Apple Responds To Order To Help Decrypt Phone, As More Details Come To Light
from the both-not-as-bad-and-just-as-bad dept
Update: Please see our more recent article detailing why it appears that this attack could apply to more modern iPhones as well.
Last night, we wrote about a judge’s order commanding Apple to help the FBI effectively decrypt the contents of Syed Farook’s iPhone 5C. Farook, of course, along with his wife, was responsible for the San Bernardino attacks a few months ago. Many of the initial reports about the order suggested that it simply ordered Apple to break the encryption — which made many people scoff. However, as we noted, that was not accurate. Instead, it was ordering something much more specific: that Apple create a special firmware that would disable two distinct security features within iOS — one that would effectively wipe the encrypted contents following 10 failed attempts at entering the unlocking PIN (by throwing away the stored decryption key) and a second one that would progressively slow down the amount of time between repeated attempts at entering the PIN.
Late last night, Apple’s Tim Cook also posted a very direct Message to Our Customers that highlights the importance of strong encryption and why this order is such a problem (some of which we’ll discuss below).
Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.
For many years, we have used encryption to protect our customers? personal data because we believe it?s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.
He notes — as I did in my original post — that the FBI is demanding (and the court has agreed) to force Apple to create a backdoor and that creates a number of concerns:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software ? which does not exist today ? would have the potential to unlock any iPhone in someone?s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.
In today?s digital world, the ?key? to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.
The government suggests this tool could only be used once, on one phone. But that?s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks ? from restaurants and banks to stores and homes. No reasonable person would find that acceptable.
Having spent a bunch of time overnight reading through the details of the DOJ’s original application, as well as reading through a few public discussions by security experts and, especially, Robert Graham’s useful thoughts about the order as well, I have some further thoughts — including that I think Cook may be slightly overstating his case with his comments, because it’s not actually clear that the backdoor the FBI is asking for would actually work on most modern iPhones, though it might work on older phones. However, the larger concerns about the order are still very much valid.
- One of the concerns I raised last night was probably inaccurate: that this could force Apple into creating a tool that would put many people’s privacy at risk. The order does seem fairly specific to just this phone. Yes, as Cook notes, if Apple is forced to do this and Apple does it successfully, that would open up similar orders for other phones, but the impact of that may be somewhat limited in that it only applies to older phones, and quite possibly older iPhones that have not updated their operating systems.
- It does seem clear that if this were a newer iPhone, which includes Apple’s “Security Enclave” system, this request would likely be impossible to meet. It’s quite interesting to read the details of how Apple’s security now works, where the Security Enclave basically cuts off this possibility, because the firmware update itself would wipe out the encryption key, effectively making it impossible to decrypt the content. It’s also possible that even in the older phone this order is still impossible, if the operating system was properly updated — in part because they may not be able to update the firmware without putting in the passcode, which is the problem they want this new firmware to solve.
- I keep seeing people say “why can’t they just copy the contents of the memory and brute force it elsewhere” but that’s not possible with the iPhone, since a part of the key comes from the hardware itself, and there doesn’t appear to be any way to extract it (and Apple does not keep it).
- The whole focus seems to be on allowing the FBI to bruteforce the passcode, which is in the realm of possibility should the two impediments above be removed, as opposed to bruteforce cracking AES encryption, which is not currently in the realm of possibility.
Graham disagrees with me over whether this is about decrypting or a backdoor — but to some extent that’s just semantics (and Cook agrees with me that it’s a backdoor). They’re not asking for a systemwide backdoor — and, indeed, it appears this approach wouldn’t work at all with more recent iPhones. However, the reason I focused on a backdoor, rather than direct decryption, is that the way most people were discussing “decryption” indicated that they seemed to think the court was ordering the impossible, which was “crack the keys you don’t have access to.” Instead, they are asking for a backdoor — just a narrow one that can only be used for this phone and would be ineffective against most modern iPhones. And then that backdoor will be used to brute force the passcode, which would then decrypt the content of Farook’s iPhone.
That said, there are still serious concerns. While the DOJ insists that its use of the 18th Century All Writs Act in this case is pretty ordinary and standard, they’re exaggerating in the extreme. Some of the previous examples they discuss do include requirements to use certain machinery in order to execute a warrant, but that’s quite different from ordering Apple to write entirely new software. The DOJ again insists that there are examples of All Writs Act requests in the past that have required software, but it’s notable that when the DOJ says this, it does not immediately cite any cases, but rather says just that sometimes providers have to “write code in order to gather information in response to subpoenas or other process.” There’s a pretty big difference between writing some scraping or search code, which this implies, and creating a special firmware as the DOJ is asking for in this case.
Also, as Cook notes, the unprecedented nature of this is that it’s not at all similar to previous cases, because this would involve actively undermining the security of devices, rather than just helping to gather information that is readily available.
In fact, even more ridiculous is the idea, as laid out in the DOJ’s application for this order, that this will not be burdensome to Apple simply because Apple writes software:
While the order in this case requires Apple to provide modified software, modifying an operating system – writing software code – is not an unreasonable burden for a company that writes software code as part of its regular business.
