|
Source: (consider it)
|
Thread: Security v. Freedom
|
lilBuddha
Shipmate
# 14333
|
Posted
The FBI have won an order in court to direct Apple to help decrypt the iPhone of a jihadist shooter.
Apple have refused stating that a backdoor into the OS would be likely abused.
In societies that desire to be free, there will always be a battle between what rights we cede for protection by our governments and those we keep for protection from them.
So where is your line, re encryption of electronic devices and communications?
--------------------
I put on my rockin' shoes in the morning
Hallellou, hallellou
Posts: 17627 | From: the round earth's imagined corners | Registered: Dec 2008
| IP: Logged
|
|
Lamb Chopped
Ship's kebab
# 5528
|
Posted
I don't understand. Either there is an existing backdoor into the OS, or there isn't. If there is, I don't see how obliging the FBI would lead to further abuses (it's not like they're going to publish the backdoor, after all, and it's existence would be common knowledge regardless of what choice they make). If there is no backdoor, then they could simply have told the FBI so.
is it possible that the FBI is asking not for a backdoor but for complete access to the OS code, in the hopes of breaking in?
--------------------
Er, this is what I've been up to (book).
Oh, that you would rend the heavens and come down!
Posts: 20059 | From: off in left field somewhere | Registered: Feb 2004
| IP: Logged
|
|
Doublethink.
Ship's Foolwise Unperson
# 1984
|
Posted
The way it was reported on BBC radio was that Apple was saying it could not currently accesss the data - and that to write software to do so would create a security problem.
So effectively claiming there currently isn't a back door.
--------------------
All political thinking for years past has been vitiated in the same way. People can foresee the future only when it coincides with their own wishes, and the most grossly obvious facts can be ignored when they are unwelcome. George Orwell
Posts: 19219 | From: Erehwon | Registered: Aug 2005
| IP: Logged
|
|
Curiosity killed ...
Ship's Mug
# 11770
|
Posted
According the BBC reports, the FBI want to get into the phone. To do this they have to find the PIN code by trial and error. Apple have to be involved as it needs their coding signature to allow repeated trials, rather than being locked out after a number of erroneous entries.
--------------------
Mugs - Keep the Ship afloat
Posts: 13794 | From: outiside the outer ring road | Registered: Aug 2006
| IP: Logged
|
|
lilBuddha
Shipmate
# 14333
|
Posted
quote:
Originally posted by Doublethink.:
The way it was reported on BBC radio was that Apple was saying it could not currently accesss the data - and that to write software to do so would create a security problem.
So effectively claiming there currently isn't a back door.
Currently is the key word. If Apple successfully break into the phone, there would effectively would be even if we argue the technical correctness of using the term backdoor.
Lamb chopped, how much do you trust your government? Not only the current, but future. Google the FISA court battles.
--------------------
I put on my rockin' shoes in the morning
Hallellou, hallellou
Posts: 17627 | From: the round earth's imagined corners | Registered: Dec 2008
| IP: Logged
|
|
Schroedinger's cat
Ship's cool cat
# 64
|
Posted
So Apple cannot hack their own phones. Which is good, because if they can't then others probably can't either.
The FBI want them to, because they don't understand encryption? Makes sense.
I suppose I want total security and total privacy, because I am not a security risk. In the end, I am willing to accept that my privacy is not absolute, especially when I am online. I am not happy about that, but I am prepared to accept some compromise there - and I know my bank seem to be very good at contacting me when there is a change in account behaviour.
The other side of this is that those who can access my data are not judgemental. If I am a security threat, come and talk to me. If not, so what if I like Busty Betty's Big Bang Emporium.
--------------------
Blog
Music for your enjoyment
Lord may all my hard times be healing times
take out this broken heart and renew my mind.
Posts: 18859 | From: At the bottom of a deep dark well. | Registered: May 2001
| IP: Logged
|
|
Leorning Cniht
Shipmate
# 17564
|
Posted
quote:
Originally posted by lilBuddha:
and that to write software to do so would create a security problem.
This is nonsense. If software can be written to circumvent the security, there is already a security problem. Whether or not Apple has chosen to write the software yet isn't terribly relevant.
In this case, it seems as though there's a software function that wipes the phone after some number of failed attempts, and the FBI want a version of the software without that function, so they can brute-force the passcode.
