Should Apple help government hack into the phone of dead terrorist?

[anchordraw]

How does Apple comply with this request without revealing how it was done? Would the FBI simply hand over the phone and not observe Apple's people doing the work? After Apple returns the phone, would the FBI be able to see what was done and repeat it? If the workaround involves fiddling with the hardware, could an iOS update actually prevent it from being done again? Does encryption really serve any purpose if we actively work on circumventing it?

These are not rhetorical questions (except maybe the last one). I really don't know much about infosec.

I believe the court order was for the unencrypted data and/or PIN, not to produce a viable backdoor, so I doubt there would be any FBI involvement beyond signing for the output once handed off. And Apple could, in theory, cover their tracks with regards to specific breach techniques, but probably the FBI could figure out how things went down by visually inspecting the circuitry and seeing which chips had their pins exposed by having the protective enamel burnt off with acid (SOP, generally).

That said, I think the only reason this dust up is taking place is because the NSA already has the tools to get the data and those tools are classified, so it makes sense to at least try to get Apple to do it.

As for IOS updates 'fixing' the backdoor, I seriously doubt it. A lot of those chips are deliberately installed 'read-only' with hardware mitigations to enforce it, but those hardware mitigations go out the window completely when you expose the actual inner guts of the chip and know what youre doing. Plus a lot of them checksum their image and verify integrity against another read-only source so youre now compromising two chips, or dedicating a lot of work to modifying the image in a way that doesnt impact the checksum, which we've already seen in the wild with MD5 in the form of discreet bit modifications (and hash collisions (hence file integrity checks, SSL certs, binary keys etc no longer using MD5 or worse)). And maybe they use that checksum as a salt for the encryption of the data, at which point you now need to intercept that signal in real time and MITM it both ways during the decrypt'ish() calls.

And honestly I dont think Apple even has the tools to do that.



The NSA should, however.

Again, just spitballing, this isnt my strength.

Apple should reply to the government in plain English "even if its a white lie", that they do not have ability to crack the encryption without destroying the data on the phone. with a paragraph something like above thrown in for good measure, (I have no idea what that means, but it sounds impressive enough to get average Joe consumer from getting pissed at them) to back up their claim. What's the government going to do. Say lier lier pants on fire.


Everybody knows Hillary lied about the e-mail server, yet the FBI hasn't even come out with a ruling or thrown her ass in jail despite over 100 agents working on that case. If people in a Hillary administration are allowed to do what ever the fuck they want, security be damned, she is a far great threat than two dead terrorists. Why don't they commit their limited resources to go after some living terrorists.

Governments been fighting with companies like Microsoft, Apple, and google for years trying to gain access to secure data. This is just another round in a long fight.

[Dan Druff]

I'm not understanding something here.

There are SO many ways for the government AND private companies to spy on us.

If you saw the COMPLETELY LEGAL data collection being done by private companies (NOT working on behalf of the government), you would flip. These companies know everything about you -- where you live, how you vote, what you buy, where you travel, what websites you visit, who you live with, etc.

The FBI is requesting that Apple break into a PHYSICAL device for one particular phone. Even if the worst case scenario occurred and the technology to do so got "into the wrong hands", so what? Presumably this requires the physical phone in order to accomplish, meaning that you couldn't be victimized by this unless your phone was physically stolen (or found) by someone with this technology.

Prior to the past few days, I assumed that the FBI and Apple could easily break past that passcode if they wanted to. It didn't bother me one bit. I know they won't be going after my phone, and even if the bad guys subsequently learn how to do it, they will need my physical phone to accomplish it.

And guess what? I'm not that interesting to go through all that trouble.

Here is a fact about identity theft, data collection, and invasion of privacy: It only happens either en masse or against high value targets.

This means that nobody is going to break into the phones of schlubs like us, even with the technology. It's not worth it. They don't gain enough from it, and having to do it physical-device-by-physical-device is never worth the time, unless it's a matter of espionage (government or corporate). You're not going to have a ring sitting there with 30,000 physical iPhones, painstakingly unlocking the passcodes from each one in order to extract your drunken text messages to your ex-girlfriend. Would never happen.

Honestly, I can't think of a reason NOT to allow the government access past phone passwords if they are holding the physical device. They can search everything else in your possession with a warrant, so why not the phone?

What if a prolific child molester has a phone said to contain smoking-gun proof against him, but the rest of the case is weak? You're telling me that this should be tough luck on authorities -- that they can't access the phone "because civil liberties"?

Give me a break.

This is just selective privacy panic. It feels good to walk around with an iPhone thinking, "Ha ha! Nobody, not even the government, not even freakin' APPLE can see the shit I'm doing on here!"

But in reality, your privacy was gone long ago, and your right to be unsearchable has not existed throughout your entire lifetime.

This passcode thing is no threat to the average Joe, especially since it can't be breached remotely.

