Apple CEO Opposes Court Order To Help FBI Unlock iPhone

The statement made by Tim Cook where he said they provided all the data in there possession, which if you apply logic would include any stored passwords they had or had the ability to reset.
Well if that is in fact true then sure I side with Apple on this...

HOWEVER, as mentioned in the news article.
Judge Sheri Pym of U.S. District Court in Los Angeles said on Tuesday that Apple must provide "reasonable technical assistance" to investigators seeking to unlock data on an iPhone 5C that had been owned by Syed Rizwan Farook.
This is of a single person's phone, and if they in fact did what Cook said they did they have provided "reasonable technical assistance" and should not need to make any sort of statement. That to me does not say "The FBI is to get a 'rooted' OS that has backdoors", so it makes me wonder if they have in fact given up all the passwords to unlock the phone and Tim Cook is just using previous attempts by the feds to make Apple seem like a shining star.
 
They can do to Apple like they did to Bayer, Apply will comply really fast.
 
Wow, pull bullshit outa your ass much?


Then why is this in the papers?

Reminds me of that line from Pirates of the Caribbean;

Lavabit - Wikipedia, the free encyclopedia

Again, your naiveness and trust in the government to not somehow abuse this is amusing to say the least.

I also agree with the poster that said this is probably a test by the FBI maybe backed by the CIA/NSA. If Apple caves into the FBI then it's open range for the CIA/NSA to get this shit via FISA.

Yea yea paranoia blah blah blah but really, has the government been able to prove their trustworthiness lately? :rolleyes:
 
Now Apple might be forced to implement a backdoor. But some terrorists are not that stupid: and implement their own secure wallets / communication means. Not that difficult overall.
 
As for the iPhone's security, I have no idea if it can be hacked or not. Although I haven't seen that this new one has been hacked it doesn't mean that it hasn't and it sure doesn't mean it won't be. I just think it's unrealistic to presume that the future privacy of all our people rests on this case. And that it's blatantly unwise to support Apple's position that what they are trying to pull off is actually beneficial for us as citizens when the result will be a tremendous detriment to the court system and our ability to protect ourselves under the law.

From your comments, what I see is a lot of people that only consider the implication this case has for phone data security. But what I don't see is a comparable realization that this will reach to all stored data on all systems. Businesses will jump to this encryption system of leaving the keys with the customer, the customer can't be forced to give up the keys, so no one will ever be able to make anyone cough up proof again.

Cox was recently awarded a $25 million dollar loss because it was proven that they made it company policy to not support copyright protection legislation if it was going to cost them customers. Proof was in their email subpoenaed by court order. If that data were stored with a 3rd party provider and encrypted and the storage system manufacture says "sorry, we just can't retrieve this data, it's a privacy issue for our customers". Where would this case have gone?

My daughter is suing a doctor for medical malpractice, she was having a stroke right in front of his face in the emergency room and he sent her home because he decided it wasn't a stroke even though he had no idea what it was. He could have erred on the side of caution and sent her to Tucson where they have better facilities but instead he sent her home on Sat and told her to see her primary care on Monday when she was showing stroke symptoms. How will my kid prove that this doctor fucker her up if you can't force the Hospital to produce her records because they are stored encrypted with a 3rd Party cloud provider?

When the government is illegally wiretapping the Black Panthers again but the proof is stored in a cloud system operated by a defense contractor company ............

I worry, I worry that this has an impact far beyond unlocking one phone or data on iPhones, and I worry what that impact will be.
I disagree that the result will be detrimental; in fact I believe that ruling in the FBI's favor in this case would set the detrimental precedence. I would much rather have secure and private devices than fine Cox for internal copyright policy; while both are notionally good things (many people would disagree on the copyright point, but I'm ignoring them here), one of them is far more important to me. I understand that you can't get perfect law enforcement without governmental omniscience - I don't want that.

As for the hospital case - well, I believe that the appropriate approach there would be to require medical facilities to make their data available for malpractice investigations instead of making their storage providers cripple the systems.

