Apple's Response To DOJ: Your Filing Is Full Of Blatantly Misleading Claims And Outright Falsehoods

from the no-love-lost dept

As expected, Apple has now responded to the DOJ in the case about whether or not it can be forced to write code to break its own security features to help the FBI access the encrypted work iPhone of Syed Farook, one of the San Bernardino attackers. As we noted, the DOJ's filing was chock-full of blatantly misleading claims, and Apple was flabbergasted by just how ridiculous that filing was. That comes through in this response.
The government attempts to rewrite history by portraying the Act as an all-powerful magic wand rather than the limited procedural tool it is. As theorized by the government, the Act can authorize any and all relief except in two situations: (1) where Congress enacts a specific statute prohibiting the precise action (i.e., says a court may not “order a smartphone manufacturer to remove barriers to accessing stored data on a particular smartphone,” ... or (2) where the government seeks to “arbitrarily dragoon[]” or “forcibly deputize[]” “random citizens” off the street.... Thus, according to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up. The Founders would be appalled.
The Founders would be appalled. That's quite a statement.

Apple also slams the DOJ for insisting that this really is all about the one iPhone and that the court should ignore the wider precedent, citing FBI Director James Comey's own statements:
It has become crystal clear that this case is not about a “modest” order and a “single iPhone,” Opp. 1, as the FBI Director himself admitted when testifying before Congress two weeks ago. Ex. EE at 35 [FBI Director James Comey, Encryption Hr’g] (“[T]he broader question we’re talking about here goes far beyond phones or far beyond any case. This collision between public safety and privacy—the courts cannot resolve that.”). Instead, this case hinges on a contentious policy issue about how society should weigh what law enforcement officials want against the widespread repercussions and serious risks their demands would create. “Democracies resolve such tensions through robust debate” among the people and their elected representatives, Dkt. 16-8 [Comey, Going Dark], not through an unprecedented All Writs Act proceeding.
Apple then, repeatedly, points out where the DOJ selectively quoted, misquoted or misleadingly quoted arguments in its favor. For example:
The government misquotes Bank of the United States v. Halstead,..., for the proposition that “‘[t]he operation of [the Act]’” should not be limited “‘to that which it would have had in the year 1789.’” ... (misquoting Halstead, 23 U.S. (10 Wheat.) at 62) (alterations are the government’s). But what the Court actually said was that the “operation of an execution”—the ancient common law writ of “venditioni exponas”—is not limited to that “which it would have had in the year 1789.” ... see also... (“That executions are among the writs hereby authorized to be issued, cannot admit of a doubt . . . .”). The narrow holding of Halstead was that the Act (and the Process Act of 1792) allowed courts “to alter the form of the process of execution.” ... (courts are not limited to the form of the writ of execution “in use in the Supreme Courts of the several States in the year 1789”). The limited “power given to the Courts over their process is no more than authorizing them to regulate and direct the conduct of the Marshal, in the execution of the process.”

The authority to alter the process by which courts issue traditional common law writs is not authority to invent entirely new writs with no common law analog. But that is precisely what the government is asking this Court to do: The Order requiring Apple to create software so that the FBI can hack into the iPhone has no common law analog.
The filing then goes step by step in pointing out how the government is wrong about almost everything. The DOJ, for example, kept insisting that CALEA doesn't apply at all to Apple, but Apple points out that the DOJ just seems to be totally misreading the law:
Contrary to the government’s assertion that its request merely “brush[es] up against similar issues” to CALEA..., CALEA, in fact, has three critical limitations—two of which the government ignores entirely—that preclude the relief the government seeks.... First, CALEA prohibits law enforcement agencies from requiring “electronic communication service” providers to adopt “any specific design of equipment, facilities, services, features, or system configurations . . . .” The term “electronic communication service” provider is broadly defined to encompass Apple. ... (“any service which provides to users thereof the ability to send or receive wire or electronic communications”). Apple is an “electronic communication services” provider for purposes of the very services at issue here because Apple’s software allows users to “send or receive . . . communications” between iPhones through features such as iMessage and Mail....

The government acknowledges that FaceTime and iMessage are electronic communication services, but asserts that this fact is irrelevant because “the Court’s order does not bear at all upon the operation of those programs.” ... Not so. The passcode Apple is being asked to circumvent is a feature of the same Apple iOS that runs FaceTime, iMessage, and Mail, because an integral part of providing those services is enabling the phone’s owner to password-protect the private information contained within those communications. More importantly, the very communications to which law enforcement seeks access are the iMessage communications stored on the phone.... And, only a few pages after asserting that “the Court’s order does not bear at all upon the operation of” FaceTime and iMessage for purposes of the CALEA analysis..., the government spends several pages seeking to justify the Court’s order based on those very same programs, arguing that they render Apple “intimately close” to the crime for purposes of the New York Telephone analysis.

Second, the government does not dispute, or even discuss, that CALEA excludes “information services” providers from the scope of its mandatory assistance provisions.... Apple is indisputably an information services provider given the features of iOS, including Facetime, iMessage, and Mail....

Finally, CALEA makes clear that even telecommunications carriers (a category of providers subject to more intrusive requirements under CALEA, but which Apple is not) cannot be required to “ensure the government’s ability” to decrypt or to create decryption programs the company does not already “possess.”... If companies subject to CALEA’s obligations cannot be required to bear this burden, Congress surely did not intend to allow parties specifically exempted by CALEA (such as Apple) to be subjected to it. The government fails to address this truism.
Next, Apple rebuts the DOJ saying that since CALEA doesn't address this specific situation, that means Congress is just leaving it up to the courts to use the All Writs Act. As Apple points out, in some cases, Congress not doing something doesn't mean it rejected certain positions, but in this case, the legislative history is quite clear that Congress did not intend for companies to be forced to help in this manner.
Here, Congress chose to require limited third-party assistance in certain statutes designed to aid law enforcement in gathering electronic evidence (although none as expansive as what the government seeks here), but it has declined to include similar provisions in other statutes, despite vigorous lobbying by law enforcement and notwithstanding its “prolonged and acute awareness of so important an issue” as the one presented here.... Accordingly, the lack of statutory authorization in CALEA or any of the complementary statutes in the “comprehensive federal scheme” of surveillance and telecommunications law speaks volumes.... To that end, Congress chose to “greatly narrow[]” the “scope of [CALEA],” which ran contrary to the FBI’s interests but was “important from a privacy standpoint.” ... Indeed, CALEA’s provisions were drafted to “limit[] the scope of [industry’s] assistance requirements in several important ways.”....

That the Executive Branch recently abandoned plans to seek legislation expanding CALEA’s reach... provides renewed confirmation that Congress has not acceded to the FBI’s wishes, and belies the government’s view that it has possessed such authority under the All Writs Act since 1789.
In fact, in a footnote, Apple goes even further in not just blasting the DOJ's suggestion that Congress didn't really consider a legislative proposal to update CALEA to suck in requirements for internet communications companies, but also highlighting the infamous quote from top intelligence community lawyer Robert Litt about how they'd just wait for the next terrorist attack and get the law passed in their favor at that point.
The government’s attempts to minimize CALEA II, saying its plans consisted of “mere[] vague discussions” that never developed into a formal legislative submission ..., but federal officials familiar with that failed lobbying effort confirmed that the FBI had in fact developed a “draft proposal” containing a web of detailed provisions, including specific fines and compliance timelines, and had floated that proposal with the White House..... As The Washington Post reported, advocates of the proposal within the government dropped the effort, because they determined they could not get what they wanted from Congress at that time: “Although ‘the legislative environment is very hostile today,’ the intelligence community’s top lawyer, Robert S. Litt, said to colleagues in an August [2015] e-mail, which was obtained by The Post, ‘it could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.’ There is value, he said, in ‘keeping our options open for such a situation.’”
Next Apple goes through the arguments for saying that, even if the All Writs Act does apply, and even if the court accepts the DOJ's made up three factor test, Apple should still prevail. It notes, again, that it is "far removed" from the issue and reminds the court that the order sought here is very different from past cases where Apple has cooperated:
The government argues that “courts have already issued AWA orders” requiring manufacturers to “unlock” phones ... but those cases involved orders requiring “unlocking” assistance to provide access through existing means, not the extraordinary remedy sought here, i.e., an order that requires creating new software to undermine the phones’ (or in the Blake case, the iPad’s) security safeguards.
It also mocks that weird argument from the DOJ that said because Apple "licenses" rather than "sells" its software, that means Apple is more closely tied to the case:
The government discusses Apple’s software licensing and data policies at length, equating Apple to a feudal lord demanding fealty from its customers (“suzerainty”). ... But the government does not cite any authority, and none exists, suggesting that the design features and software that exist on every iPhone somehow link Apple to the subject phone and the crime. Likewise, the government has cited no case holding that a license to use a product constituted a sufficient connection under New York Telephone. Indeed, under the government’s theory, any ongoing postpurchase connection between a manufacturer or service provider and a consumer suffices to connect the two in perpetuity—even where, as here, the data on the iPhone is inaccessible to Apple.
From there, Apple dives in on the question of how much of a "burden" this would be. This is the issue that Judge Pym has indicated she's most interested in, and Apple goes deep here -- again and again focusing on how the DOJ was blatantly misleading in its motion:
Forcing Apple to create new software that degrades its security features is unprecedented and unlike any burden ever imposed under the All Writs Act. The government’s assertion that the phone companies in Mountain Bell and In re Application of the U.S. for an Order Authorizing the Installation of a Pen Register or Touch-Tone Decoder and a Terminating Trap ..., were conscripted to “write” code, akin to the request here... mischaracterizes the actual assistance required in those cases. The government seizes on the word “programmed” in those cases and superficially equates it to the process of creating new software..... But the “programming” in those cases—back in 1979 and 1980—consisted of a “technician” using a “teletypewriter” in Mountain Bell ..., and “t[ook] less than one minute” in Penn Bell... Indeed, in Mountain Bell, the government itself stated that the only burden imposed “was a large number of print-outs on the teletype machine”—not creating new code..... More importantly, the phone companies already had and themselves used the tracing capabilities the government wanted to access.... And although relying heavily on Mountain Bell, the government neglects to point out the court’s explicit warning that “[t]his holding is a narrow one, and our decision today should not be read to authorize the wholesale imposition upon private, third parties of duties pursuant to search warrants.” ...This case stands light years from Mountain Bell. The government seeks to commandeer Apple to design, create, test, and validate a new operating system that does not exist, and that Apple believes—with overwhelming support from the technology community and security experts—is too dangerous to create.

Seeking to belittle this widely accepted policy position, the government grossly mischaracterizes Apple’s objection to the requested Order as a concern that “compliance will tarnish its brand”..., a mischaracterization that both the FBI Director and the courts have flatly rejected. [See Comey] (“I don’t question [Apple’s] motive”);... (disagreeing “with the government’s contention that Apple’s objection [to being compelled to decrypt an iPhone] is not ‘conscientious’ but merely a matter of ‘its concern with public relations’”). As Apple explained in its Motion, Apple prioritizes the security and privacy of its users, and that priority is reflected in Apple’s increasingly secure operating systems, in which Apple has chosen not to create a back door.
Apple also calls out the DOJ's technical ignorance.
The government’s assertion that “there is no reason to think that the code Apple writes in compliance with the Order will ever leave Apple’s possession” ... simply shows the government misunderstands the technology and the nature of the cyber-threat landscape. As Apple engineer Erik Neuenschwander states:
I believe that Apple’s iOS platform is the most-attacked software platform in existence. Each time Apple closes one vulnerability, attackers work to find another. This is a constant and never-ending battle. Mr. Perino’s description of third-party efforts to circumvent Apple’s security demonstrates this point. And the protections that the government now asks Apple to compromise are the most security-critical software component of the iPhone—any vulnerability or back door, whether introduced intentionally or unintentionally, can represent a risk to all users of Apple devices simultaneously.
... The government is also mistaken in claiming that the crippled iOS it wants Apple to build can only be used on one iPhone:
Mr. Perino’s characterization of Apple’s process . . . is inaccurate. Apple does not create hundreds of millions of operating systems each tailored to an individual device. Each time Apple releases a new operating system, that operating system is the same for every device of a given model. The operating system then gets a personalized signature specific to each device. This personalization occurs as part of the installation process after the iOS is created.

Once GovtOS is created, personalizing it to a new device becomes a simple process. If Apple were forced to create GovtOS for installation on the device at issue in this case, it would likely take only minutes for Apple, or a malicious actor with sufficient access, to perform the necessary engineering work to install it on another device of the same model.

