Tim Cook's Letter on the need for Encryption

anvilfour

Short extract from Tim Cook's letter which explains the issue at hand more succinctly than I can :

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

gctest50

anvilfour wrote: »

Short extract from Tim Cook's letter which explains the issue at hand more succinctly than I can :

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

Why not unlock it in the Apple Labs ( as in on Apple's property) in the presence of the FBI staff

Then dig out what they need and let them get on with it

gctest50

anyway - it specifies the serial number of the phone and so on - see attachment

The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE

liamo

Hi

Your points are well made and would reassure some that there is little risk to privacy from this fenced-off operation.

On it's own, and with these "protections" built-in, it doesn't seem (on the face of it) that it's an entirely unreasonable request.

Others, of which I am one, would wonder if the various three-letter security agencies of the US can be trusted with this.

The ability to bypass the phone's security feature does not exist at the moment. Once created, it's very unlikely that Apple will destroy the work as it is quite likely that there will other "once-off" court orders and they're not going to want to re-create it from scratch again and again.

The existence of this back-door is likely to be too great a temptation for security agencies to ignore and they'll be banging down Apple's door with "once-off" court orders.

Who's to say that the scope of the court order will not expand to cover other security features of the phone? Is it unreasonable to think that the security agencies might want their own control over the back-door and demand that Apple hand it over?

There are so many instances of

• wholesale monitoring of citizens and their data;
• blatant abuses of technology and legal process;
• complete lack of regard for the privacy of US (and, let's not forget, EU) citizens;

by security agencies that it is not unreasonable to assume that any tools that weaken security will be abused by these same agencies.

These (and more) reasonable and justifiable concerns are at the heart of Apple's efforts to resist attempts by the FBI to compel them to create this tool.



Not specifically related to this post but to the topic in general : I came across the FBI's motion to the court for this order. It doesn't really add much but it was interesting to read and is here if anyone's interested.

gctest50 wrote: »

Why not unlock it in the Apple Labs ( as in on Apple's property) in the presence of the FBI staff

Then dig out what they need and let them get on with it

gctest50 wrote: »

anyway - it specifies the serial number of the phone and so on - see attachment

anvilfour

gctest50 wrote: »

Why not unlock it in the Apple Labs ( as in on Apple's property) in the presence of the FBI staff

Then dig out what they need and let them get on with it

I've already answered that question, please use scroll button!

anvilfour

gctest50 wrote: »

anyway - it specifies the serial number of the phone and so on - see attachment

As has been pointed out a dozen times already in the thread, it's not possible to create a version of the firmware to unlock this specific phone. Please read before commenting! Thanks.

liamo

anvilfour wrote: »

As has been pointed out a dozen times already in the thread, it's not possible to create a version of the firmware to unlock this specific phone. Please read before commenting! Thanks.

You have indeed made this very point earlier in this thread. Tim Cook's letter would seem to support your point:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks.

However, I do find it interesting that the FBI, in their motion to the court, says that this can be done.

Apple has the ability to modify software that is created to only function within the SUBJECT DEVICE

the SIF (Software Image File) would be created with a unique identifier of the SUBJECT DEVICE so that the SIF would only load and execute on the SUBJECT DEVICE.

The judge, in his order, also refers to this

The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE.

If Apple are able to demonstrate to the satisfaction of the court that it cannot carry out this instruction - that is, software that will only load and execute on that device - I wonder does that nullify the entire order? If it does, I don't expect the FBI to give up. Nor do I expect Apple to be the only company to be on the receiving end of similar orders.

I don't expect this to be over quickly!

anvilfour

liamo wrote: »

You have indeed made this very point earlier in this thread. Tim Cook's letter would seem to support your point:



However, I do find it interesting that the FBI, in their motion to the court, says that this can be done.




The judge, in his order, also refers to this


If Apple are able to demonstrate to the satisfaction of the court that it cannot carry out this instruction - that is, software that will only load and execute on that device - I wonder does that nullify the entire order? If it does, I don't expect the FBI to give up. Nor do I expect Apple to be the only company to be on the receiving end of similar orders.

