Potentially worse than that even, if they were able to reverse engineer the software. I haven't seen much informed commentary on whether an iPhone loaded with a weakened operating system would open the possibilty of a true backdoor in the wild if it got into the wrong hands.
How could a "weakened operating system" even be installed without the passcode? If I remember correctly (and I could be wrong) the passcode has to be entered to permit upgrading. If not, just being able to replace the OS without having to enter a passcode is itself a significant weakness.
Let's steer this discussion away from Apple. The San Bernardino terrorists did not use iphone to kill Americans but used freely available Guns.So, before messing up with privacy,security,civil rights, freedom and liberty, let's put better Gun control laws that would not allow any Muslim to possesses gun in this country.
This is the type of bigoted comment we don't need in the US. There are plenty of instances where lily white Christian American "terrorists" have gunned down innocent people. I'm all for gun control, starting with our over-sized military, but limiting it to only Muslims is insane.
I suspect that technical organizations with a large employee base such as Apple already have "informers" or "moles" sympathetic to the FBI/NSA that are in position to transfer key "know-how" in support of national security. When these assets went looking for the methods or code it did not exist. Therefore the FBI/NSA needed to compel Apple to develop the methods. Once developed the embedded assets can help guide the appropriate organizations for its duplication. Unfortunately there are likely other national assets likewise embedded. The safe harbor is to not develop the "know-how".
Potentially worse than that even, if they were able to reverse engineer the software. I haven't seen much informed commentary on whether an iPhone loaded with a weakened operating system would open the possibilty of a true backdoor in the wild if it got into the wrong hands.
How could a "weakened operating system" even be installed without the passcode? If I remember correctly (and I could be wrong) the passcode has to be entered to permit upgrading. If not, just being able to replace the OS without having to enter a passcode is itself a significant weakness.
I think that Apple has that capability. It is, at least, implicit that they do or this entire discussion would be moot.
The assinine presumption is that there is anything of significance on the phone in the first place. I am guessing the odds are there is really nothing of import on the phone, and yet if the FBI prevails, all that will be accomplished is the precedent of forcing law-abiding citizens to go above and beyond to aid authorities. Methinks that is the real intent, and the contents of said phone is irrelevant to Comey. Any words about "Justice" and the "victims' families" are just grandstanding BS.
What are Apple Iphone users so defensive about ?? Are you techies all buying drugs or watching child porn or something????????
Apple users are sick , terrorist supporting commie lib drug dealing child porn watching sickos.....
I am keeping it real! My phone contains logon information for various websites, including banking and other types of financial sites. That's what Apple is protecting. As for your Android phone, the government can already easily break into your garbage phone and get everything the want, which in your case probably isn't anything intelligent.
What are Apple Iphone users so defensive about ?? Are you techies all buying drugs or watching child porn or something????????
Apple users are sick , terrorist supporting commie lib drug dealing child porn watching sickos.....
What's with the huge influx of new POS trolls lately? AI has always had a few idiots show up now and then, but the last few months it seems we get several new posters per article.
I'm sure it's envious Android users upset by the fact they have to read weekly updates on Apple seeding new iOS updates to developers while they continue to wait for their 2 year old Android OS to be updated.
Yes, they crossed their heart and maybe even hoped to die that it would only ever be this phone - because this will ever be the only case where they want to unlock an iPhone. And they only want to disable the bit that wipes the iPhone - the part about removing the delay between tries and allowing passcodes to be sent via USB isn't even worth mentioning because they have no impact on the ability to unlock a phone. And they won't actually prosecute anyone if they find evidence, because that might mean having to release the tool for third party validation (http://www.zdziarski.com/blog/). No effect beyond this case ever. Never ever ever.
I suspect that technical organizations with a large employee base such as Apple already have "informers" or "moles" sympathetic to the FBI/NSA that are in position to transfer key "know-how" in support of national security. When these assets went looking for the methods or code it did not exist. Therefore the FBI/NSA needed to compel Apple to develop the methods. Once developed the embedded assets can help guide the appropriate organizations for its duplication. Unfortunately there are likely other national assets likewise embedded. The safe harbor is to not develop the "know-how".
Sharp
So you're saying that Apple is full of computer terrorists ready to sabotage iOS. What you're also saying is what most of us agree with, the FBI and NSA are, in essence, criminal organizations who refuse to follow any law because they feel they are above it. The FBI has been that way since J. Edgar Hoover started it. He violated so many laws with his attacks on people that the current attack on Apple is minor. If people really wanted to clean up our government, we'd seriously investigate all the activities of these homegrown terrorists organizations, purge the really bad people, and create legal and ethical replacements. I'd start by removing the illegal Dept. of Homeland Security (created by Bush after 9/11).