There are entirely reasonable solutions to these problems that don't take nearly as widespread an approach.

EDIT: And as other people have noted, what do you do if the telecom uses an open-source encryption solution that eliminates the 3rd party?
 
This is a slippery slope.

First it starts with a pinky. Then before you know it you're already graduated to the full fist.
 
Well if that is in fact true then sure I side with Apple on this...

HOWEVER, as mentioned in the news article.

This is of a single person's phone, and if they in fact did what Cook said they did they have provided "reasonable technical assistance" and should not need to make any sort of statement. That to me does not say "The FBI is to get a 'rooted' OS that has backdoors", so it makes me wonder if they have in fact given up all the passwords to unlock the phone and Tim Cook is just using previous attempts by the feds to make Apple seem like a shining star.

It's a user generated password, it erases the device if you fail to log in properly 10 times.

Let's try an analogy and see if it makes sense.

If I am a terrorist who just shot up a community center, and I have booby trapped my house with a product from Company ABC.

If you incorrectly enter the pass-code 10 times the booby trap is sprung and everything in my house is destroyed.

You need physical access to the device, and time to run the algorithm based pass-code tool.

Would it be reasonable to expect Company ABC to provide a tool that could circumvent the 10 pass-code limitation?

In this scenario what are the risks posed to the everyday person?
 
It's a user generated password, it erases the device if you fail to log in properly 10 times.

Let's try an analogy and see if it makes sense.

If I am a terrorist who just shot up a community center, and I have booby trapped my house with a product from Company ABC.

If you incorrectly enter the pass-code 10 times the booby trap is sprung and everything in my house is destroyed.

You need physical access to the device, and time to run the algorithm based pass-code tool.

Would it be reasonable to expect Company ABC to provide a tool that could circumvent the 10 pass-code limitation?

In this scenario what are the risks posed to the everyday person?

The main problem is the precedence this would set as many have mentioned. Apple does it for this "one off" time. Then what, next time the FBI/CIA/NSA comes knocking saying, let's do it again for this other "one off" time. Pretty soon you just have them asking Apple to either hand off the tech, they steal it somehow, or hackers get it, vice versa. Now anyone can break into any iPhone for whatever purpose they desire, lawful or not.

And that's just Apple. Then comes them asking other tech companies to let them break into devices "one time" and because Apple did so, why can't they?
 
The main problem is the precedence this would set as many have mentioned. Apple does it for this "one off" time. Then what, next time the FBI/CIA/NSA comes knocking saying, let's do it again for this other "one off" time. Pretty soon you just have them asking Apple to either hand off the tech, they steal it somehow, or hackers get it, vice versa. Now anyone can break into any iPhone for whatever purpose they desire, lawful or not.

And that's just Apple. Then comes them asking other tech companies to let them break into devices "one time" and because Apple did so, why can't they?

Anyone can break into my house, how is this any different?

They need physical access to the system.

So someone has to steal my iPhone and have access to this tool.
 
It's a user generated password, it erases the device if you fail to log in properly 10 times.

Let's try an analogy and see if it makes sense.

If I am a terrorist who just shot up a community center, and I have booby trapped my house with a product from Company ABC.

If you incorrectly enter the pass-code 10 times the booby trap is sprung and everything in my house is destroyed.

You need physical access to the device, and time to run the algorithm based pass-code tool.

Would it be reasonable to expect Company ABC to provide a tool that could circumvent the 10 pass-code limitation?

In this scenario what are the risks posed to the everyday person?
See this is where I'm losing it, presumably Apple can retrieve/reset the password, and they don't need to to use a brute-force attack to deal with it, it's simply a matter of doing what Apple does and bam, reset. (translation they really do have backdoors, otherwise how can they retrieve the passwords of the widow who wants to use her dead husband's Apple gear).

With this said, Apple could just say "let me see the phone, ok here's the password" and not have to give them the password, not make some temporary backdoor iOS, nothing.
 
