Encryption as a Ribbon Around An Apple iPhone

Fonzo Killin Hipsters

Another good post by digital forensics expert Jonathan Zdziarski, explaining what the FBI is actually pressuring Apple to provide:

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way. NY DA Cy Vance has stated that NYC has 175 iPhones waiting to be unlocked (which translates to roughly 1/10th of 1% of all crime in NYC for an entire year). Documents have also shown DOJ has over a dozen more such requests pending. If FBI’s promise of “just this one phone” were authentic, there would be no need to order Apple to make this ribbon cutter; they’d simply tell them to cut the ribbon.

Why has the government waited this long to order such a thing? Because in spite of all of iOS 8’s security, the Chinese invented a ribbon cutter for it called the IP BOX. IP BOX was capable of brute forcing any numeric passcode in iOS 8, and even though it was junky, Chinese-made hardware with zero forensic credibility (and actually called home to servers in China), our government used it widely to break into iOS devices without Apple’s help. The government has really gone dumpster diving for forensic solutions for iOS. This ribbon cutter was used by both law enforcement and anyone with $200 to break into iOS devices, and is a great example of how such a ribbon cutter is often abused for crime.

So here’s the real question: Why is FBI asking for the invention of a ribbon cutter instead of just asking Apple to cut the ribbon? Well the answer to that comes back to precedent. If FBI can order the existence of this ribbon cutter, Cy Vance’s 175 phones will be much easier to push through the courts without the same level of scrutiny as a terrorism case. If FBI were simply asking for Apple to cut the ribbon, all future AWA orders would have to go through the same legal scrutiny in the courts for justification. Getting the ribbon cutter invented for a terrorism case opens the door for such a tool to then be justified by the DA for weaker cases – such as narcotics, computer crimes, or even simply investigations where the government can’t even prove to the courts that a crime was ever committed. Once it’s a tool, just like a Stingray box or a breathalyzer, the court’s leniency in permitting its use increases dramatically.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Now if I could only mandate that all politicians were required to understand the concepts before opening their speaking holes. I know, I know, zero chance…

 

Additionally, there is this angle:

Also consider that the courts aren’t about to force Apple to hack into their own customer products. In fact, the customer purchased these products trusting that the manufacturer wouldn’t – even couldn’t – intentionally compromise them; ever since iOS 8, Apple has marketed these devices as so secure that Apple themselves cannot hack them. For Apple to be forced to backdoor their own devices would invite countless lawsuits from their own customers, betray consumer trust, and likely cost Apple millions, if not billions, in sales depending on how big of a PR nightmare it created. The courts, however, appear to be OK with forcing Apple to write what is being portrayed by the FBI as an innocent, fluffy tool for just this one device.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Christine Blasey Ford Wants F.B.I. to Investigate Kavanaugh Before She Testifies

Perched
Perched

The New York Times reports:

The woman who has accused President Trump’s Supreme Court nominee of sexual assault all but ruled out appearing at an extraordinary Senate hearing scheduled for next week to hear her allegations, insisting on Tuesday that the F.B.I. investigate first.

Speaking through lawyers, Christine Blasey Ford said she would cooperate with the Senate Judiciary Committee and left open the possibility of testifying later about her allegations against Judge Brett M. Kavanaugh. But echoing Senate Democrats, she said an investigation should be “the first step” before she is put “on national television to relive this traumatic and harrowing incident.”

Republicans signaled Tuesday night that they would not negotiate an alternative date and would go ahead with the hearing without her or declare it unnecessary if she refuses to appear, then possibly move to a vote.

(click here to continue reading Christine Blasey Ford Wants F.B.I. to Investigate Kavanaugh Before She Testifies – The New York Times.)

Yes, much more important to speedily nominate Kavanaugh to a lifetime appointment than take a couple of days to investigate her claims and his counter-claims. The GOP motivation is transparent – make sure there is a conservative majority in the Supreme Court in the last few months before they lose their upcoming election. Disgusting.

Rule of law, ha.

 Would You Believe

Unfortunately, if Ms. Blasey doesn’t agree to the bullies’ terms, they will just skip the testimony part and go right to the vote, depending upon reliable Republicans like Susan Collins to vote Kavanaugh in.

NYT:

In the letter to the Judiciary Committee, Dr. Blasey’s lawyers said that she has been the target of “vicious harassment and even death threats” since her name was made public on Sunday in an interview published in The Washington Post. Her email has been hacked, she has been impersonated online and she and her family have been forced to relocate out of their home, according to the lawyers, Ms. Banks and her partner, Debra S. Katz.

“While Dr. Ford’s life was being turned upside down, you and your staff scheduled a public hearing for her to testify at the same table as Judge Kavanaugh in front of two dozen U.S. Senators on national television to relive this traumatic and harrowing incident,” the lawyers wrote to Mr. Grassley. The hearing “would include interrogation by senators who appear to have made up their minds that she is ‘mistaken’ and ‘mixed up.’”

 

(click here to continue reading Christine Blasey Ford Wants F.B.I. to Investigate Kavanaugh Before She Testifies – The New York Times.)

Trump worries that federal investigators may have seized recordings made by Cohen

You Are Being Film
You Are Being Film

Lordy, I hope there are tapes1

Ashley Parker, Carol D. Leonnig, Josh Dawsey and Tom Hamburger of the Washington Post report:

President Trump’s personal attorney Michael D. Cohen sometimes taped conversations with associates, according to three people familiar with his practice, and allies of the president are worried that the recordings were seized by federal investigators in a raid of Cohen’s office and residences this week.

Cohen, who served for a decade as a lawyer at the Trump Organization and is a close confidant of Trump, was known to store the conversations using digital files and then replay them for colleagues, according to people who have interacted with him.

“We heard he had some proclivity to make tapes,” said one Trump adviser, who spoke on the condition of anonymity because of the ongoing investigation. “Now we are wondering, who did he tape? Did he store those someplace where they were actually seized? . . . Did they find his recordings?”

(click here to continue reading Trump’s allies worry that federal investigators may have seized recordings made by his attorney – The Washington Post.)

Especially funny is that Michael Cohen2 made tapes because “Spanky” Trump so often bragged about how he taped conversations, despite the fact that Trump never actually took the time to create a system to record conversations.

You Wanted To Disappear
You Wanted To Disappear

WaPo:

 

Tim O’Brien, a Trump biographer and executive editor of Bloomberg View, wrote a column in the wake of Trump’s taping claim saying that Comey likely had little reason to worry. In the piece, O’Brien recounted that Trump frequently made a similar boast to him.

 

“Back in the early 2000s, Trump used to tell me all the time that he was recording me when I covered him as reporter for the New York Times,” O’Brien wrote. “He also said the same thing when I was writing a biography of him, ‘Trump Nation.’ I never thought he was, but who could be sure?”

 

But after Trump sued him for libel shortly after his biography came out, O’Brien’s lawyers deposed Trump in December 2007 — during which Trump admitted he had not, in fact, clandestinely taped O’Brien.

 

“I’m not equipped to tape-record,” Trump said in the deposition. “I may have said it once or twice to him just to — on the telephone, because everything I said to him he’d write incorrectly; so just to try and keep it honest.”

 

 

(click here to continue reading Trump’s allies worry that federal investigators may have seized recordings made by his attorney – The Washington Post.)

I’d say the odds are greater than 50/50 that Trump was recorded by Cohen saying something of interest to federal prosecutors, and that the Feds have a copy of this recording or recordings, and that Trump is stress-peeing on a rug in the Oval Office right now.

Footnotes:
  1. said everyone at the same time, except for Trump and his thugs []
  2. allegedly []

FBI Raid On Paul Manafort Storage Locker

One Step Forward
One Step Forward

Michael Cohen being raided is big news, but there are other threads we are following, including the Paul Manafort case. 

The FBI found a storage locker with lots and lots of documents that Paul Manafort was saving, perhaps to be made whole. This will come up again, mark my words.

