Apple doesn’t refuse when they can “unlock” a specifically requested case.
What so many don’t grasp is that good security is not breakable by those who created it. If they can, they failed.
(I write iPhone security software.)
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
FBI Reportedly Gained Access to iPhone Used by Mass Shooter in Florida After Apple Refused to Help
- Thread starter MacRumors
- Start date
- Sort by reaction score
What so many don’t grasp is that good security is not breakable by those who created it. If they can, they failed.
(I write iPhone security software.)
Please continue to enjoy your warm blanket of blissful ignorance.
Can we stop writing headlines that say "Apple REFUSED". That is very misleading and almost an out right lie. They did assist, as best they can.
So I'm guessing you've never told a boss of yours that something couldn't be done, even though you knew it could easily be done, simply out of your own personal perspective (whatever that may be - good, bad or otherwise) to keep your trap shut?
As any organisation that has a "need" to bust into people phones… why would I advertise the fact that I could when in reality I'd like everyone to think I either couldn't, and/or it requires a Herculean effort each and every time to "maybe" do it.
the reality is if there is a ‘real time pending catastrophe’ it is already too late. This sort of scenario is only solved in movies and tv shows.
In reality there are way too many moving parts to stop or deter an operation that is in real time. FBI and other LEOs investigate before and after incidents.
I write iPhone security software. If I know of a way to breach my own product’s security, my #1 priority becomes stopping such a breach, and the next release is delayed (possibly at significant cost) until it is secured.
A way to access such secured data can be abused to a cost >$100,000,000.
I consider NT's thinking quite enlightened. I built and tested (security testing included) file sharing protocols in Windows. In testing it I wore a very dark grey hat. If I could break it then it was already insecure and it would never ship. There are so many eyes on the protocols that our OSs use that if there were holes and apple had access as you suggest then someone else would have found it. I missed things, and external partners found them and we fixed them. Are there holes in iOS? I'm sure. Does Apple know about them? I doubt it. Because if they did someone outside of Apple would too.
Listen, there’s probably already means that Apple has been forced to do under a security order as part of the Patriot Act that we aren’t allowed to know about.
The question is, if we can all basically agree that the government has the capacity, why do we have to have this same scenario trotted out into the headlines every 6 months or so?
The entire point of the FBI stuff is to condition the public into accepting total surveillance (that basically already exists), for our “safety” of course.
Of course not, that's silly. I've never even suggested that. Nice try. As I've said previously, I'm fine with the FBI being able to get into an iPhone without Apple's help.
Rather, I'm responding o your claim in Post#29: "Apple always complied with handing over iCloud data. They just don’t have the *means* to unlock a device." And that Apple does have the means, but is not compelled by law to do so.
Ok ok now that we’ve narrowed to scope of that back and forth I get it.
Please dismiss the “nice try” stuff, once I cooled down a little I have been trying to get your argument in good faith. And from your first sentence that I’m quoting it appears that we both have the same view of not accepting a compelling of Apple.
Im sure Apple has the means internally to unlock an iPhone with an exploit they haven’t patched yet. But in line with poster MZeb’s logic, Apple would be making sure than means doesn’t exist anymore as they continue internal security assessments.
Yeh, not interested in knee-capping encryption and putting black doors everywhere.
I value privacy and liberty far, far, far more than some perceived notion that the state is protecting me.
I’m not scared of terrorism, I’m not scared of COVID-19, I’m not scared of global warming, I’m not scared of whatever mainstream media wants me to be fearful of.
We in the West have become completely incapable of gauging risk correctly and applying appropriate safeguards. Definitely having served in the military it helps you see just how coddled and shielded we’ve become.
Things that do worry me; collapse of our FIAT currencies due to massive debt and ‘quantitive easing’, government tyranny, corporate tyranny.
I value privacy and liberty far, far, far more than some perceived notion that the state is protecting me.
I’m not scared of terrorism, I’m not scared of COVID-19, I’m not scared of global warming, I’m not scared of whatever mainstream media wants me to be fearful of.
We in the West have become completely incapable of gauging risk correctly and applying appropriate safeguards. Definitely having served in the military it helps you see just how coddled and shielded we’ve become.
Things that do worry me; collapse of our FIAT currencies due to massive debt and ‘quantitive easing’, government tyranny, corporate tyranny.
Good point, missed that one.This was also reported last Thursday, so maybe people aren't commenting about it much here because they expressed their thoughts there. 🤷♂️
Zerodium Temporarily Stops Purchasing iOS Exploits Due to High Number of Submissions
Zerodium this week announced that it will not be purchasing any iOS exploits for the next two to three months due to a high number of submissions. In...www.macrumors.com
That's a long long way in a galaxy far far away from what you said earlier.
And it's the entire point of who to condition everyone to believe everything is safe and secure with iOS?
Clickbait headline. It's not that they refused to help, it's that they were unable to help because the iPhone does not have an intentional back door and each time a new one is discovered and made aware to Apple, they patch it. If they did not then all of our devices would be compromised by everyone. What they refused to do was compromise the entirety of iPhone user security for a few cases, which they can't really do retroactively.
The MacRumors article may have "glanced" (did you mean glossed?) over it, but I suspect this article has a lot of relevant info, of course it is NYT, so it may have some bias:
"The gunman in last year’s deadly shooting at a military base in Florida had been in touch with Al Qaeda for years and regularly spoke to the group’s operatives, including the night before the attack, the heads of the Justice Department and F.B.I. said on Monday, accusing Apple of costing them valuable time by refusing to help unlock the gunman’s phone."
...
F.B.I. Finds Links Between Pensacola Gunman and Al Qaeda (Published 2020)
The gunman in December’s shooting, a Saudi cadet who had trained with the U.S. military, had been in contact with the terrorist group, officials said.
I’ve actually read the Snowden leaks, watched dozens of CCC/Blackhat/Other security conference presentations, etc. I know full well what all countries intelligence agencies actually do. How exactly am I supposed to boil down years of watching and reading this stuff into a conversation that the average PRSI/MacRumors forum member can understand?
There’s off the books stuff, and on the books. I’ve been talking entirely on the books this thread. If you want to have a full blown conversation about “full spectrum dominance” and what that means for the intersection of the intelligence apparatus and the private sector I’m game, but that’s not going to happen in this thread.
I don't see how you boil all that down to get to a "don't worry about it… there's no engineering evidence of it". That sort of thing either makes you look like a government stooge, to obfuscate the fact that lots of things are possible/probably/a reality, or it makes you look like an Apple fanboy where if Apple did it "it must be good and right and proper!".
Saying nothing would have actually been better as you stated the opposite of what you're saying now.
If they provided iCloud data, fbi already has access to most of the contents so this isn’t really news. Most people have iCloud syncing on by default.
Doors not knocked on are never answered.
You may as well do the paper, get it approved, and give it a shot. Otherwise, they said no all ready.
If Apple makes it simple for law enforcement to get into a phone, they'll get into it for completely frivolous or dangerous reasons.
If Apple refuses to make it simple, a way will likely be found anyway, but it will be time-consuming and expensive, and they'll only employ it for cases where they truly need it.
If Apple refuses to make it simple, a way will likely be found anyway, but it will be time-consuming and expensive, and they'll only employ it for cases where they truly need it.
Could Apple crack open their own product? Probably. Things like the secure enclave are so hard to get to that they might not be armored. What if you ripped out a secure enclave and started fuzzing it. What would it do? At some level it doesn't expect bad input, because it's hardware inside a closed system.
Doing that implies a huge tool infrastructure that probably doesn't exist at all outside of Apple and the NSA/other government agencies.
Doing that implies a huge tool infrastructure that probably doesn't exist at all outside of Apple and the NSA/other government agencies.
Have you ever seen any claim that what Apple releases in its iOS security white paper is untrue? Remember, this is the architecture of the security paradigm I’m talking about, not a statement of “iOS is unhackable”. Those are two distinct things.
I don’t think you understand my position at all given you think I could honestly be taken as “a government stooge” (intelligence agencies are the biggest threat to humanity in my book, just for a short summation), or an Apple fanboy.