back to article All-American Apple challenges US gov call for iOS 'backdoor'

Apple CEO Tim Cook has explained why his company will refuse to write custom iOS firmware to help the FBI decrypt an iPhone belonging to a mass murderer. A magistrate judge in California had ordered Apple to assist the FBI in decrypting an iDevice owned by one of the San Bernardino shooters. In response to this, Cook wrote an …

Page:

  1. SolidSquid

    Even putting aside the (very important) issue of encryption and the bypassing of it, this does raise the question of how much a court can compel someone to do. Can the court require a company to develop new software without any compensation for it? If so what other companies could be compelled to work for free under this precedent?

    1. Phil Kingston

      I read the court order earlier, and iirc it makes mention of paying some costs.

    2. The Man Who Fell To Earth Silver badge
      Boffin

      I guess we'll find out how good Apple designers are or are not

      One would assume Apple did their encryption correctly, in which case the entire "system disk" is encrypted including the OS. Which means it's the unencrypted boot loader that does the "erase after x failed tries", and Apple is being asked to modify that so the Feds can brute force attack with impunity.

      So the questions is, did Apple design their phone with security in mind so the boot loader is in a read only PROM? Or were they stupid and put it in rewritable storage so that it is possible to replace it with a boot loader that won't "erase after x failed tries"?

      1. CaitlinBestler

        Re: I guess we'll find out how good Apple designers are or are not

        The real question is whether Apple has careless left a hole in their security.

        You should not be able to update the firmware without entering the password or doing a full

        factory reset first. If Apple's firmware allows itself to be bypassed then the "guess limit" never

        really did any good anyway. Apple should have been allowing longer PINs to make brute force

        attacks infeasible even without this firmware assist.

        But forcing Apple to disclose this detail about potential flaws in its designs on the theory

        that this *might* unlock information that is useful to the FBI strikes me as a real stretch.

        If Apple confirms that such an attack is possible then hackers will inevitably figure out how it is done.

        Meanwhile, I doubt that an iphone has unbreakable *physical* security. The FBI, on its own dime,

        should be able to *clone* the memory and then just start a series of 10-try run until they've tried

        all 10,000 PINs. They do not need Apple's help to do that.

    3. Anonymous Coward
      Anonymous Coward

      There is a secondary problem here..

      The other problem with this court order is that it attempts to establish precedent with respect to encryption.

      The defence "we cannot access customer data because they encrypted it using our own software" has never actually been tested in court. What is attempted here is to establish a precedent to compel backdoor installation by any organisation who supplies crypto for customer data protection, Kerckhoffs' principle be damned (no, I don't agree with Wikipedia's idiotic spelling of the possessive "Kerckhoffs' ", but let's leave that aside).

      If Apple is held in contempt because it refuses to engineer some way to break its own encryption, that pretty much puts the nail into ANY, and I mean ANY US based business holding encrypted EU data because the precedent will say "you created it, so you break it or we will hold you in contempt".

      This is different to the MS vs DoJ case in that there is only one good outcome: Apple must win this. If it loses it, the precedent will act as an "OFF" switch for every US provider handling EU data like AWS. EU companies would no longer be able to defend holding data in the US through encryption and would have to move everything out.

      Apple is playing this absolutely right, and thankfully has enough financial clout to follow this through.

      1. agatum

        Re: There is a secondary problem here..

        Apple is playing this absolutely right, and thankfully has enough financial clout to follow this through.

        Apple indeed has enough gold. Annoying thought: all government has to do to force this kind of sick precedent is by challenging some other, considerably poorer company with a product with encryption. Said company can't defend itself, case becomes precedent and voila!

        1. Fungus Bob

          Re: There is a secondary problem here..

          "all government has to do to force this kind of sick precedent is by challenging some other, considerably poorer company with a product with encryption. Said company can't defend itself, case becomes precedent and voila!"

          Or said company goes bankrupt and the government is left with nothing.

      2. Matt Bryant Silver badge
        FAIL

        Re: AC Re: There is a secondary problem here..

