“Tech giant Apple and the FBI appeared headed for a deepening confrontation Wednesday after the company’s chief pledged to fight federal demands to help mine data from an iPhone used by one of the shooters in December’s terrorist attacks in San Bernardino,” washingtonpost.com reports. “Up to this point, we have done everything that is both within our power and within the law to help them,” Apple’s CEO’s statement asserts. “But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.” Here’s why that matters to The People of the Gun . . .
Many gun rights advocates comment about firearms and firearms-related issues on TTAG, other websites, social media and text. Given that more than 60 percent of our traffic comes from smart phones, it’s safe to say that many if not most and perhaps all of these comments are stored by the media involved, Apple, Android, internet providers, etc.
Some of these comments are potentially dangerous to their posters. The most extreme example: commentators write posts that threaten anti-gun politicians with violent retribution. (TTAG deletes these posts.) If and when the government/police decide to crack down on “insurrectionists,” those posts could be used to deprive their writers of their gun rights. And far worse.
But even “innocent” remarks about guns or gun rights can be taken out of context and used to build a case against their authors. If you mount a defensive gun use and the prosecutors get a hard on for you, they can mine publicly available data and use your comments in court to portray you as a trigger-happy, bloodthirsty gun owner.
If a court of law issues a warrant for privately held data (such as our deleted comments), there’s little a service can — and perhaps should — do to avoid surrendering the data. I mention all this as a warning related to this conflict. As stated above, that’s not the issue that Apple is fighting. To be clear [via Apple’s statement]:
When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.
To be even clearer [via washingtonpost.com]:
The order, signed Tuesday by a magistrate judge in Riverside, Calif., does not ask Apple to break the phone’s encryption but rather to disable the feature that wipes the data on the phone after 10 incorrect tries at entering a password. That way, the government can try to crack the password using “brute force” — attempting tens of millions of combinations without risking the deletion of the data.
The government requested the order after saying Apple failed to provide assistance voluntarily. Last week, FBI Director James B. Comey told Congress that the bureau has not been able to open the phone belonging to one of the killers.
“It has been two months now, and we are still working on it,” he said.
The phone, an iPhone 5C, was used by Syed Rizwan Farook, who with his wife, Tashfeen Malik, opened fire at a holiday party at the Inland Regional Center, a county facility. The couple, who pledged loyalty to the Islamic State terrorist group, died a few hours later in a shootout with police.
Bottom line: if Apple agrees to disable this feature, Uncle Sam will have unlimited access to iPhone users’ data — without a search warrant. As the Apple CEO says, the feature locking out iPhone users’ phones protects owners from hacking by cyber-criminals. Not to mention cyber-terrorists.
Hats off to Apple for standing firm against the full might of the federal government. This case reminds us to be careful what we say online, and the fact that it’s foolish to assume that the government can be trusted. Period.
As far as deleting comments that suggest using violence/force against our government… Why?
Doesn’t our government threaten to use the same against us?
I know it’s redicoulous. The goverment needs to know what they are up against, less likely to actually try and kill us if they know how ready we are to kill them.
The context of this gave me a premium laugh.
Glad Im not the only one.
I don’t think that they delete comments about use of force, including against government, when it’s a valid subject; such as when rebellion is valid and/or necessary. I think they delete comments more along the lines of, “we should take out anti-gun senator X JFK style,” because that’s a direct threat.
Well, if you haven’t done anything wrong, you don’t have anything to worry about. Right? I mean, really, government is just trying to look after our best interests. [SARC]
Not a huge fan of Apple in general, but here’s a tip of the hat to them for standing up for what’s right. Hopefully they will stick to their guns.
The government has all the leverage. Unless Apple is willing to burn the place to the ground and shutter the business, they will eventually cave whether they like it or not.
I don’t see Apple caving on it. They advertise the security of their product as unbreakable. That’s a pretty strong statement to make now days as nothing is 100% unbreakable given enough time. If they hand over the keys or design a program that breaks the encryption then the genie is out of the bottle. Every competitor out there will be able to say their phones unlike Apples phone is still secure and your data is safer with us. The potential damages to the brand could be calculated in billions of dollars.
I don’t have a problem with the feds getting the information but I have a real problem with them demanding a company do something that is damaging to its brand. The government hasn’t been happy about us peons having encryption software since day one. If they could they would outlaw all the privacy apps and software on the market asap.
Especially since this concern is magnified for an iPhone in Iran or in China – where the process of obtaining data may be more akin to our FISA courts.
If Apple had a backdoor, then I could see a judge ordering Apple to turn it over. But requiring Apple to create a back door is a more difficult proposition. Almost as difficult as ordering a certain baker to make a certain cake.
Or ordering a photographer to take a certain set of photos.
I know technology can be hard but a cake or photograph couldn’t be turned into a global weapon that could be used to undermine and infect civilians and our government alike. Apple isn’t against helping the government in principle, it’s just worried that in this case it’s being asked to create a new weapon that cannot be uninvented when it gets abused.
Are you saying that I can’t weaponize a cake? Because I assure that I can do so. Not sure how, but I’ll come up with something.
anything can be weponized. photos and speech can insight riots, cloths for stranggleing or fire. When will the gov. want to confiscate them.
“Not a huge fan of Apple in general, but here’s a tip of the hat to them for standing up for what’s right. Hopefully they will stick to their guns.”
Apple uses an elaborate tax shelter to avoid paying taxes & they have a history of using litigation to strong arm their rivals. I would believe they sympathize with terrorists long before asserting that they stood up for what’s right under any circumstance.
I’m actually rather relieved that the government doesn’t already have this ability. That seems like way too much power to hand to anyone.
I thought you heard that big sigh i let out when i read they couldnt crack the phone yet.
Got some of my confidence back, really.
What makes you think they can’t? Perhaps they just don’t want to risk DROPOUTJEEP’s successor being outed and so would like to have a plausible alternative?
