Tag: Apple iPhone
Thomas Jefferson would kick your ass for this
Apple's latest response to US Department of Justice (DoJ) demands that it alter its operating system to allow access to a terrorist's iPhone using the 1789 All Writs Act is typically blunt.
"According to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up.
The Founders would be appalled," the court document [PDF] states. The US government's attempts to use the ancient piece of legislation to force Apple to circumvent its existing security protocols went well beyond the scope of the original purpose of the All Writs Act.
This was especially egregious, since the DoJ is also asking the court to consider the case on its sole merits, rather than considering the wider implications. In addition, the DoJ is attempting to use the All Writs Act to get around the Communications Assistance for Law Enforcement Act (CALEA), which requires telecom companies to cooperate with law enforcement requests.
Apple is an information provider, not a telco, the company asserts, but the DoJ begs to differ. Even if the court does decide the CALEA applies to Apple, the order to bork its operating system goes beyond the scope of the act as it was originally envisaged.
This was confirmed by the then-head of the FBI Louis Freeh when the 1994 act was being debated. "This legislation does not ask [companies] to decrypt.
It just tells them to give us the bits as they have them.
If they are [en]crypted, that is my problem," Freeh told Congress at the time. In the meantime, the DoJ's request would be onerous in the extreme to Apple, and rather dangerous.
The government is understating the requirements of Apple complying with breaking into iOS and is using legal threats to push Cook & Co into compliance. "The government also implicitly threatens that if Apple does not acquiesce, the government will seek to compel Apple to turn over its source code and private electronic signature," the filing states. "The catastrophic security implications of that threat only highlight the government's fundamental misunderstanding or reckless disregard of the technology at issue and the security risks implicated by its suggestion." Government lawyers have suggested that Apple built its encryption system for "marketing purposes," so that it could sell the systems as free from government spying.
That's provably untrue, Apple states. Since the encryption system was first introduced in October of 2014, Apple has promoted its iPhone in 1,793 adverts worldwide, generating 253 billion views. "Not a single one advertised or promoted the ability of Apple's software to block law enforcement requests for access to the contents of Apple devices," the company said. Furthermore, the FBI hasn't made a serious attempt to decrypt the terrorist's phone using other methods.
It cites senior officials, such as former National Coordinator for Security Richard Clarke, who say that they are sure the NSA could crack open the phone without Apple's help, and the San Bernardino police chief has already said there's a good chance there is no useful intel on the phone. When the FBI director was questioned on this topic at congressional hearings, he said that he didn't know if all avenues for getting into the phone have been excluded.
Director Comey also admitted that the FBI could have opened the iPhone easily but locked it mistakenly by changing the password remotely. Finally, Apple says that the order to write software to break its own security is illegal under the First Amendment. Writing code is speech, Apple argues, and the DoJ's demands are forcing the company to express itself in ways it finds offensive. "Almost 90 years ago, Justice Louis Brandeis, reflecting on the 'progress of science' beyond wiretapping, famously warned that '[the] greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding'," Apple concludes. "In this case, the government's motivations are understandable, but its methods for achieving its objectives are contrary to the rule of law, the democratic process, and the rights of the American people." ® Sponsored: How to choose a great CMS
The Founders would be appalled," the court document [PDF] states. The US government's attempts to use the ancient piece of legislation to force Apple to circumvent its existing security protocols went well beyond the scope of the original purpose of the All Writs Act.
This was especially egregious, since the DoJ is also asking the court to consider the case on its sole merits, rather than considering the wider implications. In addition, the DoJ is attempting to use the All Writs Act to get around the Communications Assistance for Law Enforcement Act (CALEA), which requires telecom companies to cooperate with law enforcement requests.
Apple is an information provider, not a telco, the company asserts, but the DoJ begs to differ. Even if the court does decide the CALEA applies to Apple, the order to bork its operating system goes beyond the scope of the act as it was originally envisaged.
This was confirmed by the then-head of the FBI Louis Freeh when the 1994 act was being debated. "This legislation does not ask [companies] to decrypt.
It just tells them to give us the bits as they have them.
If they are [en]crypted, that is my problem," Freeh told Congress at the time. In the meantime, the DoJ's request would be onerous in the extreme to Apple, and rather dangerous.
The government is understating the requirements of Apple complying with breaking into iOS and is using legal threats to push Cook & Co into compliance. "The government also implicitly threatens that if Apple does not acquiesce, the government will seek to compel Apple to turn over its source code and private electronic signature," the filing states. "The catastrophic security implications of that threat only highlight the government's fundamental misunderstanding or reckless disregard of the technology at issue and the security risks implicated by its suggestion." Government lawyers have suggested that Apple built its encryption system for "marketing purposes," so that it could sell the systems as free from government spying.
That's provably untrue, Apple states. Since the encryption system was first introduced in October of 2014, Apple has promoted its iPhone in 1,793 adverts worldwide, generating 253 billion views. "Not a single one advertised or promoted the ability of Apple's software to block law enforcement requests for access to the contents of Apple devices," the company said. Furthermore, the FBI hasn't made a serious attempt to decrypt the terrorist's phone using other methods.
It cites senior officials, such as former National Coordinator for Security Richard Clarke, who say that they are sure the NSA could crack open the phone without Apple's help, and the San Bernardino police chief has already said there's a good chance there is no useful intel on the phone. When the FBI director was questioned on this topic at congressional hearings, he said that he didn't know if all avenues for getting into the phone have been excluded.
Director Comey also admitted that the FBI could have opened the iPhone easily but locked it mistakenly by changing the password remotely. Finally, Apple says that the order to write software to break its own security is illegal under the First Amendment. Writing code is speech, Apple argues, and the DoJ's demands are forcing the company to express itself in ways it finds offensive. "Almost 90 years ago, Justice Louis Brandeis, reflecting on the 'progress of science' beyond wiretapping, famously warned that '[the] greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding'," Apple concludes. "In this case, the government's motivations are understandable, but its methods for achieving its objectives are contrary to the rule of law, the democratic process, and the rights of the American people." ® Sponsored: How to choose a great CMS
US DoJ files fresh objections to iGiant's refusal to cooperate
The US Department of Justice has filed fresh claims against Apple in the ongoing battle over whether the FBI can force the iGiant to help agents unlock a killer's iPhone.
In a brief [PDF] filed Thursday to the US District Court of Central California, the DoJ said Apple had made a "deliberate marketing decision" to develop technology that renders search warrants useless.
That decision, we're told, is why a judge had to order Apple to build a custom version of iOS that could be loaded onto the iPhone 5C used by San Bernardino shooter Syed Farook.
The special firmware would allow agents to safely brute-force the slain killer's passcode without it wiping itself after too many wrong tries. Apple has refused to obey the order and produce what's being dubbed FBiOS. "This burden [to develop the special iOS], which is not unreasonable, is the direct result of Apple's deliberate marketing decision to engineer its products so that the government cannot search them, even with a warrant," the US attorneys argue in the filing. "In passing the All Writs Act, Congress gave courts a means of ensuring that their lawful warrants were not thwarted by third parties like Apple." The filing then hits its stride: Apple deliberately raised technological barriers that now stand between a lawful warrant and an iPhone containing evidence related to the terrorist mass murder of 14 Americans.
Apple alone can remove those barriers so that the FBI can search the phone, and it can do so without undue burden. Under those specific circumstances, Apple can be compelled to give aid.
That is not lawless tyranny. Rather, it is ordered liberty vindicating the rule of law. Apple has argued that it should not be forced to comply with an FBI request to craft a custom build of iOS.
Such an order could put millions of Americans at risk of similar requests and usher in privacy-busting surveillance of innocent citizens by the US government, Apple insisted. The DoJ, meanwhile, says that the order would do the opposite, and would only be applicable in a single case. "The court's order is modest.
It applies to a single iPhone, and it allows Apple to decide the least burdensome means of complying," Uncle Sam's lawyers wrote. "As Apple well knows, the order does not compel it to unlock other iPhones or to give the government a universal 'master key' or 'back door'." A number of tech companies including Amazon, Google and Microsoft have filed briefs in support of Apple. Shortly after the DoJ filing went public, security and privacy experts began weighing in with their critiques: Everybody I’ve talked to in forensics wants to help .gov get into this phone, but just without Apple. We’re all on the same side here. — Jonathan Ździarski (@JZdziarski) March 10, 2016 Apple has been given permission to name every variable “fuck_fbi”, or fuckFBI if you like camel case. pic.twitter.com/rqUu2Ec3S8 — Jonathan Ździarski (@JZdziarski) March 10, 2016 This is the only reason .gov hasn’t seized Apple’s signing keys: they admit they wouldn’t know how to use them. pic.twitter.com/1Op5UkQAsq — Jonathan Ździarski (@JZdziarski) March 10, 2016 For those of you curious how Apple has accommodated China. pic.twitter.com/wNOpoEzklr — Jonathan Ździarski (@JZdziarski) March 10, 2016 On the 1st Amendment, the DOJ brief conveniently ignores that forcing Apple to sign code is also compelled speech pic.twitter.com/MP98Wmx7O9 — Andrew Crocker (@agcrocker) March 10, 2016 Apple has yet to respond to a request for comment on the filing. ® Sponsored: Speed up incident response with actionable forensic analytics
The special firmware would allow agents to safely brute-force the slain killer's passcode without it wiping itself after too many wrong tries. Apple has refused to obey the order and produce what's being dubbed FBiOS. "This burden [to develop the special iOS], which is not unreasonable, is the direct result of Apple's deliberate marketing decision to engineer its products so that the government cannot search them, even with a warrant," the US attorneys argue in the filing. "In passing the All Writs Act, Congress gave courts a means of ensuring that their lawful warrants were not thwarted by third parties like Apple." The filing then hits its stride: Apple deliberately raised technological barriers that now stand between a lawful warrant and an iPhone containing evidence related to the terrorist mass murder of 14 Americans.
Apple alone can remove those barriers so that the FBI can search the phone, and it can do so without undue burden. Under those specific circumstances, Apple can be compelled to give aid.
That is not lawless tyranny. Rather, it is ordered liberty vindicating the rule of law. Apple has argued that it should not be forced to comply with an FBI request to craft a custom build of iOS.
Such an order could put millions of Americans at risk of similar requests and usher in privacy-busting surveillance of innocent citizens by the US government, Apple insisted. The DoJ, meanwhile, says that the order would do the opposite, and would only be applicable in a single case. "The court's order is modest.
It applies to a single iPhone, and it allows Apple to decide the least burdensome means of complying," Uncle Sam's lawyers wrote. "As Apple well knows, the order does not compel it to unlock other iPhones or to give the government a universal 'master key' or 'back door'." A number of tech companies including Amazon, Google and Microsoft have filed briefs in support of Apple. Shortly after the DoJ filing went public, security and privacy experts began weighing in with their critiques: Everybody I’ve talked to in forensics wants to help .gov get into this phone, but just without Apple. We’re all on the same side here. — Jonathan Ździarski (@JZdziarski) March 10, 2016 Apple has been given permission to name every variable “fuck_fbi”, or fuckFBI if you like camel case. pic.twitter.com/rqUu2Ec3S8 — Jonathan Ździarski (@JZdziarski) March 10, 2016 This is the only reason .gov hasn’t seized Apple’s signing keys: they admit they wouldn’t know how to use them. pic.twitter.com/1Op5UkQAsq — Jonathan Ździarski (@JZdziarski) March 10, 2016 For those of you curious how Apple has accommodated China. pic.twitter.com/wNOpoEzklr — Jonathan Ździarski (@JZdziarski) March 10, 2016 On the 1st Amendment, the DOJ brief conveniently ignores that forcing Apple to sign code is also compelled speech pic.twitter.com/MP98Wmx7O9 — Andrew Crocker (@agcrocker) March 10, 2016 Apple has yet to respond to a request for comment on the filing. ® Sponsored: Speed up incident response with actionable forensic analytics
Julien SabarduApple's encryption battle
Florida sheriff pledges to arrest CEO Tim Cook if Apple resists crypto cooperation
There are ways the FBI can crack the iPhone PIN without Apple doing it for them
Feds: New judge must force iPhone unlock, overturning ruling that favored Apple
Amazon will restore Fire OS‘ encryption support in the spring
What is a “lying-dormant cyber pathogen?” San Bernardino DA says it’s made up [Updated]
View all…As expected, federal prosecutors filed their formal response on Thursday in the ongoing case involving the seized iPhone 5C that was used by one of the shooters in the San Bernardino terrorist attack in December 2015.