        ".....Apple is playing this absolutely right....." Apple is indeed playing, but with the iTards and the paranoid conspiracy theorists. The judge's ruling says explicitly that the any software produced must only be used on the one phone in question, and that the use of the special software has to happen under Apple's control on Apple's premises, all of which exposes Tim Cook's blathering as just hype and froth. What he's really worried about is having to admit there are simple ways to circumvent the iPhone security setup once he has admitted it is technically possible then countries like China will work out how to do it themselves. He really doesn't give a hoot about protecting his customers' data, as shown by the happy way they let iPhone's brick themselves if any user dares to load any app not paying into the iTax scheme. Cook means when he says "We have no sympathy for terrorists" is actually that all he cares about is protecting the iPhone business when sales are slowing worldwide.

        1. Anonymous Coward
          Anonymous Coward

          Re: AC There is a secondary problem here..

          > having to admit there are simple ways to circumvent the iPhone security setup once he has admitted it is technically possible then countries like China will work out how to do it themselves.

          However, the mechanism proposed involves creating *signed* firmware which is signed using the *private key* which is held in Cupertino.

          So the Chinese won't be able to exploit this mechanism unless they can steal the key - which is likely to be very, very, very well guarded indeed.

          1. Anonymous Coward
            Anonymous Coward

            Re: AC There is a secondary problem here..

            However, the mechanism proposed involves creating *signed* firmware which is signed using the *private key* which is held in Cupertino.

            So the Chinese won't be able to exploit this mechanism unless they can steal the key - which is likely to be very, very, very well guarded indeed.

            Where there is a will and enough money, or convincing threats to someone's relatives, there is a way. "Accidents" happen, and let's not forget that this demand is made in a nation that has been proven not to be shy about grabbing information that isn't theirs to have.

            Don't get me wrong, I support law enforcement engaging in legitimate investigations but that should not allow the creation of something that cannot be undone. Because once it's out there, it will leak. Assuming it will not demonstrates a naive view of the world where mistakes never happen, and deliberate actions do not exist.

            Apparently, Donald Trump agrees with the FBI that Apple should break its own technology so it might as well stop selling to anyone (and the rest of Silicon Valley, because there will then be precedent) which demonstrates just what an idiot he is. But that part is not exactly news, is it? :)

            1. Eddy Ito

              Re: AC There is a secondary problem here..

              Let's not forget that this is the same company that has had beta iPhones left at bars. It doesn't matter who works on the project or how well paid they are there is always the possibility that Xi, Putin or someone else will make them an offer they can't refuse. How quickly could you empty an account with Apple Pay if you've got the keys?

              Meh, that just puts Trump squarely on the same talking points as the White House and the presumptive Democratic nominee. I'm sure we'll be hearing from Sen. Feinstein on the topic shortly but we all know what she'll say.

              1. Eddy Ito

                Re: AC There is a secondary problem here..

                Well it seems Sen. Feinstein has finally joined Trump and company. Not that anyone here is surprised.

          2. druck Silver badge
            Mushroom

            Re: AC There is a secondary problem here..

            AC wrote:

            However, the mechanism proposed involves creating *signed* firmware which is signed using the *private key* which is held in Cupertino.

            So the Chinese won't be able to exploit this mechanism unless they can steal the key - which is likely to be very, very, very well guarded indeed.

            Let's give Apple the choice of producing a one of piece of custom firmware with a couple of if statements comment out, which they can use and destroy afterwards, or the court can subpoena the privite code signing key.

        2. Anonymous Coward
          Anonymous Coward

          Re: AC There is a secondary problem here..

          The judge's ruling says explicitly that the any software produced must only be used on the one phone in question, and that the use of the special software has to happen under Apple's control on Apple's premises, all of which exposes Tim Cook's blathering as just hype and froth.

          Are you really that naïve that you think that software will remain in that place, the knowledge of how it was done never leaks and this precedent would not be abused to force any other US company to screw over their own business and their customers? Really?

          This has actually pretty much nothing to do with Apple being Apple, but with the general issue of providing equipment that can protect data where some people would really, really like to keep a backdoor open to the detriment of all, and set the clock back some 2 decades.

