Encryption

The Encryption Fight We Knew Was Coming Is Here—and Apple Appears Ready

Company will not compromise user security to help access terrorist's phone.

|

We're not safe until we check their "Words with Friends" scores.

We have one massive test case for Apple's commitment to end-to-end encryption on its smart phones in the dock. Syed Farook, one of the terrorists responsible for killing 14 people in San Bernardino, California, had a locked iPhone, and the FBI has not been able to access its contents. So they're trying to get help from Apple, and they've turned to a judge to try to force the company's assistance.

Yesterday a judge sided with the FBI, ordering Apple to not exactly create a back door to bypass its encryption, but pretty damn close. The judge has ordered Apple to assist the FBI by making it possible to bypass or deactivate the auto-erase function that deletes the contents of the phone after too many failed password attempts; to allow the FBI to electronically submit passcodes rather than manually; and to eliminate any delays in the system between password attempts. The demands are clearly designed so that the FBI would be able to try to brute force the password by attempting every possible number combination. (You can read the full order and some technical analysis at Techdirt here).

Apple does not appear to have the ability to comply with the order at this very moment. But it seems clear that Apple can possibly develop such a tool that will comply based on President Tim Cook's response. So among the many questions we're dealing with here is whether the judicial system can force a private company to develop certain tools for the purpose of furthering the government's goals.

Cook is saying no. And his response on behalf of Apple (directed toward Apple's customers) provides a clear, level-headed understanding of why this encryption must exist and must be protected, even if it "helps" the occasional terrorist:

In today's digital world, the "key" to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that's simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

What Cook doesn't say but should be extremely obvious is that even if Apple creates only one of these devices for the government, the feds will most certainly try to backwards-engineer the tool to figure out how to replicate it. We have seen every single surveillance authorization given to the federal government abused and expanded to snoop on citizens for inappropriate reasons and without due process. There's no reason to believe the same thing won't happen here and that the justification for breaking encryption won't be defined downward from "terrorist who killed 14 people" to "suspected drug dealer" or what the FBI defines as a domestic "extremist." Cook does make note of how this authority would eventually be corrupted:

The implications of the government's demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone's device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone's microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

Republican presidential front-runner Donald Trump has no interest in any sort of nuanced discussion of privacy and civil liberties and has demanded that Apple comply, saying, "To think that Apple won't allow us to get into her cellphone? Who do they think they are? No, we have to open it."

On this situation, Trump sounds just like the "establishment" politicians in both parties, who have no interest in Americans' privacy if it gets in the way of government authority, and they really don't seem to be interested in the negative consequences. Folks like Trump (and senators like Dianne Feinstein and Richard Burr) care only that the government can access any information it wants to at any time. They do not seem to care that this process will open up their own constituencies to further fraud and potential crimes.

So we have to rely on one of the biggest tech corporations in the world to protect us from the government. I wonder how many sci-fi cyberpunk writers saw that twist coming.

Advertisement

NEXT: Sheriff Wonders Whether Beyonce's Super Bowl Show Inspired Violence Against Police

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. Thank Snowden. The aftermath from his revelations showed businesses that it’s not good business to roll over for the United States government.

    1. Correct. There’s no slippery slope anymore when it comes to government, especially when it comes to issues of national security. If they have a tool available, they’ll use it, period. It doesn’t depend on the legal issues in the particular circumstances.

      1. Slippery slope is now cliff of certainty, and gravity is a bitch.

        1. it aint the grabbity that’s the problem. Its that dang DIRT that gets in the way whilst Grabbity is having its fun with you.

  2. BREAKING: Apple cares more about your privacy than reason!
    /runs into the swamp

  3. “To think that Apple won’t allow us to get into her cellphone? Who do they think they are? No, we have to open it.”

    Yeah!! How DARE they not “allow us” into that phone!! By refusing to invest time in money in creating custom-court-ordered software to literally dismantle and render worthless their large investment of time and money spent on security features!!

    Government: If you want custom hacking software, write the damn thing yourself. I don’t think you should have it at ALL, but if you’re going to get it at least pay for it yourself, don’t demand free shit from devs.

    1. I like how the only person quoted is Trump. You know, when people involved in writing the actual legislation that will demand this are on the record with plenty of idiotic statements supporting back doors and an absolute surveillance state.

      Nice work there.

      1. There was a reason it was Trump who was quoted. He’s the Republican front-runner for president; another example of a not so conservative “conservative”. You should have been able to expropriate the reason easily enough.

        1. Why not capture a quote from our sitting President about CISA? Or Burr and Feinstein? You know, the people making a concerted effort (with the ability to do so) to dismantle our personal privacy?

          Seems to me their thoughts on this are a lot more relevant than a guy with possibly a 20% chance of holding elected office a year from now…which will be 9 months after the legislation is passed and signed into law, by the way.

          1. There’s no legislation in this story. This story is about a court order and Apple’s response to it.

            1. There should have been mention of the legislation Feinstein and Burr are trying to shepherd through the Intel Committee enhancing CISA that will force Apple to provide the key being demanded by this judge.

              Or, you know, the legislation the judge used as a pretext to demand Apple help…the very same CISA those two got put in the Appropriations Bill that Obama signed into law on December 18, 2015.

              But it’s easier to quote Trump than the real culprits here I guess.

            2. Furthermore, how can a court order exist without legislation?

              1. Or, you know, the legislation the judge used as a pretext to demand Apple help…the very same CISA those two got put in the Appropriations Bill that Obama signed into law on December 18, 2015.

                Furthermore, how can a court order exist without legislation?

                The order is pursuant to the All Writs Act; it says so in the first sentence.

                1. I stand corrected.

                  But my point stands: too much energy is wasted quoting a man that might have a 20% chance of impacting my life through government. And too little energy is spent quoting the people that are having an immediate impact on my personal liberty at this moment.

                  That’s all I was getting at.

                  1. “And too little energy is spent quoting the people that are having an immediate impact on my personal liberty at this moment.”

                    Do you really need quotes? Action, words, speak louder than.

        2. There is no legitimate way you can call Trump a conservative. He has held every policy position under the sun, and doesn’t give a shit about the Constitution.

    2. Maybe Trump will want to use “Eminent Domain” to seize the data.

      1. In his fantasy world, can’t the government simply seize Apple for the common good?

        1. I wonder how The Jacket intends to square this inconvenient story with his theory that Sanders and Trump are the dawn of a Libertarian Moment.

          If people really support Sanders and Trump, then the message is not “Government is run by cronies and insiders, so let’s get rid of government.” No, the message is clearly “Government is run by cronies and insiders, so let’s put our guy in there to govern harder the way we want”.

        2. In Trump’s fantasy world seizing Apple would imply that he didn’t already possess it. Sending one of Lord Trump’s subjects to a supermax prison for refusing an order from the Crown would be probably be more his style.

          1. Shit, it worked for Obama.

        3. Isn’t that what they did to General Motors? 😉

  4. OT: New York ACLU director opposes mens rea reform because Republicans are big meanies.

    “”To Convict, Prove a Guilty Mind,” by Gideon Yaffe (Op-Ed, Feb. 12), highlights a tiny element of proposed criminal justice reforms, the reform of “mens rea” provisions. These plans, if implemented, would require prosecutors to prove that a defendant was aware of the illegal nature of his or her actions and intended to cause them. Proving such intent would be nearly impossible for many financial, environmental and regulatory crimes but relatively simple for drug and property crimes.”

    “Republican lawmakers who insist on making this issue a quid pro quo are likely doing so not out of concern for the lives, families and communities torn apart by our broken system, but rather to please white-collar and corporate polluter interests who stand to gain the most.”

    Unbelievable. Don’t support mens rea because of who is most likely to benefit the most, even though it will help everyone. Fucking scumbags.

    1. Oh – and the people who would mostly be helped are actually those convicted of ridiculous laws no one could possibly imagine would actually exist. Yeah, why would the ACLU want to help them?

    2. First off, there’s no such thing as a “regulatory crime”. There are crimes, period. Regulations are not laws even if they’d like us to believe they are.

      Second, financial crimes would be pretty easy to find mens rea, should it exist. There’d almost certainly be a paper trail proving malice for any financial crime of significance.