Last month, the government obtained an unprecedented court order under the All Writs Act, an obscure 18th-century statute, which would compel Apple to assist in the government's investigation.
If the order stands up to legal challenges, Apple would be forced to create a new customized iOS firmware that would remove the passcode lockout on the phone.
Apple has said both publicly and in court filings that it will fight the order as much as possible, and the company has drawn support from many cryptographers, tech companies, and even the husband of a survivor of the attack. In the new filing, Eileen Decker, a United States Attorney, argued that the court order is "modest" and only applies to a single iPhone. (The technical details about how this order would be confined to one phone are spelled out in detail for the first time in another Thursday filing.) "The government and the community need to know what is on the terrorist's phone, and the government needs Apple's assistance to find out," she wrote. In a call with reporters shortly after the government brief was filed, Apple lambasted the government. "The tone of the brief reads like an indictment," Bruce Sewell, Apple's general counsel said. "In 30 years of practice I don't think I've ever seen a brief that was intended to smear." "It has thrown all decorum to the winds," he added. In later pages, Decker added that the government has full confidence in Apple's ability to keep this new iOS—which Apple has dubbed "GovtOS"—a secret. Next, contrary to Apple's stated fears, there is no reason to think that the code Apple writes in compliance with the Order will ever leave Apple's possession. Nothing in the Order requires Apple to provide that code to the government or to explain to the government how it works.
And Apple has shown it is amply capable of protecting code that could compromise its security.
For example, Apple currently protects (1) the source code to iOS and other core Apple software and (2) Apple's electronic signature, which as described above allows software to be run on Apple hardware. (Hanna Decl.
Ex.
DD at 62-64 (code and signature are "the most confidential trade secrets [Apple] has").) Those—which the government has not requested—are the keys to the kingdom.
If Apple can guard them, it can guard this. The government also accurately points to a crucial fact in its favor: that Apple has already handed over data concerning 4,000 iPhones to Chinese authorities and that the company accommodated government demands to put Chinese iCloud users' data physically in China. Such accommodations provide Apple with access to a huge, and growing, market. (Wilkison Decl.
Ex. 12.) This Court's Order changes neither the carrots nor the sticks that foreign governments can use on Apple.
Thus, it does not follow that if America forgoes Apple's assistance in this terrorism investigation, Apple will refuse to comply with the demands of foreign governments. Nor does it follow that if the Court stands by its Order, Apple must yield to foreign demands, made in different circumstances without the safeguards of American law. Lawful process in America cannot be confined by potential lawless oppression elsewhere merely because a corporation chooses to manufacture and market its products globally, without regard to its host countries' legal regimes. … If Apple can provide data from thousands of iPhones and Apple users to China and other countries, it can comply with the AWA in America. Sewell called these references to China "ridiculous," insinuating a "sinister relation with China." "We add security features to protect our customers from hackers and criminals—to suggest otherwise is demeaning," he added. Apple attorneys on the call, who were granted anonymity, pointed out that iCloud data in China is encrypted and Chinese authorities do not have access to it, except through an American legal process.
They added that the Chinese Wi-Fi standard known as WAPI was a "trade issue," and not a security issue. An argument in three acts Last month, Apple put forward its own legal arguments, based on a rejection of a 1977 Supreme Court decision United States v. New York Telephone, the prominent case that relies on the All Writs Act in which the authorities were demanding the utility to implement a pen register trap and trace device.
Apple also argued that the government's interpretation of the All Writs Act goes too far, fails the previous Supreme Court three-part test, and violates Apple's First and Fifth Amendment rights. On Thursday, the Department of Justice attacked each of Apple's arguments head-on, and it also spent some time pointing out that the botched password change that made an attempted iCloud backup unworkable is irrelevant. The opening section of the government's brief is devoted largely to defending the legitimacy of the All Writs Act itself—going so far as to essentially mock Apple's characterization of the law as "dusty and forgotten." After several pages of arguing the legitimacy of the AWA itself, the DOJ again turns back to New York Telephone's "three factor" test.
Those factors include the company's distance, or "remove" from the case; whether the government's request places an "undue burden" on Apple; and whether the company's assistance was "necessary." The government again re-iterated its belief that Apple is not "far removed from the underlying controversy." Apple argued previously that by putting the phone into the "stream of commerce," it maintained no interest in the phone. Unlike the case of New York Telephone, which was a government-regulated public utility, Apple was entirely separate. But the DOJ doesn't buy that line of reasoning: Moreover, Apple maintains a continued connection to its phones well beyond their sale, and has deliberately developed its phones so that Apple alone holds the means for courts' search warrants to be carried out.
As Apple's business model and it's representations to its investors and customers make clear, Apple intentionally and for commercial advantage retains exclusive control over the software that can be used on iPhones, giving it monopoly-like control over the means of distributing software to the phones.
As detailed below, Apple does so by: (1) firmly controlling iPhones' operating systems and first-party software; (2) carefully managing and vetting third-party software before authenticating it for use on iPhones; and (3) continually receiving information from devices running its licensed software and its proprietary services, and retaining continued access to data from those devices about how its customers are using them. Having established suzerainty over its users' phones—and control over the precise features of the phones necessary for unlocking them—Apple cannot now pretend to be a bystander, watching this investigation from afar. … Rather, Apple is intimately close to the barriers on Farook's locked iPhone because Apple specifically designed the iPhone to create those barriers. The government then addresses a question of burden. Prosecutors note that Apple is "one of the richest and tech-savviest companies in the world, and it is more than able to comply with the AWA order." Apple, the government observes, earns more revenue than the annual budget of California. "Indeed, Apple's revenues exceed the nominal GDPs of two thirds of the world's nations," Decker wrote. "To build the ordered software, no more than ten employees would be required to work for no more than four weeks, perhaps as little as two weeks." But beyond the sheer financial burden, the DOJ also tackles Apple's question of burden as it pertains to writing code itself.
The government spends considerable time referring back to a 1980 case that appeared before the 9th Circuit Court of Appeals, also involving the government-forced used of a pen register on a telecom.
In that case, known as Mountain Bell, the court held that "The principles announced in New York Telephone compel the same result here." Specifically, the court was justified in authorizing Mountain Bell to program "a control computer to 'trap' incoming calls to the designated telephone number." The question of burdensome is "nonsensical," according to Fred Cate, a law professor at Indiana University. "We don’t measure the impact of privacy and security intrusions by how much effort they take, but rather by what their effects are," he told Ars. "So if the government ordered a maintenance worker to open a spillway in a dam that results in flooding a city, we don’t say it was okay because the worker just had to turn one lever." The government also makes a point of referencing the 1807 treason trial of Vice President Aaron Burr, noting that an appellate court did compel Burr's assistant to decrypt a cipher used by his employer. With respect to the question of necessity, the government quickly dispenses of that, saying that New York Telephone doesn't create an "absolute necessity" standard—so enlisting the assistance of another government agency, such as the National Security Agency, is not needed in the government's view. In the call with reporters, Apple attorneys underscored that the company works with federal law enforcement on a daily basis, saying that those agents are well-meaning, intelligent, and crucial to the country. Do you still have First Amendment rights if your speech is private? The government also attacks Apple's arguments that its Constitutional rights are being violated. Apple's claim is particularly weak because it does not involve a person being compelled to speak publicly, but a for-profit corporation being asked to modify commercial software that will be seen only by Apple.
There is reason to doubt that functional programming is even entitled to traditional speech protections. In short, because the words that Apple is being compelled to say won't be seen publicly, the free speech issue is moot. On a call with reporters, Apple attorneys countered that even if you write private poetry, your First Amendment rights still stand. Towards the very end of the brief, prosecutors simply wave away any Fifth Amendment questions, saying "it is ludicrous to describe the government's actions here as 'arbitrary.'" With respect to the entire iCloud debacle—where it was revealed earlier that San Bernardino County officials changed the iCloud password at the behest of the FBI, making an attempted forced iCloud backup impossible—the government says this doesn't matter. (This is also apparently in contrast to what FBI Director James Comey said recently before Congress, that the FBI did err in its request to change the password.) As the prosecutor, Eileen Decker, continued: For several reasons, a forced iCloud backup would not have been successful even if the password had remained unchanged.
Farook's iPhone was found powered off. (Supp. Pluhar Decl. ¶ 2.) Subsequent testing has revealed that once powered off, an iPhone will not back itself up to an iCloud account unless and until it has been unlocked at least once by use of the passcode. (Perino Decl. ¶¶ 6.d, 37-39.) Moreover, the evidence on Farook's iCloud account suggests that he had already changed his iCloud password himself on October 22, 2015—shortly after the last backup—and that the auto-backup feature was disabled. (Pluhar Decl. ¶ 8; Supp. Pluhar Decl. ¶ 9.) A forced backup of Farook's iPhone was never going to be successful, and the decision to obtain whatever iCloud evidence was immediately available via the password change was the reasoned decision of experienced FBI agents investigating a deadly terrorist conspiracy. Moreover, even if—contrary to how Apple built and designed it—Farook's iPhone could have been forced to sync to Apple's iCloud network, that would not be an adequate substitute to unlocking and searching the phone itself.
Both the FBI's testin and Apple's security documentation show that entire categories of evidence—including device-level data such as the "keyboard cache" (which records recent keystrokes)—reside only on the iPhone and not on an iCloud backup, and that some of the backup data would still have been encrypted. (Supp. Pluhar Decl. ¶ 10.) But that data remains on the iPhone.
Thus, even with a full set of backups, the government still would have needed to search the phone itself in order to leave no stone unturned in this important investigation. Cate added that Apple has worked to make its devices more secure over time. "These are great developments that reflect the critical role that iPhones typically play in their users’ lives, collecting, storing, and transmitting personal, often sensitive, information involving health, finance, political opinions, intimate relationships," he concluded. "Both the market and security experts have applauded Apple’s efforts to make the iPhone more secure. Now the government is trying to force Apple actively to compromise that security—in effect, to undo the progress on security of the past decade.
It doesn’t seem to matter whether we characterize Apple as a 'bystander' or as the manufacturer of the phone and author of its operating system, the government is still demanding the same thing and the impact on users is still the same." Apple has until March 15 to issue its final reply.
The two sides are set to square off in federal court in Riverside, California on March 22.
Ars will be present at that hearing.
If the order stands up to legal challenges, Apple would be forced to create a new customized iOS firmware that would remove the passcode lockout on the phone.
Apple has said both publicly and in court filings that it will fight the order as much as possible, and the company has drawn support from many cryptographers, tech companies, and even the husband of a survivor of the attack. In the new filing, Eileen Decker, a United States Attorney, argued that the court order is "modest" and only applies to a single iPhone. (The technical details about how this order would be confined to one phone are spelled out in detail for the first time in another Thursday filing.) "The government and the community need to know what is on the terrorist's phone, and the government needs Apple's assistance to find out," she wrote. In a call with reporters shortly after the government brief was filed, Apple lambasted the government. "The tone of the brief reads like an indictment," Bruce Sewell, Apple's general counsel said. "In 30 years of practice I don't think I've ever seen a brief that was intended to smear." "It has thrown all decorum to the winds," he added. In later pages, Decker added that the government has full confidence in Apple's ability to keep this new iOS—which Apple has dubbed "GovtOS"—a secret. Next, contrary to Apple's stated fears, there is no reason to think that the code Apple writes in compliance with the Order will ever leave Apple's possession. Nothing in the Order requires Apple to provide that code to the government or to explain to the government how it works.
And Apple has shown it is amply capable of protecting code that could compromise its security.
