Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Justice Department Officially Drops Lawsuit Against Apple in Ongoing iPhone Unlocking Dispute [Updated]

  • Like
Reactions: You are the One and Benjamin Frost
Good for the FBI and criminal justice, still bad for Apple and its naive arrogant behaviour.

Apple can get in with more important things now perhaps, like the American Supreme Court accepting to hear Samsung's appeal case against Apple, something everyone on here stated as a undisputable fact would never happen, and also something Mac Rumors has not reported on so far as I know.
 
  • Like
Reactions: SirCheese
MacRumors said:
In a motion asking the court to vacate the original order, prosecutors said the FBI has been able to access the data stored on the iPhone 5c without Apple's help, reports CNBC.
Click to expand...
Well done, FBI. I really hope this helps to fight terrorism. In the meantime, it helped to show where Apple is: left-wing troll, mixed with fashion toys. No hope for more professional tools from Apple, they're too busy in left-wing politics and colorful watch bands.
 
John Mcgregor said:
They did make iCloud backups more secure. I had to setup few new devices last week and during setup i was asked to set a passcode for iCloud backups.
Click to expand...
But what MH01 was asking is... can *Apple* get into your iCloud backup?

That's where this whole thing falls apart.

If the contents of your iPhone or Mac is encrypted *before* it gets sent to Apple's servers... and is *only* unlockable by you... then yes... it would be secure.

Otherwise... you're just keeping your clothes in someone else's closet... and they have the key :)

Take LastPass, for instance:

"All encryption/decryption occurs on your computer, not on our servers. This means that your sensitive data does not travel over the Internet and it never touches our servers, only the encrypted data does.

Your encryption key is created from your email address and Master Password. Your Master Password is never sent to LastPass, only a one-way hash of your password when authenticating, which means that the components that make up your key remain local. This is why it is very important to remember your LastPass Master Password; we do not know it and without it your encrypted data is meaningless."

iCloud is nothing like that.

Didn't Apple release the iCloud backups of the San Bernardino terrorists? That tells you something right there ;)
 
applepuree said:
On the back of this case, both the UK and France have pushed through/are pushing legislation requiring a backdoor/way to get the data unencrypted or the CEO faces a jail term. I am afraid in the end we have lost here.

French law
http://www.dailydot.com/politics/france-encryption-decryption-law-punish/


UK proposal
http://www.ft.com/cms/s/0/60e82316-cf26-11e5-831d-09f7778e7377.html#axzz44Hiw6pAm
Click to expand...

You haven't lost a thing, every single aspect of your life almost is recorded and your upset that someone can access your phone to view your contacts or photos on it.
Governments are acting according to the modern world, because criminals use these devices and it is absolutely right a court order means the investigating services can access those devices if required.
 
Last edited:
  • Like
Reactions: SirCheese and tuxon86
Michael Scrip said:
But what MH01 was asking is... can *Apple* get into your iCloud backup?

That's where this whole thing falls apart.

If the contents of your iPhone or Mac is encrypted *before* it gets sent to Apple's servers... and is *only* unlockable by you... then yes... it would be secure.

Otherwise... you're just keeping your clothes in someone else's closet... and they have the key :)

Take LastPass, for instance:

"All encryption/decryption occurs on your computer, not on our servers. This means that your sensitive data does not travel over the Internet and it never touches our servers, only the encrypted data does.

Your encryption key is created from your email address and Master Password. Your Master Password is never sent to LastPass, only a one-way hash of your password when authenticating, which means that the components that make up your key remain local. This is why it is very important to remember your LastPass Master Password; we do not know it and without it your encrypted data is meaningless."

iCloud is nothing like that.

Didn't Apple release the iCloud backups of the San Bernardino terrorists? That tells you something right there ;)
Click to expand...

No one can be 100% sure, but if you assume all they say is true since this FBI debacle your iCloud backups are now going to be encrypted with a passcode you choose. If that passcode is also transmitted to Apple or only stays in your head no one could now right now.
 
bradl said:
Now comes the questions Apple wants to know...
Click to expand...
...but that doesn't deserve to get them answered. Apple is nothing but a troll nowadays. A left-wing troll, but a troll nonetheless, and, as such, doesn't deserve anything but silence.
 
  • Like
Reactions: SirCheese
The press report I heard about this said they got the phone unlocked, but still had some encryption to get past to access all the actual information. This may be a slam dunk that is still spinning around the rim...
[doublepost=1459249150][/doublepost]We know that there are dozens of law enforcement agencies with hundreds of other locked phones. Will these folks now sue DOJ for access to the HowTo so they can unlock their stored devices? What is the cost of each such unlock?
 
  • Like
Reactions: CarlJ
Whilst it is pleasing that the immediate threat to Apple is removed, the longer term is still dangerous.

It was actually in Apple's interest to bring this case to court, so that a precedent could be set that protected our privacy. In withdrawing the case, the FBI are effectively shutting down the process of democracy, and are trying to silence the issue.

I think that Tim Cook needs to try and keep the conversation going; otherwise, the FBI will simply use a much poorer and weaker company to force through Big Brother laws. In addition, Apple should make all their devices as impervious to unwanted access as possible. Any unusual method of entry, like physical removal of chip layers, should immediately wipe the device. Apple cannot be paranoid enough about the level of security; our devices should be Fort Knox.
 
  • Like
Reactions: AleXXXa, You are the One and DCIFRTHS
DCIFRTHS said:
I'm confused. It sounds like you are saying that you have the tools that the FBI needs to get at the data on the terrorist's phone. Is that what you are saying?
Click to expand...

Yes. I quite literally sold them the tools back in 2008 and have updated them many times since. I work in computer forensics and make tools to perform forensic investigations across a wide range of platforms from iOS to OS X and Linux.
 
Tycho24 said:
Hmmmm, oh really?
Just on that one particular device??
& never ever ever on another?
Just on that one, forever & ever... amen?
Click to expand...

Oh good grief. The point is there was never a request to mandate Apple to deploy any change to the iOS on phones they ship or in current use.
 
This makes me think, is our data and emails really secure? Looks like anyone can crack them, either they got the expertise or they have the money to pay someone to crack it.
 
OldSchoolMacGuy said:
Yes. I quite literally sold them the tools back in 2008 and have updated them many times since. I work in computer forensics and make tools to perform forensic investigations across a wide range of platforms from iOS to OS X and Linux.
Click to expand...

This begs the obvious question as to why you weren't called in to retrieve the information on this scumbag's phone?
 
  • Like
Reactions: CarlJ and You are the One
Benjamin Frost said:
Any unusual method of entry, like physical removal of chip layers, should immediately wipe the device.
Click to expand...
I doubt that is possible considering it isn't likely to be hooked up to power while they are trying that kind of method. Also it isn't a major threat to average users like a backdoor or other software solution would be since it requires very expensive equipment, so I'd say that is one that probably isn't worth the effort to find a way to combat.
 
  • Like
Reactions: Benjamin Frost
OldSchoolMacGuy said:
Yes. I quite literally sold them the tools back in 2008 and have updated them many times since. I work in computer forensics and make tools to perform forensic investigations across a wide range of platforms from iOS to OS X and Linux.
Click to expand...

Fascinating collection of posts.

I assume that these tools are such that they take awhile to implement and require significant expertise to use. So this would be the type of tools that the government can use a few times a year on a terrorist's phone. With these tools do you need access to the phone for hours or is it closer to days that you need? I assume these aren't things where you could have someone's phone for five minutes and then give it back to them and they wouldn't be able to tell you had messed with it.

However, the main activity of U.S. law enforcement groups is drug law enforcement. Law enforcement is probably acquiring dozens of phones from small time drug dealers every day, actually probably even hundreds a day. What they really want is a one stop, quick and nearly free solution that allows them to get into all those phones so their prosecution of the drug dealers can be even quicker and more efficient (it is already pretty quick and efficient, but even more evidence against the dealers would make it easier).

Then there is the issue of mass surveillance. I don't think what they were seeking to get from Apple would have helped them there though.
 
Benjamin Frost said:
It was actually in Apple's interest to bring this case to court, so that a precedent could be set that protected our privacy. In withdrawing the case, the FBI are effectively shutting down the process of democracy, and are trying to silence the issue.
Click to expand...
Probably not. One can never predict the outcome of such cases, and a bad decision can be VERY bad.
 
tresmith said:
Terrorists are going to start wiping their iphones before the act or allowing a third party to remote wipe the phone for them.
Click to expand...

You raise a good point.

If you are a terrorist and about to murder lots of people, you can simply wipe any incriminating information off your electronic devices, or better still, not put any incriminating information on them in the first place.

This is why making devices insecure for everyone else is such a stupid idea. It's like banning guns for the public; all you are doing is making it easier for nutters to go into cinemas and slaughter innocent people knowing there is a good chance that no-one will have a gun on them to kill him.
 
  • Like
Reactions: You are the One and dk001
Benjamin Frost said:
This is why making devices insecure for everyone else is such a stupid idea. It's like banning guns for the public; all you are doing is making it easier for nutters to go into cinemas and slaughter innocent people knowing there is a good chance that no-one will have a gun on them to kill him.
Click to expand...

I haven't heard any Gun carrying Heroes killing the Cinema Hall shooters...so far. It is so far the other way all the time. Only Law Enforcement Authorities finally nail the shooters.
 
DCIFRTHS said:
This begs the obvious question as to why you weren't called in to retrieve the information on this scumbag's phone?
Click to expand...

Valid question.

When I left LE which was before 2008, computer forensic software marketed to typical agencies was/are almost exclusively data mining tools starting with flashing the hard drive to preserve the original data.

Modern encryption and security has become exponentially more sophisticated and has outgrown off the shelf products. Once access is made and security measures disabled they have their place.
 
Last edited:
kas23 said:
This is actually great news. Apple can now refuse to comply with the 10-20 other cases where law enforcement is asking Apple for help. They can refer these cases to the FBI.
Click to expand...
Also the third party cottage business of iPhone forensics is now well known.
 
Apple should have made a deal to give then what they want in exchange for keeping it all quiet. Now, the masses will know apple phones are crackable. Bad apple move.

Tim has a PR problem. He keeps preaching Adobe phones are secure but this story says otherwise.
 
RickInHouston said:
Apple should have made a deal to give then what they want in exchange for keeping it all quiet. Now, the masses will know apple phones are crackable. Bad apple move.

Tim has a PR problem. He keeps preaching Adobe phones are secure but this story says otherwise.
Click to expand...
That will be fixed. The crack to access the data was a hardware modification that has been documented for a while. I'm sure there will be a DefCon session this summer covering it.
 
  • Like
Reactions: igorsky and Tycho24
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back