Apple CEO Opposes Court Order To Help FBI Unlock iPhone

[HardOCP News]

It should be interesting to see how this plays out. We're talking about a legally binding court order from a judge. Pass the popcorn please.


Apple Inc Chief Executive Tim Cook said his company opposed a demand from a U.S. judge to help the FBI break into an iPhone recovered from one of the San Bernardino shooters. Cook said that the demand threatened the security of Apple's customers and had "implications far beyond the legal case at hand."

 

[arr4ws]

I think Tim Cook is right.

Where the fuck will this end if they open it?

 

[Hornet]

I'm with Apple on this one.

You cannot have a back door to an encryption system, regardless of what your intentions may be. That will just defeat the purpose of encryption.

 

[Vermillion]

Can't disagree with Apple here. While I would love to help Uncle Sam get into the terrorists phone the precedence that would be set just isn't worth it.

 

[naturbo2000]

You cannot have a back door to an encryption system, regardless of what your intentions may be. That will just defeat the purpose of encryption.

I might be misreading the court order (heck I'm not actually reading the order), but the request is not actually for Apple to put in a back door, is it?

Isn't the request to help look if there already is such a back door (something which is much easier when you have access to the source code). Apple could help look for an existing back door, give it to the FBI and then fix it in the next software update.

That's the improved security model you get pro bono with open source code. (Apart from the FBI stuff )

 

[naturbo2000]

I should add: IMHO Tim Cook's beef is not about the greater good, it's about the Apple share price.

If there is an existing back door, relating to Apple's implementation of encryption, rather than the encryption algorithms per-se, then questions will be asked about security on Apple devices across the board. That could be hugely damaging to Apple's reputation.

I'll put money on that being the most important thing to Tim Cook.

 

[nepenthe]

I might be misreading the court order (heck I'm not actually reading the order), but the request is not actually for Apple to put in a back door, is it?

Isn't the request to help look if there already is such a back door (something which is much easier when you have access to the source code). Apple could help look for an existing back door, give it to the FBI and then fix it in the next software update.

That's the improved security model you get pro bono with open source code. (Apart from the FBI stuff )

It seemed the request was to create a backdoor (by means of creating a new version of iOS, with said backdoor) which would essentially allow for the FBI/Government to brute force their way past the 10 invalid password attempts will wipe the phone setting.
The issue is, once created, the potential for it to be reversed engineered, stolen, abused etc. is very real and then this could be used cart blanch defeating the entire purpose of securely encrypting ones personal data.

 

[Ocean]

look on the bright side.

the judge is mandating that apple invents something.

if i've learned anything from this forum, that NEVER happens!

 

[krotch]

Wouldn't the phone upload a bunch of crap to Apple's servers anyways? Couldn't they just retrieve that?

 

[LurkerLito]

Umm there is no order from the court to put in a backdoor. They just want Apple to make them a customized firmware that does 2 things:

1. Make it so after 10 tries the phone won't auto erase all data
2. Make an interface so a person doesn't have to sit there and type 4 digit codes 10,000 times.

That is not a backdoor at all. In fact if done properly it should be a perfectly acceptable solution to the whole encryption debate. To put it another way, if Apple and other device makers make customized not available to anyone but government officials via a warrant device that can clone the original device so they can brute force the pass code at Apple HQ I am actually fine with that. There is a big difference between what is being asked here and a backdoor available to anyone anywhere who happens to have the secret code work that some FBI agent will probably have written on his monitor via a yellow sticky note that is displayed in a news article/tv report when they get interviewed off some unrelated case.

 

[tikiman2012]

Aren't there already agencies that have this ability? One would think so.

 

[Dawill]

Umm there is no order from the court to put in a backdoor. They just want Apple to make them a customized firmware that does 2 things:

1. Make it so after 10 tries the phone won't auto erase all data
2. Make an interface so a person doesn't have to sit there and type 4 digit codes 10,000 times.

That is not a backdoor at all. In fact if done properly it should be a perfectly acceptable solution to the whole encryption debate. To put it another way, if Apple and other device makers make customized not available to anyone but government officials via a warrant device that can clone the original device so they can brute force the pass code at Apple HQ I am actually fine with that. There is a big difference between what is being asked here and a backdoor available to anyone anywhere who happens to have the secret code work that some FBI agent will probably have written on his monitor via a yellow sticky note that is displayed in a news article/tv report when they get interviewed off some unrelated case.