This is merely a formality on the US governments part. Its likely the NSA/CIA have all the info they need and then some. This is the FBI asking, which means they are possibly in the process of building a case against live person(s) and this phone will be used as evidence in the prosecution of these living individuals. The only way the phone's data to be permissible in court would be if it was obtained through legal means, hence the court order request. Apple refusing this warrant is more or less a global politics move. Google is getting the heat put on it in multiple markets for its data handling protocols, and so are a number of other tech companies. Apple refusing to give up the data is more or less them currying favor with global market shares, because they stood up to uncle sam and protect the rights of their customers unlike that terrible google/facebook which are pure evil corporate "US capitalist pigdogs!"

Me, I care for neither side in this fight and hope they both burn each other. Both sides have been known to, and will, trample the individual rights of the people they interact with. Both sides are using this to their advantage, regardless of outcome.

Edit: Would also like to state, in the customer letter, the demands of the FBI are pretty specific about what they want them to do... so it just seems to me like they are just fishing for a "legal" stamp from apple, saying "We are apple and we created this method of hacking the encryption of our phones."
 
Last edited:
The only way the phone's data to be permissible in court would be if it was obtained through legal means, hence the court order request.
You sure about that? I thought the search was only illegal if it was of the person who's being prosecuted, which obviously is not true in this case.
 
If Apple creates this for the US government, does Apple have to make it available to other country governments? China, Russia, North Korea, etc.?

The NSA records all cell phone transmissions, so the FBI should get all texts and calls from the carrier/NSA. There is no need to decrypt the phone.

Sounds more like the government looking for a faster/cheaper method to get access to phone data and using the old stand-by excuse, "fight against terrorism".
 
Last edited:
See this is where I'm losing it, presumably Apple can retrieve/reset the password, and they don't need to to use a brute-force attack to deal with it, it's simply a matter of doing what Apple does and bam, reset. (translation they really do have backdoors, otherwise how can they retrieve the passwords of the widow who wants to use her dead husband's Apple gear).

With this said, Apple could just say "let me see the phone, ok here's the password" and not have to give them the password, not make some temporary backdoor iOS, nothing.

Apple doesn't have the password. The OS was deliberately designed such that they couldn't do exactly what you're saying.
 
hqdefault.jpg
 
Last edited:
You sure about that? I thought the search was only illegal if it was of the person who's being prosecuted, which obviously is not true in this case.
Wrong. If there were names on the phone then the phone must have a warrant to allow for the finding of said persons. The defense could have a field day if they didn't because the only means to their capture resulted from an illegal search and seizure. Pretty common idea and widely enforced. Now this isn't to say they don't try to find other means after the fact to make it seem they used other legitimate means to attain their where abouts.
 
See this is where I'm losing it, presumably Apple can retrieve/reset the password, and they don't need to to use a brute-force attack to deal with it, it's simply a matter of doing what Apple does and bam, reset. (translation they really do have backdoors, otherwise how can they retrieve the passwords of the widow who wants to use her dead husband's Apple gear).

With this said, Apple could just say "let me see the phone, ok here's the password" and not have to give them the password, not make some temporary backdoor iOS, nothing.
The widow password story is different though. She is asking for the iTunes password to access his online account and install an app. Apple certainly has the ability to reset your iTunes password (if you have access to the other person's email). The Widow is not asking them to reset the pin number on the phone (which she already had access to). The FBI is not asking to access the terrorists iTunes account. They are asking Apple to root the phone with a custom OS that disables all the security measures (while preserving the existing data and phone history). Two very different things.
 
This really is akin to the US government asking a Safe Company to make their Safe products less "Safe"

Which is absurd.

They don't even need to do that...the companies themselves have a price point they can be profitable at and still provide "security". All Security is how far do you want to go down the rabbit hole (aka spend money on) to counter possible threats. You have to live with a certain amount of venerability depending on your security posture.