I am so cynical about our government that part of me wonders if this isn’t some cover to pretend they haven’t cracked phone encryption yet, just as the WW II Allies never used decryption cracks directly, but always ginned up some other plausible excuse for spotting a U-boat or knowing where a Japanese convoy was, usually a recon flight.
But that doesn’t make a whole lot of sense here, since almost everything on that phone — call logs, texts, contacts — surely is already available through their carrier. I think the government is just taking advantage of an obvious and unexcusable terrorist to try and get some bad law affirmed by courts.
This is exactly what this is. This phone did not BELONG to the terrorist. It belongs to the County of San Bernadino. It was issued to the terrorist for work. The FBI knows the terrorist had a personal phone. In this day and age, if you go through the trouble to get a personal phone on top of your work phone, you work for the government, and you are a terroist, would you really use your work phone to plan an attack or correspond with other terrorists. The FBI knows there is nothing on this phone. The personal phones were destroyed to the point the FBI could recover zero data. Think about that. That kind of destruction is not easy to accomplish. They want encryption control. Meanwhile they say national security and keep data from the citizens who are their boss. Utter hypocrisy. They can have a backdoor to my encryption when they declassify all government documents.
(Putting my foil hat on)
I’m thinking this is a ruse to make us believe they don’t have the know how to crack it already.
(Foil hat on)
I assumed that since forever. You just broke my break from myself.
(Foil hat off)
No tin-foil hat here … I am utterly convinced it is a ruse.
First of all, the electrical, computer, and software engineers who designed the iPhone know everything about iPhones’ processors and memory. I am confident that Apple engineers can access the memory of that iPhone if they really want to.
More importantly, I don’t even see why it is necessary. Every time every digital device (whether a tablet, smart phone, or desktop computer) sends a digital message from the device to someone else, that information flies over the UNSECURED INTERNET. The only real question is how much data the carriers log and whether the new federal Super-Duper-Suck-In-All-The-Internet-Traffic data center in Utah is already hoovering up all the data flying around.
As for anything published on major websites — especially anything that would attract people who fall under the Department of Homeland Security’s extensive list of potential domestic terrorists or the FBI’s list of traditional terrorists — I guarantee you Fedzilla already has wiretaps for them and has near immediate access to the IP addresses of whoever posted “questionable” content. Once Fedzilla has the poster’s IP address, they can determine whose name is on that account and trace it back to the person who pays for the account.
Moral of the story: don’t use digital devices to share or store anything that could incriminate you. There is nothing even close to a guarantee that it will ever be secure … whether or not it is encrypted.
You are wrong. Yes they can access the contents of the memory on the phone. This is not the issue. The issue is the contents on the phone are encrypted. The encryption is 256-bit, which means with current technology, the private key would take hundreds of years to “brute force.” That is a very simple math problem, math does not lie. To decrypt the files without brute force, you need the private key. The private key is generated by the phone using the passcode you enter as a seed. You need to know the passcode in order to generate the private key. Apple does not know the private key. Apple does not know the passcode.
I don’t buy your assertion that the iPhone encrypts all data with the encryption key seeded from the passcode because people change their passcode at will and there is no way that the phone re-encrypts Gigabytes of data in memory every time someone changes the passcode.
Nevertheless, let us say that your statement is correct. Apple’s electrical, computer, and/or software engineers wrote (or at least coded) the algorithm that uses the passcode to seed the encryption key. All Apple has to do is hand-over the encrypted contents of that iPhone’s memory and the passcode/encryption algorithm … then fedzilla’s analysts can brute force the 10,000 possible passcode combinations. They won’t need to brute force the 256 bit encryption. When they get the correct passcode, which seeds the encryption key generator and generates the correct encryption key, all the data will be recognizable.
You don’t seem to get it. Even Apple can’t break it because they don’t have all the keys. This is by design. All Apple can do is remove other security features that keep other hacks from working. This is not simply a matter of code breaking ala the enigma machine.
With unlimited access to the hardware, and infinite resources at their disposal, I have a harder time believing that a self-wipe process can’t be prevented from running; than that 1) the NSA wants potential targets to feel safe(r) storing compromising data on their phones, and 2) Apple wants a reputation for being a reliable custodian of their customers “secrets.”
Sounds like your saying “The Terminator” is now a reality. Where is Arnold when you need him.
+1 to what Stuki Moi said.
Actually, in honor of the 256 bit encryption that Apple supposedly uses to encrypt their data, I want to give a +2^256 !!!
For the love of all that is holy, please get rid of the auto-playing video advertisements!
AdBlocker Plus and Ghostery on Chrome works beautifully.
AdBlocker was problematic on my flagship model Android phone.
Unless on phone! When it first occurred I had to scroll like mad to figure out where it was. Springfield or something, and it left a bitter taste in my mouth for any of their products.
At least on the Android version, you can install ABP and Ghostery into Firefox; still works well. It makes it so that I can read this site on my phone as well, rather than being forced to wait until I’m at a computer.
I haven’t seen this occur today, but it stopped me from opening the site for days. Someone needs to be slapped for that. Lots of fun while browsing from a phone in a quiet doctors office.
It seems that Cook is claiming that he can’t unlock this one phone without providing the G with the ability to unlock them all. If that’s true — and I’m guessing that the CEO of Apple knows whereof he speaks — then he should stick to his guns (so to speak).
If Apple can unlock this one phone without compromising the security of all, then Apple should unlock the phone.
The G cannot be trusted any more than the jihadists can be trusted, and that’s that.
And that’s just it. The Feds hve requested – demanded – that Apple make a tool that will facilitate hacking the phone, not hack it themselves.
Once Apple develops such a tool, even if that tool is never released, there is now an existence proof that such a tool can me made. And then, someone else will, because they know it won’t be a wasted effort to try.
even if that tool is never released
Especially since there are no secrets. Ask Snowden.
