Apple Might Be Forced To Reveal & Share iPhone Unlocking Code Widely

from the not-so-easy dept

Among the many questions swirling around the challenge to U.S. Magistrate Judge Sheri Pym's Order that Apple create software to bypass the iPhone passcode screen, a matter of paramount public interest may have been overlooked: Even if the government prevails in compelling Apple to bypass these iPhone security features: (A) evidence for use in a criminal trial obtained in this way will be challenged under the Daubert standard (described below) and the evidence may be held to be inadmissible at trial; and (B) the Daubert challenge may require disclosure of Apple's iPhone unlocking software to a number of third parties who would require access to it in order to bring the Daubert challenge and who may not secure the new software adequately. To state that neither consequence would be in the public interest would be an understatement in the extreme.

The Daubert challenge would arise because any proffered evidence from the subject iPhone would have been obtained by methodology utilizing software that had never been used before to obtain evidence in a criminal trial. The Supreme Court, in Daubert v. Merrill-Dow Pharmaceutical-Dow Pharmaceuticals, Inc., held that new methodologies from which proffered evidence is derived must, when challenged, be substantiated by expert scientific testimony in order to be admissible. In Daubert, the court stated that the criteria that must be utilized when faced with a defense challenge to scientific testimony and evidence are:
  1. Can the methodology used to reach the expert's conclusion (the new software here) be tested and verified?
  2. Have the methodology and software been peer-reviewed and has the review been published in a peer-reviewed journal?
  3. Do the techniques used to reach the conclusion (here, to obtain the evidence) have an ascertainable error rate?
  4. Has the methodology used to generate the conclusion (the evidence) been generally accepted by the relevant scientific community?
Under the Daubert standards, introduction of evidence from the iPhone, electronic communications and data stored in the phone, would require the testimony of an expert witness to, among other things:
  • establish the integrity of the data (and its reliability) throughout the chain of custody;
  • explain whether any person or software could modify the data coming off of the phone;
  • verify that the data that came off the phone as delivered by Apple and held by law enforcement was the data that had originally been on the phone;
  • explain the technical measures, such as the digital signatures attached to the data, used ensure that no tampering has occurred and their likely error rates.
Such an expert would, in preparation for his or her testimony, require access to and examination of the software, as it is inconceivable that defense counsel would simply accept the testimony of the Apple personnel without also demanding that their own, third-party, experts have access to the code.

In addition, defense counsel would undoubtedly demand the right for their own third-party experts to have access not only to the source code, but to further demand the right to simulate the testing environment and run this code on their own systems in order to confirm the veracity of evidence. This could easily compromise the security of the new unlocking code, as argued by in the amicus brief filed with Judge Pym by Jennifer Granick and Riana Pfefferkorn from Stanford's Center for Internet and Society (also covered previously by Techdirt):
There is also a danger that the Custom Code will be lost or stolen. The more often Apple must use the forensic capability this Court is ordering it to create, the more people have to have access to it. The more people who have access to the Custom Code, the more likely it will leak. The software will be valuable to anyone eager to bypass security measures on one of the most secure smartphones on the market. The incentive to steal the Custom Code is huge. The Custom Code would be invaluable to identity thieves, blackmailers, and those engaged in corporate espionage and intellectual property theft, to name a few. 
Ms. Granick and Ms. Pfefferkorn may not have contemplated demands by defense counsel to examine the software on their own systems and according to their own terms, but their logic applies with equal force to evidentiary challenges to the new code: The risk of the software becoming public increases when it is examined by multiple defense counsel and their experts, on their own systems, with varying levels of technical competency. Fundamentally, then, basic criminal trial processes such as challenges to expert testimony and evidence that results from that testimony based on this new software stand in direct tension with the public interest in the secrecy and security of the source code of the new iPhone unlocking software.

At best, none of these issues can be resolved definitively at this time because the software to unlock the phone has not been written. But the government's demand that the court force Apple to write software that circumvents its own security protocols maybe shortsighted as a matter of trial strategy, in that any evidence obtained by that software may be precluded following a Daubert inquiry. Further, the public interest may be severely compromised by a court order directing that Apple to write the subject software because the due process requirements for defense counsel and their experts to access the software and Apple's security protocols may compromise the secrecy necessary to prevent the proposed workaround from becoming available to hackers, foreign governments and others. No matter what safeguards are ordered by a court, security of the new software may be at considerable risk because it is well known that no security safeguards are impregnable.

The government may be well advised to heed the adage, "Be careful what you ask for. You may just get it." Its victory in the San Bernardino proceedings may be worse than Pyrrhic. It could be dangerous.

Kenneth N. Rashbaum is a Partner at Barton, LLP in New York, where he heads the Privacy and Cybersecurity Practice. He is an Adjunct Professor of Law at Fordham University School of Law, Chair of the Disputes Division of the American Bar Association Section of International Law, Co-Chair of the ABA Section of International Law Privacy, E-Commerce and Data Security Committee and a member of the Section Council. You can follow Ken @KenRashbaum

Liberty McAteer is an Associate at Barton LLP. A former front-end web developer, he advises software developers and e-commerce organizations on data protection, cybersecurity and privacy, including preparation of security and privacy protocols and information security terms in licensing agreements, service level agreements and website terms of service. You can follow Liberty @LibertyMcAteer

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    TheResidentSkeptic (profile), 9 Mar 2016 @ 11:44am

    No reason to panic..