I was watching a locksmith video the other day and a fairly beefy looking safe was defeated by a powerful magnet the guy brought with him.

I had another discussion with some coworkers about firearms....one was joking around that by the time he unlocked the gun, took the trigger guard off and then got the ammo from another safe, the person breaking into his house would have been long gone or taken him out. The chances of that happening are slim, but on the other hand where you have a Sandy type situation where there is no power and LE can't be counted on, you better have that handgun some where you can get it very easily because the risk is much higher then in your every day everything is working fine situation.
 
They don't even need to do that...the companies themselves have a price point they can be profitable at and still provide "security". All Security is how far do you want to go down the rabbit hole (aka spend money on) to counter possible threats. You have to live with a certain amount of venerability depending on your security posture.

I was watching a locksmith video the other day and a fairly beefy looking safe was defeated by a powerful magnet the guy brought with him.

I had another discussion with some coworkers about firearms....one was joking around that by the time he unlocked the gun, took the trigger guard off and then got the ammo from another safe, the person breaking into his house would have been long gone or taken him out. The chances of that happening are slim, but on the other hand where you have a Sandy type situation where there is no power and LE can't be counted on, you better have that handgun some where you can get it very easily because the risk is much higher then in your every day everything is working fine situation.


This is more akin to should you be prepared for the least likely scenario (armed robber breaks into your house) version most likely scenario (kid finds gun in night stand drawer). And on top of that most robberies are simple grabs and not wanting any confrontation, and in some courtooms shooting a robber can leave your family in a worse place than if he robbed you of everything (which really sucks). I currently am enrolled for ccw class and will likely carry in the car, but for me it is more likely to be needed in some random area I may be driving to than I would in my house. My fiance is a better shot than me anyways so she can defend the house haha.
 
No, it is the government asking for the combination to a single safe.

I hate this argument so much. It's obviously from people that do not understand technology at all. They use a string to identify the single device. Where does that string exist? In memory. Change the string in memory and you have a master key to all devices. There is absolutely no way to secure this mechanism from being used against all devices. The phone identity is hardcoded in the device, but the matching mechanism is simply a value sitting out in memory. Change that value to whatever phone identifier you need in the future.

This is not about 1 device. It's about all devices. All these discussions about unlocking 1 device... It's literally impossible to lock it down to just one device. The government is simply using this 1 instance to get a master unlock mechanism for all iphones.

All non software or computer engineers need to STFU about this situation. They do not understand the technology or limitations of creating an unlock for a device. A backdoor into 1 is a backdoor into all. Simple as that. Then of course you really think china or russia or some other country won't get their grubby hands on this? It's a bad idea.. very bad idea. Then of course there is still no solution for all 3rd party encryption. So you are really only screwing over the normal users. The criminals will just jump ship to something more secure.
 
I hate this argument so much. It's obviously from people that do not understand technology at all. They use a string to identify the single device. Where does that string exist? In memory. Change the string in memory and you have a master key to all devices. There is absolutely no way to secure this mechanism from being used against all devices. The phone identity is hardcoded in the device, but the matching mechanism is simply a value sitting out in memory. Change that value to whatever phone identifier you need in the future.

This is not about 1 device. It's about all devices. All these discussions about unlocking 1 device... It's literally impossible to lock it down to just one device. The government is simply using this 1 instance to get a master unlock mechanism for all iphones.

All non software or computer engineers need to STFU about this situation. They do not understand the technology or limitations of creating an unlock for a device. A backdoor into 1 is a backdoor into all. Simple as that. Then of course you really think china or russia or some other country won't get their grubby hands on this? It's a bad idea.. very bad idea. Then of course there is still no solution for all 3rd party encryption. So you are really only screwing over the normal users. The criminals will just jump ship to something more secure.

The government should have tools available that allow it to preform legal searches of computer systems.

Just because a lock pick exists does not mean that Russia is breaking into my house while I am at work.

It is the same thing.