Uh, yeah, it can be when what you’re asking for is fairly complex and may not even be possible depending on the specifics of the way the security in the iPhone 5C is designed. And, seriously, just saying “Apple writes software, therefore any request for it to write software is not burdensome” is ridiculous on its face.
There’s a separate question, raised by people such as Chris Soghoian, about whether or not this particular use of the All Writs Act to force Apple to use its code signing keys to “sign” this new firmware violates the First Amendment in compelling speech. It will be interesting to see if Apple raises this issue in its inevitable appeal of the order.
In the end, this is both a big deal and potentially not a big deal. It’s a big deal in that after a few previous attempts to use the All Writs Act to force Apple to “decrypt” content on a phone, a court has not only done so, but done so with fairly specific instructions on what Apple has to do to create a very specific bit of software that removes a couple security features. That raises a bunch of legal questions, that I would imagine Apple will quickly raise in response as well. However, from a technological standpoint, it appears that many of these questions will soon be moot, so long as people have more modern and updated phones. But the bigger concern, as Cook notes, is the precedent here that a court can order, at the behest of the FBI, that a tech company undermine the security of a device. As he notes, once you start down that slippery slope it’s not hard to see where that can lead:
The implications of the government?s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone?s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone?s microphone or camera without your knowledge.
This particular legal battle is going to get very, very interesting.
Filed Under: all writs act, backdoors, decryption, doj, encryption, fbi, going dark, iphone, syed farook, tim cook
Companies: apple
Comments on “Apple Responds To Order To Help Decrypt Phone, As More Details Come To Light”
Not just a promise, a /pinky/ promise
As I understand it the FBI is basically asking Apple to create the equivalent of a key manufacturing device, able to create a key that will allow them to unlock a particular lock. The problem is that once they have the device, absolutely nothing is stopping them from re-purposing it and using it to create other keys, to other locks, other than a laughable promise/assertion that they won’t do so.
If the code can be used to unlock one device, it can be used to do the same to any other device with similar security, and given how utterly pathetic government computer security seems to be I wouldn’t give it so much as a month, max, before someone else got their hands on the code and started using it.
Re: No Stone Unturned?
The DOJ says: “We will leave no stone unturned as we gather as much information and evidence as possible. These victims and families deserve nothing less.” (NYT link below.) What about the shredded documents that the FBI left behind in the shooters’ apartment?
The DOJ and FBI ignored possible critical evidence in the shooters’ apartment when they released it to the landlord just two days after the shooting.
NYPD Detective Harry Houck said he was “shocked” the FBI released the apartment. Houck told Anderson Cooper on CNN: “This apartment clearly is full of evidence. I don’t see any fingerprint dust on the walls where they went in there and checked for fingerprints for other people that might have been connected to these two. You’ve got documents laying all over the place — you’ve got shredded documents that need to be taken out of there and put together to see what was shredded.” “You have passports, drivers licenses — now you have thousands of fingerprints all over inside this crime scene.” (http://newyork.cbslocal.com/2015/12/04/san-bernardino-killers-apartment-media/)
Yea, the victims’ families should be angry that their loved ones are being used as an excuse to undermine civil liberties.
NYT article: http://www.nytimes.com/2016/02/18/technology/apple-timothy-cook-fbi-san-bernardino.html
Re: Re: No Stone Unturned?
Yea, the victims’ families should be angry that their loved ones are being used as an excuse to undermine civil liberties.
Just the Families?
I think it is fair to say WE ALL should be a bit miffed about this whole problem. Terrorism has become the wet dream of our TYRANT leaders and 3 letter agencies!
Re: Re: No Stone Unturned?
Why bother combing through the physical premises when you can just dump everything off a phone (because surely the suspects put every last detail of their master plan on their smart phone)? After all, they seem committed to the idea that they shouldn’t need to trouble themselves for a warrant since “it’s just a pen register” or whatever other decades- (or century-) old law is their favorite investigative tool these days, not actual detective work.
Re: Not just a promise, a /pinky/ promise
And the correct response to this?
Tell the FBI to fuck off, and stop being lazy.
There is another more problematic issue here
Such as a government entity telling a business how to code and develop their products.
This is essentially tyranny, abuse of power, and reckless to the point that the Judge should be considered to have willfully sullied the bench on which he sits and should be removed, disbarred, and criminally charged! This is no different than a court telling a safe manufacturer that they must use a specific set of locks that will allow a key they must then give to the court to use on said safe.
There are so many things wrong with this “Order” that it is despicable! The fact that this type of stuff will continue is why those idiots in the federal land cases are going to gain traction. All of the governments branches are beginning to lean into a full assault on “The People” and their “Liberties”. It’s like the US Government is wanting another Civil War.
Re: There is another more problematic issue here
uch as a government entity telling a business how to code and develop their products.
Actually that issue is not raised by this order.
The reason is imple.
If it is possible for Apple to comply with this order in respect of the particular device – then it is also possible for someone else to do it – in other words this particular cat is already out of the bag.