The government wants to have the 10 bad tries and data is deleted feature disabled via “some means” so they can use brute force techniques to guess the password. Now where would this work be done? The government would need to use a super computer to do this hack so the phone with this disable feature would have to be given to the government.
With the phone in the government’s possession the would then have a copy of the O.S. without this feature and a copy with this feature. By analyzing the difference between the two the government would be able to extract the code used to disable this feature. Once they have that, even if the changes are “bound” to this one phone, they would be able to mount this on any IPhone with the same O.S. A good software person would be able to change the code used to bind this to that original phone and change it to a new phone. Not easy, but doable.
Once the government gets their hands on a phone with the 10 tries disabled, the cat is out of the bag.
It is even easier: the only way Apple can make this hack apply only to that individual phone is by using their private keys to sign this OS update. The gov could simply subpoena that private key and viola, they have the key to the iOS kingdom. Of course this only works on iPhone 5C and older phones; the newer ones have a different (hardware based) method for preventing brute force attacks on the PIN.
Distributed computing. Hell, there is malware (google ‘botnet’) that can be used to distribute computational loads like that across tens of millions of private PCs. With the NSA data centers spread all throughout the country, there is immense computational power at their disposal. Also, the NSA has been working on quantum computers intended to make brute forcing conventional encryption for decades, they may very well have come a long way on that project.
I disagree. The issue here is that the Govt wants apple to develop a switch to turn off the data dump so that they can brute force attack the device. This only works if they have already developed a method to capture the image and run a hardware emulator on copies of the image. I know there is an emulator already as its included for IDE for apple iphones.
As I read the article, the Fed is not asking Apple to hack the phone, but instead to disable (hack) a feature (or app) that will wipe its memory if too many attempts made to unlock the phone by entering various security codes. The phone allows only ten tries before it becomes a blank slate. If the feature is disabled, then the Fed can enter as many combinations as are necessary to unlock the phone and gain access to its files. To put it in geek speak (of which I am not a speaker), the Fed wants a “back door” around the phone’s security features.
There is obviously the issue that a hack that allows the installation of a back door could be used on any Apple product at any time, even remotely, thus exposing all of its products to security breaches, whether from identity thieves or an intrusive government. The second, and equally significant issue is that a federal court magistrate judge has “ordered” Apple to do computer programming to comply with the Government’s demand, as apparently Apple does not have a program, workaround or hack that will accomplish the desired goal. The judge (according to the AP article that was in my local rag) recognized the privacy implications, and further ordered that the program was to be tailored specifically for this particular phone, which is of course silly–do one, you’ve done all that have the same protection. If normal procedure is followed, the magistrate only makes a recommendation for an order, and any order has to be signed by a regular judge, who may entertain oral argument on the issue. If Apple loses, I would further expect them to file an appeal with a request for an emergency stay.
“If Apple can unlock this one phone without compromising the security of all, then Apple should unlock the phone.”
As I understand it, Apple will have to write a custom OS to bypass the feature that locks out the data after ‘X’ tries. (Someone please clue me if I wasn’t hearing that right.). The fact that tool will then exist threatens the security all iPhones. Secrets have a nasty habit of not staying secret. If there were one or a few people in Apple who knew how to do it, it seems to me those people would be in serious danger of being kidnapped by an intelligence agency.
Someone proposed an interesting “what if”:
What if the police had an iPhone from someone who they seriously suspected was a serial killer of gays? Would Apple write that ‘toolbox’?
US national security assets are not staffed by (utter) morons, they reputedly wrote that clever ‘Stuxnet’ code that bit the Iranians on the ass and destroyed their Uranium hexafloride gas centrifuges.
Is the encryption on that device etched on the actual silicon die itself? It’s not difficult to reverse-engineer silicon chips, the Russians have been doing it for over 40 years, their chip clones even had the ‘IBM’ trademark on the die…
with all the hackers out there, FBI can’t find some who can put the bite back into the apple. Hey, Anonymous, here’s your chance to be a good guy. Put the byte back into the Apple for the FBI
In what universe are the FBI the good guys?
Anonymous was the good guy in that example, not the FBI. Anonymous is a group in internet tough guy hackers.
So much for Liberty FLAME DELETED
The government can be trusted. I do not understand the problem. I trust them to come after me for not paying my taxes. So I pay my taxes. I trust the government when they tell me that “when seconds count, we are minutes away” So I own a gun. Do I trust government to not overstep the boundaries that placed on it via the constitution. I have not, nor will I ever be Grubered.
Ask Bill Cosby about the government keeping privacy agreements.
I’m glad you brought this up but my reaction was more of wonder at the FBI’s use and interpretation of the All Writs Act of 1789. I thought the Constitution and Colonial law was out dated and not relevant to today’s technologically and socially advance society? Huh. Seems that there are those who pick and choose as they please. Check out Wikipedia entry under “Application” https://en.wikipedia.org/wiki/All_Writs_Act
This Act is “current”. The Second Amendment is apparently not….
The right to be secure in papers and possessions obviously was only intended for parchment and ink. Sort of like the 2A does not apply to Assault Rifles.
The right to which you refer is a right to be secure from unreasonable searches and seizures, not all searches and seizures. I have little doubt that (a) probable cause exists to search the phone and (b) any right of privacy these persons had expired when they did.
We are the state, and we will decide what is reasonable. If you disagree, your are being unreasonable.
If you have a safe, the Government can get a legal warrant to search that safe. You still have the 5th amendment right to not give them the combination. They then have the legal right to break into your safe. If your safe was uncrackable, or if it was booby-trapped to burn all contents with tampering, well that is what iPhone encryption is. The Government is well within their rights to try and crack the phone. They have no right to force Apple to help them. It is not Apple’s phone anymore.
The 1789 version was superseded by a version passed in a year that should be easy for PoTG to remember: 1911. Why would the FBI be reaching back to the older version?
hmmm this is enteresting.at first it seemed like a weak straw man argument via the slippery slope fears. but even apple is saying it could be used on any number of devices.