Posts: 5026 | From: USA | Registered: Feb 2013
| IP: Logged
|
|
Schroedinger's cat
Ship's cool cat
# 64
|
Posted
quote:
Originally posted by Leorning Cniht:
quote:
Originally posted by lilBuddha:
and that to write software to do so would create a security problem.
This is nonsense. If software can be written to circumvent the security, there is already a security problem.
Not necessarily. Apple may have access to parts of the code that are not accessible to other developers, and knowledge and understanding of how to access key parts of the system. There is a possibility that Apple could produce something that others couldn't. Because of how restrictive Apple are, it may be a possibility.
--------------------
Blog
Music for your enjoyment
Lord may all my hard times be healing times
take out this broken heart and renew my mind.
Posts: 18859 | From: At the bottom of a deep dark well. | Registered: May 2001
| IP: Logged
|
|
Dafyd
Shipmate
# 5549
|
Posted
There's a difference I think between asking Apple to break into a particular phone, and asking Apple to show them how to break into any phone.
--------------------
we remain, thanks to original sin, much in love with talking about, rather than with, one another. Rowan Williams
Posts: 10567 | From: Edinburgh | Registered: Feb 2004
| IP: Logged
|
|
Alan Cresswell
Mad Scientist 先生
# 31
|
Posted
But, any potential security risk can only be realised if details of what Apple do to facilitate access to the phone become known beyond the group of programmers who develop the hack. I'm sure neither Apple nor the FBI have any desire to do that.
--------------------
Don't cling to a mistake just because you spent a lot of time making it.
Posts: 32413 | From: East Kilbride (Scotland) or 福島 | Registered: May 2001
| IP: Logged
|
|
lilBuddha
Shipmate
# 14333
|
Posted
Form a CNN Money article:
quote:
Cook said that to comply with the ruling, Apple will have to rewrite its iOS operating system.
--------------------
I put on my rockin' shoes in the morning
Hallellou, hallellou
Posts: 17627 | From: the round earth's imagined corners | Registered: Dec 2008
| IP: Logged
|
|
Doc Tor
Deepest Red
# 9748
|
Posted
AIUI, Apple have designed the phone so that it is secure against intrusion, and the FBI are asking Apple to show them how a secure phone can be cracked. Which makes a mockery of the 'secure' part of the phone.
Now, while neither Apple nor the FBI want to advertise how a secure phone magically becomes insecure, part of the iPhone's appeal is that it's secure. If they agree to the FBI's demands, Apple will then be selling an insecure phone. Android encryption apps are, of course, readily available.
--------------------
Forward the New Republic
Posts: 9131 | From: Ultima Thule | Registered: Jul 2005
| IP: Logged
|
|
Honest Ron Bacardi
Shipmate
# 38
|
Posted
AIUI, what Apple is being asked to do is to effectively write a specific update of iOS (the iPhone operating system) that will not contain the current default of scrambling the data if more than the set number of unsuccessful passcodes is entered. This will allow the FBI to use brute-force techniques to crack the phone's security by entering 4-digit passcodes until they hit the correct one.
If that's correct, there is no backdoor nor will there be one. But there appears to be no impediment to commissioning a third party to reverse-engineer iOS and write the required software. No doubt there will be obstacles to overcome to do that, but it looks feasible. But I assume will take too long for the nature of the enquiries they want to make.
--------------------
Anglo-Cthulhic
Posts: 4857 | From: the corridors of Pah! | Registered: May 2001
| IP: Logged
|
|
lilBuddha
Shipmate
# 14333
|
Posted
Adding that nothing exists in a vacuum. The government security communities have been against private encryption since it very beginnings. Any inroad will be heavily traveled.
--------------------
I put on my rockin' shoes in the morning
Hallellou, hallellou
Posts: 17627 | From: the round earth's imagined corners | Registered: Dec 2008
| IP: Logged
|
|
|
|
anteater
Ship's pest-controller
# 11435
|
Posted
I'm torn on this, having worked for many years on computer and IT security. By natural inclination I'm suspicious of governments, and I cannot see how people can think that it unreasonable.
We know that the government spies on us and lies about it, and the problem with loss of trust is it takes a long time to regain it.