If you don't make it hard to input 4 digit codes, anybody could unlock any iphone within minutes. That's a fucking backdoor. Iterating through 10,000 codes w/o a forced delay through automated means takes seconds-minutes. It completely defeats the entire passcode mechanism. They would need to add some crazy hash based off your fingerprint then bruteforce means would be fine. Might still take them years to crack depending on the length of hash used for the fingerprint.

This is about the same as the FBI asking to install surveillance cameras in everybody's house but saying that they'll only activate them when they have probable cause. It's bullshit and all being done in the name of "national security" or whatever nonsense they want to drum up now. Everybody should oppose this unless you really want the government spying on you and everything you do.

 

[CEpeep]

I should add: IMHO Tim Cook's beef is not about the greater good, it's about the Apple share price.

If there is an existing back door, relating to Apple's implementation of encryption, rather than the encryption algorithms per-se, then questions will be asked about security on Apple devices across the board. That could be hugely damaging to Apple's reputation.

I'll put money on that being the most important thing to Tim Cook.

Sure. This is hugely damaging to the reputation of Apple and any other US company that makes tech. What resident of a foreign country would want to buy hardware designed in the US with mandatory backdoors? Apple, Google, Microsoft and many others are affected by this. Of course they care about their share prices and the viability of their business. I'm not sure what the "greater good" is here, but the viability of the US tech industry sounds like something worth protecting, even if your personal stake in it is profit.

 

[steakman1971]

I hope Apple holds their ground. They currently have good encryption implemented. By default, iOS encourages you to use something better than a 4 digit pass code. I think this started with iOS 9?
If Apple gives in, everyone loses. This is not about share price or Tim Cook. Its about our right to privacy.
(I'm not trying to defend the terrorists in this case - this is Pandora's box. Once its open, can you ever close it again?)

 

[DocSavage]

I should add: IMHO Tim Cook's beef is not about the greater good, it's about the Apple share price.

If there is an existing back door, relating to Apple's implementation of encryption, rather than the encryption algorithms per-se, then questions will be asked about security on Apple devices across the board. That could be hugely damaging to Apple's reputation.

I'll put money on that being the most important thing to Tim Cook.

You don't know his thinking on this. Same thing happens with all the people calling Trump, Hitler. They only know his words, not the thoughts behind them.

 

[DocSavage]

Apple Inc Chief Executive Tim Cook said his company opposed a demand from a U.S. judge to help the FBI break into an iPhone recovered from one of the San Bernardino shooters. Cook said that the demand threatened the security of Apple's customers and had "implications far beyond the legal case at hand."

I just watched a documentary on the Black Panthers on PBS last night. The FBI was using every underhanded trick they had to end and discredit the organization. After watching the FBI get the police to assassinate a man via a knockless-warrant using fully automatic weapons from outside an apartment at 5 am with family members inside the apartment, my faith in them is rather lessened.

 

[magoo]

I hope Apple holds their ground. They currently have good encryption implemented. By default, iOS encourages you to use something better than a 4 digit pass code. I think this started with iOS 9?
If Apple gives in, everyone loses. This is not about share price or Tim Cook. Its about our right to privacy.
(I'm not trying to defend the terrorists in this case - this is Pandora's box. Once its open, can you ever close it again?)

While I share the sentiment about privacy, once you gun down dozens of people in cold blood, you loose that.
This case is simply about one phone and the potential information stored in it.
I am not opposed one bit to gaining that information by any means possible.

Unfortunately, with our contorted legal system, even if the Justice department prevails, it will be years before it happens.

 

[sfsuphysics]

I should add: IMHO Tim Cook's beef is not about the greater good, it's about the Apple share price.

If there is an existing back door, relating to Apple's implementation of encryption, rather than the encryption algorithms per-se, then questions will be asked about security on Apple devices across the board. That could be hugely damaging to Apple's reputation.

I'll put money on that being the most important thing to Tim Cook.

Oh absolutely.

Although I will add the way he's talking is that they won't do it, not that they can't do it, so maybe the backdoor already exists, perhaps something as simple as allowing Apple to force updates onto the phone.

However I really have no issue with Apple being forced to do this, 1) there's a court order, 2) this is a dead person, 3) this is someone who isn't a suspected criminal they actually were a criminal.

 

[wgm3446]

Here my deal with this:

Everybody goes on about their right to privacy. But at this point, who is preserving that right? Apple's terms and conditions? What guarantees do you get with that? None. Shouldn't the 5th Amendment protect your right of due process and search and seizure? We have that in place to preserve our rights. If it's violated, you have a legal path to recoup from it. We send our metadata to Apple, Microsoft, Google, etc. whether we like it or not. Essentially we are substituting our 5th Amendment right with the terms and conditions of the company we service our mobile devices.