For example, Apple currently protects (1) the source code to iOS and other core Apple software and (2) Apple's electronic signature, which as described above allows software to be run on Apple hardware. (Hanna Decl.
Ex.
DD at 62-64 (code and signature are "the most confidential trade secrets [Apple] has").) Those—which the government has not requested—are the keys to the kingdom.
If Apple can guard them, it can guard this. The government also accurately points to a crucial fact in its favor: that Apple has already handed over data concerning 4,000 iPhones to Chinese authorities and that the company accommodated government demands to put Chinese iCloud users' data physically in China. Such accommodations provide Apple with access to a huge, and growing, market. (Wilkison Decl.
Ex. 12.) This Court's Order changes neither the carrots nor the sticks that foreign governments can use on Apple.
Thus, it does not follow that if America forgoes Apple's assistance in this terrorism investigation, Apple will refuse to comply with the demands of foreign governments. Nor does it follow that if the Court stands by its Order, Apple must yield to foreign demands, made in different circumstances without the safeguards of American law. Lawful process in America cannot be confined by potential lawless oppression elsewhere merely because a corporation chooses to manufacture and market its products globally, without regard to its host countries' legal regimes. … If Apple can provide data from thousands of iPhones and Apple users to China and other countries, it can comply with the AWA in America. Sewell called these references to China "ridiculous," insinuating a "sinister relation with China." "We add security features to protect our customers from hackers and criminals—to suggest otherwise is demeaning," he added. Apple attorneys on the call, who were granted anonymity, pointed out that iCloud data in China is encrypted and Chinese authorities do not have access to it, except through an American legal process.
They added that the Chinese Wi-Fi standard known as WAPI was a "trade issue," and not a security issue. An argument in three acts Last month, Apple put forward its own legal arguments, based on a rejection of a 1977 Supreme Court decision United States v. New York Telephone, the prominent case that relies on the All Writs Act in which the authorities were demanding the utility to implement a pen register trap and trace device.
Apple also argued that the government's interpretation of the All Writs Act goes too far, fails the previous Supreme Court three-part test, and violates Apple's First and Fifth Amendment rights. On Thursday, the Department of Justice attacked each of Apple's arguments head-on, and it also spent some time pointing out that the botched password change that made an attempted iCloud backup unworkable is irrelevant. The opening section of the government's brief is devoted largely to defending the legitimacy of the All Writs Act itself—going so far as to essentially mock Apple's characterization of the law as "dusty and forgotten." After several pages of arguing the legitimacy of the AWA itself, the DOJ again turns back to New York Telephone's "three factor" test.
Those factors include the company's distance, or "remove" from the case; whether the government's request places an "undue burden" on Apple; and whether the company's assistance was "necessary." The government again re-iterated its belief that Apple is not "far removed from the underlying controversy." Apple argued previously that by putting the phone into the "stream of commerce," it maintained no interest in the phone. Unlike the case of New York Telephone, which was a government-regulated public utility, Apple was entirely separate. But the DOJ doesn't buy that line of reasoning: Moreover, Apple maintains a continued connection to its phones well beyond their sale, and has deliberately developed its phones so that Apple alone holds the means for courts' search warrants to be carried out.
As Apple's business model and it's representations to its investors and customers make clear, Apple intentionally and for commercial advantage retains exclusive control over the software that can be used on iPhones, giving it monopoly-like control over the means of distributing software to the phones.
As detailed below, Apple does so by: (1) firmly controlling iPhones' operating systems and first-party software; (2) carefully managing and vetting third-party software before authenticating it for use on iPhones; and (3) continually receiving information from devices running its licensed software and its proprietary services, and retaining continued access to data from those devices about how its customers are using them. Having established suzerainty over its users' phones—and control over the precise features of the phones necessary for unlocking them—Apple cannot now pretend to be a bystander, watching this investigation from afar. … Rather, Apple is intimately close to the barriers on Farook's locked iPhone because Apple specifically designed the iPhone to create those barriers. The government then addresses a question of burden. Prosecutors note that Apple is "one of the richest and tech-savviest companies in the world, and it is more than able to comply with the AWA order." Apple, the government observes, earns more revenue than the annual budget of California. "Indeed, Apple's revenues exceed the nominal GDPs of two thirds of the world's nations," Decker wrote. "To build the ordered software, no more than ten employees would be required to work for no more than four weeks, perhaps as little as two weeks." But beyond the sheer financial burden, the DOJ also tackles Apple's question of burden as it pertains to writing code itself.
The government spends considerable time referring back to a 1980 case that appeared before the 9th Circuit Court of Appeals, also involving the government-forced used of a pen register on a telecom.
In that case, known as Mountain Bell, the court held that "The principles announced in New York Telephone compel the same result here." Specifically, the court was justified in authorizing Mountain Bell to program "a control computer to 'trap' incoming calls to the designated telephone number." The question of burdensome is "nonsensical," according to Fred Cate, a law professor at Indiana University. "We don’t measure the impact of privacy and security intrusions by how much effort they take, but rather by what their effects are," he told Ars. "So if the government ordered a maintenance worker to open a spillway in a dam that results in flooding a city, we don’t say it was okay because the worker just had to turn one lever." The government also makes a point of referencing the 1807 treason trial of Vice President Aaron Burr, noting that an appellate court did compel Burr's assistant to decrypt a cipher used by his employer. With respect to the question of necessity, the government quickly dispenses of that, saying that New York Telephone doesn't create an "absolute necessity" standard—so enlisting the assistance of another government agency, such as the National Security Agency, is not needed in the government's view. In the call with reporters, Apple attorneys underscored that the company works with federal law enforcement on a daily basis, saying that those agents are well-meaning, intelligent, and crucial to the country. Do you still have First Amendment rights if your speech is private? The government also attacks Apple's arguments that its Constitutional rights are being violated. Apple's claim is particularly weak because it does not involve a person being compelled to speak publicly, but a for-profit corporation being asked to modify commercial software that will be seen only by Apple.
There is reason to doubt that functional programming is even entitled to traditional speech protections. In short, because the words that Apple is being compelled to say won't be seen publicly, the free speech issue is moot. On a call with reporters, Apple attorneys countered that even if you write private poetry, your First Amendment rights still stand. Towards the very end of the brief, prosecutors simply wave away any Fifth Amendment questions, saying "it is ludicrous to describe the government's actions here as 'arbitrary.'" With respect to the entire iCloud debacle—where it was revealed earlier that San Bernardino County officials changed the iCloud password at the behest of the FBI, making an attempted forced iCloud backup impossible—the government says this doesn't matter. (This is also apparently in contrast to what FBI Director James Comey said recently before Congress, that the FBI did err in its request to change the password.) As the prosecutor, Eileen Decker, continued: For several reasons, a forced iCloud backup would not have been successful even if the password had remained unchanged.
Farook's iPhone was found powered off. (Supp. Pluhar Decl. ¶ 2.) Subsequent testing has revealed that once powered off, an iPhone will not back itself up to an iCloud account unless and until it has been unlocked at least once by use of the passcode. (Perino Decl. ¶¶ 6.d, 37-39.) Moreover, the evidence on Farook's iCloud account suggests that he had already changed his iCloud password himself on October 22, 2015—shortly after the last backup—and that the auto-backup feature was disabled. (Pluhar Decl. ¶ 8; Supp. Pluhar Decl. ¶ 9.) A forced backup of Farook's iPhone was never going to be successful, and the decision to obtain whatever iCloud evidence was immediately available via the password change was the reasoned decision of experienced FBI agents investigating a deadly terrorist conspiracy. Moreover, even if—contrary to how Apple built and designed it—Farook's iPhone could have been forced to sync to Apple's iCloud network, that would not be an adequate substitute to unlocking and searching the phone itself.
Both the FBI's testin and Apple's security documentation show that entire categories of evidence—including device-level data such as the "keyboard cache" (which records recent keystrokes)—reside only on the iPhone and not on an iCloud backup, and that some of the backup data would still have been encrypted. (Supp. Pluhar Decl. ¶ 10.) But that data remains on the iPhone.
Thus, even with a full set of backups, the government still would have needed to search the phone itself in order to leave no stone unturned in this important investigation. Cate added that Apple has worked to make its devices more secure over time. "These are great developments that reflect the critical role that iPhones typically play in their users’ lives, collecting, storing, and transmitting personal, often sensitive, information involving health, finance, political opinions, intimate relationships," he concluded. "Both the market and security experts have applauded Apple’s efforts to make the iPhone more secure. Now the government is trying to force Apple actively to compromise that security—in effect, to undo the progress on security of the past decade.
It doesn’t seem to matter whether we characterize Apple as a 'bystander' or as the manufacturer of the phone and author of its operating system, the government is still demanding the same thing and the impact on users is still the same." Apple has until March 15 to issue its final reply.
The two sides are set to square off in federal court in Riverside, California on March 22.
Ars will be present at that hearing.
Not that kind of crack.Geoff Parsons
Apple's encryption battle
Feds: New judge must force iPhone unlock, overturning ruling that favored Apple
Amazon will restore Fire OS‘ encryption support in the spring
What is a “lying-dormant cyber pathogen?” San Bernardino DA says it’s made up [Updated]
San Bernardino DA says seized iPhone may hold “dormant cyber pathogen” [Update]
To get back at Apple, GOP congressman introduces pointless bill
View all…The custom firmware that the FBI would like Apple to produce in order to unlock the San Bernardino iPhone would be the most straightforward way of accessing the device, allowing the federal agency to rapidly attempt PIN codes until it found the one that unlocked the phone.
But it's probably not the only way to achieve what the FBI wants.
There may well be approaches that don't require Apple to build a custom firmware to defeat some of the iPhone's security measures. The iPhone 5c used by the San Bernardino killers encrypts its data using a key derived from a combination of an ID embedded in the iPhone's processor and the user's PIN.
Assuming that a 4-digit PIN is being used, that's a mere 10,000 different combinations to try out. However, the iPhone has two protections against attempts to try every PIN in turn.
First, it inserts delays to force you to wait ever longer between PIN attempts (up to one hour at its longest).
Second, it has an optional capability to delete its encryption keys after 10 bad PINs, permanently depriving access to any encrypted data. The FBI would like to use a custom firmware that allows attempting multiple PINs without either of these features.
This custom firmware would most likely be run using the iPhone's DFU mode.
Device Firmware Update (DFU) mode is a low-level last resort mode that can be used to recover iPhones that are unable to boot.
To use DFU mode, an iPhone must be connected via USB to a computer running iTunes. iTunes will send a firmware image to the iPhone, and the iPhone will run that image from a RAM disk.
For the FBI's purposes, this image would include the PIN-attack routines to brute-force the lock on the device. Developing this firmware should not be particularly difficult—jailbreakers have developed all manner of utilities to build custom RAM disks to run from DFU mode, so running custom code from this environment is already somewhat understood—but there is a problem.
The iPhone will not run any old RAM disk that you copy to it.
It first verifies the digital signature of the system image that is transferred. Only if the image has been properly signed by Apple will the phone run it. The FBI cannot create that signature itself. Only Apple can do so.
This means also that the FBI cannot even develop the code itself.
To test and debug the code, it must be possible to run the code, and that requires a signature.
This is why it is asking for Apple's involvement: only Apple is in a position to do this development. Do nothing at all The first possibility is that there's simply nothing to do.
Erasing after 10 bad PINs is optional, and it's off by default.
If the erase option isn't enabled, the FBI can simply brute force the PIN the old-fashioned way: by typing in new PINs one at a time.
It would want to reboot the phone from time to time to reset the 1 hour delay, but as tedious as the job would be, it's certainly not impossible. It would be a great deal slower on an iPhone 6 or 6s.
In those models, the running count of failed PIN attempts is preserved across reboots, so resetting the phone doesn't reset the delay period.
But on the 5c, there's no persistent record of bad PIN trials, so restarting the phone allows an attacker to short-circuit the delay. Why it might not work Obviously, if the phone is set to wipe itself, this technique wouldn't work, and the FBI would want to know one way or the other before starting.
