Unlocking an iPhone for investigators impossible in 'in most cases,' Apple tells court
Apple cannot unlock an iPhone for government investigators "in most cases now and in the future," lawyers for the company said in a brief submitted to a U.S. District Court, while acknowledging it had some access to the phone at the heart of a Justice Department case.
The DoJ's unlock request would normally be "substantially burdensome," the company said in a Monday court filing seen by the Wall Street Journal. Apple pointed out that the full-disk encryption feature in iOS 8 and 9 should prevent anyone from accessing an iPhone's data without the passcode, including Apple itself.
The phone the Justice Department wants to investigate, however, is running iOS 7, and Apple admitted that it has the capacity to extract "certain categories of unencrypted data" -- excluding email, calendar entries, and third-party app data.
It nevertheless said it would prefer to avoid pulling information from the phone unless forced to, since that might "threaten the trust between Apple and its customers and substantially tarnish the Apple brand."
The company submitted the brief at the request of Magistrate Judge James Orenstein, who is known to favor limits on government surveillance. In an earlier ruling, he suggested that he may not have the authority to force Apple's cooperation, something the Justice Department disputes.
Since 2013 leaks by NSA whistleblower Edward Snowden, Apple has made privacy one of its key marketing points, attacking rival products as insecure. CEO Tim Cook repeated this position at conference on Monday, making a particular point to oppose the backdoors demanded by some U.S. government officials. These would make it easier to fulfill legitimate search warrants, but critics have complained that it would also make mass surveillance easier and expose devices to hackers.
The DoJ's unlock request would normally be "substantially burdensome," the company said in a Monday court filing seen by the Wall Street Journal. Apple pointed out that the full-disk encryption feature in iOS 8 and 9 should prevent anyone from accessing an iPhone's data without the passcode, including Apple itself.
The phone the Justice Department wants to investigate, however, is running iOS 7, and Apple admitted that it has the capacity to extract "certain categories of unencrypted data" -- excluding email, calendar entries, and third-party app data.
It nevertheless said it would prefer to avoid pulling information from the phone unless forced to, since that might "threaten the trust between Apple and its customers and substantially tarnish the Apple brand."
The company submitted the brief at the request of Magistrate Judge James Orenstein, who is known to favor limits on government surveillance. In an earlier ruling, he suggested that he may not have the authority to force Apple's cooperation, something the Justice Department disputes.
Since 2013 leaks by NSA whistleblower Edward Snowden, Apple has made privacy one of its key marketing points, attacking rival products as insecure. CEO Tim Cook repeated this position at conference on Monday, making a particular point to oppose the backdoors demanded by some U.S. government officials. These would make it easier to fulfill legitimate search warrants, but critics have complained that it would also make mass surveillance easier and expose devices to hackers.
Comments
However, that only applies up until I need you to decrypt a phone for my personal benefit. For example, a loved one has been kidnapped, and the information on a phone might return them to me.
In that case, I am against you 100%.
In summary: Protect my information. But not the guy who took my loved one. He doesn't deserve protection.
Now solve my koan. GO!
The government should make ads starring Chloe O'Brian and Jack Bauer trying to decrypt a phone, with Jack saying he'll have to torture a guy if Chloe can't break the encryption. Funny how the same old ticking time bomb/kidnapping scenarios get recycled for the encryption debate that we previously heard in the torture debate.
You go, Apple. I am totally behind you, 100%.
However, that only applies up until I need you to decrypt a phone for my personal benefit. For example, a loved one has been kidnapped, and the information on a phone might return them to me.
In that case, I am against you 100%.
In summary: Protect my information. But not the guy who took my loved one. He doesn't deserve protection.
Now solve my koan. GO!
'Koan'? Curious word so I looked it up. You may mean conundrum rather than the nonsensical or paradoxical question aka koan. Or a synonym for an impossible choice. But thanks for the word of the day.
This part made me bust out laughing in joy:
" the full-disk encryption feature in iOS 8 and 9 should prevent anyone from accessing an iPhone's data without the passcode, including Apple itself."
Keep being bad a** Apple, leave the spying to the competition.
Funny how they've always said hey can't and now they say they can .. How is that possible ?
Have they actually said that about previous versions of iOS? (Not challenging you, I honestly don't recall)
Given the sentiments he's expressing, 'koan' does indeed seem like the apt word. Wasn't it quite obvious?!
Just when I thought I knew every 4 letter word.
Good. Screw the government. Let them do some old fashioned detective work and actually work for their pay checks for a change.
Apple iPhone. Choice of smart criminals worldwide
/s
Here's another thought. If Apple is forced to build in a back door for our government, the Chinese, Russians, Canadians and every other government will demand the same 'respect' and will thus have the 'keys' to decrypt any iPhone and/or its backed up data, including those held by our secretary of state, our president and any other government official, making our private lives vulnerable to ANY government scrying, no matter how well we think law enforcement might protect the key(s) they are given.
It's a lot easier to break down a door (especially a backdoor) than to bust through a solid wall (like that of a walled garden).
For example, if a thief places his money in a safe, is the manufacturer of the safe legally obligated to help the police open the safe?
Without taking sides on an emotional basis, I'd like to understand if that precedent in the physical world can -- or should -- guide policy makers in this new question when using IT-based security mechanisms.
Put them on family share and share loctions. That way
You can track them with find my iPhone if need be and if
Possible. Now I'm not sure how likely is that the kidnapper/s will
Give you his or her name and what divice they are using. And if you family
Gets kidnapped, you are probably not inside the U.S. So it would not be
Much help to have some info.
Given the time and tools any safe can be cracked.
Funny how they've always said hey can't and now they say they can .. How is that possible ?
Apple never said they couldn't. Until iOS 8. with 7 and prior the ability has always been there. Just Apple won't do it without a warrant and strongly resisted even then.
Now they can't cause they don't store the keys anymore. there are no keys actually, not in the same way. they were a potential security risk. that's why you have to trust this computer every time you pull in a device and why you can't connect to the computer if the passcode is on
Does anyone know the legal precedent when using physical security?
For example, if a thief places his money in a safe, is the manufacturer of the safe legally obligated to help the police open the safe?
Without taking sides on an emotional basis, I'd like to understand if that precedent in the physical world can -- or should -- guide policy makers in this new question when using IT-based security mechanisms.
Given the time and tools any safe can be cracked.
But that's not what he asked.
There's other means to get at what they want. In the time it takes to get a reply from a safe manufacturer they can get in it by force.
Does anyone know the legal precedent when using physical security?
For example, if a thief places his money in a safe, is the manufacturer of the safe legally obligated to help the police open the safe?
Without taking sides on an emotional basis, I'd like to understand if that precedent in the physical world can -- or should -- guide policy makers in this new question when using IT-based security mechanisms.
Given the time and tools any safe can be cracked.
But that's not what he asked.
There's other means to get at what they want. In the time it takes to get a reply from a safe manufacturer they can get in it by force.
You may be right, but still not answering the question - which was does the manufacturer have any obligation, under law, to help?