Apple Used DMCA Takedown to Temporarily Remove Tweet With iPhone Encryption Key

MacRumors

macrumors bot
Original poster
Apr 12, 2001
46,716
8,937



Apple recently used the Digital Millennium Copyright Act (DMCA) to get Twitter to remove a viral tweet that featured an iPhone encryption key, provoking the ire of the security community, reports Motherboard.

On December 7, security researcher "Siguza" on Twitter shared an encryption key that could potentially be used to reverse engineer the iPhone's Secure Enclave, which handles encryption for the device. While it doesn't expose user data stored in the Secure Enclave, it does give researchers the ability to access the Secure Enclave's firmware to investigate how it works.


Just two days later, a law firm that works with Apple sent a DMCA takedown notice to Twitter, requesting that the tweet be removed. Twitter complied, deleting the tweet.

Today, the tweet reappeared, and Siguza said that the DMCA claim was "retracted." Apple confirmed to Motherboard that it sent the takedown notice and then asked Twitter to put the tweet back in place.


Reddit also received several DMCA takedown requests for posts shared on r/jailbreak, a subreddit where security researchers and hackers discuss methods for jailbreaking Apple iPhones. It's not clear if this is also Apple, as the source of the takedown requests was unable to be verified.

Still, security researchers suspect Apple, and according to Motherboard, they see Apple's actions as an attempt to stifle the jailbreaking community.

For many years, there was no available jailbreaking software for modern iPhones, but that changed earlier this year when Checkra1n, a jailbreak for certain devices running iOS 13, was released. Checkra1n doesn't work on iPhones released in 2018 and 2019, but it does work on all older iPhone models, which has likely put Apple on edge.

Apple is also in the middle of a lawsuit against Corellium, a mobile device virtualization company that supports iOS. Corellium's software allows security researchers and hackers to create digital replicas of iOS devices for the purpose of finding and testing vulnerabilities, and the security community has criticized Apple's decision to levy a lawsuit against Corellium.

Article Link: Apple Used DMCA Takedown to Temporarily Remove Tweet With iPhone Encryption Key
 
Last edited:

sykeward

macrumors newbie
Jul 22, 2016
17
96
Portland, OR
I really want to understand more about what this means, especially when the story mentions things like breaking open the secure enclave.

On one hand, I'm deeply skeptical of broad applications of the DMCA, and I also support the right-to-repair movement and the idea that people should be able to do what they want with their devices. However, the key is "their devices", because I also want my device to remain secure and take a dim view of people posting things like encryption keys on random social networks that could undermine that security.
 

pdaholic

macrumors 65816
Jun 22, 2011
1,199
883
Interesting use of the DMCA by Apple. I’m no legal expert, but was that an appropriate use? If not, might explain the retraction.
 

az431

macrumors 65816
Sep 13, 2008
1,373
3,872
Portland, OR
I really want to understand more about what this means to me. On one hand, I'm deeply skeptical of broad applications of the DMCA, and I also support the right-to-repair movement and the idea that people should be able to do what they want with their devices. The key being "their devices", because I also want my device to remain secure and take a dim view of people posting things on social networks that could undermine that security.
So you’re basically okay with anything that protects only your interests, without regard with how it affects anyone else.
- - Post merged: - -

Interesting use of the DMCA by Apple. I’m no legal expert, but was that an appropriate use? If not, might explain the retraction.
encryption algorithms and keys are protected under copyright law.
 

redheeler

macrumors 604
Oct 17, 2014
7,631
7,291
encryption algorithms and keys are protected under copyright law.
The algorithms can be copyrighted, sure, but the keys? I'd really like to know your basis for how a short, randomly-generated string of letters and numbers can be protected by copyright.

Edit: Unless you don't actually have any basis for this claim. In which case, just call this what it is, DMCA takedown abuse. Corporations get away with it all the time and there are no consequences. Just an occasional "oops, we screwed up" when called out on it.
 