  2. DrXym

    The precedent is the thing

    I bet Apple have the means to extract the firmware from the phone in question, or reset the retry limit, or do something to aid in decrypting it. They probably don't want to because if they demonstrate the capacity to circumvent or override security features, they'll be on the receiving end of court orders from all around the world to decrypt their phones. In some cases governments might even order them to give up the circumvention software to do it or face fines, import embargoes etc.

    Aside from that, their customers will lose faith in Apple's promises of encryption which might affect sales.

    So the consequences of helping could be really bad. For their sake, let's hope the security they put into the phone stands up to attack by Apple themselves. In which case they might come out of this with their reputation enhanced. But the way they're resisting makes this unlikely.

    1. Steve Davies 3 Silver badge

      Re: The precedent is the thing

      Quote

      Aside from that, their customers will lose faith in Apple's promises of encryption which WILL affect sales.

      But where will they go for a secure device?

      Android? If Apple caves in then it won't be long before Google will be in the same boat..

      Microsoft? ???

      Blackberry?

      A.N. Other?

      Back to Semaphore then...

      1. Anonymous Coward
        Anonymous Coward

        Re: The precedent is the thing

        If Apple caves in then it won't be long before Google will be in the same boat..

        No, it won't. You have already accepted to have your data scanned when you got yourself a Google account to get most of the Android functionality online. Add to that that Google's main business IS getting your data, and I suspect Android is not quite as well protected, and law enforcement might not even need your phone to get to the data.

      2. allthecoolshortnamesweretaken

        Re: The precedent is the thing

        Semaphore? Potentially funny, but not very practical.

        Anyway, this is very interesting, for various reasons. And I quite like the way Apple is presenting itself here. In fact, I'm almost ready to forgive them at last for axing the Newton.

    2. Phil Kingston

      Re: The precedent is the thing

      They're not being asked to decrypt, which is key. They're being asked for a method to bypass the PIN lock (by allowing the FBI to brute force the PIN without the OS complaining).

      1. Phil Kingston

        Re: The precedent is the thing

        Yes, the end result is the same, but the method is an interesting point.

      2. Anonymous Blowhard

        Re: The precedent is the thing

        "They're being asked for a method to bypass the PIN lock"

        That's what I saw as well; this will either be impossible, because the software behind the PIN lock can't be changed without giving the PIN, or relatively trivial if the PIN lock doesn't protect the PIN lock software. This is a bit like being able to change the lock mechanism in a door without having the key whilst the door is locked.

        1. Dan 55 Silver badge

          Re: The precedent is the thing

          Does it accept reflashing while locked?

          If not, can the keys be extracted from the secure storage while locked and can the device be reflashed while without tripping any safeguards?

          It sounds like a tall order (Error 53).

          If it doesn't work, can they be forced to push out an update which removes safeguards from everybody's device?

          1. Anonymous Coward
            Gimp

            Re: The precedent is the thing

            @Dan 55

            The real question is whether Apple can/can be forced to push out an update which removes the safeguards from everyone's device WITHOUT THE OWNERS KNOWLEDGE.

        2. monty75

          Re: The precedent is the thing

          A Slashdotter has posted what appears to be a thorough description of how the iPhone handles encryption and why this court order is asking for the impossible http://yro.slashdot.org/comments.pl?sid=8756397&cid=51524693

          1. Anonymous Coward
            Anonymous Coward

            Re: The precedent is the thing

            In language that politicians can understand:

            If the FBI gets its way and the tech titans fall like dominoes, it'll destroy the economy and bring down the government, USSR-style.

            Hyperbole? No more so than "cuz terrerists!!!"

    3. Anonymous Coward
      Anonymous Coward

      They might go to China or Russia for a "secure" phone

      I've stated this several times before and I think this is a perfect illustration. Given a choice between a device I knew was bugged by the US government and one that was bugged by the Chinese or Russian government, as a US citizen I'd choose the latter. Because the Chinese or Russian governments are not a threat to my personal liberty, which the US government is since I live within its borders and am subject to its laws and whims.

