Apple Unlocking iPh...
 
Notifications
Clear all

Apple Unlocking iPhones vs US Government

84 Posts
18 Users
0 Likes
7,810 Views
(@dan0841)
Posts: 91
Trusted Member
Topic starter
 

It will be interesting to see who wins this one and how/if it's resolved

BBC Apple vs LE

 
Posted : 17/02/2016 1:26 pm
(@dcs1094)
Posts: 146
Estimable Member
 

The FBI has asked Apple to do two things.

First, it wants the company to alter Farook's iPhone so that investigators can make unlimited attempts at the passcode without the risk of erasing the data.

"Hi Apple, you know that security flaw you patched? Can you reinstate it again?"

roll Not going to happen!

 
Posted : 17/02/2016 4:48 pm
(@trewmte)
Posts: 1877
Noble Member
 

Apple's Open Letter
https://www.apple.com/customer-letter/
"But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone."

What is fascinating is that Apple isn't (implicitly or explicitly) disagreeing with the principle that backdooring is impossible, merely that they don't want to put that principle into final practice.

Judge's Order
https://assets.documentcloud.org/documents/2714001/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf

 
Posted : 17/02/2016 10:59 pm
hcso1510
(@hcso1510)
Posts: 303
Reputable Member
 

First off let me start by saying that even before Riley I have always been an advocate for obtaining a search warrant to search a cell phone. I don't work terrorism related cases, but I do work cases involving the Internet and victims under the age of 18.

I'm sure I'll have some of my facts off a bit, but I hope you will judge me on the overall and not take an opportunity to pick me apart. I don't know if you look at Eric Snowden as a hero or a villain, but much of the security talk today is related to the things he disclosed.

I'm painting with a broad brush, but to some extent Apple has decided that a note typed into one of its locked cell phones should receive greater 4th Ammendment protection than a note that is scribbled on a piece of paper currently in your locked residence.

So here I am, a law enforcement officer with a criminal case and probable cause. With a search warrant law enforcement can get into cars, residences, and locked containers, but not a locked cell phone?

Several years ago, I believe it was around the time the 4S came out, Apple encrypted its data within their phones, which basically rendered Cellular forensic tools impotent, provided the phone was locked.

Lots of hackers out there I guess so Apple wanted to provide customers with added security. The forensics folks weren't all that excited about it, but I get it.

Law enforcement would then get a Search Warrant and send the phone off to Apple with an external drive and get the contents back at a later date. Apple, I would assume,was swamped with work that they were not getting paid for?

Then we all awoke one sunny day and found out that if we downloaded the new fix Apple would no longer be able to open these phones at their facility and provide encryption that only the user could access.

Hmmmmm. Prior to this "Fix" is that what the public was crying out for?

Now I have no idea what the internal communications at Apple were prior to the "Fix", but I would imagine during a board meeting one day the CEO asked how the Law Enforcement Assistance Group was doing and the reply was

Boss, we are being totally over run with requests from law enforcement to pull content out of these phones. We have trained people leaving because they are worked so hard and we have had to hire additional examiners. We are taking on additional costs every day and one of our employees was looking at an article on an ACLU/EFF/Digitaldueprocess website that suggested that even if we were complying with a lawful search warrant, supported by probable cause, we were nothing more that acting as agents of the government.

CEO "Dear God, we can't have that. Someone might go out and by an Android. Get the chief tech dude in here now. Were gonna put a stop to this crap. Tech dude, we need to create a "Fix" and in doing so we will tell everyone that only the end user can access the device. We will tell everyone from this day forward we can't. Of coarse if one of us gets locked out of our phones you guys will need to get into them, but we will tell everyone we can't. From this day forward this will be the company line.

The above is somewhat tongue and cheek, but can anyone tell me that this was done for any other reason than a financial one? And by the way, under the 'old system' of Apple examining the phone and dumping the content onto an external drive can anyone tell me about how your data was compromised?

I think at some point the pendulum swings back slightly. I don't believe general public wants to be spied on and neither do I. However I do believe that the general public believes law enforcement should have the ability to access a cell phone when they have probable cause.

Just my two cents. How about you?

 
Posted : 18/02/2016 5:01 am
(@mark_adp)
Posts: 63
Trusted Member
 

I am inclined to agree that both Apple and other HSM don't want to be overloaded with requests from LEA. They have configured their phones in such a way that there is now no "backdoor" in, however they must still be able to brute force a device using the right custom signed boot loaders.

I would be very surprised if its a capability issue, but more a capacity issue and a PR issue. People buy iPhones because they are secure, while what is being proposed (from my understanding) would not reduce the security of every phone, only the ones being submitted to Apple, from a PR perspective, it doesn't look good.