On the other hand if Apple cannot do it then they cannot comply.
What would be problematic would be for the government to order Apple to make sure that its future phones are crackable – in which case the issue that you raise would be valid – and very troubling – however it doesn’t seem that that is what is being requested here.
Re: Re: There is another more problematic issue here
The builder (manufacturer) of a home(phone) sells the house (phone) to someone. Later the government demands that the builder (manufacturer) bypasses the security of the home (phone) so they can enter it.
How is that even legal?
Sure the government could hire a locksmith (developer/cryptographer) and pay them to break through the security.
But to demand that someone perform the work for them, even with compensation, just seems like something that should not be legal in a free society.
Re: Re: There is another more problematic issue here
No, because the program has to be digitally signed by Apple in order to run on the phone. Unless they give away their digital signature key (which would pretty much render any security on their phones useless, because anyone could just update the phone with whatever code they wanted) they are, in fact, the only ones who can do this.
Judge to Apple...
Just the tip.
This reminds me of how in science fiction movies/shows people with super speed can crack electronic combination keypads to high security places by simply trying a thousand passcodes a second. There are so many problems with that.
A: Even if you are fast enough to try a thousand passwords a second the hardware probably couldn’t withstand you pushing so many buttons in so little time. Chances are you’ll physically break something.
B: Any half decent security system will introduce a delay between successive password attempts after you failed to enter the correct password three times or so.
C: Any half decent security system will then proceed to disable you from attempting any more passwords and alert the administrator of your many failed attempts.
But those science fiction movies never consider these things.
Re: Re:
If they are cracking into a government system though…
Re: Re: Re:
I realize that you are making fun of the government for having abysmally poor security.
This kind of incompetence is not reserved to government.
AT&T for example, had a web site that would show you your information. If you increased or decreased a number in the address bar by typing over it, you could see another customer’s information. In fact, you could easily get information for hundreds or thousands of customers.
If you were to tell anyone of this bad security — then YOU ARE THE CRIMINAL!!!
Re: Re:
The only one I ever saw was Leverage, where the hacker said he spent the last decade putting backdoors into every government and Fortune 500 company.
Boeing manufactures airplanes so it is not burdensome for Boeing to make a modified version of an airplane upon request.
Re: Response to: Anonymous Coward on Feb 17th, 2016 @ 8:17am
That’s just the start of it. Apple manufactures the phones, so they should be able to reassemble the ones that were destroyed too by the DoJ’s logic.
Re: Re:
More like “Boeing manufactures planes so it shouldn’t be hard for them to retrofit a jet to propellers mid-flight.”
Re: Re:
TIL a cell phone is like an airplane.
Re: Re: Re:
TIL without significant burden anyone who makes anything should be able to make federally specified alternates.
Metaphors equating encrypted digital data to physical objects (i.e., accessing digital data == opening a safe)seem to fail at a very low level. But, because metaphors are so useful in understanding complex subjects, this action might be described as a judge ordering a doctor to reanimate a corpse in order to further question it.
Re: Re:
Company X builds pyramids (like those at Giza)… The FBI understand that while the pyramid was under construction someone hid some vital clue somewhere deep inside the pyramid… FBI convinces some judge to order that Company X now dis-assembles the pyramid so clue can be retrieved.
Re: Re: Re:
Gotta find where they stashed all that food in those pyramids.
Re: Re: Re:
I did not know the terrorist had access to the Apple manufacturing facilities.
If there is a security problem here the problem isn’t whether the court is asking to create a backdoor to existing hardware. If there is a ‘back door’ or vulnerability (that is Apple’s ability to exploit a weakness) then said backdoor was already there for apple to exploit. The problem is that said vulnerability is already there to begin with.
Re: Re:
There’s a few issues with your claim, first is that Apple’s options are expanded with having physical access to the device, it’s entirely plausible that with physical access Apple could force a device update.
Secondly this isn’t about using it to brute force one iPhone, it’s about that if this is forced to happen, the government could start using the same legal tools to force developers to include backdoors in all their software “In the name of national security” and would have a precedence that could force this through.
Re: Re: Re:
There is a difference between requiring manufacturers to include a backdoor that enables decryption prior to encryption and requiring manufacturers to create a ‘backdoor’ after the fact. If the device is already encrypted any ‘backdoor’ that’s been created after that is not really a back door it’s exploiting an existing vulnerability.
Re: Re: Re: Re:
(or it is a previously existing backdoor, however you wish to look at it).
Re: Re: Re:2 Re:
and lets not forget the definition of a backdoor to distinguish it from a vulnerability.
A vulnerability is a security weakness that wasn’t necessarily put there intentionally.
A backdoor is a vulnerability that was intentionally put there prior to deployment so that it can later be exploited.
The government is not asking Apple to create a backdoor. They are either asking apple to exploit an existing vulnerability or to exploit an existing backdoor (an already existing way that enabled apple to weaken a security feature). Apple can’t create a backdoor after deployment, they can only exploit an existing vulnerability or backdoor.
Re: Re: Re:3 Re:
Apple can’t create a backdoor after deployment
If they replace the firmware and/or OS with a new version, isn’t that creating a new backdoor? You could say that the fact that it’s possible to do is an existing vulnerability, but I don’t see how that makes this any less a new backdoor installed on the phone after release.
Re: Re: Re:4 Re:
The possibility to do this in a way that weakens security after deployment, after something has been encrypted and ‘secured’, is either an existing backdoor or an existing vulnerability. It’s not a new backdoor. A backdoor refers to a weakness that the manufacturer intentionally placed there prior to deployment intended to enable the manufacturer to more easily snoop on your data.
Re: Re: Re:4 Re:
I know the word ‘backdoor’ gets headlines but it’s important that we don’t misuse the word because of that.
Re: Re: Re:3 Re:
A vulnerability that requires physical possession of the phone by an adverse party AND requires Apple itself to custom-build software to target your phone isn’t the type of vulnerability most people are concerned about, though. (If you’re worried about Apple accessing your phone, then you can’t ever install any updates from them – and if you never install updates, then you possibly aren’t fixing other, more important, vulnerabilities.) And I think I read somewhere here that they’ve corrected even this vulnerability in future phones.
Re: Re: Re:4 Re:
“And I think I read somewhere here that they’ve corrected even this vulnerability in future phones.”
I think you place too much faith in their marketing.
Re: Re: Re:4 Re:
“A vulnerability that requires physical possession of the phone by an adverse party AND requires Apple itself to custom-build software to target your phone isn’t the type of vulnerability most people are concerned about, though.”
and that point can be argued separately. But to claim that this is bad because it’s a backdoor distracts from the other points that could be argued and ends up just discrediting the source that’s conflating a back door with something that’s not a backdoor. A backdoor has a specific meaning and we shouldn’t misuse it just because of headlines.
Re: Re: Re:5 Re:
This. If someone mispronounces a word, you laugh at them. You don’t rewrite all the dictionaries to reflect the new pronunciation.
I very much applaud Cook for not just giving ‘privacy’ reasons, but highlighting how it’s a security problem to create a backdoor. Too often, it seems the argument is focused on privacy vs. national security and leaves private security out of it.
While I’m not a fan of Apple’s walled garden approach to their products, I have huge respect for them taking a stance for private security and it’s certainly something I’ll keep in mind when I’m eventually shopping for a new phone.
It all starts with just one...
It will not be long before it is “urgently” needed again for another shooter or terrorist. After a while it will be child molesters. After that they will start to complain that Apple refuses to play ball with iPhone 6 and demand they write new software for that. When that isn’t possible, some judge who don’t know a smartphone from a laptop will expand it to demand that Apple and others remove those features that makes it impossible to rewrite the software.
I don’t fancy Apple that much, but I value the stand they take here immensely, because if they give in, the escalating effect is sure to come to the detriment of us all.
Re: It all starts with just one...
Forget about small fish like shooters and child molesters.
You are failing to see the big picture here.
Piracy!!!
Re: It all starts with just one...
On a serious note, I don’t fancy Apple either. (Although I once was a card carrying fanboy of the old Apple in the 80’s and 90’s.)
I am inclined to believe that it is already too late. The escalating effect is sure to come to the detriment of us all, as you say. Whether Apple wins or loses this one. It will come up again. This battle with the clipper chip and mandatory weak encryption with a government key already happened in the 90’s. Now the government wants more. Much more.
Sorry to sound like a pessimist. But I think I am actually a realist.
Good for Apple
For taking a stand against placing their customer trust atop a slippery slope.
This request might be the start of something
It sounds like the new iPhones aren’t susceptible to this kind of attack, which is a good thing. Hopefully, this will cause OS builders to consider these possibilities in the future and build their OS to resist this kind of attack.
On the one hand, if Apple gives “a file” to the FBI that they can install on the subject device, that file *will* end up in the hands of the NSA, be decompiled, analyzed, and repurposed.
On the other hand, if Apple insists they have to have the device in-shop to do the install, the courts will insist they keep on doing this until hell freezes over. “You did it once, it can’t be burdensome to do it again.”
On the gripping hand, if there’s a flaw with the implementation of the fix that causes the device to be wiped anyway, well, “oops, these things happen in software development. Sorry.” And “no, we HAD to test it on the target device and none other.” And maybe, “so get YOUR software development experts to prove this was deliberate, if you feel so strongly about it. We’ll see you in court. Again.”
Re: Re:
genius, apple changes the firmware development team’s address to that of the daycare and problem solved.
UB Trippin', DoJ
“…is not an unreasonable burden for a company that writes software code as part of its regular business.”
Like it wouldn’t be an unreasonable burden for the DoJ to operate within the law since that’s part of its regular business? Oh, right.
Re: UB Trippin', DoJ
Since when is operating within the law part of the DOJ’s regular business? (Or the FBI’s?) I would point out Aaron Swartz.