Portland Oregon syndicated conservative “Talk show” host Lars Larson professes to be an avid 2A supporter, though he seems to feel apple should help “the gubment” break the iPhone;
Apple refuses to help FBI on San Bernardino terrorist case
by In the news Wednesday, February 17. 2016
by Lars Larson
This news about Apple makes me want to go home and break my iPad with a hammer.
The government wants to get into Muslim terrorist killer Syed Farook’s iPhone and has a court order to do it. But encryption keeps investigators out of the device and now Apple refuses to help.
CEO Tim Cook claims there’s no digital backdoor to such devices and Apple refuses to build one, even for times when there’s a constitutional and legal right to get in.
I value my Constitutional rights. But I also understand that the Constitution has a backdoor built into it by the geniuses who wrote it: “no warrants shall issue, but upon probable cause”. The 4th Amendment says that when the government can show cause, your right to keep investigators out of your documents ends.
This time the request to Apple involves a terrorist attack that’s already over…fourteen victims dead and there’s time for a court fight and a public debate.
But the next time it could be information on an Apple device that tells us about a pending attack…literally a ticking time bomb somewhere. When that happens, there won’t be time to engineer that door that Cook refuses to build.
It appears that belonging to the Cult of Apple includes putting safety, lives and national security second to a private company’s concern about privacy. Someday, Tim Cook may have a lot of blood to wash off his hands.
I wonder if there’s an App for that?
For more Lars Larson, visit Lars’ web site
Utter tripe. Does Lars really believe that the FBI has the right to come knocking on his door and order him to work for them? That the FBI has a right to search is one thing, but ordering a company to build the tools necessary for it to do so is another thing altogether. If Apple wants to do the work, it should be paid whatever it demands (it’s a free market after all); and if it doesn’t want to do so, because the program designed would disable security features on all of its products, indirectly reducing the market value of its products and potentially costing it billions of dollars in future sales, then it has the right to tell the government to go pound sand.
The phrase “utter tripe” doesn’t come close to describing that load of crap. Larson is out of his mind with fear, which makes him easily led and controlled.
If ISIS didn’t exist, the government would have to invent it.
I have a lot of very mainline/country club conservative friends even though I am quite libertarian. There’s lots of outward, and manly bravado talk constantly(which is great if you are consistent and will back it up), until it comes to the real world when they react just like Lars. “If it keeps me safer, then Apple should do it because terrorists!” If they had said, “if it keeps my wife and children safer” I might have been more sympathetic, but they said “if it keeps ME safer.” These are all single men in there late 20s. I said, “you could also handle your concerns the old fashioned way, by first not worrying too much about outlier incidents that are unlikely to affect you, and second, by packing heat and shooting back if it does come to you.” This was bewildering to them, and it proves the wussification of America is not limited to one political party on the left.
I agree with Apple’s position but, unfortunately, this is a fight that Apple will lose. If they continue to defy there will be laws written and signed by his lordship that will force them to comply under threat of crippling or bankrupting fines and jail terms for Cook and his buddies. The secondary effect, I think, will be deliberate destruction of the data on the phones. All it takes is 10 invalid log-ins to completely wipe the data. I am making an assumption here that it would be unrecoverable afterwards. I don’t have a dog in this hunt as I dumped my iPhone two years ago and went with a basic flip phone. My phone bill went down $80 per month. So it will be interesting to see how this all plays out.
Not if we tell them not to. The masses may not support gun rights, but market the reality of identity theft, and the public will stand with an organized group opposed to this. Even if Apple created a back door, third party or open source programs could create an algorithm that Apple doesn’t have the key to. This is a lose lose for the Government. All they will do is push encryption to the black market.
hmm…its the files on the flash memory that are encrypted. If apple has the keys to unlock the file encryption in a lab, then the easy fix is for the Gov to hand the phone over to apple, which can “insert the key” so to speak, retrieve the data, pass the non-encrypted data back to the gov, then destroy the phone. -all in the presence of two government agents. These two agents would be able to verify the data is legit and maintain the evidence chain. The keys would stay private to Apple.
Also, I’d be really surprised if the flash memory partition can’t be cloned by Apple in a lab and then the gov could use it to spin up as many virtual instances of the image it needed to crack the password using brute force. The chips aren’t encrypted…its the stored data.
However, it seems the answer being sought is to give up on public privacy because privacy makes some people’s job harder.
“Also, I’d be really surprised if the flash memory partition can’t be cloned by Apple in a lab and then the gov could use it to spin up as many virtual instances of the image it needed to crack the password using brute force.”
This was my first thought, it can be cloned and then they can try to unlock the cloned system. This is pretty basic, yes it would take some technical wizardry as it’s not as simple as cloning a simple hard drive, but it has to be available to them as an option.
There has to be a lot more behind this – both technically and politically.
Very interesting nonetheless.
Not sure if this applies to a 5C (the device in question), but later devices have a device specific encryption key that is hard wired as part of the device creation. That plus the user entered key combined are used as the encryption hash.
So, grabbing the encrypted flash and moving it to another device (real or virtual) won’t work in the sense that the plan is to brute force the 4 digit pin (only 10,000 combinations) which requires the brute force attack to take place on the device. A brute force attack on the 256 bit AES key generated by the unique device would take a long, long time. The actual key used in the manufacturing process was/is supposedly discarded at the time of manufacture, so neither Apple nor the (Chinese) manufacturer has it (at least in theory).
Some of this is still unclear to me, given this is a 5c and some of the aspects of the security scheme changed over time.
The FBI request and court order was two fold:
1) That Apple be compelled to write custom code to allow more than 10 attempts
2) That Apple provide somehow provide access to the device to allow off board brute force attempts.
The issue of the day (to me) is the aspect of can Apple be forced to create custom software or re-engineer an existing device to accomplish this. It is not the same as Apple somehow turning over a master key.
“later devices have a device specific encryption key that is hard wired as part of the device creation. That plus the user entered key combined are used as the encryption hash.”