Having said that I'm not involved in any activism that might attract the attention of the authorities, and I can accept that there are bad people around and we are tying the police by having unbreakable security.
Our prejudices are often fed by resentment and are not always creditable. For instance, most peoples only contact with the police is to get fined for doing marginally over the limit. The only time we have a robbery the police admitted there was little point in hoping for a resolution, mainly because they were certain that the robber had an inside police collaborator.
But who knows, I may once need the police and then if they needed to decrypt a phone to protect me I may well experience a change of view!
Difficult. Isn't it a pity that there's no much casual lying and corruption in the government and law enforcement.
--------------------
Schnuffle schnuffle.
Posts: 2538 | From: UK | Registered: May 2006
| IP: Logged
|
|
|
|
Golden Key
Shipmate
# 1468
|
Posted
Does this mean that the NSA couldn't hack it? Or that agencies still aren't playing nicely with each other?
--------------------
Blessed Gator, pray for us!
--"Oh bat bladders, do you have to bring common sense into this?" (Dragon, "Jane & the Dragon")
--"Oh, Peace Train, save this country!" (Yusuf/Cat Stevens, "Peace Train")
Posts: 18601 | From: Chilling out in an undisclosed, sincere pumpkin patch. | Registered: Oct 2001
| IP: Logged
|
|
Beeswax Altar
Shipmate
# 11644
|
Posted
I dislike Apple, the federal government, and jihadists.
I'm torn.
--------------------
Losing sleep is something you want to avoid, if possible.
-Og: King of Bashan
Posts: 8411 | From: By a large lake | Registered: Jul 2006
| IP: Logged
|
|
simontoad
Ship's Amphibian
# 18096
|
Posted
I like it when the law requires that Courts approve intrusive investigative steps before they are taken by law enforcement authorities, provided that the right set of tests are open to be applied. I think it's appropriate given the complexity of information technology and its ubiquity in rich countries that the Court can order IT companies to facilitate access to their technology.
I thing the right set of tests for courts to apply is whether in the particular circumstances before it, issuing the order sought is in the public interest.
--------------------
Human
Posts: 1571 | From: Romsey, Vic, AU | Registered: May 2014
| IP: Logged
|
|
RuthW
liberal "peace first" hankie squeezer
# 13
|
Posted
quote:
Originally posted by Beeswax Altar:
I dislike Apple, the federal government, and jihadists.
I'm torn.
I am too, but the extensive damage this could do to Apple's business seems like an important consideration. How many people will opt for Samsung if Apple complies with this order? Especially given that more than half of all iPhones are sold outside the US.
Posts: 24453 | From: La La Land | Registered: Apr 2001
| IP: Logged
|
|
Lamb Chopped
Ship's kebab
# 5528
|
Posted
quote:
Originally posted by lilBuddha:
Lamb chopped, how much do you trust your government? Not only the current, but future. Google the FISA court battles.
Why are you asking me this question? My response had nothing to do with trust in the government (as if) and everything to do with the technical aspects of the situation. A backdoor is a name for a software programmer's deliberately designed way of getting past the security on a software program without having to go through the usual hoops, and by definition exists since before it was released to the public. Backdoors are supposed to be closed before public release, as they are obvious security risks, but you can easily imagine all the reasons a company might NOT actually close all the backdoors, leading to users' indignation.
From what you write later it appears you are not speaking of an actual backdoor, but rather of proprietary knowledge that would make breaking in easier in general.
--------------------
Er, this is what I've been up to (book).
Oh, that you would rend the heavens and come down!
Posts: 20059 | From: off in left field somewhere | Registered: Feb 2004
| IP: Logged
|
|
Lamb Chopped
Ship's kebab
# 5528
|
Posted
Later:
Okay, having read your link from further down the thread, it seems that what the FBI is asking for is that Apple construct a backdoor to be added to the phone via a software update--and is promising, pinkies crossed, that they will only use it on this one single iPhone.
Ain't gonna happen.
If Apple does this, it'll quickly become a routine request to all sorts of software providers. Or at least, all sorts of software developers that the US has any power over--which leaves US businesses at a disadvantage.
And I don't see how it would be much of an advantage for the FBI in the ongoing arms race that is computer security.