    ..we'll just pass a law making illegal for bad guys to have a copy.

    reply to this | link to this | view in chronology ]

    • icon
      Aaron Walkhouse (profile), 9 Mar 2016 @ 4:16pm

      Daubert and defence counsel access are both irrelevant here.

      Daubert requires a new methodology [such as DNA analysis]
      to trigger a scientific review. That's why the four prongs
      cited are an obvious poor fit to this case.

      1. This software is tested/verified by the sole defendant.
      2. Peer review is not, and never will be, relevant here.
      3. A backdoor works or it doesn't. There can be no error rate.
      4. There is no "relevant scientific community" for Apple's
      proprietary trade secrets, particularly when the original
      court order specified the software be destroyed upon use.

      The software proposed may be new but there is no new
      technological or scientific research needed to make the
      software or use it and development is limited to altering
      or disabling established code already in use.



      Likewise, the prospect of defence counsel demanding access
      falls moot before the fact that Apple is the sole defendant
      for this and future All-Writs cases on iPhones.

      Other defendants may wish to suppress evidence obtained by a
      backdoor but they won't be able to get their hands on the
      backdoor itself because the presence of the evidence proves
      that the backdoor worked. Nobody would be able to argue
      that a mere backdoor conjured up evidence that was not
      already there to be found and they couldn't use Daubert
      because it's just a backdoor and not a new scientific method.

      reply to this | link to this | view in chronology ]

      • icon
        Whatever (profile), 9 Mar 2016 @ 5:07pm

        Re: Daubert and defence counsel access are both irrelevant here.

        I think you nailed it here. There is no new technology, there is no new methodology in play. Encryption (and the decryption) of digital information is well known and reliable technology.

        Moreover, let's be clear here: When you decrypt something, you either get the data in the clear or you get garbage (you failed!). It's not like it's suddenly add "I buried the body in the backyard next to the orange tree" in every document.

        It seems like this argument is more of a defense lawyer trying to delay the inevitable rather than a strong legal argument. I'm not a lawyer, but even I can see this one as insanely weak and likely to be tossed.

        reply to this | link to this | view in chronology ]

        • icon
          Aaron Walkhouse (profile), 9 Mar 2016 @ 5:28pm

          As both arguments are more likely to annoy a judge than create a delay…

          …I'd say any lawyer with actual skin in the game wouldn't even try either one.   ;]

          reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 9 Mar 2016 @ 5:53pm

        Re: Daubert and defence counsel access are both irrelevant here.

        Other defendants may wish to suppress evidence obtained by a
        backdoor but they won't be able to get their hands on the
        backdoor itself because the presence of the evidence proves
        that the backdoor worked. Nobody would be able to argue
        that a mere backdoor conjured up evidence that was not
        already there to be found and they couldn't use Daubert
        because it's just a backdoor and not a new scientific method.


        At what point is it demonstrated that it was in fact just a back door and not a malicious software package that planted evidence in the device?

        reply to this | link to this | view in chronology ]

        • icon
          Aaron Walkhouse (profile), 9 Mar 2016 @ 6:16pm

          At the point where it was used, in the presence of FBI and
          Apple experts, to retrieve the data and put it directly
          into the chain of custody. ‌  Everyone present would be
          require to swear to every step of the procedure they
          carried out. ‌  It's standard practice which courts respect.

          As all it did was unlock the phone there was no opportunity
          for the backdoor to directly access the data; because that
          was done by the iPhone's normal operating system using it's
          normal, built-in functions that nobody can suspect as being
          new or unique to that one phone.

          It's like getting a landlord to unlock a door for you.   He
          never went inside after opening the door because that's the
          cops' job. ‌ Later on, all he can testify to is that he opened
          the door and let the cops in at that date and time; after
          that the scene is in police custody and only they can keep
          track of what they do and when; thus, a chain of custody.

          reply to this | link to this | view in chronology ]

          • icon
            nasch (profile), 9 Mar 2016 @ 6:32pm

            Re:

            It's standard practice which courts respect.

            Of course, they also assume police never plant evidence or lie on the stand, and we see how well that plays out.

            because that
            was done by the iPhone's normal operating system using it's
            normal, built-in functions that nobody can suspect as being
            new or unique to that one phone.


            I thought this was about replacing the normal software with new software that disabled security features.

            reply to this | link to this | view in chronology ]

            • icon
              Aaron Walkhouse (profile), 9 Mar 2016 @ 7:00pm

              The only functions involved in this All-Writs order is the
              login screen itself. ‌ That login screen has very little
              functionality because it is only designed for one task; so
              any elaborate spy code to meddle with data would cause an
              obvious case of bloat that any one of the people involved
              could detect. ‌ You can be sure that Apple techs would not
              let such shenanigans go unreported.

              One tech unlocks the phone, signs off on what he did and
              removes the tool, then the investigators go get the data,
              every step of which is logged and signed for. ‌ The process
              is rigorous.

              After that it's all unchanged IOS code being used by
              investigators directly because the phone and it's revealed
              unlock code is now in their sole custody. The custom login
              screen, no longer needed, would be replaced with the
              original so the iPhone could be unquestionably certified as
              absolutely in it's original state; thus placing it's
              contents securely in a properly managed chain of custody.

