San Bernardino District Attorney strangely claims suspect’s iPhone contains a ‘cyber pathogen’

9 to 5 Mac ^ | March 5, 2016 | by Benjamin Mayo

[Swordmaker]

Viruses aren’t biological, they don’t just live dormant inside a phone. They have to be used, activated or deployed. Zdziarski says he thinks the District Attorney is trying to claim that the shooter was trying to compromise the local San Bernardino IT network with a virus of some kind, but the language used in the filing is just factually incorrect and likely misleading to the court. There is also seemingly no other evidence that would lead investigator’s to believe such a claim.

If a serious computer virus did exist on the device with the phone acting as a host of some kind, then the device would have to be jailbroken anyway. This is clearly not the case as otherwise the Apple/FBI iPhone unlock court fiasco would not be necessary.

The iPhone does not allow for PF_INET and SOCK_RAW, or other kinds of low level packets, to be used from within the app sandbox. It’s unlikely that Fagan knows this, however, and so his dramatic statements are actually damaging the FBI’s case, because the device would likely have to be jailbroken. Apple’s sandbox will simply not allow an application to abuse the network stack in such a way that would make a “cyber pathogen” feasible. The kind of dramatic network attack that the DA is trying to sell to Judge Pym would have to be big. Popular ports such as metasploit require a jailbroken device to work for this (and other) reasons, and any tool to inject something this serious would need the same.

If this filing is meant as a scaremongering tactic to sway court feeling towards the FBI argument, then it’s not a great one: any inspection by an expert reveals the blatant weaknesses in the argument. It could also be the honest opinion of someone who is simply not educated in technology, in which case it will also likely get disregarded once Apple’s lawyers get a chance to comment in court.

The Apple/FBI court fight begins on March 22nd, a day after Apple’s rumored media event where the company will unveil a new 4-inch iPhone, a 9.7 inch iPad Pro and an Apple Watch refresh. Tech companies including Google, Facebook, Snapchat, Microsoft and Dropbox have all submitted amicus briefs defending Apple’s position. Apple is keeping a complete list of filings that support Apple’s argument on its website.

[TexasGator]

“The iPhone does not allow for PF_INET and SOCK_RAW, or other kinds of low level packets, to be used from within the app sandbox.”

So a terrorist can only use code from the authorized sandbox?

[Swordmaker]

San Bernardino DA jumps the shark in his desperation to force Apple to open the terrorists' iPhone. District Attorney Michael Ramos is now claiming that it is imperative that Apple MUST open the SUBJECT DEVICE because he suspects it may hold a "cyber pathogen lying-dormant" that could be released to wreck havoc on San Bernardino's infrastructure and the only way to find out whether or not this evil software is hidden on the iPhone is for Apple to assist in opening it up to find it! Ramos' Amicus Curia filing went on to absurdly argue:

""Companies that introduce dangerous products, and it can be argued that the iPhone with its current encryption is dangerous to victims, are required to fix them. Companies that create environmental damage are required to clean it up,"

. . . trying to make the bizarre connection that the encrypted iOS ecosystem of locked iPhones and iPads which law enforcement and other agencies such as his cannot get into at will, is the equivalent of a dangerous to the public, toxic environmental spill. That is really absurd. — PING!

Pinging dayglored and Shadow Ace for the most absurd legal theory ever. . .

San Bernardino District Attorney:
Apple's iPhone secure ecosystem
is equivalent of Toxic Spill?
Ping!

The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.

If you want on or off the Mac Ping List, Freepmail me

[Vendome]

Idiot...

[rockrr]

“Don’t try to understand ‘em, just ride n rope n brand ‘em...”

[moose07]

cyber pathogen lying-dormant.....

Need to work that into an E-mail sometime. :)

[ctdonath2]

“That is really absurd.”

Beware the absurd becoming the standard.

In _Raich_, SCOTUS ruled the interstate commerce clause allowed the feds to prohibit state-legal intrastate activity which REDUCED demand for ILLEGAL interstate commerce.

[Swordmaker]

So a terrorist can only use code from the authorized sandbox?

I just can't picture them making it through the approval process to be included on the App Store. . . but if it did happen. . .