The thing I'm having a hard time visualizing is what information on a phone could possibly be so critical that the FBI could not do their job without it. Certainly it would speed things up, provide corroborating evidence, etc. etc. but if something like 9/11 is in the works again, I would expect the FBI to be picking up signals from more places than a single confiscated iPhone. Maybe I'm not thinking creatively enough.
--------------------
Er, this is what I've been up to (book).
Oh, that you would rend the heavens and come down!
Posts: 20059 | From: off in left field somewhere | Registered: Feb 2004
| IP: Logged
|
|
orfeo
Ship's Musical Counterpoint
# 13878
|
Posted
quote:
Originally posted by Schroedinger's cat:
I suppose I want total security and total privacy, because I am not a security risk.
Should your self-assessment make you immune to a court order?
This is the thing that bothers me more than anything else. Frankly, it doesn't matter two hoots whether Apple thinks it's a good idea or not. I'm sure they argued in court that it wasn't a good idea.
But a judge weighed all that up, and made a decision. And unless someone can show that that decision was outside the judge's powers, it's contempt of court to not obey.
And obedience to court decisions is not, has never been, and should never be conditional on you agreeing with the court's decision. Otherwise you get Kim Davis refusing to issue marriage licences.
[ 18. February 2016, 06:53: Message edited by: orfeo ]
Posts: 18173 | From: Under | Registered: Jul 2008
| IP: Logged
|
|
orfeo
Ship's Musical Counterpoint
# 13878
|
Posted
quote:
Originally posted by Lamb Chopped:
If Apple does this, it'll quickly become a routine request to all sorts of software providers.
To which the routine response should be: "get a court order".
Apple shouldn't do this on the basis of a request. They should do it because they've been commanded to do so. There's a massive difference, the difference between the FBI wanting it done and a judge wanting it done.
[ 18. February 2016, 06:57: Message edited by: orfeo ]
--------------------
Technology has brought us all closer together. Turns out a lot of the people you meet as a result are complete idiots.
Posts: 18173 | From: Under | Registered: Jul 2008
| IP: Logged
|
|
Macrina
Shipmate
# 8807
|
Posted
Is there any reason why the FBI can't just give the phone to Apple under secure conditions and let them crack it then give it back? That way Apple doesn't have to let the FBI have the code to tempt them to use it again and no one will know how the code works except Apple?
Not that I like this situation one bit, it's morally grey.
Posts: 535 | From: Christchurch, New Zealand | Registered: Nov 2004
| IP: Logged
|
|
mdijon
Shipmate
# 8520
|
Posted
quote:
Originally posted by Macrina:
Is there any reason why the FBI can't just give the phone to Apple under secure conditions and let them crack it then give it back?
I would guess because Apple staff don't have the FBI's trust to delve into the data on jihadist networks and pass it on untampered-with to the FBI. Personally if I was an Apple member of staff I would be quite concerned for my safety in doing that and I doubt that Apple would want to put its employees in that position.
--------------------
mdijon nojidm uoɿıqɯ ɯqıɿou
ɯqıɿou uoɿıqɯ nojidm mdijon
Posts: 12277 | From: UK | Registered: Sep 2004
| IP: Logged
|
|
Macrina
Shipmate
# 8807
|
Posted
Good point ![[Smile]](smile.gif) I really don't know enough about the technology hence my question.
What about just making sure they could unlock the phone? i.e give them the password to the device?
Posts: 535 | From: Christchurch, New Zealand | Registered: Nov 2004
| IP: Logged
|
|
Curiosity killed ...
Ship's Mug
# 11770
|
Posted
The password to the phone is a PIN number. Ir it's anything like my daughter's i-phone or my Windows phone, it's 4 digit code. That means there are 10^4 options = 10000.
iPhones have something embedded in their coding that means that the phone wipes if too many wrong attempts are made at a PIN number. Which is one of the things that the FBI has asked Apple to write a code to avoid.
Apple need to be involved as their coding signatures are required to change Apple devices. (That one is according to the BBC news.)
--------------------
Mugs - Keep the Ship afloat
Posts: 13794 | From: outiside the outer ring road | Registered: Aug 2006
| IP: Logged
|
|
mdijon
Shipmate
# 8520
|
Posted
It sounds like it isn't as simple as that - I think they can only get in by doing what those of us who know as much about technology as I do call a complicated thing. Something to do with backdoors and brute force and other words.
