DOJ To Court: Hey, Can We Postpone Tomorrow's Hearing? We Want To See If We Can Use This New Hole To Hack In

from the oh-really-now? dept

So, this morning we wrote about a new flaw found in the encryption in Apple’s iMessage system — though it was noted that this wouldn’t really have impacted what the FBI was trying to do to get into Syed Farook’s work iPhone. However, just a little while ago, the Justice Department asked the court to delay the big hearing planned for tomorrow afternoon, because of this newly disclosed vulnerability:

Since the attacks in San Bernardino on December 2, 2015, the Federal Bureau of Investigation (?FBI?) has continued to pursue all avenues available to discover all relevant evidence related to the attacks.

Specifically, since recovering Farook?s iPhone on December 3, 2015, the FBI has continued to research methods to gain access to the data stored on it. The FBI did not cease its efforts after this litigation began. As the FBI continued to conduct its own research, and as a result of the worldwide publicity and attention on this case, others outside the U.S. government have continued to contact the U.S. government offering avenues of possible research.

On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook?s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook?s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. (?Apple?) set forth in the All Writs Act Order in this case.

Accordingly, to provide time for testing the method, the government hereby requests that the hearing set for March 22, 2016 be vacated. The government proposes filing a status report with the Court by April 5, 2016.

This could mean a variety of different things… including that the DOJ is looking for a way “out” of this case without setting the precedent it doesn’t want, after discovering that the case and public opinion didn’t seem to be going the way the DOJ had hoped it was going to go when it first brought it last month. Either way, there’s never a dull moment in this case…

Update: And the judge has accepted the request, meaning the hearing is off. The DOJ put out a statement trying to spin this as being about how they’re just really interested in getting into this one phone and not about setting a precedent:

Our top priority has always been gaining access into the phone used by the terrorist in San Bernardino. With this goal in mind, the FBI has continued in its efforts to gain access to the phone without Apple’s assistance, even during a month-long period of litigation with the company. As a result of these efforts, an outside party demonstrated to the FBI this past weekend a possible method for unlocking the phone. We must first test this method to ensure that it doesn’t destroy the data on the phone, but we remain cautiously optimistic. That is why we asked the court to give us some time to explore this option. If this solution works, it will allow us to search the phone and continue our investigation into the terrorist attack that killed 14 people and wounded 22 people.

Of course, that statement is more misleading bullshit from the DOJ. It’s pretty clear that the DOJ is just trying to get out of this case as it’s realized that the original plan completely backfired, and they were likely to lose.

Update 2: Okay, the court has officially posted its decision to grant the DOJ’s request. You can see it below as well.



Filed Under: , , , , , , , ,
Companies: apple

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “DOJ To Court: Hey, Can We Postpone Tomorrow's Hearing? We Want To See If We Can Use This New Hole To Hack In”

Subscribe: RSS Leave a comment
45 Comments
Anonymous Coward says:

Re: Re: Re:

I’m not so sure about that.

The case is, at least at this point, about this one phone. And Apple is a third party, not a defendant. If the FBI says it no longer needs Apple to help with the phone, I don’t think Apple can press the issue – at that point, they’ve won. Courts are for deciding actual controversies – once both sides say the phone isn’t needed, that’s that.

Anon E. Mous (profile) says:

Bullshit. The US DOJ knows it is in an uphill battle to get the court to agree to what it was seeking from Apple and the precedent they hoped a win would get them as a door to use a favorable ruling in other cases where devices were encrypted and rather than face a decision they would have to abide by if they lost, they now want to tuck tail and run.

The US Doj put on the full court press and lambasted Aplle every chance they got and made sure they put it to the courts and especially the public that Apple was thumbing it’s nose at Law Enforcement and was on the side of criminals and terrorists with it’s failure to give the US DOJ what it wanted.

If it wasnt for the weight of the tech companies, the EFF and others throwing their weight behind Apple would the US DOj really be backing down, I doubt it. The US DOJ was hoping to get Apple to buckle under the pressure, and Apple did not.

I really hope the court does not allow the US DOJ to back peddle it’s way out of this when they are the ones who pushed for this to get rules upon. It would be nice to get the court to put a ruling in place and set the ground rules so the US DOJ can not continue to trample all over people and companies rights because they have or seem to believe they have the power to.

Anonymous Coward says:

I very much doubt anything can prevent the Fibbies from backing out if that’s what they want.

(1) The judge has already asked them if they’d pursued all the options available using federal resources….

(2) … implying that was a relevant question.

(3) But the only way that question could be relevant would be for an negative answer to weaken the government’s case enough to cause the judge to not issue the warrant.