Re: Re: UB Trippin', DoJ
Since when is operating within the law part of the DOJ’s regular business?
That’s what he meant by “Oh, right”.
I don’t see what the controversy is here. Apple can’t be compelled to turn over the modified version of the firmware, but only to use it themselves to unlock the phone. They could then provide all of the extracted information from the phone, and restore the previous version of the firmware before returning the phone. That firmware version would be kept entirely under Apple’s control. That would ensure, (as long as Apple adheres to their current philosophy), that a fully vetted warrant would be needed for any subsequent use of that version. It would be the challenge of another watchdog to ensure that Apple doesn’t abuse that authority.
Re: Re:
The controversy is threefold:
‘We want you to fork your entire OS to change an underlying security feature, run it through all your normal processes, force the phone to update to it, and then dump the fork.’
‘Also, we’re not going to pay you for this.’
‘Also, once we’ve done this once, we’ll come back again and again, and eventually try to force you to make this a standard feature in your OS. After all, won’t that be easier?’
Re: Re: Re:
‘Also, we’re not going to pay you for this.’
Can’t Apple request compensation?
Re: Re:
I believe what the FBI is asking Apple to do is create a weak version of iOS, install it on a similar phone, then swap firmware chips between the two devices. This would allow the FBI’s phone to be booted and brute forced. If the phone has a good password, the FBI will likely not be successful.
For the FBI to brute force the phone, Apple has to give it to them with the compromised firmware in place and once it’s out of Apple’s control, all bets are off.
Re: Re:
EVEN IF what you describe were true, and it would not be. The FIB would grab that new firmware at gunpoint under color of law the first chance it gets.
But even if, then this simply becomes the camel’s nose under the tent. Or the foot in the door.
All law enforcement agencies will now want a revolving door into Apple for an endless stream of ‘break into this iPhone’ demands.
Of course, with the newest phone hardware this is simply impossible. What makes this case more interesting is that this is an older iPhone.
Re: Re: Re:
I think law enforcement just wants to return to the days of iPhone 4 where Apple could (and did) brute force phones for law enforcement.
I hope Apple sticks to their guns, but I think in the end Apple will lose. If the FBI can’t force Apple to comply, new telecom rules will come into place that bans wireless operators from activating devices that can’t be decrypted by law enforcement. Telecom companies are notoriously friendly to the feds.
Re: Re: Re: Re:
I agree and believe you are correct.
Forcing US companies to make insecure products makes the other 96 % of the world’s population aware that US products are mandated to be insecure by design.
Re: Re:
That’s not entirely accurate. The Order does require that the firmware be turned over to the FBI. In addition, the back doors is created by the mere existence of the firmware, which does not currently exist now. As long as it has not been created, there is no risk. Which is what Apple has promised its customers…that even the company can’t bypass the encryption. Once they create it, then that no longer holds true. Not to mention the fact that there is now one or more people running around that knows exactly how to do it.
Two sides to this for Apple
Which would imply that if Apple seriously considers this everyone will be dumping their old iPhones for the “modern iPhones” (i.e. more sales!) — if they trust Apple at all after this (i.e. fewer sales!).
As for brute forcing:
I would think they could copy all the data off the existing phone, encrypted though it may be, just in case they “accidentally” cause a data wipe; whether they could copy that (encrypted) data back may be an issue, but it would seem to be a way to start.
Re: Two sides to this for Apple
If you read the link about how iOS security works, at least in the latest phones, newer than this present case, a data wipe simply consists of the Secure Enclave destroying the decryption key. No need to wipe anything. It’s all just a bunch of encrypted data that statistically resembles random noise. Good luck decrypting it without the key.
What the FBI wants here is to get hold of the key. But wouldn’t it be easier to simply torture the defendant? It seems the court could simply order that, it is more likely to be effective, and would cost significantly less. And it is the in accordance with the values of the Untied Police States of America.
Re: Re: Two sides to this for Apple
While normally true… it’s a little hard to get a pass code out of the deceased.
Re: Re: Re: Two sides to this for Apple
Time for a seance.
Re: Re: Re:2 Two sides to this for Apple
Time for a seance
I’m sure that that will work – I’ve seen it on TV cop shows – that “Medium” program!
Re: Re: Two sides to this for Apple
The Government can already get a Court issued warrant and make you unlock your phone. If you don’t do it you get thrown in jail. it’s been done in the past. In this case, the TERRORISTS were killed!!! So they can’t get anyone to unlock it. Why they’re making some big stink about this one? No one going to trial, they’re DEAD!!!
Re: Re: Re: Two sides to this for Apple
The Government can already get a Court issued warrant and make you unlock your phone. If you don’t do it you get thrown in jail.
That varies by jurisdiction, it hasn’t been settled by the Supreme Court.
Re: Two sides to this for Apple
You would think at some someone somewhere would have thought of taking an image and loading it into an emulator.
Re: Two sides to this for Apple
I would think they could copy all the data off the existing phone, encrypted though it may be, just in case they “accidentally” cause a data wipe; whether they could copy that (encrypted) data back may be an issue, but it would seem to be a way to start.