I don't expect this to be over quickly!

Before the SIF could be coded to an individual device, a generic version would have to be created (at least that is my understanding). It is not possible to create a weakened version of iOS and be certain it'll only be used in this one circumstance ; also if the defence dispute the evidence found on the phone, it's likely that the code would be made available to the court.

It's also important to see the bigger picture. If it's a gunman this time, who will it be next? I like the idea of a Judge signing search warrants on a case by case basis but it's not technically feasible to allow access to just one device without risking everyone else's privacy. Sorry, it just isn't, even if you create a weak version of iOS under controlled conditions.

gctest50

anvilfour wrote: »

Before the SIF could be coded to an individual device, a generic version would have to be created (at least that is my understanding). .....

It is not possible to create a weakened version of iOS and be certain it'll only be used in this one circumstance

course it is unless you don't trust yer programmers not to run off with it


Zerodium were offering 3 million for ios9 fun n games :

The Million Dollar iOS 9 Bug Bounty is tailored for experienced security researchers, reverse engineers, and jailbreak developers, and is an offer made by ZERODIUM to pay out a total of three million U.S. dollars ($3,000,000.00) in rewards for iOS exploits/jailbreaks.

https://www.zerodium.com/ios9.html

anvilfour

gctest50 wrote: »

course it is unless you don't trust yer programmers not to run off with it


Zerodium were offering 3 million for ios9 fun n games :

They're not "my" programmers and this is a lot bigger than corrupt employees. As I mentioned previously the defence would most likely need a full disclosure on how iOS was bypassed.

Once this genie is let out of the bottle and a less secure version of iOS is made, it would only take one mistake for it to end up in the wrong hands.. or of course the FBI could just keep trying to pressure Apple to reveal data on people's devices on a case by case basis indefinitely.

As for jailbreaks and exploits, there's no doubt these exist for iOS devices. However in this case the only way to bypass the passcode would be to flash a less secure version of the firmware onto the device.

The answer is no.

No, no, a thousand times no!

Impetus

If some ‘law officer’ has a good case against someone, let them get a court order to force the mobile phone manufacturer/agent to supply a certified printout of everything that is stored on the phone of the suspect in question – addressbook, caller/called list with date and time, addresses, textos, celltowers, etc . In that way, it helps catch criminals, but leaves billions of normal honest people outside of a broken encryption state, where their devices would be weakened and made even easier to hack etc.

Otherwise they may as well put serial numbers on barcodes on ballot papers in an election, so they can monitor the voting choices of each citizen.
And some might be tempted to take things even further.

A line has to be drawn. Period.

I don’t particularly like Apple (the only thing I share with Trump), and I suspect that their stance is part of a marketing campaign rather than a real commitment to customer privacy and security.

However, I have to agree with much of Tim Cooke’s case in this instance.

anvilfour

Impetus wrote: »

If some ‘law officer’ has a good case against someone, let them get a court order to force the mobile phone manufacturer/agent to supply a certified printout of everything that is stored on the phone of the suspect in question – addressbook, caller/called list with date and time, addresses, textos, celltowers, etc . In that way, it helps catch criminals, but leaves billions of normal honest people outside of a broken encryption state, where their devices would be weakened and made even easier to hack etc.

It's a nice idea Impetus but not very feasible if you want to prevent honest people having their encryption broken like you said.

For starters we're already in a situation where a court order has been made to try to force the mobile phone manufacturer to reveal what is on the device. Apple have (rightly refused).

The issue here is that even if the phone is brought securely to Apple, a non-secure version of iOS would still have to be developed - once this was on the phone it could be copied to other devices (admittedly this would be difficult). Also once a non-secure version of iOS has been created it could also be copied onto any other device as we've already discussed.