I think the Mexican stand-off is that the FBI wouldn't trust Apple to be looking at the sensitive data without messing it up and Apple wouldn't trust the FBI to know how to get in without abusing the knowledge in the future.
--------------------
mdijon nojidm uoɿıqɯ ɯqıɿou
ɯqıɿou uoɿıqɯ nojidm mdijon
Posts: 12277 | From: UK | Registered: Sep 2004
| IP: Logged
|
|
Paul.
Shipmate
# 37
|
Posted
quote:
Originally posted by Macrina:
Is there any reason why the FBI can't just give the phone to Apple under secure conditions and let them crack it then give it back? That way Apple doesn't have to let the FBI have the code to tempt them to use it again and no one will know how the code works except Apple?
Actually that's exactly what they've asked for.
The FBI are asking for an iOS update that will a) disable the wipe-after-10-wrong-guesses code, b) allow guesses to be entered via computer rather than manually and c) remove the delay that's added after a wrong guess. They've asked that this update be coded to the hardware key of the specific iPhone so it couldn't be used elsewhere. It's also suggested that it be loaded by Apple at Apple premises and that after that either the phone is handed back or the FBI get remote access to it via a computer.
(Source see the paragraph beginning "As a remedy...")
So I think Apple's resistance is more about the legal precedent than the technical one.
Posts: 3689 | From: UK | Registered: Jun 2004
| IP: Logged
|
|
Paul.
Shipmate
# 37
|
Posted
quote:
Originally posted by orfeo:
This is the thing that bothers me more than anything else. Frankly, it doesn't matter two hoots whether Apple thinks it's a good idea or not. I'm sure they argued in court that it wasn't a good idea.
But a judge weighed all that up, and made a decision. And unless someone can show that that decision was outside the judge's powers, it's contempt of court to not obey.
But it's not contempt of court to appeal, which AIUI is what Apple plan to do. And I assume one of the first steps in the appeal process would be to seek some sort of order which allows them to delay following the original order until the appeal is ruled on.
Posts: 3689 | From: UK | Registered: Jun 2004
| IP: Logged
|
|
orfeo
Ship's Musical Counterpoint
# 13878
|
Posted
quote:
Originally posted by Paul.:
quote:
Originally posted by orfeo:
This is the thing that bothers me more than anything else. Frankly, it doesn't matter two hoots whether Apple thinks it's a good idea or not. I'm sure they argued in court that it wasn't a good idea.
But a judge weighed all that up, and made a decision. And unless someone can show that that decision was outside the judge's powers, it's contempt of court to not obey.
But it's not contempt of court to appeal, which AIUI is what Apple plan to do. And I assume one of the first steps in the appeal process would be to seek some sort of order which allows them to delay following the original order until the appeal is ruled on.
Absolutely true.
Meanwhile, though, they're deciding to try the case in the court of public opinion, with an open letter to their users. THAT is most definitely not one of the steps in appealing. It's a PR stunt designed to create sympathy and/or pressure. And as a person dedicated to the rule of law, it's exactly the kind of stunt that I hate.
--------------------
Technology has brought us all closer together. Turns out a lot of the people you meet as a result are complete idiots.
Posts: 18173 | From: Under | Registered: Jul 2008
| IP: Logged
|
|
Jane R
Shipmate
# 331
|
Posted
Why should electronic documents be more private than anything else? In a murder investigation, if you have reason to believe that (physical) documents which will help the police build a case are hidden in the suspect's house or locked in a safe, you get a court order to allow you to look for them. If the owner refuses to give you the key you have the authority to break open the safe, and the safe manufacturer doesn't get to say 'You can't do that, it will encourage criminals to break into other safes made by us'.
[ 18. February 2016, 10:43: Message edited by: Jane R ]
Posts: 3958 | From: Jorvik | Registered: May 2001
| IP: Logged
|
|
Alan Cresswell
Mad Scientist 先生
# 31
|
Posted
The question is, should the safe manufacturer be forced to assist in the safe breaking? At their own expense and thereby undermining their "no one has ever broken into our safes" advertising campaign.
--------------------
Don't cling to a mistake just because you spent a lot of time making it.
