Apple refusing to unlock phone for FBI

Sunnyisland

MARIE ANDRUSEWICZ
A U.S. magistrate has ordered Apple to assist the government in unlocking the iPhone of San Bernardino shooter Syed Rizwan Farook. The FBI is seeking information that may be on Farook's employer-issued phone as it investigates the Dec. 2 shootings that left 14 people dead.

At the time of the attack, Farook and his wife, Tashfeen Malik, destroyed two personally owned cellphones and removed a hard drive from their computer.

In what Apple described as a "customer letter" posted on its website late Tuesday, CEO Tim Cook said Apple will contest the judge's order.

"Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.
"We are challenging the FBI's demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.
"While we believe the FBI's intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect."
NPR's Laura Sydell reports:

"Apple says helping the FBI will be like providing a universal key that will permit law enforcement to break into anyone's iPhone. Apple and other tech companies say it would also create a vulnerability that hackers from China, Iran or elsewhere can exploit."
Last week, FBI Director James Comey told members of Congress that investigators had been unable to access Farook's phone.

"It is a big problem for law enforcement armed with a search warrant when you find a device that can't be opened even when a judge says there's probable cause to open it," Comey said.

In a prior case, Apple told a federal judge that it was "impossible" for the company to unlock devices running an operating system of iOS 8 or higher. In arguing this latest case, prosecutors said Apple could still disable security barriers in the phone's coding. Farook's phone runs iOS 9 and, if the security feature is enabled, will erase data after 10 unsuccessful password attempts.

Forensics expert Jonathan Zdziarski said Apple might have to write custom code to comply with the court order. He also said that even without Apple's cooperation, federal investigators should be able to hack the phone with the assistance of the NSA and the CIA.

Source

To long to read
FBI want access to the dead suspects phones who shot dead 14 people, A judge has agreed with the FBI but Apple has refused and is appealing the decision,saying it will compromise its future independent security. What you think AH ?

It seems a nobrainer the FBI should be allowed access, but but what will they do with people's phones in the future and will it compromise the publics private and personal phone messages and phone calls.

Mitch Connor

Google and Apple created an encryption standard they themselves can;t (currently) break.

What the FBI is asking is for Apple to create a tool that will break this encryption and leave EVERY iPhone open to be broken and read in this way.

Apple are right - the creation of such a tool would be very dangerous. Once it is made, who knows where it could end up. What the FBI are effectively asking for is a tool to unlock every iPhone in the world. That, to me, is dangerous.

Sync

They can access this phone if they want, but they are actually asking Apple to create a backdoor to iOS. That can potentially be used against any phone they feel like at any time.

Red King

Imagine the howling indignation from the yanks if an American company abroad was asked to do the same - like in Russia or whatever boogeyman state they decided to target.

America of today is a disturbing place - where Apple protect your rights from the FBI

pickarooney

What do they want to access it for anyway? It seems like an open and shut case.

Dohnjoe

The FBI have reiterated they just want to break this particular phone. They want Apple to provide them with a solution as to how to get past or brute force the 10 digit passcode (they believe your man's code was only 4 digits) - however it locks permanently at 10 tries and deletes the data

If Apple can find a temporary or one-off solution, then it should be fine

Little CuChulainn

Mitch Connor wrote: »

Google and Apple created an encryption standard they themselves can;t (currently) break.

What the FBI is asking is for Apple to create a tool that will break this encryption and leave EVERY iPhone open to be broken and read in this way.

Apple are right - the creation of such a tool would be very dangerous. Once it is made, who knows where it could end up. What the FBI are effectively asking for is a tool to unlock every iPhone in the world. That, to me, is dangerous.

It'll be eventually created by someone anyway.

pickarooney

Can Apple flash an iOS 7 ROM on it?

The_Valeyard

Dohnjoe wrote: »

The FBI have reiterated they just want to break this particular phone. They want Apple to provide them with a solution as to how to get past or brute force the 10 digit passcode (they believe your man's code was only 4 digits) - however it locks permanently at 10 tries and deletes the data

If Apple can find a temporary or one-off solution, then it should be fine

A one off solution? Once a solution has been created the spymasters could easy modify that code to be used on other devices.

freedominacup

I had no interest in ever buying an iPhone until now. Seriously consider it next time I'm buying.

Dohnjoe

Dohnjoe wrote: »

The FBI have reiterated they just want to break this particular phone. They want Apple to provide them with a solution as to how to get past or brute force the 10 digit passcode (they believe your man's code was only 4 digits) - however it locks permanently at 10 tries and deletes the data

If Apple can find a temporary or one-off solution, then it should be fine

Not really the case though. They are essentially asking for a key that can open every door in the world.