              If the folks operate as usual, dot all of their i's and
              cross all of their t's, a court will have no reason to
              question the process unless something unexpected happens;
              like evidence showing up early or late in the process and
              conflicting with the logs already in hand. That is rare.

              reply to this | link to this | view in chronology ]

              • icon
                nasch (profile), 9 Mar 2016 @ 8:01pm

                Re:

                The custom login
                screen, no longer needed, would be replaced with the
                original so the iPhone could be unquestionably certified as
                absolutely in it's original state


                The only way the phone is in its original state is if it's factory reset. The fact that the original software was put back on the phone doesn't prove anything about what else might have happened to the data. Everything you're saying makes sense, but it seems to me (not a lawyer) falls short of proving that the data hasn't been tampered with. But maybe the defense just basically has to take the investigators' word that they didn't screw with it. That wouldn't surprise me.

                reply to this | link to this | view in chronology ]

                • icon
                  Aaron Walkhouse (profile), 9 Mar 2016 @ 8:46pm

                  The original state of the evidence here is when the suspect
                  last had it in hand
                  , not before the factory shipped a new phone. ‌
                  A blank phone is evidence only that a phone exists! ‌ ;]

                  If all that's changed is the login screen, then after the
                  access code is obtained with it and the original login
                  screen is replaced, the logs of that process and the sworn
                  testimony of all involved prove the OS and data have not
                  been altered by the process at the time the data was
                  finally accessed and copied to FBI assets. ‌ Even then,
                  originals are preserved and locked away from subsequent
                  investigators while backups are also locked away to
                  preserve the chain of access.

                  Until the phone is unlocked it is impossible to alter the
                  encrypted data and after the phone is unlocked it is
                  impossible for anyone to have unsupervised and unlogged
                  access to the data.

                  Because chain of custody procedures are followed only one
                  person at a time has custody, usually supervising
                  and/or assisted by one or more people as he/she works.

                  These procedures, familiar to all officers, agents and
                  courts, are trusted for good reason; because it is
                  practically impossible to tamper with evidence without
                  leaving "fingerprints" and the logs show who had custody
                  when such "fingerprints" showed up.

                  The legal system has had decades of practice with these
                  procedures and it is very rare that someone finds new
                  loopholes to exploit. You may theorize that one may exist,
                  that someone has the means, motive and opportunity to
                  exploit it, and that someone also coincidentally has custom-
                  tailored false evidence to plant but the odds of [loophole]
                  + [means] + [motive] + [opportunity] + [fake data that
                  fools everybody] all coming together at the same time is so
                  low that it tends to be impossible, especially in cases as
                  complex as this with so many investigators and lawyers involved.

                  It is those decades of history and case law which creates
                  trust in chain of custody. Defense attorneys in other cases,
                  [not this one because the criminals are dead] will often poke
                  and prod at the chain of custody because that is what they
                  are expected to do. ‌ Most of the time they only prove that
                  the evidence is solid.

                  reply to this | link to this | view in chronology ]

                  • identicon
                    AJ, 10 Mar 2016 @ 8:16am

                    Re:

                    I think I read where Manhattan alone has upwards of 150 I phones in evidence that are "locked". So if they create the tool, then destroy it per the court order. Are they going to have to do that for every phone law enforcement wants to get into? There could potentially be thousands of phones across the country. Then what? Russia? China? This is a horrible idea.

                    If I were Apple, this would compel me to release an immediate patch to all phones removing this as a possibility. It is after all, a security hole. They would be right to make it impossible to do, because if it's possible, we will force them to do it when it suits us, and do so regardless of the long term broader implications.

                    reply to this | link to this | view in chronology ]

                    • icon
                      Aaron Walkhouse (profile), 10 Mar 2016 @ 10:30am

                      I think the Apple plan is to prove that this proposal is
                      both an unreasonable burden and an unlawful expansion of
                      All-Writs.

                      Forcing highly valuable resources to this unprecedented
                      task costs a lot of money each time, especially as they
                      will not be compelled to keep a copy for future uses. ‌ The
                      FBI might claim they are willing to pay the bill but they
                      have no idea how big it would actually be and once they do
                      find out they will typically resort to asking the courts to
                      force Apple to pay the full price because "civic duty".

                      Worse, forcing Apple to be State Safe-cracker for more cases
                      in an uncertain future will immediately devalue the entire
                      corporation and all of it's products in the public view, and
                      thus on Wall Street. ‌ The immediate loss will be billions
                      even before the first phone is breached. If it continues
                      on to other phones in other cases [using this as precedent]
                      then those losses will become permanent and may even deepen
                      to the point where thousands of American and Asian jobs will
                      be lost forever. ‌ That is definitively an unreasonable
                      burden which a court ignores at Apple's and it's own peril.


                      All-Writs was crafted for access to available documents only!
                      Redefining it to force "landlords" of any kind to become
                      safecrackers for the state is clearly beyond the text and it's
                      intention, no matter how the FBI want to portray it as an
                      attempt to "keep up with the times". ‌ The courts will have
                      no other choice but to tell the FBI that they will have to
                      ask for new legislation because the courts don't have the
                      authority to expand law past constitutional protections
                      or the actual text of the legislation.