Posts: 32413 | From: East Kilbride (Scotland) or 福島 | Registered: May 2001
| IP: Logged
|
|
quetzalcoatl
Shipmate
# 16740
|
Posted
I thought that in US law, code is seen as speech, and thus, Apple are being asked to produce a form of speech (code) to unlock the phone.
I have no idea whether this is unconstitutional or not in the US, but it's possible that you can't force someone to produce speech.
--------------------
I can't talk to you today; I talked to two people yesterday.
Posts: 9878 | From: UK | Registered: Oct 2011
| IP: Logged
|
|
Albertus
Shipmate
# 13356
|
Posted
I wonder how much of Apple's position is derived from a genuine and principled concern about users' privacy- and how much about the possible commercial effect of Apple kit becoming known, or thought, not to be as secure as that of its competitors.
Posts: 6498 | From: Y Sowth | Registered: Jan 2008
| IP: Logged
|
|
lowlands_boy
Shipmate
# 12497
|
Posted
Apple have always been masters of marketing, and I'm sure they see this principled crusade as excellent marketing.
As to the question of whether they should be made to participate, and Alan's analogy about safes. I'm pretty sure that if you buy a safe, it has some serial number that allows the vendor to produce a replacement key. I recently had a lock replaced on a car that was more than 15 years old, and the original car vendor was able to send me (or rather, an approved repairer), a matching barrel to be installed in the door lock so the key didn't need to be changed.
As for the technicalities of what is being asked for. I'm sure that allowing more variants of the key to be entered is trivial, as is eliminating the delay between retries. Allowing the key to be entered over a USB connection might be a bit more complex, but even if they just did the first two things, it wouldn't take very long to manually try 10,000 entries by hand. If I was sure that the data wasn't going to be wiped, I'd try a bunch of common values first.
Posts: 836 | From: North West UK | Registered: Apr 2007
| IP: Logged
|
|
Sioni Sais
Shipmate
# 5713
|
Posted
quote:
Originally posted by orfeo:
quote:
Originally posted by Paul.:
quote:
Originally posted by orfeo:
This is the thing that bothers me more than anything else. Frankly, it doesn't matter two hoots whether Apple thinks it's a good idea or not. I'm sure they argued in court that it wasn't a good idea.
But a judge weighed all that up, and made a decision. And unless someone can show that that decision was outside the judge's powers, it's contempt of court to not obey.
But it's not contempt of court to appeal, which AIUI is what Apple plan to do. And I assume one of the first steps in the appeal process would be to seek some sort of order which allows them to delay following the original order until the appeal is ruled on.
Absolutely true.
Meanwhile, though, they're deciding to try the case in the court of public opinion, with an open letter to their users. THAT is most definitely not one of the steps in appealing. It's a PR stunt designed to create sympathy and/or pressure. And as a person dedicated to the rule of law, it's exactly the kind of stunt that I hate.
Thanks for putting this in black and white.
What we have here is data. Just about every territory on earth has laws governing data protection and disclosure whether that data is in a card index, your Facebook wall or tucked away in a program like a proprietory OS.
--------------------
"He isn't Doctor Who, he's The Doctor"
(Paul Sinha, BBC)
Posts: 24276 | From: Newport, Wales | Registered: Apr 2004
| IP: Logged
|
|
deano
princess
# 12063
|
Posted
I'm not torn on this at all. I believe you can all guess where my sympathies lie.
I trust the government. They can be voted out. Jihadis can't.
I have no sympathy for Apple. They are big boys and in this case they need to realise they exist because of the freedoms they would not have if they existed under a Jihadist regime.
Sometimes things are black and white, and you have to pick a side. Apple is being offered that choice.
Put it this way, if Apple win their case then I won't buy any Apple products and I suspect I won't be alone. There are plenty of alternatives.
--------------------
"The moral high ground is slowly being bombed to oblivion. " - Supermatelot
Posts: 2118 | From: Chesterfield | Registered: Nov 2006
| IP: Logged
|
|
Alan Cresswell
Mad Scientist 先生
# 31
|
Posted
quote:
Originally posted by lowlands_boy:
As to the question of whether they should be made to participate, and Alan's analogy about safes. I'm pretty sure that if you buy a safe, it has some serial number that allows the vendor to produce a replacement key. I recently had a lock replaced on a car that was more than 15 years old, and the original car vendor was able to send me (or rather, an approved repairer), a matching barrel to be installed in the door lock so the key didn't need to be changed.