It ought to be a relatively straightforward matter for Apple to tell, as the phone does have the information stored in some accessible way so that it knows what to do when a bad PIN is entered. But given the company's reluctance to assist so far, getting them to help here may be impossible.Update: It turns out that this bug was fixed in iOS 8.1, so it probably wouldn't work after all. Acid and laserbeams One risky solution that has been discussed extensively already is to use lasers and acid to remove the outer layers of the iPhone's processor and read the embedded ID. Once this embedded ID is known, it's no longer necessary to try to enter the PIN directly on the phone itself.
Instead, it would be possible to simply copy the encrypted storage onto another computer and attempt all the PINs on that other computer.
The iPhone's lock-outs and wiping would be irrelevant in this scenario. Why it might not work The risk of this approach is not so much that it won't work, but that if even a tiny mistake is made, the hardware ID could be irreparably damaged, rendering the stored data permanently inaccessible. Jailbreak the thing The iPhone's built-in lockouts and wipes are unavoidable if running the iPhone's operating system... assuming that the iPhone works as it is supposed to.
It might not.
The code that the iPhone runs to enter DFU mode, load a RAM image, verify its signature, and then boot the image is small, and it should be simple and quite bullet-proof. However, it's not impossible that this code, which Apple calls SecureROM, contains bugs.
Sometimes these bugs can enable DFU mode (or the closely related recovery mode) to run an image without verifying its signature first. There are perhaps six known historic flaws in SecureROM that have enabled jailbreakers to bypass the signature check in one way or another.
These bugs are particularly appealing to jailbreakers, because SecureROM is baked into hardware, and so the bugs cannot be fixed once they are in the wild: Apple has to update the hardware to address them.
Exploitable bugs have been found in the way SecureROM loads the image, verifies the signature, and communicates over USB, and in all cases they have enabled devices to boot unsigned firmware. If a seventh exploitable SecureROM flaw could be found, this would enable jailbreakers to run their own custom firmwares on iPhones.
That would give the FBI the power to do what it needs to do: it could build the custom firmware it needs and use it to brute force attack the PIN.
Some critics of the government's demand have suggested that a government agency—probably the NSA—might already know of such a flaw, arguing that the case against Apple is not because of a genuine need to have Apple sign a custom firmware but merely to give cover for their own jailbreak. Why it might not work Of course, the difficulty with this approach is that it's also possible that no such flaw exists, or that even if it does exist, nobody knows what it is.
Given the desirability of this kind of flaw—it can't be fixed through any operating system update—jailbreakers have certainly looked, but thus far they've turned up empty-handed.
As such, this may all be hypothetical. Ask Apple to sign an FBI-developed firmware Apple doesn't want to develop a firmware to circumvent its own security measures, saying that this level of assistance goes far beyond what is required by law.
The FBI, however, can't develop its own firmware because of the digital signature requirements. But perhaps there is a middle ground.
Apple, when developing its own firmwares, does not require each test firmware to be signed.
Instead, the company has development handsets that have the signature restriction removed from SecureROM and hence can run any firmware.
These are in many ways equivalent to the development units that game console manufacturers sell to game developers; they allow the developers to load their games to test and debug them without requiring those games to be signed and validated by the console manufacturer each time. Unlike the consoles, Apple doesn't distribute these development phones.
It might not even be able to, as it may not have the necessary FCC certification.
But they nonetheless exist.
In principle, Apple could lend one of these devices to the FBI so that the FBI would then be responsible for developing the firmware.
This might require the FBI to do the work on-site at Cupertino or within a Faraday cage to avoid FCC compliance concerns, but one way or another this should be possible. Once it had a finished product, Apple could sign it.
If the company was truly concerned with how the signed firmware might be used, it might even run the firmware itself and discard it after use. This would relieve Apple of the burden of creating the firmware, and it could be argued that it was weakening Apple's first amendment argument against unlocking the firmware. While source code is undoubtedly expressive and protected by the first amendment, it seems harder to argue that a purely mechanical transformation such as stamping a file with a digital signature should be covered by the same protection. Why it might not work Apple may very well persist in saying no, and the courts may agree. Andrew Cunningham Stop the phone from wiping its encryption keys The way the iPhone handles encryption keys is a little more complex than outlined above.
The encryption key derived from the PIN combined with the hardware ID isn't used to encrypt the entire disk directly.
If it were, changing the PIN would force the entire disk to be re-encrypted, which would be tiresome to say the least.
Instead, this derived key is used to encrypt a second key, and that key is used to encrypt the disk.
That way, changing the PIN only requires re-encryption of the second key.
The second key is itself stored on the iPhone's flash storage. Normal flash storage is awkward to securely erase, due to wear leveling.
Flash supports only a limited number of write cycles, so to preserve its life, flash controllers spread the writes across all the chips. Overwriting a file on a flash drive may not actually overwrite the file but instead write the new file contents to a different location on the flash drive, potentially leaving the old file's contents unaltered. This makes it a bad place to store encryption keys that you want to be able to delete.
Apple's solution to this problem is to set aside a special area of flash that is handled specially.
This area isn't part of the normal filesystem and doesn't undergo wear leveling at all.
If it's erased, it really is erased, with no possibility of recovery.
This special section is called effaceable storage. When the iPhone wipes itself, whether due to bad PIN entry, a remote wipe request for a managed phone, or the built-in reset feature, this effaceable storage area is the one that gets obliterated. Apart from that special handling, however, the effaceable area should be readable and writeable just like regular flash memory. Which means that in principle a backup can be made and safely squirreled away.
If the iPhone then overwrites it after 10 bad PIN attempts, it can be restored from this backup, and that should enable a further 10 attempts.
This process could be repeated indefinitely. This video from a Shenzhen market shows a similar process in action (we came at it via 9to5Mac after seeing a tweet in February and further discussion in March). Here, a 16GB iPhone has its flash chip desoldered and put into a flash reader.
A full image of that flash is made, including the all-important effaceable area.
In this case, the chip is then replaced with a 128GB chip, and the image restored, with all its encryption and data intact.
The process for the FBI's purposes would simply use the same chip every time. By restoring every time the encryption keys get destroyed, the FBI could—slowly—perform its brute force attack.
It would probably want to install a socket of some kind rather than continuously soldering and desoldering the chip, but the process should be mechanical and straightforward, albeit desperately boring. A more exotic possibility would be to put some kind of intermediate controller between the iPhone and its flash chip that permitted read instructions but blocked all attempts to write or erase data. Hardware write blockers are already routinely used in other forensic applications to prevent modifications to SATA, SCSI, and USB disks that are being used as evidence, and there's no reason why such a thing could not be developed for the flash chips themselves.
This would allow the erase/restore process to be skipped, requiring the phone to be simply rebooted every few attempts. Why it might not work The working assumption is that the iPhone's processor has no non-volatile storage of its own.
So it simply doesn't remember that it is supposed to have wiped its encryption keys, and thus will offer another ten attempts if the effaceable storage area is restored, or that even if it does remember, it doesn't care.
This is probably a reasonable assumption; the A6 processor used in the iPhone 5c doesn't appear to have any non-volatile storage of its own, and allowing restoration means that even a securely wiped phone can be straightforwardly restored from backup by connecting it to iTunes. For newer iPhones, that's less clear.
Apple implies that the A7 processor—the first to include the "Secure Enclave" function—does have some form of non-volatile storage of its own. On the A6 processor and below, the time delay between PIN attempts resets every time the phone is rebooted. On the A7 and above, it does not; the Secure Enclave somehow remembers that there has been some number of bad PIN attempts earlier on.
Apple also vaguely describes the Secure Enclave as having an "anti-replay counter" for data that is "saved to the file system." It's not impossible that this is also used to protect the effaceable storage in some way, allowing the phone to detect that it has been tampered with.
Full restoration is similarly still likely to be possible. There is also some risk to disassembling the phone, but if the process is reliable enough for Shenzhen markets, the FBI ought to be able to manage it reliably enough. This last technique in particular should be quite robust.
There's no doubt that Apple's assistance would help a great deal; creating a firmware to allow brute-forcing the PIN would be faster and lower risk than any method that requires disassembly.
But if the FBI is truly desperate to bypass the PIN lockout and potential disk wipe, there do appear to be options available to it that don't require Apple to develop the firmware.
There may well be approaches that don't require Apple to build a custom firmware to defeat some of the iPhone's security measures. The iPhone 5c used by the San Bernardino killers encrypts its data using a key derived from a combination of an ID embedded in the iPhone's processor and the user's PIN.
Assuming that a 4-digit PIN is being used, that's a mere 10,000 different combinations to try out. However, the iPhone has two protections against attempts to try every PIN in turn.
First, it inserts delays to force you to wait ever longer between PIN attempts (up to one hour at its longest).
Second, it has an optional capability to delete its encryption keys after 10 bad PINs, permanently depriving access to any encrypted data. The FBI would like to use a custom firmware that allows attempting multiple PINs without either of these features.
This custom firmware would most likely be run using the iPhone's DFU mode.
Device Firmware Update (DFU) mode is a low-level last resort mode that can be used to recover iPhones that are unable to boot.
To use DFU mode, an iPhone must be connected via USB to a computer running iTunes. iTunes will send a firmware image to the iPhone, and the iPhone will run that image from a RAM disk.
For the FBI's purposes, this image would include the PIN-attack routines to brute-force the lock on the device. Developing this firmware should not be particularly difficult—jailbreakers have developed all manner of utilities to build custom RAM disks to run from DFU mode, so running custom code from this environment is already somewhat understood—but there is a problem.
The iPhone will not run any old RAM disk that you copy to it.
It first verifies the digital signature of the system image that is transferred. Only if the image has been properly signed by Apple will the phone run it. The FBI cannot create that signature itself. Only Apple can do so.
This means also that the FBI cannot even develop the code itself.
To test and debug the code, it must be possible to run the code, and that requires a signature.
This is why it is asking for Apple's involvement: only Apple is in a position to do this development. Do nothing at all The first possibility is that there's simply nothing to do.
Erasing after 10 bad PINs is optional, and it's off by default.
If the erase option isn't enabled, the FBI can simply brute force the PIN the old-fashioned way: by typing in new PINs one at a time.
It would want to reboot the phone from time to time to reset the 1 hour delay, but as tedious as the job would be, it's certainly not impossible. It would be a great deal slower on an iPhone 6 or 6s.
In those models, the running count of failed PIN attempts is preserved across reboots, so resetting the phone doesn't reset the delay period.
But on the 5c, there's no persistent record of bad PIN trials, so restarting the phone allows an attacker to short-circuit the delay. Why it might not work Obviously, if the phone is set to wipe itself, this technique wouldn't work, and the FBI would want to know one way or the other before starting.
It ought to be a relatively straightforward matter for Apple to tell, as the phone does have the information stored in some accessible way so that it knows what to do when a bad PIN is entered. But given the company's reluctance to assist so far, getting them to help here may be impossible.Update: It turns out that this bug was fixed in iOS 8.1, so it probably wouldn't work after all. Acid and laserbeams One risky solution that has been discussed extensively already is to use lasers and acid to remove the outer layers of the iPhone's processor and read the embedded ID. Once this embedded ID is known, it's no longer necessary to try to enter the PIN directly on the phone itself.
Instead, it would be possible to simply copy the encrypted storage onto another computer and attempt all the PINs on that other computer.
The iPhone's lock-outs and wiping would be irrelevant in this scenario. Why it might not work The risk of this approach is not so much that it won't work, but that if even a tiny mistake is made, the hardware ID could be irreparably damaged, rendering the stored data permanently inaccessible. Jailbreak the thing The iPhone's built-in lockouts and wipes are unavoidable if running the iPhone's operating system... assuming that the iPhone works as it is supposed to.
It might not.
The code that the iPhone runs to enter DFU mode, load a RAM image, verify its signature, and then boot the image is small, and it should be simple and quite bullet-proof. However, it's not impossible that this code, which Apple calls SecureROM, contains bugs.
