US AG Lynch says FBI not asking Apple to break into iPhone, simply disable 'password blocker'

Posted:
in General Discussion edited March 2016
In a follow-up interview to her appearance at Tuesday's RSA security conference, U.S. Attorney General Loretta Lynch said the FBI is not asking Apple to break into an iPhone linked to last year's San Bernardino shootings, it only wants the company to disable built-in security safeguards.




While technically true, Lynch's statement, aired as part of a one-on-one session with Bloomberg's Emily Chang, typifies what appears to be a fundamental misunderstanding of modern encryption declared in recent days by high-ranking government players. The interview gave Lynch a chance to air Department of Justice concerns over Apple's resistance to comply with a federal court order compelling its assistance in unlocking an iPhone used by terror suspect Syed Rizwan Farook.

As smartphones like iPhone become increasingly ubiquitous on the open market, law enforcement agencies are finding effective digital evidence procurement strategies paramount to successful criminal investigations. A leader in the mobile space, Apple has been called upon to offer assistance in data retrieval operations, which in the past included direct extractions, giving the FBI a clear route to securing deemed crucial material. That changed with the release of iOS 8 when Apple stopped cataloging device encryption keys, making it virtually impossible for the company to crack an iOS device without also breaking its own encryption mechanism.
"By the way, we don't want Apple to break into the phone, we don't want Apple to go into the phone and pull data out. What we want them to do is essentially preserve the information that is on the phone and essentially disable the password blocker that would destroy the data." - US Attorney General Loretta Lynch
As Apple's chief lawyer Bruce Sewell said in a congressional hearing earlier on Tuesday, the FBI is asking the company to create and sign an intentionally flawed version of iOS that suppresses the subject phone's passcode attempt counter, passcode attempt timer and touchscreen input module. Once the specialized OS is loaded onto Farook's device, government agents will be able to conduct a brute-force attack without fear of permanently destroying the stored encryption key.

Stronger encryption means a more secure device for customers, but a much more difficult nut to crack for the FBI. Unfortunately, the Justice Department is unwilling, or unable, to adapt its operational tactics and toolset to a rapidly shifting security landscape. Lynch said as much in the Bloomberg interview, but did so as an argument in favor of forcing Apple's hand.

"We're applying the same principles that if we were trying to go into a home and look at a file full of certain kinds of papers, we go to a court and we say there's a narrow set of evidence that we need and here's where it's located," she said.

Since the FBI is conducting business as usual, Lynch implies Apple should do likewise and comply with the request as it has done many times before. She glosses over the fact that Apple does not have the software necessary to complete the task, meaning resources would have to be dedicated solely to its creation. Indeed, during yesterday's hearing Rep. Darrell Issa (R-CA) drew an analogy between Apple and a theoretical manufacturer of paper shredders. He asked New York District Attorney Cyrus Vance, who played the yin to Sewell's yang, whether he knew of an instance in which the government conscripted engineers from a shredder company to reassemble a shredded document. Vance said he knew of no such case.



As for a possible solution to the dilemma at hand, Lynch suggests Apple treat the case like it would a normal customer service call. Again, this is technically sound theory considering the San Bernardino County Department of Public Health, Farook's former employer, owns the iPhone in question.

"I think in this case it's really important to note that the customer -- the actual customer of the phone that's an issue in the instant case -- is the one that's requested Apple's help," Lynch said. "So one way to simply resolve this is for Apple to work with its own customer and work out a way to resolve this issue."

Of course, Apple does not and cannot unlock an iPhone for a customer who forgot their passcode. It may be possible to obtain a snapshot of the data on said device by forcing an automated iCloud backup (if so configured), but beyond that there is little recourse. In fact, Apple suggested a similar workaround to gleaning data off Farook's iPhone 5c before it was discovered that the FBI changed the Apple ID password associated with that device, effectively rendering the option moot. FBI Director James Comey admitted the decision was a mistake during his turn in front of the House committee on Tuesday.

Near the end of the interview, Chang asked Lynch to respond to Apple's assertion that the creation of any software workaround, even a one-off that could somehow be destroyed after its intended use, compromises all iOS devices.

"I think that there's some very interesting technical issues here, but this is bigger than a technical issue. In particular, when a company has been able to respond to government requests for help until their previous operating system, so they clearly have the ability to do it," Lynch said.
«134

Comments

  • Reply 1 of 71
    jameskatt2jameskatt2 Posts: 707member
    Lynch is not very bright or is a baldface liar. 
    morganhighleybrian greenEsquireCatspostmananantksundaramicoco3creativeoopsnouserjbdragonmacseeker
  • Reply 2 of 71
    She is a special kind of stupid. 
    brian green[Deleted User]decondoscreativeoopsnouserjbdragonbuzdotspropodradster360damn_its_hot
  • Reply 3 of 71
    I can only hope that Apple isn't pulling any punches with this. This is the biggest fight they've ever been in and will directly impact their future, as well as all users of their technology. This is THE fight they simply can not afford to lose.
    [Deleted User]nouserjbdragonstskbadmonk
  • Reply 4 of 71
    matrix077matrix077 Posts: 602member
    Is she being intentionally stupid?
    [Deleted User]latifbpnouserjbdragonbadmonk
  • Reply 5 of 71
    brakkenbrakken Posts: 677member
    I still think she is trolling.

