Apple's refusal to allow backdoor access to its iPhones

its funny about how people complain about google and Microsoft invading their privacy ! and want to give the government free range on a phone that they cant seem to hack . they have hacked your email they tap your land line phone your medical your bank account, the only privacy you have any more is when you go into the bathroom and lock the door oh wait I don't lock the door my wife would get mad if she couldn't get her med's lol

I personably do not care for I do not own a cell phone. My wife does that only receives calls and sends but nothing else. We use it on our trips to use in case of emergency or to inform our kids we are arriving.
I am a radio scanner person and I use my scanner always. I remember back when several congressmen got cought with their pants downn in phone calls so they passed a law restricting phone call frequencies from scanners. They forgot that the rest of the world did not subscribe to USA laws. My scanner was bought in England so I enjoyed many morning after dates calls within my receiving area. Althow many home phones now have certain security I still get calls from old phones.
This leads me to the central topic which is "How secure are you?"
If you put it on air there are programs to receive your messege and the Supreme Court has continiously said it is not private. So I mustsay "If you do not want it to be revealed then do not put it on air or phone"

This not just about what is on a cell phone.

But first, you should look into laws regarding use of a scanner. There are reasons why certain bands are not available on a scanner. In the scanner owner's manual, there are warnings about legal use of a scanner, and local municipalities have their own laws regarding use of a scanner.

This is about information you have and others have about you being safe and secure. This is NOT exclusively about a smartphone from San Bernardino. This has been building for a long time. This is about the safety and security of private and confidential information EVERYWHERE, the need to make it secure from hackers, and the ability of the authorities to get at it. This includes banks, financial institutions, doctors records, employers, businesses, etc., places there is information about you that you really have no control, other than to live off the grid in a cave with all your money and info hidden under a rock. This is about the safety and security of ALL electronic data. Not just what you might put on a cell phone.

The ability to secure and protect electronic information now exceeds the ability (supposedly) of the authorities to access that information. And THAT is the real issue here. Computers, laptops, desktops, etc. have had encryption for years, and it has been getting better and better to stay ahead of the hackers.

It's just that the ubiquity of the iPhone has exposed this modern clash of the need for modern privacy protection vs the ability of the authorities to breach that privacy.

This is what this case is leading up to.

http://bgr.com/2016/03/11/apple-vs-fbi-james-woolsey-cia-dir...

An explanation from Apple:

http://www.apple.com/customer-letter/

The comments that "it's totally different because that capability doesn't exist" is misinformed. Software experts have stated it will take Apple at most a few hours to comply with the court order. This isn't some huge task. It is about the same as asking somebody to look something up. It will be about the same effort. They do not want to do it because it would decrease the value of a feature of their phones. They are motivated by money. Not much of a surprise but not the lofty reason they seem to be pretending (I carry an apple phone).

The real question to me is whether a phone is different from other information the government can go get a court order and get access to. I argue it is not. If they can look at my medical records and bank records why can't they look at my phone? If a manufacturer wants to try and make it so the government can't open their phones, and then market that as an advantage, I don't blame law enforcement for trying to stop it.

Yes, the FBI wants to snoop. But it is the phone of a known murderer which is actually the property of his employer who have given permission. There is no free speech aspect to this. The question is whether a company can deliberately block law enforcement access and claim that as a feature of their product. I don't think it will work although Apple seems like to stall and take it to the Supreme Court. Or try and get a law saying they can do what they are doing.

The ever candid and never for a lack of a sound bite, Polk County Sheriff Grady Judd has chimed in on this. Grady is a personal friend of mine, that I've gotten to know through my career as a photojournalist in the Central Florida area.

He's something else. LOL

http://www.orlandosentinel.com/features/gone-viral/os-grady-...

Matt MauneyContact ReporterOrlando Sentinel
March 10, 2016

Polk County Sheriff Grady Judd is ready to go to war with Apple and its CEO Tim Cook.

The always candid sheriff issued warnings to the tech giant if they don't cooperate with the murder investigation of 31-year-old Robert Banks. The Lakeland man was allegedly beaten to death before his body was dumped and burned in the woods in Sumter County back in January.

Three brothers -- Brian Johnson, Jr., 25, Anthony Johnson, 19, and Nathan Johnson, 17, -- and their friend, Michael Gunn, 25, are now facing first-degree murder charges in the Polk County Jail. The men allegedly took pictures of Banks' lifeless body, but those photos are believed to be stored away and locked on one of the suspect's phones.

"Let me tell you, the first time we do have trouble getting into a cell phone, we're going to seek a court order from Apple and when they deny us I'm going to go lock the CEO of Apple up," Judd said in a press conference Wednesday.