Betsy Woodruff reports:

According to court documents, one of Manafort’s former employees led an FBI agent to a storage locker filled with paperwork on Manafort’s businesses and finances. The person’s name is redacted from the filings. But he’s now at the center of a fight over evidence that could play a significant role in the government’s case against Manafort.

“People do strange things when confronted with authoritative FBI agents,” said Sol Wisenberg, a criminal defense attorney with Nelson Mullins.

The person whose name was redacted also gave the FBI agent “a key to the lock on Unit 3013 and described the contents of Unit 3013,” according to the affidavit. That person also gave the FBI agent “written consent” to search the storage unit, and opened it for the FBI agent.

The FBI agent then looked into the storage unit and saw about 21 boxes of documents, as well as a filing cabinet. One box was marked as containing expenses, paid bills, invoices, and legal complaints. Another box said it contained “Ukraine Binders,” as well information about ballot security, Georgia, research, and “Ukraine Campaign.”

Manafort and Gates have been involved in Ukrainian politics for years, and helped prop up Kiev’s Putin-friendly strongman, Viktor Yanukovych.

The FBI agent seemed to figure out immediately that the storage unit’s contents were interesting, because the law enforcement officials started surveilling the storage unit facility to see if anyone went in to take out any files. The day after seeing the storage unit, the FBI agent filed the affidavit—which was more than 20 pages long—with a magistrate judge.

(click here to continue reading A Second Paul Manafort Associate Has Turned on Him.)

I guess these guys haven’t heard of a document shredder or something. I shred stuff on a regular basis and I avoid criminal or even sketchy business! Why wouldn’t these guys have a contract with a shredding company to come every other month?

Gleamingly Banal
Gleamingly Banal

A sign of one’s age when this is the birthday present I bought myself

F.B.I. Raid Is Perilous for Michael Cohen — and Trump

Movie Night
Almost Like Movie Night…

The FBI raid on Trump “fixer” Michael Cohen is a pretty big development. Unusual for an attorney’s office to be raided, there must be some solid evidence of crime.

Ken White, aka Popehat, writes:

This is what we know, in part from Mr. Cohen’s attorney: The United States attorney’s office in Manhattan, acting on a referral from Mr. Mueller, sought and obtained search warrants for Mr. Cohen’s law office, home and hotel room, seeking evidence related at least in part to his payment of $130,000 in hush money to the adult actress Stephanie Clifford, who goes by her stage name, Stormy Daniels. There are reports that the warrant sought evidence of bank fraud and campaign finance violations, which is consistent with an investigation into allegations that the Daniels payment was illegally sourced or disguised. (For example, routing a payment through a shell company to hide the fact that the money came from the Trump campaign — if that is what happened — would probably violate federal money-laundering laws.)

What does this tell us? First, it reflects that numerous officials — not just Mr. Mueller — concluded that there was probable cause to believe that Mr. Cohen’s law office, home and hotel room contained evidence of a federal crime. A search warrant for a lawyer’s office implicates the attorney-client privilege and core constitutional rights, so the Department of Justice requires unusual levels of approval to seek one. Prosecutors must seek the approval of the United States attorney of the district — in this case Geoffrey Berman, the interim United States attorney appointed by President Trump.

Prosecutors must also consult with the criminal division of the Justice Department in Washington. Finally, prosecutors must convince a United States magistrate judge that there’s probable cause to support the search. Faced with a warrant application destined for immediate worldwide publicity, the judge surely took unusual pains to examine it. This search was not the result of Mr. Mueller or his staff “going rogue.”

(click here to continue reading Opinion | Why the F.B.I. Raid Is Perilous for Michael Cohen — and Trump – The New York Times.)

and importantly, if the Southern District of New York, in the process of examining Cohen’s records in their taint team, find evidence of other crimes or discover relevant documents for the Russia investigation, they can send those back to the Special Prosecutor.

Washington Post:

In a search like this, prosecutors typically set up a privilege team or “taint team” of investigators not involved in the case to review potentially privileged documents and shield those from the team actually involved in the prosecution. There is an exception to the attorney-client privilege if communications to an attorney are used in furtherance of a crime or fraud; that could come into play here as well. And documents related to anything Cohen did on his own — after all, Trump has denied knowing about the payment to Daniels — are likely not privileged if they do not contain attorney-client communications. Documents are not automatically privileged simply because they passed through an attorney’s hands.

(click here to continue reading Michael Cohen is in serious legal jeopardy – The Washington Post.)

Popehat again:

The Stormy Daniels payout may be outside the scope of the Russia investigation, but it’s possible that Mr. Cohen’s records are full of materials that are squarely within that scope. And the law is clear: If investigators executing a lawful warrant seize evidence of additional crimes, they may use that evidence. Thus Mr. Trump and Mr. Cohen, with their catastrophically clumsy handling of the Daniels affair, may have handed Mr. Mueller devastating evidence.

(click here to continue reading Opinion | Why the F.B.I. Raid Is Perilous for Michael Cohen — and Trump – The New York Times.)

Stay tuned!

Foreign Nationals Manipulate Kushner With Ease

The Sound Was Sweet And Clear
The Sound Was Sweet And Clear

If there was ever a candidate who should have his citizenship stripped, and should be sent to Gitmo, or Yemen, it’s Jared Kushner. Well, maybe he wouldn’t be alone, and would be joined by his wife, his brothers-in-law, and a few others in the Trump circle…

Officials in at least four countries have privately discussed ways they can manipulate Jared Kushner, the president’s son-in-law and senior adviser, by taking advantage of his complex business arrangements, financial difficulties and lack of foreign policy experience, according to current and former U.S. officials familiar with intelligence reports on the matter.

Among those nations discussing ways to influence Kushner to their advantage were the United Arab Emirates, China, Israel and Mexico, the current and former officials said.

It is unclear if any of those countries acted on the discussions, but Kushner’s contacts with certain foreign government officials have raised concerns inside the White House and are a reason he has been unable to obtain a permanent security clearance, the officials said.

Kushner’s interim security clearance was downgraded last week from the top-secret to the secret level, which should restrict the regular access he has had to highly classified information, according to administration officials.

H.R. McMaster, President Trump’s national security adviser, learned that Kushner had contacts with foreign officials that he did not coordinate through the National Security Council or officially report. The issue of foreign officials talking about their meetings with Kushner and their perceptions of his vulnerabilities was a subject raised in McMaster’s daily intelligence briefings, according to the current and former officials, who spoke on the condition of anonymity to discuss sensitive matters.

Within the White House, Kushner’s lack of government experience and his business debt were seen from the beginning of his tenure as potential points of leverage that foreign governments could use to influence him, the current and former officials said.

(click here to continue reading Kushner’s overseas contacts raise concerns as foreign officials seek leverage – The Washington Post.)

Emails
emails

You know, Hillary’s emails…

Kushner has been Trump’s designated reader of the highly classified Presidential Daily Briefing for over a year now, without appropriate security clearance. Isn’t that disturbing to you? It is to me. These foreign nations who laughingly considered Kushner easy to manipulate were very interested in information discussed in the PDB. How do we know Kushner wasn’t trafficking it to the highest bidders?

If Kushner can read the PDB, why can’t I? I bet I’d pass an FBI security investigation within 2 months, if not sooner. Sure I was born in Toronto to Vietnam War draft-dodgers, but my ancestry can be traced back to Jamestown in the 1600s, and elsewhere in Colonial America, plus no member of my family has been jailed for illegal campaign contributions, tax evasion, and witness tampering. Maybe the PDB should be available to every voter who can pass an FBI check? We are still, allegedly, a democratic nation, theoretically, the citizen is in tenuous charge of the government.

Leonard Peltier should be released in the interest of justice

Exiled and Wandering
Exiled and Wandering

I was going to respond to the unsigned Chicago Tribune editorial titled, “Clemency for Leonard Peltier? Never”, but James Reynolds, former U.S. attorney did a better job, with less swear words.

In response to your Monday editorial “Clemency for Leonard Peltier? Never,” I was the United States attorney who supervised the prosecution of Leonard Peltier during the critical post-trial period. In December 2016, I wrote to President Barack Obama to support his clemency petition “as being in the best interests of justice in considering the totality of all matters involved.”