There is far more to this than just breaking in to the iPhone. There is a great blog article by a Forensics expert regarding this wish of the FBI. He explains how one of the biggest problems is when things hit the courts and information found on the phone is involved. Here is the URL to the article. I found it extremely enlightening as I had never thought about this part of the problem. http://www.zdziarski.com/blog/?p=5645
Why not deliver the phone to Apple, they could apply a patch and deliver the data?
Because once Apple writes the new operating system, the FBI wants the phone back. It's the FBI who will try to hack into the phone. Unless you trust the FBI now and forever, the FBI will most assuredly hack into the weakened operating system and learn as much as they can about Apples's operating system. This information is worth hundreds of billions of dollars. It's unimaginable that this information would not be leaked.
The assinine presumption is that there is anything of significance on the phone in the first place. I am guessing the odds are there is really nothing of import on the phone, and yet if the FBI prevails, all that will be accomplished is the precedent of forcing law-abiding citizens to go above and beyond to aid authorities. Methinks that is the real intent, and the contents of said phone is irrelevant to Comey. Any words about "Justice" and the "victims' families" are just grandstanding BS.
You don't get to make that judgment. Whether you agree with the FBI's request or find it an attack on privacy, these investigators have a legal warrant to search that phone. Your opinion of the odds don't come into it at all.
Let's steer this discussion away from Apple. The San Bernardino terrorists did not use iphone to kill Americans but used freely available Guns.So, before messing up with privacy,security,civil rights, freedom and liberty, let's put better Gun control laws that would not allow any Muslim to possesses gun in this country.
ANY muslim? i mean thats a bit harsh aint it. i understand where your coming from but they are not all bad.
Maybellene. She started back doing the things she used
to do.
ANDY
Jaywalking?
BARNEY
Yup.
ANDY
And you need to know who she was talking to when you
nabbed her?
BARNEY
Yup.
ANDY
Probably Jay.
BARNEY
Maybe. Maybe not.
ANDY
This is the third back door subpoena this week.
BARNEY
Andy, this is vitally important. We need to track down
who’s behind this rash of jaywalking.
ANDY
You know, the folks over at Apple are pretty backed
up. They got over thirty thousand back door subpoenas just this week.
BARNEY
Precedent, Andy, precedent. They owe it to this great
country of ours. Now, are you against crime or not?
ANDY
Well, you know, Barney, if we threw the entire town in
jail, that would pretty much put a stop to jaywalking. But you can’t fight
crime by taking away folks’ freedom.
BARNEY
Frankly, my dear friend, there are times I think you
just don’t give a darn about patriotism.
All a search warrant does is to allow the government to ATTEMPT to open a safe, or read your mail, etc. it doesn’t mean that you have to cooperate. It means that if necessary, the government has to do the work.
That’s no different here. If the government want to try this themselves, no one is saying that they shouldn’t. But requiring Apple to do so is putting everyone on edge. A problem is that a company is only required to do this if it doesn’t present an undue burden.
While the FBI is saying that it’s only one phone, that’s nonsense, and they know it. If Apple does this one phone, they will get thousands of requests from US law enforcement for every imaginable offense. Then Apple will get thousands of “requests” from every foreign government. They will need to open a department of programmers and manage to, as well as a legal team to evaluate every request, and to implement those that they consider legal, which itself will lead to some possible court action.
This is both improper, and impossible.'
I'm not sure where the "undue burden" criteria comes in. Is there precedent for that?
But it's really beside the point. I agree that others will ask for the same help and that Apple will suffer as a consequence. But this is a commercial argument, not a privacy argument. I have (surprisingly) found myself agreeing with the DOJ on this. There is no Orwellian threat to privacy here. But there is a commercial threat to Apple and its brand. MHO, that is not grounds for refusal.
Just the fact that he says this proves he's not listening, or doesn't care. The truth is that what he asks for is not possible. You can't have your cake and eat it too.
He is implying that if Apple modifies the phone to allow unlimited, rapid attempts, then that will not permit them, or anyone else, to use that on any other phone. Great in principle except, as pointed out before, at a minimum it sets a precedent to make a court-sanctioned request for more than just information, would demonstrate that this vulnerability exists, and sets the bar much higher for the level of assistance LE can expect from third parties in an investigation. In the worst case, he is wrong, and it does become a master key.
Well that's just not correct. DOJ is attempting a very unsophisticated attack that won't work in the future. One simple method of preventing it is to use alphanumeric passcodes. A 10-character alpha passcode is essentially unbreakable by brute force attack.