Even if Apple produced a shopping list of the data mentioned, if it were used in court the Defence would most likely need access to data on how the information was gathered to make sure the suspect gets a fair trial, making it quite likely that the code for a non-secure version of iOS will end up in the wrong hands.

Don't forget also that the FBI have the phone so they can get a court order from the cellphone provider to release details about numbers dialled, the rough location of the phone at any given time etc.

anvilfour

Please see the FAQ about this matter here on Apple website:

http://www.apple.com/customer-letter/answers/

Please read this before commenting as we've had the same points come up several times now.

gctest50

anvilfour wrote: »

Please see the FAQ about this matter here on Apple website:

http://www.apple.com/customer-letter/answers/

Please read this before commenting as we've had the same points come up several times now.

Has Apple unlocked iPhones for law enforcement in the past?

No..............




For devices running the iPhone operating systems prior to iOS 8 and under a lawful court order, we have extracted data from an iPhone.


We’ve built progressively stronger protections into our products with each new software release, including passcode-based data encryption, because cyberattacks have only become more frequent and more sophisticated. As a result of these stronger protections that require data encryption, we are no longer able to use the data extraction process on an iPhone running iOS 8 or later.
Hackers and cybercriminals are always looking for new ways to defeat our security, which is why we keep making it stronger.



We are now helping terrorists worldwide

.

liamo

The case for fighting the court's order has been made a few times in a few different ways in this thread.

While you are most definitely entitled to your opinion, it would count for more if you were to back it up with a little explanation. As it stands, it's little more than a soundbite.

Why do you say "We are now helping terrorists worldwide"?

There are many other means of encrypting voice and data that have nothing to do with Apple. If Apple (and/or others) are compelled to break or weaken security on their devices, the people who most want to keep their secrets will find a way to do so. Terrorists and criminals will still do what terrorists and criminals do and nothing will have been achieved except to weaken security for everyone else.

Care to comment with something a little more substantial?

gctest50 wrote: »

We are now helping terrorists worldwide

anvilfour

gctest50 wrote: »

.

The idea that promoting the use of encryption without a backdoor is aiding terrorism is a very old one and has been fairly thoroughly debunked.

You can readily take the time to find this out yourself but the most compelling arguments against mandated backdoors or key escrow for encryption products are :

- It's largely ineffective, at least in the case of bulk data collection. The NSA program for instance failed to prevent a single terrorist incident.

- Split key encryption (whereby the government has a copy of a key to unlock everyone's personal data) is not technologically feasible. Even the FBI has admitted this already. Even if we could come up with backdoored devices/software there'd be nothing to stop people from using alternatives or even creating their own. Even if you introduced a national standard for encryption where the government has the master key, terrorists are known for not obeying the rules.

- As pointed out earlier in the thread and by this paper written by the foremost computer security experts in the world, any attacker who discovers the backdoor e.g Chinese Intelligence services would have access to your personal information. Again Terrorists would simply avoid using such backdoored products but innocent people's privacy could be compromised.

- Further to the above, A new worldwide survey of encryption products, compiled by noted cryptographer Bruce Schneier and colleagues Kathleen Seidel and Saranya Vijayakumar, shows just how rich the worldwide catalogue of encryption products is for anyone seeking alternatives.
Bruce who is probably the world's best known expert on Computer Security says : "The implication: "Any mandatory backdoor will be ineffective simply because the marketplace is so international."".

A good example is one of Bruce's own encryption algorithms Blowfish (old but reliable!) - Source code available here though in reality you could write it on the back of a napkin.

- This said, in countries where access to the internet is severely curtailed e.g Cuba, a mandatory backdoor would be an ideal way for a dictatorship to crack down on dissidents. Again Terrorists would have more resources to get their hands on an alternative product.


TLDR : A "key under the digital door mat" is a bad idea is because it is :

- Unfeasible to set up given how prolific encryption products are.
- Unfairly affects innocent people.
- Doesn't help stop Terrorists who will switch to different products.
- Further to the above there is little evidence to support the idea that mass surveillance prevents terrorism.
- Could be exploited by foreign governments to spy on our citizens or dissidents in their own regime.