Because that wouldn’t do them any good. They are currently trying to brute force the phone’s access key, which requires the phone hardware. If all they had was the encrypted data, they would have to directly brute force the encryption, which isn’t feasible in any useful time frame. I don’t know if it’s hundreds of years, or millions, or billions, but way too long. That’s my understanding anyway.
Unduly Burdensome
Who would pay for this new software development? Apple? The Taxpayers?
Will Apple be compensated for the opportunity cost of lost time to market? What if Apple were to miss a major market opportunity because they have to divert significant resources into a development effort? Would Apple be compensated for that?
Can the court require the FBI to post a several billion dollar bond to cover this possibility?
Or maybe the FBI can use their own resources to recruit and employ the developers who would do this work? (Oh, yeah, a government run software development project. Those always work out well.)
Is there some standard dollar amount to how high a barrier Apple should be required to jump over? What if Apple designs a device where the cost to break into it is absurdly high? Why should Apple be considered more capable of breaking it than our good fiends at the NSA? [sic]
In this present case, is the cost to absurdly high to require Apple to comply with this order without compensation?
The ultimate question: can the government require that nobody is allowed to build devices that are secure enough that it is infeasible to break into them? Or should the world be aware that US devices are mandated to be insecure by design?
Re: Unduly Burdensome
The FBI could re-assign some of their expert game developers to work on it…
http://arstechnica.com/tech-policy/2016/02/kids-forget-console-gaming-play-the-fbis-browser-based-game-instead/
Re: Unduly Burdensome
To address your points:
According to the order, “Apple shall advise the government of the reasonable cost of providing this service.” So I would guess that means the government (and therefore the taxpayers) are paying.
According to the order, “To the extent that Apple believes that compliance with this Order would be unreasonably burdensome, it may make an application to this Court for relief within five business days of receipt of the Order.” So if they stood to lose a billion dollars from a missed market opportunity, they could inform the court and get this order delayed or something.
The FBI cannot create this program – even if they had the knowledge allowing them to create it, they cannot provide the signature that would allow it to run, since only Apple has that. And Apple, given the choice, would much rather write this themselves than blindly sign something that the FBI gives them. There’s a huge difference in security risk.
Some government officials do think that backdoors should be mandated, but that’s not currently the law.
risks and penalties
Cellphones are far, far beyond a simple phone, and most of us conduct transactions as well as communications on ours. So, if someone with ill intent gets access to such a backdoor, imagine the damage that could result. What would happen if millions of bank accounts were compromised?
Now, let’s consider just who is supposed to have custody of said backdoor. We’re now learning how our past four secretaries of state mishandled critical state secrets. This isn’t a partisan issue, and it’s more than just one person. Powell, Rice, Clinton, and Kerry seem to have issues with keeping critical information to appropriately secure communications pathways. Those guys are at the top of the security food chain, and they can’t stick to procedure.
Such backdoors should never happen, and even pressuring for such a security weakness should be considered providing material support when that backdoor is eventually misused. A government that cannot protect the secrets that it has certainly can’t be trusted to protect secrets when we weaken security even further.
Here’s what I don’t get… Even if this is the newest iPhone 6S, couldn’t someone open up the phone and jtag the chip to get the secret key? Apple has the schematics so the FBI could ask for a warrant on those and not have to labor in reverse engineering like a jail breaking (think mod chips for various consoles) community would. I don’t agree with them getting the data, as we know this will be used against various others, like Angela Merkel again, but it definitely seems possible.
Re: Re:
The last action in programming the security device is to blow the fuse that allows it to be programmed, and for a device intended to implement a security feature, its programming capabilities cannot be re-enabled.
Let's blame Sheri Pym
“Prior to her appointment, she served as an Assistant U.S. Attorney and Chief of the Riverside branch office of the United States Attorney’s Office, doing mostly criminal prosecution work.”
Need we say that the Riverside branch is one of the most corrupt and abusive branches in one of he most corrupt and abusive federal jurisdictions?
The scariest part is...
The scariest part is not even this order but when reading the various outlets on this news you find there are literally masses of people that are completely acceptable to what the FBI wants… some going so far as to bash others for being against it and claiming they support terrorism. Sorry, I’m not willing to give up my rights to our own government because they promise it helps protect us when in fact they are slowly dousing the rag with ether with hopes to surprise us and slip it over our face and drag us off to conformity.
Re: even scarier
What scares me even more is that these people will be allowed to vote.
Re: Re: even scarier
What scares me even more is that these people will be allowed to vote.
You prefer people who disagree with you should not be allowed to vote?
Re: Re: Re: even scarier
Nice strawman.
I have often thought that there are 3 things that would tell me that my Federal Government is no longer representative of me, nor cared one whit about the Constitution, and that would presage the implementation of even darker policies that are indistinguishable from Fascism.
At the point any or all of the 3 are implemented, I would thus have to make a decision as to whether I wished to support the Government that implemented them any longer. Support with my votes, with my taxes, or with my consent that this Government represented me.