. . . [T]he initial creation of GovtOS itself creates serious ongoing burdens and risks. This includes the risk that if the ability to install GovtOS got into the wrong hands, it would open a significant new avenue of attack, undermining the security protections that Apple has spent years developing to protect its customers.
And, not surprisingly, Apple angrily attacks the DOJ's bogus misleading use of Apple's transparency report statements about responding to lawaful requests for government information in China, by pointing out how that's quite different than this situation:
Finally, the government attempts to disclaim the obvious international implications of its demand, asserting that any pressure to hand over the same software to foreign agents “flows from [Apple’s] decision to do business in foreign countries . . . .”. Contrary to the government’s misleading statistics ..., which had to do with lawful process and did not compel the creation of software that undermines the security of its users, Apple has never built a back door of any kind into iOS, or otherwise made data stored on the iPhone or in iCloud more technically accessible to any country’s government.... The government is wrong in asserting that Apple made “special accommodations” for China, as Apple uses the same security protocols everywhere in the world and follows the same standards for responding to law enforcement requests.
Apple also points out that the FBI appears to be contradicting itself as well:
Moreover, while they now argue that the FBI’s changing of the iCloud passcode—which ended any hope of backing up the phone’s data and accessing it via iCloud—“was the reasoned decision of experienced FBI agents”, the FBI Director himself admitted to Congress under oath that the decision was a “mistake”.... The Justice Department’s shifting, contradictory positions on this issue—first blaming the passcode change on the County, then admitting that the FBI told the County to change the passcode after the County objected to being blamed for doing so, and now trying to justify the decision in the face of Director Comey’s admission that it was a mistake—discredits any notion that the government properly exhausted all viable investigative alternatives before seeking this extraordinary order from this Court.
On the Constitutional questions, again Apple points out that the DOJ doesn't appear to understand what it's talking about:
The government begins its First Amendment analysis by suggesting that “[t]here is reason to doubt that functional programming is even entitled to traditional speech protections” ... , evincing its confusion over the technology it demands Apple create. Even assuming there is such a thing as purely functional code, creating the type of software demanded here, an operating system that has never existed before, would necessarily involve precisely the kind of expression of ideas and concepts protected by the First Amendment. Because writing code requires a choice of (1) language, (2) audience, and (3) syntax and vocabulary, as well as the creation of (4) data structures, (5) algorithms to manipulate and transform data, (6) detailed textual descriptions explaining what code is doing, and (7) methods of communicating information to the user, “[t]here are a number of ways to write code to accomplish a given task.”... As such, code falls squarely within the First Amendment’s protection, as even the cases cited by the government acknowledge...
Later it points out that the DOJ's claim that since Apple can write such code however it wants it's not compelled speech, Apple points out that their argument says the exact opposite:
The government attempts to evade this unavoidable conclusion by insisting that, “[t]o the extent [that] Apple’s software includes expressive elements . . . the Order permits Apple to express whatever it wants, so long as the software functions” by allowing it to hack into iPhones.... This serves only to illuminate the broader speech implications of the government’s request. The code that the government is asking the Court to force Apple to write contains an extra layer of expression unique to this case. When Apple designed iOS 8, it consciously took a position on an issue of public importance.... The government disagrees with Apple’s position and asks this Court to compel Apple to write new code that reflects its own viewpoint—a viewpoint that is deeply offensive to Apple.
The filing is basically Apple, over and over again, saying, "uh, what the DOJ said was wrong, clueless, technically ignorant, or purposely misleading." Hell, they even attack the DOJ's claim that the All Writs Act was used back in 1807 to force Aaron Burr's secretary to decrypt one of Burr's cipher-protected letters. Apple points out that the DOJ is lying.
The government contends that Chief Justice Marshall once ordered a third party to “provide decryption services” to the government.... He did nothing of the sort, and the All Writs Act was not even at issue in Burr. In that case, Aaron Burr’s secretary declined to state whether he “understood” the contents of a certain letter written in cipher, on the ground that he might incriminate himself.... The Court held that the clerk’s answer as to whether he understood the cipher could not incriminate him, and the Court thus held that “the witness may answer the question now propounded”—i.e., whether he understood the letter.... The Court did not require the clerk to decipher the letter.
If anything, to be honest, I'm surprised that Apple didn't go even harder on the DOJ for misrepresenting things. Either way, Apple is pretty clearly highlighting just how desperate the DOJ seems in this case.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    S. T. Stone (profile), 15 Mar 2016 @ 4:13pm

    New Twist on an Old Joke

    Is this the first documented case of an apple biting a man?

    reply to this | link to this | view in chronology ]

  • icon
    sorrykb (profile), 15 Mar 2016 @ 4:17pm

    GovtOS

    I do like Apple's name for the Government's proposed system.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Anonymous Coward, 15 Mar 2016 @ 4:29pm

      Re: GovtOS

      Cute yes. I did notice how Apples statements could not refer to OS (operating system) it had to be iOS. I guess we should expect nothing less from a marketing driven company.

      On the other hand, they sure did tear the Gov. a nice big new one. Hopefully the judge isn't pre-compromised.

      reply to this | link to this | view in chronology ]

    • icon
      br0adband (profile), 15 Mar 2016 @ 10:25pm

      Re: GovtOS

      Seems more logical if they just called it...


      FBiOS

      Right? :D

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 7:32am

        Re: Re: GovtOS

        The reason they didn't is because that would undermine the concept that the implications go far beyond just the FBI requesting this. The precedent set if the DOJ is allowed to prevail would not just be used by the FBI but rather ALL law enforcement agencies at every level of government, not just the FBI. THAT is why they chose to call it GovtOS not FBiOS.

        reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    identicon
    Anonymous Coward, 15 Mar 2016 @ 4:18pm

    Everything Apple says is the gospel truth; everything the government says is a blatantly misleading outright falsehood.

    Your coverage here is COMPLETELY biased, just like with everything else you write about.

    Seriously, dude. WTF is wrong with you?

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 15 Mar 2016 @ 4:26pm

      OH! Do go on!

      Everything Apple says is the gospel truth; everything the government says is a blatantly misleading outright falsehood.

      Your coverage here is COMPLETELY biased, just like with everything else you write about.

      Seriously, dude. WTF is wrong with you?

      Care to be specific, buttercup?

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 5:52am

        Re: OH! Do go on!

        He isn't writing in support of the government so obviously he is biased against it. That sort of nonsensical thinking.

        reply to this | link to this | view in chronology ]

      • identicon
        Justagoose, 16 Mar 2016 @ 12:00pm

        Re: OH! Do go on!

        I think the point of this article was to explain how specific Apple was in addressing the Department of Justice's mistakes and innacuracies. Idk what you read buddy.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Mar 2016 @ 4:45pm

      Re:

      Yawn.

      reply to this | link to this | view in chronology ]

    • icon
      JMT (profile), 16 Mar 2016 @ 4:28pm

      Re:

      "Seriously, dude. WTF is wrong with you?"

      Says the muppet complaining about bias in an OPINION blog. A blog that gives you almost unlimited space to clearly articulate your opposite point of view and offer up any evidence that you're right and Mike's not. But you don't.

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    icon
    Whatever (profile), 15 Mar 2016 @ 4:20pm

    I was thinking as I read this how Apple may win the battle, but end up losing the war. It wouldn't be unusual or restrictive for congress to impose limits on encryption in future devices.

    Apple may think the founders would have been appalled, but honestly, they would have been appalled at the largest companies in the country working hard to protect criminals and terrorists who are bent on harming America, Americans, and the like.

    Apple's victory here may end up being a huge loss for all of us.

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 15 Mar 2016 @ 4:35pm

      Safety is not worth living in a police state.

      I think our founders would have been appalled that the largest companies in the country were themselves run and owned by criminals and terrorists. I have no illusion that Apple Inc. is run by evil fucks. But the FBI in recent years has proven at least as much, if not eviler and fuckier.

      In this case I'd rather that companies didn't have to facilitate the already extensive brutality of US law enforcement.

      If by a huge loss for all of us you mean we may be subject to another 9/11-sized terrorist attack, I think it's worth the liberties and privacy of the people of the US to suffer such disastrous attacks from time to time without regarding the political implications. It would have been far far easier on the US people (and more effective) if Bush took a Christian stance and turned the other cheek.

      Already, our response to 9/11 not only has claimed more lives but made countless lives more miserable.

      reply to this | link to this | view in chronology ]

      • identicon
        Whoever, 15 Mar 2016 @ 4:40pm

        Re: Safety is not worth living in a police state.

        But the FBI in recent years has proven at least as much, if not eviler and fuckier.

        In recent years? The FBI was evil from its outset. J. Edgar used the resources of the FBI to manipulate the outcome of elections.

        reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 5:54am

        Re: Safety is not worth living in a police state.

        The question I have, is what if the FBI are creating terrorist attacks but not busting them. Instead allowing them to happen to justify laws for a police state.

        We have no way of knowing when they create terrorism plots until after they have announced they have "busted" them.

        reply to this | link to this | view in chronology ]

      • icon
        nasch (profile), 16 Mar 2016 @ 7:46am

        Re: Safety is not worth living in a police state.

        I think it's worth the liberties and privacy of the people of the US to suffer such disastrous attacks from time to time without regarding the political implications.

        It may sound strange but it wasn't even that big a disaster, as disasters go. A few thousand dead, and what a few billion in property damage? Terrible, yes. But not something that should alter our society. Katrina killed 1800 and caused over $100 billion damage, and that doesn't seem to have changed anything at all outside of the New Orleans area. The response to 9/11 was the real disaster (note I'm not disagreeing with you, just expounding).

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Anonymous Coward, 16 Mar 2016 @ 10:13am

          Re: Re: Safety is not worth living in a police state.

          It would not surprise me to find a bill outlawing hurricanes being introduced in some legislature/Congress. What is scary is that it might get serious consideration.

          reply to this | link to this | view in chronology ]

      • icon
        PRMan (profile), 16 Mar 2016 @ 10:24am

        Re: Safety is not worth living in a police state.

        Actually, Clinton turned the other cheek to the terrorists for nearly a decade, and the result was 9/11.

        reply to this | link to this | view in chronology ]

        • identicon
          Wendy Cockcroft, 23 Mar 2016 @ 3:36am

          Re: Re: Safety is not worth living in a police state.

          Eh, it's more complex than that. If you really want to simplify it, American meddling in the Middle East and proxy wars with the Russians brought about 9/11.

          They didn't do it because we were soft on them but because they hate us. They hate us because we won't stop interfering in their politics, propping up tyrants who do what we want.

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Anonymous Coward, 15 Mar 2016 @ 4:37pm

      Re:

      Please cite a reference, in any of the founding documents or statements by any of the Founders where it says that the government has a right to know everything.

      reply to this | link to this | view in chronology ]

      • icon
        madasahatter (profile), 15 Mar 2016 @ 7:59pm

        Re: Re:

        Out of luck, could not find any such statements.

        reply to this | link to this | view in chronology ]

      • identicon
        darobindus, 16 Mar 2016 @ 3:17am

        Re: Re:

        Please cite a reference, in any of the founding documents or statements by any of the Founders where it says that the government has a right to know everything.

        The fourth amendment fairly concisely argues that the government does have a right to know everything that probable cause indicates that it should know.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 16 Mar 2016 @ 3:56am

          Re: Re: Re:

          Not everything, the fifth makes clear that they don't get to know everything, even definitive proof of a crime, if doing so requires self-incrimination, 'probable cause' or not. If those investigating a crime have every single piece of evidence except a particular, critical piece of it, even if they know that the suspect has that particular bit they still cannot compel the suspect to hand it over if doing so would implicate them.

          'The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.'

          The Fourth is there to set limits on their ability to search and seize, such that they can't just search everywhere and grab anything without sufficient justification. The default position is that they can't search something unless the search meets certain criteria, not that any search is allowed unless it happens to violate certain criteria.

          reply to this | link to this | view in chronology ]

          • icon
            Whatever (profile), 16 Mar 2016 @ 4:36am

            Re: Re: Re: Re:

            Generally, the argument is made (and has been supported repeatedly by SCOTUS and various federal courts) that the Fourth defines how and when a search can occur, but it does not generally limit a search of the type of "all personal papers, bank records, and correspondence" or "contents of safety deposit box / safe / vault".

            Essentially, the 4th makes it clear that, with probably cause, that almost anything and almost anywhere can be searched. Your privacy hinges not on how well you protect something, but rather on the probably cause to see it, read it, or inspect it.

            The default position is that with probably cause, there are few if any restrictions. Nothing in the consitution allows for something to be totally inaccessible to the government given probably cause.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 16 Mar 2016 @ 4:52am

              Re: Re: Re: Re: Re:

              "Nothing in the consitution allows for something to be totally inaccessible"

              .. ergo the government has access to everything
              That's some F'd up logic right there,

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 16 Mar 2016 @ 4:53am

              Re: Re: Re: Re: Re:

              Nothing in the consitution allows for something to be totally inaccessible to the government given probably cause.

              Nothing in the constitution says that is has to accessible to the government either. All probables cause does is allows the granting of a warrant to allow a search attempt, that is the police can try to open a safe, but they are not guaranteed success in that endeavour.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 16 Mar 2016 @ 5:30am

              Re: Re: Re: Re: Re:

              Your privacy hinges not on how well you protect something, but rather on the probably cause to see it, read it, or inspect it.