Although no trial is perfect, Peltier’s was unusually troublesome, particularly when viewed with the benefit of hindsight. The case against Peltier was a moving target, which shifted from a “deliberate ambush” theory in the earlier trial of Peltier’s co-defendants (who were found not guilty) to a “deliberate execution” at Peltier’s subsequent trial before a different judge, and then to an “accomplice” theory on appeal.

As an “aider and abettor,” according to the government’s theory, Peltier was guilty of the murders because he was present, and he had a weapon. It was a very thin case that likely would not be upheld by courts today. It is a gross overstatement to label Peltier a “cold-blooded murderer” on the basis of the minimal proof that survived the appeals in his case.

Following the conclusion of the appeals, Judge Gerald Heaney, an Eighth Circuit judge who sat on two of the appeals, took the extraordinary step of writing to the Senate Select Committee on Indian Affairs urging it to grant clemency to Peltier in 1991.

Considering all of the surrounding factors, including the prevailing worldview of the time, the FBI’s role in the creation of dangerous conditions on Pine Ridge, the manner in which the case was investigated and prosecuted and the extraordinary length of time already served, in my opinion, Peltier should be released in the interests of justice.

The government has gotten almost 41 years, and 41 pounds of flesh; Peltier is old and sick, and in my opinion, any more time served would be vindictive.

— James Reynolds, former U.S. attorney, Naples, Fla.

(click here to continue reading Leonard Peltier should be released in the interest of justice – Chicago Tribune.)

Exactly, Leonard Peltier has served long enough for a crime he probably didn’t even commit. 

Simply Because It Was True
Simply Because It Was True

A little neutral-esque background from Wikipedia:

Peltier fled to Hinton, Alberta, where he hid in a friend’s cabin. On February 6, 1976, he was arrested. In December 1976, he was extradited from Canada based on documents submitted by the FBI that Warren Allmand, Canada’s Solicitor General at the time, would later state contained false information.

One of those documents was an affidavit signed by Myrtle Poor Bear, a local Native American woman. She claimed to have been Peltier’s girlfriend at the time and to have witnessed the murders. But, according to Peltier and others at the scene, Poor Bear did not know Peltier, nor was she present at the time of the shooting. She later claimed that she was pressured and threatened by FBI agents into giving the statements. Poor Bear attempted to testify about the FBI’s intimidation at Peltier’s trial; however, the judge barred her testimony on the grounds of mental incompetence.

Peltier fought extradition to the United States, even as Bob Robideau and Darrelle “Dino” Butler, AIM members also present on the Jumping Bull compound at the time of the shootings, were found not guilty on the grounds of self-defense by a federal jury in Cedar Rapids, Iowa. Peltier returned too late to be tried with Robideau and Butler, and he was subsequently tried separately. Peltier’s trial was held in Fargo, North Dakota, where a jury convicted Peltier of the murders of Coler and Williams. Unlike the trial for Butler and Robideau, the jury was informed that the two FBI agents were killed by close-range shots to their heads, when they were already defenseless due to previous gunshot wounds. They also saw autopsy and crime scene photographs of the two agents, which had not been shown to the jury at Cedar Rapids. In April 1977, Peltier was convicted and sentenced to two consecutive life sentences.

Doubts about legal proceedings

Numerous doubts have been raised over Peltier’s guilt and the fairness of his trial, based on allegations and inconsistencies regarding the FBI and prosecution’s handling of this case:

  • FBI radio intercepts indicated that the two FBI agents had been pursuing a red pickup truck; this was confirmed by the FBI the day after the shootout. Red pickup trucks near the reservation were stopped for weeks, but Leonard Peltier did not drive a red pickup truck. Evidence was given that Peltier was driving a Suburban vehicle; a large station wagon style sedan built on a pickup truck chassis with an enclosed rear section. Peltier’s vehicle was red with a white roof—not a red, open-tray pickup truck with no white paint. The FBI agents’ radio message said that the suspect they were pursuing was driving a red pickup truck, with no additional details. At Peltier’s trial, the FBI testified that it had been searching for a red and white van, which Peltier was sometimes seen driving. This was a highly contentious matter of evidence in the trials.
  • Testimony from three witnesses placed Peltier, Robideau and Butler near the crime scene. Those three witnesses later recanted, alleging that the FBI, while extracting their testimony, had tied them to chairs, denied them their right to talk to their attorney, and otherwise coerced and threatened them. Robideau said during an interview in the Robert Redford/Michael Apted film Incident at Oglala (1992), that “we approached” the agents’ cars.
  • Unlike the juries in similar prosecutions against AIM leaders at the time, the Fargo jury was not allowed to hear about other cases in which the FBI had been rebuked for tampering with evidence and witnesses.
  • An FBI ballistics expert testimony during the trial asserted that a shell case found near the dead agents’ bodies matched the rifle tied to Peltier. He said that a forensics test of the firing pin, which would have more definitively matched the gun to the cartridge case, was not performed because the gun was damaged in the fire. A less definitive test indicated that the extractor marks on the case and rifle matched. Years later, after an FOIA request, the FBI ballistics expert’s records were examined. His report said that he had performed a ballistics test of the firing pin and concluded that the cartridge case from the scene of the crime did not come from the rifle tied to Peltier. That evidence was withheld from the jury during the trial.
  • Though the FBI’s investigation indicated that an AR-15 was used to kill the agents, several different AR-15s were in the area at the time of the shootout. Also, no other cartridge cases or evidence about them were offered by the prosecutor’s office, although other bullets were fired at the crime scene.
  • During the trial, all the bullets and bullet fragments found at the scene were provided as evidence and detailed by Cortland Cunningham, FBI Firearms expert, in testimony. (Ref US v. Leonard Peltier Vol 9).
  • According to Peltier, when he appealed his first-degree murder conviction in 1992, the charge was illegally changed to aiding and abetting.
  • The U.S. Parole Commission denied Peltier parole in 1993 based on their finding that he “participated in the premeditated and cold blooded execution of those two officers.” But, the Parole Commission has since stated that it “recognizes that the prosecution has conceded the lack of any direct evidence that [Peltier] personally participated in the executions of the two FBI agents.”

(click here to continue reading Leonard Peltier – Wikipedia.)

Obama seems unlikely to commute Leonard Peltier’s sentence or pardon him, however, he should

Thursday Leftovers – Plate 3

A few scraps of news discovered on my browser recently. Or is it in my browser?

Federal Bureau of Investigation Chicago Division
Federal Bureau of Investigation Chicago Division…

Jimmy Comey, FBI director, seems to be of the mind that the only way that police can do their jobs is if they are allowed to be a military invading force, civil liberties be damned. If a cop is worried about his actions being controversial, perhaps the actions are the problem, not the videotape? Comey must want to be fired, the last time this topic came up, the White House vehemently disagreed via multiple channels. What will happen this time? Also am heartened to read the comments to this article, for once, 90% of the comments are thoughtful, and most agree that Comey is way out of line.

The director of the F.B.I. reignited the factious debate over a so-called “Ferguson effect” on Wednesday, saying that he believed less aggressive policing was driving an alarming spike in murders in many cities.

James Comey, the director, said that while he could offer no statistical proof, he believed after speaking with a number of police officials that a “viral video effect” — with officers wary of confronting suspects for fear of ending up on a video — “could well be at the heart” of a spike in violent crime in some cities.

“There’s a perception that police are less likely to do the marginal additional policing that suppresses crime — the getting out of your car at 2 in the morning and saying to a group of guys, ‘Hey, what are you doing here?’” he told reporters.

(click here to continue reading F.B.I. Director Says ‘Viral Video Effect’ Blunts Police Work – The New York Times.)

FBI Anti-Piracy Warning
FBI Anti-Piracy Warning…

The FBI wants free reign to watch you, however, by installing malware on your devices at their whim, without even a warrant…

n an interview with Gizmodo, Senator Ron Wyden revealed that he’ll introduce legislation next week that, if passed, would stop the recent Supreme Court change to what’s known as “Rule 41,” which gave the government broader hacking power.