A more elegant solution for Apple would be to engineer either a longer passcode delay in hardware -- one that can't be overridden by software. Another approach might be to increase the power draw associated with passcode processing so that the phone goes into thermal runaway if you try passcodes too quickly.
The FBI knows that this is a limited trick that won't work for long. But they want to get into this one phone used by a terrorist to kill Americans.
All a search warrant does is to allow the government to ATTEMPT to open a safe, or read your mail, etc. it doesn’t mean that you have to cooperate. It means that if necessary, the government has to do the work.
That’s no different here. If the government want to try this themselves, no one is saying that they shouldn’t. But requiring Apple to do so is putting everyone on edge. A problem is that a company is only required to do this if it doesn’t present an undue burden.
While the FBI is saying that it’s only one phone, that’s nonsense, and they know it. If Apple does this one phone, they will get thousands of requests from US law enforcement for every imaginable offense. Then Apple will get thousands of “requests” from every foreign government. They will need to open a department of programmers and manage to, as well as a legal team to evaluate every request, and to implement those that they consider legal, which itself will lead to some possible court action.
This is both improper, and impossible.'
I'm not sure where the "undue burden" criteria comes in. Is there precedent for that?
But it's really beside the point. I agree that others will ask for the same help and that Apple will suffer as a consequence. But this is a commercial argument, not a privacy argument. I have (surprisingly) found myself agreeing with the DOJ on this. There is no Orwellian threat to privacy here. But there is a commercial threat to Apple and its band. MHO, that is not grounds for refusal.
Encryption must work for everyone or it works for no one. Encryption is what stands between you, everything you own and every hacker on Earth.
Seems to me that the FBI going all editorial on this is a sure sign of a weak position.
In in related news, the police want TSA-style master key locks mandated on everyone's house in case it becomes necessary to search it. Not to worry, master key will be kept in a safe and can only be used with a court order. An East Texas court order.
Comments
I suspect that technical organizations with a large employee base such as Apple already have "informers" or "moles" sympathetic to the FBI/NSA that are in position to transfer key "know-how" in support of national security. When these assets went looking for the methods or code it did not exist. Therefore the FBI/NSA needed to compel Apple to develop the methods. Once developed the embedded assets can help guide the appropriate organizations for its duplication. Unfortunately there are likely other national assets likewise embedded. The safe harbor is to not develop the "know-how".
Sharpo
Are you sure your name isn't Harpo?
ANY muslim? i mean thats a bit harsh aint it. i understand where your coming from but they are not all bad.
ANDY
What is it, Barney?
BARNEY
Need another back door subpoena, Andy.
ANDY
What now?
BARNEY
Maybellene. She started back doing the things she used to do.
ANDY
Jaywalking?
BARNEY
Yup.
ANDY
And you need to know who she was talking to when you nabbed her?
BARNEY
Yup.
ANDY
Probably Jay.
BARNEY
Maybe. Maybe not.
ANDY
This is the third back door subpoena this week.
BARNEY
Andy, this is vitally important. We need to track down who’s behind this rash of jaywalking.
ANDY
You know, the folks over at Apple are pretty backed up. They got over thirty thousand back door subpoenas just this week.
BARNEY
Precedent, Andy, precedent. They owe it to this great country of ours. Now, are you against crime or not?
ANDY
Well, you know, Barney, if we threw the entire town in jail, that would pretty much put a stop to jaywalking. But you can’t fight crime by taking away folks’ freedom.
BARNEY
Frankly, my dear friend, there are times I think you just don’t give a darn about patriotism.
But it's really beside the point. I agree that others will ask for the same help and that Apple will suffer as a consequence. But this is a commercial argument, not a privacy argument. I have (surprisingly) found myself agreeing with the DOJ on this. There is no Orwellian threat to privacy here. But there is a commercial threat to Apple and its brand. MHO, that is not grounds for refusal.
Well that's just not correct. DOJ is attempting a very unsophisticated attack that won't work in the future. One simple method of preventing it is to use alphanumeric passcodes. A 10-character alpha passcode is essentially unbreakable by brute force attack.
A more elegant solution for Apple would be to engineer either a longer passcode delay in hardware -- one that can't be overridden by software. Another approach might be to increase the power draw associated with passcode processing so that the phone goes into thermal runaway if you try passcodes too quickly.
The FBI knows that this is a limited trick that won't work for long. But they want to get into this one phone used by a terrorist to kill Americans.
In in related news, the police want TSA-style master key locks mandated on everyone's house in case it becomes necessary to search it. Not to worry, master key will be kept in a safe and can only be used with a court order. An East Texas court order.