      All you really need is a company using Android, removing the Googly bits, and based in a country where they don't have to bow to the demands of the US government (or their government to pressure from the US government)

  3. Doctor Syntax Silver badge

    'the FBI* doesn't want to use the toxic phrase "back door"'

    Of course they don't. That makes it important to insist on calling a spade a spade - and a back door a back door.

    *Other agencies and nationalities are available.

  4. Phil Kingston

    What I'm intrigued about is what the FBI think they'll find on there that they can't access by other means.

    1. wolfetone Silver badge

      Photos of the two of them with guns, looking all mean and nasty. It's this sort of thing that works really well in news reports, which will then be used the next time the subject of encryption being evil comes up.

    2. Anonymous Coward
      Anonymous Coward

      It's an investigation. You need to collect all the available data. Actually there could be information there that may discharge someone.

      Maybe Cook should be charged for selling encryption devices to terrorist. Maybe he will change position...

      1. Phil Kingston

        There's surely no need to discharge anyone - presumption of innocence and all that.

        My guess would be the FBI are looking for some evidence of workplace dispute (CNN said this is his work phone).

        Tragic though the event was, I have to say I side with Apple in contesting it.

        And charging someone for selling a way of privately storing/transmitting data seems wrong to me. But I'm no expert on their dearly-held constitutional rights.

      2. Steve Davies 3 Silver badge

        Charge Cook?

        If they charge Tim Cook then they need to also charge the bosses of Smith & Wesson and every other gun maker in the USA. After all, terrorists don't only use AK-47's do they?

        Then there is the company that sold every gun used to commit a crime in the USA. They should be bang up along with him. After all, they sold weapons that killed people didn't they?

        1. Mephistro

          Re: Charge Cook?

          And don't forget telcos and car makers!

        2. Elmo Fudd
          Happy

          Re: Charge Cook?

          I understand that Congress passed legislation specifically protecting the gun manufacturers from liability and litigation. If Apple looses this case, and it sounds like Cook is determined to fight this as far as possible, then they make sure that the next version of IOS, can not be hacked using whatever tools they are forced to create. (Assuming that they are even able to hack this phone)

          1. Anonymous Coward
            Anonymous Coward

            Re: Charge Cook?

            It's been a while since I went grammar Nazi, but this annoys me.

            If Apple looses this case

            I would like to refer you to the first line of this Oatmeal cartoon, but it may be worth your time reading all of it, especially if English is not your first language.

            1. Likkie

              Re: Charge Cook?

              "It's been a while since I went grammar Nazi..."

              To be perfectly pedantic, you're correcting spelling there not grammar.

              1. Anonymous Coward
                Anonymous Coward

                Re: Charge Cook?

                LOL, you've pinpointed the exact reason why I rarely go grammar nazi. It's the realisation that I'm not perfect either, so the likelihood that I screw up in the comment is close to 100%, especially with a bit of help from Murphy's Law. That being said, I do welcome the correction :).

      3. zebthecat

        Well done...

        ...that is the most idiotic comment I have read for a while. It is satirical I hope.

      4. Anonymous Coward
        Go

        @ "It's an investigation" AC

        Thank you for demonstrating why end-to-end encryption is so important. You'd probably never have the sack to come here and write what you did if you had to actually identify yourself to the Reg commentariat. Think of people living in police states who are actually trying to promote human rights and political reform. They face a lot worse consequences for their actions than the flamefest from 10-20 el Reg commenters that you just ducked.

  5. Anonymous Coward
    Anonymous Coward

    Anyone else think the Apple/Microsoft refusal to co-operate with the US government to be a bit over the top? This leads me to believe this is all to make people think that their data is safe.

    Surely in this case they would do all this behind closed doors so nobody knew they had obtained access.

    Also do you really expect me to believe that a shooting that happened on December 2nd involving people who could have co-conspirators and an immediate threat to national security is only now going through court to get access to the device?

    Lets face it, they can unlock and access any device but they don't want everyone to know because when they do get those devices there will be nothing of use on them.

    1. Anonymous Coward
      Anonymous Coward

      Microsoft case is different. MS was asked to give FBI data of a foreign citizen in a foreign state not under US jurisdiction. The same data would have been easily available if the FBI had followed the usual procedure to obtain them, and MS would have complied to an Irish warrant.