Hard wired as part of the device would mean that the value would be stored somewhere on the physical device – obviously you would need to know where to look, but it has to be there.
“A brute force attack on the 256 bit AES key generated by the unique device would take a long, long time.”
Indeed, but the processing power available to the feds somewhere in their super-secret data centers also has to be something awesome. This work could be parallelized. I admit it’s no small task, but the level of geekdom they have to throw at this, not to mention the hardware, tells me if they really wanted to do it, it’s probably doable.
There’s more behind this we aren’t being told is my guess.
I’m not sure how chain-of-evidence rules work on digital files, but it seems to me that, from a purely logical point of view, if you’re asking a third party to decrypt data using a black-box program, you have no way to prove that the unencrypted data you get out is the same as the encrypted data that went in. Apple guy runs some program and it appears to dump out some data. It doesn’t matter how many eyeballs watch him run that program, without the source code to it, an outside observer has no idea if it’s the actual phone’s files, decrypted, or just some files generated by the program or copied from somewhere else. You also can’t know, in that case, if you have all the data, or only a portion of it.
Some valid points here. The method of gaining the evidence could play a part in establishing reasonable doubt, but there won’t be a trial in this instance. There is no guarantee the feature apple would build into the phone would reveal 100% of the stored info. The state uses expert witnesses and third party professional testimony. In this instance, the data will most likely be used to gather additional intel and then to present it to a judge for search warrants against contacts in the phone…assuming this isn’t an attempt at forcing Apple into building a backdoor for future expeditions.
…”assuming this isn’t an attempt at forcing Apple into building a backdoor for future expeditions.”
Which it almost certainly is. Surely this isn’t the first time the FBI has had somebody’s encrypted iPhone and wanted information off of it. They were waiting for a case like this that would be an easy sell. As you mention, there’s no trial here, so they don’t have a defense lawyer filing motions to stop them. It’s a dead terrorist’s phone, so the PR is easy: “There could be more information on there about other terrorist cells! We could stop the next attack if you just let us into the phone!” (even though there’s almost certainly nothing on that phone they don’t already know, and even if they win and Apple has to produce the software exploit, any info on that phone is going to be many months old and will likely have no intelligence value).
They thought this would be a slam-dunk, until Apple started explaining that it’s not just about this one phone, and everybody out there with an iPhone or iPad suddenly has skin in the game…
I concur. If the FBI needs info, they should have intercepted it before storage on the iPhone or other Homeland agencies should have done there job and actually protected the homeland prior, like preventing her from originally entering the US. This is only being pushed by the FBI now because they want this capability for future use, but I’m sure this phone has a lot of candy crush saga data on it though.
I laughed when I read this. If true, these government employees are even more incompetent than I thought. They want to do it a cheap and easy way by making apple do their work for them. The memory is no doubt stored in flash somewhere. Dump the contents of that chip (which is encrypted). No doubt Apple has already given them the encryption algorithm. If they knew the contents of certain sectors before the encryption, and they have the algorithm, they should be able to brute force a key.
This. The NSA is estimated to have the capacity to perform 1 trillion attempts a second on a single problem.
This demand is nothing more than an attempt to establish mass surveillance by lying about a single case.
So the same feds who didn’t even bother to seal off the apartment of the San Bernardino shooters and properly process the scene for evidence before leaving the site completely unguarded so that the press could trample the place and show to the world live on CNN, among other news outlets, that the apartment hadn’t been properly processed or the identities of people who were relatives or friends of said shooters protected and turned the place into amatuer night clusterfuck are now so concerned they need their back door handed to them on a silver platter because they can’t even decode a fucking iPhone. That Brennan CIA guy was just on 60 minutes saying if they had had a back door they could’ve prevented the Paris attacks. Fucking assholes, they failed on 911 waaay back when nobody had this kind of encryption technogy. They are fucking incompetent and corrupt and now they find themselves in a world where people are becoming less and less reliant on the system and more upset with authority and it scares them because they might not get to eat fucking caviar with every meal if things keep going the way they are now.
The TV news crews that they let in the apartment showed a waste basket *full* of vertical-strip paper shreds.
Not cross-cut, it was vertical. It’s a relative easy trick to scan those strips on a flatbed scanner and have a computer reconstruct the documents.
WHY the hell did the FBI just leave that waste basket of evidence for the media to paw through? That makes *no* sense…
That the FBI+NSA can’t crack the iPhone like an oyster makes me feel a little better about some things.
Robert, ARE you saving deleted comments? Maybe you shouldn’t.
“If a court of law issues a warrant for privately held data (such as our deleted comments), …”
Hmmm…so Apple doesn’t want to help the gubmint in decrypting the San Berno Phones? Funny how they admit how clueless they are. I ASSumed the feds could figure THIS out. It reminds me of my DOD employed son telling me how CLUELESS they all were about the Arab Spring…and I’m somewhat careful on fakebook. A little less so on TTAG. Maybe none of that matters. The lamestream media is portraying this as basically Apple et all are traitors. Get ready for that # on yer’ forehead(or hand)…
Giving the FBI the ability to brute force crack the phone
is effectively the same thing as a giving them a backdoor.
As much as we focus on 2A, all the amendments tie together. If we lose one all will eventually fall. That being said I am surprised they haven’t just started breaking the phones apart to pull the chips and start reading them that way. Even with crypto they have enough compute to probably break them in Utah.
Something has to give here. This is a completely different time and era. If we expect this country to be as strong as ever in the face of evil such as modern day terrorism (foreign and domestic) as a citizen we need to be willing to compromise on certain areas. Things aren’t as clear cut in today’s climate. Even though freedom of expression is guaranteed in the Constitution, that doesn’t mean you should say whatever comes to your mind (even though you can), certain things are best left unsaid. That being said, the cleanest digital footprint is to not have one; if you don’t want potential repercussions down the road, don’t create a reason.
