New York Judge Rules U.S. Government Can't Force Apple to Unlock an iPhone

[teslo]

Don't forget the fake moon landings and the UFO crash in Roswell, NM.

please do refute anything i mentioned. we could argue 9/11 all day (and I'm not particularly conspiratorial about it), but it was just a recent example to show that the OTHER incidents i mentioned have added up to the government-distrust that was the subject of the conversation. your response was merely dismissive and intended to patronize.

 

[dk001]

True, but this can be introduced as a legal precedent in the CA case. And in the event of an appeal which is upheld, the present state of the SCOTUS would result in the appeals court decision standing, so either way a win for Apple.

True. It may be a weak one (as it lays some of the decision guidelines based in part on Ca events) however it is still that first step.

 

[tgara]

your response was merely dismissive and intended to patronize.

Actually, it was more in sarcasm. Don't be such a delicate flower.

 

[BWhaler]

The importance of this decision cannot be understated. Let's hope the supreme court upholds our right to privacy and secrecy.

 

[eac25]

Everyone has good points, and I'm partly playing Devils advocate here, so...

The sheer fact that Apple says such an OS can be made, already has opened the door to others doing it. So that's not a good counter argument.

The real case, as some have noted, is whether or not a company can be forced to do the work even if paid. (*)

Apple has claimed to the court that it would take 6-10 employees two to four weeks to create and fully document it. Which, translated from manager speak, means one programmer can do the actual coding in a few days.

So, if courts side with Apple, then perhaps the government will simply fall back on hiring away a current or ex Apple OS developer to do the deed. Or they might already have the talent in house.

(*) One would hope that in a possible future case of obvious national peril, that Apple would be patriotic enough to volunteer to do so, since their main resistance right now seems to be more about branding and expenses.

I respectfully disagree that the real case is about the conscription of a private citizen. There is plenty of precedent, some of which is cited by both the DOJ in their motion to compel and by Apple, of the government being able to do just that.

The real case is about how far that ability extends... maybe a minor distinction, but I don't believe so. Apple is essentially saying that the FBI/DOJ has overreached in this instance.

I also disagree that this is about Apple lacking patriotism. In fact, I would argue that this defiance is actually an act of patriotism. If you read their motion to vacate in the San Bernardino case they do not talk about brand or expenses - they talk about the risk being presented to their customers, the untenable precedent it sets and the fact that it violates their constitutionally given rights (although some of the logic there is also a stretch if you don't consider precedent - but of course the courts do). This is a more mature argument of defending their withholding compliance than in the New York case, but based on much of the same mode of thinking. Admittedly, in the New York case they do mention brand also (among other factors, including the overreach of the government there too), but the judge's decision is based more on the over-reaching use of the All Writs Act than about preventing any undue burden on Apple.

Think of it this way - if breaking this phone does reveal some useful info (a big if) and they are able, based on that info and nothing else, to protect from or prevent some next terror attack and they save lives then that is commendable and everyone will be happy. But how many lives will be protected and how many other crimes will be prevented by NOT creating this capability? Which is truly the greater good?...

Both sides to that argument deal in unknowns and therefore the question is essentially unanswerable. But consider the consequences of the scenario the FBI wants you to believe, then do the same for the scenario Apple is describing. Which is truly the greater catastrophe?...

As a people, we formally make these sorts of decisions through public debate within our legislature. This is the only valid avenue for resolving this question. And *that* is the outcome Apple is seeking - to delay being forced to act until there is an act of Congress defining how this should be handled. IF Apple doesn't like *that* outcome and continues to defy it then you are free to question their patriotism.

 

[dk001]

They want Apple to make a particular phone breakable when a warrant is issued. Not give out a global key.



Heck, many people post half that stuff online. The rest is easy to get with a warrant to your bank and by questioning doctors and neighbors.

What I don't understand is why the FBI wasn't smart enough to take a print from the deceased and make a fake finger to get past TouchID. That's half the reason Apple is handwaving so much. They're trying to distract everyone from how insecure the phone really is to anyone who has access to your prints or even you yourself.

If you have not read this already, the statement submitted by Susan Landau to the House Judiciary Committee does a great job at spelling in layman's terms where the FBI is in comparison to other companies and agencies (http://judiciary.house.gov/?a=Files.Serve&File_id=B3AF6E9E-B599-4216-B2F9-1AEE6A1D90CD).
Interesting read.

 

[eac25]

From what I've read this was a City of Bernadino phone and not the terrorist's personal phone? Is this correct? And did the City of Bernadino give permission to the FBI to do what they can to get it unlocked?

Yes, San Bernardino owns the phone and yes, they gave permission to the FBI.

 

[tgara]

If you have not read this already, the statement submitted by Susan Landau to the House Judiciary Committee does a great job at spelling in layman's terms where the FBI is in comparison to other companies and agencies (http://judiciary.house.gov/?a=Files.Serve&File_id=B3AF6E9E-B599-4216-B2F9-1AEE6A1D90CD).
Interesting read.

The testimony by NY District Attorney Cyrus Vance is also quite compelling.

http://judiciary.house.gov/_cache/f...9cbd-a174a369e5af/vance-written-testimony.pdf

Hopefully some good will come from this hearing.

 

[bitslap47]

Yes, San Bernardino owns the phone and yes, they gave permission to the FBI.

But... I thought based on licensing and end user agreements, nobody owns the phone's operating system. I'm no lawyer but isn't iOS/OSx, etc etc just licensed to the end user with Apple reserving the right to revoke that license? Also, The county owns the hardware, but isn't the end user.

So the FBI has the hardware which is owned by the county... but the end user has not given permission, and it sounds like Apple is revoking the end user license anyway in the interests of the greater security.

 

[lowendlinux]

The MacRumors article is factually incorrect in reference to the San Bernardino case:

"Apple has officially opposed an order that would require it to help the FBI break into the iPhone owned by San Bernardino shooter Syed Farook..."

Farook did not own the phone in question. The city of San Bernardino owns the phone.

And Apple owns the software running the phone and I believe/hope that's what does Apples case in.

Which Apple has done. You DO understand that, right? There seems to be this weird mistake going around that Apple has done nothing to help the FBI and is just refusing them flat out. But that's not the case. Everything Apple has, every trick to get info on these people, they've given it to the FBI. What the FBI wants, however, if for Apple to create a program they do NOT have in order to get access to any iPhone they want.

Imagine a maker of safes. Someone locks their info in a safe. The FBI goes to the safe maker. "Tell us all you know about this person." The safe-maker does so. Every scrap of information. Then the FBI says, "We need you to break into their safe. "We don't know how to do that," the makers say. It turns out that this is a special safe with a code that the owner gets to set. And not even the safe-maker can decode it once that is done. In short, the safe makers DO NOT KNOW that information. And can't give it to the FBI.

But the FBI says, "Well, we want you safe makers to create a special key for this thing which will bi-pass the code and let us right in." The safe makers say: "We want you to get into this one safe, but if we created such a key, you could get into any safe we've made. You could open the safes of people who haven't committed crimes. And what if this key fell into the wrong hands, and criminals used it to rob all our customers. This key you're asking for, would make our safes pointless."

And the FBI says, "We will take this go a judge and force you to do it."

Which brings up an interesting thought. If the FBI wins, couldn't coders at Apple quit and say, "We don't work for Apple." And thus, Apple no longer has anyone to do it? Can the FBI force any citizen to create something for them that they feel they need for any reason? Isn't that, um, well, slavery?

Anyway, the point, is what you're arguing is Apples and oranges. Apple has given the FBI what they know, and information that Apple has on file is NOT what the FBI is after. What they want is for Apple to create a key to give them access to any iPhone. So, all the info on your kids, finances, and health? This key, if created, would give it to anyone who owned it. FBI or otherwise. I, myself, would rather Apple didn't create it.

There seems to be this weird idea that you own your phone, Apple owns your OS but yes they handed over the iCloud backups of that phone to the FBI Apple has complied mostly.

Well, that's the other issue, isn't it? Exactly WHAT info is on this device that warrants such measures? I imagine the FBI has the laptop and other devices of these two. What is on this phone that is missing from them—from the iCloud? What is so critical? Alas, the FBI doesn't know. It could turn out that the phone has nothing more on it than baby pictures and text messages to the wife about what to buy at the grocery store. So, when you ask if there's ever a situation to warrant this, we have to ask, in turn: how would you know that it warrants it?

We've gone quite nuts over the theft of thousands of credit card numbers from a bank's lost laptop, also over medical information accessed by way of a hospital's computers. Imagine that ten-fold. Imagine calendars giving people information on where your kids will be, so they can be kidnapped. Imagine millions of credit cards stolen, imagine identity theft on a huge scale. This is what that key to the iPhone could do. Can the FBI tell us, for certain, how many lives they'll save, how many terrorists they'll stop if they get this info? We can hardly say "Sure, we'll let you see everything on our phones you want, any time," until we know what we're getting in exchange.