              Really? Perhaps you should inform the FBI that they're just nor "probably causing" enough to read the phone.

              reply to this | link to this | view in chronology ]

            • icon
              nasch (profile), 16 Mar 2016 @ 7:41am

              Re: Re: Re: Re: Re:

              ...probably cause...probably cause...probably cause...

              I know it's an easy typo but that does get grating to read.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 16 Mar 2016 @ 9:04am

              Re: Re: Re: Re: Re:

              The first two times on this thread, I assumed it was the innocent common typo. But after this comment it has become clear: Whatever doesn't realize it's "probable cause" not "probably cause". That's deeply amusing to me.

              reply to this | link to this | view in chronology ]

              • icon
                nasch (profile), 16 Mar 2016 @ 11:33am

                Re: Re: Re: Re: Re: Re:

                But after this comment it has become clear: Whatever doesn't realize it's "probable cause" not "probably cause". That's deeply amusing to me.

                That would be pretty funny...

                reply to this | link to this | view in chronology ]

        • identicon
          Carlie Coats, 16 Mar 2016 @ 4:08am

          No!

          The fourth amendment demands a warrant that specifically describes the search.
          No general warrants!

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 16 Mar 2016 @ 8:27am

            Re: No!

            And the warrant in this case doesn't describe what they expect to find on the phone. One DA thinks it has "cyber pathogens!"

            reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Mar 2016 @ 4:41pm

      Re:

      "they would have been appalled at the largest companies in the country working hard to protect criminals and terrorists who are bent on harming America, Americans, and the like."

      Nope. Not at all. The founding fathers recognized, feared, and built in checks on the idea that the government could be the abusive agent in a situation and that the sanctity of citizen's freedom outweighed minor, scare-mongering from supposed enemies.

      We're not in war time. We haven't not officially declared a war on terrorists and criminals. We haven't suspended the Constitution in order to "win" a victory against the terrorists. Criminals who are American citizens still have rights and especially the right to due process until proven guilty in a court of law, and they still have some rights even after conviction.

      There will always be someone who is "bent on harming America." If we give up our own personal liberty and security and privacy on the altar of "winning" an unwinnable "war," then we've already betrayed the vision of the founding fathers and there's no America worth protecting from our enemies anymore.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 5:56am

        Re: Re:

        Unless of course someone in power decides they want to make an example of them, then they have no rights and might just get killed by a drone strike

        reply to this | link to this | view in chronology ]

      • icon
        PRMan (profile), 16 Mar 2016 @ 10:28am

        Re: Re:

        People think the Founding Fathers lived in a world without pirates and terrorists. Far from the truth.

        They had those ideas in mind when writing the Constitution.

        reply to this | link to this | view in chronology ]

      • identicon
        Anon, 17 Mar 2016 @ 7:09am

        Re: Re:

        Additionally, if the purpose of terrorism is indeed to destroy its intended target through a series of attacks that not only cause physical destruction, but more so cause emotional and social destruction, then if we hand off liberty for safety the terrorists have won.

        The stated goal of Islamic Terrorism is to destroy the 'Great Satan', if the the core belief and tenant of the enemy then is liberty and freedom, then the 'Great Satan's' destruction inherently lies within, first its ideological destruction (liberty, freedom, justice, etc.), and then in its physical destruction.

        Interestingly enough in this case the ideological destruction of the 'Great Satan' ultimately leads to its physical destruction because American ceases to be what it has always been, and becomes instead a nation more similar to the terrorists own ideology.

        Think of terrorists as The Joker, whose purpose is to destroy, primarily with the end game of corrupting the hero, Batman. Sure he'll grab the opportunity to physically destroy him if he wants, and if it presents itself. But true destruction is destruction of the idea first, and then the physical embodiment of it.

        Terrorists win, when America no longer exists as an idea or the physical representation as such. It is only when that has happened that Islamic Terrorism can proclaim that it is indeed stronger, has overcome, and is superior.

        Freedom comes with built in risks, it puts us on the bleeding edge between life and death. If you don't want to live in a dangerous world, then you don't truly want freedom.

        Finally, you can look at this as the FBI knowingly (or unknowingly) playing into the agenda of Islamic Terrorism, for they have become unwitting actors with its endgame. Though, for them it is an opportunity for a power grab in their own endgame as they see it.

        In the end, if they succeed, someone wins Police State or Terrorism, but Freedom and Liberty lose.

        reply to this | link to this | view in chronology ]

        • identicon
          Wendy Cockcroft, 23 Mar 2016 @ 7:23am

          Re: Re: Re:

          Yeah... here's the deal: we keep messing with their politics, setting up puppet dictators who are as corrupt as hell but side with us and do our bidding. The Shah of Iran, Saddam Hussein, and later, Gadaffi, were all bankrolled and propped up by the West.

          Propagandists like to wibble on about liberty and freedom and announce that this is why they hate us but that's a straw man. The truth is they hate us because we've been colossal hypocrites where liberty and freedom are concerned where they live. Heck, we're even trading with the al-Saud family, some of whose members are actively involved in terrorism. Osama bin Laden's family had an exclusive building contract with them. And those folks are obscenely wealthy because we buy their oil instead of looking for alternative fuel sources so we're less reliant on them and they get less of our money.

          Terrorists are horrible people; self-righteous and judgemental, they deliberately target the innocent to frighten our societies and keep us in a state of fear. If and when they get what they want, the urge to wield power on a personal level over others intensifies. Result: a violent police state with dead bodies on display to cow people into obedience. At no point is anything they do justifiable. However, when they're recruiting, their favoured propaganda angle is not "All the Yazidi kids you can rape!" but "Look what these evil people did to us. It's payback time!"

          If you can't or won't understand that you'll only ever see them as two-legged cockroaches in need of stamping out but policies based on that notion don't tend to be effective. You need to understand where they're coming from and be able to counter their arguments. If they can't recruit enough people to do what they want, their movements will collapse.

          reply to this | link to this | view in chronology ]

          • icon
            nasch (profile), 23 Mar 2016 @ 8:13am

            Re: Re: Re: Re:

            Heck, we're even trading with the al-Saud family, some of whose members are actively involved in terrorism.

            Trading with is understating it; they're our closest middle eastern ally other than Israel.

            reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Mar 2016 @ 4:46pm

      Re:

      It must be hard for you to live your life terrified of everything.

      reply to this | link to this | view in chronology ]

    • icon
      Kaemaril (profile), 15 Mar 2016 @ 5:00pm

      Re:

      "Apple may think the founders would have been appalled, but honestly, they would have been appalled at the largest companies in the country working hard to protect criminals and terrorists who are bent on harming America, Americans, and the like."

      Who is doing that? It can't be Apple, or they wouldn't have already provided the FBI and police a ton of assistance.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Mar 2016 @ 5:04pm

      Re:

      Yea right Apple protecting its end user from
      the overly long reach of govt is wrong.... LOL @ U
      Might as well just had your house keys over to your local
      police dept right now , need they must protect society from you at some future point .
      You should have no problem with is due to the fact that you have nothing to hide .....and you want to be safe , yes ?
      Also why stop there .... you should hand over your bank account passwords just in case the IRS needs to check on your financials , you might be a little bit off ......
      So yes a govt victory is in all our best interests
      Just be sure your the first in line to hand over all your passwords ....You don't need them ,the govt will keep you safe .....

      reply to this | link to this | view in chronology ]

      • This comment has been flagged by the community. Click here to show it
        icon
        Whatever (profile), 15 Mar 2016 @ 5:35pm

        Re: Re:

        "Yea right Apple protecting its end user from
        the overly long reach of govt is wrong.... LOL @ U"

        I think what most people don't realize is that the biggest weapon against the US and the west is the very things you cherish - freedom and privacy above and beyond. It's the most amazing thing, and it's also a weapon.

        "Might as well just had your house keys over to your local
        police dept right now , need they must protect society from you at some future point ."

        Absolutism at it's very best. Is your entire world black crayon on white paper? The rest of us have colors and shades of grey, you really should try it!

        "So yes a govt victory is in all our best interests
        Just be sure your the first in line to hand over all your passwords ....You don't need them ,the govt will keep you safe ....."

        Again, black and white. Nobody is asking for all your passwords. Nobody is even asking for your password, or wanting to get into your phone. Of course, if you commit a crime or are investigated, it's reasonable for a judge to issue a warrant (with probably cause) to search your home, place of work, and storage facilities including safety deposit boxes and such. It's incredibly hard to justify that the material on your phone or computer has more right to privacy than a paper in your safe at home.

        So yeah, enjoy your black crayon world, it must be really weird to live where there is absolutely no space for compromise or consideration for others.

        reply to this | link to this | view in chronology ]

        • identicon
          Digitari, 15 Mar 2016 @ 6:13pm

          Re: Re: Re:

          Absolutism is a word you absolutely use don't you. You counter with black and white as a bad thing, 1 and 0 could represent black and white easily. yet you only see gray (allegedly) but your obtuseness is just as black and white.

          Why do I have to give up anything? I'm an honorably discharged Vet, I fought for the US Government and by extension, it's people.

          I have never had a Ticket, Never been arrested.

          I walk to and from work, I carry my own bag to get groceries.

          why should my privacy be up for grabs from some guy 1500 miles from me?

          why don't you value your own privacy? you use the nom de plume of "whatever" why? is it because you are known already to some? is it because of that, that you wish "some" privacy? or is there something else you are hiding??

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 15 Mar 2016 @ 7:54pm

            Re: Re: Re: Re:

            He claims to let the government have access... but at the same time claims to use a throwaway email with his phone.

            In short he wants the government to check up on everyone else and demands that they bare their anuses for reaming, but not himself. Typical Whatever hypocrisy, really.

            reply to this | link to this | view in chronology ]

            • icon
              Whatever (profile), 15 Mar 2016 @ 8:14pm

              Re: Re: Re: Re: Re:

              Wow, you are trying so hard to troll, but you fail.

              You miss the point entirely. I don't want the government checking everyone's phone everyones phone or everyones anything else for that matter - except what is public and observable. However, if I get arrested for something, I expect a warrant to be served for my house, my car, my workplace, my storage facility, my safety deposit box, and yes, my computer and phone as well provided there is probably cause.

              If I had a wall safe, they could break in, and it would be legal. I don't think an electronic device should have more protection.

              I choose to use a free gmail account on my phone that is not my "normal" account because I don't like them tracking me, so I give them LESS to work with. It's my choice, not some great scheme to avoid the government.

              Please just stop trolling, you are really bad at it!

              reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 15 Mar 2016 @ 8:46pm

                Re: Re: Re: Re: Re: Re:

                And you don't see that you using a gmail account to avoid them tracking you is the same as Apple giving you an encrypted phone that they can't casually break into.

                reply to this | link to this | view in chronology ]

                • icon
                  Whatever (profile), 15 Mar 2016 @ 10:17pm

                  Re: Re: Re: Re: Re: Re: Re:

                  THe difference is huge. My gmail account on my phone isn't about "data". I don't have to encrypt anything other than the normal internet connections because, quite simply, I don't think it's wise to carry your life around in a device that can easily be lost or stolen. Can you imagine carrying every document of value with you in your car, and parking it in the bad part of town? That is what using your phone or tablet as a repository for your bank access and records, your medical information, and the like is.

                  Remember too, after everything, you can't "casually break into" a phone with a password, provided the password is a reasonable length. Apple's issue is that pincodes are 4 to 6 digits, which is well within the range of a brute force. All the talk of security chip this and encrypted that means nothing if the user passcode is pretty much "1234". That's the real issue.

                  reply to this | link to this | view in chronology ]

                  • icon
                    MrTroy (profile), 15 Mar 2016 @ 11:56pm

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    If I had a wall safe, they could break in, and it would be legal. I don't think an electronic device should have more protection.

                    If you had a wall safe that they couldn't break into (without destroying the contents), then it's the same thing as a phone that they can't break into.

                    What's the problem?

                    Apple's issue is that pincodes are 4 to 6 digits, which is well within the range of a brute force. All the talk of security chip this and encrypted that means nothing if the user passcode is pretty much "1234". That's the real issue.

                    Poor passcodes is indeed a real issue, and Apple has taken some very good steps to mitigate the issue and try to protect people from themselves. The FBI wants to roll back these steps and reduce the common person's security - you know, that guy that doesn't want a pin code longer than 4 digits (and secretly hates even that).

                    And yet, despite (correctly) pointing to this as a keystone issue... why do you continue to defend what the FBI is trying to do here?

                    reply to this | link to this | view in chronology ]

                    • icon
                      Whatever (profile), 16 Mar 2016 @ 3:36am

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      "Poor passcodes is indeed a real issue, and Apple has taken some very good steps to mitigate the issue and try to protect people from themselves. The FBI wants to roll back these steps and reduce the common person's security - you know, that guy that doesn't want a pin code longer than 4 digits (and secretly hates even that)."