      Lastly, what the fuck is an environmental crime? Like when the EPA destroys a watershed or something?

      1. An environmental crime is when you build a structure on land you own that may also be inhabited by certain protected creatures, or “wetlands”, or something like that.

        1. wanting the earth to stay exactly the same as it is now forever is like the literal definition of conservative. just sayin, as they say.

          1. not “literally” literally

      2. It depends on what you define as a financial crime. Under Sarbanes-Oxley a CEO or CFO can be criminally responsible for misleading financial statements even if it is adjudicated that they weren’t aware of the financial shenanigans.

        1. Like that would stand up under appeal.

          ::looks at current roster of Supreme Court and compares it to roster from a week ago::

          Shit!

      3. like when BLM in Nevada corralled about a hundred turtles off of Bundy’s land, and land nearby, and brought them to some “shelter” in the area, then spent so much money on their “troops” and combat helicopters and snipers they could no longer afford to feed said captured turtles… so they killed them. I’ll let YOU figure out the various points along the “road” of this sequence of events where “environmental crime” was perpetrated. Oh, I almost forgot, the wanton slaughter of about 80 head of cattle, left lying about to rot away, and the deep holes they did dig to bury some of them (and in so doing destroyed the borrows and tunnels of quite a few other critters that live there…. including the turtles). Our tax dollars hardly at work……

    3. How would it be nearly impossible for financial, environmental or regulatory crimes? It would actually be much easier. Big companies keep detailed records of nearly everything they do. They save emails. People work together on teams. They give lots of training to employees on regulatory requirements. These things would be a gold mine for a prosecutor trying to prove a defendant knew his actions were illegal.

      1. I think the issue is that many of these paper trails don’t reach the highest levels of large corporations usually. Proving that the CEO or CFO of a multinational corporation — if they have halfway competent attorneys and accountants — were aware of or involved in the malfeasance would likely be extremely difficult.

        But it’s not like the government has any real interest in locking up CEOs or CFOs of multinationals even with the lower standard of proof as it is. It’s much easier to go after street corner drug dealers with their overworked public defenders.

    4. “”Don’t support mens rea because of who is most likely to benefit the most, even though it will help everyone. Fucking scumbags”

      This is the same argument being made by progs against any sort of tax-cut proposals = “They benefit the super-rich!”

      well, yes, = of course they do. They make lots of money, and pay lots of taxes. But the same tax-cuts they deride as helping the “super-rich” would also return a few trillion$ to regular-joes over the next decade. They seem to think this point is less-important than the fact that Joe Bazillionaire would be paying 5% less income tax (when income hardly matters for high-net-worth people).

      I’d call it ‘cutting off the nose to spite the face’ but its actually dumber than that.

      1. Trickle down economics! Reagan! Evil incarnate!

        1. may it trickle down the legs of the gummint ninnies trying to do this…..

      2. more like cutting off your face to spite your nose

  5. Couldn’t Apple just unlock the phone and let the Feds have it without showing them the process? Not saying they should even do that, but is it really a matter of giving the Feds a backdoor to every Apple device?

    1. Apple made the phone in a way that they can’t unlock it. This was in response to increasing demands from police to unlock phones.

      Now a judge has ordered Apple to create a tool to bust into a phone that Apple can’t unlock and then give the tool to the FBI.

      1. I see. Thanks for the clarification.

        1. I had the same basic question.

          I was wondering if Apple could provide a ‘third option’ they weren’t asked for that would protect their encryption M.O. yet give the FBI the contents of the device.

          I suppose that’s also off the table because if they did that, they’d effectively make themselves open to the demand any time the FBI wants someone’s data.

          1. If I were a maker of safes, and had created a safe that could not be broken into, and the gov came knocking demanding I figure out a way to break into my own safe… I would send them a proposal that stated I would do so but the cost would be the gov repaying every dollar into R&D and company reputation building I had ever spent.

            It would be expensive. “Fuck you” expensive, if you will.

            1. and they would find, buy, or make, some judge to COMMAND you to do their bidding, else spend time in the GreyBar Hotel. Its called slavery. Forcing someone to DO that which they are not inclined to do of their own volition.

              SOrt of like FORCING a group of religious nuns, who abstain from all sexual activity as part of their commitment, to provide for their group insurance that pays for contraceptive and abortion services….. or FORCING a couple in Gresham Oregon to provide a service for a pair of clients for a specific event, which type of event the couple hold to be morally wrong (let’s say its a satanist seance as an example….)

    2. Apple’s letter says that if they create this backdoor, even if they intend to keep it in-house, once it exists it will eventually make it’s way out and that will ruin everything.

  6. All right-thinking people know that government is there to protect us from big corporations. The reverse is unpossible.

  7. What makes Syed Farook and Tashfeen Malik ‘terrorists’ as opposed to run-of-the-mill mass shooters. I’ve never seen Adam Lanza or James Holmes referred to as terrorists.

    1. Adam Lanza and James Holmes had no political goal to their murders. You’re right that it’s a nebulous term, but a crazy kid shooting up a school is obviously not terrorism in the way people killing on behalf of radical Islam is.

      I do think Anders Breivik was clearly a terrorist, but the media did refer to him as a terrorist pretty consistently.

      1. So you don’t find it weird that the same actions are classified as two different crimes just because one guy thought his god told him to do it and the other thought his dog told him to do it?

        1. well in fairness the guy who says is dog told him to do it is probably less crazy than the guy who said his god told him to do it, simply because the dog is real.

          1. Good point.

          2. Prove God isn’t real.

            It’s a lot trickier than me proving a dog can’t talk.

            1. My dog talks, but only I can hear him, and he’s invisible. Prove me wrong.

              1. I have no reason to prove you wrong. Your relationship with your dog is none of my business and has no impact on me. Therefore I won’t waste any energy ridiculing you for your beliefs.

                1. “Your relationship with your dog is none of my business and has no impact on me.”

                  You’ll be singing a different tune come Judgment Day, blasphemer.

                  1. “Therefore I won’t waste any energy ridiculing you for your beliefs.”

                    Seriously, though, I was merely making a joke about unfalsifiability. Forgive me if it came off as ridicule.

            2. Something something teapot…

        2. Not after “hate crime” is a thing.

        3. No, I don’t find it weird that terrorism means ‘an attack with a political goal’ and that based on that definition Adam Lanza isn’t one. So yes, I don’t find it strange that a term has a specific meaning that doesn’t apply to people who don’t fit that meaning.

          Also, there are specific differences in how you deal with terrorism vs. one off mass shooters. Once Adam Lanza was dead, that was the end of it because there was no one else involved in that shooting. Terrorists, on the other hand, frequently have international help or have been in contact with some other terrorist cell. So there is clearly a difference not only in definition but in how the issues have to be dealt with.

          Are you done being glib and sarcastic, or are you going to keep acting confused that words have specific meanings?

          1. Oh, and before you start misinterpreting this comment, I’m not in favor of the FBI snooping on peoples’ phones based on the relatively low threat terrorists pose in the US. I’m just pointing out that of course they’re going to be more interested in looking at a terrorist’s phone to see if they had contact with other terrorist cells than they’d be interested in looking at Lanza’s phone since Lanza was a friendless weirdo who never left his room.

          2. ‘an attack with a political goal’ is only half of the definition. the other half is ‘not aligned with US interests as defined by establishment’.

          3. But the FBI said that there is no evidence that the San Berdoo shooters were affiliated with terrorist organizations. So I guess I’m glibly and sarcastically acting confused about the distinction between whatever crazy religio-political narrative they constructed for themselves versus whatever crazy narrative Lanza and Holmes constructed for themselves.

            1. This tragedy could have been avoided if we only had terrorist licensing.

              1. Something like this?

              2. Tragedy could have been avoided if the Government didn’t mess with the Middle East Region for decades, Tragedy could have been avoided if they actually screened who they let into the country, Tragedy could have been avoided if Government didn’t have such strict gun control laws so the people in San Bernadino could have had a fighting chance to defend themselves. IMO government is more to blame for the tragedy than the actual terrorist.

            2. But the FBI said that there is no evidence that the San Berdoo shooters were affiliated with terrorist organizations.

              Yeah, Obama’s FBI. You can’t trust them, unless they are looking into Hillary’s emails.

