Posted on 02/27/2016 1:32:08 PM PST by Swordmaker
True, but the auto system on FR will not let us post anything published on Wired.
To do that requires writing an entirely new version of the operating system of the iPhone and then installing it on the SUBJECT DEVICE, as the court order calls it. Apple is also ordered to GIVE that new tool, the hacked OS and the means to put it on an iPhone to the FBI. That software would be a universal unlock key to every iPhone everywhere. That would destroy the invulnerability of the entire iOS ecosystem that Apple has been building for five years.
Any such ability to unlock the passcode trials compromises the security of over 800,000,000 iOS users around the world, people who have bought the system with the assurance that it is safe and secure. The US Government is demanding that Apple itself hack its own OS and then give them the hack. There is ZERO chance that hack will remain safe and not be released out into the wild where hackers and crooks will get their hands on it.
Several years ago, RIM was asked to write a hack that would get the authorities into a Blackberry phone that a child molester was suspected of having kiddie porn in. They agreed only after being assured that the hack they supplied would be destroyed after being used. The police used it, found thousands of vile pictures, and got a conviction. During the trial, in which the pictures played a prominent role, the judge ordered the defense was entitled to examine the code of the hack, so ordered it turned over to them under seal. Then AFTER the trial, the media sued to get a copy in the public interest! The idiot judge ruled the public's right to know trumped any agreement the police may have made about destroying the code, and ordered it released! But that didn't really matter anyway. That didn't matter anyway. The defense's IT expert who examined the code, kept a copy, and gave it to some friends, who gave it to other friends, and so on. So did the defense lawyers.
"Interesting game. The only winning move is not to play." Joshua, WOPR, War Games
The only way to keep it out of the hands of crooks and hackers is to never make it in the first place.
The current FBI Director, James Comey, appears to me an honorable man in a sea of vipers. I’m willing to take his word that this is necessary to national security. Thus I am in general disagreement with you, despite your technical acumen.
I neither can fly an airliner well enough to ferry me across the country. Thus I rely on sufficiently trained personnel to carry out that task.
IMHO, this is similar.
Actually, it most likely does NOT contain any terrorist info.
Why do I say that? Simple. It was a work phone. The FBI has already gotten all phone call, email, message, and other meta data from Verizon. They know that all the phone calls made on the iPhone were work related except for a few during work to and from his monster wife's known personal phone. Same with messages and emails. The found the same for the iCloud data they were able to retrieve from 45 days before. All innocuous. These two monsters were well organized and compartmentalized and had BURNER Android phones for which the FBI does not even know the phone numbers, much less the call data. Those were the phones they used for terrorist business. Those phones, along with their computers, with their removed hard drives, were SMASHED to smithereens and tossed in a lake in the hours after the attack before the two were surrounded and shot down. THIS phone was not. Why not?
Two or three possibilities.
In any case, I really doubt there's anything of a probative nature on that phone.
Yes, I was wrong about the OS. I meant to say that the hardware is older, iPhone 5c.
I do not agree that all iPhones would be at risk because I suspect that phones with older hardware may be more vulnerable. It looks to me that Apple can develop software for the older hardware in the 5c. Therefore it would not work on newer models.
Expect Court Orders until the FBI experts develop their own independent capability to access information without Apple intervention or help.
Given that we did not have this problem before mobile phone technology became popular, it may be very dangerous (in a business sense) for Apple to ignore the legitimate needs of authorities to access the information.
I do not think that the people of this country would appreciate knowing that criminals and terrorists would be the primary beneficiaries of Apple's privacy policies.
For the sake of argument, let's agree on that. Here's his full statement: https://www.lawfareblog.com/we-could-not-look-survivors-eye-if-we-did-not-follow-lead He says "Maybe the phone holds the clue to finding more terrorists. Maybe it doesn’t. But we can't look the survivors in the eye, or ourselves in the mirror, if we don't follow this lead. "
That argument doesn't pass muster with the 5th amendment. Yes the terrorist is undoubtedly guilty but courts rule consistently that "obviously" guilty perps cannot be forced to give up their passcode if the government is merely fishing. Dead perps have the same protection. The FBI is fishing, and he says so.
