A child in encryption studies would know that! Bear in mind that I am in the dark as to how the failed attempt counter is engineered into the mix. If that feature were to be removed (if its possible) then cracking what is likely to be a < 8 digit number passcode would be seconds or minutes at most.
San Bernardino DA says seized iPhone may hold “dormant cyber pathogen” http://arstechnica.com/tech-policy/...eized-iphone-may-hold-dormant-cyber-pathogen/ From the DA's filing: He now says there's no evidence of cyber doom, wants iPhone unlocked to be sure. http://arstechnica.com/tech-policy/...nt-cyber-pathogen-san-bernardino-da-wont-say/
I am thinking they are just watching CSI: Cyber for ideas. There is no evidence of it, but the phone may contain all the launch codes for the US nuclear arsenal. I dont think Apple handled the hearings well. It will be interesting to see how the core arguments hold up: 1.) Conscripting Apple to conduct work for government is akin to slavery 2.) Forcing Apple to do this is impeding free speech (code as speech) 3.) Encryption is considered a munition and therefore limiting it is tantamount to infringing right to bear arms (Apple havent used this argument but I believe it is valid) Personally Apple is just putting on a show, I dont think they really want to win the case. Interested to see the new iphones. I am guessing they will have some new form of encryption that people will fall over to buy.