Gatling

Apple could have done this on the quite and nobody would be none the wiser .

But this just happens to along when iPhone sales are slowing .
Also adds it you want privacy to carry out criminal acts apple will protect you .

"Iphone the choice for the new criminal generation"

Skylinehead

Dohnjoe wrote: »

The FBI have reiterated they just want to break this particular phone. They want Apple to provide them with a solution as to how to get past or brute force the 10 digit passcode (they believe your man's code was only 4 digits) - however it locks permanently at 10 tries and deletes the data

If Apple can find a temporary or one-off solution, then it should be fine

There's no such thing as "temporary" here. If the OS is broken, it's broken.

alias no.9

pickarooney wrote: »

What do they want to access it for anyway? It seems like an open and shut case.

There could have been accomplices perhaps?

Sunnyisland

Red King wrote: »

Imagine the howling indignation from the yanks if an American company abroad was asked to do the same - like in Russia or whatever boogeyman state they decided to target.

America of today is a disturbing place - where Apple protect your rights from the FBI[/



Ok if the Garda said they wanted to do the same with a phone they found last week re the attack on the hotel in Dublin, would people object to that ?

alias no.9

Gatling wrote: »

"Iphone the choice for the new criminal generation"

The new Blackberry!

mass_debater

All they need is a fingerprint

esforum

when Apple brought in this encryption this exact issue was raised and Apple repeatedly said that if law enforcement required access it could be provided, time and time again the issue was rebuffed by Apple

law enforcement can access any phone anytime? Yeah, with a warrant and Apples assistance they will be and so they should.

Apple are refusing not for anyones rights, when have they ever stood up for your rights? They are refusing because it hurts sales and no company should be able to refuse the courts demands. Do aple consider themselves to be the real version of Umbrella?

Bruthal

realies wrote: »

Ok if the Garda said they wanted to do the same with a phone they found last week re the attack on the hotel in Dublin, would people object to that ?

The gardai are likely to want access to THE phone in question, not a software patch to unlock EVERY phone.

Apple could unlock the actual phone the FBI want the information off, but they (FBI) want a way to access any phone from apple.

Alcoheda

They're not asking them to backdoor IOS, they're asking them to create a vulnerable version of iOS and crucially, to sign it with Apple's private key.

This will enable Apple to push the vulnerable operating system to a selected handset as an update.

The_Valeyard wrote: »

A one off solution? Once a solution has been created the spymasters could easy modify that code to be used on other devices.

According to the request, Apple will not give authorities access to the vulnerable iOS but rather push this to the requested handset on behalf of the authorities.

It seems like a reasonable arrangement but Apple's real fear here is that once they capitulate on one case, they'll soon be doing this for tens of thousands of cases.

This is a legitimate fear which will not only damage Apple's brand but will also potentially create a vast technical and financial burden on apple.

Sunnyisland

alias no.9 wrote: »

The new Blackberry!

BB pgp encryption is what they all use throughout the world .

jimgoose

Apple have a point. The Lawful Intercept is one thing, but once device manufacturers are cajoled by whatever means into cracking punters' equipment you're in very tricky tundra indeed.

ec18

Alcoheda wrote: »

.

This is a legitimate fear which will not only damage Apple's brand but will also potentially create a vast technical and financial burden on apple.

As well as any other phone manufacturer, this will set a precedent in the industry that may have a knock on effect for other brands.

In a way it's sort of lucky that it was an iPhone as apple have the resources and brand to be able to contest this.

seamus

Deleted User wrote: »

Not really the case though. They are essentially asking for a key that can open every door in the world.

The_Valeyard wrote: »

A one off solution? Once a solution has been created the spymasters could easy modify that code to be used on other devices.

Sync wrote: »

They can access this phone if they want, but they are actually asking Apple to create a backdoor to iOS. That can potentially be used against any phone they feel like at any time.

Let's just clarify here, Apple cannot break the encryption on the phone, that's not feasibly possible.

What the FBI has asked Apple to do is develop a custom version of iOS that doesn't contain specific security features.
Specifically there is one feature where you have to wait if you enter the passcode wrong a few times, and then eventually after ten tries it wipes the phone.
iOS also accepts inputs from the touchscreen, i.e. manual inputs. There is no way to plug in a cable and interact with the screen interface electronically. This means that trying to guess a passcode requires someone to tap the screen.

