14.1 C
London
Thursday, November 23, 2017
Home Tags Apple iPhone 5S

Tag: Apple iPhone 5S

The government argues the iPhone 5s in question runs an older operating system that has been cracked before. The U.S. Justice Department has asked a New York federal court to overturn a recent ruling that protects Apple from having to unlock an iPhone involved in a drug case. Last week, a Brooklyn judge rejected the government's request to compel Cupertino to crack an iPhone 5s seized in 2014 from accused drug trafficker Jun Feng, who eventually pleaded guilty to conspiracy.

Despite the guilty plea, however, the government claimed access to his phone was still necessary, because it might lead to criminal accomplices. "Ultimately, the question to be answered in this matter, and in others like it across the country, is not whether the government should be able to force Apple to help it unlock a specific device," Magistrate Judge James Orenstein said at the time. "It is instead whether the All Writs Act resolves that issue and many others like it yet to come.
I conclude that it does not." The move was welcomed by the tech titan, which is also fighting a very public battle against the FBI over its request to access an iPhone 5c used by a terrorist in the San Bernardino attack. In the New York case, prosecutors filed a 45-page brief on Monday, arguing that Feng's iPhone 5s runs an older operating system—iOS 7—that Apple has agreed to breach in the past. "This case in no way upends the balance between privacy and security," prosecutors wrote in the new filing, as reported by The Wall Street Journal. Judge Orenstein's ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority," the brief said. Apple disagrees. "Judge Orenstein ruled the FBI's request would 'thoroughly undermine fundamental principles of the Constitution' and we agree," a company spokesman said in a statement. "We share the judge's concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone's safety and privacy." Cupertino boss Tim Cook has referenced that same slippery slope in the tech titan's fight with the FBI, claiming that the requested iOS backdoor will inevitably end up in the wrong hands.

Apple is even willing to take its fight to the Supreme Court, where it would have the support of numerous industry heavyweights. Apple is due back in court on the San Bernardino case on March 22. The DOJ did not immediately respond to PCMag's request for comment.
The U.S.

Department of Justice has appealed an order by a court in New York that turned down its request that Apple should be compelled to extract data from the iPhone 5s of an alleged drug dealer. The case in New York is seen as having a bearing on another high-profile case in California where Apple is contesting an order that would require the company to assist the FBI, including by providing new software, in its attempts at cracking by brute force the passcode of an iPhone 5c running iOS 9. The phone was used by one of the two terrorists in the San Bernardino killings on Dec. 2 and the FBI wants Apple to disable the auto-erase feature on the phone, which would erase all data after 10 unsuccessful tries of the passcode, if the feature was activated by the terrorist. The DOJ argues in the New York case as well that it is unable to access the data on the phone running iOS 7, because it is locked with a passcode.

By trying repeated passcodes, the government risks permanently losing all access to the contents of the phone because when an iPhone is locked it is not apparent if the auto-erase feature is enabled, according to the filing Monday. But Apple can help extract the data from the iPhone 5s, which it has done dozens of times in the past for similar iPhone versions at the request of the government, the DOJ argues.

For versions of the operating system that predate iOS 8, Apple has the capability to bypass the passcode feature and access the contents of the phone that were unencrypted, it wrote in the filing. Invoking user privacy and safety, Apple has said that its previous acquiescence to similar judicial orders does not mean it consents to the process.

But the government, which has a warrant, claims that Apple made an U-turn in the particular instance, having first agreed to extract the data, when it responded that "Upon receipt of a valid search warrant pursuant to the instructions laid out in [the legal process guidelines], we can schedule the extraction date within a 1-2 week time frame." At no time during the communications ahead of the government seeking an order did Apple object to the propriety of the proposed order directing its assistance, according to the DOJ filing Monday. Magistrate Judge James Orenstein of the U.S.

District Court for the Eastern District of New York ruled recently that Apple can’t be forced to extract the data from the iPhone.

The government's reading of the All Writs Act, a statute enacted in 1789 and commonly invoked by law enforcement agencies to get assistance from tech companies on similar matters, would change the purpose of the law “from a limited gap-filing statute that ensures the smooth functioning of the judiciary itself into a mechanism for upending the separation of powers by delegating to the judiciary a legislative power bounded only by Congress's superior ability to prohibit or preempt.” But the government argues that the residual authority of the court under the All Writs Act is particularly important where legislation lags behind technology or risks obsolescence. The government argues that courts have relied on the All Writs Act to mandate third-party assistance with search warrants even in circumstances far more burdensome that what is requested in the New York case.

An unreasonable burden on the third-party is a key criterion when a Judge considers an order under the Act.

Apple has argued that a burden on the company would be the impact on its ability to protect customer information, which could threaten the trust customers have in the company and tarnish the Apple brand. The DOJ is now asking the court to review the decision by the Magistrate Judge. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree,” Apple said in a statement on the new filing by the DOJ.