              1. You can’t trust them, unless they are looking into Hillary’s emails.

                WTF? Did you get the same case of the stupids as dajjal? Who has ever said the FBI is trustworthy?

              2. why, FBI just did a bang up fine job of assassinating a political protester out in Harney COunty Oregon. Pumped their contacts for a tip on a trip they were taking, staged an illegal roadblock and “traffic stop”, began shooting at their car, which (duhhhh!!!) “left the immediate vicinity”, only to find a lethal force/illegal roadblock around a turn…. where the target exited the vehicle and was shot with his hands in the air pleading for the safety of his remaining passsengers still in the car…. multiple shots to the target, then fired about a hundred rounds into the vehicle…. only ONE of which managed to do superficial damage to one of the six passengers.

                Yeajh, THAT FBI are really top notch folks.. nothing but the best.

        4. Actually, as three different crimes…if “workplace violence” counts.

        5. Terrorism generally has a lot more premeditation involved, whereas the random school shooter may just go off his meds and slide very quickly from semi-functional adult into mass murderer. It’s nearly impossible to stop the Adam Lanzas of the world. Terrorist acts can be largely prevented with good investigations and intelligence, as well as security measures (like reinforced cockpit doors and armed pilots, not TSA rapescanners). Adam Lanza wasn’t training other school shooters or being trained by others. Terrorists tend to give and receive training and recruit others to the cause. While the outcome is still a pile of corpses, they are distinctly different in terms of motivation as well as effective prevention and detection.

        6. So you don’t find it weird that the same actions are classified as two different crimes just because one guy thought his god told him to do it and the other thought his dog told him to do it?

          I don’t, at least when the guy whose god told him to do it aligns with a global terrorist movement.

          If this was some random nutter who hears Gods voice in his Rice Krispies – not terrorism.

          If this is some guy who follows religious terrorist websites, openly aligns with them, and kills to advance their cause – terrorism.

          1. So if someone went on a shooting spree to get Yeezus off the hook for his debts, would that be terrorism?

            1. I’m’a let you finish, but it’s a gray area.

            2. That depends, has Kanye started his own religion?

              1. Arguably, yes. Though Bey’s seems to be more successful.

                1. Is your desire is to elide all (in your view, arbitrary) distinctions between the criminal motivations of mass-killers, so that the law treats them all equally (whatever that might mean)?

                  i.e. assume everyone just accepts your distinction-washing = what’s the consequence?

                  Every mass shooter is considered a ‘terrorist’, and we turn every instance of these things into a threat to national security, and an excuse to vastly expand federal law enforcement powers…? OR – none of them are terrorists! and we just pretend there’s actually no such thing as a global islamist movement which has and continues to motivate (when not directly organizing) mass-killings against westerners.

                  It doesn’t seem like there’s anything gained by pretending that all crimes are the same based on similarity of consequences, rather than different based on the nature of the motivations.

                  1. Are you conflating uniformity in classification of a crime with “elide(ing) all distinctions”? Motivation may be a factor in, for example, sentencing, but should not be a distinction when determination is made that a crime was committed. It’s material to society’s regard of the act and the possibility and nature of rehabilitation for the criminal, but not to the effect of the crime itself on society. Society’s loss is people. If it’s murder, we can assume intent is there regardless of motivator. It’s the part where the motivation becomes a crime in and of itself that it becomes a problem. imho (and I THINK this bears out, philosophically) that regardless of the venn diagram you make out of the prosecution of the crime, hate crimes and the like amount to “an extra helping of justice for all that not-right thinking you were doing.”

                    1. ….that, and it REALLY bugs me the way DC swoops in to prosecute some of this stuff after the state gets done with them. “They saved us from the murderin’, but only you can save us from the HATE, oh great Justice Dept! You’ll always use that power over ideologies for good, I just know you will!”

        7. so, which of the perpetrators of these three incidents had a dog that talked to them? Did anyone else know about the dog? Did the dog talk to anyone else?

    2. Hugh, DUH! Only Muslims can be terrorists. Get with the program.

      1. Can’t Lanza and Holmes be at least *home-grown* terrorists?

        *** kicks pebble ***

      2. So can animal rights activists and environmental groups. You do know that terrorism existed in America before the Muslims went cray cray?

    3. Title 22 & FBI definition of terrorist.

      Title 22 of the U.S. Code, Section 2656f(d) defines terrorism as “premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents, usually intended to influence an audience.” [1]

      The Federal Bureau of Investigation (FBI) defines terrorism as “the unlawful use of force or violence against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives.”

      1. The first definition sounds like your typical state or local government.

      2. so the Hammonds, of Hrney County Oregon, were NOT terrorists. They never used force or violence against persons or property, and were not about “furtherance of political or social objectives”. Their setting of that backburn was SOLELY to attempt to preserve their own home from being burned by a rapidly approaching fire they thought had been set by lightning….. they set those fires on their own peoperty to burn back to the main fire approaching from BLM land…. turns out BLM had deliberately set that main fire… which went on to burn hundreds of acres, and Hammonds’ neighbour’s home. That is NOT terrorism, yet the Hammonds are in federal prison right now for terrorism…….

        meanwhile FBI want to FORCE Apple to access a cell hone of a dead murderer…….. twisted priorities, or what?

    4. “Terrorism” used to have a specific meaning. It meant using random violent acts against civilians in order to induce political changes. The Irish Republican Army used random violent acts in an attempt to create an independent Northern Ireland. Now, it means any violent act that scares people.

      Paradoxically, the real terrorists are the politicians who take advantage of people’s fear of random violence to implement a police state. What they are doing fits the exact definition except that they are not perpetrating the violence themselves.

    5. What makes Syed Farook and Tashfeen Malik ‘terrorists’ as opposed to run-of-the-mill mass shooters. I’ve never seen Adam Lanza or James Holmes referred to as terrorists.

      The big new thing among the anti-gun crowd is to refer to all mass shootings as terrorism and to call the NRA a terrorist organization.

      Since mass shootings cause terror among the progs. I have friends seriously discussing whether or not it is safe to go to the movies, attend concerts, go to conventions, etc., because of the potential for a mass shooting.

      They also like to claim that the only reason the media doesn’t call mass shootings terrorism is because most mast shooters are white.

      1. I have friends seriously discussing whether or not it is safe to go to the movies, attend concerts, go to conventions, etc., because of the potential for a mass shooting.

        tell them two things:

        First, they are FAR more likelhy to die on the drive to/from said venues than to die of harm in such an attack.

        Second, tell them to grab the bull by the horns, arm up, obtain the needed skills to handle their new carry gun, and be prepared to be the First Responder to take out the perp when he opens fire in the theatre, school, concert hall, banquet room. Instead of cowering in the corner, staying home, and whimpering aout the “lions in the streets”, tell them to grow up and take responsibilityh for their OWN security, which is really what that hated Second ARticle o Ammendment says… “the security of a free state” is supplied by the PEOPLE comprising that free state. And THIS is why our right to the tools of defense belongs to THE PEOPLE (not military, government, law enforcement,private security). I carry everywhere I go, and if I can’t carry in there I just don’t go there. WILL I get a clean shot at the perp? Doubtful….. but it is possible. If I never am armed, it is certain… that I wont. And as has been often proven, just showing the gun is enough to cause the perp to make an informed decision……

    6. What political change was Lanza and Holmes trying to institute through terrorizing civilians?

    7. Anybody who shoots at least one person and isn’t progressive or a member of a protected class is by definition a terrorist, so that they may then take liberties away from us.

    8. Probably because they did not communicate with like minded people intent on killing Americans… Or that the wife was an Islamist….

      I mean did you not read anything about these people when these events unfolded….

      I barely did and I know why?

  8. My hat is off to Apple for standing up and saying no. I would encourage all to use full disc encryption on not only their phones but there computers as well. http://www.Ultimate-Anonymity.com is a good place to start.

    1. Oh, bravo.

      1. That was high quality botting there, that was!

        1. when will it get better at usernames?

  9. whether the judicial system can force a private company to develop certain tools for the purpose of furthering the government’s goals.

    Show me where in the Constitution ?.