Sometimes these bugs can enable DFU mode (or the closely related recovery mode) to run an image without verifying its signature first. There are perhaps six known historic flaws in SecureROM that have enabled jailbreakers to bypass the signature check in one way or another.
These bugs are particularly appealing to jailbreakers, because SecureROM is baked into hardware, and so the bugs cannot be fixed once they are in the wild: Apple has to update the hardware to address them.
Exploitable bugs have been found in the way SecureROM loads the image, verifies the signature, and communicates over USB, and in all cases they have enabled devices to boot unsigned firmware. If a seventh exploitable SecureROM flaw could be found, this would enable jailbreakers to run their own custom firmwares on iPhones.
That would give the FBI the power to do what it needs to do: it could build the custom firmware it needs and use it to brute force attack the PIN.
Some critics of the government's demand have suggested that a government agency—probably the NSA—might already know of such a flaw, arguing that the case against Apple is not because of a genuine need to have Apple sign a custom firmware but merely to give cover for their own jailbreak. Why it might not work Of course, the difficulty with this approach is that it's also possible that no such flaw exists, or that even if it does exist, nobody knows what it is.
Given the desirability of this kind of flaw—it can't be fixed through any operating system update—jailbreakers have certainly looked, but thus far they've turned up empty-handed.
As such, this may all be hypothetical. Ask Apple to sign an FBI-developed firmware Apple doesn't want to develop a firmware to circumvent its own security measures, saying that this level of assistance goes far beyond what is required by law.
The FBI, however, can't develop its own firmware because of the digital signature requirements. But perhaps there is a middle ground.
Apple, when developing its own firmwares, does not require each test firmware to be signed.
Instead, the company has development handsets that have the signature restriction removed from SecureROM and hence can run any firmware.
These are in many ways equivalent to the development units that game console manufacturers sell to game developers; they allow the developers to load their games to test and debug them without requiring those games to be signed and validated by the console manufacturer each time. Unlike the consoles, Apple doesn't distribute these development phones.
It might not even be able to, as it may not have the necessary FCC certification.
But they nonetheless exist.
In principle, Apple could lend one of these devices to the FBI so that the FBI would then be responsible for developing the firmware.
This might require the FBI to do the work on-site at Cupertino or within a Faraday cage to avoid FCC compliance concerns, but one way or another this should be possible. Once it had a finished product, Apple could sign it.
If the company was truly concerned with how the signed firmware might be used, it might even run the firmware itself and discard it after use. This would relieve Apple of the burden of creating the firmware, and it could be argued that it was weakening Apple's first amendment argument against unlocking the firmware. While source code is undoubtedly expressive and protected by the first amendment, it seems harder to argue that a purely mechanical transformation such as stamping a file with a digital signature should be covered by the same protection. Why it might not work Apple may very well persist in saying no, and the courts may agree. Andrew Cunningham Stop the phone from wiping its encryption keys The way the iPhone handles encryption keys is a little more complex than outlined above.
The encryption key derived from the PIN combined with the hardware ID isn't used to encrypt the entire disk directly.
If it were, changing the PIN would force the entire disk to be re-encrypted, which would be tiresome to say the least.
Instead, this derived key is used to encrypt a second key, and that key is used to encrypt the disk.
That way, changing the PIN only requires re-encryption of the second key.
The second key is itself stored on the iPhone's flash storage. Normal flash storage is awkward to securely erase, due to wear leveling.
Flash supports only a limited number of write cycles, so to preserve its life, flash controllers spread the writes across all the chips. Overwriting a file on a flash drive may not actually overwrite the file but instead write the new file contents to a different location on the flash drive, potentially leaving the old file's contents unaltered. This makes it a bad place to store encryption keys that you want to be able to delete.
Apple's solution to this problem is to set aside a special area of flash that is handled specially.
This area isn't part of the normal filesystem and doesn't undergo wear leveling at all.
If it's erased, it really is erased, with no possibility of recovery.
This special section is called effaceable storage. When the iPhone wipes itself, whether due to bad PIN entry, a remote wipe request for a managed phone, or the built-in reset feature, this effaceable storage area is the one that gets obliterated. Apart from that special handling, however, the effaceable area should be readable and writeable just like regular flash memory. Which means that in principle a backup can be made and safely squirreled away.
If the iPhone then overwrites it after 10 bad PIN attempts, it can be restored from this backup, and that should enable a further 10 attempts.
This process could be repeated indefinitely. This video from a Shenzhen market shows a similar process in action (we came at it via 9to5Mac after seeing a tweet in February and further discussion in March). Here, a 16GB iPhone has its flash chip desoldered and put into a flash reader.
A full image of that flash is made, including the all-important effaceable area.
In this case, the chip is then replaced with a 128GB chip, and the image restored, with all its encryption and data intact.
The process for the FBI's purposes would simply use the same chip every time. By restoring every time the encryption keys get destroyed, the FBI could—slowly—perform its brute force attack.
It would probably want to install a socket of some kind rather than continuously soldering and desoldering the chip, but the process should be mechanical and straightforward, albeit desperately boring. A more exotic possibility would be to put some kind of intermediate controller between the iPhone and its flash chip that permitted read instructions but blocked all attempts to write or erase data. Hardware write blockers are already routinely used in other forensic applications to prevent modifications to SATA, SCSI, and USB disks that are being used as evidence, and there's no reason why such a thing could not be developed for the flash chips themselves.
This would allow the erase/restore process to be skipped, requiring the phone to be simply rebooted every few attempts. Why it might not work The working assumption is that the iPhone's processor has no non-volatile storage of its own.
So it simply doesn't remember that it is supposed to have wiped its encryption keys, and thus will offer another ten attempts if the effaceable storage area is restored, or that even if it does remember, it doesn't care.
This is probably a reasonable assumption; the A6 processor used in the iPhone 5c doesn't appear to have any non-volatile storage of its own, and allowing restoration means that even a securely wiped phone can be straightforwardly restored from backup by connecting it to iTunes. For newer iPhones, that's less clear.
Apple implies that the A7 processor—the first to include the "Secure Enclave" function—does have some form of non-volatile storage of its own. On the A6 processor and below, the time delay between PIN attempts resets every time the phone is rebooted. On the A7 and above, it does not; the Secure Enclave somehow remembers that there has been some number of bad PIN attempts earlier on.
Apple also vaguely describes the Secure Enclave as having an "anti-replay counter" for data that is "saved to the file system." It's not impossible that this is also used to protect the effaceable storage in some way, allowing the phone to detect that it has been tampered with.
Full restoration is similarly still likely to be possible. There is also some risk to disassembling the phone, but if the process is reliable enough for Shenzhen markets, the FBI ought to be able to manage it reliably enough. This last technique in particular should be quite robust.
There's no doubt that Apple's assistance would help a great deal; creating a firmware to allow brute-forcing the PIN would be faster and lower risk than any method that requires disassembly.
But if the FBI is truly desperate to bypass the PIN lockout and potential disk wipe, there do appear to be options available to it that don't require Apple to develop the firmware.
More Inception than legal argument at this point
The US Department of Justice has appealed a decision by a New York judge to refuse the FBI access to an iPhone: one part in a wider legal battle between law enforcement and Apple.
The New York case is separate from the San Bernardino case in California, over which Apple and the FBI have been very publicly fighting. However the decision by a New York magistrate last month to shoot down the FBI's demand that Apple help agents access a locked iPhone, and his rationale for doing so, have been widely cited and referenced, not least by Apple.
In New York, the iPhone belongs to alleged drug dealer Jun Feng, whereas the San Bernardino phone belonged to mass killer Syed Farook.
In particular, magistrate judge James Orenstein concluded that the FBI did not have the legal authority to compel Apple to help them bypass the phone's passcode and, critically, said the powerful All Writs Act was the wrong legal instrument to use.
The FBI is using that same act to argue for access in the San Bernardino case. Judge Orenstein wrote: The implications of the government's position are so far-reaching – both in terms of what it would allow today and what it implies about Congressional intent in 1789 – as to produce impermissibly absurd results. He added that to give the FBI and DEA the powers they requested would greatly expand governmental powers and put the All Writs Act's constitutionality in doubt. He also declared that since Apple has no responsibility for Feng's wrongdoing, he could not justify "imposing on Apple the obligation to assist the government's investigation against its will." The New York case was addressed by FBI director James Comey at a Congressional hearing on the Apple case last week, where he acknowledged that the FBI had lost. He tried to play down its importance by suggesting it was just one fight in a much larger battle. Regardless, the decision is important, so prosecutors have asked district judge Margo Brodie to look at it and grant them the court order that Orenstein denied. The FBI argues that Orenstein looked at the question too broadly and focused on possible future abuse rather than the actual case he was considering.
And then effectively accuses him of overreach by saying his ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority." It also argues – as it has done in the San Bernardino case – that the request is device-specific and so does not constitute blanket approval for the FBI to break into any iPhone. As for Apple, unsurprisingly it is in favor of Orenstein's judgment, with a spokesman saying that the company "shares the judge's concern" that use of the All Writs Act in these case is a dangerous path and a "slippery slope". ® Sponsored: 2016 global cybersecurity assurance report card
The FBI is using that same act to argue for access in the San Bernardino case. Judge Orenstein wrote: The implications of the government's position are so far-reaching – both in terms of what it would allow today and what it implies about Congressional intent in 1789 – as to produce impermissibly absurd results. He added that to give the FBI and DEA the powers they requested would greatly expand governmental powers and put the All Writs Act's constitutionality in doubt. He also declared that since Apple has no responsibility for Feng's wrongdoing, he could not justify "imposing on Apple the obligation to assist the government's investigation against its will." The New York case was addressed by FBI director James Comey at a Congressional hearing on the Apple case last week, where he acknowledged that the FBI had lost. He tried to play down its importance by suggesting it was just one fight in a much larger battle. Regardless, the decision is important, so prosecutors have asked district judge Margo Brodie to look at it and grant them the court order that Orenstein denied. The FBI argues that Orenstein looked at the question too broadly and focused on possible future abuse rather than the actual case he was considering.
And then effectively accuses him of overreach by saying his ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority." It also argues – as it has done in the San Bernardino case – that the request is device-specific and so does not constitute blanket approval for the FBI to break into any iPhone. As for Apple, unsurprisingly it is in favor of Orenstein's judgment, with a spokesman saying that the company "shares the judge's concern" that use of the All Writs Act in these case is a dangerous path and a "slippery slope". ® Sponsored: 2016 global cybersecurity assurance report card
The government argues the iPhone 5s in question runs an older operating system that has been cracked before.
The U.S. Justice Department has asked a New York federal court to overturn a recent ruling that protects Apple from having to unlock an iPhone involved in a drug case.
Last week, a Brooklyn judge rejected the government's request to compel Cupertino to crack an iPhone 5s seized in 2014 from accused drug trafficker Jun Feng, who eventually pleaded guilty to conspiracy.
Despite the guilty plea, however, the government claimed access to his phone was still necessary, because it might lead to criminal accomplices. "Ultimately, the question to be answered in this matter, and in others like it across the country, is not whether the government should be able to force Apple to help it unlock a specific device," Magistrate Judge James Orenstein said at the time. "It is instead whether the All Writs Act resolves that issue and many others like it yet to come.
I conclude that it does not." The move was welcomed by the tech titan, which is also fighting a very public battle against the FBI over its request to access an iPhone 5c used by a terrorist in the San Bernardino attack. In the New York case, prosecutors filed a 45-page brief on Monday, arguing that Feng's iPhone 5s runs an older operating system—iOS 7—that Apple has agreed to breach in the past. "This case in no way upends the balance between privacy and security," prosecutors wrote in the new filing, as reported by The Wall Street Journal. Judge Orenstein's ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority," the brief said. Apple disagrees. "Judge Orenstein ruled the FBI's request would 'thoroughly undermine fundamental principles of the Constitution' and we agree," a company spokesman said in a statement. "We share the judge's concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone's safety and privacy." Cupertino boss Tim Cook has referenced that same slippery slope in the tech titan's fight with the FBI, claiming that the requested iOS backdoor will inevitably end up in the wrong hands.