                      Bending a law against the constitution to fit needs is not
                      unusual but actually breaking it or changing a law to create
                      new authorities or powers is legally impossible, inviting
                      sanctions against an offending judge..

                      reply to this | link to this | view in chronology ]

                      • icon
                        nasch (profile), 10 Mar 2016 @ 11:07am

                        Re:

                        All-Writs was crafted for access to available documents only!
                        Redefining it to force "landlords" of any kind to become
                        safecrackers for the state is clearly beyond the text and it's
                        intention, no matter how the FBI want to portray it as an
                        attempt to "keep up with the times".


                        Not a bad analogy. Has anyone ever attempted to use the All Writs Act to compel a locksmith or safe manufacturer to crack a safe that they didn't own? Not provide a key, but use their time and expertise to do it.

                        reply to this | link to this | view in chronology ]

                        • icon
                          Aaron Walkhouse (profile), 10 Mar 2016 @ 11:32am

                          That would clearly be unnecessary. ‌ Police could do it
                          themselves as long as they have served a warrant to it's
                          owner and seized the safe. ‌

                          Then they could hire one to do the deed if they couldn't.

                          Of course, if nobody accepts the job, they're Short Of Luck. ‌ ;]

                          reply to this | link to this | view in chronology ]

                  • icon
                    The Wanderer (profile), 17 Mar 2016 @ 7:54am

                    Re:

                    Either I'm misunderstanding what would happen here, or you are.

                    According to my understanding, in order to get this phone to install the modified code, it would have to be provided as an updated iOS image.

                    According to my understanding, when you replace or upgrade a smartphone OS version, you do so essentially wholesale; you drop in the entire OS image, replacing everything which was there before, not just the pieces which were changed.

                    If that's correct, then there would be no way to replace just the login-screen code; you would have to replace everything. It's possible (even likely) that the replacements for everything else would not be (significantly) different from what was there before, but there would be no way to verify that without looking at the source code.

                    Even if that's not true, I'm not certain that your apparent assumption that there would be logs of the OS-update process which would show enough detail to determine whether anything other than the login-screen code had been modified is accurate. Certainly I've seen no sign of such logs on the Android side of the fence.

                    Beyond that, even if we assume that it can be proved that only the program(s) involved with handling the login screen were modified, there's no reason why the login-screen program(s) could not (be modified to) include code capable of modifying other parts of the system - and I would be extremely surprised if there were enough logging to be able to catch it if they did.

                    Really, if you're paranoid about every possible angle of attack and you don't trust the people who are in charge of the operation to do the right thing and be honest about their actions and motives, there is no way to be certain that the modified code has not tampered with the data on the phone other than to see - and possibly to experiment with - the code itself.

                    reply to this | link to this | view in chronology ]

                    • icon
                      Aaron Walkhouse (profile), 26 Mar 2016 @ 9:10pm

                      Apple never said they couldn't do it as a targeted patch.

                      In this case the court specifically ordered that just the
                      one module be replaced. ‌ That module, designed for just the
                      one function and that being on a cell phone, is very small.

                      That makes it impossible to add sophisticated search-replace
                      code which alters time stamps on files and also internal
                      IOS logs and filesystem structures sufficiently well enough
                      to fool forensics investigators on both sides of the case.

                      Don't forget that this part of the job is for Apple alone.

                      The other logs I mentioned are not those of IOS, but of the
                      technical staff and investigators involved in all stages of
                      the procedure, and most of those will be written by Apple
                      staff who have sole and uninterrupted custody of both their
                      logs and the source code of the proposed tool. ‌ Apple can't
                      be elbowed out of the way and not all FBI agents, techs and
                      officials can be compromised at the same time; so yes, the
                      combined logs and testimony of all involved on both sides
                      of the case does effectively make shenanigans a no-go.

                      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 9 Mar 2016 @ 11:55am

    Call me thick, but this is the first time I've noticed that the FBI vs. Apple ruling was issued by a worthless whore. Wow - what a "surprise".

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Mar 2016 @ 11:48am

      Re:

      "Call me thick, but this is the first time I've noticed that the FBI vs. Apple ruling was issued by a worthless whore. Wow - what a "surprise"."

      You said it!!!

      reply to this | link to this | view in chronology ]

  • icon
    SteveMB (profile), 9 Mar 2016 @ 12:02pm

    Even somebody who learned everything they know about the law from CSI: Wherever and Ace Attorney can see through the obvious absurdity of the "Apple can keep the backdoor code secure so it won't get out" argument. If the Feds actually allowed that (or pretended to allow that) it would open the door to scenarios like:

    Feds: We've got a search warrant for this phone, but we can't get in. Can you help?
    Me: (Sees owner's name engraved on phone back, and recognizes it as that of the asshole who stole my girlfriend, ran over my cat, and keyed my car) Sure! There's just one caveat, though -- I can't let you look at the code I'll be using because it might release a dangerous cyber pathogen.
    Feds: Well... OK.
    (later)
    Feds: Geezus Q. Christ! We thought this guy was just stealing credit card numbers, and it turns out that he's the world's biggest kiddie-porn meth-lab jihadist ringleader!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 12:19pm

    Here's what Apple should do:

    1. Secretly write the backdoor software in the event that they lose the case
    2. If they lose, When told to hand it over, do so
    3. Release OS 9 the same day
    4. Tell the FBI, "Oh, sorry, you asked for software to unlock OS 8, you didn't say anything about OS 9..."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Mar 2016 @ 1:18pm

      Re:

      I like this thinking, except iOS is on 9.2.1 right now. Let's just bump that to iOS 10.