The company said it shared the Judge’s concern “that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy."
Kārlis Dambrāns As expected, federal prosecutors in an iPhone unlocking case in New York have now asked a more senior judge, known as a district judge, to countermand a magistrate judge who ruled in Apple’s favor last week. Last week, US Magistrate Judge James Orenstein concluded that what the government was asking for went too far.
In his ruling, he worried about a “virtually limitless expansion of the government's legal authority to surreptitiously intrude on personal privacy.”The case involves Jun Feng, a drug dealer who has already pleaded guilty, and his seized iPhone 5S running iOS 7. Prosecutors have said previously that the investigation was not over and that it still needed data from Feng's phone.

As the government reminded the court, Apple does have the ability to unlock this phone, unlike the seized iPhone 5C in San Bernardino. Moreover, as Department of Justice lawyers note, Apple has complied numerous times previously. In its 51-page Monday filing, the government largely re-hashed its previous arguments, saying that existing law should force Apple’s assistance. In this case, the government arrested a criminal.

The government got a warrant to search the criminal’s phone. Law enforcement agents tried to search the phone themselves, but determined they could not do so without risking the destruction of evidence.

The government then applied for a second court order to ask Apple to perform a simple task: something that Apple can easily do, that it has done many times before, and that will have no effect on the security of its products or the safety of its customers.

This is how the system is supposed to work. In 2014 and 2015, Apple took a two-pronged approach to resisting government pressure: one was to make iOS 8 more resilient than previous versions of the operating system, making it impossible for Apple itself to bypass a passcode lockout.

The other crucial element was to impose firmer legal resistance in court filings.

The New York case is believed to be the first time that Apple openly resisted the government’s attempt to access a seized phone. Agree to disagree? This New York case pre-dates Apple's current battle with the government over a locked iPhone 5C that belonged to one of the shooters in the December 2015 terrorist attack in San Bernardino—that case is due to be heard in court next month in nearby Riverside, California.
In the California case, federal investigators asked for and received an unprecedented court order compelling Apple to create a new firmware to unlock the device.
In February 2016, Apple formally challenged that order, and the outcome is pending. Both the New York and California cases, however, involve the government’s attempt to use an obscure 18th-Century statute known as the All Writs Act, which enables a court to order a person or a company to perform some action. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree," an Apple spokesman told Ars in a statement. "We share the judge’s concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy." The New York case, however, marks the first time that a federal judge has ruled in favor of a more privacy-minded Apple. More recent amicus, or friend of the court briefs, supporting Apple, have cited Judge Orenstein’s ruling. “The government’s argument is: ‘I would have gotten away with it too, if it weren't for you pesky magistrate!’” Riana Pfefferkorn, a legal fellow at the Stanford Center for Internet and Society, told Ars.
Lawyers: Federal prosecutors told us they will continue to invoke 18th-century law.
Enlarge Image Scott Stein/CNET Three months ago, India was one of the most expensive places in the world to buy an iPhone, even an older model like the 5S. That's not necessarily the case anymore. The 5S, first released in September 2013, will now retail for Rs 24,999 ($370, AU$520, £245), which is just above the Rs 44,500 ($665, AU$920, £440) it was being sold for in September, The Times of India reports. The price cut appears to be a move by the Californian company to increase its penetration in India, the world's third largest smartphone market after China and the USA, where the bulk of phones sold are sub-$300. As of quarter 3 of 2015, Apple is not even among the top 5 smartphone vendors in India, a market that IDC Research predicts will overtake the US by 2017. "To drive volume [in India], Apple will need to keep focus on older iPhone generations," IDC's Kiranjeet Kaur said, explaining that older generations will cater to the country's large midrange smartphone market. Kaur added that there's a "limited" amount of penetration the company can achieve by exclusively selling in the premium price segment. High import taxes and a depreciating currency often results in foreign high-end electronics brands struggling to sell products at a reasonable price. The iPhone 6S, for instance, cost more in India than in any other country at the time of its release. This has led to Indian brands like Micromax and Intex popping up and finding tremendous local success with more affordable handsets. The market leader in the country, however, is South Korean behemoth Samsung, who is able to keep prices relatively low thanks to its manufacturing of phones within India.
DOJ: the search warrant remains active, so Apple should help us.
DOJ doesn't know of "any prior instance in which Apple objected to such an order."
video
Overview of Apple Touch ID
A contest to show that Apple's technology would be difficult to break proved just the opposite as German hackers win the crowd-sourced prize. Using a desktop scanner, a light-sensitive printed circuit board and white wood glue, a group of researchers from the Chaos Computer Club in Germany broke the security of Apple's TouchID fingerprint sensor, creating a fake fingerprint to unlock Apple's latest smartphone, the iPhone 5S. The hack, announced on Sept. 21, came less than 48 hours after members of the security community started a Twitter-fueled project to collect money for a bounty to pay any researchers who successfully broke the biometric security of Apple's device.