Apple is even willing to take its fight to the Supreme Court, where it would have the support of numerous industry heavyweights. Apple is due back in court on the San Bernardino case on March 22. The DOJ did not immediately respond to PCMag's request for comment.
Despite the guilty plea, however, the government claimed access to his phone was still necessary, because it might lead to criminal accomplices. "Ultimately, the question to be answered in this matter, and in others like it across the country, is not whether the government should be able to force Apple to help it unlock a specific device," Magistrate Judge James Orenstein said at the time. "It is instead whether the All Writs Act resolves that issue and many others like it yet to come.
I conclude that it does not." The move was welcomed by the tech titan, which is also fighting a very public battle against the FBI over its request to access an iPhone 5c used by a terrorist in the San Bernardino attack. In the New York case, prosecutors filed a 45-page brief on Monday, arguing that Feng's iPhone 5s runs an older operating system—iOS 7—that Apple has agreed to breach in the past. "This case in no way upends the balance between privacy and security," prosecutors wrote in the new filing, as reported by The Wall Street Journal. Judge Orenstein's ruling "goes far afield of the circumstances of this case and sets forth an unprecedented limitation on federal courts' authority," the brief said. Apple disagrees. "Judge Orenstein ruled the FBI's request would 'thoroughly undermine fundamental principles of the Constitution' and we agree," a company spokesman said in a statement. "We share the judge's concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone's safety and privacy." Cupertino boss Tim Cook has referenced that same slippery slope in the tech titan's fight with the FBI, claiming that the requested iOS backdoor will inevitably end up in the wrong hands.
Apple is even willing to take its fight to the Supreme Court, where it would have the support of numerous industry heavyweights. Apple is due back in court on the San Bernardino case on March 22. The DOJ did not immediately respond to PCMag's request for comment.
Kārlis Dambrāns
As expected, federal prosecutors in an iPhone unlocking case in New York have now asked a more senior judge, known as a district judge, to countermand a magistrate judge who ruled in Apple’s favor last week.
Last week, US Magistrate Judge James Orenstein concluded that what the government was asking for went too far.
In his ruling, he worried about a “virtually limitless expansion of the government's legal authority to surreptitiously intrude on personal privacy.”The case involves Jun Feng, a drug dealer who has already pleaded guilty, and his seized iPhone 5S running iOS 7. Prosecutors have said previously that the investigation was not over and that it still needed data from Feng's phone.
As the government reminded the court, Apple does have the ability to unlock this phone, unlike the seized iPhone 5C in San Bernardino. Moreover, as Department of Justice lawyers note, Apple has complied numerous times previously. In its 51-page Monday filing, the government largely re-hashed its previous arguments, saying that existing law should force Apple’s assistance. In this case, the government arrested a criminal.
The government got a warrant to search the criminal’s phone. Law enforcement agents tried to search the phone themselves, but determined they could not do so without risking the destruction of evidence.
The government then applied for a second court order to ask Apple to perform a simple task: something that Apple can easily do, that it has done many times before, and that will have no effect on the security of its products or the safety of its customers.
This is how the system is supposed to work. In 2014 and 2015, Apple took a two-pronged approach to resisting government pressure: one was to make iOS 8 more resilient than previous versions of the operating system, making it impossible for Apple itself to bypass a passcode lockout.
The other crucial element was to impose firmer legal resistance in court filings.
The New York case is believed to be the first time that Apple openly resisted the government’s attempt to access a seized phone. Agree to disagree? This New York case pre-dates Apple's current battle with the government over a locked iPhone 5C that belonged to one of the shooters in the December 2015 terrorist attack in San Bernardino—that case is due to be heard in court next month in nearby Riverside, California.
In the California case, federal investigators asked for and received an unprecedented court order compelling Apple to create a new firmware to unlock the device.
In February 2016, Apple formally challenged that order, and the outcome is pending. Both the New York and California cases, however, involve the government’s attempt to use an obscure 18th-Century statute known as the All Writs Act, which enables a court to order a person or a company to perform some action. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree," an Apple spokesman told Ars in a statement. "We share the judge’s concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy." The New York case, however, marks the first time that a federal judge has ruled in favor of a more privacy-minded Apple. More recent amicus, or friend of the court briefs, supporting Apple, have cited Judge Orenstein’s ruling. “The government’s argument is: ‘I would have gotten away with it too, if it weren't for you pesky magistrate!’” Riana Pfefferkorn, a legal fellow at the Stanford Center for Internet and Society, told Ars.
In his ruling, he worried about a “virtually limitless expansion of the government's legal authority to surreptitiously intrude on personal privacy.”The case involves Jun Feng, a drug dealer who has already pleaded guilty, and his seized iPhone 5S running iOS 7. Prosecutors have said previously that the investigation was not over and that it still needed data from Feng's phone.
As the government reminded the court, Apple does have the ability to unlock this phone, unlike the seized iPhone 5C in San Bernardino. Moreover, as Department of Justice lawyers note, Apple has complied numerous times previously. In its 51-page Monday filing, the government largely re-hashed its previous arguments, saying that existing law should force Apple’s assistance. In this case, the government arrested a criminal.
The government got a warrant to search the criminal’s phone. Law enforcement agents tried to search the phone themselves, but determined they could not do so without risking the destruction of evidence.
The government then applied for a second court order to ask Apple to perform a simple task: something that Apple can easily do, that it has done many times before, and that will have no effect on the security of its products or the safety of its customers.
This is how the system is supposed to work. In 2014 and 2015, Apple took a two-pronged approach to resisting government pressure: one was to make iOS 8 more resilient than previous versions of the operating system, making it impossible for Apple itself to bypass a passcode lockout.
The other crucial element was to impose firmer legal resistance in court filings.
The New York case is believed to be the first time that Apple openly resisted the government’s attempt to access a seized phone. Agree to disagree? This New York case pre-dates Apple's current battle with the government over a locked iPhone 5C that belonged to one of the shooters in the December 2015 terrorist attack in San Bernardino—that case is due to be heard in court next month in nearby Riverside, California.
In the California case, federal investigators asked for and received an unprecedented court order compelling Apple to create a new firmware to unlock the device.
In February 2016, Apple formally challenged that order, and the outcome is pending. Both the New York and California cases, however, involve the government’s attempt to use an obscure 18th-Century statute known as the All Writs Act, which enables a court to order a person or a company to perform some action. "Judge Orenstein ruled the FBI’s request would 'thoroughly undermine fundamental principles of the Constitution’ and we agree," an Apple spokesman told Ars in a statement. "We share the judge’s concern that misuse of the All Writs Act would start us down a slippery slope that threatens everyone’s safety and privacy." The New York case, however, marks the first time that a federal judge has ruled in favor of a more privacy-minded Apple. More recent amicus, or friend of the court briefs, supporting Apple, have cited Judge Orenstein’s ruling. “The government’s argument is: ‘I would have gotten away with it too, if it weren't for you pesky magistrate!’” Riana Pfefferkorn, a legal fellow at the Stanford Center for Internet and Society, told Ars.
Uncle Sam can't argue against science
Analysis Apple versus the FBI has generated much discussion and conjecture lately.
The vast majority of it has centered on the rights and the wrongs, about the loss of privacy, and of the precedent that breaking one iPhone would create.
Many are hanging on the blow-by-blow developments for an outcome, to see which side trumps: Apple – and by implication, increasingly, the tech industry – or law enforcement and the government.
But this misses the point and the ultimate outcome: victory for Apple. That's because there is a higher law beyond what FBI director James Comey sought to enforce on Apple last month. It was described by Harvard professor Larry Lessig almost 20 years ago, when he was then unknown, in a book called Code and Other Laws of Cyberspace, since updated as Code v2. Lessig called law as defined in computer code "West Coast Law." This is as opposed to "East Coast Law," which is defined by statute. Encryption is one such West Coast Law.
It was defined by Whitfield Diffie and Martin Hellman 40 years ago in a paper called "New Directions in Cryptography." Their Diffie-Hellman protocol brought us the concept of public key cryptography, messages encrypted first with a key everyone knows, then decrypted with a private key controlled by the recipient. Or vice versa. East Coast Law is analog.
It changes and it has exceptions.
Arguments can be made – on either side of a question – that define or change East Coast Law or that shift its interpretation, as happens in courts. West Coast Law, like encryption, is binary.
It's science.
It uses facts that can't be denied or altered through the relative strength or weakness of an argument.
So we have learned from that day to this. As the Diffie-Hellman paper was published, Ron Rivest, Adi Shamir, and Len Adleman created an implementation known by their initials: RSA.
They defied the wishes of the US National Security Agency and published an article on it in Scientific American in 1977. In 1991, programmer Phil Zimmermann wrote a program called Pretty Good Privacy, implementing RSA. Zimmermann launched PGP Inc in 1996, defying attempts by RSA Security (now part of EMC) to claim patent rights over the two-key method, then fighting the US government over rights to export it. The first version of the encrypted Web standard, https, also using Diffie-Hellman keys, was written into Netscape Navigator in 1994.
It evolved into a full Internet specification in 2000.
After encrypting its own traffic, Google began preferring the encrypted pages of web sites it indexed late last year. Why did Google do this? Partly in response to the revelations of Edward Snowden, whose document dump in 2013 showed that the NSA has been ignoring privacy routinely ever since 9/11.
Snowden's point was that the government's promises on this issue can't be trusted. Snowden says we can't trust government with our secrets, and we don't have to. You might as well pass a law telling glaciers not to melt. We all want our privacy and security. West Coast Law says the only way you get it is if everyone does. But, Comey says, he just wants Apple to disable PIN protection on one iPhone.
But this, too, is an encryption case.
The PIN serves as a shorter key.
This phone will self-destruct after 10 failures, just like the messages in Mission Impossible. If Apple unlocks the phone because of terrorism, the district attorney for New York County (Manhattan) alone has 175 Apple devices in his lab he wants to open, in hopes of solving crimes. And it's not just America.
If Apple broke its own phone's security because of US legal demands, China would demand that right.
So would Russia.
So would every other dictatorship. Many "crimes" being investigated in these countries are political.
If Comey gets his way, then so does Vladimir Putin. This is why Bruce Schneier, a security expert who became an IBM employee last week when his employer was bought by Big Blue, writes that "Our national security needs strong encryption." He adds: I wish I could give the good guys the access they want without also giving the bad guys access, but I can't.
If the FBI gets its way and forces companies to weaken encryption, all of us – our data, our networks, our infrastructure, our society – will be at risk. That's West Coast Law in a nutshell.
It's science.
It's binary. Resistance to it is futile. The decision by Judge James Orenstein to deny a government demand against Apple, based on the arguments used in San Bernardino, is thus theater.
So, too, with the House hearing.
Congress could pass a law, and the President could sign a law, mandating that all security have a back door, just as was sought in 1991. But even if Tim Cook was not allowed to defy such a demand, as he says he will in the case of the PIN, replacing it with something "even Apple" can't crack, unbreakable security is possible. Which means unbreakable security will exist. Will only criminals and governments have it? Or will you? Will everyone? It's all or nothing.
That's the ruling of West Coast Law. And what of Whitfield and Diffie, who launched this ship 40 years ago? They were just awarded the Turing Prize, computing's equivalent of the Nobel. Law can't defy science. ® Sponsored: Speed up incident response with actionable forensic analytics
But this misses the point and the ultimate outcome: victory for Apple. That's because there is a higher law beyond what FBI director James Comey sought to enforce on Apple last month. It was described by Harvard professor Larry Lessig almost 20 years ago, when he was then unknown, in a book called Code and Other Laws of Cyberspace, since updated as Code v2. Lessig called law as defined in computer code "West Coast Law." This is as opposed to "East Coast Law," which is defined by statute. Encryption is one such West Coast Law.
It was defined by Whitfield Diffie and Martin Hellman 40 years ago in a paper called "New Directions in Cryptography." Their Diffie-Hellman protocol brought us the concept of public key cryptography, messages encrypted first with a key everyone knows, then decrypted with a private key controlled by the recipient. Or vice versa. East Coast Law is analog.