    1. Something something domestic tranquility interstate commerce necessary and proper. But mostly the FYTW clause.

      1. Well, it ain’t the Thirteenth Amendment, that’s pretty certain.

    2. reality: nowhere in the Constitution are FedGov tasked with law enforcement, such as in investigating this mass shjooting in San Bernardino. That is California’s and the SBCSO’s office’s work. SO, FedGov threatening violence against Apple to coerce them to perform against their wishes is… terrorism.

  10. “Republican presidential front-runner Donald Trump has no interest in any sort of nuanced discussion of privacy and civil liberties and has demanded that Apple comply, saying, “To think that Apple won’t allow us to get into her cellphone? Who do they think they are? No, we have to open it.””

    Trump – Populist Establishmentarian!

    Fucking cocksucker.

    1. you think any of the other candidates disagree?

      1. That Trump’s a cocksucker?

      2. I hope it comes up at the next debate.

    2. Don’t worry, Trump will make cocksucking great again.

      1. He’ll suck so much cock, we’ll be bored of the cocksucking!

    3. An authoritarian populist is not a contradiction.

  11. “To think that Apple won’t allow us to get into her cellphone? Who do they think they are?”

    “To think that Obama won’t allow us to get into his college transcripts? Who does he think he is?”

    “To think that Hillary won’t allow us to get into her Wall Street speeches? Who does she think she is?”

    It’s righteous indignation all the way down!

  12. Republican presidential front-runner Donald Trump has no interest in any sort of nuanced discussion of privacy and civil liberties and has demanded that Apple comply, saying, “To think that Apple won’t allow us to get into her cellphone? Who do they think they are? No, we have to open it.”

    As has been clearly demonstrated time and again, Trump says “fuck you” to all the right people.

    1. I’m thinking this is a great opportunity for The Donald to show his supreme negotiating skills! Get Cook on the phone, stat!

    2. Then I guess he’d share everything on his phone, just to be safe.

    3. “No, we have to open it”

      Knock yourself out, Donald. Go ahead and try. But Apple should not be conscripted into doing it for you.

  13. Republican presidential front-runner Donald Trump has no interest in any sort of nuanced discussion of privacy and civil liberties

    I hope that piece of shit meets up with a woodchipper also uninterested in any sort of nuanced discussion. The guy is a goddamned megalomaniac and hasn’t even won an election yet.

    1. If he’s going into the chipper over this, he’s gonna be at the back of a long line. Trump is a clown, but Feinstein, Burr, Obama and a whole host of people that are already in office and trying to take our privacy away (you know, the ones with an actual means to) deserve a hell of a lot more scorn than a person still on the sidelines.

      1. THE woodchipper? If we’re only gonna have one, there’s no point then.

      2. Not to mention the entire advertising department of the Sirius Cybernetics Corporation.

  14. I will switch to the iPhone if Cook keeps his promise and doesn’t back down.

    If he backs down, the Apple devices I DO have will be shitcanned.

    1. Yeah. I was looking at upgrading, but if he folds, I’ll be switching to smoke signals (Google can suck a fucking dick cause they will just roll right the fuck over for whatever government bosses them around).

      1. Yeah, if Apple is forced to compromise, there is no point switching to any other brand.

  15. All this might work on an Apple device where the communication tools are locked down by Apple, but what about other devices where third-party developers can easily write their own encrypted communication apps? Are they going to start demanding that key-loggers be integrated into every device so they can capture a message before it gets encrypted? Will they force online stores to remove all apps that feature encryption?

      1. And don’t be surprised if they start confiscating Apple phones and computers at the border – encryption is a munition after all.

  16. You are never likely to hear me say this again, so please enjoy it on this occasion. Hooray for Apple!

  17. It was his work phone, so the government owns it. The government should sue itself for providing an encrypted tool used for terrorism.

    1. Whoa. I mean, “reasonable mistake of law”.

    2. I think it should just go ahead commit hari kari

      1. Or would that be cultural appropriation

      2. I have no idea what hari kari is.

        Hara kiri, that I can support.

        1. Didn’t he used to announce for the Cubs?

    3. Wait, so the government is trying to force Apple to access its own device? That actually makes it a much messier case…

    4. they were talking as thuogh it was HER phone….. and I don’t remember her working for the gummint. May be wrong, but that’s my remeberer in action there.

  18. Let’s not forget that if it can be done to one device by Apple it can be done to all the others by someone else. Sure this thing is supposed to come with a lockout to ensure the update can only be run on the SUBJECT DEVICE – but that’s just someone writing an ID number in the code. An ID number that can then be altered by someone else.

    And if one US government agency can get this, then all US government agencies can get this. And if the USG can get this, well why wouldn’t every other foreign government be able to get it? China’s government is as real as ours is and enjoys penetrating IT security, why couldn’t they order Apple to make these tools for them under pain of imprisonment or revocation of their permission to do business? Saudi Arabia may be interested in being able to better monitor dissidents.

    And if foreign governments can get it, so can criminals.

    And if criminals can get it, so can terrorists.

    1. Well you can be sure the USG won’t do something stupid with this software, like store on an unencrypted server at the Department of Interior….

  19. This not about Syed Farook’s iphone. That is just the excuse.

    1. So, it’s about the $100 bill?

  20. GOD STOP SHOWING THOSE TWO HIDEOUS PIECES OF SHIT!!! ESPECIALLY THAT “WOMAN”!!! SHE IS UGLIER THAN HOMEMADE SIN!!!!

    1. the uber loser mad at the world type is almost always ugly. soon perfect 10 privilege will be a thing.

      spoiler alert its not even a privilege its fucking exhausting all these chix constantly hitting on me. I just want to get the groceries done leave me alone.

  21. Apple employees better hope their student loans are paid up.

  22. Feed a grizzly in the kitchen and you’ll end up homeless.

    The tech industry was bopping along breezy tinseled streets with their dapper mainstream top hats sparkling the fresh green dew of venture humming the Stooges over Starbucks and thumb presses…

    …too fucking distracted or nationalist to give a shit about the shuffling violent barbarian stepping over the threshold of the inner sanctums they built for the digital society to exist, work, and play within peacefully unencumbered by the stifling madness of bureaucracy.

    Fuck that. The slobber of hell is on everything it seeks to secure and Apple is about to get mauled which is the only fucking reason Cook is shrieking.

    Republicans and Democrats are ripping the goddamn arms off our country and playing patty cake with our motherfucking entrails while the ‘well-meaning and law-abiding’ rush for alternatives that have even longer fucking fangs and claws.

    1. Feed a grizzly in the kitchen and you’ll end up homeless.

      Unless you’re Russian, in which case you don’t give a fuck.

      DON’T feed a grizzly bear when it thinks you ought to, and it will eat your truck instead.

    2. The slobber of hell is on everything it seeks to secure and Apple is about to get mauled which is the only fucking reason Cook is shrieking.

      I haven’t been around lately because Real Life intruded on me (money, health, kids, drama, the usual suspects), but I actually missed you and your genius with words.

    3. guess there’s a whole lotta effing going on, eh?

  23. If Apple complies their international sales would be greatly impacted. A lot fewer Chinese would buy an iPhone if there was a tool out there that can unlock it. It would be only a matter of time before the Chinese government got the tool.

    1. They’d just need to wait until Hillary emails a copy of it to someone. Then it’s pretty much public domain.

  24. Why the hell can the courts compel an uninvolved third party to spend their time and money helping the prosecution? Furthermore, what if all of Apple’s engineers refuse to play along? Jail them all for contempt?

    1. They are trying to use the All Writs Act.

    2. More likely indict them for obstruction if I had to guess…..

    3. Why can the legislature force me to buy health insurance? Seriously though, yes I’d bet they’d jail them for contempt if the engineers didn’t play along.

    4. tis aint to help the prosecution.. the perps are all dead. (the ONE thing LE did right in this incident… but it was the SBCSO did the fine work bringing this to an end… after FedGov and Calif State did much to let it happen. Their real desire is to have the tools to unlock every phone they can get their hands on. This is just a kick at the door to get it open. Let’s hope Apple stand strong.

    5. Why the hell…

      We’ve been over this again and again.

      BFYTW.

  25. Yahoo CEO, Marissa Meyer has gone som far as to Support the practice “Work at home” that I have been doing since last year. In this year till now I have earned 66k dollars with my pc, despite the fact that I am a college student. Even newbies can make 39 an hour easily and the average goes up with time. Why not try this.