Just suppose you want to keep your information securely on an electronic device. By defining "secure" as no one else can access the information unless you provide that access. Your protection scheme involves putting your data into an electronic lock box with a specific key and then that lock box is put inside another requiring a different key. If the first box receives a specific number of attempts to unlock it without using the proper key, the key to the second box is erased.

Now someone comes and knows they have only a certain number of tries to get the first key but they demand you create a way to keep the second key from being erased without knowing anything about what you have in that internal box, can you be forced to create a program that would keep the locked key from being erased? That is what it appears the FBI is attempting. They want Apple to create a program that will keep the second key from being erased but the program to do this doesn't exist. This is a case where you have to say that data is unreachable. If you force the creation of the software, would you, as the government using a similar system fight the creation of a program that would undo your encryption? This isn't a case of what's good for the goose is good for the gander, it's a case of what's good for the gander isn't good for the goose - and we, the people are the goose.

Thanks for the read.

Apple is correct.

This would be a serious mistrust of of the security capabilities of the software.

I used to use routers with HW VPN and specified keys until I discovered the keys could be observed by a man in the middle scenario.

So I whipped up modified FTP toy. The client software would double encrypt / decrypt the file(s) before sending them. The server software would double encrypt the files prior the transmit and do the double decryption prior the store.

Now, as FDE (full disk encryption) devices are becoming available, I can see a scenario where the g'ment might want a back door to decrypt the he'd in an alternate hardware configuration.

That might prove to be a very interesting exercise to try decrypt one of these drives.

It's more than likely the g'ment will encounter insurmountable decryption tasks in the future.

The reality is, the g,meant had every opportunity to legislate (like Countries in europe) the capabilities of encryption. But now that encryption is being implemented in a hodge podge of capabilities.

Personally, I'd like to see one standard that says it would be illegal to create any form of back door to decrypt any device where the necessary keys are lost or otherwise unavailable.

This is likely to become a much hotter topic sooner than later..

See this

http://www.tomshardware.com/news/wire-app-complete-end-to-en...

Actually, there is a free speech component to this: Apple's. Although only an ancilliary part of Apple's motion to vacate, Apple has stated in their motion that even if the All Writs act is applicable what the FBI wants Apple to do would violate Apple's right to freedom of expression. This is because source code is legally defined as speech, and the court order would force Apple to write code they do not agree with. Thus Apple has no freedom of expression here, and the FBI is therefore violating the 1st Amendment with the court order.

Apple is not deliberately blocking law enforcement. Apple's position is that LE has no place to do what it is attempting to do, that what the FBI is trying to do is unlawful, perhaps even unConstitutional. That what the FBI is trying to do is itself far more harmful and damaging than the San Bernardino event. This is not just about Apple, but the ability to breach cyber security at will and by compelling third parties against their will to abide by LE demands. This goes far beyond the Apple environment, but to all privacy (particularly cyber, digital, etc.) and the security thereof.

If you personally secure your private information better than law enforcement has the ability to get access to it, are you wrong for protecting your privacy better than LE can get to it? It is not wrong, nor does it appear to be illegal, to protect your privacy. With each one of these Court Orders to weaken and compromise cyber security, we are getting closer to no cyber security. That is the real chilling issue here. And having no cyber security is far more dangerous and harmful than what happened in San Bernadino. And in the world of cyber security, hobbled security is no security.

Usually, LE gets a search warrant to go confiscate evidence. Well, LE has the evidence, but they can't get to it, so they think they can order an unwilling third party to do their job for them. And then to invoke the All Writs Act to do so just PROVES how weak the gov case is. The All Writs Act is a catch-all law from 1789 to do whatever needs to be done because no other law covers it. Effectively, it's a "because I say so" move.

The amount of effort required on the part of Apple is irrelevant to the issue.

This is speculation at best. You don't not know what Apple's "motivation" is. Only they do.

Again, that's not what is at issue in this case. If Apple had access to what the FBI wants, Apple would comply with the order.

The fact that the phone was used by a murderer is irrelevant to the issue that Apple is objecting to, as well.

Well, here is how ineffective it was, but subjected people to unnecessary and unwarranted invasion of privacy.

https://www.aclu.org/infographic/surveillance-under-patriot-...

Whether Apple should or shouldn't..., these are the wrong questions. It is more interesting whether breaking that encryption is even doable. And by doable I mean with reasonable resources, like something LESS than all the current computers in the world working together for 200 years to break the key at the end. Or, the US government might as well serve you with a court order to move the moon by 10 inches. Or court-order you to come up with cure for cancer.