(4) At the time the fibbies equivocated “We don’t have to ask EVERY federal agency”… realizing the ramifications of the question.

(5) So a negative answer provides a face-saving way of getting the warrant squashed without setting any precedent.

In a month or three the fibbies can truthfully say, in court, what anyone could reasonably have said at the beginning, “we’ve investigated this phone’s data and metadata and usage patterns enough to be reasonably certain the hate criminals (not really “terrorists”, just ordinary hate-your-neighbor misanthropes with violent tendancies) did not use that phone to make their plans AND didn’t need help from anyone else to perpetrate them.”

That leaves the question open “Did they really crack the phone?” because … hey, everyone expects that the criminals used their own phones (not their work phone) to make their plans, and destroyed those phones before perpetration.

Whatever (profile) says:

Re: Re:

I think choice 1 is the most important. With the release of a new security hole, the judge could easily say that the phone is hackable as it is, get to work.

Note that it wouldn’t be a win for Apple, rather a bit of a loss. The FBI isn’t going forward for the moment because apparently Apple’s OS has a big enough hole in it that they should be able to walk right in. Apple certainly is not a winner if that is the case.

Anonymous Coward says:

Re: Re: Re:

FBI isn’t going forward for the moment because apparently Apple’s OS has a big enough hole in it that they should be able to walk right in.

How ironic that they seem to have “found” it right before the court date.

And if it’s that big of a hole (your words), you’d think they WOULD’VE found it before going through the courts in the first place.

So you say it isn’t a win for Apple, but they didn’t have to commit any internal resources so the FBI could go out for coffee & donuts, instead of doing some fucking work them fucking selves. I fail to see how that’s a loss.

CanadianByChoice (profile) says:

If the postponement is granted, just watch .. in a few weeks, there will be an announcment that, with additional research, based “in part” on the new vunerability, the FBI was able to determine that there is no useful data on the phone and, for this reason, they have no further interest in persuing their suit against Apple.
This is a ploy to save face while backing out of a situation that exploded in their faces beyond their worst PR nightmares.

Jim says:

Re: Re:

Sorry, I see it the other way. Apple should not have held off. It should have published what they were doing. Now some “Joe shmoe” has figured out, some other method of undoing apples magic. Apple said we are the only ones who can do this, and we don’t want to. TC basically thumbed his nose at the US, and gave in to China on terrorism. Now, wannabes attacked Brussels, and somebody comes forward, and says try this. I’m sorry, those who assist/enable terrorists should be punished.
How do you punish someone whose ego is that they can do no wrong?

TechDescartes (profile) says:

Look Me in the Eye and Say It Again

Exactly one month ago, the FBI was all “we can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead.” Now they’re like, “Hey survivors, just settle for an unproven hack of the terrorist’s iMessages and forget we ever asked for access to the rest of the data on the phone, mkay?”

Bamboo Harvester (profile) says:

There is no hole...

C’mon, people.

Apple bucked the FBI and stood fast, right up to where they were looking at a huge win against the government.

Suddenly, the government “finds a hole” in Apple’s SECURITY and announces it to the public.

It’s a “screw you, Apple!” move. What they REALLY just did is announce to the world that Apple’s security isn’t actually secure. It’s going to cost Apple a lot of money.

And I suspect the “exploit” doesn’t really exist.

Anonymous Coward says:

Re: Re: There is no hole...

U.S. says it may not need Apple to open San Bernardino iPhone”, by Joseph Menn, Reuters, Mar 22, 2016

From a purely technical perspective, one of the most fragile parts of the government’s case is the claim that Apple’s help is required to unlock the phone,” said Matt Blaze, a professor and computer security expert at the University of Pennsylvania. “Many in the technical community have been skeptical that this is true, especially given the government’s considerable resources.”

Matt Blaze – Research Summary and Bio.

Anonymous Coward says:

Re: Re: There is no hole...

My Take on FBI’s ‘Alternative’ Method”, by Jonathan Zdziarski, Zdziarski’s Blog of Things, Mar 21, 2016

FBI acknowledged today that there “appears” to be an alternative way into Farook’s iPhone 5c – something that experts have been shouting for weeks now; in fact, we’ve been saying there are several viable methods. . . .

Jonathan Zdziarski.

kallethen says:

Re: There is no hole...

I am doubtful that this revealed exploit will cost Apple lots of customers or money.

It is the very nature of the business that exploits will be found. Not just with Apple, but anybody in the business. Google, Microsoft, Facebook, Samsung, etc… What matters is how quickly Apple issues patches to their users to fix exploits found.

Anonymous Coward says:

Re: There is no hole...