    Clik This Link inYour Browser…….

    ? ? ? ? http://www.workpost30.com

    1. Yahoo CEO, Marissa Meyer has gone som far as to Support the practice “Work at home”

      Uhhh… it appears you are a bit out of date, work-from-home-bot.

      1. Give ’em another month or two, and she may well not be CEO, either.

  26. These arguments that have been made about this issue seem to be about the government wanted to protect us against terrorists and tech companies fear that this would allow for government overreach.

    I hear very little about what I would fear most about giving the FBI a “backdoor”. ID theft would explode. Look at the data breaches with credit card info at Target and other companies in the last few years. Now Google and Apple want to promote payment with devices (i.e. ApplePay). Giving the backdoor to the FBI would effectively kill this as it relies on good encryption. Not to mention all the other current functions we use our smartphones for that rely on the fact that the data is encrypted. Does anyone actually think that hackers would not figure out any backdoor into security on these devices within weeks?

    1. Agreed. And we have already seen two real-world examples of unintended consequences with the SSL Export-Grade encryption regulations of the 90s coming back to bite us by making it ridiculously easy to hack any device where the administrator forgot to turn off the Export-Grade encryption.

      http://thehackernews.com/2015/…..ility.html

      “Like Freak, Logjam is another exploit that takes advantage of legacy encryption standards imposed by the U.S. government in the 1990s-era on US developers who wanted their software products to be used abroad.”

  27. Can’t they get, make, a warrant that limits the opening to this one phone only. where the FBI goes to apple and apple opens that one phone for them. As a Building designer I’ve had lawyers ask me to open specific files that I have the programing for. In one case I said I was a biased person and wouldn’t do it but I also told them they need to have both parities lawyers in the room when opened to ensure the opener knew what they were doing.

    1. Can’t they get, make, a warrant that limits the opening to this one phone only.

      Sure they can. But that doesn’t mean the government will keep its word. After all, they’re a bunch of liars who face no consequences for their illegal actions. Once Apple creates a method to unlock one phone, every cop in the country will be using it whenever they get their filthy paws on an iPhone.

    2. They can make a warrant demanding I provide a unicorn. That doesn’t mean it’s possible for me to deliver it.

    3. The order dors not just force Apple to develop a tool and then use it. It forces Apple to give the tool to the FBI so they can get the data. That tool can be used on any other phone. That’s the crux of why Apple is refusing the order.

      1. under my scenario the code stays in house at apple and the FBI has to go to them. That being said after watching the news during lunch I realized the government already knows everyone these people called or texted. thats what the NSA has been doing keeping track of all phone calls, and their carrier knows as well. The FBI can get that info from the NSA then go to those he called or texted and get a warrant to force those people to allow the FBI access to their personal phones. problem solved and they have already probably done this already so it tells me they just want a back door period and they are using this as an excuse

        1. and once it’s known that a backdoor exists how long until an Apple employee is bribed to provide the code to hackers? Even before that happens, will people buy fewer Apple phones expecting that at some point in the future their security may be hacked, with the key sitting in Apple’s office?

  28. Yesterday a judge sided with the FBI, ordering Apple to not exactly create a back door to bypass its encryption, but pretty damn close. The judge has ordered Apple to assist the FBI by making it possible to bypass or deactivate the auto-erase function that deletes the contents of the phone after too many failed password attempts; to allow the FBI to electronically submit passcodes rather than manuall

    These are very important details. Very. If Apple has real encryption, they can’t provide a backdoor to the FBI. Because with real encryption, the creator of the encryption can’t crack it.

    I’m not 100% sure I have a problem with the judge ruling that apple has to disable the auto-delete function which will let the FBI brute force it. As a matter of law, this doesn’t seem cut and dried.

    Now, if Apple is eventually forced and is able to provide some sort of ‘back door’ to the encryption itself, then Apple’s encryption can’t be trusted.

    1. What’s the effectiveness difference between providing the FBI with a tool to decrypt and a tool to be able to brute force a password? Both allow for access to data. One just makes the access a little harder.

      1. The tool is allowing the bypass of the auto-delete, not the decrypt. The tool does ‘further the government’s goals’ in the ultimate end– which is decryption by removing the volatility equation in the data. My point here is this doesn’t seem quite as cut and dried.

        Presuming apple is using a standard encryption scheme– the government has the exact same chances of cracking this data vs another dataset encrypted with the same scheme. The issue here is the attached security mechanism: the auto-delete. As I previously stated, IF Apple IS using a standard, real encryption scheme, Apple physically can’t help them with the encryption scheme itself. I’m focussing on the comment about ‘furthering the government goals’ in regards to blocking or disabling the auto-delete function. Which is at the core of this post.

        1. Sorry. I misread your comment. I thought you were saying that the government has no right to force Apple to decrypt, but you think it’s OK to force them to bypass the auto delete. You didn’t say the former. My bad. I disagree that it’s OK to force Apple to bypass the auto delete, but that’s a different debate.

      2. Depending on the key size, the difference is large.

        Like, with proper encryption, and current techniques, even presuming perfect efficiency, it requires a lot of energy to perform enough operations to find the key, unless they get lucky.

        http://sixdemonbag.org/cryptofaq.xhtml#entropy

        I still think Apple should tell the FBI to fuck off.

        1. I still think Apple should tell the FBI to fuck off.

          If I understand the post, they did, and a Judge just said “not so fast”. So Apple’s next step is to tell the court to fuck off.

    2. If Apple has real encryption, they can’t provide a backdoor to the FBI.

      That’s what I was wondering about at first too. If it’s cryptographically secure, it’s secure, right?

      I think the practical problem is that Apple probably isn’t strict enough on it’s password requirements to make their algorithm secure, particularly from the Feds.

  29. When Cook is arrested and charged with “aiding and abetting terrorists” we’ll see what happens.

  30. So among the many questions we’re dealing with here is whether the judicial system can force a private company to develop certain tools for the purpose of furthering the government’s goals.

    As a supporter of encryption specifically to keep my government out, this just doesn’t seem like a red-letter test case.

    If I have a self-storage place and an investigation finds that two terrorists involved in an attack had a storage unit in my facility, if the government gets a warrant to search it, I have to let them into the building and through the security. I am “providing the tools for the purpose of furthering the government’s goals”.

    What Cook doesn’t say but should be extremely obvious is that even if Apple creates only one of these devices for the government, the feds will most certainly try to backwards-engineer the tool to figure out how to replicate it.

    Maybe. The government has that ability now, they just don’t want to take the time to develop it. All the government has to do is pull the encrypted data off the phone and attack the data directly. I’m guessing the steps to do this are dangerous (they may lose the data in the process) and the circumstances are exigent?

    1. If I have a self-storage place . . . .

      Totally fucking irrelevant to the matter at hand.

        1. Then you are an idiot

            1. Buildings are subject to pretty clearly defined laws and procedures for searches. And buildings on their face are not used for secure storage per se.

              A better comparison is a safe, where the shooters bought an uncrackable safe and the feds want the safe maker to ruin their product line by cracking it.

    2. You don’t have to let the agents in. Their warrant permits them entry into the specific address listed on the warrant. If you choose not to let them in, they may simply break down the door and legally enter the property.

      Same for Apple…they don’t have to grant entry into a device they developed any more than Schlage would have to provide a key to the lock on the storage unit. Or granting entry as the property owner.

      In this instance, the owner of the property to be searched, San Berdoo, has complied with the order. Nobody else can be compelled to grant entry.

      1. I find it difficult to believe that there has never been a case where a private company has been forced to “develop certain tools for the purpose of furthering the government’s goals.”

        That’s a very broad concept. The only question remaining here is the comment about the government using or reverse engineering that tool for all future searches. That’s a possibility, and I don’t have an answer for that because it’s hypothetical.

        1. Pen registers are allegedly an example of a case where a private company has been forced to “develop certain tools for the purpose of furthering the government’s goals.”

          1. Yes, but those are pursuant to a statutory law.

          2. Excellent example. It seems to me that since the invention of the POTS (telephone system as just one area of technology) that there’s a long history of private companies “developing the tools that further the government’s goals.”