Here's the part where his argument makes some sense: "That tension should not be resolved by corporations that sell stuff for a living. It also should not be resolved by the FBI, which investigates for a living. It should be resolved by the American people deciding how we want to govern ourselves in a world we have never seen before"
In a somewhat narrow sense we haven't seen this world before because the terrorists never had a phone with FIPS 140-2 protection (the government's own standard). The stick I pictured above could have been bought and used by any terrorist but not on a phone. It could have been used and configured to hold the entire OS and personal information on a small laptop which could be used to send messages, make VoIP calls, etc. That would be clunky but the FBI would have no technical recourse, Having the same capability in the iPhone is new and easy and transparent, the perp need not do anything.
What Comey is asking for, in a roundabout way, is new legislation to remedy this problem of dead terrorist's iPhones. To that he would add uncooperative terror suspect's iPhones, iPhones "found" at terrorist hideouts, etc. It is a reasonable request from a LE perspective. From a tech perspective it is a pipe dream. From a policy perspective in the middle it is possible that a stopgap law may require designs that allow the LE access while keeping everyone else out. But it is much more likely that such a law would be a Clipper chip law and last a few years and then be OBE.
See my previous post on that topic. There should be a public discussion of this issue that brings up the FBI's points but also brings up my points. We have had this discussion before in the 90's. I was on the receiving end, and had to create software designs encompassing the Clipper chip. My main issue was complexity which did not bode well for security. The actual problem with the Clipper chip was that it motivated the rest of the world to create alternatives. That was hugely damaging for the US technical edge in practical symmetric encryption and PKI (we invented all of it). If we want to help the FBI we have to at least understand how not to create policies based on that experience.
I am in 100% agreement.
Communication data on encrypted devices is available through ISP's and NSA. Anything else would be considered our "papers and effects" by the Founding Fathers; photos, documents, notes, even the actual text of text messages. Our papers are our papers. It does not matter if they are in a desk, a glove compartment or on an encrypted device.
If LEO wants access to our papers on a device, they can seize the phone after obtaining a warrant. If the owner refuses to unlock the device, it is an issue between him and a Judge to be resolved in Court.
The FBI is asking for a step which does create a back door. Any means of unlocking an encrypted device through a back door clears the path to the next step. The ultimate goal is for any device to be warranted and searched without the knowledge of the owner. Why are back doors used? To avoid detection. Think 'Sneak & Peek.'
I reject the idea our papers and effects should be required by law (or the Courts) to be secured in such a way that authorities will always have access. To believe so is to believe the government has rights.
The government does not have rights. There are conditions under which the the government can operate, but the burden is and has always been on the government to meet those conditions. If the FBI prevails, we are well on our way to granting the government the 'right to know' which will outweigh our privacy rights. That is not freedom. It is not the system I want to leave for my grandchildren.
Lastly, if San Bernadino County had practiced its due diligence & the FBI had not requested a password change of password before consulting Apple, we would not be having this discussion. The information on that particular iPhone cannot be retrieved because of what San Bernadino County did not do and because of what the FBI did. They screwed up, not Apple.
Thanks swordmaker.
However, I believe it’s been noted that the Employer/owner of the phone had never activated the MDM software to protect the phone .. so how the heck would they have any clue what was on the phone ..??
I’m not saying there is important stuff; and I do tend to agree the terrorists would have burner phones for their terrorist activities. So that would make the iPhone unusable to them when they made the attack; or tried to make an escape.
So, where did the FBI get the iPhone .. was it in the apt?
It was found in the Black Lexus SUV after the shoot-out where the two terrorists were killed. It was the only cellular phone they had that was not destroyed by them and thrown into a lake.
As to how they know what may be on it, they have the records from the carrier, Verizon, of the phone calls, messages, and emails, both in and out, which basically show only work related calls, messages, and email. The only ones that weren't were a few during working hours from his ugly, monster wife from her known regular non-burner cell phone. Other than that, there are no unknown numbers, message destinations, or emails.