      Or perhaps they can go the route of the Government when receiving FOIA requests and say development will take X months and cost $660 Million dollars.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 12:21pm

    It'll never be used in a criminal trial

    They'll find a parallel construction for anything useful in a criminal trial.

    (And nothing prevents what's found on the phone from being used in non-judicial ways like no-fly-lists, being added to NSA contact chaining, etc.)

    reply to this | link to this | view in chronology ]

    • icon
      Jeremy Lyman (profile), 10 Mar 2016 @ 4:32am

      Re: It'll never be used in a criminal trial

      Yup, no need to worry about using evidence in due process. If they could unlock these things without telling anyone we wouldn't be having this conversation right now. At least until the whole thing busted open like Stingray use in Baltimore.

      reply to this | link to this | view in chronology ]

  • icon
    cjstg (profile), 9 Mar 2016 @ 12:25pm

    Isn't that the point?

    Isn't this what the whole fight is about? I'm not even a lawyer, and I realized the first time I read about this case how important it was that Apple simply refuse to do this (under any circumstances, including jail time for contempt of court). Once the phone evidence enters the courtroom, the entire process of unlocking the phone is subject to scrutiny. The precedence issue is secondary.

    reply to this | link to this | view in chronology ]

    • icon
      Jeremy Lyman (profile), 10 Mar 2016 @ 4:37am

      Re: Isn't that the point?

      I think the precedence is more important than that. An exploit for this version of the OS in the wild is bad, but setting the standard that companies are legally obligated to pour whatever resources the govt says into breaking their own tech is worse. It becomes an issue for corporate bean counters who will cost and risk analyze encryption with the knowledge that they may need to break it at some point. It's much more efficient to pre-engineer exploits. We'll never get a secure piece of software again.

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 10 Mar 2016 @ 5:09am

        Re: Re: Isn't that the point?

        It becomes an issue for corporate bean counters who will cost and risk analyze encryption with the knowledge that they may need to break it at some point. It's much more efficient to pre-engineer exploits. We'll never get a secure piece of software again.

        I would(and have) argue that it's worse than that.

        Once the precedent is set that companies can be compelled to break their own encryption you can be sure that any move towards encryption that they cannot break will be painted as companies attempting to 'avoid their lawful obligations by making their products immune to legally issued warrants'. At that point it goes beyond a cost/risk analysis of how much it costs to develop encryption versus how much it would cost to break it, and moves into the realm where it becomes effectively impossible for them to ever implement truly secure encryption, as they'd face a PR and potentially legal nightmare if they ever tried.

        reply to this | link to this | view in chronology ]

        • icon
          Jeremy Lyman (profile), 10 Mar 2016 @ 5:31am

          Re: Re: Re: Isn't that the point?

          Yes, we're headed towards Aero duck/not a duck territory with much more dire consequences. It's unlawful to create systems that you're unable to help the govt crack, because doing so would be sidestepping the law by following it.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 12:41pm

    Cy Vance

    So it looks like Cy Vance's cybernetic pathogen is on that phone, it just does not exist yet. He is the one who wants Apple to make it.

    reply to this | link to this | view in chronology ]

    • identicon
      Brig C. McCoy, 9 Mar 2016 @ 1:33pm

      Re: Cy Vance

      It's not Cy Vance (NY DA) with the cybernetic pathogen, it's the DA from San Bernardino County, Michael Ramos. I mean, I can understand the confusion, they're both full of... shaving cream!

      ...brig

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 12:46pm

    The governments narrow tunnel vision to get what they want at any cost is beginning to look a lot like someone didn't think beyond this was a great way to open up the encryption access. The ramifications of what it would really mean in courts and the legal world were of no consequence at the time this theory to force Apple to open their encryption to LEO occurred.

    As time goes on and it is discussed, more and more this begins to look like a terrible idea.

    reply to this | link to this | view in chronology ]

  • icon
    Groaker (profile), 9 Mar 2016 @ 12:49pm

    And I thought slavery was over when the draft ended. Seems it is back again.

    reply to this | link to this | view in chronology ]

  • icon
    z! (profile), 9 Mar 2016 @ 1:01pm

    Brings up another thought- Daubert as applied to anything retrieved from an otherwise encrypted device. I wonder how much a defense could use it to challenge evidence. Would be also be an interesting approach to stingray-acquired evidence.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 9 Mar 2016 @ 1:18pm

      Re:

      What happens when the defence challenges how evidence was obtained by compromising TOR, and wants proof that the software installed on machines was not used to plant evidence.

      reply to this | link to this | view in chronology ]