The Department of Justice has been pushing for the rule change for years, and it was finally granted by the Supreme Court in April. The new rule allows federal judges to grant warrants to agencies like the FBI to deploy “Network Investigative Techniques” (malware) to search any number of computers, be it 10 or 100,000, even if they don’t know what jurisdiction the computers are in. The rule change also allows judges to grant warrants to search the computers of victims of cybercrime, even if that person hasn’t been suspected of a crime. Congress has six months to oppose the rule change or else it will automatically go into effect.

Then there’s the question of infecting computers with malware in order to search them. In an interview with Gizmodo, Senator Wyden aired his concerns.

“By compromising computer systems, it could leave it open to other attackers. What if the government has to turn off the computer’s protections to search it?,” he said. “So if the government is out there turning of millions of security features in order to search computers, my view is that there could be some serious security threats.”

The legislation Wyden plans to introduce next week will be just one sentence, simply stating that the changes to rule 41 will not go into effect.

“What I hope is that the House and Senate Judiciary committees will start looking into the rule,” Wyden said. “They’ll start looking at our bill and and Senators would realize that this is the question for the Congress. An agency like the Department of Justice shouldn’t just be able to wave its arms around and grant itself vast new powers. The changes to rule 41 dramatically expand the government’s hacking authority.”

(click here to continue reading Senators Are Trying to Stop the Supreme Court’s Bullshit New Hacking Rule.)

You Are Being Film
You Are Being Film

or your Amazon Echo, if you are foolish enough to own one…

Back in March, I filed a Freedom of Information request with the FBI asking if the agency had ever wiretapped an Amazon Echo. This week I got a response: “We can neither confirm nor deny…”

We live in a world awash in microphones. They’re in our smartphones, they’re in our computers, and they’re in our TVs. We used to expect that they were only listening when we asked them to listen. But increasingly we’ve invited our internet-connected gadgets to be “always listening.” There’s no better example of this than the Amazon Echo.

In many ways the Echo is a law enforcement dream.

(click here to continue reading The FBI Can Neither Confirm Nor Deny Wiretapping Your Amazon Echo.)

A Good Dinner Party
A Good Dinner Party

Philosophy, and most Liberal Arts programs, in my experience, are weighted heavily towards Europe, mostly Northern Europe really.

The vast majority of philosophy departments in the United States offer courses only on philosophy derived from Europe and the English-speaking world. For example, of the 118 doctoral programs in philosophy in the United States and Canada, only 10 percent have a specialist in Chinese philosophy as part of their regular faculty. Most philosophy departments also offer no courses on Africana, Indian, Islamic, Jewish, Latin American, Native American or other non-European traditions. Indeed, of the top 50 philosophy doctoral programs in the English-speaking world, only 15 percent have any regular faculty members who teach any non-Western philosophy.

Given the importance of non-European traditions in both the history of world philosophy and in the contemporary world, and given the increasing numbers of students in our colleges and universities from non-European backgrounds, this is astonishing. No other humanities discipline demonstrates this systematic neglect of most of the civilizations in its domain. The present situation is hard to justify morally, politically, epistemically or as good educational and research training practice.

This is not to disparage the value of the works in the contemporary philosophical canon: Clearly, there is nothing intrinsically wrong with philosophy written by males of European descent; but philosophy has always become richer as it becomes increasingly diverse and pluralistic. Thomas Aquinas (1225-1274) recognized this when he followed his Muslim colleagues in reading the work of the pagan philosopher Aristotle, thereby broadening the philosophical curriculum of universities in his own era. We hope that American philosophy departments will someday teach Confucius as routinely as they now teach Kant, that philosophy students will eventually have as many opportunities to study the “Bhagavad Gita” as they do the “Republic,” that the Flying Man thought experiment of the Persian philosopher Avicenna (980-1037) will be as well-known as the Brain-in-a-Vat thought experiment of the American philosopher Hilary Putnam (1926-2016), that the ancient Indian scholar Candrakirti’s critical examination of the concept of the self will be as well-studied as David Hume’s, that Frantz Fanon (1925-1961), Kwazi Wiredu (1931- ), Lame Deer (1903-1976) and Maria Lugones will be as familiar to our students as their equally profound colleagues in the contemporary philosophical canon. But, until then, let’s be honest, face reality and call departments of European-American Philosophy what they really are.

 

(click here to continue reading If Philosophy Won’t Diversify, Let’s Call It What It Really Is – The New York Times.)

Haze of Purple
Haze of Purple

An interesting and brief history of the purple bag that Crown Royal Whiskey is sold with:

If you’ve ever bought a bottle of Crown Royal Canadian whisky, you know the iconic bag, that ubiquitous purple “velvet” satchel with gold stitching and tasseled drawstring. Nearly everyone has one, even if they’re unsure where it is, or even how they got it. They’re impossible to throw away, and are just the right size, perfect for, say, a camera lens, weed stash, or as a relative used it for, an old set of dentures. Heck, I had one moons before I even knew about the whisky, and was probably using it to store Tiddlywinks, or my Indian Head pennies.

The bag does go back generations. In fact, the Canadian distillery’s first batch of hooch was blended in 1939 for the premier visit to the Americas by none other than England’s King George VI and his wife, Queen Elizabeth. No reigning British monarch had ever set foot on the continent. Upon hearing of the impending visit, Seagrams Chairman Samuel Bronfman sought to create a whisky, well, suitable for a king. He was said to have sampled six hundred blends before approving the recipe, the etched-glass crown-shape bottle and cap and now-venerable purple bag, the color chosen to imbue royalty.

For many subsequent years, the purple bag and its contents remained under wraps in Canada. That ended in the 1960s, when some enterprising Canadians, having packed some purple pouches, headed for oil-rich Texas. After that the blended whisky and their bags were also sold in the United States.

(click here to continue reading For Keeps – The Awl.)

Instagram 8 logo
Instagram 8 logo

Instagram 8 introduced a new logo. I’m meh about it, I don’t like it, but I’m not having a tantrum. I do use Instagram a few times a week, by the way, here’s my page. Anyway, a discussion of the logo change itself is more interesting:

The skeuomorphic camera icon that has accompanied Instagram until today is a modern-day classic. Not because it’s good — it’s not, really — but because of its omnipresence in users’ phone screens. I bet it’s on the home screen of 99% of people who have the app and who tap it very regularly. When the iPhone first came out — if you’ll remember — skeuomorphism was the default aesthetic and now, for better or worse, it’s all about flat design with a dash of optional gradients so it’s no surprise that’s where Instagram has headed. If there was any surprise it’s that Instagram held on to the skeuomorphism for a relatively long five years.

I doubt anyone will be making cakes and cookies in the shape of the new Instagram logo and that’s the biggest problem the new logo faces: it’s not the old logo. The ensuing shitstorm on the internet today will be epic. About 75% of the negative reaction will be simply to the fact that it has changed and the other 25% will be to the not-quite-fact that there is a generic aesthetic to the new icon where it could be a “camera” icon for the upcoming smart microwave from Apple or whatever other user interface you would imagine. This is not to say it’s a bad-looking icon, no… as far as camera icons go, this is quite lovely and has the minimal amount of elements necessary to be recognized as a camera BUT not the minimal amount of elements necessary to be recognized as Instagram.

(click here to continue reading Brand New: New Icon for Instagram done In-house.)

Make Sidewalks Great Again
Make Sidewalks Great Again

Trump is so thin skinned, I can’t even make a joke about it:

Donald Trump’s campaign requires volunteers to sign a contract that forbids them from criticizing the Republican presidential front-runner, his family members, any Trump businesses or products, or his campaign. The six-page contract, reviewed in full by the Daily Dot, theoretically lasts for the entirety of a volunteer’s life.

Legal experts say, however, that the contract’s non-disparagement clause would likely never hold up in court.

The tight control of volunteers stands in stark contrast to not only American political-campaign norms but also Trump’s reputation for speaking his mind.