                      Not really true. Nobody is asking Apple to roll out the small changed (disabling the 10 tries limit) to the general public. The guy with the short passcode will be in the same position tomomorrow as he is today, protected not by a fancy one way security chip or logn key encryption, but rather by a simple "counts to 10" blocker. That is a real issue and one I expect Apple to address in the future.

                      "And yet, despite (correctly) pointing to this as a keystone issue... why do you continue to defend what the FBI is trying to do here?"

                      I think that the FBI isn't asking for very much, essentially to disable the 10 counter - not a whole new OS. They aren't asking for it to be rolled out to the public. Apple has really muddied the waters by tossing the larger debate of encryption and everything up to "forcing us to turn on your microphone and camera remotely" without your knoeldge and couched in a manner to suggest without warrants or oversight.

                      What Apple is painting, I agree with - except it's not what is being asked for in this case and is a real end run to try to avoid dealing with what is a very simple issue - disable the 10 count on a single device, and not re-write the OS to be less secure for everyone.

                      Understanding that Apple is trying to paint the issue as something different is to understand why the FBI's request and the court's order isn't far off the mark.

                      reply to this | link to this | view in chronology ]

                      • identicon
                        Anonymous Coward, 16 Mar 2016 @ 4:36am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        The guy with the short passcode will be in the same position tomomorrow as he is today, protected not by a fancy one way security chip or logn key encryption, but rather by a simple "counts to 10" blocker. That is a real issue and one I expect Apple to address in the future.

                        Count limiters are a standard security technique where there is a requirement for people to remember a pin or passcode. You are ignoring the problem with long passcode, they need some form of secure storage because people cannot remember long strings of random characters. This is the practical issue of securing devices that you are trying to overlook, which is also applied to such things as credit card pins.
                        I suspect that law enforcement would love long passcodes to enable phones, as a search of a persons possessions would almost always give them something with the passcode recorded on it.

                        reply to this | link to this | view in chronology ]

                        • icon
                          Whatever (profile), 16 Mar 2016 @ 8:38am

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                          "You are ignoring the problem with long passcode, they need some form of secure storage because people cannot remember long strings of random characters."

                          I used Mike's claims to figure this out:

                          6 digit pincode (only numbers) Mike claims 1 day.
                          7 digit pincode then would be 10 days
                          8 digit pincode then would be 100 days
                          9 digit pincode then would be 1000 days
                          10 digit pincode then would be 10,000 days.

                          Your phone number is... 10 digits long (in the US).

                          Even at 8 digits (up from the current 6) would be more than enough to deter almost any normal hacker. Most people don't need a password locker to remember 8 digits. We aren't talking about "SLKJDSIFJ*&#LKJDFIERLSFHF*RLJSLKHFORH" as a pincode, we are talking maybe 8898 0020.

                          So if you need to record an 8 digit passcode, you probably had to write down the 6 digit one as well.

                          reply to this | link to this | view in chronology ]

                          • identicon
                            Anonymous Coward, 16 Mar 2016 @ 9:57am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            as twain said, nothing so obtuse as a person who 'knows' they are right...
                            frankly, you are on the 'wrong side' of issues so often, the default position with ANYTHING you say should be you dont know wtf you are talking about...
                            you have no one to bla me but yourself that you have EARNED a reputation as an authoritarian suckup afraid of their own shadow, but forgiving of virtually any and all transgressions by 'our' incipient police state...
                            not really worth reading your posts at all, i can predict EVERY word an authoritarian bootlick like you will come out with, few of them cogent...

                            reply to this | link to this | view in chronology ]

                      • icon
                        MrTroy (profile), 16 Mar 2016 @ 5:06am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        "Poor passcodes is indeed a real issue, and Apple has taken some very good steps to mitigate the issue and try to protect people from themselves. The FBI wants to roll back these steps and reduce the common person's security - you know, that guy that doesn't want a pin code longer than 4 digits (and secretly hates even that)."

                        Not really true. Nobody is asking Apple to roll out the small changed (disabling the 10 tries limit) to the general public. The guy with the short passcode will be in the same position tomomorrow as he is today, protected not by a fancy one way security chip or logn key encryption, but rather by a simple "counts to 10" blocker. That is a real issue and one I expect Apple to address in the future.


                        I'm not sure how to say this so you'll get it. Everyone else has tried, and you seem to be wilfully misinterpreting everything to see it your way. Not just get it but disagree, but actively-dance-around-the-edges ignoring the facts.

                        Fact: 4-digit pin codes are weak security, and Apple protects the user by extra security measures such as slowing down attempts, and locking after 10 failed tries.
                        Fact: Apple phones currently have a security vulnerability - you can update the security configuration without requiring the user to authenticate.

                        Ok. Say that Apple agrees to create FBiOS and help the FBI hack this one phone. Let's even say that the impossible happens that FBiOS never leaks, or that if it does leak then the signature requirements to install it on a phone are actually sufficient to stop bad guys from accessing the contents of stolen phones.

                        The entire international hacking community now knows that there is a proof-of-concept working exploit on all current Apple phones. You can absolutely guarantee that teams will be working around the clock to try to replicate the same, or even improve it - who's to say that some group might not find an even better attack, where parts of the key can be leaked from the underlying security chip so they can attack pin codes of any length?

                        It's ok though, Apple knows about the vulnerability, and the simple fix is to prevent updating the security firmware without authenticating the user. FBiOS becomes useless, and DoJ once again starts stockpiling encrypted phones that it needs help unlocking. What do you think happens next?

                        Understanding that Apple is trying to paint the issue as something different is to understand why the FBI's request and the court's order isn't far off the mark.


                        The FBI's request was full of lies and misdirections, and as mentioned in Apple's reply they deliberately misquoted the courts in United States v. Halstead to make the implication that they wanted. If it were a reasonable request, why can't they find an argument that rests on the truth?

                        Can you point to anywhere where Apple has lied in this case? Drawing slurs from the media circus surrounding the case and using them to attack Apple's behaviour within the case isn't very sportsmanlike.

                        reply to this | link to this | view in chronology ]

                        • icon
                          Whatever (profile), 16 Mar 2016 @ 9:11am

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                          "Apple protects the user by extra security measures such as slowing down attempts, and locking after 10 failed tries"

                          Fact understood, I always have. But it's a very artificial limitation which every hacker would have long since known about and targeted. But since Apple phones are notoriously hard to hack and hard to apply unsigned patches too, it really isn't an issue. So making a special "signed for the FBI only on phones so ordered by the court" version that disables this "feature" wouldn't teach hackers anything they don't already know.

                          "Apple knows about the vulnerability, and the simple fix is to prevent updating the security firmware without authenticating the user."

                          It's likely not a simple fix, and it may be something that is actually needed to allow for updates to occur normally. It likely would require a major change in many of the ways Apple does updates and applies patches.

                          "Can you point to anywhere where Apple has lied in this case?"

                          My favorite one is Apple's claims that the FBI will force them to turn on microphones and cameras remotely without your permission. That was the wildest one. The lesser wild one is the concept that the FBI will somehow force this update onto every iphone ever made. That isn't the case at all.

                          "as mentioned in Apple's reply they deliberately misquoted the courts in United States v. Halstead to make the implication that they wanted."

                          Apple wants the courts to take an extremely narrow view of Halstead. The FBI wants a more open reading, and one which is much more commonly applied. Laywers on both sides of legal arguments tend to take the words and phrases that best support their arguments. Is the FBI quote a misquote or just a clarifying edit (ie, leaving out words or shortening a sentence for clarity)? It's a question perhaps for the judge to consider at some point down the road.

                          Also this:

                          "I believe that Apple’s iOS platform is the most-attacked software platform in existence. Each time Apple closes one vulnerability, attackers work to find another. This is a constant and never-ending battle. Mr. Perino’s description of third-party efforts to circumvent Apple’s security demonstrates this point. And the protections that the government now asks Apple to compromise are the most security-critical software component of the iPhone—any vulnerability or back door, whether introduced intentionally or unintentionally, can represent a risk to all users of Apple devices simultaneously."

                          This is incredibly dishonest at it's core. The hackers he addresses generally are those who are attempting to jailbreak a phone. Almost every version of ios has had something which over time has been used to get around certain restrictions, mostly to do with Apple's walled garden approach to apps. Good hacks are so rare that there was a 1 million dollar prize, and only one team or individual managed to so something by remote hacking a browser that would allow apps to be installed.

                          http://motherboard.vice.com/read/somebody-just-won-1-million-bounty-for-hacking-the-iphone

                          That is pretty low numbers. The change requested by the FBI would not apply in those cases, because the number of passcode attempts is meaningless, as the remote hack would only have to wait for the phone to be unlocked by the user in normal use to be able to use the normal tools to access data on the phone, encrypted or not. Changing the number of attempts possible wouldn't change much of anything - and even if it did, it would be ENTIRELY mitigated by requiring a slightly longer pincode.

                          The 10 tries limit is common, indeed - common in otherwise insecure setups!

                          So Apple is playing very loose in trying to portray the threat as anything more than what it already is: Everyone already knows that the 10 tries system is vunerable, but most hackers don't case because it's not what they are aiming for.

                          I could go on, but safe to say that Apple is claiming the sky is falling while the earth is rising and demons and ghouls will eat us all if they have to make a special patch for the FBI that they themselves would have to sign for that particular phone. You don't have to think too hard to see that they are doing a whole lot of arm waving about nothing.

                          reply to this | link to this | view in chronology ]

                          • identicon
                            Troll Translator, 16 Mar 2016 @ 9:16am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            "Security isn't perfect, so let's weaken it even further! Wait, what are my values again? Oh right, I don't care - as long as I get to exist in a state of constant argument with all those around me, nobody can deny that I exist. Sure, nobody likes me - but that very fact confirms they can see and hear me. Phew."

                            reply to this | link to this | view in chronology ]

                            • icon
                              nasch (profile), 16 Mar 2016 @ 11:35am

                              Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                              Wait, what are my values again? Oh right, I don't care - as long as I get to exist in a state of constant argument with all those around me, nobody can deny that I exist. Sure, nobody likes me - but that very fact confirms they can see and hear me. Phew.

                              Now that kind of sounds like Ted Cruz.

                              reply to this | link to this | view in chronology ]

                          • identicon
                            Anonymous Coward, 16 Mar 2016 @ 9:41am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            If they can compel Apple to write an operating system to their specification, how long before they requires Apple and Microsoft to Implement key loggers and key escrow for al known encryption programs. Given law enforcements attitude towards encryption and the public, this is not that unlikely.
                            The precedent they are trying to set is that they can comply companies to implement software to meet law enforcement desires.

                            reply to this | link to this | view in chronology ]

                            • icon
                              Whatever (profile), 16 Mar 2016 @ 5:38pm

                              Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                              "how long before they requires Apple and Microsoft to Implement key loggers and key escrow for al known encryption programs"

                              How long before they just put a government agent in your house to watch you?

                              I have to laugh every time someone tries to make sure an insane slippery slope argument. The US has laws, does it not? It has a constitution, right? Just like Apple, you are arguing something that the feds would do without a warrant and without probable cause - which would generally be illegal.

                              reply to this | link to this | view in chronology ]

                              • identicon
                                Anonymous Coward, 16 Mar 2016 @ 6:18pm

                                Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                                The US has laws, does it not?

                                And are they followed?

                                Are they followed equally for everyone?

                                reply to this | link to this | view in chronology ]

                          • icon
                            ottermaton (profile), 16 Mar 2016 @ 10:02am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            My favorite [lie] is Apple's claims that the FBI will force them to turn on microphones and cameras remotely without your permission.

                            Got a citation for that?

                            Furthermore, how do YOU know with ANY certainty that the FBI won't do exactly that? It would be very, very, very far from the first time the FBI pulled this sort of dirty trick.

                            reply to this | link to this | view in chronology ]

                          • identicon
                            Anonymous Coward, 16 Mar 2016 @ 11:16am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            My favorite one is Apple's claims that the FBI will force them to turn on microphones and cameras remotely without your permission. That was the wildest one.


                            I want to know why it is wild. If the government is granted a court order allowing them to record someone, why couldn't they use the All Writs Act to force Apple to create custom software to let them turn on one phone's microphone, if this precedent is set?

                            reply to this | link to this | view in chronology ]

                            • icon
                              Whatever (profile), 16 Mar 2016 @ 5:42pm

                              Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                              It's wild for a number of reasons. The biggest of course is that it would require Apple to roll out an update to all users that permitted it, without disclosing it (otherwise people would avoid the update). Failure to disclose would see Apple sued out of existence for doing it.

                              Moreover, the way Apple presented it, it was as if the camera and microphone for all users would be turned on and all data forwards to the government 24 hours per day.

                              Also, turning on a microphone or camera without a valid search warrant would be a fail end to end. No judge would grant such a warrant, as the likelihood that it would violate someone's rights is just about absolute. Remember, the mobile phone goes places where no other wiretap warrant would allow, and having it monitor even when the phone is not in use (ie, no call being made) would be a massive overreach past what a normal wiretap warrant would allow.