The FBI have asked Apple to produce a version of iOS that not only will allow someone to attempt to input the passcode an unlimited number of times, but will also accept inputs from a computer through the USB cable. In other words, they can then write a computer program which tries every single possible passcode until it finds the right one. And it would succeed extremely quickly, probably in a matter of hours for a 10-digit passcode, but a matter of minutes for the standard 4-digit PIN.

Even if Apple won't produce this, they will get it from somewhere. Asking Apple to do it is the easiest route.

The example I've been using in terms of doors and locks is that Apple aren't able to pick the lock on the door, but they can replace the lock with one that's easier to pick, without having to open the door first.

Once it's been done once, it will be used again. And not only will the software be used again, but the power to demand decryption. It's not really about this specific case, it's about setting a precedent.

The US is very quickly becoming the police state that they derided the communists for, but at least people and companies seem to be recognising this and fighting back.

Gatling

What their actually looking for is a software set up that will prevent the phone wiping everything if the wrong pass code is used 10 times ,
That's all .

MillField

When I first heard about this story I thought Apple were wrong not to assist in this case, but after reading the full statement it is clear that there is a bigger agenda here with the FBI. I totally agree that encryption is hugely important, especially these days when we carry so much of our personal information on our devices.

TheChizler

Dohnjoe wrote: »

The FBI have reiterated they just want to break this particular phone. They want Apple to provide them with a solution as to how to get past or brute force the 10 digit passcode (they believe your man's code was only 4 digits) - however it locks permanently at 10 tries and deletes the data

If Apple can find a temporary or one-off solution, then it should be fine

As far as I know there's nothing stopping the FBI from de-soldering the flash chip, doing a raw copy of the encrypted contents as a backup (unless the flash prevents any access without a key? But I don't think that's the case), copying the backup to a new chip and connecting it to the phone with some pogo-connector arrangement to prevent damage due to multiple desoldering/reflows, and trying until the phone wipes the chip, and repeating the process until they get it. Sure it would take some time, but with a 4-digit key not too impossible. Unless there's some non-volatile register in the CPU that makes a note if the flash has been wiped.

mass_debater

Apple unlocked at least 70 iPhones before refusal
http://www.nydailynews.com/news/national/apple-unlocked-70-iphones-refusal-article-1.2536178

Dohnjoe

The_Valeyard wrote: »

A one off solution? Once a solution has been created the spymasters could easy modify that code to be used on other devices.

Which is why I said one-off solution

FBI gives the phone to Apple, they modify the program, they crack it, they don't reveal how, they give information to the FBI

What's the alternative?

Perhaps the FBI should not try to crack the phone and just use "old fashioned" investigation methods in a world which has moved on where terrorists can use encryption to plan and carry out large attacks

Hence the dilemma here

jayobray

Penelope Garcia from Criminal Minds would have that cracked in seconds.....

m5ex9oqjawdg2i

realies wrote: »

Red King wrote: »

Imagine the howling indignation from the yanks if an American company abroad was asked to do the same - like in Russia or whatever boogeyman state they decided to target.

America of today is a disturbing place - where Apple protect your rights from the FBI[/



Ok if the Garda said they wanted to do the same with a phone they found last week re the attack on the hotel in Dublin, would people object to that ?

If the Gardai then had access to every phone in the country? I would say people would be strongly against such a move. If they had access to one phone and only one phone? Then I doubt anybody would give a damn.

Dohnjoe

seamus wrote: »

The US is very quickly becoming the police state that they derided the communists for, but at least people and companies seem to be recognising this and fighting back.

When the Stasi were using a huge invasive system to track individuals - they weren't doing it for public safety and security, they were doing it for political reasons

Faced with modern attacks like 911, etc with terrorists using modern systems - the response by most developed nations has been the same, try to use modern methods to monitor communications (limited) with goal of preventing/prosecuting such attacks

The public response and sentiment has been predictable - "they are watching us", "it's 1984", "it's communism all over again"

Apple, which relies on these customers, is simply pandering to these misconceptions (which aren't going to change any time soon). They are using this as a PR exercise.. and why not

Police state? perhaps the FBI, CIA and DoHS should abandon all instrusive surveillance techniques ("spying") and wash their hands of any responsibility .. BUT should a large attack happen, the public mood will characteristically and whimsically change with the public demanding why those agencies didn't conduct enough surveillance to prevent such an attack - which is precisely what happened after 911

The usual catch-22 of privacy vs security

robinph

Dohnjoe wrote: »

Which is why I said one-off solution

FBI gives the phone to Apple, they modify the program, they crack it, they don't reveal how, they give information to the FBI

... FBI finds another phone they would like a look at, they go back to Apple and say "sure didn't you do it on that other phone, what's one more between freinds, these guys were baddies as well", Apple creates another one off hack for this phone.