          3. Pen registers is a good example.

            But wouldn’t phone companies have wanted those anyway to ensure correct billing and to have evidence in case a customer disputed a bill for long distance calls? I remember long distance calls being rather expensive back in the 80s. I can’t imagine the phone companies not keeping a record to ensure they were charging their customers as opposed to keeping them for big brother.

            1. According to the law, a pen register and a billing record are not the same thing. Everything besides the dialed number in the pen register would be pretty useless in a billing dispute. All the extra information establishes is that the phone company did indeed try to connect a call with that dialed number. The phone company would only retain the information for diagnostic purposes.

              It’s not entirely clear that the law requires them to do anything particular, except retain those records for a certain amount of time, and provide them to the government upon lawful request.

              1. Gotcha. Thanks for explaining it.

    3. All the government has to do is pull the encrypted data off the phone and attack the data directly.

      Yep. They “just” have to brute-force a 256-bit key.

      Sigh

      1. That’s not the issue at hand. I’m not suggesting they’ll be successful, but it’s clear that’s what they want to do. The ‘all’ statement refers to bypassing the auto-delete function, which is what’s at the very center of this blogpost. The cracking of the encryption itself is actually the secondary issue.

        1. The ‘all’ statement refers to bypassing the auto-delete function, which is what’s at the very center of this blogpost. The cracking of the encryption itself is actually the secondary issue.

          Bypassing the auto-delete function by doing something almost certainly impossible? Doesn’t sound like much of a bypass to me.

          it’s clear that’s what they want to do

          No, it’s not. It’s clear that they want to do what they are asking (ordering) Apple to help them do: brute-force the password, which is a different, much more tractable problem than brute-forcing the key, even though Apple, like everybody else who knows what they’re doing, makes it non-trivial by using a large number of rounds in their key-derivation function (their security guide estimates that it hence takes 80ms to calculate).

          1. their key-derivation function

            N.B., this is not meant to imply that they use a proprietary key-derivation function; IIRC they use PBKDF2.

          2. which is a different, much more tractable problem than brute-forcing the key,

            I understand your point. We have kind of a two-factor problem here. Apple has provided a standard encryption scheme, but everyone knows it’s locked with a finite (presumably?) numerical pin.

            The passcode is entangled with the device’s UID, so brute-force attempts must be
            performed on the device under attack. A large iteration count is used to make each
            attempt slower. The iteration count is calibrated so that one attempt takes approximately
            80 milliseconds. This means it would take more than 5? years to try all combinations
            of a six-character alphanumeric passcode with lowercase letters and numbers.

            From the blogpost The judge has ordered Apple to assist the FBI by making it possible to bypass or deactivate the auto-erase function that deletes the contents of the phone after too many failed password attempts

            Could apple not simply disable the ‘auto-erase’ function leaving the rest of the input security intact, thus providing the FBI with 51/2 years to try all combinations?

            1. Could apple not simply disable the ‘auto-erase’ function leaving the rest of the input security intact, thus providing the FBI with 51/2 years to try all combinations?

              They probably can, which is probably why Tim Cook did not say otherwise in his open letter.

              1. See my post below to Kinnath. This whole thing raises secondary concerns beyond the legalities of this case.

                If you’ve read Schneier’s “Applied Cryptography” which I did many, many years ago, if Apple has within its hands the ability to defeat its own security, then it’s not very good security. But admittedly that’s a secondary, technical discussion not based in common law.

                1. Any feature like “auto-delete” is going to exist in software only* and so can be defeated with some knowledge of the software. While you are correct about “very good security”, it is generally accepted that a 6-character password is not “very good security” anyway. The going standard presently is 14 randomly-chosen alphanumeric characters (upper and lower case letters and numbers) to put brute-force times in range of “after the likely end of the universe”, even with massive computer clusters (at present-day capabilities).

                  * = There are definitely ways to frustrate software compromise, and software can be augmented with hardware, up to and including physical destruction of essential components. However, these latter means are expensive and imperfect (shook your phone too hard? oops, you released the dissolving agent and all your data is gone), and so don’t see widespread adoption outside of international espionage.

                  1. Any feature like “auto-delete” is going to exist in software only* and so can be defeated with some knowledge of the software

                    or the ability to bypass it with direct access to the hardware. Forgot to mention that part.

            2. Important note: it would take 5.5 computation-years to decode the password (on average). If you used 1,000 computers, then it would only take 2 days.

              1. If you used 1,000 computers, then it would only take 2 days.

                And your proposal to extract the UID and GID?

                1. I was only commenting on the “5? years” number. I did not propose, nor do I have any proposal for, an effective technique for doing so.

    4. If I build a security system for a physical location (like a storage locker) that automatically destroys the physical contents of the secured location . . . and then sell the security system to a customer . . and then a judge rules that I have to create a tool to disable the security system that the customer has activated . . . while knowing that the tool will render the product used by millions of other people totally useless. . .

      then you might actually be comparing apples to apples

      1. Thank you, now we’re back to having a reasonable, meaningful discussion. So I ask again, is there no example in history remotely analogous where a warrant or writ has forced a private company to develop a tool to further the govenment’s goals… taking your example as a template? Because remember, to REALLY keep it Apples to Apples (pun intended), the customer has a scrambler which makes the contents of the locker unreadable, which the government still has to deal with even after the owner of the physycal location develops this too. *provided apple is using a real encryption scheme yadda yadda

        1. is there no example in history remotely analogous where a warrant or writ has forced a private company to develop a tool to further the govenment’s goals

          I don’t give a shit about this question.

          while knowing that the tool will render the product used by millions of other people totally useless.

          The government’s argument is “we’re the government, you can trust us”.

          The answer is “No we can’t trust you, because you are the fucking government.”

          This ruling offends me as both an engineer and a libetarian.

          1. Yeah, you and me both. I understand the sticky problem of the government using this technology for all future searches, but that’s a genie-out-of-the-bottle question. If the government were interested, they could build this technology themselves, now.

            If anything, what this tells us is that Apple has created an encryption system totally dependent on its auto-delete function. And I asked that question above (which Carl is trying to answer, but I’m not sure he has)– what’s the value of Apple’s encryption beyond a chip programmed to allow you to punch in a 4 digit code? If you read Schneier’s “Applied Cryptography” the inventor of your security scheme shouldn’t be able to crack the security scheme, otherwise it’s not true security. It’s entirely dependent on the veracity of that inventor. But I admit this is a secondary discussion.

            1. If the government were interested, they could build this technology themselves, now.

              If they could, it would already exist.

              They need insider information and don’t have it now.

              but that’s a genie-out-of-the-bottle question

              No. The judge just pulled the cork. We have one and only one shot to shove it back in before the genie gets out.

              1. If they could, it would already exist.

                I would be very surprised if the NSA doesn’t have an entire wing with a lab filled with late model cell phones, employing kids like this.

                For instance, if Apple were hacked and all their schematics and design documents put out on Wikileaks, would it be impossible to bypass these functions sans Apple’s complicity?

                I agree they don’t have it now because if they did, the contents of the iPhone would already be known and the government wouldn’t be going through this exercise.

                As an aside– this also tells me (us) that the government ISN’T cracking all these devices as some suggest- so in a way, this gives me hope. I guess what I’m saying is this (to me) merely seems like an issue of resources that the FBI isn’t willing to expend.

                1. I agree they don’t have it now because if they did, the contents of the iPhone would already be known and the government wouldn’t be going through this exercise.

                  Or that’s just what they *want* you to think…

                  If they had the ability to crack, they’d certainly want to make people think they don’t.

            2. If anything, what this tells us is that Apple has created an encryption system totally dependent on its auto-delete function.

              The system is dependent on the strength of the password with the auto-delete function present as defense-in-depth.

            3. If the government were interested, they could build this technology themselves, now.

              Beyond matters of whether they have the expertise or willingness to reverse engineer and produce a modified version of the firmware, the device will not accept an update not signed by Apple, a point lost on many discussing this issue.

              1. the device will not accept an update not signed by Apple, a point lost on many discussing this issue

                Can’t they subpoena the signing key?

                1. IANAL, so I don’t know. I’m sure it would be a much more protracted legal battle than this much more narrow order.

              2. and produce a modified version of the firmware, the device will not accept an update not signed by Apple, a point lost on many discussing this issue.