If the government does not force Apple to comply, company's and individuals will use this as a legal maneuver to prevent discovery of data when facing indictment.
 
They can do to Apple like they did to Bayer, Apply will comply really fast.

Apple has enough money to hire a private army. If I were in charge of Apple, I would tell the US government to go get fucked and then revoke their licenses to use iOS and all Apple software.

The government should have tools available that allow it to preform legal searches of computer systems.

Just because a lock pick exists does not mean that Russia is breaking into my house while I am at work.

It is the same thing.

If the government does not force Apple to comply, company's and individuals will use this as a legal maneuver to prevent discovery of data when facing indictment.

They can hold the owner of the phone in contempt and put them in jail until they comply. No need to force Apple to weaken its security.
 
That is totally different, the FBI has more than likely received any passwords that Apple has access to for this user.
They are trying to crack the device itself with Apple does not have the password for.
The FBI wants a tool they can use to override the security fail-safes on the device so they can brute force into the phone.

Actually this is not entirely correct.

The new article Steve put up is a ZDnet article and the author lays it the entire issue out very well. First major point, the iPhone is an older phone and Apple can write a custom version of the OS and essentially update the phone, that specific phone, and unlock it. Furthermore once unlocked, Apple could extract the user data, everything that isn't actually the OS itself, and give the data only to the Courts. Then Apple could put the phone back to it's original state and return the phone itself which remains as evidence in the physical sense. Apple could do this and it doesn't require anything but some effort, and giving the dead man's data to the Government.

Here is a great quote for the other article.
Let's be clear that in this instance, the FBI is not asking Apple to put a back door into iOS. They are asking Apple to create a special version of iOS, that could be loaded on this specific phone, to help break into this specific phone.
 
Well if that is in fact true then sure I side with Apple on this...

HOWEVER, as mentioned in the news article.

This is of a single person's phone, and if they in fact did what Cook said they did they have provided "reasonable technical assistance" and should not need to make any sort of statement. That to me does not say "The FBI is to get a 'rooted' OS that has backdoors", so it makes me wonder if they have in fact given up all the passwords to unlock the phone and Tim Cook is just using previous attempts by the feds to make Apple seem like a shining star.
Prettymuch let reporters annihilate the apartment 2 days after the shooting. How long has it taken to make this request? I can be convinced they chose this case due to emotional inertia being on their side and not some genuine interest in the phone's content. IF there was we'd have had this discussion in December. So I can easitly question the sincerity of the FBI in this request as well.
 
I hate this argument so much. It's obviously from people that do not understand technology at all. They use a string to identify the single device. Where does that string exist? In memory. Change the string in memory and you have a master key to all devices. There is absolutely no way to secure this mechanism from being used against all devices. The phone identity is hardcoded in the device, but the matching mechanism is simply a value sitting out in memory. Change that value to whatever phone identifier you need in the future.

This is not about 1 device. It's about all devices. All these discussions about unlocking 1 device... It's literally impossible to lock it down to just one device. The government is simply using this 1 instance to get a master unlock mechanism for all iphones.

All non software or computer engineers need to STFU about this situation. They do not understand the technology or limitations of creating an unlock for a device. A backdoor into 1 is a backdoor into all. Simple as that. Then of course you really think china or russia or some other country won't get their grubby hands on this? It's a bad idea.. very bad idea. Then of course there is still no solution for all 3rd party encryption. So you are really only screwing over the normal users. The criminals will just jump ship to something more secure.

Just because I am not a software engineer, I will not STFU.
This can and should be done in a secure fashion to gain information about this terrorist action and get inside the mind of this asshole and his wife.
I want you to watch the interviews yesterday with the family members of the people who were killed.
Look inside yourself and tell me how you feel.

Prettymuch let reporters annihilate the apartment 2 days after the shooting. How long has it taken to make this request? I can be convinced they chose this case due to emotional inertia being on their side and not some genuine interest in the phone's content. IF there was we'd have had this discussion in December. So I can easitly question the sincerity of the FBI in this request as well.