Encryption is nothing new, and neither is the mathematical foundation for it. It goes back many years, it is all open source, and scientists all over the world are freely reviewing each others code. Decent encryption is unbreakable with reasonable means (social engineering excluded). So it sounds funny to me that a government has aspirations to gain control over encryption, and legislate back doors and stuff.

With all that in mind, it would be really shocking to me if it turns out that Apple decides to comply with the court order, and actually succeeds breaking the key. That would mean that Apple's software is total crap, intentionally or not, and they should rightfully go out of business.

This is not a slippery slope move but a visit to your Proctologist.

US Government? Your proctologist called. They found your head.

EDIT: Double post. Damn, now the NSA is going to have a record of this gaffe, as I posted this from my smartphone.

The capability for Apple to open the backdoor exists. So it is not a question if it is 'doable' or not, it is. Open source encryption is your only reasonable guarantee that no back door exists. Apple has elected to have a back door and does not disclose their source code. Apple made a major mistake by having an easy method to decrypt there products. They messed up and I do think the gov't will eventually succeed in requiring them to open the phone. Then, the gov't will have a foothold and prohibit Apple from not having a backdoor to unlock a phone. After that, Google will be required to have have a backdoor built into there OS's. The gov't has wanted to have a way to open encrypted smart phones for a long time (this is not new), they just needed an excuse to start the waterfall and now they have it.

Apple does not want to be the FBI's 'back-door' man.

Roscoe P. Coltrane snickers at the Florida sheriff.

So, that would be the same Apple and Google who provide the phones that are in use by, say, the European Prime Ministers?

would that be the same European prime Ministers that complained about the U.S. government spying on them . or the info that whistle blower Edward Snowden a former National Security Agency subcontractor who made headlines in 2013 when he leaked top secret information about the NSA spying on just about every body and any body with out cause or control, there are no watch dogs to control these security groups !

Seems that Europe Security Officials also wanting to access files due to cell phone messaging prior to Paris attacks.

This needs to get resolved!

Apple needs to stay strong.

I'd love to see Apple pack and move their HQ to Ireland or something. that would be hilarious. If they pull off some bold move like that, they'll get me as their loyal customer for life!

Germany actually. The German constitution is one of the best at protecting an individual's right to privacy. The German government would seriously frown upon what the FBI is trying to pull here.

On a side note, interesting point of view by the former head of the NSA or CIA (I forget which, but it was linked upthread) regarding what the FBI is after here. It's not about a backdoor, but dictating what firmware can be installed on a device. In other words, firmware with no encryption or laughably weak encryption.

Much as they want to, that particular government doesn't have jurisdiction over the whole world. Google's OS is open source, and anybody can build himself the OS from source. What's that gov going to do? Start checking people at the border and not let them enter the US if they own a non-US cell phone? That's insane. But then again, I've called insane many other things that have already happened.

Given all the NSA/Snowden-Revealed spying on all US citizens within the USA in violation of our bill of rights, I am inclined to side with not cooperating.

Into the nitty gritty, with a court order the government can get a court order to search someone's home and papers - the modern equivalent is the computer and the cloud.

Apple has none of the terrorist's information in its computers.

If Apple gives the government its trade secrets - its source code and its private encryption keys, then Apple will certainly go out of business.

The government protected my security clearance forms so well, that now China has all my information, and OPM offers me free credit protection.

Between privacy and security. NO good answer. Been an exclusive Apple/Mac user since 1991 and had confidence in Apple when many others did not. I could see the back door as an issue somewhat like a black hole, so I guess I am in favor of Apple taking a stand now.

Can you point to where apple claimed they have a back door.

Flies in the face of all I've red this far

and Android mixed up with each other. One derived from an open source kernel (Linux), and the other not.

Apple has never claimed to be "open source", at least to my knowledge and I've used Apple products off and on since the mid 80's. IIc and IIe computers and a couple of Macs. At present I'm on Win 10.

Honestly, I think Apple is looking for ways to polish up their names. This is a special case, and holding up the so-called privacy to protect murderers is insane.

You should stop locking you house.

Do you really believe the government will only use "GovOS" this one time and cheerfully destroy it afterward? If you do, then you are naive, and you also haven't thought about the ramifications of Apple's capitulation to the government.

1. Sets a precedent. If the government succeeds here, there are more devices in government hands they will want opened, and Apple will be forced to comply because of it.

2. China wants it. If the government succeeds here, countries with a poor record of respecting human rights will want this software.

3. If distributed, it will leak. If the government gives out the altered firmware to other countries, at some point the firmware will be stolen and distributed amongst various bad actors, to do with as they please.