In addition to forbidding volunteers from disparaging Trump, the contract also includes a sentence that demands volunteers prevent their employees from criticizing Trump, thus making volunteers responsible for the free speech of others for an indeterminate amount of time.

 …

Volunteers also sign a non-disclosure agreement, forbidding them from sharing any sensitive information from the campaign. What kind of information is sensitive or confidential is completely at Trump’s discretion, according to the contract.
“He’s apparently so afraid that people would say something bad about him after spending some time on his campaign that they have to sign some sort of agreement,” Perry explained. “I don’t see how this stands up. I don’t see how a court enforces this.”

Volunteers must also sign a non-compete agreement that extends until Trump ceases his campaign for president, identified in the contract as the “Non-Compete Cutoff Date.” The agreement also forbids volunteers from working for another presidential candidate, should they change their minds.

In the event of a Trump victory in November’s general election, the non-compete clause could extend until his 2020 reelection campaign or even 2024, at the end of a second Trump term, the document explains. If Trump loses but wants to run again in the next election or in any presidential election in the future, the contract states the volunteer cannot work for another candidate.

(click here to continue reading Donald Trump’s volunteer contract forbids all criticism of Trump.)

Apple GovtOS and the FBI continued

Apple CEO Tim Cook has spent a lot of effort keeping this case in the public, even giving an interview with Time Magazine’s Lev Grossman, which includes statements like:

Apple Coffee Thermos

Inside Apple this idea is nicknamed, not affectionately, GovtOS. “We had long discussions about that internally, when they asked us,” Cook says. “Lots of people were involved. It wasn’t just me sitting in a room somewhere deciding that way, it was a labored decision. We thought about all the things you would think we would think about.” The decision, when it came, was no.

Cook actually thought that might be the end of it. It wasn’t: on Feb. 16 the FBI both escalated and went public, obtaining a court order from a federal judge that required Apple to create GovtOS under something called the All Writs Act. Cook took deep, Alabaman umbrage at the manner in which he learned about the court order, which was in the press: “If I’m working with you for several months on things, if I have a relationship with you, and I decide one day I’m going to sue you, I’m a country boy at the end of the day: I’m going to pick up the phone and tell you I’m going to sue you.”

It also wasn’t lost on Cook that the FBI chose not to file the order under seal: if Apple wasn’t going to help with a case of domestic terrorism, the FBI wanted Apple to do it under the full glare of public opinion.

The spectacle of Apple, the most admired company in the world, refusing to aid the FBI in a domestic-terrorism investigation has inflamed public passions in a way that, it’s safe to say, nothing involving encryption algorithms and the All Writs Act ever has before. Donald Trump asked, “Who do they think they are?” and called for a boycott of Apple. A Florida sheriff said he would “lock the rascal up,” the rascal meaning Cook. Even President Obama, whose relations with the technorati of Silicon Valley have historically been warm, spoke out about the issue at South by Southwest: “It’s fetishizing our phones above every other value. And that can’t be the right answer.”

As against that, Apple has been smothered in amicus briefs from technology firms supporting its position, including AT&T, Airbnb, eBay, Kickstarter, LinkedIn, Reddit, Square, Twitter, Cisco, Snapchat, WhatsApp and every one of its biggest, bitterest rivals: Amazon, Facebook, Google and Microsoft. Zeid Ra’ad al-Hussein, the U.N. High Commissioner for Human Rights, spoke out in Apple’s defense. So did retired general Michael Hayden, former head of both the NSA and the CIA. The notoriously hawkish Senator Lindsey Graham, who started out lambasting Apple, switched sides after a briefing on the matter. Steve Dowling, Apple’s vice president of communications, showed me a check for $100 that somebody sent to support the world’s most valuable technology company in its legal fight. (Apple didn’t cash it.)

(click here to continue reading Inside Apple CEO Tim Cook’s Fight With the FBI | TIME.)

The case seems weak, for a number of reasons (encryption is not bound by political boundaries; Apple shouldn’t be compelled to work for the government especially when they have done nothing wrong; the laws referred to as CALEA would seem to forbid the FBI’s approach; we don’t live in a police state; and so on), but you can’t assume that the judge in the case can be swayed by logic. I’d rather Tim Cook and Apple engineers were spending time improving iTunes, and fixing bugs in Mac OS X El Capitan instead of fighting government overreach, but you can’t control the universe, only react to its whims.

Only the Thought is Dark
Only the Thought is Dark

I want to note another point, as discussed extensively by Jonathan Zdziarski: the idea of a warrant-proof zone. Doctor-patient privilege, diplomatic pouches, married couples, journalistic sources, these and other areas are also “dark” in the FBI parlance. Even in court, even in cases that inflame the public’s interest, even then, a lawyer cannot be compelled to reveal what their client told them. 

There are other examples that could be mentioned, but the point is that our country recognizes many laws and international treaties that support the concept of warrant proof as a valid concept. It is not only well within Apple’s rights to produce a product that happens to be warrant-proof, but it’s actually Apple’s responsibility to create a product that’s capable of enforcing the highest level of security permitted by our country’s laws… not the lowest. Apple is well within not only their rights, but in practices that support and place appropriate locks consistent with the levels of privacy our country recognizes. These products protect everyone – diplomats, doctors, journalists, as well as all of us. Of course they should be this secure. If our own country recognizes warrant proof as a thing, of course our technology should too.

We, as everyday Americans, should also encourage the idea of warrant proof places. The DOJ believes, quite erroneously, that the Fourth Amendment gives them the right to any evidence or information they desire with a warrant. The Bill of Rights did not grant rights to the government; it protected the rights of Americans from the overreach that was expected to come from government. Our most intimate thoughts, our private conversations, our ideas, our -intent- are all things our phone tracks. These are concepts that must remain private (if we choose to protect them) for any functioning free society. In today’s technological landscape, we are no longer giving up just our current or future activity under warrant, but for the first time in history, making potentially years of our life retroactively searchable by law enforcement. Things are recorded in ways today that no one would have imagined, even when CALEA was passed. The capability that DOJ is asserting is that our very lives and identities – going back across years – are subject to search. The Constitution never permitted this.

The bottom line is this: Our country actually recognizes warrant proof data, and Apple has every right and ethical obligation to recognize it in the design of their products. As Americans, we should be demanding our thoughts, conversations, and identities be protected with the highest level of security. This isn’t just about credit cards.

(click here to continue reading Apple Should Own The Term “Warrant Proof” | Zdziarski’s Blog of Things.)

Encryption as a Ribbon Around An Apple iPhone

Fonzo Killin Hipsters

By the way, I forgot to link to another good post by digital forensics expert Jonathan Zdziarski, explaining what the FBI is actually pressuring Apple to provide:

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way. NY DA Cy Vance has stated that NYC has 175 iPhones waiting to be unlocked (which translates to roughly 1/10th of 1% of all crime in NYC for an entire year). Documents have also shown DOJ has over a dozen more such requests pending. If FBI’s promise of “just this one phone” were authentic, there would be no need to order Apple to make this ribbon cutter; they’d simply tell them to cut the ribbon.

Why has the government waited this long to order such a thing? Because in spite of all of iOS 8’s security, the Chinese invented a ribbon cutter for it called the IP BOX. IP BOX was capable of brute forcing any numeric passcode in iOS 8, and even though it was junky, Chinese-made hardware with zero forensic credibility (and actually called home to servers in China), our government used it widely to break into iOS devices without Apple’s help. The government has really gone dumpster diving for forensic solutions for iOS. This ribbon cutter was used by both law enforcement and anyone with $200 to break into iOS devices, and is a great example of how such a ribbon cutter is often abused for crime.