These things move at an incredibly slow pace, especially since the damage is done.
I also think the FBI or whomever has tried everything they know and now are asking for help.
I hope Apple will work with them and not simply throw lawyers at the government until they go away.
 
Lavabit - Wikipedia, the free encyclopedia

Again, your naiveness and trust in the government to not somehow abuse this is amusing to say the least.

I also agree with the poster that said this is probably a test by the FBI maybe backed by the CIA/NSA. If Apple caves into the FBI then it's open range for the CIA/NSA to get this shit via FISA.

Yea yea paranoia blah blah blah but really, has the government been able to prove their trustworthiness lately? :rolleyes:


Ahhh, I see what you are talking about, but you don't understand the reasons behind this action.

You are talking about LavaBit. I'll call your attention to this part of the article you linked to.
The strength of the cryptographic methods used was of a level that is presumed impossible for even intelligence agencies to crack.

Are you aware that certain levels and forms of encryption can not be exported from the United States?

http://export.gov/webinars/eg_main_046622.asp

Now I can't say for sure but one should think of the impact of a web based service using such a level of encryption and allowing foreigners to use it, explore the law a little, and see if this may violate the Federal Export controls regarding encryption technologies. Combine this with the fact that when this actually happened Ed Snowden was still sitting in a Russian Airport and the Government was still scrambling to figure out just what Snowden had taken.

Now you may not like it, but I am going to pass on a simple fact that most people have no problem understanding. You can't do what Snowden did and expect the Government will play by all the usual rules that are specifically in place to govern a normal populace under normal conditions. If you think they won't break the rules when it is determined to be necessary than you've never considered what Martial Law is all about. Our countries laws and rules are never absolute, only a very ignorant fool would even think so. That's part of the reason we have these discussions, because sometimes breaking the rules is the right thing for the government to do but you always have those people who won't accept that and think the rules must be followed always and that's not absolutely correct. Furthermore, not only can they break the rules, they can do it legally when they go about it the right way. It's like Army Regulations, anything can be approved as long as the right guy signs off saying it's OK to do it. Same way with Security in the Military, some things are considered "things you just don't do" but if the right guy signs off and says do it, it will get done.

In Lavabit's case I can't say if it was truly justified. But what was at risk and "on-the-clock" with regards to Snowden at that time is nothing at all like what we are talking about now with Apple and the phone of a dead guy. Apple is trying to make a stand based on an ethical issue and time is not a major factor nor is the disposition of a large volume of very sensitive information. Could there by data on the phone that would point the government at other people who may be planning to do something similar, or assist others in doing these things, of course, it's why they want the phone unlocked.

You point out my "trust" and suggest that it's because I am naive. I "trust" that in this case the government is doing the right thing for us. That the government's request for the data from a dead man's phone, a dead man who with his wife killed several citizens because of religious and ideological reasons, is reasonable and in the populations best interest.

I WANT that phone unlocked myself, I have a daughter and her husband living less then 20 miles from where that attack happened. They had a neighbor as an accomplice(witting or not), who bought their weapons for them and they could have other associates they communicated with who could be planning to do something like what they did. Apple should have unlocked that phone without any questions asked, instead Tim Cook wants to make an issue out of it so he can sell more of his new phones. You don't think there is a reason to make this claim but I do. And it's explained clearly above and even other professionals in the IT world agree. Apple will have to back down and do this and it's the right thing for them to do anyway.

BTW, the government was right in what they did to Lavabit as well.
 
Are you aware that certain levels and forms of encryption can not be exported from the United States?

http://export.gov/webinars/eg_main_046622.asp

Now I can't say for sure but one should think of the impact of a web based service using such a level of encryption and allowing foreigners to use it, explore the law a little, and see if this may violate the Federal Export controls regarding encryption technologies. Combine this with the fact that when this actually happened Ed Snowden was still sitting in a Russian Airport and the Government was still scrambling to figure out just what Snowden had taken.
You bring up an interesting point, but per Export of cryptography from the United States - Wikipedia, the free encyclopedia many of these encryption export laws have been weakened. As iphones are sold all over the world, I doubt this applies at all.
 