[GrenadaRoger]

Should Apple help? Yes, especially since the US lets the keep a horde of cash in banks outside the US so they can escape paying tax on the intereset

[El Gallo]

http://www.apple.com/customer-letter/

[jsearles22]

Agreed with the point that everyone already assumed NSA could access your phones anyways. So who cares, give them the fucking info Apple. Fucking hipsters with holding info that could protect our safety potentially? GTFO

[GrenadaRoger]

well what we need is someone like FDR to bring some special pressure on Apple

lets start with suspending/delaying payments on any contracts Apple has with the Fed Govt...lets follow that up with requiring close inspection by customs of any imports of Apple products entering US ports...then perhaps selecting Apple executives for IRS audits...and the SEC delaying/deferring review of any prospectus for debt/stock offerings...delaying/suspending review of patent/trademark applications...i am sure there are other services Apple gets that can be squeezed

[sonatine]

Agreed with the point that everyone already assumed NSA could access your phones anyways. So who cares, give them the fucking info Apple. Fucking hipsters with holding info that could protect our safety potentially? GTFO

Ironic that you would choose this account to complain about privacy rights with, Lannister.

[thesidedish]

SO DUMB.

Why doesn't apple just STFU and unlock the phone. As in the government asks, they do it, USA maybe possibly safer and bad guys get theirs, and nobody ever heard about this fuckin story where now its a pain in the ass whichever outcome comes to fruition.


ONLY 1 ANSWER FOLKS

[sonatine]

SO DUMB.

Why doesn't apple just STFU and unlock the phone. As in the government asks, they do it, USA maybe possibly safer and bad guys get theirs, and nobody ever heard about this fuckin story where now its a pain in the ass whichever outcome comes to fruition.


Trump woulda got it right.

Yes he would have. Shame I had to destroy his campaign chances because you know goddamned well why.

[Sanlmar]

SO DUMB.

Why doesn't apple just STFU and unlock the phone. As in the government asks, they do it, USA maybe possibly safer and bad guys get theirs, and nobody ever heard about this fuckin story where now its a pain in the ass whichever outcome comes to fruition.


Trump woulda got it right.

Donald Trump: "Torture works"

couldn't you see Druff clutching his chest when Trump was asked to comment about the Apple thing?

"Waterboarding is your minor form," Trump said. "Some people say it's not actually torture. Let's assume it is. But they asked me the question. What do you think of waterboarding? Absolutely fine. But we should go much stronger than waterboarding. That's the way I feel."

[big dick]

Fuck no. Funny all the right wing freedon fighters think apple should. I hate terrorist/radical muslims as much as the next guy but no fucking way should apple give in here.Dickhead Bush and his crew already passed the "patriot act" and we all know how that is working out.Redlight cameras, tollway passes, gps on the phones... let's be sure to let the govt know every little thing we do.

[sonatine]

Fuck no. Funny all the right wing freedon fighters think apple should. I hate terrorist/radical muslims as much as the next guy but no fucking way should apple give in here.Dickhead Bush and his crew already passed the "patriot act" and we all know how that is working out.Redlight cameras, tollway passes, gps on the phones... let's be sure to let the govt know every little thing we do.

This is the naked face of a national security issue, and national security trumps privacy and has since the literal dawn of nations.

Further more the phone belongs to the employer and the employer has green lit breaking in.

I mean honestly this isnt Sheriff Roscoe P Coltrane asking for access, its the FBI.

And Im sorry but the more I read, the more this seems to be about Apple's stock price / brand / reputation than any sense of social responsibility.

[thesidedish]

Fuck no. Funny all the right wing freedon fighters think apple should. I hate terrorist/radical muslims as much as the next guy but no fucking way should apple give in here.Dickhead Bush and his crew already passed the "patriot act" and we all know how that is working out.Redlight cameras, tollway passes, gps on the phones... let's be sure to let the govt know every little thing we do.

This is the naked face of a national security issue, and national security trumps privacy and has since the literal dawn of nations.

Further more the phone belongs to the employer and the employer has green lit breaking in.

I mean honestly this isnt Sheriff Roscoe P Coltrane asking for access, its the FBI.

And Im sorry but the more I read, the more this seems to be about Apple's stock price / brand / reputation than any sense of social responsibility.

fraid so. Too many scumbags in too many important positions, they all need to go

[anchordraw]

about 20 years ago, somebody that worked at NSA told me if you made a call, threatening the president, NSA knew. They might look into it if they thought you were possibly serious, and you wouldn't even know it. If they took you serious, you were more likely to know it. NSA had the ability to know more shit than you knew long before everyone had cell phones.

[4Dragons]

SO DUMB.

Why doesn't apple just STFU and unlock the phone. As in the government asks, they do it, USA maybe possibly safer and bad guys get theirs, and nobody ever heard about this fuckin story where now its a pain in the ass whichever outcome comes to fruition.


ONLY 1 ANSWER FOLKS

FIXED

[SysOp]

No apple should not help the FBI. fuck the FBI, CIA, NSA, oh and the police. (lol drk star)

[Shizzmoney]

Apple Unlocked iPhones for the Feds 70 Times Before thebea.st/1Q2euKN

[devidee]

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

- Bruce Jenner

[sonatine]

http://blog.trailofbits.com/2016/02/...i-court-order/

Dude appears to peel away a lot of the mystique surrounding the iOS security measures Apple would have to overcome and how they could do it. Skimmed and it looks legit.

[MumblesBadly]

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”

- Caitlyn Jenner

FYP