As for codes to disarm a nuclear bomb, I suppose someone might put them on their phone. And if the FBI knew for certain it was on that iPhone, then, yes, maybe, we'd agree it was worth retrieving it by any means necessary. But this iPhone? I don't think the odds are good that the info the FBI will get off that phone will be worth what it's going to cost all of us.
[doublepost=1456809576][/doublepost]
Yes. They want that particular phone breakable. BUT Apple can't break into JUST THAT ONE PHONE. Apple has to create a code that can break into any phone. Because all the phones work the same way in keeping people out. So if they can create a code to break into that phone, they've created one that can break into ANY PHONE.

In other words, a global key. Once again, there's this weird misunderstanding going on here. If Apple could code something to break into only one phone, the phone of a dead terrorist, why wouldn't they? The issue is that doing this creates code that doesn't just break into that one phone. THAT is why they don't want to do it. Yes? Listen to what Tim Cook says about it.

I use fingerprint to get onto my phone. It works half the time. And remember, the finger has to be warm. I suspect it's not so easy to fake fingerprint onto the phone. And if the phone can't read that fingerprint for any reason (and that sometimes happens with mine), it stop accepting the fingerprint and asks for the code. So, maybe you're not giving Apple enough credit here. That touchID isn't so easy to get past.

In the SB shooters case they don't actually have his computer stuffs because he destroyed his hard drives and such along with his personal phone. There is likely nothing on this phone that will help them but it is sorta interesting that he cut off iCloud backup three months out.

 

[hiddenmarkov]

-- All that said, I'm halfway wondering if perhaps this is all a publicity ruse to make people think that iOS is still secure, even though it's actually been cracked by the government. That would be an ideal Intel community scenario, just as how the Germans never knew we cracked Enigma and thus continued to trust in it.

Glad I am not the only one with that tin foil hat.

NSA silent here. deafening silence I'd say. Either the FBI in potential jurisdictional crap (this is our case...leave us be) didn't approach them. Or the NSA didn't offer the helping hand.

Case of the latter, one possible angle is they want many to think yes these phones are secure. Please use them to beat the system. At least the FBI's....Inter organizational crap not an unknown issue here. While the NSA, or maybe even CIA go....yep, shame we can't tell them we did this already.

 

[Night Spring]

It's unfortunate Americans have no faith in their government.

It's not unfortunate. The US constitution is written on the premise that no single entity can be trusted with all the power, which is why there are three branches of government, that are supposed to check and balance each other. Remember, the founding fathers had just fought and won a war to gain independence from a government they didn't trust.

 

[dk001]

But... I thought based on licensing and end user agreements, nobody owns the phone's operating system. I'm no lawyer but isn't iOS/OSx, etc etc just licensed to the end user with Apple reserving the right to revoke that license? Also, The county owns the hardware, but isn't the end user.

So the FBI has the hardware which is owned by the county... but the end user has not given permission, and it sounds like Apple is revoking the end user license anyway in the interests of the greater security.

Kind of, sort of.
The issue is not this single device as the FBI would lead you to believe, rather the method the FBI is attempting to use to force Apple to accede to its demands. It is a bit more complicated and far reaching than what the FBI and the DOJ are communicating.

 

[Benjamin Frost]

I like this judge.

Agreed.

Inspired by Antonin Scalia.

 

[dk001]

The testimony by NY District Attorney Cyrus Vance is also quite compelling.

http://judiciary.house.gov/_cache/f...9cbd-a174a369e5af/vance-written-testimony.pdf

Hopefully some good will come from this hearing.

After reading his earlier I place him in the same bucket as James Comey; stuck in the past and unable to see the future. He makes some great points if this was only about smartphones and evidence. There are other ways to get the data he and others want but as far as I have been able to gather, has not been pursued. His submission, while interesting, does nothing to really educate me on why. Other than the "you are stopping us from gathering critical evidence" rhetoric that has been used too excess.

I would hope this is at least the first step in identifying and solving this issue. One can be hopeful that if nothing else, the stance by Apple will drive the initiation.

 

[techwhiz]

Everyone has good points, and I'm partly playing Devils advocate here, so...

The sheer fact that Apple says such an OS can be made, already has opened the door to others doing it. So that's not a good counter argument.