Here's the deal... Working with software developers... there's a backdoor. It is tightly controlled with the developers. By Apple complying with this court order, they not only hurt financially, they do set a very interesting precedent that does needs to go through the legal gauntlet noting my concern in the first paragraph.

Additionally, when we get companies like Apple that refuse to comply with court orders, the government spawns up programs and researchers to develop 'unethical hacking programs' that only us Americans would be disgusted with these practices when it gets leaked by people like Snowden.

I'll step out from getting into a political debate, but these are things to think of when we discuss this.

 

[thedocta45]

Umm there is no order from the court to put in a backdoor. They just want Apple to make them a customized firmware that does 2 things:

1. Make it so after 10 tries the phone won't auto erase all data
2. Make an interface so a person doesn't have to sit there and type 4 digit codes 10,000 times.

That is not a backdoor at all. In fact if done properly it should be a perfectly acceptable solution to the whole encryption debate. To put it another way, if Apple and other device makers make customized not available to anyone but government officials via a warrant device that can clone the original device so they can brute force the pass code at Apple HQ I am actually fine with that. There is a big difference between what is being asked here and a backdoor available to anyone anywhere who happens to have the secret code work that some FBI agent will probably have written on his monitor via a yellow sticky note that is displayed in a news article/tv report when they get interviewed off some unrelated case.

This seems reasonable to me if there is a court order for the data.

 

[FrgMstr]

It should be interesting to see how this plays out. We're talking about a legally binding court order from a judge. Pass the popcorn please.


Apple Inc Chief Executive Tim Cook said his company opposed a demand from a U.S. judge to help the FBI break into an iPhone recovered from one of the San Bernardino shooters. Cook said that the demand threatened the security of Apple's customers and had "implications far beyond the legal case at hand."

This whole incident could have been avoided had the shooters simply had an Android phone to begin with. Angst levels would have been greatly diminished.

 

[tikiman2012]

Taken from another site:

"As Tim Cook clearly understands, the government wants access to every phone on the planet. The United States Justice Department's Federal Bureau of Investigation has CHOSEN carefully this CASE as an opportunity to revoke your Constitutional Right to privacy during a time when the SCOTUS cannot rule against the government's writ."

Seems like a reasonable theory.

 

[thedocta45]

Taken from another site:

"As Tim Cook clearly understands, the government wants access to every phone on the planet. The United States Justice Department's Federal Bureau of Investigation has CHOSEN carefully this CASE as an opportunity to revoke your Constitutional Right to privacy during a time when the SCOTUS cannot rule against the government's writ."

Seems like a reasonable theory.

Isn't this already covered under the 4th amendment? Seems to me that Apple should comply with the court order.

To throw out that the SCOTUS can not rule against the government is an asinine argument.

 

[mullet]

Umm there is no order from the court to put in a backdoor. They just want Apple to make them a customized firmware that does 2 things:

1. Make it so after 10 tries the phone won't auto erase all data
2. Make an interface so a person doesn't have to sit there and type 4 digit codes 10,000 times.

That is not a backdoor at all. In fact if done properly it should be a perfectly acceptable solution to the whole encryption debate. To put it another way, if Apple and other device makers make customized not available to anyone but government officials via a warrant device that can clone the original device so they can brute force the pass code at Apple HQ I am actually fine with that. There is a big difference between what is being asked here and a backdoor available to anyone anywhere who happens to have the secret code work that some FBI agent will probably have written on his monitor via a yellow sticky note that is displayed in a news article/tv report when they get interviewed off some unrelated case.

This is the way I was reading it. Brute force is not backdoor.

 

[lcpiper]

No surprise here, Apple is wrong on this one. Here is my reasoning.

1st and foremost, there is absolutely no justification to take encryption to this level. The idea that an engineered method to access stored encrypted data that is secure for the user yet allows the provider access under court order is frankly, ludicrous and in no way equates to a backdoor.

2nd, the idea that if this get's started where does it end is also wrong, this is not starting something, this is ending something. It ends the requirement for business or individuals to be forced to provide records and evidence when compelled by valid court order, subpoena, or search warrant, and it's wrong and again quite frankly, an ridiculous stance for Apple and others to take. Anyone that thinks they will not be forced to comply is crazy, the Government will crush Apple before they allow Apple to do this. They will impose such penalties that Apple will be financially destroyed. In fact, I imagine Tim Cook will find himself up on criminal charges as well.

3rd, if Apple is so on top of our Privacy, why are the Apps in the App Store still a leaking sieve of personal data?

