etienneleclerc Posted February 20, 2016 Share Posted February 20, 2016 To summarize the following letter from Apple to its customers: The FBI has ordered Apple to design a "backdoor" for iPhones that would allow the government to access iPhones without a password. Apple rejected the order, and explained their reasoning in a public letter: http://www.apple.com/customer-letter/ Donald Trump denounced Apple's rejection, calling for a boycott of Apple's products until they submit to the FBI: https://youtu.be/oe9ydy_zwe8 Although his rationale was vague, and I am not personally convinced he understands what the FBI is asking for based on the video ("they should hand over the access code to that phone"), he explicitly took the stance that the FBI ought to have access to any iPhone at their discretion. What do you think? Is this something that Trump just does not understand (the media certainly is not portraying it as such: http://www.usatoday.com/story/news/politics/onpolitics/2016/02/19/donald-trump-apple-boycott/80626758/) ? Has he thought through this stance? Does he understand its implications? Is it enough to sway your vote? Should the FBI be given that power in the first place? 4 Link to comment Share on other sites More sharing options...
shirgall Posted February 20, 2016 Share Posted February 20, 2016 I don't think Trump realizes is that the court asked Apple to provide them with a special OS that does not brick the phone after 10 login attempts and offered to cover any reasonable expense for producing that one-of OS build to load on the phone. They did this because the hardware requires the OS to signed by Apple's key. They are not asking for a back door. They are not asking them to decrypt the phone. They are just trying to preserve the data on the phone so they can brute force the pin. Trump sees this as a way to be tough on terrorists. I don't think he knows the details. Link to comment Share on other sites More sharing options...
etienneleclerc Posted February 20, 2016 Author Share Posted February 20, 2016 @shirgall "They are not asking for a backdoor" I'd say that the software in question could be considered a backdoor because it allows the holder access to all of the data on any phone which they can get their hands on. Regardless of if this comes by means of decryption or brute force, is that not the definition of a backdoor? Link to comment Share on other sites More sharing options...
Crallask Posted February 20, 2016 Share Posted February 20, 2016 It's consistent with the other stances he has taken on matters of security though. I wouldn't be surprised if Trump didn't know the details at all, and I'm certainly none too keen on law enforcement brute forcing their way into other people's stuff. Link to comment Share on other sites More sharing options...
shirgall Posted February 20, 2016 Share Posted February 20, 2016 @shirgall "They are not asking for a backdoor" I'd say that the software in question could be considered a backdoor because it allows the holder access to all of the data on any phone which they can get their hands on. Regardless of if this comes by means of decryption or brute force, is that not the definition of a backdoor? No, they asked for a targeted version of the OS for the particular phone in question, not a general one... and making it possible to brute force without bricking is not the definition of a back door. A back door is a special password to get past passwords. It's consistent with the other stances he has taken on matters of security though. I wouldn't be surprised if Trump didn't know the details at all, and I'm certainly none too keen on law enforcement brute forcing their way into other people's stuff. Brute forcing is the way everyone breaks encryption unless they have a better method. It just means trying all the possible keys until one works. Encryption fragility is generally judged by how long this takes to do. The issue at hand is that iOS delays the time between attempts and also shuts down the phone after too many incorrect passwords. This is all the court wants Apple to change. It is not asking Apple to decrypt the data. The only reason they are asking Apple is because the hardware wants signed software, and the FBI doesn't want to waste time brute forcing the signing key as well. They were pretty descriptive in the order about what they wanted. Link to comment Share on other sites More sharing options...
Donnadogsoth Posted February 20, 2016 Share Posted February 20, 2016 Is the FBI asking this of Apple in order to get into this particular phone, or into future phones? 1 Link to comment Share on other sites More sharing options...
Filosophize Posted February 20, 2016 Share Posted February 20, 2016 I believe what Tim Cook stated about the horrifying privacy implications for us all should Apple cooperate... Also, didn't Trump imply that Edward Snowden should be executed...? Trumps big govt anti electronic privacy stance has been my biggest red flag. Link to comment Share on other sites More sharing options...
rosencrantz Posted February 20, 2016 Share Posted February 20, 2016 The story is a bit different. Of course, Apple wanted to comply with the government but in secret. When the FBI went public with the demand, Tim Cook saw a chance to improve Apple's public image by denying the public request. Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity. The result was the letter that Mr. Cook signed on Tuesday, where he argued that it set a “dangerous precedent” for a company to be forced to build tools for the government that weaken security. http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html?_r=0 Link to comment Share on other sites More sharing options...
shirgall Posted February 20, 2016 Share Posted February 20, 2016 Is the FBI asking this of Apple in order to get into this particular phone, or into future phones? This phone, which belongs to the San Bernardino Health Department. Another interesting tidbit is that the health department did a remote password reset on the phone, which broke the automatic backup to iCloud, which the FBI could have easily ordered read in comparison. Link to comment Share on other sites More sharing options...