But, those are examples of a manufacturer providing a replacement key to the legitimate owner of the safe/car. The FBI is not the legitimate owner of the phone - though they are in possession of it legally (assuming all due processes for collecting evidence were followed).
The analogous service would be for Apple to provide a means for people to access their phone if they have forgotten their PIN. Do they have such a service? I assume not, otherwise the FBI wouldn't be asking Apple to provide such a convoluted route to get into the phone.
--------------------
Don't cling to a mistake just because you spent a lot of time making it.
Posts: 32413 | From: East Kilbride (Scotland) or 福島 | Registered: May 2001
| IP: Logged
|
|
Crœsos
Shipmate
# 238
|
Posted
quote:
Originally posted by Alan Cresswell:
quote:
Originally posted by Jane R:
If the owner refuses to give you the key you have the authority to break open the safe, and the safe manufacturer doesn't get to say 'You can't do that, it will encourage criminals to break into other safes made by us'.
The question is, should the safe manufacturer be forced to assist in the safe breaking? At their own expense and thereby undermining their "no one has ever broken into our safes" advertising campaign.
More to the point, the state is asking the safe manufacturer (to extend the metaphor) to make it a master key to open all their safes. This not only completely obliterates the selling point AC mentioned, it seems prone to abuse.
Fun fact: the expanded surveillance powers the U.S. implemented to "fight terrorism" have been used much more frequently (by several orders of magnitude) in drug-related cases.
quote:
Originally posted by deano:
I'm not torn on this at all. I believe you can all guess where my sympathies lie.
I trust the government. They can be voted out. Jihadis can't.
Depends on the government, doesn't it? Would you be as sanguine about the Chinese or Egyptian state demanding a way decrypt any of Apple's products? Because once such a tool exists you can be fairly certain other states will also demand its use. "Sorry, but you're not a democratic government" isn't an argument that's likely to fly in the courts of those countries.
--------------------
Humani nil a me alienum puto
Posts: 10706 | From: Sardis, Lydia | Registered: May 2001
| IP: Logged
|
|
lowlands_boy
Shipmate
# 12497
|
Posted
quote:
Originally posted by Alan Cresswell:
quote:
Originally posted by lowlands_boy:
As to the question of whether they should be made to participate, and Alan's analogy about safes. I'm pretty sure that if you buy a safe, it has some serial number that allows the vendor to produce a replacement key. I recently had a lock replaced on a car that was more than 15 years old, and the original car vendor was able to send me (or rather, an approved repairer), a matching barrel to be installed in the door lock so the key didn't need to be changed.
But, those are examples of a manufacturer providing a replacement key to the legitimate owner of the safe/car. The FBI is not the legitimate owner of the phone - though they are in possession of it legally (assuming all due processes for collecting evidence were followed).
The analogous service would be for Apple to provide a means for people to access their phone if they have forgotten their PIN. Do they have such a service? I assume not, otherwise the FBI wouldn't be asking Apple to provide such a convoluted route to get into the phone.
Well, I think the first point is moot. Syed Farook is dead, so presumably he's not very interested in what happens next to his phone. Plus which the phone was owned by the San Bernardino County Department of Public Health, where Farook worked. It wasn't actually his, and the owner has given the FBI permission to search the phone.
I agree that they presumably don't have a simple access service for PIN codes though. But I don't think that's an issue anyway - according to the court, the FBI have a legitimate interest in the phone, and the FBI are also happy for the custom software required to be tied to the phone.
It was possible for Apple to bypass security features in older versions of iOS in a simpler way. That they have "chosen" to take themselves out of that loop shouldn't mean that a court can't order them to do it.
I'm sure that lots of high profile service providers have been ordered to provide access to data that someone thought was secure. It was foolish of Apple to assume that they'd be allowed to do declare their devices secure when it was obvious that such a bypass could be created.
Note that Apple haven't denied the technical feasibility at all.
--------------------
I thought I should update my signature line....
Posts: 836 | From: North West UK | Registered: Apr 2007
| IP: Logged
|
|
Paul.
Shipmate
# 37
|
Posted
quote:
Originally posted by Crœsos:
More to the point, the state is asking the safe manufacturer (to extend the metaphor) to make it a master key to open all their safes.