This is a grandstand play, showtime for the foolish. I can't believe Tim Cook actually thinks he is going to get away with this and again, frankly, I am amazed the Federal Government has shown this much restraint. They are seriously bending over backwards hoping Apple and others will come to the table and figure out a proper solution that serves all of us well, without their having to get rough with Apple and look like the bad guy on this.

I just can't believe guys here in this forum are falling for this ridiculous argument that the only way to engineer a method of accessing data on the phone is to create a weakness in it's protective code.

Again I will bring up one last point. If the Federal Government allows Apple to get over on this, the result will be that no one will be able to force anyone into giving up any records of anything at all if it is protected in this manner. All any business would have to do is contract out their data storage to a Cloud Service Provider who uses the same encryption protection schemes and that's that. None of us will ever be able to sue any business ever again with any chance of winning. What Apple is playing with is fucking wrong.

I understand everyone has a certain level of disdain or distrust of the government, it's healthy to a degree, keeps a person watching and paying a little attention. But that system, the government, it's supposed to be there for us. Just look through today's news and imagine all the court cases going on where investigators find evidence of wrongdoing then imagine that proof being inaccessible and the wrong doers untouchable. Be careful what you ask for.

 

[CEpeep]

This is they way I was reading it. Brute force is not backdoor.

The software has restrictions in it that prevent brute forcing by wiping the device. Creating a new version that does not have those is creating a backdoored version of the software.

 

[lcpiper]

It seemed the request was to create a backdoor (by means of creating a new version of iOS, with said backdoor) which would essentially allow for the FBI/Government to brute force their way past the 10 invalid password attempts will wipe the phone setting.
The issue is, once created, the potential for it to be reversed engineered, stolen, abused etc. is very real and then this could be used cart blanch defeating the entire purpose of securely encrypting ones personal data.

Wow, when are you guys going to stop using the term backdoor. The government is not asking for a backdoor. Saying the government is asking for a backdoor is a lie. A backdoor is an engineered access method used for unauthorized access and it makes it sound like the government is asking for the access when they are not. The government is asking for an engineered method for the provider to gain authorized access. this is not a backdoor, this is not something the government is asking to be given.

 

[otherweeb]

Sorry, Tim Cook is being a grandstanding drama queen attempting to divert the argument. This is a court order for a specific phone. Not sure why there isn't just a warrant, but a judge's court order should surpass that. The FBI can request any other pie in the sky stuff they wish and ask for unlimited access to everything in the world, but Apple is only required to comply with the letter of the court order.

 

[CEpeep]

The government is asking for an engineered method for the provider to gain authorized access.

The provider doesn't want this access, though. They had it and deliberately took it away from themselves to protect their customers.

 

[UnrealCpu]

If apple CEO allows this than the government will follow suit to have every IT company unlock any encryption invented now and in the future

so yes this should be denied at all costs.

 

[nepenthe]

Wow, when are you guys going to stop using the term backdoor. The government is not asking for a backdoor. Saying the government is asking for a backdoor is a lie. A backdoor is an engineered access method used for unauthorized access and it makes it sound like the government is asking for the access when they are not. The government is asking for an engineered method for the provider to gain authorized access. this is not a backdoor, this is not something the government is asking to be given.

In effect, that's what will happen. As I understand, it is the secure enclave on the iPhone that enforces the 5-second delay between password unlock attempts. That 5 second delay is enforced at the hardware level. There's no way around that without attempting to create a backdoor - if it's even technically feasible.

Judge Tells Apple To Help FBI Access San Bernardino Shooters' iPhone - Slashdot

A Few Thoughts on Cryptographic Engineering: Why can't Apple decrypt your iPhone?

A (not so) quick primer on iOS encryption

 

[FrgMstr]

Apple loves terrorism.

 

[DocSavage]

Sorry, Tim Cook is being a grandstanding drama queen attempting to divert the argument. This is a court order for a specific phone. Not sure why there isn't just a warrant, but a judge's court order should surpass that. The FBI can request any other pie in the sky stuff they wish and ask for unlimited access to everything in the world, but Apple is only required to comply with the letter of the court order.

Just because a judge asks for something doesn't mean it can feasibly be done. What if the judge asks for flying unicorns? Does apple have to suddenly figure out how to bioengineer them? Suppose the judge orders apple to assassinate someone? Does that mean they should comply? Same with the judge ordering them to figure out a way to hack their own secure phones.

 

[david_]

1st and foremost, there is absolutely no justification to take encryption to this level.

What level should it be taken to?