Not true. UNless you have the source code to iOS and iTune or the sideload mechanism, the cat isn't "out of the bag"

The real case, as some have noted, is whether or not a company can be forced to do the work even if paid. (*)

Apple has claimed to the court that it would take 6-10 employees two to four weeks to create and fully document it. Which, translated from manager speak, means one programmer can do the actual coding in a few days.

You are joking right?
1. Assume they do need an exploit or method to load the OS on a locked device without wiping it.
2. They need to code the OS installer to use that exploit.
3. They need to test on multiple devices so they know for sure it works.
4. They need to get rid of the safeguards, 10 entries, etc.
5. They need to develop and test a method to have a computer enter codes over the lightening cable.

Yeah, couple of days......

So, if courts side with Apple, then perhaps the government will simply fall back on hiring away a current or ex Apple OS developer to do the deed. Or they might already have the talent in house.

(*) One would hope that in a possible future case of obvious national peril, that Apple would be patriotic enough to volunteer to do so, since their main resistance right now seems to be more about branding and expenses.

The government does not have the source code of iOS, iTunes or an iOS installer.
The FBI also has almost zero chance of a court ever forcing Apple to turn over their IP.

 

[You are the One]

Gartner to FBI: Stop bullying Apple and the tech industry

'First they come for the iPhone': Ron Paul backs Apple in FBI battle

 

[tgara]

After reading his earlier I place him in the same bucket as James Comey; stuck in the past and unable to see the future. He makes some great points if this was only about smartphones and evidence. There are other ways to get the data he and others want but as far as I have been able to gather, has not been pursued. His submission, while interesting, does nothing to really educate me on why. Other than the "you are stopping us from gathering critical evidence" rhetoric that has been used too excess.

I would hope this is at least the first step in identifying and solving this issue. One can be hopeful that if nothing else, the stance by Apple will drive the initiation.

Actually, his proposed legislation and solutions on page 7 are a good first step, and balanced in my view.

I agree that Apple's stance will drive initiation of a solution. However, Apple should be careful for what it wishes for because it may just get it. In this political climate, Congress could easily enact legislation similar to CALEA, this requiring device manufacturers to make their equipment accessible to law enforcement pursuant to lawful searches in conjunction with a search warrant and court order. If AT&T or Verizon can’t promise customers privacy by evading court orders, why should Apple be able to?

I'm a longtime Apple user. I'm also a shareholder. I love Apple products, but I do not see this situation going in Apple's favor at the end of the day. My bet is that regardless of how the court cases come out, the Congress will pass legislation that will allow accessibility, in some way, to law enforcement, and that Apple will not like it.

 

[whsbuss]

The hearing is very interesting on C-SPAN3. Both sides of the isle are not so happy with the FBI on this (so far). Rep. Issa had some good tech questions.

 

[Legionnaire]

The hearing is very interesting on C-SPAN3. Both sides of the isle are not so happy with the FBI on this (so far). Rep. Issa had some good tech questions.

 

[dk001]

Actually, his proposed legislation and solutions on page 7 are a good first step, and balanced in my view.

I agree that Apple's stance will drive initiation of a solution. However, Apple should be careful for what it wishes for because it may just get it. In this political climate, Congress could easily enact legislation similar to CALEA, this requiring device manufacturers to make their equipment accessible to law enforcement pursuant to lawful searches in conjunction with a search warrant and court order. If AT&T or Verizon can’t promise customers privacy by evading court orders, why should Apple be able to?

I'm a longtime Apple user. I'm also a shareholder. I love Apple products, but I do not see this situation going in Apple's favor at the end of the day. My bet is that regardless of how the court cases come out, the Congress will pass legislation that will allow accessibility, in some way, to law enforcement, and that Apple will not like it.

Not sure where this will end up. Based on my personal use (all my stuff on all my devices is encrypted), I hope the FBI fails in their endeavor. I can see far too many ways for this to go wrong if they win and don't have the trust that a legislative solution or even a "limiter" is possible. Personally I would let the tech companies come up with a solution that the rest can review and approve/reject.

Watching the House Hearing ... interesting how many don't understand or have a significant lack of understanding while others appear to be well versed.

 

[Legionnaire]

Not sure where this will end up. Based on my personal use (all my stuff on all my devices is encrypted), I hope the FBI fails in their endeavor. I can see far too many ways for this to go wrong if they win and don't have the trust that a legislative solution or even a "limiter" is possible. Personally I would let the tech companies come up with a solution that the rest can review and approve/reject.