Everyone pushing for Apple to crack this phone for the FBI are also opening the door to every other country having the same access -- unless Apple wants to give up doing business in that country.

What is to stop other countries or this country from hacking and downloading your personal information as a routine part of travel and passing through customs?

What is to stop hackers from using this procedure to enable stolen phones? Right now, stolen phones are largely only worth the components they are made of, but once people are able to flash phones to brand new status, it's open season with a target placed on everyone.

What happens to devices with HIPAA or other confidential information? Suddenly encryption is worthless and all of our private data is out there for the world to read.

This is what everyone siding with the FBI is advocating for.
 
Doc that's Bullshit. no other country can MAKE us do anything unless they think they're big enough to make us. And in the same vein, our laws have no impact on what other countries do at their own borders. And anyway, you can already be forced to unlock your phone crossing into and out of the US anyway. As for the hackers doing the same thing, if they can then their is nothing to stop them anyway whether Apple unlocks this phone or not so claiming that forcing Apple to unlock the phone will open a door is stupid, the door is open or it isn't and what actions Apple takes has no bearing.

This case is about one phone that did belong to one dead man, period. Hell, it's an older phone and doesn't even have the hardware level security module. And this will do nothing to invalidate or weaken anyone's encryption on anyone's know because that is now what is being asked. Stop chasing the squirrels.
 
Doc that's Bullshit. no other country can MAKE us do anything unless they think they're big enough to make us.
Apple has to follow Chinese laws in China just as they have to follow U.S. laws in the U.S. Once it gets around that Apple are forced to make insecure encryption for the U.S. government, they'll have to make it for every government. I don't understand how you don't see this.
 
Well if that is in fact true then sure I side with Apple on this...

HOWEVER, as mentioned in the news article.

This is of a single person's phone, and if they in fact did what Cook said they did they have provided "reasonable technical assistance" and should not need to make any sort of statement. That to me does not say "The FBI is to get a 'rooted' OS that has backdoors", so it makes me wonder if they have in fact given up all the passwords to unlock the phone and Tim Cook is just using previous attempts by the feds to make Apple seem like a shining star.


The order had the following demands.

1. Remove normal iOS functions that intentionally increase the time it takes to enter passwords and deletes the phone after X failed attempts.
2. Allow the FBI to submit guesses via the lightning port, wi-fi or bluetooth
3. Allow these functions to be loaded into the phones memory so it does not have to be directly installed (in other words leave data untouched for forensic purposes) This means jailbreaking is also out.

It also did not specify who would have access to that software, or if it could be used in other cases. So for all they know, they give it to the FBI and oops, someone from the NSA finds it on a shared folder and decided to reverse engineer it.
 
You bring up an interesting point, but per Export of cryptography from the United States - Wikipedia, the free encyclopedia many of these encryption export laws have been weakened. As iphones are sold all over the world, I doubt this applies at all.

You might be correct today, but LavaBit chose to shut their own doors and no comply with the court order back when Snowden was still sitting in a Russian Airport and that was before Apples new Security Schemes. What we are seeing today is mostly in reaction to those events so even if things have changed since then, it doesn't mean that it can retroactively change what happened to LavaBit or erase why it happened. And what happened then may never happen again because of these issues, but I think that's a stretch.

What I am pretty comfortable saying is that when it comes down to something like what Ed Snowden did, all bets are off and if the government is serious about having an individual or a business open their door I'm pretty sure they will make it very clear. I wouldn't expect a form letter. If they show up in suits and ties and brief cases in hand, they are not playing. LavaBit even said they thought this might be about Snowden, it was already in the news, people caught onto Snowden before he flew from Hong Kong to Russia. I think they knew Snowden was toxic and that any personal account he had was like radioactive. Ed was actively using LavaBit from Russia, the FBI would have been all over that and if they couldn't break that encryption or find another way to intercept the data while it was in plain text than they were going to go to LavaBit and get it from them along with anything from anyone else who was talking with him via LavaBit.