They are:
– Banning of guns
– Banning of physical cash
– Banning encryption
It sure appears that several of these are soon to be on the table to be banned. And when one goes, the next…and all 3…are likely soon to follow.
If my nightmare scenario comes true, there may be a point at which all those dildos and lube sent to the Malheur Mormon Crazies are no longer so damn humorous.
They may have been (in my opinion) the wrong people, at the wrong time, in the wrong place, but at their heart…all they are saying is that the Federal Government is overreaching.
Reddit bathroom humor and derision aside…is there not the slightest grain of truth to this fear?
We want you to write a handbook on how simple people can build nuclear fission devices using simple household ingredients. But we’ll destroy it after we read it, promise.
I think you missed the most important sentence in the letter: “But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.”
Once useful software exists it doesn’t ever go away.
It's All About the Attitude Here
The FBI NOW seems to be concerned about preserving the evidence on the phone. Why weren’t they concerned about preserving the life of the owner of the phone?
And since enhanced interrogation seems to be OK in the U.S. I’m sure (not really, but some think it works) they could have extracted the password in time.
Some will say the terrorists were heavily armed and maybe had explosives with them, and so force begets force. But I think if you think more tactically and with the a bit of logic the SUV could have easily have been trapped and the police could have hid inside their armored vehicles and easily have wait out the terrorists if they thought about this before they “Bonnie and Clyde” the crap of them.
And maybe they would have martyred themselves anyway, but at least try to use non-lethal means in a situation. What is the real cost of a little bit time and and a little bit of non-lethal persuasion?
Re: It's All About the Attitude Here
Having to prove a case in court.
PR and Propaganda circle jerk.
That statement by Cook is so stuffed full of deliberately implied BS it’s staggering that no one called out any of it- an average uninformed person would conclude that iphones can’t be spied on or tracked.
Here’s a much better press release:
http://www.americansfortaxfairness.org/badapple/
I wonder how many favours a company has to do to get away with shit like that….
Apple doesn’t need to protect customers- they need customers to believe they’re trying to protect them; and they need plausible deniability when it’s shown they didn’t.
Re: PR and Propaganda circle jerk.
Except that we’re discussing encryption of a phone that is already turned off, and creating a new operating system that disables bricking a phone for EVERY customer on the planet using iOS, not to mention the eventual requirement to unlock EVERY OS on EVERY telephone manufactured, all of which has absolutely NOTHING to do with the article you linked. Nice try.
Re: PR and Propaganda circle jerk.
That statement by Cook is so stuffed full of deliberately implied BS it’s staggering that no one called out any of it
Well go ahead, tell us what’s wrong with it.
Here's an idea for the FBI
Instead of using time, money and personnel to create ersatz terrorists by entrapping impressionable and unstable people, why not — and I know this is highly unorthodox — spend those resources on good old-fashioned detective work (the kind that sufficed nicely before cell phones existed) directed at real live actual bona fide terrorists?
History Repeating Itself
Uncle Sam is trying to force phone manufacturers to invent a back door for them which – honest, sir – they’ll use only once. He’s trying to use this case as a back door (pun definitely intended) into that requirement.
Can anyone here remember the clipper chip?
Need I say more?
What scares me the most, is that they WANT to decrypt what is a essentially, our lives, like an open book, not out in the open where the search without warrant is obvious
What scares me, is their mentalities, they see absolutely nothing wrong with this…….so i ask myself, what are these people gonna turn our world into
THAT’s, whats scary! A million times so then the distractions they pile on us………THIS, going down this road, has the potential to be SOOOO much worse then anything we face today
Absolute power, non restrained, and no meaningfull safeguards………and even then, they should only be granted say 0.1% of everything their asking……as some of the shit their asking to have the ability too do, should be straight up denied……..ON INSTINCT
Just to put things in perspective, this is ths amount of level of trust i have with “civilised” governments these days
With an observation like
“DOJ again insists that there are examples of All Writs Act requests in the past that have required software, but it’s notable that when the DOJ says this, it does not immediately cite any cases”
I imediately think
…because their lying, or stretching a “truth”
….or their afraid of opening another can of secret worms
Hey FBaI.. first try 0000 then 1111 then 1234….
Usually works
I think part of the issue here is that Apple doesn’t want to admit it can be done. If they follow the court’s order and do in fact unlock the phone, they will have blown away more than half a decade of hype on the topic.
Moreover, if Apple can do it easily (say a supplier does keep a list of keys, or Apple has in fact kept a list or an algo which can be re-run to obtain the key), then they would take a seriously huge hit.
See, if the truth is that Apple cannot do it, they would just comply with the court order by attempting to do it, prove that they cannot do it, and it would end at some point (say a year or two from now) when Apple proves it would take years of machine time to try to brute force because there is no other choice.
The choice to fight against the court order may be philisophical, may be part of their belief system, but the vigor and aggressive nature of the response makes me think that they already know the answer, and that they don’t want you to know it.
Re: Re:
I think part of the issue here is that Apple doesn’t want to admit it can be done.