    People with now understanding of technical developments in current encryption should keep worthless comments to themselves.
    [Deleted User]anantksundaramnouserbadmonk
  • Reply 6 of 71
    foggyhillfoggyhill Posts: 4,767member
    What the hell is she even talking about?
    She thinks we are morons.
    nouserjbdragon
  • Reply 7 of 71
    pigybankpigybank Posts: 158member
    Disabling protection against multiple incorrect password entries opens the phone to electronic brute force attack, but everyone in this forum already knows this because we're not complete morons like Loretta.
    [Deleted User]latifbpnouserjbdragondamn_its_hotbadmonk
  • Reply 8 of 71
    fotoformatfotoformat Posts: 284member
    If a scenario like this - and a few others coming from the same direction in the past ten days - were scripted into a TV series such as, I dunno... perhaps N.C.I.S., I'm sure the writer would get thrown off the production team because it's so poorly thought out coming from so-called 'intelligent' people! However, an interesting story line would be that the F.B.I. indeed HAD found the four-digit passcode in the terrorist's flat (most folks write them down somewhere easy to find), and used it successfully to get the info they wanted... before asking the local government office to change the passcode... then playing the 'innocent' party asking Apple for help... all along hoping to be given a 'golden key' to the future! Just sayin' ;-)
    leavingthebiggnouserrob53daren_mitchellbaconstangbadmonk
  • Reply 9 of 71
    lymflymf Posts: 65member
    "I think that there's some very interesting technical issues here, but this is bigger than a technical issue. In particular, when a company has been able to respond to government requests for help until their previous operating system, so they clearly have the ability to do it," Lynch said.

    Clearly you don't have the ability to understand the problem so why should you be asked to answer it?
    anantksundaramnouserjbdragondamn_its_hotbadmonk
  • Reply 10 of 71
    snovasnova Posts: 1,281member
    yes, very "interesting" technical issues indeed.   You may want to spend some more time on that one to better answer your own question.

    edited March 2016 brakkennouserjbdragonbadmonk
  • Reply 11 of 71
    Sure, let Apple keep the lock but make it have a single-digit passcode so the federal agencies (and whoever else gets their hands on the software) have it easy to break. Maybe the gun manufacturers should have to make guns where every time one bullet is fired the user has to put in a ten-digit password in order to make it fire again. That would slow shootings down quite a bit. Nah. Better to go after Apple because iPhones are very dangerous to consumers and useful for terrorists. /s
    nouserrob53Rayz2016jony0
  • Reply 12 of 71
    What absurd doublespeak. It doesn't matter what she calls it - the outcome is equally devastating. Politicians need to get a grip that this isn't something that can be spun, this is mathematics - they can't wish it out of existence, they can't outlaw it, they can't put an import ban on it.
    nouserbadmonk
  • Reply 13 of 71
    In her logic, then we can rephrase ISIS as not destroying Western countries, just disable the Western culture. And will be no violent or any kind of sexual assault, because you're just simply disable the "self-protect watchdog" of the victims' brain. This logic is not bullshit, just un-absorbed cow food Why are this idiots in charge of DoJ? Anyone with a proper education would not say that. It's just wrong to the ears.
    brakkennouserRayz2016
  • Reply 14 of 71
    GoreckiGorecki Posts: 29member
    "We dont want the key to your house. We just want you to keep the door open."
    latifbpboopthesnootquadra 610nouserbaconstangSir_Turkeyjfc1138designrbadmonkkevin kee
  • Reply 15 of 71
    postmanpostman Posts: 35member
    "While technically true, Lynch's statement, aired as part of a one-on-one session with Bloomberg's Emily Chang, typifies what appears to be a fundamental misunderstanding of modern encryption declared in recent days by high-ranking government players."

    Loretta Lynch is either acting as a political spin doctor obligated to support the DoJ, or based on her absurdly long-winded simplistic view of the bigger privacy repercussions from unlocking that iPhone, she sounds more like just 
    another technological ignoramus. In either case, she apparently is not qualified to give a knowledgeable opinion regarding iPhone encryption and Apple's role in the bigger issue being discussed. Lynch could easily become an embarrassment to the administration and should probably stop speaking on Tv about this anymore – at least until it has played out in Congress and the courts.
    edited March 2016 nouserrob53badmonk
  • Reply 16 of 71
    If the FBI is low on manpower, can they conscript citizens to perform the duties of FBI agents? No. So why should they be able to effectively conscript Apple for their software lab and compel them to write a new version of the operating system? There's a difference between cooperation with law enforcement and becoming a de facto extension of law enforcement by creating new products for them through a court order.
    gunner1954nouserbaconstangbadmonk
  • Reply 17 of 71
    US AG Lynch, I respectfully suggest you follow the link below and read the speech presented to you. After you have read the speech in it's entirety, let"s have an open and honest dialogue about why the FBI chose to use terroristic fear tactics once again to get what it wanted from Americans. Thank you.

    https://en.m.wikisource.org/wiki/Remarks_of_Senator_Barack_Obama_on_New_Hampshire_Primary_Night
    baconstangdamn_its_hotbadmonk
  • Reply 18 of 71
    There should be a test you have to do before you're allowed to speak about these things. Disabling the security features of the passcode/lockscreen IS a backdoor... *facepalm*
    nouser
  • Reply 19 of 71
    chaickachaicka Posts: 98member
    Interesting... Now the whole world knows what kind of leadership is leading US.
    nouser
  • Reply 20 of 71
    brakkenbrakken Posts: 677member
    In her logic, then we can rephrase ISIS as not destroying Western countries, just disable the Western culture. And will be no violent or any kind of sexual assault, because you're just simply disable the "self-protect watchdog" of the victims' brain. This logic is not bullshit, just un-absorbed cow food Why are this idiots in charge of DoJ? Anyone with a proper education would not say that. It's just wrong to the ears.
    Love it! The wittiest insight today!
    Too bad we can't implement a passcode on idiots' mouths before they comment.
    nouser
Sign In or Register to comment.