The CCC used a desktop scanner to capture an image of the phone and print that image on to a photo-sensitive PCB to form a mold.

Then, using graphite spray and wood glue, a mold of the fingerprint was created. The relative ease with which the security can be broken means that iPhone users should be wary of relying too much on the security of the device, the CCC said in its statement. "A fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5S secured with TouchID," Frank Rieger, spokesperson of the CCC, said in the statement. "This demonstrates—again—that fingerprint biometrics is unsuitable as access control method and should be avoided." Apple announced the TouchID fingerprint sensor earlier this month as a security enhancement that would help more people lock their phones more securely than with a 4-digit pass code.

The sensor, built into the home button of the iPhone 5, does not optically read a person's fingerprint, but uses a capacitive measurement that "in essence, takes a high-resolution image of your fingerprint from the sub-epidermal layers of your skin," Apple stated on its site. However, the security of biometric devices—especially one with glass surfaces that collect its user's fingerprints—has been widely criticized by experts. "In reality, Apple's sensor has just a higher resolution compared to the sensors (we've seen) so far," a hacker using the handle "Starbug" said in the CCC's statement. "As we have said now for (at least six) years, fingerprints should not be used to secure anything. You leave them everywhere and it is far too easy to make fake fingers out of lifted prints." The security of the sensor was heavily debated on Twitter, with some security researchers assuming that Apple had made the sensor more difficult to trick then previous optical sensors. Security professionals Nick Depetrillo and Robert Graham started the site, IsTouchIDHackedYet.com, to collect donations to the prize pool for any researchers who successfully bypassed the security of the device by copying a fingerprint. In essence, Depetrillo and Graham were telling other researchers who doubted the security to put the efforts into actually hacking the device. Turns out, it was not so difficult after all, Graham said in a blog post. "We claimed it'd be harder," he wrote. "We assumed that a higher resolution sensor wouldn't be so simply defeated with just a higher resolution camera. We bet money. We lost." The IsTouchIDHackedYet bounty surpassed $10,000 in cash, bitcoins, alcohol and other goods pledged by security researchers and other community members.

While it had reached $20,000, student Arturas Rosenbacher, who also claims to be a micro investor and entrepreneur, added additional restrictions on his pledge when it became obvious that someone had actually succeeded in breaking the TouchID security.

While the original contest asked for a researcher to fool the sensor using a print "lifted from a beer mug" or similar circumstances, Rosenbacher's changes require that the biometric data be taken from the device itself. "The fingerprint must be obtained using software and hardware, in sense a technological solution, rather than lifting prints and accessing a secure phone using said 'lifted prints'," according to the after-the-fact changes. Rosenbacher did not respond to an e-mailed request for comment. ${QSComments.incrementNestedCommentsCounter()} {{if QSComments.checkCommentsDepth()}} {{if _childComments}}
German hackers claim to have breached the Apple iPhone 5S's fingerprint security. In a post on its website, German group Chaos Computer Club (CCC) describes how members of its biometric hacking team were apparently able to take a photo of someone's fingerprint left on a glass surface then use it to create a fake fingerprint, which was then used to unlock the phone. CCC also linked to a video demonstrating how the iPhone 5S can be hacked. Apple introduced fingerprint-based unlocking technology to its iPhone 5S with the aim of making the device more secure by linking accessing data to the users' own fingerprint.

The idea was that because some users apparently regard inputting a password as too time-consuming, fingerprint-swipe technology would encourage more iPhone users to secure their mobile phones. The apparent breach of the device's security - so soon after it has been released - will concern organisations that may have been considering using the iPhone 5S as a secure business tool.  "In reality, Apple's sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake," hacker "Starbug" wrote in a blog post, adding that fingerprint technology is inherently insecure. "As we have said now for many years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints," he added. CCC has been operating since 1981 and describes itself as one of the "most influential organisations dealing with security and privacy aspects of technology in the German-speaking world," and has upwards of 3,600 members. "We hope that this finally puts to rest the illusions people have about fingerprint biometrics. It is plain stupid to use something that you can´t change and that you leave everywhere every day as a security token," said CCC spokesperson Frank Rieger. "The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access," he added. CCC's iPhone 5S security breach comes days after a crowdsourced cash prize of over $13,000 was offered to the first hacker to crack the new smartphone. The status of istouchidhackedyet.com now stands as "maybe" and if CCC's video is accepted as evidence, the group will win the reward.
"You can't change your fingerprints. You have only ten of them."    
Apple's new fingerprint sensor Touch ID becomes the focus of a hack bounty, but with a twist. Rewards include cash, but also a patent application, some Scotch, and a book of erotica. Apple demos Touch ID fingerprint reader for iPhone 5S The iPhone 5...