I don’t think anyone, including Apple, is arguing that it cannot be done. Only that it should not be done.
Re: Re:
Why would Apple spend a year trying to do something they know they can’t do, rather than tell the court now that it can’t be done? That would be insane. And the order itself tells Apple that it should tell the court within 5 days if compliance is not reasonable. Why shouldn’t they just do that?
Even if Apple did secretly have the key or a way to regenerate it, this order doesn’t even ask for that. The order does not direct them to attempt to unlock the phone or provide the key; it orders them to give the government a program to do specific things to make it easier for the government to brute-force the passcode.
“Apple’s reasonable technical assistance shall accomplish the following three important functions: (1) it will bypass or disable the auto-erase function whether or not it has been enabled; (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT and (3) it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.”
Re: Re: Re:
the point is that the nimber of pincodws is very limted at maximum 6 digits… so 10^6-1 combination possible. The real issue is the lockout and the 5 second delay per try, put thereto stop bruteforce attacks. Otherwise. Apples security is fairly lame.
Re: Re: Re:
Part of the issue here is that while Apple makes all sorts of noise about the “secret” UID used as part of the salt in the encoding and decoding process, they don’t happen to mention that the actual security is really limited to two things: 5 second delay per pin code entered, and a maximum of 10 tries. Both of those things are entirely artificial and should be able to be removed or circumvented. Once you remove them, the relatively small size of the passcodes (4 digits on older phone, up to 6 on newer versions of their OS) is an absolute dawdle to get past. Literally less than 1 million possibilities, and at 1 per second it would take less than a half a month to plow through them.
The key of course is that this would render Apple’s encryption scheme moot for law enforcement, as having the physical device (and an applied patch) would allow any device to be viewed within a reasonable period of time.
Apple may find itself fighting a losing battle on this one.
In the future: “Please think of our children. We don’t want our babies using evil encryption, which will be used in the next 9/11.”
I do not agree with Masnick’s confidence that this will only affect older devices. Once the FBI gets the firmware from Apple, they will not settle with just using it on Farook’s phone. They will reverse engineer it to make it work on all Apple devices. I doubt that Apple would totally change the security architecture of their devices between releases.
Re: Re:
They will reverse engineer it to make it work on all Apple devices.
Do you have any references indicating that this is possible?
I doubt that Apple would totally change the security architecture of their devices between releases.
ARM (which Apple uses) substantially changed the security architecture of their chipset, and Apple took advantage of that new architecture.
https://www.quora.com/What-is-Apple%E2%80%99s-new-Secure-Enclave-and-why-is-it-important
I’m sure there are plenty of other references on Secure Enclave if you’re interested.
They don't need a firmware change
or do they just not have the 200$uk? boingboing.net/2015/03/19/brute-force-iphone-password-gu.html
and yes, 200 not 200k.
Re: They don't need a firmware change
or do they just not have the 200$uk?
What is a $uk?
Interesting though, I wonder why they went to Apple rather than using this hack.
Re: Re: They don't need a firmware change
Apple may have patched the vulnerability that allowed that device to work. A search on the CVE number mentioned in the article indicates that there was a patch for it (if indeed that was the vulnerability indicated in the CVE – the article itself wasn’t sure.)
Re: Re: They don't need a firmware change
$uk means british pounds, $usd is US dollars, etc. your exchange rate may vary….
Re: Re: Re: They don't need a firmware change
Actually £ is British pounds. The dollar symbol is not used for that currency because it isn’t dollars. And US dollars is US$ or USD.
this is just a smokescreen so that gov agencies with billion dollar budgets can point at someone else for the reason why they can prevent terrorism. sadly it seems to be working. a significant portion of people are now looking at apple instead of wondering where all that tax money went to.
What if Apple fails?
What if Apple complies after losing on appeal but ends up bricking the phone or destroying the contents? Is the government then going to accuse them of criminal contempt for the fail and if so, how could they prove it without threatening apple programmers with jail unless they testify against others to help the government get convictions? There’s a whole other layer of evil lurking here depending on how this plays out.
"Regular business"
Since Apple does maths as well, the order could also read:
“While the order in this case requires Apple to provide a mathematical proof that P=NP, creating a mathematical proof — doing maths — is not an unreasonable burden for a company that does maths as part of its regular business.”
Bad mistake by the FBI
The FBI has behaved with stunning stupidity in this case, because the entirely predictable publicity just reminded every future terrorist to destroy their main phone before they attack, so the FBI will get *less* information in future.
Fools
just ask the NSA, Facebook, and a couple of other entities. ATT probably has the text messages still (isn’t it required that ISP’s hold all data for 3+ years in case of this kind of stuff), and there are other things on the phone.
turn on the phone (no password), and see what it is communicating with (MITM attack).
this way, we the people, can truly see who our friends are (right now, apparently Apple)
New article..
We just posted a new article with an explanation that this attack CAN work on modern iPhones as well, and that the Secure Enclave in those devices actually does not work the way many security experts thought it worked…