So here’s the real question: Why is FBI asking for the invention of a ribbon cutter instead of just asking Apple to cut the ribbon? Well the answer to that comes back to precedent. If FBI can order the existence of this ribbon cutter, Cy Vance’s 175 phones will be much easier to push through the courts without the same level of scrutiny as a terrorism case. If FBI were simply asking for Apple to cut the ribbon, all future AWA orders would have to go through the same legal scrutiny in the courts for justification. Getting the ribbon cutter invented for a terrorism case opens the door for such a tool to then be justified by the DA for weaker cases – such as narcotics, computer crimes, or even simply investigations where the government can’t even prove to the courts that a crime was ever committed. Once it’s a tool, just like a Stingray box or a breathalyzer, the court’s leniency in permitting its use increases dramatically.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Now if I could only mandate that all politicians were required to understand the concepts before opening their speaking holes. I know, I know, zero chance…

https://farm2.staticflickr.com/1503/24422344743_076085f59b_z.jpg
Additionally, there is this angle:

Also consider that the courts aren’t about to force Apple to hack into their own customer products. In fact, the customer purchased these products trusting that the manufacturer wouldn’t – even couldn’t – intentionally compromise them; ever since iOS 8, Apple has marketed these devices as so secure that Apple themselves cannot hack them. For Apple to be forced to backdoor their own devices would invite countless lawsuits from their own customers, betray consumer trust, and likely cost Apple millions, if not billions, in sales depending on how big of a PR nightmare it created. The courts, however, appear to be OK with forcing Apple to write what is being portrayed by the FBI as an innocent, fluffy tool for just this one device.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Apple vs Republican Presidential Candidates

Apple Rising
Apple Rising

No wonder our country is in trouble: not one Republican candidate for president even understands the Apple/FBI issue, or at least admits to understanding it. Not even the CNN moderators! Even though Apple’s official response was released in the afternoon before this debate, nobody spent the time to read what it asserted, they were too busy getting makeup applied and practicing zingers. Facts are for losers.

Apple’s reasoning in the brief rests on three pillars. First, that forcing Apple to write code that weakens its devices and the security of its customers constitutes a violation of free speech as protected by the Constitution.

Second, that the burden the FBI is putting on it by requesting that Apple write the software and assist in unlocking the device is too large. Apple argues that it would have to create the new version of iOS, called GovtOS, which requires coding, signing, verification and testing. It would then have to create an FBI forensics laboratory on site at its headquarters and staff it. The burden would then extend to what Apple views is the inevitable onslaught of additional devices that would follow after the precedent was set.

In addition to free speech, Apple argues that the Fifth Amendment’s Due Process clause prohibits the government from compelling Apple to create the new version of iOS. Apple argues that there is no court precedent for forcing a company to create something new, like GovtOS.

“But compelling minimal assistance to surveil or apprehend a criminal (as in most of the cases the government cites), or demanding testimony or production of things that already exist (akin to exercising subpoena power), is vastly different, and significantly less intrusive, than conscripting a private company to create something entirely new and dangerous. There is simply no parallel or precedent for it,” reads the filing.

(click here to continue reading Apple Files Motion To Dismiss The Court Order To Force It To Unlock iPhone, Citing Free Speech Rights.)

Here’s the relevant part of the Republican presidential debate transcript, held in Houston, FEB. 25, 2016, with a few comments interspersed…

BLITZER: There’s a huge battle underway right now between the tech giant Apple and the federal government. The federal government wants Apple to unlock the phone used by that San Bernardino terrorist to prevent future attacks. Apple has refused, saying it would compromise the security of all of its customers. And just this afternoon, they went to court to block the judge’s order.

To prevent future attacks? Really? The San Bernardino killers are both dead, they destroyed their computers, their other phones, but left their government issued phone untouched. Apple turned over all the iCloud data on Apple servers (email, texts) within hours, and so what exactly is on the locked phone of grave import? Most likely nothing, yet the emotionally charged public opinion is on the FBI’s side, and so they push on.

Dana Bash, pick up the questioning.

BASH: Senator Rubio, you say it’s complicated, and that, quote, “Apple isn’t necessarily wrong to refuse the court order.” Why shouldn’t investigators have everything at their disposal?

Again, this is a misleading framing. Apple complied with the FBI’s request, quickly, and with good intent. What the FBI wants is a tool to allow the FBI to have the ability to open any phone for any reason. Do you really think the FBI couldn’t take the hard drive out of the phone and copy it to some server, and run NSA decryption tools on it? The FBI wants Apple to create a magic can-opener to open each and every phone, as needed, or as suspected they’ll need, in such a way that whatever evidence is found will be able to used in court, and survive questioning by defense lawyers. The San Bernardino killers are not going to be in court, they are both dead. This case is all about the precedent.

RUBIO: No, in fact what I have said is the only thing — the FBI made this very clear 48 hours ago — the only thing they are asking of Apple is that Apple allow them to use their own systems in the FBI to try to guess the password of the San Bernardino killer. Apple initially came out saying, “We’re being ordered to create a back door to an encryption device.” That is not accurate.

The only thing they’re being asked to do, and the FBI made this very clear about 48 hours ago, is allow us to disable the self- destruct mode that’s in the Apple phone so that we can try to guess using our own systems what the password of this killer was.

And I think they should comply with that. If that’s all they’re asking for, they are not asking for Apple to create a back door to encryption.

 Rubio is either misinformed, or intentionally wrong. The FBI is quite clearly asking Apple to spend a month or so of its own resources building a new version of Government iOS in order to bypass the weakest point of the iPhone’s protection, namely the passcode. 

BASH: So just to be clear, you did say on CNN a couple of weeks ago this is a complicated issue; Apple is not necessarily wrong here.

RUBIO: Because at the time, Apple was portraying that the court order was to create a back door to an encryption device.

BASH: But just to be clear — just to be clear, if you are president, would you instruct your Justice Department to force Apple to comply or not?

RUBIO: To comply with an order that says that they have to allow the FBI the opportunity to try to guess the password?

BASH: Correct.

RUBIO: Absolutely. That Apple phone didn’t even belong to the killer. It belonged to the killer’s employee (sic) who have agreed to allow him to try to do this. That is all they’re asking them to do is to disable the self-destruct mode or the auto-erase mode on one phone in the entire world. But Apple doesn’t want to do it because they think it hurts their brand.

Well, let me tell you, their brand is not superior to the national security of the United States of America.

(APPLAUSE)

Christ, what an asshole. Marcobot Rubio’s handlers coached him on this line obviously, you can tell by the smug little grin every time he remembers to recite one of his scripted lines, more or less in the right place. And for the thousandth time, it isn’t just “one phone”. There are multiple other requests in the pipeline, some federal, some at the state level. Thousands of potential cases in the US alone, waiting, anticipating, for precedent to be set. 

BASH: Senator Cruz, Apple CEO Tim Cook says this would be bad for America. Where do you stand: national security or personal privacy?

horrible framing. If Apple had refused to turn over iCloud backups, and refused to assist the FBI from the beginning, maybe, maybe this would be a valid question, but Apple isn’t supporting terrorism by refusing to become a code-slave to the federal government! Apple is appealing the ruling, as is their right!

CRUZ: Well, as you know, at that same CNN forum, both Marco and I were asked this question. His answer, he was on both sides of the fence. He’s now agreeing with me. And so I’m glad.

What I said is yes, Apple should be forced to comply with this court order. Why? Because under the Fourth Amendment, a search and seizure is reasonable if it has judicial authorization and probable cause. In this instance, the order is not put a back door in everyone’s cell phone. If that was the order, that order would be problematic because it would compromise security and safety for everyone.

I would agree with Apple on that broad policy question. But on the question of unlocking this cell phone of a terrorist, we should enforce the court order and find out everyone that terrorist at San Bernardino talked to on the phone, texted with, e-mailed. And absolutely, Apple doesn’t have a right to defy a valid court order in a terrorism investigation.

(APPLAUSE)

Note: metadata like who was called, texted, e-mailed was already turned over, not to mention most of that is also available from the telecommunication corporation (AT&T, Verizon, whomever), and it was disclosed within hours of the shooting. Apple surely does have the ability to use the courts to dispute a court order, they aren’t going rogue and fleeing the jurisdiction! They are using the American legal system, as is their right. Perhaps Ted Cruz recalls there are multiple levels of the judiciary? Including the Supreme Court…

BASH: Dr. Carson, Tim Cook, again, the CEO of Apple, says that this would be bad for America. What do you think?