                              reply to this | link to this | view in chronology ]

                              • identicon
                                Anonymous Coward, 17 Mar 2016 @ 10:50am

                                Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                                Just like spying on US citizens without a warrant is prohibited by the constitution........

                                reply to this | link to this | view in chronology ]

                          • icon
                            Uriel-238 (profile), 16 Mar 2016 @ 12:21pm

                            There's an app for that.

                            My favorite one is Apple's claims that the FBI will force them to turn on microphones and cameras remotely without your permission. That was the wildest one.


                            You're not wearing the beanie right.

                            I don't remember Apple saying that. I DO remember software packages emerging used by the NSA and CIA (right around the Snowden revelations) to turn on cameras and mics, to surreptitiously record and then to send that data back home as network access permits. This was before iOS and Android were fully encrypted.

                            One fun kit would take pictures with gyroscope and positional data so that enough pictures around a place could produce a 3D model of the target's dwelling or workplace (or anywhere else he commonly was).

                            I suspect that if government agencies can force Apple to develop, sign and force-update a phone, it's only one or two steps before they can force apple to install apps like this on target phones.

                            And remember these targets are not known, tried-and-convicted terrorists, but normal people, sometimes even Americans, whose lives have just had a few too many coincidences. Too many times a guy whose name is only similar to some person-of-interest has gotten caught up in US extrajudicial activities. Other times it's a guy who encountered a guy who knew a guy.

                            Probably not in the biblical sense.

                            reply to this | link to this | view in chronology ]

                            • icon
                              Whatever (profile), 16 Mar 2016 @ 5:44pm

                              Re: There's an app for that.

                              If you don't remember Apple saying it, then you can just read the quotes in the article (the one Techdirt refused to consider for part of a post):

                              http://www.theguardian.com/technology/2016/mar/10/apple-fbi-could-force-us-to-turn-on-iphone-c ameras-microphones

                              "Someday they will want [Apple] to turn on [a user’s] camera or microphone. We can’t do that now, but what if we’re forced to do that?"

                              ...and it goes on from there.

                              reply to this | link to this | view in chronology ]

                              • icon
                                Uriel-238 (profile), 16 Mar 2016 @ 7:37pm

                                Re: Re: There's an app for that.

                                Fair enough. But my point is that turning on mics and cams was really a thing long before encryption and the Apple affair. In fact, turning on mics and encryptions and whatever else Apple and Google can't talk about due to NSL gags is how we got to encryption becoming a standard OS feature in the first place, to stop that bullshit.

                                I think, Whatever, you trust state agencies more than the rest of us, and to be sure the history has shown they have lost the trust of the people, just in the eary while I've been reading TechDirt in betrayal after betrayal of the people of the US and the faith and credit of this nation. (And I'm not even addressing before I was on TD, when the Bush atrocity engine was going full steam.)

                                In fact, I'd go as far as to say we have retroactively earned all the rage behind 9/11. I may once have believed the US was the good guys, but now my nation is just a bully brute and an imperialist hotbed.

                                So no. The Feds don't deserve any further privileges to encroach on the rights of civilians. They deserve, in fact, far less trust than they take.

                                reply to this | link to this | view in chronology ]

                                • icon
                                  Whatever (profile), 16 Mar 2016 @ 8:52pm

                                  Re: Re: Re: There's an app for that.

                                  "I think, Whatever, you trust state agencies more than the rest of us,"

                                  No, I look at both in the same way, with an exception: law enforcement is put in place for the unfortunate but socially required efforts to make everyone follow the law of the land. They are human too and they, like you, will make mistakes or overstep the law from time to time, and likely pay a bigger price than you ever will for it.

                                  I don't want to give the feds MORE rights, but I also don't want to give the people a way to avoid what has been fair game for the feds for 300 plus years. It's a key point of discussion, you know, balance.

                                  reply to this | link to this | view in chronology ]

                                  • icon
                                    MrTroy (profile), 16 Mar 2016 @ 9:49pm

                                    Re: Re: Re: Re: There's an app for that.

                                    They are human too and they, like you, will make mistakes or overstep the law from time to time, and likely pay a bigger price than you ever will for it.


                                    Yeah... but no. A law enforcement officer is much less likely to pay ANY price for overstepping the law than some other person, even if they do so regularly and maliciously.

                                    I don't want to give the feds MORE rights, but I also don't want to give the people a way to avoid what has been fair game for the feds for 300 plus years. It's a key point of discussion, you know, balance.


                                    And what exactly has been fair game for the feds for 300 plus years? Detailed location data for a person over days and months? A list of everyone that a person has contacted over days and months? Every little note and shopping list that a person has written?

                                    Encrypting a phone's contents is just like writing notes in a cipher. The police are welcome to try to break it, but there's no guarantee of success. Just like it has been since writing existed.

                                    The balance you say you're asking for is for digital devices to be restricted so they CANNOT be as secure as physical objects... and you've yet to discuss that with anyone, other than saying the same thing over and over and over and over, without acknowledging that anyone has even tried to join the "discussion".

                                    reply to this | link to this | view in chronology ]

                                  • identicon
                                    Anonymous Coward, 17 Mar 2016 @ 5:14am

                                    Re: Re: Re: Re: There's an app for that.

                                    They are human too and they, like you, will make mistakes or overstep the law from time to time, and likely pay a bigger price than you ever will for it.

                                    Name one.

                                    reply to this | link to this | view in chronology ]

                                  • identicon
                                    Anonymous Coward, 17 Mar 2016 @ 11:17am

                                    Re: Re: Re: Re: There's an app for that.

                                    They are human too and they, like you, will make mistakes or overstep the law from time to time, and likely pay a bigger price than you ever will for it.

                                    Lol. Yeah, sure. If there's one thing that we can all agree on, it's that people in law enforcement are always punished for breaking the law, and even more harshly than others. Happens every time. The exact opposite is certainly not epidemic.

                                    reply to this | link to this | view in chronology ]

                              • icon
                                MrTroy (profile), 16 Mar 2016 @ 9:31pm

                                Re: Re: There's an app for that.

                                Thank you for finally providing a link!

                                Note also that this link is purely an Apple spokesperson speaking to the media. It is not an Apple legal filing or motion in the case.

                                Feel free to point to the media circus to comment on the aims of one or the other of the parties, but so far as I can tell, only the FBI has lied in the actual court case so far.

                                reply to this | link to this | view in chronology ]

                          • icon
                            Ninja (profile), 16 Mar 2016 @ 12:37pm

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            But it's a very artificial limitation which every hacker would have long since known about and targeted.

                            No. NO. It is part of a good set of security practices. Any site, device, machine that needs a password should use it. If there is a limitation on the amount of digits you can input you MUST limit the attempts as part of the security. See bank/credit card pins. Of course you decided that what you think is gospel and the universal truth so I expect you'll keep being wrong about it.

                            It likely would require a major change in many of the ways Apple does updates and applies patches.

                            Actually no. They just need to ask permission to install the update. This would patch such vulnerability.

                            My favorite one is Apple's claims that the FBI will force them to turn on microphones and cameras remotely without your permission. That was the wildest one. The lesser wild one is the concept that the FBI will somehow force this update onto every iphone ever made. That isn't the case at all.

                            Ah the dumbness. What prevents the FBI from asking them to turn on mics and cameras? Just a curiosity. If your answer is nothing then you are wrong (I do want to see how you are gonna twist your petty brain to fit this to your view so do answer please). And nobody said they would make Apple do it with every phone. But what if Adolf McHitler becomes president tomorrow? As a reality note to you: law enforcement and intelligence agencies are already abusing their powers in this Government.

                            The 10 tries limit is common, indeed - common in otherwise insecure setups!

                            My gmail password is 10 digits long and Google still asks for additional steps if I get it wrong more than 3 times (common when you are drunk). Is it insecure? No. What such limits do is to increase security for ANY PIN/PASSWORD LENGTH. It is a security measure and deactivating it WILL weaken your encryption because it makes it easier to brute force or try different exploits many times.

                            Everyone already knows that the 10 tries system is vunerable

                            It is not. The vulnerability lies in the auto-update system. Actually such system works just like removing limits. Weakens encryption. The exception here is that the company takes many steps to mitigate such thing so only the company itself can use it. How they can keep it safe? Because they don't have to disclose the system to 3rd parties as they would need to do in case the Govt get what they want. See? The 10 tries limit is another layer of security.

                            I could go on

                            Please don't. Shut up already and keep your bullshit to yourself. There are plenty of people much more enlightened and knowledgeable than you (and me for that matter) that already explained how wrong you are.

                            You don't have to think too hard to see that they are doing a whole lot of arm waving about nothing.

                            Apparently you fail at thinking softly as well.

                            reply to this | link to this | view in chronology ]

                            • icon
                              Whatever (profile), 16 Mar 2016 @ 5:51pm

                              Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                              "No. NO. It is part of a good set of security practices. Any site, device, machine that needs a password should use it. If there is a limitation on the amount of digits you can input you MUST limit the attempts as part of the security. See bank/credit card pins. Of course you decided that what you think is gospel and the universal truth so I expect you'll keep being wrong about it."

                              No, it's part of a BAD set of security practices to make up for an incredibly weak link in the chain. Rather than fixing the weak link, they put a band aid over it and give every hacker in the universe a target. They basically shine a very bright light on the weakest part and say "don't come here".

                              "What prevents the FBI from asking them to turn on mics and cameras? Just a curiosity. If your answer is nothing "

                              See above post, things like warrants, probable cause, limits on a wiretap, privacy of third parties and third party locations, etc... moreover, it would essentially require it to be rolled out to all users in a signed update, which would put Apple at risk for lawsuits.

                              "The vulnerability lies in the auto-update system."

                              I don't think of it as a vulnerability, I suspect it's more of a needed setup for updates to work properly and for Apple to be able to apply patches. It appears to be a trap door created to handle situations where the phone is either not accessible or has been bricked to some extent.

                              "Shut up already and keep your bullshit to yourself."

                              Thanks for your vote for free speech. I always love when a Techdirt regular crows on about the constitution and then turns around and tells someone to shut up and stop speaking. Two faced piece of... you know the rest. If you have nothing nice to say, just "Shut up already and keep your bullshit to yourself." Teacher yourself first, you have a lot to learn.

                              "Apparently you fail at thinking softly as well."

                              At least I am thinking for myself, and not just regurgitating the party line. You should try thinking for yourself sometimes too... after of course you learn that rights aren't just yours, they are common to all of us.

                              reply to this | link to this | view in chronology ]

                              • icon
                                MrTroy (profile), 16 Mar 2016 @ 9:42pm

                                Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                                No, it's part of a BAD set of security practices to make up for an incredibly weak link in the chain. Rather than fixing the weak link, they put a band aid over it and give every hacker in the universe a target. They basically shine a very bright light on the weakest part and say "don't come here".


                                You realise that the weak link is the user, don't you? And the user doesn't want to be fixed.

                                after of course you learn that rights aren't just yours, they are common to all of us.


                                Same goes for security. Perhaps you are happy barely using your phone, but you seem overly cavalier in saying that everyone else is being stupid and weak for using their phone in ways that are convenient to them, to do the things they want to do, via the tools that have been marketed to them.

                                Saying that security should only exist for the skilled is just poor form.

                                http://swiftonsecurity.tumblr.com/post/98675308034/a-story-about-jessica

                                reply to this | link to this | view in chronology ]

                              • icon
                                nasch (profile), 16 Mar 2016 @ 10:25pm

                                Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                                No, it's part of a BAD set of security practices to make up for an incredibly weak link in the chain.

                                Brute force limitations are a good thing, no matter how strong the passwords are. Even if it's a 20 character alphanumeric password, how can limiting brute force attempts possibly be a BAD thing as you claim?

                                reply to this | link to this | view in chronology ]

                              • icon
                                Ninja (profile), 17 Mar 2016 @ 5:35am

                                Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                                they put a band aid over it and give every hacker in the universe a target

                                No. They added another layer of armor to protect the weak link: the users. Requiring longer passwords would help? Sure. Requiring special chars would help? Yes. But they are all additional layers that will make everyday use less practical. Limiting the tries adds security without making it less practical.

                                See above post, things like warrants, probable cause, limits on a wiretap, privacy of third parties and third party locations, etc

                                Keep ignoring the fact that law enforcement and intelligence agencies are abusing their surveillance capabilities DESPITE the Constitutional and law safeguards you mentioned. Carry on.

                                I don't think of it as a vulnerability, I suspect it's more of a needed setup for updates to work properly and for Apple to be able to apply patches.

                                No, it is not needed. On Android phones you can set updates to manual (which is what I do). Windows could be managed that way up to 7. You can authorize patches or deny them. In fact I have already denied some updates and patches on my phones and on W7. You don't think and you would be wrong.

                                It appears to be a trap door created to handle situations where the phone is either not accessible or has been bricked to some extent.

                                No. Meddling with the phone when it bricks for some reason uses other mechanisms and not all phones use the same. Some android phones have some sort of "ftp" (I'm using ftp very loosely here) protocol that keeps active even if the rom is corrupted. So you are wrong. Again.