Donnadogsoth Posted February 20, 2016 Share Posted February 20, 2016 Another interesting tidbit is that the health department did a remote password reset on the phone, which broke the automatic backup to iCloud, which the FBI could have easily ordered read in comparison. Why would they do that? Link to comment Share on other sites More sharing options...
wdiaz03 Posted February 20, 2016 Share Posted February 20, 2016 The story is a bit different. Of course, Apple wanted to comply with the government but in secret. When the FBI went public with the demand, Tim Cook saw a chance to improve Apple's public image by denying the public request. http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html?_r=0 This makes sense, Maybe the strategy would be, scream "PRIVACY VIOLATION" until the government sweetens the deal with special favors, then I can see Apple claiming that "After careful consideration, due to its concern for all people, they will comply...but that special care will be taken to ensure that the software would only install on the phone in question and in no other phone....blabla" or better yet, deliver the goods with no public announcement. everyone gets what they want. Link to comment Share on other sites More sharing options...
shirgall Posted February 21, 2016 Share Posted February 21, 2016 Why would they do that? Presumably to break into the phone... and the probably didn't realize it would cause the cloud drive backup to fail. Link to comment Share on other sites More sharing options...
Poet Posted February 21, 2016 Share Posted February 21, 2016 The story is a bit different. Of course, Apple wanted to comply with the government but in secret. When the FBI went public with the demand, Tim Cook saw a chance to improve Apple's public image by denying the public request. http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html?_r=0 I don't know how you did it, but the conclusion you managed to draw from that article is exactly the opposite of what the article actually says. The FBI issued a court order precisely because Apple would not comply in secret. As a producer of mainstream products, there is zero publicity benefit to Apple in taking this stand, as the vast majority of people do not understand the issue. This ignorance factor has been aggravated by the fact that the FBI deliberately chose an incident surrounded by intense public anger, the San Bernadino shooting, as their opportunity to get a precedent-establishing case passed that would force all encrytion-using devices sold in the United States to have a backdoor, thus rendering the encryption pretty much useless. This is probably the most important legal case of this decade, it has huge implications for where humans all over the world will stand in relation to their governments for centuries to come. Again, there is ZERO publicity gain in this for Apple. Yes, it is in their long-term self-interest to increase the utility of their devices to their customers, and having encryption without a back-door is going to be widely understood to be a crucial feature in the future but, today, Apple are standing on principle and we should be standing right beside them, not lazily mis-interpreting articles to suit our existing trendy anti-Apple prejudices. 1 Link to comment Share on other sites More sharing options...
Poet Posted February 21, 2016 Share Posted February 21, 2016 This makes sense, Maybe the strategy would be, scream "PRIVACY VIOLATION" until the government sweetens the deal with special favors, then I can see Apple claiming that "After careful consideration, due to its concern for all people, they will comply...but that special care will be taken to ensure that the software would only install on the phone in question and in no other phone....blabla" or better yet, deliver the goods with no public announcement. everyone gets what they want. The whole problem here is that Apple are not seeking any "special favors" from governments, just as they have never compromised their designs to curry favor with corporate buyers. From day one, Apple have focused relentlessly on improving the end-user experience, trusting that profits would follow. Their compact is with you, the person who buys their product, and they do not undermine that with secret deals. They insist that government agencies present specific warrants before they will surrender any user's information. To the extent that they are legally able, Apple are defending your rights and attempting to establish a red line that will prevent governments all over the world from demanding a backdoor of their own. This phone, which belongs to the San Bernardino Health Department. Another interesting tidbit is that the health department did a remote password reset on the phone, which broke the automatic backup to iCloud, which the FBI could have easily ordered read in comparison. This underlines the extent to which this case has nothing to do with any information that might be on the phone. The FBI already has, from the telecom provider, all the meta information about who the shooter sent messages to and when. They have access to the messages themselves on the phones of those contacts. They already know that any sensitive information would have been on the throwaway phones that the shooters set fire to before the attack, not a work-supplied phone. The FBI were waiting for an incident that would be emotionally charged enough for them to create a precedent - as we saw in the aftermath of 9/11, the government's credo is "Never waste a good crisis". San Bernardino was the perfect opportunity to take on Apple before their "secure enclave" technology becomes a standard feature in all their phones. The phone in question, the iPhone 5c, was the last model sold in America to not include a CPU with a secure enclave, so, it allows them to demand a software, rather than hardware, backdoor at this stage, but after establishing the legal precedent it will be relatively easy for them to escalate that to a hardware backdoor in all secure enclave models. The only flaw in this perfect opportunity was that they already had access to all of the phone's backups and, therefore, there was nothing to ask Apple for, no reason to take a case, no chance to create a legal precedent that would render real encryption (without backdoors) illegal. So, they simply reset the password. 1 Link to comment Share on other sites More sharing options...
Recommended Posts