...FBI finds another phone they would like a look at, they go back to Apple and say "why not give us the code to do this ourselves, we understand this is taking up a lot of your time and your time would be better spent in coming up with ways to convince people to buy the iphone 9scxi or something".

...FBI go to Google/ Facebook/ Samsung/ whoever and say can we have a look at this persons account, they are baddies as well and look how helpfull Apple have been. What's Samsung, you don't want to give us the hack, oops I think we may just have to block you from selling your tat in the US.

Dohnjoe

robinph wrote: »

... FBI finds another phone they would like a look at, they go back to Apple and say "sure didn't you do it on that other phone, what's one more between freinds, these guys were baddies as well", Apple creates another one off hack for this phone.

...FBI finds another phone they would like a look at, they go back to Apple and say "why not give us the code to do this ourselves, we understand this is taking up a lot of your time and your time would be better spent in coming up with ways to convince people to buy the iphone 9scxi or something".

...FBI go to Google/ Facebook/ Samsung/ whoever and say can we have a look at this persons account, they are baddies as well and look how helpfull Apple have been. What's Samsung, you don't want to give us the hack, oops I think we may just have to block you from selling your tat in the US.

Exactly..

The FBI does this as a once off each time = highly inefficient

Apple provides FBI with a backdoor so they can access this info = public outcry

What's the solution?

esforum

robinph wrote: »

... FBI finds another phone they would like a look at, they go back to Apple and say "sure didn't you do it on that other phone, what's one more between freinds, these guys were baddies as well", Apple creates another one off hack for this phone.

...FBI finds another phone they would like a look at, they go back to Apple and say "why not give us the code to do this ourselves, we understand this is taking up a lot of your time and your time would be better spent in coming up with ways to convince people to buy the iphone 9scxi or something".

...FBI go to Google/ Facebook/ Samsung/ whoever and say can we have a look at this persons account, they are baddies as well and look how helpfull Apple have been. What's Samsung, you don't want to give us the hack, oops I think we may just have to block you from selling your tat in the US.

warrants exist for a reason. Everyone sees to nicely skip that part, the FBI obtained a warrant from a Judge for THIS phone.

How is an Iphone more important than an office, bank account, house or computer?

Law enforcement have been using warrants to access suspects personal systems for decades without the 1984 inspired police state happening.

steddyeddy

I'm currently in a government lab here in the states and I would find it extremely hard to believe they haven't got someone who can do it already.

jack presley

steddyeddy wrote: »

I'm currently in a government lab here in the states and I would find it extremely hard to believe they haven't got someone who can do it already.

Yer man from McAfee said he'd do it. Said they'd have it done on 3 weeks or he'd eat his shoe on live tv.

robinph

Dohnjoe wrote: »

Exactly..

The FBI does this as a once off each time = highly inefficient

Apple provides FBI with a backdoor so they can access this info = public outcry

What's the solution?

The FBI figure it out for themselves.

colossus-x

Dohnjoe wrote: »

Apple, which relies on these customers, is simply pandering to these misconceptions (which aren't going to change any time soon). They are using this as a PR exercise.. and why not

It is the FBI who are using this case as a PR exercise. "By not providing back doors your helping terrorists".

steddyeddy wrote: »

I'm currently in a government lab here in the states and I would find it extremely hard to believe they haven't got someone who can do it already.

If Apple can do it then anyone can potentially do it thus the encryption is insecure.

valoren

Just bring it to the phone shop on Amiens St. They'll unlock it for €10.

Dohnjoe

colossus-x wrote: »

It is the FBI who are using this case as a PR exercise. "By not providing back doors your helping terrorists".

Indeed, it also seems that some want to use this to criticize the FBI, even though they are in a **** position

Its either unlock the phones on a case by case basis - which has it's own problems

Or provide a back-door, which leads to the usual - "police state!!"

Damned if they do their job, damned if they don't

Sunnyisland

presidential candidate Donald Trump has called for a boycott of Apple until the tech giant helps unlock the iPhone of one of the San Bernardino killers.
Apple has clashed with the Justice Department (DoJ) over a court order forcing the company to help break the encryption on one of its phones.
On Friday the DoJ called Apple's refusal a "marketing strategy".
Apple said it will not help break into the the phone, citing wider privacy concerns for its users.
The phone belonged to one of the two people who opened fire at an office event in San Bernardino, California, last December, killing 14
Speaking at a campaign rally, Mr Trump said: "Boycott Apple until such time as they give that information."

http://www.bbc.com/news/35618018

I don't understand iOS computer phones myself so I can't really comment but I do find the story very interesting.

mass_debater

Apple now says that someone at the FBI screwed up and changed the passcode
http://9to5mac.com/2016/02/19/apple-doj-response-fbi-backdoor/

Also read elsewhere that when Apple do have access to backups if the phone is backed up online, it's this that was given before in other cases but this phone has no backup, backup was disabled which is what makes this case different

Eugene Norman

colossus-x wrote: »

It is the FBI who are using this case as a PR exercise. "By not providing back doors your helping terrorists".