4. No one is safe, not even you. If successful, the government will claim it's to catch the bad guys. At some point though, they will start using the software to keep track of you, even though you have done nothing. This is because the government's aim is to nerf encryption on phones by dictating what the features the firmware can have. From there it will expand to monitoring you, either by turning on the cellular radio without your knowledge or turning on the GPS, or using the camera.

Sounds scary, doesn't it? Are you THAT sure you want to give up your privacy, because it won't be just your privacy that is affected, but the privacy of every iPhone user. From there, Android is next, and that impacts me and my expectation of privacy.

Strephon_Alkhalikoi, I could not have said it better. Thanks.

All software has back doors. Its just part of development and ease into different parts of the OS or software programs or apps.

If Apple user have noticed, the OS is under attack by hackers poking and probing. The FBI doesn't really need Apple to create anything. A paid bounty to hackers will eventually find the well hidden door. And yes Apple will patch things as exploits are found but hackers will win the battle.
And Apple will not have to give up squat to the FBI. In appearance anyway.

Microsoft has been plagued with this for years due to the numbers win vs apple.

I don't believe Apple should Roll over and give in, they should make it as hard as possible for the Government to get into the IPhone and make as much time pass as possible waiting for the hack. Because our Goverment will only be the beginning, and others will want and demand the same from Apple.

You can bet that particular Iphone is in a Faraday cage somewhere protecting the Ios in the state it was in with no chance of ever getting a update or patched since the day of the shootings even if powered up with auto updates turned on.

Stay strong Apple!

Faraday cage room, it will never any updates.

You're making this up. I have been in the SW development business and while there is some extra code included during the development, these are normally removed before release (at least by a reputable software company.)

So it is highly probable that the phone there does no longer have any of these extra poking routines.

Anyway, we all agree: Apple shouldn't cave in.

I spent many years managing software development. One of the things that I and our Internal Audit Department were always concerned about was that one of the programmers/analysts would embed a backdoor or trojan in the code. So, we were careful in making sure this did not happen.

Let's think about this from a company's perspective. If the IT staff knew that "back doors" were designed into the code, there is immediately created an incentive for employees to think about how to monetize their knowledge, not to mention the risk of a disgruntled employee from exposing such code.

So - NO - all software does not have back doors.

I don't like the idea of the government forcing smartphone companies to create a back door in their firmware.

This will allow even average hacker easy access to anyone's phone.

There is also a monetary reason.... Apple is opening up a new market in Iran, and their chief export is terrorism.... If Apple started getting a reputation for 'anti Islamic' things like helping in the fight against terrorism, their sales may suffer in Iran.
http://www.businessinsider.com/apple-in-talks-to-start-selli...

iPhones are hilariously easy to get into anyway.... here is one video with instructions:
https://youtu.be/mHq3gM7WvEY

....perhaps the FBI could use a search engine!

"Magic Lantern?"

How about

"Carnivor?"

If the government wanted to get in that phone, they could, trust me. This is all P-O-L-O-T-I-C-S!

That doesn't work. Yes, I own an iPhone 6, and that doesn't work. Maybe with a previous, version, but not now.

NPR Morning Edition interview of Richard Clarke who served under Reagan, HW Bush, Clinton and W. Bush. Clarke claims that the NSA already knows how to crack this phone. What they are really after is a court precedent that the government can force a company to let them in.

http://www.npr.org/2016/03/14/470347719/encryption-and-priva...

With or Without the Patriot Act, Here’s How the NSA Can Still Spy on Americans

http://www.pbs.org/wgbh/frontline/article/with-or-without-th...

Just the “Facts”: What We Know About the NSA Spying on Americans

http://www.pbs.org/wgbh/frontline/article/just-the-facts-wha...

SPYING ON THE HOME FRONT

http://www.pbs.org/wgbh/pages/frontline/homefront/

The most dangerous and scary thing about this is the precedent that will be set, and how much further will the FBI try to go with subsequent Court Orders.

I've followed this, too bad the government want Apple to do so much more (like create a back door enabling the govt' to unlock any iphone) than what it being captured on the news. So the uninformed stay uninformed.

The more they push, the more people will fight back.

The spies are aiming for a totalitarian government, and counting on people to help them, all in the name of 'Terrorism'. Oooo.

Maybe if more people were legally armed, the bad guys wouldn't be able to do this stuff!

that only good guys buy guns legally (at least in the US).

I agree with Apple on standing their ground for not releasing a back door.

Once you start giving a 'one off' it never ends on the requests.

but creating a backdoor this fight is over.