                Does jailbreaking an iPhone not bypass this very limitation?

                Can’t they subpoena the signing key?

                Kbolino, that sounds like a distinction without a difference. If we accept the signing key premise, we’d have to accept the first premise– to me at least.

                1. Does jailbreaking an iPhone not bypass this very limitation?

                  I am not well versed in the iOS jailbreaking scene so I will not go into much detail so as to avoid giving any incorrect information, but the answer is:

                  Yes, jailbreaks are used to install unsigned applications but jailbreaking, because it is usually a form of privilege escalation, has little relevance to changing the behavior of a powered-off* device before placing it in DFU mode. However, that is not to say a signature enforcement bypass could not / does not exist.

                  *The fact that we were are discussing changing the firmware suggests that it either came to the FBI powered-off or they were incompetent enough to let it lose power.

                  1. *The fact that we were are discussing changing the firmware suggests that it either came to the FBI powered-off or they were incompetent enough to let it lose power.

                    I’m guessing the former.

                  2. it is usually a form of privilege escalation

                    I agonized over phrasing but still muddled it. Here:

                    it usually requires a privilege escalation exploit

    5. Your phone isn’t a storage place, it is in effect, your papers.

      If you’re walking around with a book written in code, the government shouldn’t be able to force the publisher to provide the key to that code.

      1. Your phone isn’t a storage place, it is in effect, your papers.

        I agree with this 100%.

        If you’re walking around with a book written in code, the government shouldn’t be able to force the publisher to provide the key to that code.

        We have a case where (I presume) a warrant has been issued based upon probable cause, supported by oath or affirmation, particularly describing the place to be searched…

        and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

        1. I doubt a warrant was issued. The phone belonged to the government agency he worked for.

          But in any case, the FBI has the phone. That’s all a warrant does- allows the government to get the physical device. A warrant is not an order to a third party to help you figure out what the things mean. That’s why they are relying on the All Writs Act.

          1. I’m not defending the all writs act, but again, this won’t be the first case:

            On October 31, 2014, the act was used by the U.S. Attorney’s Office in New York to compel an unnamed smartphone manufacturer to bypass the lock screen of a smartphone allegedly involved in a credit card fraud.[3]

    6. the self storage analogy is useful but not quite apt; it’s closer to if you were a lock manufacturer that designed an advanced lock and were compelled to design a means to defeat all of your locks for the purposes of the government getting into one (at the time) storage unit.

  31. The FBI could do this themselves without having to contact Apple by just building a device that fits to the screen of the iPhone that can electrically trigger each capacitive (virtual) button on the screen, then run all the number sequences through that. It would be slower than a direct connection over the Lightning cable, but it would still be quite fast.

    Alternately, they can take apart the phone and hook directly into the digitizer cable and send the signals that represent keypresses and swipes. A bit harder to pull off but a bit faster.

    But of course the FBI wants to backdoor EVERYBODY’S phones, so they seize the opportunity to use this extreme case (they’re uber-bad terrorists–nobody wants the terrorists to win, right?) to break down everybody’s rights.

    1. The FBI could do this themselves without having to contact Apple by just building a device that fits to the screen of the iPhone that can electrically trigger each capacitive (virtual) button on the screen, then run all the number sequences through that. It would be slower than a direct connection over the Lightning cable, but it would still be quite fast.

      you missed the relevant part: auto-erase function that deletes the contents of the phone after too many failed password attempts;

      I don’t know the level of encryption that Apple is using, but even without the auto-delete, it’s likely it could take years or decades at push-button speeds. I believe that what the government wants to do is a high-speed brute-force attack inputting directly to the system allowing (presumably) for thousands of attempts per second.

    2. “”Rather, there seems to still be a solid case that law enforcement treats crimes with similar consequences differently based on differences in motivation. “”

      Yes. My read on this thing is that the FBI probably doesn’t “Need” Apple to hand them the tools, and that they could do so themselves.

      The reason they’re not doing it themselves is because this is an opportunity to politically force a company to abandon any pretense to offering real encryption to consumers, and convince anyone else doing so to never try, because sooner or later the feds will want the keys.

      they want to kill consumer encryption writ-large, not just get into this phone. Hell, i wouldn’t be surprised if they didn’t even need what was in there, having captured traffic to/from it via other means. It seems to me that the “brute force” here is the Law trying to crack Apple’s lack of compliance via threats and political jawboning.

      1. The reason they’re not doing it themselves is because this is an opportunity to politically force a company to abandon any pretense to offering real encryption to consumers, and convince anyone else doing so to never try, because sooner or later the feds will want the keys.

        Despite the disagreements above about whether or not the government can do this now, this is what I’m wondering.

        1. Yes, i’m not interested in the technical debate at all.

          The fact is that the way this issue is being approached by the FBI / DoJ the way it is (in a very high-profile way) suggests that they’re not doing this for the stated reason (as though the contents of this phone are crucial to anything they couldn’t aquire by other means) – they’re doing it to force the largest IT company on earth to provide an example for the rest of the world. ‘Everyone complies in the end’.

          Its an opportunity to force concessions for their own sake. because they know that in the future it will only get harder.

          1. The Federal Borg Invaders are very clear that resistance is futile. Apple will be assimilated and its technological distinctness will be added to their own.

        2. The reason they’re not doing it themselves is because this is an opportunity to politically force a company to abandon any pretense to offering real encryption to consumers, and convince anyone else doing so to never try, because sooner or later the feds will want the keys.

          Who says they’re not doing it themselves?

          I see an opportunity for the government to convince people that Apple products are secure against them.

          The best result is for the government to be able to crack the encryption and have everyone believe that they can’t.

  32. “The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data.”

    And it will be used, at the government’s pleasure.

    1. Yes. Any references to slippery slopes or hypotheticals as to what the government would do with such a tool, when they reverse engineer it, are fantasy. They WOULD use it whenever the hell they damn please.

  33. Tweeted by Adam Housley of Foxnews

    Federal Agent involved in case tells me “Nobody can build a house we can’t get into, but Apple is allowed to build a phone that blocks?”

    1. You should tweet back that there’s a *yoooge* difference between ‘Nobody *can* build a house you can’t break into’ and ‘Nobody is *allowed* to build a house . . . ‘

  34. The government sees itself as omnipotent and therefore requires omniscience to properly control everyone and everything. Encryption denies omniscience to the government thereby limiting its power. This is an issue of power and control, not of terrorism. Who shall control things, the government or the individual?

    Trump’s hysterical reaction “Who do they think they are?” expresses what every politician feels but rarely says in public.

  35. til I saw the receipt that said $6460 , I did not believe …that…my mother in law woz like they say actualy earning money in their spare time from their computer. . there aunt started doing this for under thirteen months and recently cleard the depts on there mini mansion and bourt a great Aston Martin DB5 . go to this website…

    Clik this link in Your Browser

    +++++++++ http://www.Wage90.com

  36. I don’t know if it’s urban legend, but supposedly there was a case of a Brazilian business man using TrueCrypt on his laptop, and he was under investigation for something– the Brazilian government seized his laptop but couldn’t crack the encryption. They then send the laptop to the FBI for their help, and the FBI couldn’t crack it either.

    As we all know, Truecrypt is no more. Insert your favorite conspiracy theory here.

    1. The code is in the public domain and several people are trying to produce new products based on it. So far, no one has been able to break the last full release of TrueCrypt prior to the developers of the original code releasing the “death version”. That version warns that TrueCrypt was no longer safe and suggested that users migrate to Microsoft BitLocker. I would never trust Microsoft.

      1. Which is why I still use the last release of TrueCrypt. I believe its successor is Veracrypt, but until real mathematicians and cyptography experts do an audit, I’m sticking with TruCrypt.

  37. Start working at home with Google! It’s by-far the best job I’ve had. Last Wednesday I got a brand new BMW since getting a check for $6474 this – 4 weeks past. I began this 8-months ago and immediately was bringing home at least $77 per hour. I work through this link, go to tech tab for work detail.
    +_+_+_+_+_+_+_+_+ http://www.incomefactory.orgfree.com

  38. My roomate’s sister makes $54 an hour on the internet . She has been without work for five months but last month her pay was $12114 just working on the internet for a few hours. linked here….ga……..