CARSON: I think allowing terrorist to get away with things is bad for America.

(APPLAUSE)

 These particular terrorists are still dead, I’m not quite sure what they are getting away with. Dr. Carson must want the police to exhume the corpses and waterboard them or worse.

You know, we have the — we have a Constitution. We have a Fourth Amendment. It guards us against illegal and unreasonable search and seizure. But we have mechanisms in place with the judicial system that will allow us to gain material that is necessary to benefit the nation as a whole or the community as a whole. And that’s why we have FISA courts and things of that nature.

So absolutely, I would — I would expect Apple to comply with the court order. If they don’t comply with that, you’re encouraging chaos in our system.

If a policeman asks him to turn in all his guns and stop practicing his religion, Dr. Carson would comply, right away, or else he’d be encouraging chaos in our system. Because no matter what the Constitution says or implies, the police get to supersede it whenever they say the magic word, “terrorism”.

BASH: Mr. Trump…

(APPLAUSE) KASICH: I want to weigh in on this please. I want to just tell you that the problem is not right now between the administration and Apple. You know what the problem is? Where’s the president been? You sit down in a back room and you sit down with the parties and you get this worked out. You don’t litigate this on the front page of the New York Times, where everybody in the world is reading about their dirty laundry out here.

The president of the United States should be convening a meeting, should have convened a meeting with Apple and our security forces. And then you know what you do when you’re the president? You lock the door and you say you’re not coming out until you reach an agreement that both gives the security people what they need and protects the rights of Americans. This is a failure of his leadership to get this done as an executive should be doing it.

And I’ll tell you, that’s why you want a governor. I do this all the time. And we reach agreements all the time. Because as an executive, you’ve got to solve problems instead of fighting on the front page of the newspaper.

(click here to continue reading Transcript of the Republican Presidential Debate in Houston – The New York Times.)

Ah, yes, Obama has been golfing again or something, right? And the FBI didn’t make public statements inflaming public sentiment before Apple even had a chance to respond? Uhh, wrong as usual, Mr. Kasich…

from APPLE INC’S MOTION TO VACATE ORDER COMPELLING APPLE INC. TO ASSIST AGENTS IN SEARCH, AND OPPOSITION TO GOVERNMENT’S MOTION TO COMPEL ASSISTANCE: 

There are two important and legitimate interests in this case: the needs of law enforcement and the privacy and personal safety interests of the public. In furtherance of its law enforcement interests, the government had the opportunity to seek amendments to existing law, to ask Congress to adopt the position it urges here. But rather than pursue new legislation, the government backed away from Congress and turned to the courts, a forum ill-suited to address the myriad competing interests, potential ramifications, and unintended consequences presented by the government’s unprecedented demand. And more importantly, by invoking “terrorism” and moving ex parte behind closed courtroom doors, the government sought to cut off debate and circumvent thoughtful analysis.

and also:

The government says: “Just this once” and “Just this phone.” But the government knows those statements are not true; indeed the government has filed multiple other applications for similar orders, some of which are pending in other courts. And as news of this Court’s order broke last week, state and local officials publicly declared their intent to use the proposed operating system to open hundreds of other seized devices—in cases having nothing to do with terrorism. If this order is permitted to stand, it will only be a matter of days before some other prosecutor, in some other important case, before some other judge, seeks a similar order using this case as precedent. Once the floodgates open, they cannot be closed, and the device security that Apple has worked so tirelessly to achieve will be unwound without so much as a congressional vote. As Tim Cook, Apple’s CEO, recently noted: “Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks—from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”

Chairman Trump
Chairman Trump

The short-fingered vulgarian didn’t get a chance to respond, but we can guess what he would have said…

Republican presidential candidate Donald Trump called on Friday for a boycott of Apple Inc products until the tech company agreed to help the U.S. government unlock the cellphone of one of the killers in last year’s San Bernardino, California, shooting.

“Boycott Apple until such time as they give that information,” Trump said at a campaign event in Pawleys Island, South Carolina. “It just occurred to me.”

(click here to continue reading Trump calls for boycott until Apple unlocks shooter’s phone | Reuters.)

The Dangerous All Writs Act Precedent in the Apple Encryption Case

Don’t be a Production Slacker
Don’t be a Production Slacker

One more angle on the FBI vs. Apple case, as discussed by Amy Davidson of The New Yorker:

Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that “the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.” The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.

The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesn’t exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?

(click here to continue reading The Dangerous All Writs Act Precedent in the Apple Encryption Case – The New Yorker.)

I’d already asked and answered myself about the second part of the question – I’m strongly against the so-called back door being built into all devices – so for me, the first part of the question was by far the most interesting. The government can really force a company to create something just for the government’s purposes? How long can the task take before you are free? Years? Decades? What happened to Capitalism? Talk about feeling entitled, or as Ms. Davidson puts it:

And so Judge Sheri Pym, a California district-court magistrate, has ordered Apple to come up with a new software bundle that can be loaded onto the phone and, in effect, take over the operating system and tell it to let the F.B.I. in. (Apple will have a chance to object to the order in court.) As an added point of convenience, this bundle is also supposed to let the agents enter passcodes electronically, rather than tapping them in, which is one of the many points on which the government seems to have moved from asking for compliance with a subpoena to demanding full-scale customer service. 

I don’t understand why this isn’t more troubling to people, especially to libertarian-leaning Republicans. The US government is asserting that if they ask, a company has to drop everything else and get working for the government or else you’ll be sent to the proverbial salt mines in Siberia. Why? Why? How dare you ask! Because War On Terra, that’s why!  No wonder this is “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple Continued – Apple ID Changed While iPhone In Government Hands

Restoring iPhone From Backup 2015-01-01 at 11.33.01 AM
Restoring iPhone From Backup 

The unnamed FBI official who was boasting to WSJ journalists about the Farook case being “nearly perfect” as a test probably wishes that quote hadn’t been used now in light of this development:

[Apple said it] had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident.

Apple sent trusted engineers to try that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed. (The FBI claims this was done by someone at the San Bernardino Health Department.) Had that password not been changed, the executives said, the government would not need to demand the company create a “backdoor” to access the iPhone used by Syed Rizwan Farook

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Did you notice? The FBI had possession of Farook’s iPhone for over 24 hours, before some agent or other employee changed the Apple ID password. (!!!???!!!)

Changing the Apple ID password isn’t hard, but it isn’t something you do without meaning to.  You’d have to log-in, give the old password, then create the new password, entering it twice. Presumedly, you’d either commit the password to memory, or WRITE IT DOWN.

Hmmm, “nearly perfect test case” indeed. 

Terrorism theatre, part the 234,323rd.

After the FBI sneeringly complained that encryption, privacy and security were merely marketing phrases to Apple, Apple responded with an eyeroll…

Creating the backdoor access, the executives said, would put at risk the privacy of millions of users. It would not only serve to unlock one specific phone, they said, but create a sort of master key that could be used to access any number of devices. The government says the access being sought could only be used on this one phone, but Apple’s executives noted that there is widespread interest in an iPhone backdoor, noting that Manhattan District Attorney Cyrus Vance said Thursday that his office has 175 Apple devices he’d like cracked. They also claimed that no other government in the world has ever asked Apple for the sort of FBiOS the government is demanding that it build now.

Asked why the company is pushing back so hard against this particular FBI request when it has assisted the agency in the past, Apple executives noted that the San Bernadino case is fundamentally different from others in which it was involved. Apple has never before been asked to build an entirely new version of its iOS operating system designed to disable iPhone security measures.

The Apple senior executives also pushed back on the government’s arguments that Apple’s actions were a marketing ploy, saying they were instead based on their love for the country and desire not to see civil liberties tossed aside.

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Booting Up

If you haven’t read digital forensics expert Jonathan Zdziarski’s blog post entitled “Apple, FBI, and the Burden of Forensic Methodology”, you should click through and read it right away (well, within 5 seconds). The FBI’s request is quite a big ask, not something considered last minute, but obviously planned carefully for maximum impact. Director Comey has been pushing for back doors to Apple and Google smartphones for a long time. 

