2016 elections - because it's never too early

[Monoriu]

I don't understand.  The FBI and CIA and the American government with their arsenal of military technology have trouble hacking into a common commercial device? 

[Jacob]

How is Apple being the dumbass?

Not unlocking Johnny Terrorist's iPhone.

That was my question - how is not unlocking Johnny Terrorist's phone dumbass? Apple has outlined their reasoning - presumably you have some sort of reasoning as to why that reasoning is faulty?

[Admiral Yi]

That was my question - how is not unlocking Johnny Terrorist's phone dumbass? Apple has outlined their reasoning - presumably you have some sort of reasoning as to why that reasoning is faulty?

You know, there's nothing preventing you back from laying out why you think Apple's position is not dumbass.

I think it's dumbass because I am not in the least chilled at the thought of the FBI examining a known terrorist's phone, nor do I think it undermine's any freedom's worth protecting, as I don't think a known terrorist's right to privacy is a freedom worth protecting.

[Jacob]

You know, there's nothing preventing you back from laying out why you think Apple's position is not dumbass.

That's true, but laying out my reasoning - such as it is - would bring me no closer to understanding your reasoning, which is what I was interested in.

I think it's dumbass because I am not in the least chilled at the thought of the FBI examining a known terrorist's phone, nor do I think it undermine's any freedom's worth protecting, as I don't think a known terrorist's right to privacy is a freedom worth protecting.

The main argument I have heard - I believe that's what Apple has put forward - is that once a backdoor has been engineered, that backdoor has a high likelihood of being used outside of that context; and the likelihood of that backdoor being reproduced is much higher. Thus the objection is not about projecting Johnny terrorist, it's about undermining the security of all iOS products across the board.

I find that reasonably compelling, though I don't have a strong position. You say that Apple is being dumbass, so obviously you must have some reason to dismiss or counter the above argument. I was curious what that reason is.

[Razgovory]

Search warrants are pain in the ass for everyone.  As often as not the police will drill your locks and trash your home.  Why should Apple be so privileged that they don't need to comply with a legal warrant?

[MadImmortalMan]

Apple has complied with warrants many times to access phones.

The issue here is the FBI wants to be able to get in any phone any time in the future that they want without Apple's help.

[Razgovory]

Apple has complied with warrants many times to access phones.

The issue here is the FBI wants to be able to get in any phone any time in the future that they want without Apple's help.

Could you show me exactly where the FBI states they want access to any Apple phone at any time?

[Barrister]

Search warrants are pain in the ass for everyone.  As often as not the police will drill your locks and trash your home.  Why should Apple be so privileged that they don't need to comply with a legal warrant?

Here's the thing - the FBI HAS a court order for Apple.  Technically it's not a warrant because they need Apple's help, but the principle is the same - they have judicial authorization, and am not simply snooping around without it.

[Barrister]

Apple has complied with warrants many times to access phones.

The issue here is the FBI wants to be able to get in any phone any time in the future that they want without Apple's help.

That's not what's going on at all.

[Maximus]

Apple has complied with warrants many times to access phones.

The issue here is the FBI wants to be able to get in any phone any time in the future that they want without Apple's help.

From what I understand the issue is the FBI wants Apple to engineer a whole new backdoor where one did not exist before, thereby degrading their security.

[11B4V]

Fuck the govmint popo. 

http://www.nytimes.com/2016/02/19/opinion/why-apple-is-right-to-challenge-an-order-to-help-the-fbi.html?_r=0

http://www.nytimes.com/2016/02/20/business/justice-department-calls-apples-refusal-to-unlock-iphone-a-marketing-strategy.html

[11B4V]

Apple has complied with warrants many times to access phones.

The issue here is the FBI wants to be able to get in any phone any time in the future that they want without Apple's help.

From what I understand the issue is the FBI wants Apple to engineer a whole new backdoor where one did not exist before, thereby degrading their security.

That's the way I understand it.