I don’t want the G to be able to hack my phone. Period. Because I don;t believe that my phone calls are dangerous any more than I belive that my opinions are dangerous or that my guns are dangerous.
You are welcome to give up any of your rights, or all of them, if you feel that it makes you safer. But it actually makes you less safe from the greatest danger to you and yours — namely, government. Any government. Every government.
We shit in our pants because terrorists kill a dozen people in Berdoo while the government kills at least 1000 of its own people right here in the USA every year, and it would kill a lot more if nobody was watching.
Insanity. Total insanity.
Please address any comments about TTAG’s editorial stance of style to [email protected], where they will be answered promptly.
I did -several times, and it was ignored.
The title of the video should be “60 minutes doesn’t understand encryption or what hackers actually do with their spare time.”
If Apple inserted a back door – guaranteed some hacker would find it and exploit it. 60 minutes statement is completely false based on goals sympathetic to the government’s annihilation to privacy rights, or simply their complete inability to understand the situation. Also, Apple doesn’t want access to unlock your phone, because they would need another department (paid for by apple) to cater to a stream of calls from law enforcement requesting criminals (perceived criminals) phones be unlocked. Since IO8, apple has used the password for the phone to encrypt the data – keeping apple out of the loop so to speak. Now, you would think that a four digit password (which most use) would be fairly quickly to break, but… the phone will erase all your data after 10 tries. The (lazy) FBI want’s apple to disable this feature (which may not be capable of being disabled). In reality, the FBI should disable it themselves, or dump the memory off the chip and decrypt that. So the statement above is bullshit. Without the password, apple can’t give them anything.
I.E. FBI: Hello Apple, we would like you to build a lesser quality product to cater to our wants.
For those of you who wonder why neither Apple nor the government can decrypt the phones, this makes interesting reading: http://blog.cryptographyengineering.com/2014/10/why-cant-apple-decrypt-your-iphone.html
Long story short, the iPhone is set up in such a way that the password is scrambled with a device-specific number that no one knows and is nearly impossible to get since it is baked into the heart of the processor microchip. Since not even the device itself can “know” the number, the device itself must be used to decrypt the data. The decryption process is designed to take long enough that even if you could make the device guess randomly, it would take years to defeat a strong password. By doing this, Apple has created a way to make it nearly impossible for anyone to get information off of the phone in a timely manner without the user’s permission.
I’ve read that’s like a new thing in computer security, computer architectures that themselves are engineered to enhance security.
I’m less competent than my 3yo grandson when it comes to technical toys. people like Anonymous seem to enjoy poking a finger in the eye of those they see as the “enemy”. And they do so because, as some folk on the internet also seem to think, that they will always have the edge on those they see as the bad guys.
But new technology can come in 5-10-15 years that nullifies that advantage. Just as DNA, a science that did not exist years ago, has resulted in many cold cases being solved.
Maybe the new science just around the corner will lay bare to prosecution all these folks who thought they skated free? Kinda scary how much faith some folk put in the internet and their supposed privacy.
And here I thought Apple’s Tim Cook was a bathhouse buddy of Obama, I guess the bro-mance is over.
I’m torn over this, investigators SHOULD be able to retrieve (NOT “access” themselves) THAT particular info after all it IS “evidence” in a criminal case and may lead to identifying co-conspirators.
If Obama wasn’t president and we had a Commander-in-Chief who would order agents to act immediately upon any info obtained from the phone I would suggest letting a non-tech/non-cyber crimes FBI agent sit in a room facing a wall while Apple techs crack the code, downloaded the info onto a thumb-drive and place it in the agents hand. But with Obama occupying the Oval Office I DON’T believe he will act even if info obtained from the phone showed us there are imminent attacks scheduled against the USA and it’s populace.
It is simple self preservation. If it became public knowledge that a back door existed into the iPhone, Apple would kiss all their business clients good bye. Probably a lot of personal customers as well. After the Snowden revelations, many cloud-based tech companies hosting in the US were hurt badly as clients started dropping them. Why have your data stored in the US where there is no doubt that it is being monitored when it can be kept in Canada or Europe with “maybe” less snooping. Europe talks a hard line on privacy anyway.
Point of law aside, I can’t believe a 16 yr old high school student can’t hack an iPhone much less that the FBI or their contractors can’t hack one. Come on, the friggin’ thing was made in China. Sixteen year old kids are hacking into banks and military industrial complex data centers everyday. This is just good marketing hype for Apple who currently cannot give away an iPhone 6 based on the emails I get everyday from every mobile phone service provider on the planet.
A well-implemented strong encryption scheme can be very difficult or even impossible (given current computing power, anyway) to crack. That’s sort of the point of encryption. Unless there’s an exploitable flaw in the system, a “16 year old hacker” isn’t going to crack the kind of encryption that’s baked into the iPhone.
As someone who’s spent a couple decades as an IT guy, including working for banks and military contractors, I can tell you from my experience that the reason hackers are getting into those places is because those computer systems are almost always out-of-date and poorly designed. It’s a huge ordeal to do system-wide upgrades on large networks with lots of sensitive data, so it often just doesn’t happen. So you’ve got banks storing their data on servers with known security issues, hoping their firewalls will protect them, because the cost and risk of data loss is higher to migrate to a more secure system. Not to mention, a lot of those hacks are the result of social engineering tricks, which is not a technique you can use to decrypt data.
And if you want to sleep at night, it’s best to not think about how obsolete some of the back-end technology that runs “critical” government and military systems is.
It’s long past time for the 28th constitutional amendment:
“Privacy, being necessary to the security of a free State, the right of the people to keep and use Encryption, shall not be infringed.”
I hate to pull a Hillary, but what difference at this point does it make? The damage has been done and these terrorists are dead. Shouldn’t the FBI / NSA be focusing on the next obviously sketchy guy going the Middle East to find his mail order terrorist bride? What is going to be on this particular phone that is so important? They don’t need to crack the phone to get calls, texts, data transmitted to and from it, the NSA has all that. The only thing on this phone unaccessible from another source might data copied from an offline source through a cable or originating on it. I doubt Farook or Malik typed their detailed terrorist plan into phone using the on screen keypad. If data was copied to the phone it would have originated from another computer which the FBI probably has.
