Octopus Overlords

Grifman wrote:

Isgrimnur wrote: The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

This is bogus. It's a bald assertion without any argumentation or evidence that it would be true. The FBI has a warrant. They want into the phone. I don't see how this is much different than asking the landlord to unlock an apartment for which the FBI has a warrant. As long as the FBI has to get a warrant for these type of "searches", I don't see what the problem is.

hepcat wrote:

Rip wrote:Absolutely, I definitely don't agree with everything he says. He isn't even my favorite candidate.

But he isn't the Hitler knockoff he is made out to be.

Just a gasbag who can read polls and knows how to manipulate the propaganda machine without having control of it.

If it came down Trump and someone everyone else here supported, you'd vote Trump in a New York minute. Even if the other candidate spoke out against health insurance, speeding laws and beef jerky bans. Politics is all about spite for you.

Grifman wrote:This is bogus. It's a bald assertion without any argumentation or evidence that it would be true. The FBI has a warrant. They want into the phone. I don't see how this is much different than asking the landlord to unlock an apartment for which the FBI has a warrant. As long as the FBI has to get a warrant for these type of "searches", I don't see what the problem is.

In a search after the shooting, the FBI discovered an iPhone belonging to one of the attackers. The iPhone is the property of the San Bernardino County Department of Public Health where the attacker worked and the FBI has permission to search it.

LordMortis wrote:The landlord presumably owns the apartment not the tenant.
The landlord is not being legally required to develop a new technology to break into the apartment.

I suppose, you could make the argument that it's not much different than requiring Quickset to make a master key for the purpose of bypassing tumblers to make warranted entry into homes easier. Even that's off a little, but it's much closer.

RunningMn9 wrote:By it's very nature, there is a danger that it will get out in the wild. And if it did - one would imagine that the legal consequences of that would fall on Apple for not properly safeguarding the tool.

Grifman wrote:Just develop it on a non-networked computer. That would drastically reduce the probability of it getting loose.

Smoove_B wrote:But to this particular issue -- and to what Sepiche referenced -- the phone is government property. Is anyone suggesting that if this was a desktop computer belonging to an employee downloading child porn or running a gambling ring from their desk, that the data would somehow be protected?

RunningMn9 wrote:No one (including Apple) is arguing that the data on the phone should be protected. Apple is objecting to being told by the Federal Govt that it has to write software the breaks the security provisions on their mobile OS, and they don't want such a thing to exist for reasons that have nothing to do with this phone.

Smoove_B wrote:

RunningMn9 wrote:No one (including Apple) is arguing that the data on the phone should be protected. Apple is objecting to being told by the Federal Govt that it has to write software the breaks the security provisions on their mobile OS, and they don't want such a thing to exist for reasons that have nothing to do with this phone.

I think we're at the same point - I'm just sloppy with my analysis as a non-tech person. I don't think Apple should in any way be forced to break into this specific phone. I do think there should be provisions in place that give employers the ability to monitor/control/review/restrict how their technology is being used by an employee.

I'm not sure how I'd feel if this was his personal phone and everything unfolded exactly the same way as I absolutely believe if there's a method to access material on a private account, it's just matter of time before that method is released or someone figures out a way to create another way in using the opening that is provided.

Smoove_B wrote:

Grifman wrote:Just develop it on a non-networked computer. That would drastically reduce the probability of it getting loose.

Right, just like stuxnet.

RunningMn9 wrote:If the dirty terrorist had a safe, can they get a warrant to compel the lock manufacturer to open it? If the answer to that is yes, then I would agree that this doesn't seem much different - outside of the inherent danger in creating a software-based safe cracking tool.

Grifman wrote:

Smoove_B wrote:

Grifman wrote:Just develop it on a non-networked computer. That would drastically reduce the probability of it getting loose.

Right, just like stuxnet.

I'm not sure how this is even relevant. Stuxnet was intentionally released. We are talking about keeping a piece of software from being released. Please explain?

stessier wrote: Being non-networked is no guarantee that someone can't steal something from you.

Smoove_B wrote:Exactly. It was a software tool written to target non-networked hardware. Somehow it magically ended up not only being found outside of the machinery it was designed to destroy but in electronics that it was never intended to target. Unintended consequences are the worst.

Grifman wrote:Nothing is fool proof, if you want a 100% guarantee of anything, then you're going to be disappointed in life.

RunningMn9 wrote:

Grifman wrote:Nothing is fool proof, if you want a 100% guarantee of anything, then you're going to be disappointed in life.

I know one way that Apple can have a 100% guarantee that there is no way that such a thing can ever get out into the wild.

Julian Sanchez wrote:The first thing to understand about Apple’s latest fight with the FBI—over a court order to help unlock the deceased San Bernardino shooter’s phone—is that it has very little to do with the San Bernardino shooter’s phone.

It’s not even, really, the latest round of the Crypto Wars—the long running debate about how law enforcement and intelligence agencies can adapt to the growing ubiquity of uncrackable encryption tools.

Rather, it’s a fight over the future of high-tech surveillance, the trust infrastructure undergirding the global software ecosystem, and how far technology companies and software developers can be conscripted as unwilling suppliers of hacking tools for governments. It’s also the public face of a conflict that will undoubtedly be continued in secret—and is likely already well underway.

...

This summer, Manhattan District Attorney Cyrus Vance wrote that his office alone had encountered 74 iPhones it had been unable to open over a six-month period. Once it has been established that Apple can be forced to build one skeleton key, the inevitable flood of similar requests—from governments at all levels, foreign and domestic—could effectively force Apple and its peers to develop internal departments dedicated to building spyware for governments, just as many already have full-time compliance teams dedicated to dealing with ordinary search warrants.

This would create an internal conflict of interest: The same company must work to both secure its products and to undermine that security—and the better it does at the first job, the larger the headaches it creates for itself in doing the second. It would also, as Apple’s Cook has argued, make it far more difficult to prevent those cracking tools from escaping into the wild or being replicated.

...

The global market for both traditional computing devices and the new breed of networked appliances depends critically on an underlying ecosystem of trust—trust that critical security updates pushed out by developers and signed by their cryptographic keys will do what it says on the tin, functioning and interacting with other code in a predictable and uniform way. The developer keys that mark code as trusted are critical to that ecosystem, which will become ever more difficult to sustain if developers can be systematically forced to deploy those keys at the behest of governments. Users and consumers will reasonably be even more distrustful if the scope of governments’ ability to demand spyware disguised as authentic updates is determined, not by a clear framework, but a hodgepodge of public and secret court decisions.

The password for the San Bernardino shooter's iCloud account associated with his iPhone was reset hours after authorities took possession of the device.

The Justice Department acknowledged in its court filing that the password of Syed Farook's iCloud account had been reset. The filing states, "the owner [San Bernardino County Department of Public Health], in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup."

Apple could have recovered information from the iPhone had the iCloud password not been reset, the company said. If the phone was taken to a location where it recognized the Wi-Fi network, such as the San Bernardino shooters' home, it could have been backed up to the cloud, Apple suggested.

The auto reset was executed by a county information technology employee, according to a federal official. Federal investigators only found out about the reset after it had occurred and that the county employee acted on his own, not on the orders of federal authorities, the source said.

Apple executives say the iPhone was in the possession of the government when iCloud password was reset. A federal official familiar with the investigation confirmed that federal investigators were indeed in possession of the phone when the reset occurred.

Exodor wrote:Really?

The password for the San Bernardino shooter's iCloud account associated with his iPhone was reset hours after authorities took possession of the device.

The Justice Department acknowledged in its court filing that the password of Syed Farook's iCloud account had been reset. The filing states, "the owner [San Bernardino County Department of Public Health], in an attempt to gain access to some information in the hours after the attack, was able to reset the password remotely, but that had the effect of eliminating the possibility of an auto-backup."

Apple could have recovered information from the iPhone had the iCloud password not been reset, the company said. If the phone was taken to a location where it recognized the Wi-Fi network, such as the San Bernardino shooters' home, it could have been backed up to the cloud, Apple suggested.

The auto reset was executed by a county information technology employee, according to a federal official. Federal investigators only found out about the reset after it had occurred and that the county employee acted on his own, not on the orders of federal authorities, the source said.

Apple executives say the iPhone was in the possession of the government when iCloud password was reset. A federal official familiar with the investigation confirmed that federal investigators were indeed in possession of the phone when the reset occurred.

I hope Apple continues to tell them to piss off.

RunningMn9 wrote:Yeah, I really don't understand anyone on the side of the FBI in this.

Apollo wrote:Personally, I can't understand why anyone would think that protecting information on a cell phone is so important unless one is conducting criminal activity with it, of course.

Anonymous Bosch wrote:

Apollo wrote:Personally, I can't understand why anyone would think that protecting information on a cell phone is so important unless one is conducting criminal activity with it, of course.

If you read the Julian Sanchez article I linked to above, you'll have a much better understanding of the reasoning behind Apple's resistance, and the importance behind it (and rest assured, the specifics of what was mentioned in your Arstechnica article are also explained thoroughly).

RunningMn9 wrote:

Grifman wrote:Nothing is fool proof, if you want a 100% guarantee of anything, then you're going to be disappointed in life.

I know one way that Apple can have a 100% guarantee that there is no way that such a thing can ever get out into the wild.

Apollo wrote:Maybe I missed something: What do you think was the crux of Mr. Sanchez's argument?

Apollo wrote:It seems that many of the arguments against Apple helping the government are based on a misunderstanding of what exactly the government is asking Apple to do.

Smoove_B wrote:I still don't understand what the big deal is. Corporations are people and if Apple was walking through a security checkpoint at an airport, they would need to take off their shoes, open their bags and demonstrate they're not carrying liquids or sharp objects. Is Apple suggesting they don't need to be open and comply with a request to see "inside" something they own? If they aren't hiding anything, then what is problem here? Why do they hate America?

Scott Shackford, Reason.com wrote:Nobody in this dispute is arguing that the FBI lacks the authority to attempt to collect any property possessed by Farook as part of the investigation on the San Bernardino terrorist attack. Nobody is even arguing that the FBI or the federal government doesn't have the authority to attempt to crack Farook's phone security on its own.

There is, however, a mistaken comparison to the serving of a warrant to perform a search from those who would defend the FBI's order here. A search warrant is administered to the owner or resident of a property. Apple is not the owner of Farook's phone (technically, San Bernardino County is, which is perhaps causing some people to think about company or agency security guidelines). Cook pointed out that Apple does cooperate with authorities when given subpoenas for data that is under Apple's direct possession. And it has apparently done so for this very investigation.

But Farook's phone is not Apple's property. This is not data held by a third party. This is not the same as serving a search warrant to demand access to somebody's house. Rather, this is like serving an order to the company that manufactured the locks on the house's doors and telling them they have to come out and unlock them so that police can gain entrance. That's why the legal debate surrounding the judge's order is reliant on the All Writs Act, a law as old as the United States government that permits judges to demand citizens take defined actions to further its legal goals.

We do have some unusual circumstances here. Farook is dead, so the cooperation of the property's owner is out of the question. But, to reiterate a previous point, the federal government has made it abundantly clear that they want to bypass encryption not just in this one case, but in others as well, including cases where the suspected criminal is alive but uncooperative or unavailable. The government is attempting to coerce citizens into assisting the government to gain access to somebody else's property. This sets a dangerous precedent that is easy to ignore because of the circumstances of this case.

Consider instead, though, this process being used against living people for cases that are going to get much less attention than a man responsible for the deaths of 14 people on American soil in a terrorist attack. Consider, oh, an IRS investigation instead. Cook warns that orders like this could be used to demand the building of "surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone's microphone or camera without your knowledge."

Suddenly your property is not even your property. This isn't serving a warrant to search your home. This is sneaking into your home when you're not there and going through your drawers without you even noticing.

GreenGoo wrote:Saw a headline that Apple caved.

Jesus Christ.