  • icon
    aldestrawk (profile), 9 Mar 2016 @ 1:07pm

    clarification

    This article ought to have mentioned that any code used to update an Apple iPhone has to be digitally signed. Only Apple has the key necessary to sign such code. The FBI has not asked for that key and they will not be required to release it. This is the whole reason the FBI wants to compel Apple to write code that defeats their own security. The FBI may be capable of writing such code but they can't update an iPhone with their version. The FBI also asked Apple to make the update work on only the one iPhone in question. The way to do this is have the update check for one or more of the unique Ids used only on that particular phone (e.g UUID, serial #, cell IMEI, Bluetooth and WI-FI MAC addresses). The presence of a digital signature also means that the FBI, or anyone besides Apple, cannot alter the code even if they had a copy of the, un-compiled, source code.
    So, what's all the worry about then? I don't know the particulars of where, and how, these unique are stored on the iPhone. What may be possible though is to spoof these Ids to make another iPhone appear to be the one used by the San Bernardino terrorists. Another possible weakness is that every time a small change is made in the digitally signed code, it becomes easier to crack the key. A multitude of law enforcement agencies getting a new version for each case may allow the signing key to be discovered. I don't know if that is realistic in this instance, but it is something that should be looked at.

    reply to this | link to this | view in chronology ]

    • icon
      ThatDevilTech (profile), 9 Mar 2016 @ 1:56pm

      Re: clarification

      I think that was discussed when all this initially started about the "one phone" bs. It may be about one phone THIS time, but who is to say someone doesn't get the rogue code and revers engineers it for ANY phone to work. Or to trick the signing functionality? I don't want Apple to do this for ANY phone. It just sets too big of a precedent.

      reply to this | link to this | view in chronology ]

      • icon
        sigalrm (profile), 9 Mar 2016 @ 2:09pm

        Re: Re: clarification

        everyone's obsessed with the fact that the computer in question is a phone.

        It's a computer, with an OS/Firmware.

        Functionality aside, It's fundamentally no different than any other Internet of Things device.

        "Dear Amazon: We think Individual X may be up to something illegal. Please provide a custom firmware for their Alexa...."

        "Dear Samsung: We think Individual X may be up to something illegal. Please provide a customer firmware for their smart TV..."

        reply to this | link to this | view in chronology ]

    • icon
      sigalrm (profile), 9 Mar 2016 @ 2:06pm

      Re: clarification

      Let me fix this for you:

      Only Apple is known to have the key(s) necessary to sign such code.

      reply to this | link to this | view in chronology ]

    • icon
      art guerrilla (profile), 9 Mar 2016 @ 2:08pm

      Re: clarification

      "The presence of a digital signature also means that the FBI, or anyone besides Apple, cannot alter the code even if they had a copy of the, un-compiled, source code."

      wha ? ? ?
      NOT a programmer, but this set my BS meter pegging; not sure how in hell you can make the "un-compiled source code" un-editable/copyable/etc...

      reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 9 Mar 2016 @ 4:14pm

        Re: Re: clarification

        not sure how in hell you can make the "un-compiled source code" un-editable/copyable/etc...

        They can edit it all they want, but the phone won't run it after that.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 1:23pm

    Expert examination?

    "Such an expert would, in preparation for his or her testimony, require access to and examination of the software,"

    Next proposal about that from the FBI: 'We' in the form of the US govt already have in place a standard procedure which should be used here, in the form of the TPP access procedures. The expert may be allowed to enter a room, with no pencils, paper, cameras or other recording devices, and then may look at a printout of the code (4-point type) and even perhaps at a hologram of the phone's internals. Director Comey will insist that is a sufficient examination, his experts told him so even though he didn't understand anything they told him (fully in the vein of the earlier TD story detailing his responses to Congress).

    Surely a procedure which is deemed adequate for treaty examinations must be good enough for a mere phone.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 9 Mar 2016 @ 2:25pm

    It's time for a serious crowdmock of the cyber-pathogen idiocy. We want T-shirts, bumper stickers, signature lines. Herewith some modest proposals:


    DORMANT CYBER PATHOGEN
    (Do not wake | Do not turn me on)

    I AM CYBER PATHOGEN
    AND I VOTE!

    CYBER PATHOGENS UNITE
    Today San Bernardino, Tomorrow the (World|Underworld)!

    UNLOCK THE iPHONE:
    FREE THE SAN BERNARDINO CYBER PATHOGEN!

    REAL CYBER PATHOGENS RUN ON ANDROID

    CYBER PATHOGEN EXTERMINATOR
    Your phone is pathogen-free.
    You owe me $1,000,000

    REAL PATHOGENS RUN ON DNA

    (A pictures of a unicorn in some appropriate but improbable pose--sleeping, rampant, penned up, dead, etc.--is optional but strongly recommended)

    Other media should't be overlooked: say, tinfoil caps labelled "cyber pathogen protector" (with, of course, a unicorn head in the traditional red slashed circle); "cyber-pathogen-free" stickers to post on pay phones and power outlets--"let a thousand snickers bloom, let a hundred online shops contend."

    reply to this | link to this | view in chronology ]

  • icon
    Dismembered3po (profile), 9 Mar 2016 @ 2:36pm

    this certainly changes the calculus doesn't it?

    THE KEY! THE KEY! THE KEY! THE KEY! THE KEY! THE KEY!


    I'm not sure but I don't think this code itself is a big problem.

    The big problem seems to me that in order to validate the code, and that it works as advertised against a real device the expert would have to have access to Apple's signing key.

    Apple's signing key.