BigEejit

Anyone remember this news: http://www.telegraph.co.uk/news/uknews/3333366/Half-of-councils-use-anti-terror-laws-to-spy-on-bin-crimes.html

If they make a law compelling Apple to break their own encryption to gain access to someones data, its only a matter of time before that same law is abused by other parts of government.

anvilfour

See article here where Tim Cook hits back at FBI handling of the case:

http://www.bbc.com/news/technology-35656553

drcortex1124

FBI fails to make its encryption case to Congress:

In a Congressional hearing today that included both Apple’s chief attorney and government officials, FBI head James Comey didn’t win many people over to his side.

The meeting allowed both sides to make their arguments for and against Apple creating a less secure version of the iPhone’s operating system that would allow officials to get by the password lock on a dead terrorist’s phone. And things seemed to go squarely in the company’s favor, although it was not without its caveats.

This hearing was the latest development in a series of legal battles that have had Apple squaring off with law enforcement to protect their devices’ encryption schemes. While the FBI has claimed that it would only use the modified operating system on this one phone in this one case, Apple has said that even creating the software would compromise the security of hundreds of millions of devices. And an apparent win for Apple in front of Congress and another ruling in its favor on another case suggests that privacy is winning out over security.

Comey claimed that it was counterproductive for companies to create security that they themselves couldn’t crack and compared such measures to “vicious guard dogs.” He also claimed that device makers were creating “warrant-free spaces” that could stifle law enforcement investigations.

“The logic of encryption will bring us to a place in the not-too-distant future where all of our conversations and all our papers and effects are entirely private,” he said, as if that were a bad thing.

Once he got over some technical difficulties at the start, Apple’s general counsel Bruce Sewell accused investigators of trying to bypass the debate over encryption and public safety. Apple has repeatedly said that it wants the legislature, not the judiciary, to have the final say in this matter.

Congressman James Sensenbrenner, whose criticism of the NSA’s surveillance actions make him no stranger to the privacy debate, told Sewell that he’s “not going to like what comes out of Congress” if it reaches that point.

But Comey’s testimony — and Congress’ questioning of it — provided the most insight into the case. Representatives picked apart the FBI director’s claims one at a time, getting Comey to admit that changing the iPhone’s iCloud password was part of the reason the government had to make increasing demands on Apple, as well as the possible legal ramifications that could have officials in China or Russia also asking Apple to provide backdoor access to their devices.

Source : Cult of Mac.

Sin City

Looks like the battle is over as FBI unlocks Iphone using a third party (Iseraily intelligence)


http://www.independent.ie/world-news/fbi-unlocks-gunmans-iphone-through-third-party-after-apple-battle-34579939.html

Khannie

It's just postponed, really. They were taking a drubbing in public and were surprised at it so backed away as quietly as they could have.

timmywex

My worry now is the FBI will come out with some new wonderful information they found on the iPhone (that wasn't in backups, ISP logs, collected by NSA etc) and use it as a way of bashing encryption and getting US public support

_Tombstone_

timmywex wrote: »

My worry now is the FBI will come out with some new wonderful information they found on the iPhone (that wasn't in backups, ISP logs, collected by NSA etc) and use it as a way of bashing encryption and getting US public support

They'll just keep coming regardless.

I seen some halfwit on the news the other night saying their was big talk going on now to bring Europe into line with US style Data/Phone/everything else surveilance cuz of France attacks (done with burner phones) and Brussels - done by government probably...well ISIS is US created to keep the War Machine ticking over so yea, government either way.

The West just keeps on going on it's way to police state.

_Tombstone_

Speak of the devil...

US says it would use “court system” again to defeat encryption

Mass surveillance silences minority opinions, according to study


Get in your line...

_Tombstone_

The Apple-FBI Battle Is Over, But the Crypto Wars Have Just Begun