                                Thanks for your vote for free speech.

                                Oh I'm not limiting your speech. Although you seem to be trying hard to let the Governments screw it. I have nothing nice to say to little tyrants. And thankfully free speech lets me say not so nice things.

                                You should try thinking for yourself sometimes too... after of course you learn that rights aren't just yours, they are common to all of us.

                                Awww, the clown. Says the guy who couldn't care less with the implications of what the Government is pulling. Even after tons of EXPERTS have repeatedly shown how problematic it is.

                                reply to this | link to this | view in chronology ]

                      • identicon
                        kallethen, 16 Mar 2016 @ 5:38am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        You are being very near-sighted if you think forcing Apple to comply with this will only affect this one phone. Or even the dozen phones the FBI is waiting to use this as precedent on. Or the hundreds of phones that other police departments are waiting to use this as precedent on. Or that something like this won't get misused by the government or hackers.

                        And don't try to sell me on that nobody in the FBI would break the law and abuse this. Humans aren't perfect, there's at least a few bad apples spoiling the bunch in any organization.

                        reply to this | link to this | view in chronology ]

                        • identicon
                          Anonymous Coward, 16 Mar 2016 @ 8:39am

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                          A perfect example of this being how government agencies intentionally interpreted the Patriot Act in a way that no one else did, even the writers of it. They took the greatest liberty in abusing the law in order to establish a massive operation to spy on the American people despite it being clear to everyone else that that was illegal (and ineffective for its stated purpose).

                          What happens when "just this one time," Apple gives the FBI what it wants. Apple won't be able to supervise the FBI's use of the software. They won't have the clearance to have software engineers watching the FBI unlock the phone. The FBI can copy the software and reuse it later (and won't have to ask permission because they'll already have it in their utility belt). And if they need more help from Apple, the next excuse will be: "But you helped us out last time, so it's perfectly reasonable to help us out again."

                          Giving in to this request is like giving a tantrum-throwing child what he wants the first time. He'll demand even more later and it will be too late to stop him then, so you stop him now.

                          reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 15 Mar 2016 @ 9:06pm

                Re: Re: Re: Re: Re: Re:

                I choose to use a free gmail account on my phone that is not my "normal" account because I don't like them tracking me, so I give them LESS to work with.

                So what you're saying is that you don't have something to hide, you simply put up the appearance of having something to hide.

                Wasn't that the argument you used against Aereo? If you go out of the way to operate legally while making it difficult for the law or government to come after you, you deserve whatever book they throw at your head?

                reply to this | link to this | view in chronology ]

                • icon
                  Whatever (profile), 15 Mar 2016 @ 10:22pm

                  Re: Re: Re: Re: Re: Re: Re:

                  I think you are potentially the worst troll around, not even trying very hard.

                  Not giving information away doesn't mean you have anything to hide. Do you put your social security number on the outside of your car, or post your bank account number on every street corner? I choose the same with my phone, not putting a bunch of information on it that I would want other people to have, and that for me includes tracking and matching my web habits and my mobile use.


                  "Wasn't that the argument you used against Aereo?"

                  No my argument against Aereo was that they were clearly breaking the law, and trying to use a bunch of court rulings to build up a series of excuses as to why they were not QUITE breaking the law. Thankfully, the courts saw through their crap, and called it like it is.

                  Just like Apple, Aereo tried to argue the "length of wire" thing rather than dealing with the true meat of the situation (distribution of copyright programming without licensing). Apple want to talk scary "oh noes the gubbermint gonna backdoor your phone, turn on your camera and microphone, and record you fapping to Kim Kardashian's little sister" or something like that. It's would be humorous if they weren't so serious about it. Aereo lost because they picked the wrong points to argue, and Apple risks doing exactly the same. They are trying to make a case against a strawman that the courts are likely not even to consider in this case.

                  reply to this | link to this | view in chronology ]

                  • identicon
                    Anonymous Coward, 15 Mar 2016 @ 10:35pm

                    Re: Re: Re: Re: Re: Re: Re: Re:

                    Not giving information away doesn't mean you have anything to hide.

                    Of course, that's not what the government believes. "If you have nothing to hide, you have nothing to fear when we rifle through your stuff" is the consistent drum they've been beating.

                    You keep wanting to insist that a precedent is not being sought despite the members of law enforcement busily joining a long queue for requests when the precedent does get set in their favor.

                    And nice attempt at a sad argument in the beginning. You're the one demanding for more government accessibility to your data. The rest of us saner individuals, who recognize that everyone has something to hide, aren't that dumb. What it looks like is you'd rather we were - which is odd, considering that you use throwaway email accounts to fudge your identity, while rallying with the group that cheers the usage of the CFAA to go after TOR users.

                    reply to this | link to this | view in chronology ]

                    • icon
                      Whatever (profile), 16 Mar 2016 @ 3:40am

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      "You keep wanting to insist that a precedent is not being sought despite the members of law enforcement busily joining a long queue for requests when the precedent does get set in their favor."

                      The argument is really meaningless, because the court hasn't ordered encryption to be broken or for the OS to be made less secure. Using the same technique on other, older phones seems like a reasonable concept. Any precedent set is only to do the same thing, which would be pretty normal.

                      "You're the one demanding for more government accessibility to your data. "

                      No, I am arguing that your personal data on a digital device should not have MORE protection than a piece of paper, a safety deposit box, or a locked safe. You seem intent on creating a special "it's digital so it's always out of reach" exemption that flies in the face of mor than 300 years of US court rulings on privacy, warrants, and legal searches.

                      reply to this | link to this | view in chronology ]

                      • icon
                        MrTroy (profile), 16 Mar 2016 @ 5:21am

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        No, I am arguing that your personal data on a digital device should not have MORE protection than a piece of paper, a safety deposit box, or a locked safe. You seem intent on creating a special "it's digital so it's always out of reach" exemption that flies in the face of mor than 300 years of US court rulings on privacy, warrants, and legal searches.


                        And yet a piece of paper and a locked safe CAN be designed so they are "always out of reach" of the government. So can a whisper in the night. As has been pointed out elsewhere, police investigations have always had to deal with information which is unobtainable. Why should digital security be legislated to be weaker than physical security?

                        reply to this | link to this | view in chronology ]

                      • icon
                        Ninja (profile), 16 Mar 2016 @ 12:14pm

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        because the court hasn't ordered encryption to be broken or for the OS to be made less secure

                        Yes it has. Repeating the contrary doesn't make it true.

                        Any precedent set is only to do the same thing, which would be pretty normal.

                        No it would not because it has far reaching implications. And there are other serious issues besides the already problematic precedent part.

                        No, I am arguing that your personal data on a digital device should not have MORE protection than a piece of paper

                        You bet. Except that if I rig a safe with a piece of paper containing information that law enforcement wants the company can't be forced to weaken the security so the feds can open without destroying the paper. Which in turn can't make owners of that same safe less secure by default.

                        You seem intent on creating a special "it's digital so it's always out of reach"

                        What about: it's a personal conversation that can't be logged at all so it will be always out of reach? Even if the Govt succeeds in this case, what if everybody build effectively unbreakable encryption in the future closing even the cloud backups loophole in the future? Then what? Then law enforcement will work with what they can and that's perfectly fine.

                        reply to this | link to this | view in chronology ]

                        • icon
                          Whatever (profile), 16 Mar 2016 @ 5:59pm

                          Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                          "Yes it has. Repeating the contrary doesn't make it true"

                          Please show me the point where the court ordered Apple to break the encryption. You won't find it.

                          "Except that if I rig a safe with a piece of paper containing information that law enforcement wants the company can't be forced to weaken the security so the feds can open without destroying the paper. Which in turn can't make owners of that same safe less secure by default."

                          Within reason, yes they can. They could ask, as an example, a bank to open an outer door so their locksmith could work on a safety deposit box. They could remove a brick wall that covers a safe. They could disarm an alarm system that would go off if someone access the room, or any other number of things. The safe would still be as safe as it always was.

                          Apple's problem is that their "safe" is about as secure as a $2 padlock. So they bubble wrapped it and tried to put another layer on top to make up for it. It's why Apple is crying so loudly and trying to misdirect everyone, because they don't want to have a discussion about how weak their passcode system is, and how it essentially negates their "security chip" technology.


                          "it's a personal conversation that can't be logged at all so it will be always out of reach? "

                          If you recorded it, it would not be out of reach. That your words are recorded on an electronic device should be no different than a tape recording or a written log.

                          "what if everybody build effectively unbreakable encryption in the future closing even the cloud backups loophole in the future? "

                          My guess is that at some point, a law will be passed which will limit the level of encryption in commercial products. I wouldn't be shocked to see wording that would make someone having seriously over strong encryption on personal documents held in contempt of court until such time that they unlock in the encryption. There is a point where the common interest of the public exceeds that of the individual interest of the person. Remember, it's "we the people" not "me the person" on that constitution...

                          reply to this | link to this | view in chronology ]

                          • identicon
                            Anonymous Coward, 17 Mar 2016 @ 12:13am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            "So if you don't like how the government runs or does things, fight them! I hate the government. Just don't break any of their laws because that's naughty, but do all you can within limits that have been nerfed to the point that any significant action you could take would be the equivalent of building a fortress wall out of toilet paper! ...Of course, nothing to stop the government eventually outlawing that, which I demand takes place because people encryption their phones! Fuck that noise!"

                            reply to this | link to this | view in chronology ]

                          • icon
                            Ninja (profile), 17 Mar 2016 @ 5:48am

                            Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                            Please show me the point where the court ordered Apple to break the encryption.

                            Read your statement again: "because the court hasn't ordered encryption to be broken or for the OS to be made less secure". I'm talking about the last part. And essentially a weaker, less secure encryption is inherently broken.

                            The safe would still be as safe as it always was.

                            And upon violation the documents would be destroyed. That's good security. GovtOS would eventually find the wild and make everybody less safe. In the safe case there is no way to make it less safe because even if you reduce security barriers in the end one of the safety measures will make the documents vanish denying access to law enforcement or criminals.

                            Apple's problem is that their "safe" is about as secure as a $2 padlock.

                            Not really. And the problem comes from the auto-update feature, not the shorter pin. Because the security is multiplied tenfold by adding the try limits (which you can't understand despite people with much more expertise explaining in details). The password system is not weak. And so isn't the auto-update security. But they can be forced to weaken the password system via that avenue.

                            If you recorded it, it would not be out of reach.

                            And yet the courts will not accept some recorded conversations because they go beyond what the law allows. But you are misleading: the case is not on record or off record, it is availability. An encrypted piece of hardware holding said conversation without its keys is no better than no records of said conversation. In this specific case there is a possibility that Apple may be able to help via its auto-update system but the implications are severe for the company and for your Constitutional rights. But you don't care about rights as long as your little tyrant inside is satisfied, right?

                            My guess is that at some point, a law will be passed which will limit the level of encryption in commercial products.

                            May God have mercy of us if that actually happens.

                            There is a point where the common interest of the public exceeds that of the individual interest of the person. Remember, it's "we the people" not "me the person" on that constitution..

                            Indeed. And there are plenty of people that disagree vehemently with you. But hey, let's just write The Whatever Bill of Rights and go with it, no?

                            reply to this | link to this | view in chronology ]

                    • identicon
                      Anonymous Coward, 16 Mar 2016 @ 8:12am

                      Re: Re: Re: Re: Re: Re: Re: Re: Re:

                      I will be laughing my head off if it transpires that this Whatever person uses TOR to access and comment on this site.

                      reply to this | link to this | view in chronology ]

                      • identicon
                        Anonymous Coward, 16 Mar 2016 @ 5:43pm

                        Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

                        Not entirely sure about Whatever, but antidirt/average_joe/the Anonymous asshole who mimics a chicken has publicly admitted to using TOR to mask his IP address so he can spam the site.

                        Whatever has also threatened to downvote everybody using 50 IP addresses, again via TOR.

                        So... yeah. One law for the copyright fanboys, one fuck for everyone else.

                        reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Howard, 16 Mar 2016 @ 3:30am

                Re: Re: Re: Re: Re: Re:

                I don't want the government checking everyone's phone

                Then you should support Apple in this case.

                reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 16 Mar 2016 @ 5:08am

                Re: Re: Re: Re: Re: Re:

                "Fuck the government, if you don't like it change it, but if it comes knocking on your door and breaking through all your security, let it. Can't break the law to change it, don't you know! And fuck Apple, because Mike Masnick is such a fanboi."

                reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 16 Mar 2016 @ 12:24pm

                Re: Re: Re: Re: Re: Re:

                "I don't want the government checking everyone's phone everyones phone or everyones anything else for that matter - except what is public and observable."

                The government thinks that your phone's location in almost real time is totally public and observable, since it's connecting to a cell tower. And whether you like it or not, they were, and probably still are, tracking metadata from every phone call you've made since about 2002.

                "However, if I get arrested for something, I expect a warrant to be served for my house, my car, my workplace, my storage facility, my safety deposit box, and yes, my computer and phone as well provided there is probably cause."

