or Connect
Styleforum › Forums › General › Current Events, Power and Money › The San Bernadino Iphone Case and The Notion of Privacy
New Posts  All Forums:Forum Nav:

The San Bernadino Iphone Case and The Notion of Privacy

Poll Results: WWSJD: What would Steve Jerbs do?

 
  • 9% (1)
    Create the Ultimo Universal Encryption Hammer and Fork it Over to Obummer Once and For All
  • 45% (5)
    Tell the FBI to "Go figure it out ya morans!"
  • 9% (1)
    Wear a black turtleneck with levi's and new balances
  • 36% (4)
    Time travel; befriend Prime Guvnah Ahhnuld, find and kill Connemara, avoid the cybernetic war
11 Total Votes  
post #1 of 46
Thread Starter 
http://www.nytimes.com/2016/02/18/technology/apple-timothy-cook-fbi-san-bernardino.html?hp&action=click&pgtype=Homepage&clickSource=story-heading&module=first-column-region&region=top-news&WT.nav=top-news
Quote:
SAN FRANCISCO — Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.

Judge Pym ordered Apple to build special software that would essentially act as a skeleton key capable of unlocking the phone.

But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

http://www.apple.com/customer-letter/
Quote:
A Message to Our Customers
The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

The Need for Encryption
Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.

For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.
Warning: Spoiler! (Click to show)
The San Bernardino Case
We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The Threat to Data Security
Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

A Dangerous Precedent
Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.
The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Tim Cook

Where does the CESSPOOL stand on this most important of modern issues?
post #2 of 46
First I'll note that what the FBI is asking for is probably technically feasible on the pre iPhone 6 models (this case is a 5C.) Newer models with the Secure Enclave are not going to be cracked in the manner the FBI is asking.

I wish they had found a way to quietly work this out behind the scenes for this case only... but I suppose once the cat is out of the bag law enforcement would only keep making requests for ever more trivial cases.

Building in back doors or master-key would be folly beyond compare.. when you consider a billion people walking around with iPhones, with more and more pieces of their lives and finances accessed through the phone, the vulnerability of a backdoor would be a huge systematic risk.
post #3 of 46
If you're the U.S. government - bullying businesses like Apple, infringing on privacy rights and equipping passenger airliners with deflection devices so they can thwart a shoulder fired rocket makes much more sense than having a sane immigration policy toward areas highly concentrated with radical beliefs.

I agree with Apple.
post #4 of 46
I think companies (service providers, developers, handset makers) should be required (by a warrant) to provide access to communications sent or stored on their equipment. If for some reason the companies can't provide access their product or service should be removed from the market or service for the device/software/network cancelled.
post #5 of 46
Quote:
Originally Posted by Joffrey View Post

I think companies (service providers, developers, handset makers) should be required (by a warrant) to provide access to communications sent or stored on their equipment. If for some reason the companies can't provide access their product or service should be removed from the market or service for the device/software/network cancelled.

That's some ignorant fascist bullshit right there.
post #6 of 46
I am not sure who the burden is on, but the guy undeiably murdered 14 people and he might have accomplices who helped or might be planning something similar. We as a society need to facilitate a way for our law enforcement to get the information in his phone so that they can do their job without enabling abuse of such privilege. I am not sure why apple can't offer an acceptible alternative to decrypt the phone.

EDIT: Actually i just had a glass of wine and thought about this a bit more. I am with Apple on this, the government shouldn't be able to force Apple to give them a backdoor no matter what.
Edited by cross22 - 2/17/16 at 7:41pm
post #7 of 46
The way I heard it on the radio this wasn't the typical "give us a backdoor!" demand. They wanted Apple to bypass some lockout scheme that erases the phone after x unsuccessful attempts to enter the password. Maybe they've gotten his other passwords and want to try them, or maybe they plan to brute force it somehow. But this is all kind of foreign to me since my experience with encryption is with personal computers that don't have any real way to lock someone out like this.
post #8 of 46
Before this case came up, I was under the impression that because of the encryption Apple uses, they would not be able to "get in" his phone even if they wanted to.
post #9 of 46
Quote:
Originally Posted by Reggs View Post

Before this case came up, I was under the impression that because of the encryption Apple uses, they would not be able to "get in" his phone even if they wanted to.

If I understand it correctly the FBI is asking them to create a new firmware that disables "erase on 10 failed retries" and push it to that phone so they can brute force the pin, which can be done pretty easily.
post #10 of 46
So I presume there's something in the iphone that prevents you from just yanking its memory out and reading the raw data off it?
post #11 of 46
Quote:
Originally Posted by Ataturk View Post

So I presume there's something in the iphone that prevents you from just yanking its memory out and reading the raw data off it?

Yes. Here is a very lucid technical explanation.

http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-order/
post #12 of 46
Quote:
Originally Posted by Joffrey View Post

I think companies (service providers, developers, handset makers) should be required (by a warrant) to provide access to communications sent or stored on their equipment. If for some reason the companies can't provide access their product or service should be removed from the market or service for the device/software/network cancelled.

Quote:
Originally Posted by NorCal View Post

That's some ignorant fascist bullshit right there.

Why? it's clearly possible and would not necessarily apply to all phones any time: http://www.bloombergview.com/articles/2016-02-17/the-apple-fight-isn-t-about-encryption Similar steps are already taken with other items. With a warrant law enforcement can search your private property (home, vehicle, person). Why is your phone exempt?

Anyway, Apple is clearly covering their backside in this situation. They can't be seen to be too eager to help the government hack their own devices. Apple will eventually lose and find some way to get the FBI access it needs.
post #13 of 46
The important thing to understand is that the government is never going to take a concession it requested for the purpose of fighting EVIL and use it against you and I. Because we aren't evil! Unless you are uhoh.gif
post #14 of 46
The FBI director has gone on record as saying he wants Apple and other phone makers to build a "backdoor" into all future smartphones for them to be able to access. The FBI couldn’t care less that they’re weakening our encryption for others to break as well. It's naive to think that any compromises added for Government access wouldn't eventually be exploited by bad actors as well.

Jeffrey's comparison of this to granting access to one's home is inept when you consider doing so wouldn't open doors to thousands of hackers from all over the world. An opened house door can be locked again. Compromised encryption cannot.

As the link Pennglock shared explained it's likely possible for Apple to comply with the FBI's demands on this particular iPhone as it's missing the secure element that the new iPhones have. The issue here is that it is setting a precedent that could make it harder for Apple to take a stand in the future and lead to the FBI getting their wishes.
post #15 of 46
It seems like the only way to make short passwords or pins secure -- by pairing it with another password or key (that's how encryption usually works anyway, though I guess this is just adding a third key), and controlling the interface to the thing that holds the extra key. But it doesn't sound like it's actually secure to me. Even on the newer ones, I doubt apple could really build those "secure computer in a computer" things that hold the second key as black boxes that are utterly impenetrable. Apple's almost certainly capable of bypassing the interfaces, even if there's no currently existing "back door."

So based on what I've read it sounds like Apple's encryption is not secure in and of itself, but it just relies on the complexity of their proprietary software/hardware, and on their refusal to cooperate in bypassing it.

If that's the case they're probably going to lose and lose hard here. But it doesn't undermine encryption -- real encryption. Apple's products are only done this way to let people use short passwords.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Current Events, Power and Money
Styleforum › Forums › General › Current Events, Power and Money › The San Bernadino Iphone Case and The Notion of Privacy