Yes, what Snowden told people or showed people was very important to them and the Privacy related information was what grabbed all the news. But he grabbed so much in such an indiscriminate manner that I still have no real idea just what else he gave away. I am pretty sure it was more than just what we have seen in the news though some of that was wrong to have released and Snowden was even more wrong to have taken. What's worse is the reaction. LavaBit is minor, it may have gotten big traction but it was actually a minor event compared to the government's new security policies for cleared people. The security business was a trust business in the past. Yes they did investigations before they hired you and many times over one's career, even polygraphs for many jobs. And yes, they monitored online activity at work periodically. Now though, it full time, all the time, and it's not just at work, it's all your online activity at home as well. It's in the open, they publicized the beginning of the program, and so now we have the most massive and intrusive surveillance program ever envisioned running full time against American citizens who are just people who are working doing their jobs. They are not foreigners, criminals, activists, extremists, there is no pending litigation, charges, or suspicion.

And if a person can't recognize this, as the most significant product of Snowden's actions, then nothing I can say will help them.
 
You point out my "trust" and suggest that it's because I am naive. I "trust" that in this case the government is doing the right thing for us. That the government's request for the data from a dead man's phone, a dead man who with his wife killed several citizens because of religious and ideological reasons, is reasonable and in the populations best interest.

I WANT that phone unlocked myself, I have a daughter and her husband living less then 20 miles from where that attack happened. They had a neighbor as an accomplice(witting or not), who bought their weapons for them and they could have other associates they communicated with who could be planning to do something like what they did. Apple should have unlocked that phone without any questions asked, instead Tim Cook wants to make an issue out of it so he can sell more of his new phones. You don't think there is a reason to make this claim but I do. And it's explained clearly above and even other professionals in the IT world agree. Apple will have to back down and do this and it's the right thing for them to do anyway.

BTW, the government was right in what they did to Lavabit as well.

Oh boy. I have nothing else to say really.
 
Regarding Lavabit,

The court records show that the FBI sought Lavabit's Transport Layer Security (TSL/SSL) private key. Levison objected, saying that the key would allow the government to access communications by all 400,000 customers of Lavabit. He also offered to add code to his servers that would provide the information required just for the target of the order. The court rejected this offer because it would require the government to trust Levison and stated that just because the government could access all customers' communication did not mean they would be legally permitted to do so. Lavabit was ordered to provide the SSL key in machine readable format by noon, August 5 or face a fine of $5000 per day.[22] Levison closed down Lavabit 3 days later.

If you're okay with the government basically getting a key to encryption to "use correctly" then again, you're naive in thinking the government will do right by you and the people.
 
Apple has to follow Chinese laws in China just as they have to follow U.S. laws in the U.S. Once it gets around that Apple are forced to make insecure encryption for the U.S. government, they'll have to make it for every government. I don't understand how you don't see this.

Why are you making things up, Apple is being asked to unlock one phone, not to change anything at all about encryption on any other phone anywhere.

The Court: "Take this phone, unlock it, give us the data."

Apple: "No"

The Court:" Then take this phone, and make it where we can unlock it"

Apple: "No"

But what the government has not said is "Change iOS for all your phones, change your encryption for all your phones, change how you manage encryption for all your phones."
 
Regarding Lavabit,



If you're okay with the government basically getting a key to encryption to "use correctly" then again, you're naive in thinking the government will do right by you and the people.

Why would you think a guy who has;

A. worked for the Government, either as a Military Service member doing SIGINT under direction of the NSA,

B. or as a contractor doing training and IT work for the Army as a contractor,

C. for the last 33 years,

of being naive about what they do? ;)
 
Back
Top