Apple must be prepared to defend their tool and methodology in court; no really, the defense / judge / even juries in CA will ask stupid questions such as, “why didn’t you do it this way”, or “is this jail breaking”, or “couldn’t you just jailbreak the phone?” (i was actually asked that by a juror in CA’s broken legal system that lets the jury ask questions). Apple has to invest resources in engineers who are intimately familiar with not only their code, but also why they chose the methodology they did as their best practices. If certain challenges don’t end well, future versions of the instrument may end up needing to incorporate changes at the request of FBI.

If evidence from a device ever leads to a case in a court room, the defense attorney will (and should) request a copy of the tool to have independent third party verification performed, at which point the software will need to be made to work on another set of test devices. Apple will need to work with defense experts to instruct them on how to use the tool to provide predictable and consistent results.

In the likely event that FBI compels the use of the tool for other devices, Apple will need to maintain engineering and legal staff to keep up to date on their knowledge of the tool, maintain the tool, and provide testimony as needed.

In other words, developing an instrument is far more involved than simply dumping a phone for FBI, which FBI could have ordered:

  • Developed to forensically sound standards 
  • Validated and peer-reviewed 
  • Be tested and run on numerous test devices 
  • Accepted in court 
  • Given to third party forensics experts (testing) 
  • Given to defense experts (defense) 
  • Stand up to challenges 
  • Be explained on the stand 
  • Possibly give source code if ordered 
  • Maintain and report on issues 
  • Defend lawsuits from those convicted 
  • Legally pursue any agencies, forensics companies, or hackers that steal parts of the code. 
  • Maintain legal and engineering staff to support it 
  • On appeals, go through much of the process all over again

The risks are significant too:

  • Ingested by an agency, reverse engineered, then combined with in-house or purchased exploits to fill in the gap of code signing.
  • Ingested by private forensics companies, combined with other tools / exploits, then sold as a commercial product.
  • Leaked to criminal hackers, who reverse engineer and find ways to further exploit devices, steal personal data, or use it as an injection point for other ways to weaken the security of the device.
  • The PR nightmare from demonstrating in a very public venue how the company’s own products can be back doored.
  • The judicial precedents set to now allow virtually any agency to compel the software be used on any other device.
  • The international ramifications of other countries following in our footsteps; many countries of which have governments that oppress civil rights.

This far exceeds the realm of “reasonable assistance”, especially considering that Apple is not a professional forensics company and has no experience in designing forensic methodology, tools, or forensic validation. FBI could attempt to circumvent proper validation by issuing a deviation (as they had at one point with my own tools), however this runs the risk of causing the house of cards to collapse if challenged by a defense attorney.

(click here to continue reading Apple, FBI, and the Burden of Forensic Methodology | Zdziarski’s Blog of Things.)

Not something an Apple intern can do in an afternoon, in other words, but a significant task imposed on a private corporation by a government agency, in support of “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple – The Fight Over Smartphone Encryption

Cell phone-iphile
A few more details re: the FBI vs. Apple case

A conspiracy minded person might wonder how much the FBI and NSA knew about the planned attack before it happened. Maybe James Comey decided a little collateral damage was a fair price to pay?

As the fight between federal officials and tech companies over encryption has intensified in recent years, talks between the two sides have produced few results, while Congress has struggled to craft legislation on the issue.

FBI leaders had been scanning for a case that would make a compelling argument about the dangers of encryption. In the San Bernardino phone, they found what some law-enforcement officials privately describe as a nearly perfect test case.

(click here to continue reading U.S. and Apple Dig In for Court Fight Over Encryption – WSJ.)

Again, having 9 Justices on the SCOTUS is extremely important, for many reasons, including this case:

Apple has a few more days to file its formal response to the court, which can be summed up as: “No.”

After a series of briefings at this local level, if neither side is happy, the case will be passed on to the District Court. Still no solution? The case would then be escalated to the Court of Appeals for the Ninth Circuit, the court which handles these sorts of issues on the US West Coast.

If that court backs the FBI, and Apple again refuses, it could eventually reach the US Supreme Court, whose decision will ultimately be final, and in this utterly fascinating case, precedent setting.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Cell Phone Evolution
Cell Phone Evolution

Is it even possible to do what the government is requesting? Yes, it does seem so, per the analysis of Dan Guido.

Again in plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered. This customized version of iOS (*ahem* FBiOS) will ignore passcode entry delays, will not erase the device after any number of incorrect attempts, and will allow the FBI to hook up an external device to facilitate guessing the passcode. The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus. As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware.

(click here to continue reading Apple can comply with the FBI court order – Trail of Bits Blog.)

Would You Believe
Would You Believe

and finally, some other tech companies spoke up in support of Apple’s stance:

On Wednesday, Apple’s peers in the technology industry – also eager to keep reputations over security intact – gave their backing to the iPhone maker.

Jan Koum, the creator of Whatsapp, which is owned by Facebook, wrote: “We must not allow this dangerous precedent to be set. Today our freedom and our liberty is at stake.”

The Information Technology Industry Council, a lobbying group that represents Google, Facebook, Microsoft, Samsung, Blackberry and a host of others, put out this statement: “Our fight against terrorism is actually strengthened by the security tools and technologies created by the technology sector, so we must tread carefully given our shared goals of improving security, instead of creating insecurity.”

Google chief executive Sundar Pichai said: “Forcing companies to enable hacking could compromise users’ privacy.”

Edward Snowden, whose revelations about US government spying provoked Apple’s stance on passcode-protected data, said the FBI was “creating a world where citizens rely on Apple to defend their rights, rather than the other way around”.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Apple Doesn’t Want to Create Special Software For the FBI To Bypass Security

Pippin's New MBA

I’m on Apple’s side on this, 1,000%, the government should not be allowed such latitude. Apple currently has the full letter on their website, some excerpts below.

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

(click here to continue reading Customer Letter – Apple.)

A new version of the iOS, created just for the government to inspect our private communications? That doesn’t sound good, in fact, that is a horrible precedent for private industry. I assume this case will be appealed all the way to the Supreme Court, all the more reason to have a full 9 Justices sitting on the court.

Apple store

Tim Cook continues:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

 

(click here to continue reading Customer Letter – Apple.)

for reference:

The All Writs Act is a United States federal statute, codified at 28 U.S.C. § 1651, which authorizes the United States federal courts to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

(click here to continue reading All Writs Act – Wikipedia, the free encyclopedia.)

Apple Logos

The NYT gives a little context:

Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.

Judge Pym ordered Apple to build special software that would essentially act as a skeleton key capable of unlocking the phone.

But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

(click here to continue reading Tim Cook Opposes Order for Apple to Unlock iPhone, Setting Up Showdown – The New York Times.)

The WSJ adds:

Apple Inc. Chief Executive Tim Cook said the company will oppose a federal judge’s order to help the Justice Department unlock a phone used by a suspect in the San Bernardino, Calif., attack.

In a strongly worded letter to customers posted on Apple’s website early Wednesday, Mr. Cook called the order an “unprecedented step which threatens the security of our customers” with “implications far beyond the legal case at hand.”

The order, reflected in legal filings unsealed Tuesday, marks a watershed moment in the long-running argument between Washington and Silicon Valley over privacy and security.

In the order, U.S. Magistrate Judge Sheri Pym agreed with a Justice Department request that Apple help unlock an iPhone 5C once used by Syed Rizwan Farook. The order calls on Apple to disable certain security measures on the phone, including a feature that permanently disables the phone after 10 unsuccessful tries at the password. Such measures have kept agents from reviewing the contents of the phone, according to the filing. When the phone is locked, the data is encrypted.

Apple said it isn’t opposing the order lightly nor does it question the FBI’s intentions, but it feels that the government has overreached.

In her order, Judge Pym gave Apple five days to appeal.

(click here to continue reading Apple Opposes Judge’s Order to Help Unlock Phone Linked to San Bernardino Attack – WSJ.)