    APPLE'S SIGNING KEY.

    reply to this | link to this | view in chronology ]

  • identicon
    jim, 9 Mar 2016 @ 4:15pm

    Re:

    So in their defense, you say it's okay for a foreign government to have that ability to unlock the phone anytime it wants, but not one trying a supposed drug dealer, and two dead people who shot at the cops? Interesting argument.
    I believe with the source code, telling the machines how to operate, it can be reverse engineered to show what is needed to make it operate, and what functions are needed to minimumly operate the machine.
    Believe they already have all the information off the device,but it is legally unusable. In both cases. So what else are they after? Or who? Unusable, no warrants at the time. But a court would let them get away with that, but to use as evidence, that would be a very odd court. But it could be presented to a grand jury as hearsay, for further action. But it still didn't get to the issue, why did Apple not fulfill the original request? It wasn't the privacy issue then. They did it on other occasions, why stop then? There is some other motive, but what. Fired the wrong guy? Didn't say pretty please? Wanting paid for the last time?

    reply to this | link to this | view in chronology ]

  • icon
    JoeCool (profile), 9 Mar 2016 @ 4:33pm

    Show of hands

    How many other people read that as a Dilbert inquiry? I could just see Wally being put in charge of the Custom Code and selling it to the Elbonians. :)

    reply to this | link to this | view in chronology ]

  • icon
    madasahatter (profile), 9 Mar 2016 @ 5:12pm

    Interesting Issue

    So, the DO(In)J has not thought trough the implications of their stupidity. That is not surprising given their level of incompetence.

    reply to this | link to this | view in chronology ]

  • identicon
    Karen Vaisman, 9 Mar 2016 @ 5:36pm

    Feeling torn

    I see both sides. I'd like to see it argued publicly by knowledgeable people.

    reply to this | link to this | view in chronology ]

  • icon
    sigalrm (profile), 9 Mar 2016 @ 6:52pm

    Maybe part of the problem here...

    is that people don't understand what a secret key looks like.

    This is a 2048 bit RSA key I just generated:


    -----BEGIN RSA PRIVATE KEY-----
    MIIEpAIBAAKCAQEAzSOE0cwXfpZdYP9NI1j7kqNth/oLho2k5gnlXMMrq6m1Ba/s
    HbvcPwU7tdovxUYg9+LVsN2YB/js i4jJG/njvO9O330IvQ8fKvbxezgvWdOGI+sP
    fm22WTZqRTdQ6NfUjL8DlJWsJZxihXhNP9SHLsQ4aa9j4iTRzYl+H6oa0msr4sfs
    hoHuOQpkszDGy0vJ2Gxr/N0VnxGrmsaVmgDuj514pNVgWr24L+SbhZb3fUfRztAP
    ky+q5N1AtE/INUAdPuEz+oO/OBymLOW6LKB7 RbOljWJzNev5RtfxiWdwiDfH2SH0
    TsslEQDk6/Ea1Ckz5EvH6pi93+su6zc8vbmAgQIDAQABAoIBACvMvqow4n9TyaJR
    QH4gnK5l mJhk6hsTmTbIvCE/Rs7DUHRjaI28s7z8+A/PA04iuB1VYH0AA1sIajEs
    xovjoh2QFw4e20PKu8PnsA24JFwQjt6SbN94u2t289/N fMgKdUaL7k7GWlg5eMu4
    sP3E+gwhN05RdYkuhWFWTwihwFJWz8ygoJHfvxxRMstD20uAntNMI7gmWAV1seDB
    BGnmzdhk1Ge9qVHv kjxbQYDlhjKCpWJQNM9ivPjNb57/2KYiHOmh0RyKS7QIQYtl
    3TppOoUwOrg9Ld55xkubRAuj13oHIXJewcT8DxOHjJp4zkNMqwbc pMRApQRhxk3l
    x9MLvKUCgYEA6D7XaNfMTKoihk2yHYR9MMyazGJ49gAdSB3VdeT2qXJqJfBN7FkS
    X7kkFhAreW/QI7zSfo88i2eJ Y/hKF38ok50BB7mVQR5hcIvhpYPa7O6F4C2WJOkv
    GhOIMTrlpX+jo68VThEhhH3TlIICa0ou3Ga/8UiHhV2NyjDK1vf+8i8CgYEA 4h7o
    5m3P1GFT3Hw93m9U6aejBrB4yyg55yXg6VrJnt1y5sFMNpkZDoRyJhEEZi1bujNU
    y0rCUvYfACnkgoRjoAenqiuvD1GyLfhB tGL8m0RzDikwk/kQSEd2UrjgGdmkKKyG
    TsJzKY5aoMhhmb90fZbDOUfnFS5uip90izmifE8CgYEAllQe8MFGf5Vc9ZwTH+Ij
    etPl m0heTbWzPnv5MO+87d+eb+JFPihFqWpYvmNHELrcelV91uf2Y7HoD6qmouDv
    LeVhxlNNFjKJFeWlcJKRwe1/AKXhWxEJKRLdhChA f8jH7mqlGrwh+vXLX4Rr9nC1
    NnrX4WF2P1BYODkvAsjR4IcCgYEAvV8xojn5Ql64gwEyN2V58a1JZULKByqLQ8B/
    Wi+Eh53iqsrb 7yXMzFGz35mE26XFGm3+57qWgDBLyjFLhNsnLFD85BFtrSC4XrN5
    I397GvX6fbOVUXfXYREoUSMv27ZgOwgx+yfylqz3zYvD4aVs A/oNSZ2kNCMMxN/C
    FQ+RuxUCgYA6yDOODkNRoYGsKrEcV3rtwk+tT1Avt+M9KiDpI9PAlnrna9DUoJ1W
    cHmHpyeGAiVk7vBtwgPy pi4jEjtksXKvJZ07P9qgAlNbnbjaI2Ubdi56GnuJskEg
    bLVa9iFrZvyKhsGCPmsxMnxFLs58HwLveuxjICQ0pqGPC72byUZHiA==
    -----END RSA PRIVATE KEY-----