 

[Retronym]

Wow, when are you guys going to stop using the term backdoor. The government is not asking for a backdoor. Saying the government is asking for a backdoor is a lie. A backdoor is an engineered access method used for unauthorized access and it makes it sound like the government is asking for the access when they are not. The government is asking for an engineered method for the provider to gain authorized access. this is not a backdoor, this is not something the government is asking to be given.

*asking*

 

[DocSavage]

there is absolutely no justification to take encryption to this level.

These devices are our personal property. Why should the government get any access to such a thing? I thought this was the land of the free?

 

[Booyaah]

Just because a judge asks for something doesn't mean it can feasibly be done. What if the judge asks for flying unicorns? Does apple have to suddenly figure out how to bioengineer them? Suppose the judge orders apple to assassinate someone? Does that mean they should comply? Same with the judge ordering them to figure out a way to hack their own secure phones.

Well at least someone gets it. Most judges are dumb when it comes to tech issues like this. Plus judges are a dime a dozen, I suspect that most of them are just sheeple that will always give the govt any warrant it wants without reasonable cause. How many times about of the thousands of warrant requests has a FISA judge ever denied one? Answer: literally almost zero: FISA Court Has Rejected .03 Percent Of All Government Surveillance Requests

The issue some of you fail to understand, this isn't really Apple objecting to the FBI getting access to one phone. It's about setting precedence. If Apple does this for one phone, the govt will come with more phones. Pretty soon thousands of phones will be unlocked and then the FBI will say 'well you already are unlocking thousands of phones for us now, why not just put the backdoor on everything'.

lol @ those who are mincing semantics to try and say it's not a backdoor. If you actually fully read what's in Tim Cook's letter, he specifically mentions they asked for the PRIVATE KEYS. That kind of 1984 Orwellian crap scares me way more than some .00001% chance of me getting shot by some radical jihad.

 

[UnrealCpu]

Well at least someone gets it. Most judges are dumb when it comes to tech issues like this. Plus judges are a dime a dozen, I suspect that most of them are just sheeple that will always give the govt any warrant it wants without reasonable cause. How many times about of the thousands of warrant requests has a FISA judge ever denied one? Answer: literally almost zero: FISA Court Has Rejected .03 Percent Of All Government Surveillance Requests

The issue some of you fail to understand, this isn't really Apple objecting to the FBI getting access to one phone. It's about setting precedence. If Apple does this for one phone, the govt will come with more phones. Pretty soon thousands of phones will be unlocked and then the FBI will say 'well you already are unlocking thousands of phones for us now, why not just put the backdoor on everything'.

lol @ those who are mincing semantics to try and say it's not a backdoor.

 

[UnrealCpu]

THE FBI is trying to unlock a cell phone through a judge so it can be done legally. The CIA probably has already unlocked the phone and has all the intelligence since day 1 , the FBI is just a organization to uphold civil liberties and privacy rights. This is just all a show by the government to make the U.S. population think they are doing what is right before hacking a encrypted computer/phone from a u.s. citizen.

I am pretty sure some organizations within the FBI cyber security and especially the CIA have unique backdoors to every hardware device made and even OS backdoors. The CIA especially has the ability to intercept computer hardware such as routers and reflash the firmware unknowingly to the buyer which might be some big wig IT company that is being investigated and spied on. This has been going on since the internet was invented without the public knowledge and was almost leaked after 911 however due to national security the government prosecuted several FBI /CIA agents before being leaked to the NY times. Present day the U.S. public is finally aware what really goes on but it took a rogue agent named Snowden to finally put this to rest. I personally think snowden is a hero just for the fact he believed in the 4th amendment and he knew already since 9/11 that the government has gone way to far spying on its own citizens. There are many examples of the CIA tapping into cell phone companies, email, etc. ..goes on and on for the last 15 years.

"The Fourth Amendment of the Constitution prohibits “unreasonable searches and seizures.” Seizure – the taking of private information – is what the government has now been forced to admit. Whether or not the state ever chooses to “search” the seized information, the universal, non-consensual seizure itself of what used to be called “pen register” data grossly invades individual privacy and vastly empowers government, all in violation of the Constitution if “unreasonable".

 

[FrgMstr]

These devices are our personal property. Why should the government get any access to such a thing? I thought this was the land of the free?

Search warrant sound familiar to you? This is simply the government asking Apple to unlock the door for it. I don't see this as Apple handing the government the keys to the door, but rather to simply unlock the door and allow entry.

I think some case law that might be applicable here might pertain to bank lock boxes and banks being compelled to allow government access. The bank does not give the keys to all the lock boxes in the safe to the government, just the one box it has a warrant to search. I am pretty sure there is supporting case law for this.