They could have used it, even erased, for it's GPS capabilities during the attack or escape. . . or to find their way to another potential attack site.
They would not be the primary beneficiaries of the privacy policies. That's an absurdity. There are 800,000,000 million users of the iOer S ecosystem throughout the world. The estimated number of ISIS is under 300,000, and most of those are foot soldiers. The vast majority of users of iPhone security are average citizens who rely on it to keep their own credit/debit cards, and identity information secure from crooks. Making the assumption its not is ridiculous. That's like saying that secure bank account information is due to protecting drug dealers, terrorists, and other shady characters and not the general public from those types trying to steal THEIR money.
To say that police would never use a lock smith is absurd.
Just Googling...
http://forum.freeadvice.com/arrests-searches-warrants-procedure-26/police-picked-my-lock-563130.html
http://www.lawqa.com/qa/can-cops-pick-your-locks-and-search-you-are-not-home-even-if-on-probation
http://www.insideselfstorage.com/articles/2003/07/what-to-do-when-police-arrive.aspx
etc etc.
I bet that there are “vulnerabilities” in the current releases, that only Apple already knows about, and I bet that Apple could break into the >perp’s phone, only< and provide access without “including it in the product software releases.” After all, they designed the OS, apps, and hardware! They are the experts.
On the other hand, I am against Apple giving the ability to crack a phone to the FBI because then the feds would be bypassing due process. The FBI or other agencies would be able to bypass a judge and search warrant.
Maybe there is an intermediate entity, like locksmiths, whose job it is to crack and hack. Like locksmiths, they would be certified. After all, a locksmith could break into anyone’s home or business and I don't believe that happens too often.
Also, the down side to all of this is that Apple, Apple employees, Apple affiliates would know how to crack a phone (if they don't already know) and this information would probably be leaked to bad people.
A side note: most of the information on a device (but not all) is probably already available via other means. Telephone call records and maybe even text messages are tracked by the provider, pictures and other personal information is uploaded to “the cloud” — weren't a bunch of actor's personal photos stolen from an unsecured “cloud device?” and emails are stored on the email server which is probably owned by the ISP or email provider like Yahoo, etc.
Suppose a woman is being harassed by a man and, as evidence, is required to provide harassing text messages to a judge (and they have deleted the messages from their phone)? It might take a bit of effort on the part of the provider, but old text messages might be located and copied.
Also, the question might be — are the stored messages encrypted? Maybe? But the provider probably has the key so it is probably moot.
Hey, there is probably a good paying job for someone who has internet/telecom/network encryption/decryption skills.
Bottom line: always assume that all of your communication is being monitored and probably viewable by someone — your internet traffic, your phone calls, text messages, your purchases (if you use a credit card), your face in and out of security areas, even your cable/satellite TV channel surfing is being recorded.
You also have to ask yourself: "Are the Big Brother cheerleaders actually conservative?"
That's not hard, either....
By examining the specific evidence in this case, they can get into an iPhone.
By going after Apple, they hope to get into every iPhone.
Either you're saying that in the same sarcastic sense as Marc Antony at Caesar's funeral, or you're utterly ignorant of the man's record as one of Obama's enforcers.
Also, the perp would have to assume that his employer could access — perhaps even remote-access — his phone, so it would be utterly idiotic to use it for any terrorism-related stuff.
They used to, but I don't think they would any more. About ten years ago, the police brought a locksmith to unlock a door at a house where they had a search warrant in Sacramento, CA. What they did not know was the fugitive was still inside. He shot through the door, killing the locksmith instantly. The family of the locksmith successfully sued the police for millions. No, I don't think the police will bring locksmith's any more. They will break down the door with police standing by with arms drawn. The warrant has to specify "no knock" though. Most warrants require being served on some adult at the premises if possible, unless the occupant is under arrest.
As for locks on storage bins, they will merely cut off the locks. Damage to other persons is considered collateral damage and those persons may file a damage claim, but it will go nowhere.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.