The cynical part of me says the FBI is using this sensational case for maximum public pressure on Apple to give up the crown jewels. Never let a crisis go to waste. A back door to the iPhone would aid domestic spying far more than catching international terrorists.
The damage has been done and these terrorists are dead.
Those two terrorists are dead, but they had a lot of friends who are still alive and working to kill you.
The opportunity to stop this was long ago when Farook and Malik were corresponding internationally about jihad before they ever met and got married. The FBI has all that info. You can read about it on Wikipedia. If there was an international mastermind corresponding with them the FBI should have that also. The NSA monitors all international traffic. Also the iPhone in question is a county government issued phone. Why would the terrorists keep their super secret list of terrorists on a government owned phone? It seem strange that the government can’t crack their own phone and Apple has to compromise all iPhones for this particular phone.
You can read about it on Wikipedia.
Aren’t you embarrassed to have written that?
Hey there were source links!!
Tim Cook, in taking over Apple for Steve Jobs, was put in a position that no one would want to be in. I liken it to the being the quarterback that eventually will take over for Tom Brady. This issue may very well elevate to an almost equal demigod status.
What happened to all that phone-surveillance that’s supposed to be protecting us from this stuff? Why do they need the actual phone’s information, seeing as it all passed through their illegally-tapped lines? Not admissible as evidence, or just not worth disclosing the degree of surveillance to the public?
If the San Bernardino terrorists had targeted gays, Tim Cook would’ve had that iPhone unlocked so fast your head would spin.
You’re correct, if the Moslems shot up a Gay nightclub in San Fransisco (aren’t they all?) and had a I-phone in his/their possession when caught/killed Cook would have his toadies break that encryption then deliver ALL that info to Obama in the steamroom at the golf course and ole’ Hussein would no doubt immediately order his minions to investigate, detain, and interrogate every Christian they can lay their hands on.
1. Apple already cracked the phone. This is all just a kabuki dance, arranged as thanks for cracking it.
2. Can’t someone just create an app to restore the wipe after ten tries if it ise eliminated.
I’m all for privacy, but it’s damned pathetic that the government can’t side-channel attack an iphone.
I haven’t seen anyone else here mention it but I saw them say it on Fox. The government isn’t just telling them to turn over documents they are demanding they spend time and money making a program for no reward or they will be punished. That is known as slavery so this is even more than just a privacy issue but also a issue of the government making apple a slave to them instead of having FBI agents figure out how to unlock the phone.
What could possibly be on these iPhones that the full weight of the FBI can’t get thorough other means? I mean, they can find out what numbers those phones had calls with and what IP addresses they exchanged emails with, without cracking the phones. They can track where those iPhones were, within a block or two, every minute of every day. They can probably also get any voicemail recordings. It seems like a wild goose chase. The FBI doesn’t seem to have any probable cause that there is anything incriminating on those phones. It’s a reasonable assumption that they MIGHT, but that’s not good enough.
If those two terrorists were still alive and had good lawyers, there is no way the FBI would get permission to get into those phones. It would violate their rights. So I don’t think they should get into the phones now that they are dead. Those two bozos were amateurs, like the Boston Bombers. There is no likely conspiracy here. Professional terrorists would not leave a trail on their phones anyway.
I think the FBI wants to use this to get at all our phones. As Ben Franklin said, “”Those Who Sacrifice Liberty For Security Deserve Neither.”
I agree with Apple 100 per cent. How in the world can the Government order a private company to develop a program for them and at the private companies own expense. This would have shocked even Hitler.
And another thought. If the Feds are so incompetent when it comes to cracking codes how well are we protected from Foreign Countries attacking us in a cyber war when a private company apparently knows more than the spy agencies of the Federal Government?
During WWII we were using one of the first primitive computers and cracking Japanese and German codes by the minute and now 70 plus years later we cannot crack the code of a cell phone?
Of course if the Feds had half a brain they would simply give Amnesty to Julian Assange or Edward Snowden and then hire them to come up with a solution if Apple refuses to. But that would be bad for all of us as then the Feds would have got what they always wanted , the perfect and complete all knowing Police State. Not to worry the Feds would never think of this anyway as they have forgotten the double dealing of WWII or even the Revolutionary War. When you have an enemy that is smarter than you are you hire him to work on your side. Shades of Benedict Arnold and he got to laugh all the way to the bank after the British hired him and unlike the Americans paid him what they said they were going to pay him from the very beginning.
How in the world can the Government order a private company to develop a program for them and at the private companies own expense.
It’s called socialism.
I just finished a biography of Arnold recently, and concluded that his treason is what should be expected when politicians play politics with war and military careers and people’s lives. It’s too bad Hamilton and others involved in jerking Arnold around like a cheap slave didn’t get shot for it.
Terrorists are more careful with their digital data than Hillary Clinton.
Concerned about privacy? Don’t worry, NRA is looking out for you. Take a look at the privacy waiver in your states concealed carry law. Look at the statute, not the application. In Illinois we have a doozy in Rep. Brandon Phelps HB183 concealed carry bill that passed in 2013. Here’s the original version. I am not making this up:
“a waiver of the applicant’s privacy and confidentiality rights and privileges under ALL federal and state laws, including those limiting access to juvenile court, criminal justice, psychological, or psychiatric records…” Wow! No time limit! Sign the application and sign your life away FOREVER. Nothing to prevent the IL State Police from snooping for info. and sharing with the feds. Thanks Todd!