[OttoVonBismarck]

Using the All Writs Act to compel a private company to do work for the government to further a criminal investigation isn't without precedent--and that's likely why Apple used to help with this stuff. In the 1970s, the government won a Supreme Court case in which it used the All Writs Act to force a telephone company to setup a pen register phone tap. There were a few reasons the court agreed with the government, namely that the telephone network was owned/controlled by the telephone company so they were clearly connected to the information, and secondly it was a reasonable request because the telephone networks themselves already had this technology. In fact, they were using the very same technology to capture fraud or other problems on their system.

In prior versions of iPhone and earlier versions of iOS, it was very straightforward to just get to the data through a PIN lock, Apple had this utility software sitting around the office essentially and used it for various utilitarian purposes. They didn't have a great argument for not helping the government since they had the means to do so easily at their finger tips--plus, these older versions of iPhone regular hackers could easily get into them, it's pretty easy to find someone who can hack into older iPhones running iOS 7 or earlier, and a few exotic approaches can be used on iOS 8.

But with this phone that is running iOS 9 there is no extant mechanism to do what the FBI wants, without creating it de novo. Is it likely that this software would be leaked? Probably not, to be honest. Because the arrangement allows the software to never leave Apple's possession, they can set it up and provide an "external interface" through which the FBI passes 4 digit PIN attempts until it unlocks. The FBI will never actually get physical possession of the installed software.

Back when iPhones were less secure and Apple itself had utility software to bypass PINs, people in general accepted and understood that smartphones weren't that secure. But the Edward Snowden stuff and increased commercial scrutiny on companies that open up data to governments has lead Apple to take a philosophical position of trying to design security solutions such that Apple itself cannot bypass them. They are doing this to remove themselves from this process.

Many people speculate that the DOJ is going after Apple for this specific case because it is the most likely to succeed under the All Writs Act argument, since signing the firmware that will allow the FBI to do what it wants, and installing that firmware on this iPhone 5C might be found to be a reasonable request (in fact at least a district judge has already found it reasonable.) The new iPhones (6 and later) that use A7 processors and have moved all of the security functions out of software and into a "secure coprocessor" (the Secure Enclave), this firmware approach would not work. The only thing that would work there is altering the Secure Enclave itself, which it's much more questionable as to whether Apple can do that in a way that would allow anyone to bypass the security. It's suspect at least for now (and Apple probably will work to change this) even the Secure Enclave could probably be bypassed since Apple is known to have ability to push updates into the SE, and with such ability there is probably a way to mess with the SE enough to make the phone vulnerable (this is all a maybe at the moment.) But what's notable is the secure enclave is a big marketing tool for Apple, the increased difficulty of circumventing it, along with the clear negative impact to their business, might make it a harder case to make under the All Writs justification. But DOJ is hoping it can set a precedent with this more "reasonable case" that will sort of grease the skids and allow it to make the same argument later against more secure versions of the iPhone.

[alfred russel]

If it is so easy to create a backdoor, why can't the FBI do it?

And then once the next wikileaks happens, everyone's iPhone will be compromised.

[OttoVonBismarck]

And the reason there is reason to believe a case involving say, an iPhone 6, would be less likely to succeed under All Writs due to it being much more difficult and potentially damaging to their business is another All Writs case this time from the 80s, involving OSHA and a lumber yard. In that case the order under All Writs was found by the SCOTUS to present liability problems for the lumber yard and thus undue expense and it was deemed unreasonable (overruling lower court rulings.)

Also it's worth noting that for this iPhone 5C case, even if the FBI took possession of the software it still probably couldn't become a universal backdoor to all iPhone 5Cs and below. This is because the firmware is specced so that it will be allowed to be signed with a key that will only work on a device with a specific UUID--the UUID of Farook's phone. Since that's "baked into" the signature itself, there isn't a way without Apple's master key used to create signatures to create a new key for a new UUID. But the fear might be that a court would order Apple to do so again and again, of course. But there wouldn't be any mechanism for third parties or the government to do it independently, only Apple or someone who has their master key can create new signatures, and since the UUID is in the signature itself you would need a new signature to use this firmware on a new phone.