But are they? According to the link I posted earlier the FBI requested the "key" (SIF) "be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE" i.e they're asking for a key specific to that safe.
However in their statement Apple say
quote:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
Which implies that either they can't make it for a single phone (unlikely as the encryption is already based on a per-phone unique key) or that they believe that such a single-phone insecure version of the OS could be hacked and turned into a general purpose tool.
Posts: 3689 | From: UK | Registered: Jun 2004
| IP: Logged
|
|
lowlands_boy
Shipmate
# 12497
|
Posted
The Chinese probably have all the necessary code. The FBI should just ask them....
--------------------
I thought I should update my signature line....
Posts: 836 | From: North West UK | Registered: Apr 2007
| IP: Logged
|
|
Jane R
Shipmate
# 331
|
Posted
Paul. quote:
Which implies that either they can't make it for a single phone (unlikely as the encryption is already based on a per-phone unique key) or that they believe that such a single-phone insecure version of the OS could be hacked and turned into a general purpose tool.
Does anybody actually believe their claim that their phones are impossible to hack anyway? Given enough time and computing power, nothing is completely secure. The only security lies in making it very, very difficult for anyone who wants to hack in and hoping that they'll go after easier targets. Same principle as preventing a burglary, in fact; window locks and burglar alarms are all very well, but anyone who really wants to get in will manage it somehow.
Posts: 3958 | From: Jorvik | Registered: May 2001
| IP: Logged
|
|
quetzalcoatl
Shipmate
# 16740
|
Posted
I paused when I read, 'Apple was told to build software that would ...'. I'm not sure if that is a correct paraphrase, but assuming it is, I wonder if it is constitutional for the govt to order a private individual to do certain work, or utter certain speech (i.e. code)?
That is a genuine question, because in some situations it may be so. But I leave this for you constitutional experts.
--------------------
I can't talk to you today; I talked to two people yesterday.
Posts: 9878 | From: UK | Registered: Oct 2011
| IP: Logged
|
|
Lamb Chopped
Ship's kebab
# 5528
|
Posted
Just to clarify if anybody's confused--the FBI aren't asking them to break the encryption, they intend to do that themselves if it can be done. (There are forms of encryption out there that are so far unbreakable, as far as we know.)What they are doing is asking them to disable secondary security features that prevent a brute force attack on the encryption issue.
--------------------
Er, this is what I've been up to (book).
Oh, that you would rend the heavens and come down!
Posts: 20059 | From: off in left field somewhere | Registered: Feb 2004
| IP: Logged
|
|
lowlands_boy
Shipmate
# 12497
|
Posted
quote:
Originally posted by Lamb Chopped:
Just to clarify if anybody's confused--the FBI aren't asking them to break the encryption, they intend to do that themselves if it can be done. (There are forms of encryption out there that are so far unbreakable, as far as we know.)What they are doing is asking them to disable secondary security features that prevent a brute force attack on the encryption issue.
Yes - in this case, the "encryption" is linked explicitly to the pin code, which is only 4 digits long. By any measure, this is extremely weak and would be crackable in a fraction of a second. The issue is the "self destruct" that is built in after ten attempts.
--------------------
I thought I should update my signature line....
Posts: 836 | From: North West UK | Registered: Apr 2007
| IP: Logged
|
|
lilBuddha
Shipmate
# 14333
|
Posted
quote:
Originally posted by Paul.:
or that they believe that such a single-phone insecure version of the OS could be hacked and turned into a general purpose tool.
Bing, Bing, Bing, we have a winner!
----------------------
It is ridiculous to phrase this as Apple v. the FBI or to care based upon one's opinion of Apple.*
It is equally foolish to frame this a Apple v. jihadi or jihadi v. government.
As far as the law goes, that should not be held as sacrosanct either. It should always be a right to challenge a law, not only through the courts, but through civil disobedience.
And this is a civil liberties matter.
*For the record, though I have Apple products, I am not a massive fan of the company. And even were I, I think that is a ridiculous criterion to use to form an opinion in a matter such as this.
--------------------
I put on my rockin' shoes in the morning
Hallellou, hallellou
Posts: 17627 | From: the round earth's imagined corners | Registered: Dec 2008
| IP: Logged
|
|
Printer-friendly view