NRA contract lobbyist Todd Vandermyde is so cozy with the police unions, wonder if he got this language from the anti-gun Chiefs of Police? That looks a lot like what we used to call an open ended privacy waiver. Like maybe something from a law enforcement employment application? Hmm I wonder. Most of the hicks in southern IL who idolize Vandermyde secretly want to be cops anyway. Duty to Inform plus an unlimited privacy waiver- send in your NRA life membership!
Dude, we get it. You and vanderwhat’shisface were a couple and he dumped you. Get over it. Move on.
Thousands of CCL applicants in Illinois can’t “move on” because NRA rat Vandemyde let the anti-gunners create a Concealed Carry Licensing Review Board composed of a retired judge, two lawyers, three feds and a shrink. Instead of removing the Board from IL’s HB183 carry bill, Rep. Brandon Phelps and his sidekick sellout Vandermyde expanded Duty to Inform in SB836, touted by Richard Pearson & ISRA as an “improvement” to the carry bill. Now the rednecks can flash their CCL at Hickmart to buy ammo. Big win.
If you want to check out Vandermyde’s criminal associations, be sure to use the name Donald Todd Vandermyde. Before he became the NRA lobbyist who sold out Otis McDonald, Vandermyde worked for William Dugan at the Intl. Union of Operating Engineers local 150 in Countryside, IL. Dugan was convicted by U.S. Attorney Patrick Fitzgerald in 2010. Hardy har har “dude.”
If I were Tim Cook I would agree to develop the backdoor….
For $100 trillion dollars delivered personally by the Supreme Court wrapped in the US Bill of Rights. If the court made the order make them pay for it.
The government couldn’t even be bothered to investigate the San Bernardino terrorists’ social media accounts, which basically read “ISIS and homegrown terrorism: this sort of thing is my bag, baby!”, and you think they’re going to scoop iPhones wholesale for brute force attacks? That puts the “nuts” in “gun nuts.”
The solution to this problem is to give the phone to apple and have apple crack the phone in house with zero government supervision. Apple could pull all data off the phone and then return the phone back to its original condition before handing over the data. The optimal solution wont work here because san bernardino was an inside job and they dont want apple employees finding out .
So due to san bernardino being a huge screw up, the government is demanding apple write a backdoor, install the backdoor on the phone, and then they want apple to just hand over the phone to gov officials for who knows how long.
Everyone knows the government will flash the os/firmware with the backdoor hack and use it illegally on thousands of phones.
I would be opposed to this except:
1) it’s San Bernadino County’s phone and they have explicitly requested help in this. It’s THEIR data.
2) apple has done this 70x before, according to reports.
On the other hand, this is “narrowly” tailored argument – that some have repeated, that it only applies to THIS phone…it dubious. Once you write the software all you have to do is change the ESID discriminator (the limiting principle) within the software for the NEXT phone…
If it’s San Bernadino’s data, they should have protected it. There are apps, like AirWatch, that you can put on company and BYOD phones, that allow company IT administrators to basically see everything on the phone if they want. It is like a “voluntary backdoor.” I guarantee the feds have something like that on all their issued phones.
San Berdoo can’t claim it’s their data if they didn’t take reasonable precautions to manage it. It’s like letting employees take the only copies of their paper files home with them and put them somewhere no one can find them.
Also, if these were “professional” terrorists they wouldn’t have used San Berdoo’s phones to transact any of their business, just in case some tracking was in place they didn’t know about.
The feds will learn nothing about terrorists if they crack these phones. They will learn a whole lot about the rest of us, stuff they have no right to know. Even if they allow Apple to do a “one off” just on these phones, I don’t really trust Apple much more than I trust the Feds.
I talked with a friend who’s the computer head for a mid-sized corporation, and he’s amazed. They issue company phones, but the phones are issued with a password recorded in company files, and changing it without giving the company the new one can be sanctioned with a penalty of a month’s pay. Their view is that a company phone has to be accessible by the company, and he’s astounded that a city would issue phones without the same policy and similar strong sanctions.
Apple should tell the FBI it can’t be done, and that the issue here is that the people in charge of San Bernadino’s phones issued to employees are just losers.
Might want to get your facts straight. First, there is no need for a search warrant in this case since the owner of the phone has authorized a search, San Bernardino County. Second a judge has reviewed the request, and a warrant was issued. Third, in the cases you describe, a search warrant will be obtained. More importantly, if you think Apple will work to assist gun owners in such cases, you are sadly mistaken. Tim Cook is a homosexual who hates America and the 2nd Amendment. He and his ilk, like Facebook and Google, who are well known for hating whites, men, gun owners, and the 2nd Amendment, are only doing this to support radical Islam and destroy America and the 2nd Amendment.
Usually they unveil Batman toys, this Superman toy is often a new addition on the series.
Find out what nerfs and buffs are coming for the Death Knight class in Wo – W patch
3. Every nerf gun in the world An inflatable rubber toy
could be folded and taken to any place.
You can purchase all these toys for your child with their consent from the reliable online
kid toys store. Child development toys play a significant role
inside a child’s learning process.
A larger range enables you to move around your premises without worrying about losing signal.
Although joiners as well as other tradesmen could be made aware
with the job specification before work commences, they need to be adequately prepared to perform
the work efficiently. Dewalt or milwaukee Today, there are many manufacturers who offer such
systems for canine owners.
While the mouse could possibly have gotten its name in the cord attaching it to the computer, modern mice have shed their tails and opted to get a sleeker, cordless style.
It will probably be worth noting why these
headphones do fit somewhat bit snugly even at their biggest size, which
could be a challenge for many folks.
Kyo literally means sutra, the voice or teaching of a Buddha.
That’s the best way to avoid any kind of tricks, from others and from yourself.
What does mean on facebook
People must not be afraid to ask for help from their partners.
Since it is so widely used, it is part of two widely used acronyms–LAMP
(Linux, Apache, My – SQL and PHP) and WAMP
(Windows, Apache, My – SQL and PHP).
Before you’re ready to share some bat puns on Halloween, you need to set the stage. For one, your Halloween party won’t be complete without plenty of bat-inspired