      I would agree with Apple if the device was illegally obtained. But it's an evidence from a multiple mureder case on US soil, under a valid search warrant.

      1. Mephistro

        (@ LDS)

        I think that's not the point. As I see it, the court asked Apple to decrypt the phone's contents, and when told that it was impossible, "They" -note capitalization and quotemarks this time- requested Apple to make changes in the software so Apple's customers data could be decrypted at LEAs and TLAs whim. The problem with this approach is that the same mechanism -a backdoor- that allows the FBI to decrypt someone's data will end up allowing other parties to do the same thing. These parties include criminals and foreign governments.

        IMHO the case was just used as an excuse for a push to further erode citizen's privacy. Not the first time this happens! :-(

      2. Anonymous Coward
        Anonymous Coward

        I would agree with Apple if the device was illegally obtained. But it's an evidence from a multiple mureder case on US soil, under a valid search warrant.

        This is not what is being asked. A manufacturer is asked to re-engineer a product to ESTABLISH a backdoor that they have just spent countless man years eradicating. If Apple does this, the cost to Apple itself will be monstrous as will publicly invalidate the security of their devices.

        This could have been done differently, in secret, with Apple staff assisting the FBI in making an image of the device which they could then attempt to break, or let the NSA have a go. Instead, they chose to publicly ask for something which no sane company could agree to, because agreeing to this would not only destroy a large part of Apple's stance and market appeal, it would also set a precedent for EVERY SINGLE US BASED MANUFACTURER OF SOFTWARE AND HARDWARE - read that again, because it's rather important - every single one of them to destroy any semblance of security as soon as a court order arrives, taking the company down with it because after that you were certain to lose a LOT of customers.

        This is not exactly helping the US IT industry after the blow of the death of Safe Harbor. It's like asking Volvo to remove all the safety features from their cars because criminals are using them to ramraid shops.

        By the way, it has just been confirmed as complete lunacy - apparently, Donald Trump agrees with the FBI. A clearer confirmation of the idiocy of this demand is hardly possible.

  6. fnusnu

    So will future versions of iOS have a check box marked 'install US Government mandated backdoor'?

    Either you check it or you have something to hide and are therefore guilty...

    1. UncleZoot

      I guess I'm guilty then. Now that my phone is encrypted, I won't allow anyone to look at what's inside.

      The same reasoning I use for why I still use the touch pad to enter my code instead of the finger print reader.

      When Judges have ruled that forcing you to place your finger on the reader is legal and forcing you to enter a code number isn't. Screw it, it the code for good.

      1. Annihilator

        "When Judges have ruled that forcing you to place your finger on the reader is legal and forcing you to enter a code number isn't."

        Have they? Even if they have, just stall. The power will run out on your iDevice. Whenever it's switched on for the first time, it demands your passcode before it will enable the fingerprint reader (first boot from cold anyway).

        1. Mephistro
          Trollface

          "...just stall..."

          Please explain how you prevent three big uniformed guys armed with tasers from puting your finger whenever they please, including your iPhone*.

          Although being an iPhone, you'd only need to hold them off for two hours average! ^_-

          *Or if you are really unlucky, in a small paper envelope in your breast pocket!!

          1. Anonymous Coward
            Anonymous Coward

            That's why I disable the touch reader when I travel. Not only is it not very secure, but you also do this on a device with a surface that is almost *designed* to store your fingerprints when you just hold it. It's not a very good thing to use if you're interested in security...

          2. Annihilator

            "Please explain how you prevent three big uniformed guys armed with tasers from puting your finger whenever they please, including your iPhone*."

            Because it's not three big uniformed guys. It's 3 months after the arrest/seize under a court order that you'd be "forced" to do so. And you could just decline and end up in prison for contempt of court.

            I'm not a fan of "if you've nothing to hide, you've nothing to fear" but in this case I suggest the paranoia of them forcing your thumb onto the phone is slightly unwarranted. Or if it is the case, you're already in a blacksite unlikely to see the light of day again.

    2. Anonymous Coward
      Anonymous Coward

      They already do. This is just PR stunt to make idiots think iOS is secure.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like