Last edited:

sykeward

macrumors newbie
Jul 22, 2016
17
96
Portland, OR
So you’re basically okay with anything that protects only your interests, without regard with how it affects anyone else.
No, the exact opposite. I don't care what people do with their devices and I think that they should have the freedom to do that. However, if someone is posting things like encryption keys that could undermine *everyone's* devices because of their personal beliefs or whatever, I think it's reckless and irresponsible.
 

Freida

macrumors 68000
Oct 22, 2010
1,902
2,152
there are 2 ways to tackle this:
a) sue everyone that expose this
b) get your **** together and make a more secure system!

The fact that Apple is against backdoor etc. means that Apple wants super secure system. The fact that this guy was able to discover and issue he should be able to claim bounty program reward and Apple should make the devices stronger and more secure. Its all about attitude.

Talking marketing crap vs doing real thing are two different things.

On that topic, I would rather have iOS releases when they are truly ready instead of doing one every year and take 6 months or so to fix all the bugs and issues.
 
  • Like
Reactions: bvz, Paulio and SqB

Brandhouse

macrumors 6502
Aug 6, 2014
448
803



Apple recently used the Digital Millennium Copyright Act (DMCA) to get Twitter to remove a viral tweet that featured an iPhone encryption key, provoking the ire of the security community, reports Motherboard.
Good, they had every right to do so. Idiots hackers that want to play their little school boy games should be think about the implications go their actions.
 

Scotty2Hotty

macrumors member
Sep 16, 2014
70
78
But you’re not really buying a device are you? You’re essentially buying a software license.
You absolutely own the device - And you're agreeing to the EULA which states you cannot modify it (software, NOT hardware) at all. Also, you don't own the software AT ALL - you're just allowed to use it. I see your point. Hey - they can probably give you the hardware for free - If you'd agree to pay them for the software usage.
 

bsolar

macrumors 6502a
Jun 20, 2011
786
343
The algorithms can be copyrighted, sure, but the keys? I'd really like to know your basis for how a short, randomly-generated string of letters and numbers can be protected by copyright.
The keys are not copyrightable since they have no creative expression, but the DMCA contains also anti-circumvention provisions which potentially covers them.

The problem is, these anti-circumvention provision can only be enforced by a court issuing a restraining order, not through a DMCA takedown notice. That's the reason I believe Apple is actually abusing the system.

Said that, Streisand effect is already in full force...
 

wigby

macrumors 68000
Jun 7, 2007
1,841
1,301
there are 2 ways to tackle this:
a) sue everyone that expose this
b) get your **** together and make a more secure system!

The fact that Apple is against backdoor etc. means that Apple wants super secure system. The fact that this guy was able to discover and issue he should be able to claim bounty program reward and Apple should make the devices stronger and more secure. Its all about attitude.

Talking marketing crap vs doing real thing are two different things.

On that topic, I would rather have iOS releases when they are truly ready instead of doing one every year and take 6 months or so to fix all the bugs and issues.
Maybe in your world those are binary choices but in the real world involving jobs, revenue, courts, shareholders, politics and customers, those two options both co-exist. It's how well a company navigates those two options simultaneously that matters.
 

coolfactor

macrumors 601
Jul 29, 2002
4,461
4,276
Vancouver, BC
I will keep my iPad jailbroken (with checkra1n) no matter what kind of crap Apple tries to do against it. Jailbreaking = freedom to do what i want with my device.
So you're okay with some dimwit (Siguza) publishing the keys to your "personal property"? Imagine if someone took the keys to your car and house, copied them, and handed them out to every passerby. Are you okay with that? How would you feel?

There's zero good that can come from compromising the Secure Enclave that I can see. Do you think it would somehow force Apple to strengthen the security even more? Yes, that would be good.

Regardless of the long-term benefits, I find behaviour exhibited by hackers like Siguza to be dangerous and irresponsible.