    Clik this link in Your Browser…….. http://www.alpha-careers.com

  39. So we have to rely on one of the biggest tech corporations in the world to protect us from the government. I wonder how many sci-fi cyberpunk writers saw that twist coming.

    David Friedman?

  40. So, there is case law that finds forcing a suspect to un-encrypt hard drives is unconstitutional.
    From wikipedia:

    United States v. John Doe[edit]
    In 2012 the United States 11th Circuit Court of Appeals ruled that a John Doe TrueCrypt user could not be compelled to decrypt several of his hard drives.[89][90][91] The court’s ruling noted that FBI forensic examiners were unable to get past TrueCrypt’s encryption (and therefore were unable to access the data) unless Doe either decrypted the drives or gave the FBI the password, and the court then ruled that Doe’s Fifth Amendment right to remain silent legally prevented the Government from making him or her do so.[92][93]

    Several instances are cited. Did the DOJ or CIA or FBI go after Truecrypt? If so, what was the outcome?

    1. Maybe apple can take the fifth as well since the Scotus reaffirmed corporations rights as an individual. or something like that in Citizens united.

    2. Once the device or data in question is held by a third party, the constitutional protections magically disappear like a fart in the wind.

      1. The Cloud is the Future.

  41. I’m reminded of the recent plane crash in which the suicidal pilot locked out his copilot by “terror proofing” the cockpit. Everyone inside the plane was helpless.

    The SB shooters are guilty and dead. The FBI acquired a proper warrant. If Apple is ordered to break just that phone and not required to share the knowledge of the process, I see no problem with it.

    Either way, an “unlockable” smart phone just sounds like a bad idea. Apple should have some way to bypass encryption. The SB shooters could be part of a larger cell who are biding their time as we speak. Remember that the terror pair spent years on their plans and were only holding back because “Islamophobic” climate.

    1. Apple has not been ordered to break the phone. They have been ordered to write code that will disable the auto-delete function and then turn over that code to the FBI. The court order is to write code that will only affect that phone, but I wouldn’t trust that the Feds couldn’t edit that to make it universally applicable.

  42. ” But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks”

    “Criminals and bad actors will still encrypt, using tools that are readily available to them.”

    So which is it?

  43. Seems to me that government are trying to FORCE employees of a private corporation to perform certain tasks, against their will, with or without compensation. That, my friends, is nothing less than SLAVERY. and that was outlawed more than a century ago.

    Apple should stand their righteous ground.
    This is particularly galling when we KNOW FBI, NSA< CIA, TSA had plenty of signficant information on this pair long before this massacre. And took the one action at which they seem to excel.. NOTHING. They also FAILED uttterly to vet this female jihadi, not figuring out until after she’d halped kill a dozen or more people, all innocents. She had given them two different addresses of her “home” back in Pakistan (if I remember aright) which addresses DO NOT EXIST and hever have. They further failed to trace out her history, which, had they so done, would have given them cause for action. As to the male half of the mayhem, he had plenty of info out there and available, and, once again, they practiced the fine art of.. DOING NOTHING. THEY”VE been asleep at the wheel, enabling these two to perpetrate jihad amongst innocents… and now want to enslave Apple’s techs? Eye doan t’eeeeenk so.

  44. The is no way that Apple will back down on this. If they somehow are able to crack the encryption on this phone, they would be telling all their users that the encryption can be broken. People would abandon iPhones for devices that cannot be broken. Even agreeing to try to crack it would be a disaster.

    It would be a disaster for sales of the iPhone and disaster for the value of Apple stock. There is no way that the government could begin to pay Apple for the lost value.

    Apple will never agree to this, and will fight this in court as long as they can.

  45. They haven’t been ordered to crack the encryption, and couldn’t even if they wanted to. They’ve been asked to disable the auto delete function.

    1. The auto delete is a vital part of the protection of the phones data, alone with delays after bad passwords, and only accepting passwords from the touch screen.

      If it is turned off then, then the government will be able to use a brute force attack to try all passwords until they find one that works.

      These protections are common to all modern operating systems, except that an OS like Windows will just lock out an account for a certain amount of time after a certain number of bad passwords to prevent brute force attacks. Windows security can be defeated if you have physical access to the computer as long as the data on the hard drive is not encrypted, because the computer can be booted from a CD to bypass the operating system security.

  46. I have always admired Tim Cook, but never more than I do today.

    -jcr

  47. I don’t have an iphone, so I’m curious how someone would be able to authorize an update of the firmware of a locked phone. Is this an apple thing where the user doesn’t have any control of updates- they can be done in the background with no user input or approval?

  48. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do..
    Clik This Link inYour Browser….

    ? ? ? ? http://www.WorkPost30.com

  49. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do..
    Clik This Link inYour Browser….

    ? ? ? ? http://www.WorkPost30.com

  50. Seems to me that if the courts search your car, home, medical records, financial records and everything else who is a cell phone any different.

    I mean with a warrant they can go through your house, with you not there, take your things and in some cases keep them.

    Seems to me a precedent has been set and it is not some new precedent but one that has been around FOREVER.

    It is clear that the OWNER of the phone in question has no problem with it being searched, since it was a State owned or paid for phone and there is no privacy here…

    I heard cook a bit on TV last night and his reasons seemed weak… Then again maybe he has never lost anyone to a enemy of our country,,, you know some innocent just going about their day and was murdered…

    1. Seems to me that if the courts search your car, home, medical records, financial records and everything else who is a cell phone any different.

      They can search it all they like.

      They can’t force a third party to search it for them.

  51. Cook and Apple are moronns – they can access the data without compromising anything – they
    know the system and can use their knowledge to gain access. Their claims about “opening a back
    door” are total BS I’m surprised that Reason fell for this nonsense, but then Reason is not about
    logic…

    1. So? Apple is lying then? And why would they lie about this? There’s really no strong incentive to do so.

  52. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do,

    go to tech tab for work detail,,,,, http://www.onlinecash9.com

  53. I love to hate Apple but if there’s anything to make me like Apple and Tim Cook this is it.

  54. So the court ordered apple to create this magical ability? How about Apple does this on government time? hires a few IRS flunkies, trains them to code, lets them loose on the project which will wrap up shortly after the earth smashes into the sun ? All the while deducting the expense as R&D and legal compliance?
    I just don’t see this turning out well for Apple and myself, Apples customer.

  55. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do..
    Clik This Link inYour Browser….

    ? ? ? ? http://www.workpost30.com

  56. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do..
    Clik This Link inYour Browser….

    ? ? ? ? http://www.WorkPost30.com

  57. I’ve made $66,000 so far this year working online and I’m a full time student. I’m using an online business opportunity I heard about and I’ve made such great money. It’s really user friendly and I’m just so happy that I found out about it.

    Heres what I’ve been doing… http://www.alpha-careers.com

  58. my friend’s sister-in-law makes $85 hourly on the internet . She has been without a job for ten months but last month her paycheck was $21785 just working on the internet for a few hours. look at this web-site….
    Clik this link in Your Browser

    ??????????? http://www.Wage90.com

  59. My last pay check was $9500 working 12 hours a week online. My sisters friend has been averaging 15k for months now and she works about 20 hours a week. I can’t believe how easy it was once I tried it out. This is what I do..
    Clik This Link inYour Browser….

    ? ? ? ? http://www.WorkPost30.com

  60. The Fit Finally programs and guides are based on over 600 research studies conducted by some of the biggest Universities and research teams of the world.
    We take pride in the fact that our passion for better health and fitness is 100% backed by science and helps 100’s (if not 1000’s) of people every year since 2010. Just try it:

    http://03615gbnxbyy5y42r9r8o80…..kbank.net/

  61. The Fit Finally programs and guides are based on over 600 research studies conducted by some of the biggest Universities and research teams of the world.
    We take pride in the fact that our passion for better health and fitness is 100% backed by science and helps 100’s (if not 1000’s) of people every year since 2010. Just try it:

    http://03615gbnxbyy5y42r9r8o80…..kbank.net/

  62. The technology is so developed that we can watch videos, live streaming, TV serials and any of our missed programs within our mobiles and PCs. Showbox
    All we need is a mobile or PC with a very good internet connection. There are many applications by which we can enjoy videos, our missed programs, live streaming etc.

Please to post comments

Comments are closed.