If Apple can do it then anyone can potentially do it thus the encryption is insecure.

Apple can't do it. It's been wiped. Even without the wipe the probably couldn't do it. That's the nature of proper encryption.

Eugene Norman

Dohnjoe wrote: »

Indeed, it also seems that some want to use this to criticize the FBI, even though they are in a **** position

Its either unlock the phones on a case by case basis - which has it's own problems

Or provide a back-door, which leads to the usual - "police state!!"

Damned if they do their job, damned if they don't

If there's a back door then your data isn't safe from anybody because that backdoor can be used by anybody.

With the Touch ID the data is encrypted. A back door would make all data unsafe. There would be no point to the encryption.

HTTPS probably thwarts some government investigations - do we want rid of that?

Eugene Norman

TheChizler wrote: »

As far as I know there's nothing stopping the FBI from de-soldering the flash chip, doing a raw copy of the encrypted contents as a backup (unless the flash prevents any access without a key? But I don't think that's the case), copying the backup to a new chip and connecting it to the phone with some pogo-connector arrangement to prevent damage due to multiple desoldering/reflows, and trying until the phone wipes the chip, and repeating the process until they get it. Sure it would take some time, but with a 4-digit key not too impossible. Unless there's some non-volatile register in the CPU that makes a note if the flash has been wiped.

It's touchID isn't it? And I have a 10 letter passcode on my iPhone. As well as touchID. Not sure of the era of this phone.

BlibBlab

Seems like the kind of stuff Chinese companies are usually derided for in the media.

esforum wrote: »

warrants exist for a reason. Everyone sees to nicely skip that part, the FBI obtained a warrant from a Judge for THIS phone.

How is an Iphone more important than an office, bank account, house or computer?

Law enforcement have been using warrants to access suspects personal systems for decades without the 1984 inspired police state happening.

Surely it's the FBI's fault if they can't open the phone? If someone had a safe they found in the house and they couldn't open it do they tell companies to make it easier to break safes?

Ghost Train

TheChizler wrote: »

As far as I know there's nothing stopping the FBI from de-soldering the flash chip, doing a raw copy of the encrypted contents as a backup (unless the flash prevents any access without a key? But I don't think that's the case), copying the backup to a new chip and connecting it to the phone with some pogo-connector arrangement to prevent damage due to multiple desoldering/reflows, and trying until the phone wipes the chip, and repeating the process until they get it. Sure it would take some time, but with a 4-digit key not too impossible. Unless there's some non-volatile register in the CPU that makes a note if the flash has been wiped.

My understanding is the data is always encrypted with a very strong key. The 4 digit password protects the key. If you enter the wrong code a few times the key is wiped rendering the data useless

What FBI would want is a way to brute force the code without any danger of decryption key getting wiped

I think one of apples main selling points is the security so they don't want there to be backdoors or responsibility on their part to be able to decrypt

TheChizler

Ghost Train wrote: »

My understanding is the data is always encrypted with a very strong key. The 4 digit password protects the key. If you enter the wrong code a few times the key is wiped rendering the data useless

What FBI would want is a way to brute force the code without any danger of decryption key getting wiped

I think one of apples main selling points is the security so they don't want there to be backdoors or responsibility on their part to be able to decrypt

Ah ok I was wondering was that the case, a lot more difficult so.

ED E

Its different because its an older phone.

With the 5S onwards the secure enclave was introduced which is in lay mans terms a little like a one way valve for data, it can only ever go in. If you send in the right data you get a little green light on top, wrong data a little red light. But the data thats in there can never be seen.

On the 5C though its just a software restriction. The FBI could write their own replacement for iOS but that would take several years and millions to do, or they could try what they are and compel Apple to produce an "update" that allows them to brute the older stock. But once they have their hands on it the hats out of the box.


Good man Tim, and Sindar.

mass_debater

San Bernardino County Calls the FBI Liars Over Terrorist's iCloud Account, now claiming that they reset the password under the direction of the FBI.

http://gizmodo.com/san-bernardino-county-calls-the-fbi-liars-over-terroris-1760317923