Watching the House Hearing ... interesting how many don't understand or have a significant lack of understanding while others appear to be well versed.

MS CHU just put some excellent points. Loved her referencing companies who make safes are not responsible for keeping a key, and if law enforcement wants in, they should deal with the issue of resolving it themself, whether they produce a key or blow it.

FBI says, "we cant do it"
tough luck fed, get over yourself, Apple will win this, (i really really really hope). For our future of privacy.

 

[kdarling]

If you have not read this already, the statement submitted by Susan Landau to the House Judiciary Committee does a great job at spelling in layman's terms where the FBI is in comparison to other companies and agencies (http://judiciary.house.gov/?a=Files.Serve&File_id=B3AF6E9E-B599-4216-B2F9-1AEE6A1D90CD).
Interesting read.

Thank you very much. Indeed, an interesting read.

She does point out what I've been saying, that Apple could make a per-device keyed OS version that could not be used on any other phone.

Yet her advice seems to be that the government should stop trying to make Apple comply, and instead invest millions in its own set of forensic tools and methods, up to and including reading stored data bits inside chips via electron microscopes... with the end desired result being that they could crack any phone without Apple's help.

Ironically, the FBI gaining that much power would result in exactly the opposite situation as Apple claims to want, since then there'd be even less civilian oversight, as Apple's lawyers would never see any of the requests.

Also, her argument (and Apple's) that creating one-off OS versions per device could mean that the knowledge could eventually leak from Apple just makes no sense to me. If Apple cannot keep a secret under those circumstances, then Apple cannot keep the same secret in any case.

Not true. UNless you have the source code to iOS and iTune or the sideload mechanism, the cat isn't "out of the bag"

Oh please. Source is not necessary. A real engineer/hacker can go through code like a knife through butter.

I've reverse engineered so much code it's not even funny. And FAST too. I was infamous in some circles for it, in the past.

As for iOS, it's probably much easier with all its documentation. Look at how fast many people jailbreak new iOS versions, too.

With both source code and inside knowledge, an Apple OS developer could do this hack in days, if they haven't already done it by now as an experiment. The reason Apple says 6-10 people is because they claim they also need tech writers to document it, lawyers to make sure records are kept, security personnel, secretaries and managers.

 

[old-wiz]

The judge says: "must take place among legislators who are equipped to consider the technological and cultural realities of a world their predecessors could not begin to conceive".. hhahahahahaha.... legislators only listen to the people who bribe them, not to citizens. Legislators equipped?? hahah Most of the people in Congress know about as much on encryption/decryption technologies as they do about nuclear physics or general relativity.

 

[tgara]

Not sure where this will end up. Based on my personal use (all my stuff on all my devices is encrypted), I hope the FBI fails in their endeavor. I can see far too many ways for this to go wrong if they win and don't have the trust that a legislative solution or even a "limiter" is possible. Personally I would let the tech companies come up with a solution that the rest can review and approve/reject.

Thank you very much. Indeed, an interesting read.

She does point out what I've been saying, that Apple could make a per-device keyed OS version that could not be used on any other phone.

Yet her advice seems to be that the government should stop trying to make Apple comply, and instead invest millions in its own set of forensic tools and methods, up to and including reading stored data bits inside chips via electron microscopes... with the end desired result being that they could crack any phone without Apple's help.

Ironically, the FBI gaining that much power would result in exactly the opposite situation as Apple claims to want, since then there'd be even less civilian oversight, as Apple's lawyers would never see any of the requests.

Also, her argument (and Apple's) that creating one-off OS versions per device could mean that the knowledge could eventually leak from Apple just makes no sense to me. If Apple cannot keep a secret under those circumstances, then Apple cannot keep the same secret in any case.

Good points. So try this:

Which situation is more or less desirable?

A. Apple complying with the government request, holding on to the phone in question, keeping (or destroying) whatever proprietary software and systems they come up with to get into the phone, and simply providing the decrypted data to the FBI, per the current court request; or

B. Apple NOT complying, causing the government use their own forensics lab or to go to a third party to decrypt the phone (assuming they can), and the FBI keeping the decrypting software for future use.

I suggest situation A is much better for everybody. Apple's secrecy is legendary, so I'm assuming they can keep this particular software under the same tight controls. I would much rather have Apple maintain this decrypting software than the government.