(warning, really bad sick humor follows)

It would have to be a new Apple App Store category: Terrorist and ISIS Apps.

I can see the new sandboxed iPhone and iPad apps now.

• iDie—Suicide Vest Control from an iPhone "dead man switch."
• iDie Pro—Suicide Vest Control from a voice operated "dead man switch" through Siri, with a delay that sends up to ten iMessages and emails claiming credit for the event before the vest explodes. Ability to allow the user to include pre-estimate of body count in the messages and emails of the servants to accompany him on his way to martyrdom in paradise. Auto-shouting of "Alahu Akbar" over iPhone/iPad speaker system. Live, up to the instant of explosion streaming video option to Facebook to show potential ISIS recruits the joys of martyrdom.
• uDie—IED control from a distance with selection of multiple IEDs.
• uDie Pro—IED control from a distance with selection of multiple IEDs plus streaming video to Facebook showing potential ISIS recruits the joys of killing unsuspecting school children on busses, patrons of restaurants, etc.
• WeDidIT App—All purpose App for recording and untraceably transmitting claims of responsibility for your acts of terrorism, bombings, shootings, sabotage, what have you. Do it instantly or on a delayed schedule which you can set with SIRI. Multiple messages and emails, FaceTime. Use a background of your choice. In App purchases of classic Islamic themes available. Instant translation to various languages. Interfaces with Apple iMovie for professional editing.
• iBehead—techniques of infidel head removal from a Ali Di Headih, executioner extraordinaire. Ali demonstrates proper knife use on subjects from six months to 95, both female and male, and decline to state. Techniques of avoiding getting spurting blood on black ISIS uniforms is demonstrated. In App purchase of more beheading videos for your pleasure. Includes blooper reel of hilarious beheadings gone wrong.

Of course, the authorized sandbox on the iPhone is called the Sahara. . .

On the other hand there IS an ISIS Android store. . .

[Swordmaker]

Ars Technica has a follow up article where the San Bernardino DA admits he made it up. . . but then he doubles-down and later claims the same thing to the press. Link only due to copyright considerations:

What is a “lying-dormant cyber pathogen?” San Bernardino DA says it’s made up
He now says there's no evidence of cyber doom, wants iPhone unlocked to be sure.
Ars Technica—by David Kravets (US) — Mar 5, 2016 2:30am PST

[Mike Darancette]

The Iphone has a cyber pathogen but I killed it with a hammer.

[Swordmaker]

In _Raich_, SCOTUS ruled the interstate commerce clause allowed the feds to prohibit state-legal intrastate activity which REDUCED demand for ILLEGAL interstate commerce.

You have to remember that Lawyers take classes in straining at gnats, getting camels through the eyes of needles, and they learn how to start discussing a herd of elephants and by the time they're finished the subject has been converted into a single mouse.

There are too many Liberal Attorneys sitting on benches reading invisible ink between the words and lines of very plainly written English words and sentences.

I've been running into a couple on FR who seem to be prime candidates for taking some of their places on those benches as word and sentence jugglers.

They can find entire pages of additional orders and clauses between the last word of a sentence and the period in the Court Order compelling Apple to open that iPhone. Things such as Apple gets to keep the iPhone forever and three days (that's an exaggeration of their claims), to Apple doesn't have to give the FBI the software, to Apple is permitted to destroy the software after opening the device, to one who claimed that Apple could destroy both the iPhone and the software afterward, to Apple can use any technique at all to open the phone they want without government approval. They will argue themselves blue in the face that the order includes what they see there, but will never produce the exact words they claim to have found.

They'll claim those words and orders are easy for any "smart person" to see or that they've already posted them and all anyone has to do is read what they've already posted, but they never rise to actually respond to a timely verbatim quote from the order itself.

[Swordmaker]

The Iphone has a cyber pathogen but I killed it with a hammer.

San Bernardino DA Office Souvenir Cyber Pathogen Killer

[bgill]

Insert two aspirins into the charger and call me in the morning.

[tubebender]

[Protect the Bill of Rights]

San Bernadino DA

Does DA stand for Dumb Ass?