                That depends on what you are arrested for. If I'm arrested for shoplifting a candy bar I would not expect them to inspect my safety deposit box, even though I suppose it's technically possible that I have candy bars in there. I am curious as to what information you think is on this phone - the government-owned phone that they didn't bother burning like the others. And by the way, if the government is telling the truth and they found it powered off, it almost certainly won't have relevant location data.

                "If I had a wall safe, they could break in, and it would be legal."

                Yeah, probably. Especially if the government owned the safe and you were already dead. They don't have the right to force the safe-maker to open it for them, though.

                They can execute a warrant for my papers, sure. (As long as they aren't attorney-client papers, or a diplomatic pouch, or information about a journalist's sources, or anything else where they aren't allowed to search it even WITH a warrant. In some states doctor-patient is also protected.) Right now I'm thinking of something I wrote down, that they almost certainly wouldn't figure out what it was because it's not in plain text and is buried among hundreds of similar-looking papers, and even they found it and somehow knew it was significant I would be extremely impressed if they could actually extract the data from it.

                The government indisputably has the right to search the phone (heck, it's a government-owned phone.) And they have the phone. They just don't have the right to force Apple to write software for them so they can make sense of the contents. By the way, the government also has the right to search the phones that were burned and destroyed by the terrorists (you know, the ones that probably contain actual evidence... at least the terrorists seemed to think so.) They can't get information out of those, either.

                reply to this | link to this | view in chronology ]

          • This comment has been flagged by the community. Click here to show it
            icon
            Whatever (profile), 15 Mar 2016 @ 8:17pm

            Re: Re: Re: Re:

            "why should my privacy be up for grabs from some guy 1500 miles from me?"

            it isn't. That is a total strawman argument. Nobody wants to check your phone every day or violate your privacy. None of this is about suddenly making your electronic devices into an open book for the world.

            You swallowed the Apple colored pill. Spit it up before you start thinking Steve Jobs was god and anything without a fruit on it is crap.

            reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 15 Mar 2016 @ 8:37pm

              Re: Re: Re: Re: Re:

              Of course people want to violate your privacy. People want to collect your emails, collect your passwords, steal your identity, steal your credit card information...

              And the only thing stopping them is good encryption, good security, and good awareness of the information you're leaving around. And protecting all of that from the government is part and parcel with protecting it from everyone else.

              If a system is insecure, then it's insecure period. And this case in itself has already made several possible attack vectors public knowledge, which is already an issue already. Attack vectors that should be patched out in newer releases, provided that security is still allowed to improve.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 15 Mar 2016 @ 8:51pm

              Re: Re: Re: Re: Re:

              I'm not an Apple fanboi by a long shot. I only use Android and Microsoft OSs. But Apple is right here for the same reason that Google or Microsoft would be right to refuse to actively write code (a 1st amendment act) to subvert their own security protocols and then just hand the code over to the government as if the government would only use such power on a single device.

              The government wouldn't be fighting this hard if it were just one device they wanted access to. They want on-demand access to smartphones the way they've had on-demand access to phone records and emails (which has been ruled illegal several times).

              Sometimes warrants don't find anything and sometimes the cops can't access information and the world continues to spin. You believe that you're special and you don't mind others being searched, but you have no rights if no one else's rights are protected because no one will speak for you if/when there comes an occasion when the government wants to violate your rights.

              reply to this | link to this | view in chronology ]

            • icon
              Uriel-238 (profile), 15 Mar 2016 @ 10:33pm

              Nobody wants to...

              Nobody wants to check your phone every day or violate your privacy. None of this is about suddenly making your electronic devices into an open book for the world.

              Wait...you aren't wearing your...you don't...SOMEBODY GET THIS MAN A TINFOIL BEANIE, STAT!

              You are obviously not a black man in Missouri, or a Hispanic person in Chicago. In those places, yes the police totally do want to get into their phones specifically to fish for something prison-worthy.

              Obviously, Whatever, you live somewhere else kinder and gentler where everyone is the same color and beat officers have nothing better to do but rescue cats stuck in trees.

              The rest of us are less fortunate and don't get to live that way.

              reply to this | link to this | view in chronology ]

              • icon
                Uriel-238 (profile), 15 Mar 2016 @ 10:33pm

                and crap.

                reply to this | link to this | view in chronology ]

              • icon
                Uriel-238 (profile), 15 Mar 2016 @ 10:34pm

                and crap.

                I seem to have screwed up my markups.

                Sorry all.

                reply to this | link to this | view in chronology ]

              • identicon
                Anonymous Coward, 15 Mar 2016 @ 11:40pm

                Re: Nobody wants to...

                You are obviously not a black man in Missouri, or a Hispanic person in Chicago. In those places, yes the police totally do want to get into their phones specifically to fish for something prison-worthy.

                Obviously, Whatever, you live somewhere else kinder and gentler where everyone is the same color and beat officers have nothing better to do but rescue cats stuck in trees.

                The rest of us are less fortunate and don't get to live that way.


                Consider Whatever's claims made over the course of his signed-in account:

                - less police oversight is needed because being an officer is stressful as hell and yes, the police needs to shoot everyone who looks like they might be holding a cell phone
                - asking that law enforcers exercise a little more restraint is the equivalent of allowing criminals to arm themselves with babies for use as hostages
                - it's okay for officers to use shitty sniffer dogs and put suspects through the wringer with no repercussions for not making sure they didn't catch the wrong person

                This surprises who, exactly?

                reply to this | link to this | view in chronology ]

            • icon
              Ninja (profile), 16 Mar 2016 @ 12:19pm

              Re: Re: Re: Re: Re:

              That is a total strawman argument. Nobody wants to check your phone every day or violate your privacy.

              No? What about a dictatorship or a totalitarian, religious regime? What about a racially biased law enforcement agency? Obviously it's all about you and you would never be in such position, right?

              None of this is about suddenly making your electronic devices into an open book for the world.

              Because no criminal, terrorist, foreign government will ever take the opportunity, right? No, no crime will be set up so some 'spy' lawyer will get their hands in the code and copy it effectively opening the doors, right? That's not easy at all, right? The backdoor will always be very, very safe against such intrusions, right?

              You swallowed the Apple colored pill. Spit it up before you start thinking Steve Jobs was god and anything without a fruit on it is crap.

              Funny, you seem to have swallowed the Govts dick whole. And you are loving the taste.

              reply to this | link to this | view in chronology ]

        • identicon
          Let's play: Narcissist Or Troll?, 15 Mar 2016 @ 7:24pm

          Re: Re: Re:

          it must be really weird to live where there is absolutely no space for compromise or consideration for others

          lol did Whatever just say those words?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 15 Mar 2016 @ 7:51pm

            Re: Re: Re: Re:

            > Let's play: Narcissist Or Troll?

            I have little doubt. My vote falls on 'Troll'.

            Might be Narcissistic as well, but that's definitely bridge moss on his nose.

            reply to this | link to this | view in chronology ]

        • identicon
          Peter Dolkens, 15 Mar 2016 @ 8:33pm

          RE: Whatever

          What you seem to be ignoring is - if the Government wins this case, it does nothing but hurt America.

          Foreign countries will not use Apple, or ANY US made devices, because they don't want US backdoors in their hardware.

          Terrorists and Criminals will continue to use non-compromised encryption, via one of the hundreds of other apps, 2/3rds of which are foreign made and owned.

          You and your fellow "regular" citizens will be at increased risk from hackers, crackers, and the "criminals" that you are so desparately trying to protect yourself from, and in the meantime, the real criminals are all sitting back, having a laugh at your expense.

          reply to this | link to this | view in chronology ]

        • identicon
          Peter Dolkens, 15 Mar 2016 @ 8:36pm

          RE: Whatever

          What you seem to be ignoring is - if the Government wins this case, it does nothing but hurt America.

          Foreign countries will not use Apple, or ANY US made devices, because they don't want US backdoors in their hardware.

          Terrorists and Criminals will continue to use non-compromised encryption, via one of the hundreds of other apps, 2/3rds of which are foreign made and owned.

          You and your fellow "regular" citizens will be at increased risk from hackers, crackers, and the "criminals" that you are so desparately trying to protect yourself from, and in the meantime, the real criminals are all sitting back, having a laugh at your expense.

          > So yeah, enjoy your black crayon world, it must be really weird to live where there is absolutely no space for compromise or consideration for others.

          The only one that's living in a crayon world here is you, if you honestly believe this will make you MORE secure. Go do a computer security course, and maybe spend a few years programming until you realise just how easy it is to compromise something with a deliberate flaw.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 15 Mar 2016 @ 8:55pm

          Re: Re: Re:

          Wait you are seriously taking Stalin's stance here? His infamous quote "Ideas are more powerful than guns. We would not let our enemies have guns, why should we let them have ideas."

          First lets consider the recurring Freudian slip of "We need to restore trust in ." speech after a major scandal. Instead of focusing on to fix the problem or prevent future occurrences their first thought is their reputation. So deep is the corruption that they don't even think it is important enough to lie about fixing the issue because they don't even see it as a problem!

          Viewing freedom as a weapon strikes me as a pattern of thought stemming from a philosophy of corruption. How do the corrupt come to the conclusion that freedom is a weapon? If freedom prevents them from protecting themselves from their misdeeds it will lead to their destruction.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Mar 2016 @ 5:30am

          Re: Re: Re:

          So yeah, enjoy your black crayon world, it must be really weird to live where there is absolutely no space for compromise or consideration for others.

          You too :)

          reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 15 Mar 2016 @ 5:34pm

      Re:

      So, Mr. Absolutist... is this another attempt at humor?

      reply to this | link to this | view in chronology ]

    • identicon
      Chicken, 15 Mar 2016 @ 10:51pm

      Re:

      Even if Apple agreed to decrypt every phone, there is nothing stopping criminals/terrorists from encrypting their data themselves instead of relying on Apple's encryption. This whole case is pointless.

      reply to this | link to this | view in chronology ]

    • icon
      daleth (profile), 15 Mar 2016 @ 10:52pm

      Re:

      Nope. The government already tried that with PGP in the `90s. Read the wikipedia page on PGP.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Mar 2016 @ 7:35am

      Re:

      Given the grilling that Comey got from the Congressional committee tasked with this, I doubt very seriously Congress would be willing to give the FBI what they want, which of course is the whole reason they are trying to get a judicial ruling rather than going through Congress in the first place.

      reply to this | link to this | view in chronology ]

    • identicon
      observer, 16 Mar 2016 @ 8:00am

      Re:

      Apple may think the founders would have been appalled, but honestly, they would have been appalled at the largest companies in the country working hard to protect criminals and terrorists who are bent on harming America, Americans, and the like.


      I think they'd have been more appalled at the government they helped to found becoming itself the world's biggest collection of criminals and terrorists.

      reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 16 Mar 2016 @ 8:01am

      Re:

      Apple may think the founders would have been appalled, but honestly, they would have been appalled at the largest companies in the country working hard to protect criminals and terrorists who are bent on harming America, Americans, and the like.

      I wonder how many of the Founders would be considered criminals at best and terrorists at worst today because of their actions. But carry on, terrorism is scary boo-hoo.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 5:30pm

        Re: Re:

        I wonder how many of the Founders would be considered criminals at best and terrorists at worst today

        I believe the King of England thought that of them back in the day.

        But the winners get to write the history books.

        (Note how many were Masons and how they violated their Masonic oaths also)

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Mar 2016 @ 5:04pm

    Lies and a smear campaign. Very professional.

    reply to this | link to this | view in chronology ]

    • icon
      SteveMB (profile), 15 Mar 2016 @ 5:53pm

      Re:

      Lies and a smear campaign. Very professional.

      Yep. Maybe next time the Feds will avoid doing that and not get their butts handed to them in the response....

      reply to this | link to this | view in chronology ]

  • identicon
    Digitari, 15 Mar 2016 @ 5:18pm

    rights vs civil rights

    I will continue to be Civil as long as you do not infringe on my Rights!!

    They called it a Civil war last time, and it was anything but.

    Imagine the next One.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 15 Mar 2016 @ 7:32pm

    My new favorite phrase "lawaful requests".

    reply to this | link to this | view in chronology ]

  • icon
    Bergman (profile), 15 Mar 2016 @ 8:31pm

    Perjury?

    At what point does filing an untrue statement with a court constitute lying to that court?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Mar 2016 @ 5:05pm

      Re: Perjury?

      At what point does filing an untrue statement with a court constitute lying to that court?

      The instant you do it. The crime however is Perjury and that requires a DA for charges or a Grand Jury to true bill. Then ya need a DA who'll take the charges to trial.

      Now *IF* it is a lawyer they can NEVER lie to a Court. They can only perform professional misconduct. And now you involve the Bar Association of the States where someone holds a card. But, as far as I know, ANYONE can file a bar grievance. Read the State rules and if you think the bar-card holder has violated them, file a grievance.