    That's it. This is a textual representation of a 2048 bit RSA key. generate a CSR and a public key, and you can plug it into any Apache web server. Or use it to sign email. Or sign applications. And those signatures will be valid on any system with the public key installed as a certificate authority.

    If you were to see Apple's private key exported like this one is, it would look very similar, although (hopefully) 4096 bits instead of 2048 (twice as long). And it might be DSA, instead of RSA. I'm certain it's stored in a _very_ tightly controlled environment.

    This key fits trivially into a paste buffer. So would Apple's. You could print it and type it in by hand if you were so inclined. Or take a picture and OCR it. And if that happens - just once - it potentially puts the security of every Apple device on the planet at risk.

    Now, this is a simplistic example. I'm sure Apple's implementation utilizes a hierarchy of similar keys, with limited uses, etc, all signed by a single, master key which is stored in tamper-proof hardware, requires multiple people to get to it, etc. But that master key only has to get exported once to the wrong individual to compromise the entire system.

    reply to this | link to this | view in chronology ]

  • identicon
    Yes, I know I'm commenting anonymously, 10 Mar 2016 @ 4:13am

    The real reason

    Because of this, the data on the phone will never be submitted to the court (the FBI knows it does not need it).
    The only reason for the demand to Apple is to gain the precedent of access to mobile phones.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 10 Mar 2016 @ 7:15am

    All phones have a "backdoor", Its called auto updates. Apple is the only one that has a key to idevices. Apple does not have to "write a code" as they already have the code written.
    Apple is playing "I want to protect our users from the govt" to "up" their status among customers. When all I hear is Lies from them about why they don't want to assist the govt in accessing a known terrorists phone data. Apple is becoming a tool for the terrorists. Apple must want more terrorists to use their products. Apple has become a terrorist.

    reply to this | link to this | view in chronology ]

    • icon
      nasch (profile), 10 Mar 2016 @ 8:16am

      Re:

      Apple does not have to "write a code" as they already have the code written.

      They have code already written to bypass the security lockouts on a phone? How do you know this? Neither Apple nor the FBI nor anyone else I've heard of is making this claim.

      Apple is becoming a tool for the terrorists. Apple must want more terrorists to use their products. Apple has become a terrorist.

      Toyota is becoming a tool for the terrorists. Toyota must want more terrorists to use their products. Toyota has become a terrorist.

      reply to this | link to this | view in chronology ]

  • identicon
    cmbeid, 10 Mar 2016 @ 9:48am

    Defense?

    I have really never thought of this before, but who would be acting in defense of the terrorists? Is there a court-appointed defense attorney provided? Or would the Daubert challenge come from any of the other subsequent numerous cases where the software would be requested?

    reply to this | link to this | view in chronology ]

    • icon
      nasch (profile), 10 Mar 2016 @ 10:14am

      Re: Defense?

      I have really never thought of this before, but who would be acting in defense of the terrorists?

      In this particular case? Nobody, they're dead.

      reply to this | link to this | view in chronology ]

  • icon
    Truthistruth (profile), 26 May 2016 @ 2:05pm

    Why can't anyone secure my devices ? Including the great apple?

    For almost 2 years I've been dealing with identity theft , breeches hacked emails cloned Apple ID Microsoft accounts that are more harm than good . I spend hours every single day on the phone or in person with all kinds of support , fraud and criminal investigators and get no where ? I have been going to the local county library to check accounts because my information on all my devices at home is not reliable given the fact that the Internet and router have been compromised repeatedly . Today when I went to the local library to check on my google accounts that were hacked into I find out that the libraries Mac computer is not accessible and can't be used by the library staff because MY old Apple ID that had been compromised and removed from my phone had taken over their Mac !! Seriously not kidding and no I had not been there in a long time and I make sure anytime I use any id I signout to make sure my hackers don't have it easier . No it was not easy to remove took most of the day and 3 levels of senior support with apple , yes I know how senior they are but by the third one that apple connected after the others couldn't fix it really was someone who knew tech stuff but still no one can secure my devices 2 Apple ID still say signed into this phone ? Still have every account insecure . Did I tell you about the screen shots of my sign in account info in photos on the library computer !!

    reply to this | link to this | view in chronology ]

  • icon
    Truthistruth (profile), 26 May 2016 @ 2:12pm

    It only happens in the movies

    I love it when people say no body really gets hacked or if you check your credit you are giving them access to your information ? Like anyone needs your approval to access your information ? All this apple talk is just another "bailout " to help apple sales . Now don't you fell more secure with your non hack able iPhone

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.