It changes and it has exceptions.
Arguments can be made – on either side of a question – that define or change East Coast Law or that shift its interpretation, as happens in courts. West Coast Law, like encryption, is binary.
It's science.
It uses facts that can't be denied or altered through the relative strength or weakness of an argument.
So we have learned from that day to this. As the Diffie-Hellman paper was published, Ron Rivest, Adi Shamir, and Len Adleman created an implementation known by their initials: RSA.
They defied the wishes of the US National Security Agency and published an article on it in Scientific American in 1977. In 1991, programmer Phil Zimmermann wrote a program called Pretty Good Privacy, implementing RSA. Zimmermann launched PGP Inc in 1996, defying attempts by RSA Security (now part of EMC) to claim patent rights over the two-key method, then fighting the US government over rights to export it. The first version of the encrypted Web standard, https, also using Diffie-Hellman keys, was written into Netscape Navigator in 1994.
It evolved into a full Internet specification in 2000.
After encrypting its own traffic, Google began preferring the encrypted pages of web sites it indexed late last year. Why did Google do this? Partly in response to the revelations of Edward Snowden, whose document dump in 2013 showed that the NSA has been ignoring privacy routinely ever since 9/11.
Snowden's point was that the government's promises on this issue can't be trusted. Snowden says we can't trust government with our secrets, and we don't have to. You might as well pass a law telling glaciers not to melt. We all want our privacy and security. West Coast Law says the only way you get it is if everyone does. But, Comey says, he just wants Apple to disable PIN protection on one iPhone.
But this, too, is an encryption case.
The PIN serves as a shorter key.
This phone will self-destruct after 10 failures, just like the messages in Mission Impossible. If Apple unlocks the phone because of terrorism, the district attorney for New York County (Manhattan) alone has 175 Apple devices in his lab he wants to open, in hopes of solving crimes. And it's not just America.
If Apple broke its own phone's security because of US legal demands, China would demand that right.
So would Russia.
So would every other dictatorship. Many "crimes" being investigated in these countries are political.
If Comey gets his way, then so does Vladimir Putin. This is why Bruce Schneier, a security expert who became an IBM employee last week when his employer was bought by Big Blue, writes that "Our national security needs strong encryption." He adds: I wish I could give the good guys the access they want without also giving the bad guys access, but I can't.
If the FBI gets its way and forces companies to weaken encryption, all of us – our data, our networks, our infrastructure, our society – will be at risk. That's West Coast Law in a nutshell.
It's science.
It's binary. Resistance to it is futile. The decision by Judge James Orenstein to deny a government demand against Apple, based on the arguments used in San Bernardino, is thus theater.
So, too, with the House hearing.
Congress could pass a law, and the President could sign a law, mandating that all security have a back door, just as was sought in 1991. But even if Tim Cook was not allowed to defy such a demand, as he says he will in the case of the PIN, replacing it with something "even Apple" can't crack, unbreakable security is possible. Which means unbreakable security will exist. Will only criminals and governments have it? Or will you? Will everyone? It's all or nothing.
That's the ruling of West Coast Law. And what of Whitfield and Diffie, who launched this ship 40 years ago? They were just awarded the Turing Prize, computing's equivalent of the Nobel. Law can't defy science. ® Sponsored: Speed up incident response with actionable forensic analytics
The term "cyber pathogen," however, seems to exist only in Harry Potter fan fiction.
Does the San Bernardino shooter's iPhone contain anything of value for investigators? They FBI doesn't know, but the San Bernardino District Attorney suggests the county-owned handset could have been used as a weapon of mass cyber destruction.
"The iPhone…may have connected to the San Bernardino County computer network," DA Michael Ramos said in a court filing. "The seized iPhone may contain evidence that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino County's infrastructure."
Local residents shouldn't be too quick to panic, though: iPhone forensics expert Jonathan Zdziarski debunked the DA's claims.
"I quickly Googled the term 'cyber pathogen' to see if anyone had used it in computer science," Zdziarski wrote in a blog post.
The first result: Harry Potter fan fiction. "That's right, a Demigod from Gryffindor is the closest thing Google could find about cyber pathogens." Zdziarski said even CSI: Cyber is not bold enough to use "wildly non-existent terms" like "cyber pathogen" in its TV scripts. "There is absolutely nothing in the universe that knows what a cyber pathogen is," Zdziarski wrote. "Fagan's statements are not only misleading to the court, but amount to blatant fear mongering.
They are designed to manipulate the court into making a ruling for the FBI." The device in question—an iPhone 5c issued to Syed Rizwan Farook as part of his San Bernardino Health Department duties—is currently in the possession of the FBI, which wants Apple to disable a feature that wipes the gadget after 10 incorrect password guesses so that it may use an automated system to guess the phone's passcode and break in. According to Ramos, information contained on the smartphone could provide evidence to help the government identify co-conspirators "who would be prosecuted for murder and attempted murder." But to do that, Cupertino would need to create another mobile operating system that could open the encrypted device—a slippery slope, according to CEO Tim Cook, who is worried the workaround might end up in the wrong hands. Apple is even willing to take its fight against the FBI over iPhone backdoors all the way to the Supreme Court, where it would have the support of numerous industry heavyweights. Oral arguments are set for March 22 in federal court.
The first result: Harry Potter fan fiction. "That's right, a Demigod from Gryffindor is the closest thing Google could find about cyber pathogens." Zdziarski said even CSI: Cyber is not bold enough to use "wildly non-existent terms" like "cyber pathogen" in its TV scripts. "There is absolutely nothing in the universe that knows what a cyber pathogen is," Zdziarski wrote. "Fagan's statements are not only misleading to the court, but amount to blatant fear mongering.
They are designed to manipulate the court into making a ruling for the FBI." The device in question—an iPhone 5c issued to Syed Rizwan Farook as part of his San Bernardino Health Department duties—is currently in the possession of the FBI, which wants Apple to disable a feature that wipes the gadget after 10 incorrect password guesses so that it may use an automated system to guess the phone's passcode and break in. According to Ramos, information contained on the smartphone could provide evidence to help the government identify co-conspirators "who would be prosecuted for murder and attempted murder." But to do that, Cupertino would need to create another mobile operating system that could open the encrypted device—a slippery slope, according to CEO Tim Cook, who is worried the workaround might end up in the wrong hands. Apple is even willing to take its fight against the FBI over iPhone backdoors all the way to the Supreme Court, where it would have the support of numerous industry heavyweights. Oral arguments are set for March 22 in federal court.
Apple's encryption battle
To get back at Apple, GOP congressman introduces pointless bill
Amazon removed device encryption from Fire OS 5 because no one was using it
Apple’s new ally in unlocking battle: A man whose wife was shot 3 times in attack
FBI is asking courts to legalize crypto backdoors because Congress won’t
Apple prevails in forced iPhone unlock case in New York court
View all…
The San Bernardino District Attorney told a federal judge late Thursday that Apple must assist the authorities in unlocking the iPhone used by Syed Farook, one of the two San Bernardino shooters that killed 14 people in a killing rampage in December.
The phone, which was a county work phone issued to Farook as part of his Health Department duties, may have been the trigger to unleash a "cyber pathogen," county prosecutors said in a brief court filing. "The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network.
The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure," according to a court filing (PDF) by Michael Ramos, the San Bernardino County District Attorney.The development represents the first time any law enforcement official connected to the investigation provided any indication of what the authorities might discover on the phone. The county declined to directly comment.
A spokesman, David Wert, told Ars in an e-mail that "The county didn't have anything to do with this brief.
It was filed by the district attorney." The DA's office, which did not immediately respond for comment, followed up with a statement to Ars, saying that there is a "compelling governmental interest in acquiring any evidence of criminal conduct, additional perpetrators, potential damage to the infrastructure of San Bernardino County, and in protecting the California Constitutionally guaranteed due process rights of the victims, deceased and living, arising from state crimes committed on December 2, 2015." Jonathan Zdziarski, a prominent iPhone forensics expert, said in a telephone interview that the district attorney is suggesting that a "magical unicorn might exist on this phone." "The world has never seen what he is describing coming from an iPhone," Zdziarski said. "I would expect, I would demand, in order to make that statement at all, he should make some kind of proof." It sounds like he’s making up these terms as he goes. We've never used these terms in computer science.
I think what he’s trying to suggest is that Farook was somehow working with someone to install a program on the iPhone that would infect the local network with some kind of virus or worm or something along those lines.
Anything is possible, right? Do they have any evidence whatsoever to show there is any kind of cyber pathogen on the network or any logs or network captures to show that Farook's phone tried to introduce some unauthorized code into the system? In a follow-up e-mail, Zdziarski added: "This reads as an amicus designed to mislead the courts into acting irrationally in an attempt to manipulate a decision in the FB'Is favor.
It offers no evidence whatsoever that the device has, or even might have, malware on it.
It offers no evidence that their network was ever compromised.
They are essentially saying that a magical unicorn might exist on this phone." At issue is the Federal Bureau of Investigation wants Apple to create software to help it bypass the passcode lock to enable the authorities to gain access to the iPhone.
Apple is fighting a Southern California magistrate's order that it do that. Oral arguments are set for March 22 in federal court, in which Apple hopes to change the magistrate's mind. The government claims that a 1789 law, known as the All Writs Act, allows judges to issue orders despite there being no law on the topic.
The phone, which was a county work phone issued to Farook as part of his Health Department duties, may have been the trigger to unleash a "cyber pathogen," county prosecutors said in a brief court filing. "The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network.
The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure," according to a court filing (PDF) by Michael Ramos, the San Bernardino County District Attorney.The development represents the first time any law enforcement official connected to the investigation provided any indication of what the authorities might discover on the phone. The county declined to directly comment.
A spokesman, David Wert, told Ars in an e-mail that "The county didn't have anything to do with this brief.
It was filed by the district attorney." The DA's office, which did not immediately respond for comment, followed up with a statement to Ars, saying that there is a "compelling governmental interest in acquiring any evidence of criminal conduct, additional perpetrators, potential damage to the infrastructure of San Bernardino County, and in protecting the California Constitutionally guaranteed due process rights of the victims, deceased and living, arising from state crimes committed on December 2, 2015." Jonathan Zdziarski, a prominent iPhone forensics expert, said in a telephone interview that the district attorney is suggesting that a "magical unicorn might exist on this phone." "The world has never seen what he is describing coming from an iPhone," Zdziarski said. "I would expect, I would demand, in order to make that statement at all, he should make some kind of proof." It sounds like he’s making up these terms as he goes. We've never used these terms in computer science.
I think what he’s trying to suggest is that Farook was somehow working with someone to install a program on the iPhone that would infect the local network with some kind of virus or worm or something along those lines.
Anything is possible, right? Do they have any evidence whatsoever to show there is any kind of cyber pathogen on the network or any logs or network captures to show that Farook's phone tried to introduce some unauthorized code into the system? In a follow-up e-mail, Zdziarski added: "This reads as an amicus designed to mislead the courts into acting irrationally in an attempt to manipulate a decision in the FB'Is favor.
It offers no evidence whatsoever that the device has, or even might have, malware on it.
It offers no evidence that their network was ever compromised.
They are essentially saying that a magical unicorn might exist on this phone." At issue is the Federal Bureau of Investigation wants Apple to create software to help it bypass the passcode lock to enable the authorities to gain access to the iPhone.
Apple is fighting a Southern California magistrate's order that it do that. Oral arguments are set for March 22 in federal court, in which Apple hopes to change the magistrate's mind. The government claims that a 1789 law, known as the All Writs Act, allows judges to issue orders despite there being no law on the topic.
'Up until recently, Apple maintained the ability to provide information to the government, without loss of safety or security of the data stored on their devices,' Loretta Lynch tells RSA audience.
SAN FRANCISCO -- U.S.