      The last time anyone looked at corrupt lawyers was the "Clark Commission". http://www.americanbar.org/content/dam/aba/migrated/cpr/reports/Clark_Report.authcheckdam.pdf Back in the days of Nixon.

      reply to this | link to this | view in chronology ]

      • icon
        Uriel-238 (profile), 16 Mar 2016 @ 7:17pm

        It's an important term. Say it with me now:

        Prosecutorial discretion. Wikipedia calls it selective enforcement. Essentially if Bill the Cop is charged for murdering a grandmother, but the DA likes Bill, he can choose not to prosecute.

        And if the DA doesn't like niggers, then he can arrange that every little thing in which the suspect is a black guy is indicted and prosecuted to get more of those terrible thugs off the streets and into our penal system.

        And if the DA wants to sleep with your wife, he can bust you, and then arrange she provides all the service she wants to keep you from winding up in solitary for your fifty years. In fact, that'd make a damn good Harlequin Romance novel plot.

        It's why we keep a lot of stupid laws and mandatory minimums.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 17 Mar 2016 @ 2:02am

          Re: It's an important term. Say it with me now:

          Prosecutorial discretion. Wikipedia calls it selective enforcement. Essentially if Bill the Cop is charged for murdering a grandmother, but the DA likes Bill, he can choose not to prosecute.

          This is why one needs to work to reverse policy and get people to instead follow law so you can get your criminal complaint in front of the Grand Jury.

          reply to this | link to this | view in chronology ]

  • identicon
    Mark Wing, 16 Mar 2016 @ 2:05am

    The FBI is making the world a worse place, in the exact same way the world is always made worse, under the guise of making it better.

    But hey, who needs a deep understanding of technology when you can have furious indignation for a fraction of the effort!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Mar 2016 @ 4:07am

    OK, so, one thing I haven't understood about all this: if Apple says it CAN create the software, then that means THERE ALREADY IS a way to circumvent the maximum number of wrong passwords you can enter before the phone erases itself or blocks itself or whatever. So, this means that anyone with the technical know how can create this OS? Because, once more, as Apple admits, THERE ALREADY IS A WAY TO CIRCUMVENT THE EXISTING PROTECTION, and that way is changing the OS. Ditto.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Mar 2016 @ 4:32am

      Re:

      Nope, the only way it can be done is if the new software is signed by Apple.

      Therefore, only Apple could do this.

      Please pay attention.

      reply to this | link to this | view in chronology ]

      • icon
        Whatever (profile), 16 Mar 2016 @ 4:39am

        Re: Re:

        Ergo, any modification to the OS created by Apple will not gain any traction in the wild, as it would require Apple to sign it and install it. This means that their arguments relative to the illicit spread of their "GovOS" is pretty much a lie. Apple knows they control it.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Mar 2016 @ 5:03am

          Re: Re: Re:

          That argument works for dealing with one or two phones, but fails miserably when they are asked to do the same for every Iphone of everybody who is arrested on a criminal charge. Just how many times is it reasonable for Apple to apply this change to a phones, and how long before the Apple person doing so makes a mistake,thereby lets the capability into the wild. Hint, shipping every phone that law enforcement is interested in to Cupertino is a delay that law enforcement will find a case to use to lever a quicker means of getting the updates applied.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Mar 2016 @ 5:07am

          Re: Re: Re:

          You can apologize for the government over reach till the cows come home, but it will not change the fact that they are wrong - again.

          reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 16 Mar 2016 @ 6:11am

          Re: Re: Re:

          As one of the AC's above notes, that might work as an argument if this were the only case such code would be demanded be written, which would allow them to at least minimize the chances of it getting out by doing everything they could to destroy it once it served it's purpose, but once you start talking about many cases(which will happen should Apple lose this case, to pretend otherwise at this point is an exercise in absurdity), suddenly it becomes a lot easier for a) the code to leak to someone it shouldn't, and b) someone to use the multiple samples of code to reverse-engineer something similar.

          Just because a certain company or individual may be the only one that can make a particular key, say because it requires a specific skill or bit of knowledge, doesn't mean that once it's created, once many versions of it have been created, someone else can't come by and through study create something similar enough to do the same thing, something they could not do without those examples to study.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Mar 2016 @ 7:52am

          Re: Re: Re:

          The problem there is that control is not absolute. Security is not a state of being. It's a practice of minimizing vulnerabilities. The whole jailbreaking process is about figuring out ways to get software that isn't signed by Apple to install and run on a device and is a never-ending battle for them. Requiring them to create this software in the first place further compromises that practice.

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 16 Mar 2016 @ 8:42am

          Re: Re: Re:

          Once the installation file is created, it's already signed. If the signed update were leaked or stolen, it absolutely could be used by people other than apple.

          reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Mar 2016 @ 5:37am

        Re: Re:

        Isn't "signed by Apple" just a bunch of bits somewhere? A good programmer could fake that no?

        reply to this | link to this | view in chronology ]

        • icon
          nasch (profile), 16 Mar 2016 @ 8:00am

          Re: Re: Re:

          A good programmer could fake that no?

          No, it would take much longer than any programmer's lifetime to guess the correct signature. You can't just use any old bunch of bits, it has to be the right bunch.

          reply to this | link to this | view in chronology ]

  • identicon
    ITSecGuy, 16 Mar 2016 @ 5:05am

    DOJ request vs. MS Win10

    Microsoft has the possibility to break the 4th amendment. No where in their terms of use, EULA etc. does it give a defined process whereby a government agency requests your data. Further the OS is pulling ever keystroke, if you have a live mic it is recording voice and background, it also accesses the contents/metadata and indexes the content of your hard drive. The OS will even go so far as to remove application it deems as either out of date or not compatible with the OS.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Mar 2016 @ 5:14am

      Re: DOJ request vs. MS Win10

      The constitution places limitations on what the Government can do, and does not apply the same limits to companies, as that is the Governments job.

      reply to this | link to this | view in chronology ]

      • icon
        GrooveNeedle (profile), 16 Mar 2016 @ 8:17am

        Re: Re: DOJ request vs. MS Win10

        Actually, the Constitution doesn't limit the Government, as that would mean the Government can do anything not expressly forbidden to it. How it really works is like this:

        The Government can't do anything, unless it is explicitly granted the ability by the Constitution.

        The People can do anything, unless it is explicitly forbidden by laws (hence illegal) made by the Government working within its explicitly granted abilities.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Mar 2016 @ 5:49am

    Nothing says respect for the creators of America like the current administration teaching people that the founding fathers were terrorists to be hated not respected.

    reply to this | link to this | view in chronology ]

  • identicon
    Jim, 16 Mar 2016 @ 7:03am

    Re!

    I'm betting I'm right, Apple cannot decode the device. Legally. If they could have, why the argument? For the fees the government pays for consultation, and decryption, they would have. I should say, they have. So what about those cases, they were just as bad, should Apple withdraw their support from those, release those bad guys, upon the public again? What was so different about those cases? Why the change of heart now?
    Hint to the Chinese government. I'd check the program that Apple gave you on a sandboxed system. Call back the phones that you have installed the system on and test them. You may have more then you asked for.

    reply to this | link to this | view in chronology ]

    • icon
      PRMan (profile), 16 Mar 2016 @ 10:42am

      Re: Re!

      As a programmer that sometimes deals with encryption software, I can assure you that you are wrong.

      It very much is a concern that if they write a compromised OS, it WILL leak into the wild (the FBI will make a copy somehow) and eventually it will be used against all iPhones, just as Apple is stating.

      I am no Apple fanboi, in fact, I hate their products and don't buy them because I don't like their walled garden. But they are 100% correct on this issue and the precedents it sets and the danger of complying.

      reply to this | link to this | view in chronology ]

  • identicon
    beech, 16 Mar 2016 @ 8:59am

    scariest

     “[t]o the extent [that] Apple’s software includes expressive elements . . . the Order permits Apple to express whatever it wants, so long as the software functions” 

    Most terrifying part right there. So now the government thinks its fine to say, "hey, you can say whatever you want, but the end result better be 'hail capitalism'...but you totally have completely free speech"

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 16 Mar 2016 @ 9:13am

      Re: scariest

      "You're allowed to say anything you want, so long as it's what I told you to say."

      Yeah, their argument is just a titch screwed up there, though to be fair(not that it makes it any better) it is consistent with prior actions, such as generously allowing companies to report how many requests from the government they get... in a format deliberately designed to be as useless as possible while still providing some form of information.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Mar 2016 @ 12:38pm

    Apple lost anyway

    Apple can argue as much as it wants the DoJ apparently has already the next step planned.
    According to idownloadblog* quoting fortune.com

    http://www.idownloadblog.com/2016/03/14/dos-threats-seize-ios/

    "Footnote Nine of DoJ’s filing reads:

    For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter’s iPhone without access to the source code and Apple’s private electronic signature.

    The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."

    No matter how well Apple argues against the court order by pointing out each and every flaw, in the end they will be forced to do what the Gov wants. And if the courts won't allow it then there will be a new law when the next idiot kills more than 5 people. And given how often the FBI was involved in those cases in a rather grey area I really hope that Apple gives up.
    I just can't see how Apple can win this in the long run.

    *I used that link because fortune doesn't work without added permissions in NoScript.

    reply to this | link to this | view in chronology ]

    • icon
      Whatever (profile), 16 Mar 2016 @ 8:54pm

      Re: Apple lost anyway

      Actually, with Apple "avoiding" nearly 60 billion in US taxes, you can bet the next step is to plug up many of the loopholes that the company uses to offshore profits.

      reply to this | link to this | view in chronology ]

  • identicon
    Grock, 16 Mar 2016 @ 2:23pm

    Focus peeps

    All of the yammering about loss of privacy etc. if Apple were to comply while extremely relevant still ignores one key issue. The DOJ conveniently does not focus on this issue, that is if Apple is forced to comply, a vuln is created that can be exploited by entities OTHER than the government (like real criminals) to hack citizens. Those that are technically inept and don't understand the ramifications of that FACT need to step out of this conversation.

    reply to this | link to this | view in chronology ]

    • icon
      Uriel-238 (profile), 16 Mar 2016 @ 2:45pm

      I'd go further, actually.

      Phones should be engineered so that no service provider is capable of breaching the security without direct permission of the owner. When you pry the phone from his cold, dead hands, you've got a paperweight, or maybe a phone that can be reset for a new end user, but the data on the phone is as good as lost.

      Ideally, the question should not be whether Apple will assist the FBI in cracking a phone, but only that Apple is unable to assist the FBI in cracking the phone. That all the Apple engineers and sourcecode won't help.

      I believe this is the case with later phones and later operating systems.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Mar 2016 @ 3:45pm

    What I believe gets lost in the noise, is that the data on the phone itself may be protected by the pass code / encryption. What is not protected is the Icloud backup of your data. Apple will and has provided the un-encrypted data to law enforcement for any warranted account. If your data leaks to cloud service providers it is NOT safe from Governments or hackers. Not only having a pass code lock on the phone important but backing up only to a locally controlled PC is also necessary. But that doesn't help Apple sell its services and generate ad revenue. Backing up locally is not easy and not automatic enough for the general public to do daily.

    reply to this | link to this | view in chronology ]

  • icon
    unixninja92 (profile), 16 Mar 2016 @ 4:32pm

    OSX Backdoor?

    I noticed that Apple was very careful to only state that they have never made a backdoor in iOS, or iCloud. They easily could have said that they never did this in any of their products instead of specifying which ones. Was this because they lawyers were focusing on iOS, or have they built backdoors into other products?

    reply to this | link to this | view in chronology ]

  • identicon
    Founding Fathers Fan, 17 Mar 2016 @ 10:05am

    Terry Schiavo

    Remember her. After an entire government failed to step up and save her life and return her care to her parent's hands, I find everything that comes from Washington, DC nothing more than a bunch of misguided muppets bantering and yacking.

    reply to this | link to this | view in chronology ]

    • icon
      nasch (profile), 17 Mar 2016 @ 10:33am

      Re: Terry Schiavo

      After an entire government failed to step up and save her life and return her care to her parent's hands...

      Just curious (though this is totally off topic) why do you think care should have been given to her parents rather than her next of kin? If the husband had wanted her kept alive and the parents wanted her removed from life support, would you have supported the parents or the husband? Are you always in favor of keeping patients alive regardless of their condition and the wishes of the next of kin?

      reply to this | link to this | view in chronology ]

  • identicon
    Zack Snyder, 17 Apr 2017 @ 9:50pm

    Exam Question Answer

    Some of the certifications by this leading brand are MBS, CRM, MCDBA, MCP, MCDST, etc. Microsoft certifications not only help you to get knowledge and skills but also keep you updated with latest Microsoft technologies. We are providing best Microsoft exam dumps in both test engine and PDF file format. We provide top quality Microsoft dumps exam questions to guarantee your success in a very short time. All these Microsoft exam questions answers are approved by professional experts. Keep visiting Examberg.com and stay updated with Microsoft Certification exams.
    http://www.examsberg.com/

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.