I suspect the “exploit” doesn’t really exist.

Then you’re a fool.

Security holes are found (and publicly announced) in Apple’s products about once a quarter. It won’t affect Apple’s market because it happens, and it’s known to happen to everyone. Apple will patch it, and life moves on.

That’s not the same as knowingly keeping a backdoor to give the “Democratic People’s Republic of America” access to your information, which WOULD hurt their sales.

Anonymous Coward says:

Re: Re: There is no hole...

Apple will patch it, and life moves on.

Do you drive a main battle tank around town everyday?—to go to work, do your errands, shopping, and so on?

No one in their right mind gets too bothered that mass-market vehicles from Ford and Toyota won’t withstand “Cartridge, Caliber .50, Saboted Light Armor Penetrator, M903”.

Instead, people would rather pay for things like battery-operated passenger vehicles. Or 0 – 60 mph. They’re not as worried about certain causes of holes.

It’s a car analogy. The iPhone is a battery-operated, consumer device. No one expects their bank to use an iPhone to replace an expensive, dedicated Hardware Security Module.

Anonymous Coward says:

Re: Re: There is no hole...

“exploit”..as in the exploit claimed by the fbi.

im with bamboo. it doesn’t exist.

this is gaming by the fbi so that the door doesn’t get closed on coercing a company to do something against its will. they’ll be able to take another shot at it one day.

but my guess is you’ll never hear from the fbi about the case again.

JMT says:

Re: There is no hole...

” What they REALLY just did is announce to the world that Apple’s security isn’t actually secure. It’s going to cost Apple a lot of money.”

How is this any different to all the other times vulnerabilities are found and patched in ALL phone’s (not just iPhones). Did they all cost the manufacturers a lot of money too? Why do you think this one’s so different?

DannyB (profile) says:

I see two possible outcomes

1. The FBI breaks into iMessage and declares success. Even though they did NOT actually get control of the entire phone.

2. The FBI is unable to break iMessage but declares that in so attempting they ‘accidentally’ destroyed the phone.

Either way, this issue is now moot. No more need to order Apple to break into this phone. Thank you for playing.

Now the FBI can regroup and focus on their next attempt to get unlimited access into anyone’s phone at any time without supervision. That is what this was about, after all.

JohnnyRotten (profile) says:

If I was Magistrate Pym, I’d be furious. This stinks of gamesmanship. If she wasn’t trying to run from this as quickly as possible, some hard questions could have been asked instead of granting the request ex parte:

Was the FBI previously aware of this approach?

Has the FBI tried this approach before?

If the FBI was previously aware, why was it not tried before filing the initial motion?

Did any government agency the FBI contacted recommend this approach before?

Why is this being tried now?

Is the party with this method a private or government entity?

If a government agency, was this one previously contacted?

If a government agency, and not contacted, why not?

Who initiated the contact with the other?

When was contact first made?

When was the offer to “hack” the iphone by the party first made?

When was the offer to “hack” the iphone accepted?

Anonymous Coward says:

Re: Two completely separate issues

Matt Blaze tweet:

FBI timed this just to scoop the news cycle away from @matthew_d_green’s new paper.

The less-sophisticated public views these technical things more fuzzily than security experts like Matt Blaze. Inevitably, large segments of the public will confuse “Chosen Ciphertext Attacks on Apple iMessage” with the FBI’s undisclosed potential method.

The timing of the two announcements may be purely coincidental. However, one should not be too quick to discount the possibility that the timing is more than fortuitous—the FBI/DoJ PR game() has been in full swing.

 

() Apple’s PR has been in full swing too, but while they may have been able to influence the timing of the release of the Johns Hopkins paper, it seems less likely that Apple PR alone (in the absence of collusion with DoJ) would have had the capability to influence the timing of the DoJ CDCal Motion.

Anonymous Coward says:

Re: Re: Two completely separate issues

That may be, however there have been solutions published for weeks, including one on the ACLU website that have pointed out that Apple’s assistance wasn’t required yet the DOJ only now is claiming to have noticed that their are other options. They don’t exactly say what the option is they noticed leaving it up to the public that is paying attention to wonder and possibly be confused. The DOJ is like that though.

Tarzone of the Jingle says:

Wouldn’t it be nice if Apple or somebody, could somehow turn the tables and force this case onto the courts agenda, setting the proper precedent in law to keep the tri-letter, corporate-run, federal fascist ass-holes from just hiring another muslim-leaning moron or two to blow up another city, so the ass-holes could just run the same scam again later.

Dream on eh. You’d have to be in a democratic country to pull that kind of shit off.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...