Attorney General Loretta Lynch says she's surprised that Apple has put up a legal firewall against the Federal Bureau of Investigation in the San Bernardino iPhone backdoor case, because it has cooperated with federal law enforcement in the past.Lynch addressed a packed house March 1 at the RSA conference here at the Moscone Center, at which a record 35,000 security professionals are gathered for most of this week.The government's dispute with Apple is over the FBI's request for the company to develop a backdoor to the encryption security on the iPhone 5C that had belonged to a terrorist in the Dec. 2 San Bernardino shooting that resulted in the deaths of 14 people.
The request already has been affirmed by one court and denied indirectly by another court in a similar case; the case is expected to evolve to higher judicial levels before a determination is finally reached."In fact, up until recently, Apple maintained the ability to provide information to the government, without any loss of safety or security of the data that was stored on their devices," Lynch said during an on-stage conversation with Bloomberg News' Emily Chang. 'Not Just About Apple; About All of Us' "But we shouldn't be making this all about Apple, when in reality it's all about us.
It's about how all of commerce manages and protects our data.
The reality is, American industry is very good at using encryption and protecting our information and still maintaining the ability to use it for security purposes, marketing purposes and to be responsive to court orders.
It happens all the time, every day of the week, all across America."This is a very different decision by Apple to not participate in that national directive."While the FBI's request for a backdoor is specific only to the San Bernardino case, Apple CEO Tim Cook has warned in an open letter to customers that to provide the code to unlock encryption and force access to the information on the phone would open a Pandora's box of trouble for all Apple phones everywhere.
Apple itself has no backdoor for its own devices, since customers themselves set passwords and personal security questions.
Cook said his first obligation is to Apple's customers and that the company has a responsibility to adhere to its security promises.Chang pointed out that since the FBI vs.
Apple case made the headlines, 12 other cases involving possible evidence on 14 more iPhones are already queued up to ask for similar backdoors.
There are potentially many more cases that could come to the fore.Middle Ground Sought"Where is the middle ground on this?" Chang asked."We're investigating the worst terrorist attack on U.S. soil since 9/11.
For me, the middle ground is to do what the law requires," Lynch said. "This is not about me telling Apple to do something.
I don't get to do that; I have to go to court and ask permission to go and do anything, whether it's a device, or a box of documents at someone's house.
If there were a box of documents that I could show a court that might have evidence of a crime, and the lock on the door was such that I needed help to get in without those documents self-destructing ... that's what we're asking Apple to do."Don't run in and get it for us, don't take that risk, don't pull them out yourself -- but in this instance, do what you did for years, until about a year ago, and essentially, help us with this particular matter."To Chang's point that "if Apple makes a key to one door, it says it's making a key to all iPhone doors," Lynch said that Apple and other U.S. companies "do a great job with encrypted data, but it needs to comply with court orders; it has been using customer data for years for its own marketing purposes (with no security issues)."This has been going on for years, and we have not had the parade of horribles that Apple is now asserting," Lynch said. "We just want this one particular device.
They don't need to give the technology to us; they could keep it, they could destroy it. We just want the data; we don't want them to be the ones to get into it."Other iPhone Cases Cropping UpOn Feb. 29, a judge in Brooklyn, N.Y. ruled, in a similar case involving another iPhone, that law enforcement could not force Apple to crack it open so that police could attempt to find evidence."I was disappointed in that decision," Lynch said. "This was a case in which Apple had actually promised to help us.
It's an older version of the phone, doesn't involve encryption at all.
It is one of the many cases in which they, and other companies have provided assistance over the years.
Their position didn't change until the judge's request for their opinion became public."I think this is a case of 'Will you do what you've always done?' which is what every American citizen and company should do: Comply with the law."These cases are a clear indicator of how ubiquitous data is on personal smartphones, and how much law enforcement wants to mine those data silos."This is where data does reside. Our requests have to be limited, focused, specific to what we need to find," Lynch said. "This is not a request to rummage around and hope that we find something. Whether it's a phone or a computer, we set up safeguards so that we don't go further than that."Apple Contends Code is Protected by First AmendmentIn its defense, Apple also has asserted that code is a form of expression protected by the First Amendment, and therefore not subject to such forced capture."I think that this is a very important topic for discussion," Lynch said, "because it has ramifications far beyond this case as to whether someone should write code to comply with legal process.
But as to whether it (code) has commercial aspects: What is the answer to protecting commercial speech versus free speech, when you're talking about code?"Those are fascinating issues, but they're not the issues that drive this particular case."Why is the FBI focusing on this one phone, when there is a world of other information out there that possibly can be mined to investigate this case? Chang asked."I get asked that frequently.
They say we live in a world of information, everybody has a cellphone, there's all this data out there. My response is: So what in all those datasets are responsive to law enforcement's needs to find out what the terrorists are planning to blow up next?" Lynch said. "There's not really a response to that."'In This One Area, We're Done'Lynch said she thinks Apple is a "great company" but that she's curious as to why their view is that "we're going to innovate, we're going to create, we're going to move forward, but in this one area, we're done. We're not even going to think about this anymore.
I just find that surprising, and I'm not sure that that's really the best response to this issue."That's not what I expect from one of our great American companies."Lynch said she respects Cook and Apple but that "do we let one company, no matter how great the company, no matter how beautiful their device is, decide this issue for all of us? Do we let one company say, 'This is how investigations are done, and no other way.' We don't do that in any other area."On another topic, Lynch announced that a new agreement has been struck between the U.S. and United Kingdom that would allow British authorities to directly subpoena U.S. tech companies for wiretaps and other information on British suspects in national security investigations, instead of relying on a more cumbersome mutual legal assistance treaty.Currently, foreign governments must ask the FBI to obtain the information obtained by wiretaps, live surveillance and stored emails through mutual assistance treaties, which can cause delays in obtaining the evidence. Lynch said that the agreement would not allow the British government to directly obtain evidence on American citizens and that the court orders could only include actions taken within the U.K."Right now, American law says they can not send that data overseas, but because they operate in the U.K., they are subject to U.K. process and law there, so they are in a bind," Lynch said.
Attorney General Loretta Lynch says she's surprised that Apple has put up a legal firewall against the Federal Bureau of Investigation in the San Bernardino iPhone backdoor case, because it has cooperated with federal law enforcement in the past.Lynch addressed a packed house March 1 at the RSA conference here at the Moscone Center, at which a record 35,000 security professionals are gathered for most of this week.The government's dispute with Apple is over the FBI's request for the company to develop a backdoor to the encryption security on the iPhone 5C that had belonged to a terrorist in the Dec. 2 San Bernardino shooting that resulted in the deaths of 14 people.
The request already has been affirmed by one court and denied indirectly by another court in a similar case; the case is expected to evolve to higher judicial levels before a determination is finally reached."In fact, up until recently, Apple maintained the ability to provide information to the government, without any loss of safety or security of the data that was stored on their devices," Lynch said during an on-stage conversation with Bloomberg News' Emily Chang. 'Not Just About Apple; About All of Us' "But we shouldn't be making this all about Apple, when in reality it's all about us.
It's about how all of commerce manages and protects our data.
The reality is, American industry is very good at using encryption and protecting our information and still maintaining the ability to use it for security purposes, marketing purposes and to be responsive to court orders.
It happens all the time, every day of the week, all across America."This is a very different decision by Apple to not participate in that national directive."While the FBI's request for a backdoor is specific only to the San Bernardino case, Apple CEO Tim Cook has warned in an open letter to customers that to provide the code to unlock encryption and force access to the information on the phone would open a Pandora's box of trouble for all Apple phones everywhere.
Apple itself has no backdoor for its own devices, since customers themselves set passwords and personal security questions.
Cook said his first obligation is to Apple's customers and that the company has a responsibility to adhere to its security promises.Chang pointed out that since the FBI vs.
Apple case made the headlines, 12 other cases involving possible evidence on 14 more iPhones are already queued up to ask for similar backdoors.
There are potentially many more cases that could come to the fore.Middle Ground Sought"Where is the middle ground on this?" Chang asked."We're investigating the worst terrorist attack on U.S. soil since 9/11.
For me, the middle ground is to do what the law requires," Lynch said. "This is not about me telling Apple to do something.
I don't get to do that; I have to go to court and ask permission to go and do anything, whether it's a device, or a box of documents at someone's house.
If there were a box of documents that I could show a court that might have evidence of a crime, and the lock on the door was such that I needed help to get in without those documents self-destructing ... that's what we're asking Apple to do."Don't run in and get it for us, don't take that risk, don't pull them out yourself -- but in this instance, do what you did for years, until about a year ago, and essentially, help us with this particular matter."To Chang's point that "if Apple makes a key to one door, it says it's making a key to all iPhone doors," Lynch said that Apple and other U.S. companies "do a great job with encrypted data, but it needs to comply with court orders; it has been using customer data for years for its own marketing purposes (with no security issues)."This has been going on for years, and we have not had the parade of horribles that Apple is now asserting," Lynch said. "We just want this one particular device.
They don't need to give the technology to us; they could keep it, they could destroy it. We just want the data; we don't want them to be the ones to get into it."Other iPhone Cases Cropping UpOn Feb. 29, a judge in Brooklyn, N.Y. ruled, in a similar case involving another iPhone, that law enforcement could not force Apple to crack it open so that police could attempt to find evidence."I was disappointed in that decision," Lynch said. "This was a case in which Apple had actually promised to help us.
It's an older version of the phone, doesn't involve encryption at all.
It is one of the many cases in which they, and other companies have provided assistance over the years.
Their position didn't change until the judge's request for their opinion became public."I think this is a case of 'Will you do what you've always done?' which is what every American citizen and company should do: Comply with the law."These cases are a clear indicator of how ubiquitous data is on personal smartphones, and how much law enforcement wants to mine those data silos."This is where data does reside. Our requests have to be limited, focused, specific to what we need to find," Lynch said. "This is not a request to rummage around and hope that we find something. Whether it's a phone or a computer, we set up safeguards so that we don't go further than that."Apple Contends Code is Protected by First AmendmentIn its defense, Apple also has asserted that code is a form of expression protected by the First Amendment, and therefore not subject to such forced capture."I think that this is a very important topic for discussion," Lynch said, "because it has ramifications far beyond this case as to whether someone should write code to comply with legal process.
But as to whether it (code) has commercial aspects: What is the answer to protecting commercial speech versus free speech, when you're talking about code?"Those are fascinating issues, but they're not the issues that drive this particular case."Why is the FBI focusing on this one phone, when there is a world of other information out there that possibly can be mined to investigate this case? Chang asked."I get asked that frequently.
They say we live in a world of information, everybody has a cellphone, there's all this data out there. My response is: So what in all those datasets are responsive to law enforcement's needs to find out what the terrorists are planning to blow up next?" Lynch said. "There's not really a response to that."'In This One Area, We're Done'Lynch said she thinks Apple is a "great company" but that she's curious as to why their view is that "we're going to innovate, we're going to create, we're going to move forward, but in this one area, we're done. We're not even going to think about this anymore.
I just find that surprising, and I'm not sure that that's really the best response to this issue."That's not what I expect from one of our great American companies."Lynch said she respects Cook and Apple but that "do we let one company, no matter how great the company, no matter how beautiful their device is, decide this issue for all of us? Do we let one company say, 'This is how investigations are done, and no other way.' We don't do that in any other area."On another topic, Lynch announced that a new agreement has been struck between the U.S. and United Kingdom that would allow British authorities to directly subpoena U.S. tech companies for wiretaps and other information on British suspects in national security investigations, instead of relying on a more cumbersome mutual legal assistance treaty.Currently, foreign governments must ask the FBI to obtain the information obtained by wiretaps, live surveillance and stored emails through mutual assistance treaties, which can cause delays in obtaining the evidence. Lynch said that the agreement would not allow the British government to directly obtain evidence on American citizens and that the court orders could only include actions taken within the U.K."Right now, American law says they can not send that data overseas, but because they operate in the U.K., they are subject to U.K. process and law there, so they are in a bind," Lynch said.
Now that a federal judge has ruled against the government in one of the iPhone unlocking cases -- remember, it turns out multiple iPhones were involved, not just the "terrorist iPhone" -- it looks like a rare victory has been scored for the right to pr...