 
Posted : 18/02/2016 12:38 pm
(@gorvq7222)
Posts: 229
Reputable Member
 

I do worry about iOS forensics going dark~ Apple claims that they want to protect people's privacy and Apple decide not to let LE got chance to dig out the evidence from a passcode locked iDevice…The truth is that manufacturers couldn't care less about privacy or security…they care about sales and revenue…

Imagine that one day you buy a auto car whose name is "iCar" and you lost the key/password to wake up your iCar… Apple will tell you that sorry for no any chance to bring your iCar back alive, and the only thing you could do is to download ipsw and use iTunes to flash your iCar. What about the data inside the iCar like driving records??? Data is gone with the wind and Apple doesn't give a s**t! No matter the driving records inside iCar have something to do with a criminal case or not, Apple won't aid LE to extract the evidence. Of couse it's easier for Apple to do so and the Police or FBI or CIA or NSA won't bother Apple any more.

 
Posted : 18/02/2016 7:59 pm
 meso
(@meso)
Posts: 10
Active Member
 

I have problems believing that Apple doesn't have the ability to access a locked device. I think it revolves around public perception of their security and the fear of losing sales. It's not logical to think that a company that produces such sophisticated hardware and software has no backdoor into it. No one will ever be able to convince me that if one of Tim Cook's loved ones was murdered and evidence of that crime was contained on a locked IOS device that he would not provide technical resources to law enforcement to open the device.

As a citizen, I want privacy and security, while recognizing that a judge can give law enforcement access to my private stuff.

As a law enforcement officer, I respect people's right to privacy in their homes and on their digital devices, while fully expecting that if I have probable cause (facts, circumstances, or other information that would lead a reasonable person to believe that a crime has been committed or is about to be committed, that a certain individual is responsible for that crime, and evidence of that crime is contained on the device), that I can obtain a search warrant from a judge to get the data, utilizing whatever technical means are necessary.

I'm very interested to see where this goes…..

 
Posted : 18/02/2016 11:17 pm
(@trewmte)
Posts: 1877
Noble Member
 

CONUNDRUM!

What would make YOU decide to backdoor where the interest of a matter is greater than privacy and security?

Place in your order of importance the below and highlight at what stage you would expect Apple to concede and backdoor their devices for the greater good?

10………………..backdoor device to find a burglary/car thief
9………………..backdoor device to find local cannabis supplier
8………………backdoor device to find IIoC photo distributor/procurer
7…………….backdoor device to find people trafficker
6…………..backdoor device to find arms smuggler
5………..backdoor device to find LE or civilian murderer
4………backdoor device to find agent spreading bacterial warfare
3…….backdoor device to find murderer of national president
2…..backdoor device to find kidnapper of 30 babies from hospital
1…backdoor device to find where nuclear device placed before explodes

Remember more is less and less is more.

 
Posted : 19/02/2016 12:02 am
(@dan0841)
Posts: 91
Trusted Member
Topic starter
 

CONUNDRUM!

What would make YOU decide to backdoor where the interest of a matter is greater than privacy and security?

Place in your order of importance the below and highlight at what stage you would expect Apple to concede and backdoor their devices for the greater good?

10………………..backdoor device to find a burglary/car thief
9………………..backdoor device to find local cannabis supplier
8………………backdoor device to find IIoC photo distributor/procurer
7…………….backdoor device to find people trafficker
6…………..backdoor device to find arms smuggler
5………..backdoor device to find LE or civilian murderer
4………backdoor device to find agent spreading bacterial warfare
3…….backdoor device to find murderer of national president
2…..backdoor device to find kidnapper of 30 babies from hospital
1…backdoor device to find where nuclear device placed before explodes

Remember more is less and less is more.

1 - 8 Inclusive. I would, however, make sure there are sufficient safeguards as with other Telecoms based requests (At least in the UK anyway).

 
Posted : 19/02/2016 1:27 am
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Apart from the specific case (and the opportunity and the Law, and Privacy and everything else) there is an underlying issue IMHO
https://www.apple.com/customer-letter/

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The good Apple guys are not saying that what the FBI asked is impossible (which is what I seemed to understand they said to everyone else before) they are saying that
1) it does not exist (yet)
2) that they will try to not make it

Till now the debate was more whether a new version of the OS would have been made in such a way to allow access to the encrypted data without knowing the pin/password/etc., it was assumed (or implied, or both) that it was not possible to replace parts (or the whole) OS on a "locked" device, i.e. both the encryption was "unbreakable" but also was not "by-passable", the news seem to be that while the encryption is still "unbreakable", it is actually "by-passable".

In other words one thing is creating a new OS that has a backdoor and install it on a new or however "unlocked" device, another thing is "injecting" an OS with a backdoor in an existing, "locked" device.

jaclaz

 
Posted : 19/02/2016 5:17 pm
Page 1 / 9
Share: