Encryption as a Ribbon Around An Apple iPhone

Fonzo Killin Hipsters

Another good post by digital forensics expert Jonathan Zdziarski, explaining what the FBI is actually pressuring Apple to provide:

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way. NY DA Cy Vance has stated that NYC has 175 iPhones waiting to be unlocked (which translates to roughly 1/10th of 1% of all crime in NYC for an entire year). Documents have also shown DOJ has over a dozen more such requests pending. If FBI’s promise of “just this one phone” were authentic, there would be no need to order Apple to make this ribbon cutter; they’d simply tell them to cut the ribbon.

Why has the government waited this long to order such a thing? Because in spite of all of iOS 8’s security, the Chinese invented a ribbon cutter for it called the IP BOX. IP BOX was capable of brute forcing any numeric passcode in iOS 8, and even though it was junky, Chinese-made hardware with zero forensic credibility (and actually called home to servers in China), our government used it widely to break into iOS devices without Apple’s help. The government has really gone dumpster diving for forensic solutions for iOS. This ribbon cutter was used by both law enforcement and anyone with $200 to break into iOS devices, and is a great example of how such a ribbon cutter is often abused for crime.

So here’s the real question: Why is FBI asking for the invention of a ribbon cutter instead of just asking Apple to cut the ribbon? Well the answer to that comes back to precedent. If FBI can order the existence of this ribbon cutter, Cy Vance’s 175 phones will be much easier to push through the courts without the same level of scrutiny as a terrorism case. If FBI were simply asking for Apple to cut the ribbon, all future AWA orders would have to go through the same legal scrutiny in the courts for justification. Getting the ribbon cutter invented for a terrorism case opens the door for such a tool to then be justified by the DA for weaker cases – such as narcotics, computer crimes, or even simply investigations where the government can’t even prove to the courts that a crime was ever committed. Once it’s a tool, just like a Stingray box or a breathalyzer, the court’s leniency in permitting its use increases dramatically.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Now if I could only mandate that all politicians were required to understand the concepts before opening their speaking holes. I know, I know, zero chance…

 

Additionally, there is this angle:

Also consider that the courts aren’t about to force Apple to hack into their own customer products. In fact, the customer purchased these products trusting that the manufacturer wouldn’t – even couldn’t – intentionally compromise them; ever since iOS 8, Apple has marketed these devices as so secure that Apple themselves cannot hack them. For Apple to be forced to backdoor their own devices would invite countless lawsuits from their own customers, betray consumer trust, and likely cost Apple millions, if not billions, in sales depending on how big of a PR nightmare it created. The courts, however, appear to be OK with forcing Apple to write what is being portrayed by the FBI as an innocent, fluffy tool for just this one device.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Apple GovtOS and the FBI continued

Apple CEO Tim Cook has spent a lot of effort keeping this case in the public, even giving an interview with Time Magazine’s Lev Grossman, which includes statements like:

Apple Coffee Thermos

Inside Apple this idea is nicknamed, not affectionately, GovtOS. “We had long discussions about that internally, when they asked us,” Cook says. “Lots of people were involved. It wasn’t just me sitting in a room somewhere deciding that way, it was a labored decision. We thought about all the things you would think we would think about.” The decision, when it came, was no.

Cook actually thought that might be the end of it. It wasn’t: on Feb. 16 the FBI both escalated and went public, obtaining a court order from a federal judge that required Apple to create GovtOS under something called the All Writs Act. Cook took deep, Alabaman umbrage at the manner in which he learned about the court order, which was in the press: “If I’m working with you for several months on things, if I have a relationship with you, and I decide one day I’m going to sue you, I’m a country boy at the end of the day: I’m going to pick up the phone and tell you I’m going to sue you.”

It also wasn’t lost on Cook that the FBI chose not to file the order under seal: if Apple wasn’t going to help with a case of domestic terrorism, the FBI wanted Apple to do it under the full glare of public opinion.

The spectacle of Apple, the most admired company in the world, refusing to aid the FBI in a domestic-terrorism investigation has inflamed public passions in a way that, it’s safe to say, nothing involving encryption algorithms and the All Writs Act ever has before. Donald Trump asked, “Who do they think they are?” and called for a boycott of Apple. A Florida sheriff said he would “lock the rascal up,” the rascal meaning Cook. Even President Obama, whose relations with the technorati of Silicon Valley have historically been warm, spoke out about the issue at South by Southwest: “It’s fetishizing our phones above every other value. And that can’t be the right answer.”

As against that, Apple has been smothered in amicus briefs from technology firms supporting its position, including AT&T, Airbnb, eBay, Kickstarter, LinkedIn, Reddit, Square, Twitter, Cisco, Snapchat, WhatsApp and every one of its biggest, bitterest rivals: Amazon, Facebook, Google and Microsoft. Zeid Ra’ad al-Hussein, the U.N. High Commissioner for Human Rights, spoke out in Apple’s defense. So did retired general Michael Hayden, former head of both the NSA and the CIA. The notoriously hawkish Senator Lindsey Graham, who started out lambasting Apple, switched sides after a briefing on the matter. Steve Dowling, Apple’s vice president of communications, showed me a check for $100 that somebody sent to support the world’s most valuable technology company in its legal fight. (Apple didn’t cash it.)

(click here to continue reading Inside Apple CEO Tim Cook’s Fight With the FBI | TIME.)

The case seems weak, for a number of reasons (encryption is not bound by political boundaries; Apple shouldn’t be compelled to work for the government especially when they have done nothing wrong; the laws referred to as CALEA would seem to forbid the FBI’s approach; we don’t live in a police state; and so on), but you can’t assume that the judge in the case can be swayed by logic. I’d rather Tim Cook and Apple engineers were spending time improving iTunes, and fixing bugs in Mac OS X El Capitan instead of fighting government overreach, but you can’t control the universe, only react to its whims.

Only the Thought is Dark
Only the Thought is Dark

I want to note another point, as discussed extensively by Jonathan Zdziarski: the idea of a warrant-proof zone. Doctor-patient privilege, diplomatic pouches, married couples, journalistic sources, these and other areas are also “dark” in the FBI parlance. Even in court, even in cases that inflame the public’s interest, even then, a lawyer cannot be compelled to reveal what their client told them. 

There are other examples that could be mentioned, but the point is that our country recognizes many laws and international treaties that support the concept of warrant proof as a valid concept. It is not only well within Apple’s rights to produce a product that happens to be warrant-proof, but it’s actually Apple’s responsibility to create a product that’s capable of enforcing the highest level of security permitted by our country’s laws… not the lowest. Apple is well within not only their rights, but in practices that support and place appropriate locks consistent with the levels of privacy our country recognizes. These products protect everyone – diplomats, doctors, journalists, as well as all of us. Of course they should be this secure. If our own country recognizes warrant proof as a thing, of course our technology should too.

We, as everyday Americans, should also encourage the idea of warrant proof places. The DOJ believes, quite erroneously, that the Fourth Amendment gives them the right to any evidence or information they desire with a warrant. The Bill of Rights did not grant rights to the government; it protected the rights of Americans from the overreach that was expected to come from government. Our most intimate thoughts, our private conversations, our ideas, our -intent- are all things our phone tracks. These are concepts that must remain private (if we choose to protect them) for any functioning free society. In today’s technological landscape, we are no longer giving up just our current or future activity under warrant, but for the first time in history, making potentially years of our life retroactively searchable by law enforcement. Things are recorded in ways today that no one would have imagined, even when CALEA was passed. The capability that DOJ is asserting is that our very lives and identities – going back across years – are subject to search. The Constitution never permitted this.

The bottom line is this: Our country actually recognizes warrant proof data, and Apple has every right and ethical obligation to recognize it in the design of their products. As Americans, we should be demanding our thoughts, conversations, and identities be protected with the highest level of security. This isn’t just about credit cards.

(click here to continue reading Apple Should Own The Term “Warrant Proof” | Zdziarski’s Blog of Things.)

Encryption as a Ribbon Around An Apple iPhone

Fonzo Killin Hipsters

By the way, I forgot to link to another good post by digital forensics expert Jonathan Zdziarski, explaining what the FBI is actually pressuring Apple to provide:

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way. NY DA Cy Vance has stated that NYC has 175 iPhones waiting to be unlocked (which translates to roughly 1/10th of 1% of all crime in NYC for an entire year). Documents have also shown DOJ has over a dozen more such requests pending. If FBI’s promise of “just this one phone” were authentic, there would be no need to order Apple to make this ribbon cutter; they’d simply tell them to cut the ribbon.

Why has the government waited this long to order such a thing? Because in spite of all of iOS 8’s security, the Chinese invented a ribbon cutter for it called the IP BOX. IP BOX was capable of brute forcing any numeric passcode in iOS 8, and even though it was junky, Chinese-made hardware with zero forensic credibility (and actually called home to servers in China), our government used it widely to break into iOS devices without Apple’s help. The government has really gone dumpster diving for forensic solutions for iOS. This ribbon cutter was used by both law enforcement and anyone with $200 to break into iOS devices, and is a great example of how such a ribbon cutter is often abused for crime.

So here’s the real question: Why is FBI asking for the invention of a ribbon cutter instead of just asking Apple to cut the ribbon? Well the answer to that comes back to precedent. If FBI can order the existence of this ribbon cutter, Cy Vance’s 175 phones will be much easier to push through the courts without the same level of scrutiny as a terrorism case. If FBI were simply asking for Apple to cut the ribbon, all future AWA orders would have to go through the same legal scrutiny in the courts for justification. Getting the ribbon cutter invented for a terrorism case opens the door for such a tool to then be justified by the DA for weaker cases – such as narcotics, computer crimes, or even simply investigations where the government can’t even prove to the courts that a crime was ever committed. Once it’s a tool, just like a Stingray box or a breathalyzer, the court’s leniency in permitting its use increases dramatically.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Now if I could only mandate that all politicians were required to understand the concepts before opening their speaking holes. I know, I know, zero chance…

https://farm2.staticflickr.com/1503/24422344743_076085f59b_z.jpg
Additionally, there is this angle:

Also consider that the courts aren’t about to force Apple to hack into their own customer products. In fact, the customer purchased these products trusting that the manufacturer wouldn’t – even couldn’t – intentionally compromise them; ever since iOS 8, Apple has marketed these devices as so secure that Apple themselves cannot hack them. For Apple to be forced to backdoor their own devices would invite countless lawsuits from their own customers, betray consumer trust, and likely cost Apple millions, if not billions, in sales depending on how big of a PR nightmare it created. The courts, however, appear to be OK with forcing Apple to write what is being portrayed by the FBI as an innocent, fluffy tool for just this one device.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Apple vs Republican Presidential Candidates

Apple Rising
Apple Rising

No wonder our country is in trouble: not one Republican candidate for president even understands the Apple/FBI issue, or at least admits to understanding it. Not even the CNN moderators! Even though Apple’s official response was released in the afternoon before this debate, nobody spent the time to read what it asserted, they were too busy getting makeup applied and practicing zingers. Facts are for losers.

Apple’s reasoning in the brief rests on three pillars. First, that forcing Apple to write code that weakens its devices and the security of its customers constitutes a violation of free speech as protected by the Constitution.

Second, that the burden the FBI is putting on it by requesting that Apple write the software and assist in unlocking the device is too large. Apple argues that it would have to create the new version of iOS, called GovtOS, which requires coding, signing, verification and testing. It would then have to create an FBI forensics laboratory on site at its headquarters and staff it. The burden would then extend to what Apple views is the inevitable onslaught of additional devices that would follow after the precedent was set.

In addition to free speech, Apple argues that the Fifth Amendment’s Due Process clause prohibits the government from compelling Apple to create the new version of iOS. Apple argues that there is no court precedent for forcing a company to create something new, like GovtOS.

“But compelling minimal assistance to surveil or apprehend a criminal (as in most of the cases the government cites), or demanding testimony or production of things that already exist (akin to exercising subpoena power), is vastly different, and significantly less intrusive, than conscripting a private company to create something entirely new and dangerous. There is simply no parallel or precedent for it,” reads the filing.

(click here to continue reading Apple Files Motion To Dismiss The Court Order To Force It To Unlock iPhone, Citing Free Speech Rights.)

Here’s the relevant part of the Republican presidential debate transcript, held in Houston, FEB. 25, 2016, with a few comments interspersed…

BLITZER: There’s a huge battle underway right now between the tech giant Apple and the federal government. The federal government wants Apple to unlock the phone used by that San Bernardino terrorist to prevent future attacks. Apple has refused, saying it would compromise the security of all of its customers. And just this afternoon, they went to court to block the judge’s order.

To prevent future attacks? Really? The San Bernardino killers are both dead, they destroyed their computers, their other phones, but left their government issued phone untouched. Apple turned over all the iCloud data on Apple servers (email, texts) within hours, and so what exactly is on the locked phone of grave import? Most likely nothing, yet the emotionally charged public opinion is on the FBI’s side, and so they push on.

Dana Bash, pick up the questioning.

BASH: Senator Rubio, you say it’s complicated, and that, quote, “Apple isn’t necessarily wrong to refuse the court order.” Why shouldn’t investigators have everything at their disposal?

Again, this is a misleading framing. Apple complied with the FBI’s request, quickly, and with good intent. What the FBI wants is a tool to allow the FBI to have the ability to open any phone for any reason. Do you really think the FBI couldn’t take the hard drive out of the phone and copy it to some server, and run NSA decryption tools on it? The FBI wants Apple to create a magic can-opener to open each and every phone, as needed, or as suspected they’ll need, in such a way that whatever evidence is found will be able to used in court, and survive questioning by defense lawyers. The San Bernardino killers are not going to be in court, they are both dead. This case is all about the precedent.

RUBIO: No, in fact what I have said is the only thing — the FBI made this very clear 48 hours ago — the only thing they are asking of Apple is that Apple allow them to use their own systems in the FBI to try to guess the password of the San Bernardino killer. Apple initially came out saying, “We’re being ordered to create a back door to an encryption device.” That is not accurate.

The only thing they’re being asked to do, and the FBI made this very clear about 48 hours ago, is allow us to disable the self- destruct mode that’s in the Apple phone so that we can try to guess using our own systems what the password of this killer was.

And I think they should comply with that. If that’s all they’re asking for, they are not asking for Apple to create a back door to encryption.

 Rubio is either misinformed, or intentionally wrong. The FBI is quite clearly asking Apple to spend a month or so of its own resources building a new version of Government iOS in order to bypass the weakest point of the iPhone’s protection, namely the passcode. 

BASH: So just to be clear, you did say on CNN a couple of weeks ago this is a complicated issue; Apple is not necessarily wrong here.

RUBIO: Because at the time, Apple was portraying that the court order was to create a back door to an encryption device.

BASH: But just to be clear — just to be clear, if you are president, would you instruct your Justice Department to force Apple to comply or not?

RUBIO: To comply with an order that says that they have to allow the FBI the opportunity to try to guess the password?

BASH: Correct.

RUBIO: Absolutely. That Apple phone didn’t even belong to the killer. It belonged to the killer’s employee (sic) who have agreed to allow him to try to do this. That is all they’re asking them to do is to disable the self-destruct mode or the auto-erase mode on one phone in the entire world. But Apple doesn’t want to do it because they think it hurts their brand.

Well, let me tell you, their brand is not superior to the national security of the United States of America.

(APPLAUSE)

Christ, what an asshole. Marcobot Rubio’s handlers coached him on this line obviously, you can tell by the smug little grin every time he remembers to recite one of his scripted lines, more or less in the right place. And for the thousandth time, it isn’t just “one phone”. There are multiple other requests in the pipeline, some federal, some at the state level. Thousands of potential cases in the US alone, waiting, anticipating, for precedent to be set. 

BASH: Senator Cruz, Apple CEO Tim Cook says this would be bad for America. Where do you stand: national security or personal privacy?

horrible framing. If Apple had refused to turn over iCloud backups, and refused to assist the FBI from the beginning, maybe, maybe this would be a valid question, but Apple isn’t supporting terrorism by refusing to become a code-slave to the federal government! Apple is appealing the ruling, as is their right!

CRUZ: Well, as you know, at that same CNN forum, both Marco and I were asked this question. His answer, he was on both sides of the fence. He’s now agreeing with me. And so I’m glad.

What I said is yes, Apple should be forced to comply with this court order. Why? Because under the Fourth Amendment, a search and seizure is reasonable if it has judicial authorization and probable cause. In this instance, the order is not put a back door in everyone’s cell phone. If that was the order, that order would be problematic because it would compromise security and safety for everyone.

I would agree with Apple on that broad policy question. But on the question of unlocking this cell phone of a terrorist, we should enforce the court order and find out everyone that terrorist at San Bernardino talked to on the phone, texted with, e-mailed. And absolutely, Apple doesn’t have a right to defy a valid court order in a terrorism investigation.

(APPLAUSE)

Note: metadata like who was called, texted, e-mailed was already turned over, not to mention most of that is also available from the telecommunication corporation (AT&T, Verizon, whomever), and it was disclosed within hours of the shooting. Apple surely does have the ability to use the courts to dispute a court order, they aren’t going rogue and fleeing the jurisdiction! They are using the American legal system, as is their right. Perhaps Ted Cruz recalls there are multiple levels of the judiciary? Including the Supreme Court…

BASH: Dr. Carson, Tim Cook, again, the CEO of Apple, says that this would be bad for America. What do you think?

CARSON: I think allowing terrorist to get away with things is bad for America.

(APPLAUSE)

 These particular terrorists are still dead, I’m not quite sure what they are getting away with. Dr. Carson must want the police to exhume the corpses and waterboard them or worse.

You know, we have the — we have a Constitution. We have a Fourth Amendment. It guards us against illegal and unreasonable search and seizure. But we have mechanisms in place with the judicial system that will allow us to gain material that is necessary to benefit the nation as a whole or the community as a whole. And that’s why we have FISA courts and things of that nature.

So absolutely, I would — I would expect Apple to comply with the court order. If they don’t comply with that, you’re encouraging chaos in our system.

If a policeman asks him to turn in all his guns and stop practicing his religion, Dr. Carson would comply, right away, or else he’d be encouraging chaos in our system. Because no matter what the Constitution says or implies, the police get to supersede it whenever they say the magic word, “terrorism”.

BASH: Mr. Trump…

(APPLAUSE) KASICH: I want to weigh in on this please. I want to just tell you that the problem is not right now between the administration and Apple. You know what the problem is? Where’s the president been? You sit down in a back room and you sit down with the parties and you get this worked out. You don’t litigate this on the front page of the New York Times, where everybody in the world is reading about their dirty laundry out here.

The president of the United States should be convening a meeting, should have convened a meeting with Apple and our security forces. And then you know what you do when you’re the president? You lock the door and you say you’re not coming out until you reach an agreement that both gives the security people what they need and protects the rights of Americans. This is a failure of his leadership to get this done as an executive should be doing it.

And I’ll tell you, that’s why you want a governor. I do this all the time. And we reach agreements all the time. Because as an executive, you’ve got to solve problems instead of fighting on the front page of the newspaper.

(click here to continue reading Transcript of the Republican Presidential Debate in Houston – The New York Times.)

Ah, yes, Obama has been golfing again or something, right? And the FBI didn’t make public statements inflaming public sentiment before Apple even had a chance to respond? Uhh, wrong as usual, Mr. Kasich…

from APPLE INC’S MOTION TO VACATE ORDER COMPELLING APPLE INC. TO ASSIST AGENTS IN SEARCH, AND OPPOSITION TO GOVERNMENT’S MOTION TO COMPEL ASSISTANCE: 

There are two important and legitimate interests in this case: the needs of law enforcement and the privacy and personal safety interests of the public. In furtherance of its law enforcement interests, the government had the opportunity to seek amendments to existing law, to ask Congress to adopt the position it urges here. But rather than pursue new legislation, the government backed away from Congress and turned to the courts, a forum ill-suited to address the myriad competing interests, potential ramifications, and unintended consequences presented by the government’s unprecedented demand. And more importantly, by invoking “terrorism” and moving ex parte behind closed courtroom doors, the government sought to cut off debate and circumvent thoughtful analysis.

and also:

The government says: “Just this once” and “Just this phone.” But the government knows those statements are not true; indeed the government has filed multiple other applications for similar orders, some of which are pending in other courts. And as news of this Court’s order broke last week, state and local officials publicly declared their intent to use the proposed operating system to open hundreds of other seized devices—in cases having nothing to do with terrorism. If this order is permitted to stand, it will only be a matter of days before some other prosecutor, in some other important case, before some other judge, seeks a similar order using this case as precedent. Once the floodgates open, they cannot be closed, and the device security that Apple has worked so tirelessly to achieve will be unwound without so much as a congressional vote. As Tim Cook, Apple’s CEO, recently noted: “Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks—from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”

Chairman Trump
Chairman Trump

The short-fingered vulgarian didn’t get a chance to respond, but we can guess what he would have said…

Republican presidential candidate Donald Trump called on Friday for a boycott of Apple Inc products until the tech company agreed to help the U.S. government unlock the cellphone of one of the killers in last year’s San Bernardino, California, shooting.

“Boycott Apple until such time as they give that information,” Trump said at a campaign event in Pawleys Island, South Carolina. “It just occurred to me.”

(click here to continue reading Trump calls for boycott until Apple unlocks shooter’s phone | Reuters.)

The Dangerous All Writs Act Precedent in the Apple Encryption Case

Don’t be a Production Slacker
Don’t be a Production Slacker

One more angle on the FBI vs. Apple case, as discussed by Amy Davidson of The New Yorker:

Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that “the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.” The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.

The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesn’t exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?

(click here to continue reading The Dangerous All Writs Act Precedent in the Apple Encryption Case – The New Yorker.)

I’d already asked and answered myself about the second part of the question – I’m strongly against the so-called back door being built into all devices – so for me, the first part of the question was by far the most interesting. The government can really force a company to create something just for the government’s purposes? How long can the task take before you are free? Years? Decades? What happened to Capitalism? Talk about feeling entitled, or as Ms. Davidson puts it:

And so Judge Sheri Pym, a California district-court magistrate, has ordered Apple to come up with a new software bundle that can be loaded onto the phone and, in effect, take over the operating system and tell it to let the F.B.I. in. (Apple will have a chance to object to the order in court.) As an added point of convenience, this bundle is also supposed to let the agents enter passcodes electronically, rather than tapping them in, which is one of the many points on which the government seems to have moved from asking for compliance with a subpoena to demanding full-scale customer service. 

I don’t understand why this isn’t more troubling to people, especially to libertarian-leaning Republicans. The US government is asserting that if they ask, a company has to drop everything else and get working for the government or else you’ll be sent to the proverbial salt mines in Siberia. Why? Why? How dare you ask! Because War On Terra, that’s why!  No wonder this is “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple Continued – Apple ID Changed While iPhone In Government Hands

Restoring iPhone From Backup 2015-01-01 at 11.33.01 AM
Restoring iPhone From Backup 

The unnamed FBI official who was boasting to WSJ journalists about the Farook case being “nearly perfect” as a test probably wishes that quote hadn’t been used now in light of this development:

[Apple said it] had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident.

Apple sent trusted engineers to try that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed. (The FBI claims this was done by someone at the San Bernardino Health Department.) Had that password not been changed, the executives said, the government would not need to demand the company create a “backdoor” to access the iPhone used by Syed Rizwan Farook

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Did you notice? The FBI had possession of Farook’s iPhone for over 24 hours, before some agent or other employee changed the Apple ID password. (!!!???!!!)

Changing the Apple ID password isn’t hard, but it isn’t something you do without meaning to.  You’d have to log-in, give the old password, then create the new password, entering it twice. Presumedly, you’d either commit the password to memory, or WRITE IT DOWN.

Hmmm, “nearly perfect test case” indeed. 

Terrorism theatre, part the 234,323rd.

After the FBI sneeringly complained that encryption, privacy and security were merely marketing phrases to Apple, Apple responded with an eyeroll…

Creating the backdoor access, the executives said, would put at risk the privacy of millions of users. It would not only serve to unlock one specific phone, they said, but create a sort of master key that could be used to access any number of devices. The government says the access being sought could only be used on this one phone, but Apple’s executives noted that there is widespread interest in an iPhone backdoor, noting that Manhattan District Attorney Cyrus Vance said Thursday that his office has 175 Apple devices he’d like cracked. They also claimed that no other government in the world has ever asked Apple for the sort of FBiOS the government is demanding that it build now.

Asked why the company is pushing back so hard against this particular FBI request when it has assisted the agency in the past, Apple executives noted that the San Bernadino case is fundamentally different from others in which it was involved. Apple has never before been asked to build an entirely new version of its iOS operating system designed to disable iPhone security measures.

The Apple senior executives also pushed back on the government’s arguments that Apple’s actions were a marketing ploy, saying they were instead based on their love for the country and desire not to see civil liberties tossed aside.

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Booting Up

If you haven’t read digital forensics expert Jonathan Zdziarski’s blog post entitled “Apple, FBI, and the Burden of Forensic Methodology”, you should click through and read it right away (well, within 5 seconds). The FBI’s request is quite a big ask, not something considered last minute, but obviously planned carefully for maximum impact. Director Comey has been pushing for back doors to Apple and Google smartphones for a long time. 

Apple must be prepared to defend their tool and methodology in court; no really, the defense / judge / even juries in CA will ask stupid questions such as, “why didn’t you do it this way”, or “is this jail breaking”, or “couldn’t you just jailbreak the phone?” (i was actually asked that by a juror in CA’s broken legal system that lets the jury ask questions). Apple has to invest resources in engineers who are intimately familiar with not only their code, but also why they chose the methodology they did as their best practices. If certain challenges don’t end well, future versions of the instrument may end up needing to incorporate changes at the request of FBI.

If evidence from a device ever leads to a case in a court room, the defense attorney will (and should) request a copy of the tool to have independent third party verification performed, at which point the software will need to be made to work on another set of test devices. Apple will need to work with defense experts to instruct them on how to use the tool to provide predictable and consistent results.

In the likely event that FBI compels the use of the tool for other devices, Apple will need to maintain engineering and legal staff to keep up to date on their knowledge of the tool, maintain the tool, and provide testimony as needed.

In other words, developing an instrument is far more involved than simply dumping a phone for FBI, which FBI could have ordered:

  • Developed to forensically sound standards 
  • Validated and peer-reviewed 
  • Be tested and run on numerous test devices 
  • Accepted in court 
  • Given to third party forensics experts (testing) 
  • Given to defense experts (defense) 
  • Stand up to challenges 
  • Be explained on the stand 
  • Possibly give source code if ordered 
  • Maintain and report on issues 
  • Defend lawsuits from those convicted 
  • Legally pursue any agencies, forensics companies, or hackers that steal parts of the code. 
  • Maintain legal and engineering staff to support it 
  • On appeals, go through much of the process all over again

The risks are significant too:

  • Ingested by an agency, reverse engineered, then combined with in-house or purchased exploits to fill in the gap of code signing.
  • Ingested by private forensics companies, combined with other tools / exploits, then sold as a commercial product.
  • Leaked to criminal hackers, who reverse engineer and find ways to further exploit devices, steal personal data, or use it as an injection point for other ways to weaken the security of the device.
  • The PR nightmare from demonstrating in a very public venue how the company’s own products can be back doored.
  • The judicial precedents set to now allow virtually any agency to compel the software be used on any other device.
  • The international ramifications of other countries following in our footsteps; many countries of which have governments that oppress civil rights.

This far exceeds the realm of “reasonable assistance”, especially considering that Apple is not a professional forensics company and has no experience in designing forensic methodology, tools, or forensic validation. FBI could attempt to circumvent proper validation by issuing a deviation (as they had at one point with my own tools), however this runs the risk of causing the house of cards to collapse if challenged by a defense attorney.

(click here to continue reading Apple, FBI, and the Burden of Forensic Methodology | Zdziarski’s Blog of Things.)

Not something an Apple intern can do in an afternoon, in other words, but a significant task imposed on a private corporation by a government agency, in support of “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple – The Fight Over Smartphone Encryption

Cell phone-iphile
A few more details re: the FBI vs. Apple case

A conspiracy minded person might wonder how much the FBI and NSA knew about the planned attack before it happened. Maybe James Comey decided a little collateral damage was a fair price to pay?

As the fight between federal officials and tech companies over encryption has intensified in recent years, talks between the two sides have produced few results, while Congress has struggled to craft legislation on the issue.

FBI leaders had been scanning for a case that would make a compelling argument about the dangers of encryption. In the San Bernardino phone, they found what some law-enforcement officials privately describe as a nearly perfect test case.

(click here to continue reading U.S. and Apple Dig In for Court Fight Over Encryption – WSJ.)

Again, having 9 Justices on the SCOTUS is extremely important, for many reasons, including this case:

Apple has a few more days to file its formal response to the court, which can be summed up as: “No.”

After a series of briefings at this local level, if neither side is happy, the case will be passed on to the District Court. Still no solution? The case would then be escalated to the Court of Appeals for the Ninth Circuit, the court which handles these sorts of issues on the US West Coast.

If that court backs the FBI, and Apple again refuses, it could eventually reach the US Supreme Court, whose decision will ultimately be final, and in this utterly fascinating case, precedent setting.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Cell Phone Evolution
Cell Phone Evolution

Is it even possible to do what the government is requesting? Yes, it does seem so, per the analysis of Dan Guido.

Again in plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered. This customized version of iOS (*ahem* FBiOS) will ignore passcode entry delays, will not erase the device after any number of incorrect attempts, and will allow the FBI to hook up an external device to facilitate guessing the passcode. The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus. As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware.

(click here to continue reading Apple can comply with the FBI court order – Trail of Bits Blog.)

Would You Believe
Would You Believe

and finally, some other tech companies spoke up in support of Apple’s stance:

On Wednesday, Apple’s peers in the technology industry – also eager to keep reputations over security intact – gave their backing to the iPhone maker.

Jan Koum, the creator of Whatsapp, which is owned by Facebook, wrote: “We must not allow this dangerous precedent to be set. Today our freedom and our liberty is at stake.”

The Information Technology Industry Council, a lobbying group that represents Google, Facebook, Microsoft, Samsung, Blackberry and a host of others, put out this statement: “Our fight against terrorism is actually strengthened by the security tools and technologies created by the technology sector, so we must tread carefully given our shared goals of improving security, instead of creating insecurity.”

Google chief executive Sundar Pichai said: “Forcing companies to enable hacking could compromise users’ privacy.”

Edward Snowden, whose revelations about US government spying provoked Apple’s stance on passcode-protected data, said the FBI was “creating a world where citizens rely on Apple to defend their rights, rather than the other way around”.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Apple Doesn’t Want to Create Special Software For the FBI To Bypass Security

Pippin's New MBA

I’m on Apple’s side on this, 1,000%, the government should not be allowed such latitude. Apple currently has the full letter on their website, some excerpts below.

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

(click here to continue reading Customer Letter – Apple.)

A new version of the iOS, created just for the government to inspect our private communications? That doesn’t sound good, in fact, that is a horrible precedent for private industry. I assume this case will be appealed all the way to the Supreme Court, all the more reason to have a full 9 Justices sitting on the court.

Apple store

Tim Cook continues:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

 

(click here to continue reading Customer Letter – Apple.)

for reference:

The All Writs Act is a United States federal statute, codified at 28 U.S.C. § 1651, which authorizes the United States federal courts to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

(click here to continue reading All Writs Act – Wikipedia, the free encyclopedia.)

Apple Logos

The NYT gives a little context:

Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.

Judge Pym ordered Apple to build special software that would essentially act as a skeleton key capable of unlocking the phone.

But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

(click here to continue reading Tim Cook Opposes Order for Apple to Unlock iPhone, Setting Up Showdown – The New York Times.)

The WSJ adds:

Apple Inc. Chief Executive Tim Cook said the company will oppose a federal judge’s order to help the Justice Department unlock a phone used by a suspect in the San Bernardino, Calif., attack.

In a strongly worded letter to customers posted on Apple’s website early Wednesday, Mr. Cook called the order an “unprecedented step which threatens the security of our customers” with “implications far beyond the legal case at hand.”

The order, reflected in legal filings unsealed Tuesday, marks a watershed moment in the long-running argument between Washington and Silicon Valley over privacy and security.

In the order, U.S. Magistrate Judge Sheri Pym agreed with a Justice Department request that Apple help unlock an iPhone 5C once used by Syed Rizwan Farook. The order calls on Apple to disable certain security measures on the phone, including a feature that permanently disables the phone after 10 unsuccessful tries at the password. Such measures have kept agents from reviewing the contents of the phone, according to the filing. When the phone is locked, the data is encrypted.

Apple said it isn’t opposing the order lightly nor does it question the FBI’s intentions, but it feels that the government has overreached.

In her order, Judge Pym gave Apple five days to appeal.

(click here to continue reading Apple Opposes Judge’s Order to Help Unlock Phone Linked to San Bernardino Attack – WSJ.)

Apple and Others Encrypt Phones, Fueling Government Standoff

Apple Store in Soho
Apple Store in Soho.

Apparently this ridiculousness is still going on, we blogged about it last month, and previously

The No. 2 official at the Justice Department delivered a blunt message last month to Apple Inc. executives: New encryption technology that renders locked iPhones impervious to law enforcement would lead to tragedy. A child would die, he said, because police wouldn’t be able to scour a suspect’s phone, according to people who attended the meeting.

 …

Apple executives thought the dead-child scenario was inflammatory. They told the government officials law enforcement could obtain the same kind of information elsewhere, including from operators of telecommunications networks and from backup computers and other phones, according to the people who attended.

Technology companies are pushing back more against government requests for cooperation and beefing up their use of encryption. On Tuesday, WhatsApp, the popular messaging service owned by Facebook Inc., said it is now encrypting texts sent from one Android phone to another, and it won’t be able to decrypt the contents for law enforcement.

AT&T Inc. on Monday challenged the legal framework investigators have long used to collect call logs and location information about suspects.

In a filing to a federal appeals court in Atlanta, AT&T said it receives an “enormous volume” of government requests for information about customers, and argued Supreme Court decisions from the 1970s “apply poorly” to modern communications. The company urged the courts to provide new, clear rules on what data the government can take without a probable cause warrant.

(click here to continue reading Apple and Others Encrypt Phones, Fueling Government Standoff – WSJ.)

Law enforcement officials are clever, they can find ways to get data in other ways, like this, for instance…

PRISM
PRISM

And good for Tim Cook – he suggests that Apple Inc. should not be in the business of enabling the police in their quest to snoop on our phones without first getting warrants. You know, like if we were living in a constitutional Democracy with a Bill of Rights again?

In June 2013, Mr. Snowden provided reporters with documents describing a government program called Prism, which gathered huge amounts of data from tech companies. At first, tech-company executives said they hadn’t previously heard of Prism and denied participating. In fact, Prism was an NSA code word for data collection authorized by the Foreign Intelligence Surveillance Court. Tech companies routinely complied with such requests.

 More than a year later, tech executives say consumers still mistrust them, and they need to take steps to demonstrate their independence from the government.

Customer trust is a big issue at Apple. The company generates 62% of its revenue outside the U.S., where it says encryption is even more important to customers concerned about snooping by their governments.

These days, Apple Chief Executive Tim Cook stresses the company’s distance from the government.

“Look, if law enforcement wants something, they should go to the user and get it,” he said at The Wall Street Journal’s global technology conference in October. “It’s not for me to do that.”

In early September, Apple said the encryption on its latest iPhone software would prevent anyone other than the user from accessing user data stored on the phone when it is locked. Until then, Apple had helped police agencies—with a warrant—pull data off a phone. The process wasn’t quick. Investigators had to send the device to Apple’s Cupertino, Calif., headquarters, and backlogs occurred.

 

F.B.I. Director James Comey Continues His Obfuscation Tour Re Encrypted Phones

Old US Post Office building Toned
Old US Post Office building – used in Dark Knight

FBI Director James Comey continues his public obfuscation tour, blaming the upcoming Joker and Riddler crime spree in Gotham on the fairly new ability of consumers to encrypt data on their own phones against unwilling intrusions by governments and other entities.

The director of the F.B.I., James B. Comey, said on Thursday that the “post-Snowden pendulum” that has driven Apple and Google to offer fully encrypted cellphones had “gone too far.” He hinted that as a result, the administration might seek regulations and laws forcing companies to create a way for the government to unlock the photos, emails and contacts stored on the phones.

But Mr. Comey appeared to have few answers for critics who have argued that any portal created for the F.B.I. and the police could be exploited by the National Security Agency, or even Russian and Chinese intelligence agencies or criminals. And his position seemed to put him at odds with a White House advisory committee that recommended against any effort to weaken commercial encryption.

Apple and Google have announced new software that would automatically encrypt the contents of cellphones, using codes that even the companies could not crack. Their announcement followed a year of disclosures from Edward J. Snowden, the former government contractor who revealed many government programs that collect electronic data, including information on Americans.

The new encryption would hinder investigations involving phones taken from suspects, recovered at crime scenes or discovered on battlefields. But it would not affect information obtained by real-time wiretaps, such as phone conversations, emails or text messages. And the government could still get information that is stored elsewhere, including emails, call logs and, in some cases, old text messages.

(click here to continue reading James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – NYTimes.com.)

Warrant - Not Found

You know what isn’t mentioned in this long article? Warrants. I wonder why that is? Could it be that most criminal masterminds do not store their plans to rob Gotham National Bank solely upon their encrypted cellphones, leaving law enforcement completely in the dark? Possibly The Joker leaves other traces of his plan elsewhere? Or discusses his machinations with co-conspirators? According to Mr. Comey, without the government retaining the ability to tap into each and every one of our cellphones at any time, The Joker will win. He’ll win! He’ll win, Batman!

or as Marcy Wheeler rightfully notes, this seems to really be about warrantless searching, especially at the US border:

Encrypting iPhones might have the biggest impact on law enforcement searches that don’t involve warrants, contrary to law enforcement claims this is about warranted searches. As early as 2010, Customs and Border Patrol was searching around 4,600 devices a year and seizing up to 300 using what is called a “border exception.” That is when CBP takes and searches devices from people it is questioning at the border. Just searching such devices does not even require probable cause (though seizing them requires some rationale). These searches increasingly involve smart phones like the iPhone.

These numbers suggest border searches of iPhones may be as common as warranted searches of the devices. Apple provided account content to U.S. law enforcement 155 times last year. It responded to 3,431 device requests, but the “vast majority” of those device requests involved customers seeking help with a lost or stolen phone, not law enforcement trying to get contents off a cell phone (Consumer Reports estimates that 3.1 million Americans will have their smart phones stolen this year). Given that Apple has by far the largest share of the smart phone market in the U.S., a significant number of border device searches involving a smart phone will be an iPhone. Apple’s default encryption will make it far harder for the government to do such searches without obtaining a warrant, which they often don’t have evidence to get.

If law enforcement wants to retain this access, they should be honest about what they might lose and why every iPhone user should be asked to carry a phone that is susceptible to criminal targeting as a result. Trading default encryption for a limited law enforcement purpose is just that — a trade-off — and officials should be prepared to discuss it as such. And, as forensics expert Jonathan Zdziarski explains, there’s a mountain of other data still available to help law enforcement solve crimes. “There is such a mount of peripheral evidence out there that only a small handful of cases are even likely to have the iPhone be the sole smoking gun to begin with,” he explained. “Cops have iCloud data, iCloud backups, call records, voicemail records, text messages from the carrier (if obtained within a certain retention period), gmail, email, web logs, trap and trace, proxy logs, not to mention copies of data from other people involved or from the victims themselves, desktop backups (if available), sometimes even a desktop (as many criminals don’t use encryption at all). Add to that they’re eavesdropping on the whole damn Internet.”

(click here to continue reading America’s huge iPhone lie: Why Apple is being accused of coddling child molesters – Salon.com.)