Really Apple?
1So the FBI either got McAffe or some rouge guy from Anonymous or a disgruntled former Apple employee to hack the iPhone. After all the banter back and fourth an why Apple should not help the FBI do this, NOW Apple wants the FBI to tell them how they hacked the phone. Really? You can't have it both ways Apple.
- 14 comments, 21 replies
- Comment
I think the "we'll get someone else to do it" was to cover up "we fucked it up already".
@narfcake
You might enjoy this.
Snopes did a piece about it.
@FroodyFrog @narfcake It's gotten absolutely ridiculous that Snopes now has to constantly explain sarcasm to a bunch of idiots.
@cinoclav @narfcake
I take offense at that.
@FroodyFrog Oh sure, take the whole fence. What, you want the gate too?!
@narfcake
I meant to post a nice fence picture, but I got distracted.
No thanks, I don't want to start Gate-gate. (I threw the "-" in for the sake of being clear. )
Based on the reports, it seems that the FBI was helped by a company called Cellebrite.
One of the biggest concerns people had with this specific dispute between Apple and the FBI was that it would set a precedence.
The idea behind preventing said precedence was that similar things would not happen in the future.
However, that seems to not be the case now based on this article.
While it is true that the FBI retracted their request for the San Bernardino case, the fact that they can now get into encrypted iOS devices (supposedly) is troublesome.
If in fact it is true that they can break the encryption (the method of which they won't tell Apple, who in turn will have to spend more time, effort, and money into trying to find ways around their own encryption) then there goes privacy for iOS users.
As a side note, and I don't want this thread to descend into chaos for any of several reasons, while I don't use Apple software or devices, I'm a bit conflicted with the rights of users when it comes to encryption, although that hasn't stopped me at looking at alternatives for online clouds (most notably ownCloud).
@FroodyFrog
@Pavlov
(I'd have posted a music video which would give you an idea of how I feel having read your meme, but I'd rather keep the likeness of the particular singer of the song away from here)
@FroodyFrog No, I'm really not.
@Pavlov
If you don't mind saving us both some time, feel free to jump to acceptance.
@FroodyFrog Personally, I don't mind if the FBI can get in after exerting effort (e.g. having to carefully disassemble the phone and use specialized equipment). What I don't want is the FBI conspiring with tech companies against users at the software level.
If it takes effort, then the FBI will have to focus on the most egregious crimes.
And yeah I'd love to be able to specify a cloud server at the OS level on my iOS devices and never have to talk to Apple's servers. Just like I can specify my own email provider or point my web browser to any domain. But I don't see that happening unless people demand it in large numbers. So for now iOS privacy and security depends on the goodwill of a multi billion dollar corporation.
The model of iPhone the FBI managed to unlock, a 5C, is pretty old at this point and was probably running an older version of iOS too. The newer models with the secure enclave chip would be much more difficult to break into. Chances are very slim that the exploit used to unlock the older phone has any hope of working on the newer ones.
It's pretty doubtful the FBI will get any useful info off the phone anyway. The terrorists destroyed their personal phones and computers. The phone the FBI has was a work phone.
I imagine the FBI got into the phone via memory mirroring (make a copy of the memory, try 10 codes, re-flash the memory to set it back the way it was). Either that or an OS exploit, like the jailbreak guys look for.
If it's the first technique (making copies), that would be interesting, because it's a known technique (I even mentioned it here on Meh in an earlier Apple thread). So I find it hard to believe that the FBI didn't have a way to do it. And Cellebrite is a well-known name in law enforcement and phone forensics.
My guess is that the FBI used this "revelation" as an excuse to quickly drop the case, since both legal and public opinion was coming over to Apple's side. I think the FBI wanted this to be the case that would set precedent because they thought the PR was on their side (who wouldn't want to appear to help catch terrorists).
I was actually surprised myself that Apple didn't budge, I've always believed that "throwing users under the bus to help law enforcement" was one of the dangers of closed, centralized computing devices like the iPhone. (Not that they can't do it in the future or be compelled to do it, of course.)
@awk A lot of people were surprised with you but they did exactly what I expected. Tim Cook legitimately seems to be a good guy and I think he'll stick to his guns on the privacy issue.
This development is very troubling to me, for reasons I'm having difficulty processing: http://www.nytimes.com/aponline/2016/03/30/us/ap-us-arkansas-grandparents-killed.html
Sounds as if the FBI may have to create an entirely new "arm" just to handled pleas from other law enforcement agencies to help them out.
I feel like apple requesting to know how the FBI was able to get into the device is so they can strengthen their security. If the FBI can hack into an Iphone then that mean's it is possible and if that happens apple is left at fault. I don't think they want to know for any other reason besides beefing up security
An important thing to understand is that security is never perfect. Humans design these systems, and its much easier for humans to find a small hole than build an impenetrable wall.
I'm not scared about the US government having this new exploit. They have all sorts of exploits, and just the fact that we know it exists means lots of smart people are going about trying to fix it. What scares me is that the government is not the only place that has this. They bought it, and rumor has it they bought it from a foreign contractor. I'm sure they aren't the only agency that will be buying this, either.
Thats why Apple needs to know how the FBI got in: They have to stop all the other places from breaking into peoples phones.
You want into my phone, have at it! All you're gonna find is this.
@marcee Damn you.
As it appears they require the phone to physically be in their possession in order to break into it, I really have no issues with the FBI having found a way to do so. If you've done something fucked up enough that you've been arrested (or killed) by the FBI, you obviously deserve to have whatever is in your phone handed to them.
@cinoclav If the FBI thinks you've done something fucked up...
FTFY
@Thumperchick No, it does need to be clear that you've already committed a crime before they can start hacking away at your phone.
@cinoclav
Law enforcement has all sorts of you-cant-catch-me cheats to get what they want, and all the tricks get used at times. This is not some left-wing screed - i have enormous respect and sympathy for LEOs.
But there are so many cases where "reasons have been found" - or manufactured - to conduct what ought to be illegal searches, even of people clearly guilty of nothing, because someone in the police dept or prosecutors office wanted some info.
@somf69 I think they can have it both ways. I think it's totally reasonable for them to ask and it's likewise totally reasonable for the government to decline. See how that works? Kinda just like I think it was okay for the FBI to ask for their help, but--and I definitely think this was the right call--for Apple to decline.
I don't mean to be a dick (not denying that I am; I'm really not super sure).
There's no harm in their asking. As other have noted, they likely want to make their phones more secure. I support that effort and I'd be disappointed if they didn't make the effort.
It's all part of the process and the ongoing evolution of the security game. To me it's a game by definition. A game with very real consequences, but a game nonetheless.
@joelmw There are actually laws (with large exceptions built in) that require the government to disclose stuff like this. So the FBI may be legally required to tell apple.
@MrGlass I stand corrected. Thanks for the info. Even better.
@joelmw Yeah, its a big maybe right now. EFF had a little info on it, I would expect a full writeup from them soon.
Gotta love the EFF
Also, by
do you mean someone like this?
I appreciate their stance on privacy and all, but Apple admits to unlocking at least 70 phones for the government since 2008, so I don't think they qualify for the staunch supporters of privacy badge people want to give them. I guess they are changing their position, but eh.
@tagbiker There are major technical differences between what they have done in the past and what the FBI was asking them to do. In fact, in the San Bernadino case, Apple had already provided iCloud data from the phone & provided advice on getting a more recent iCloud backup performed. Meanwhile, there are plenty of other phones apple is refusing to unlock (NY alone has hundreds).
Apple has very strict rules on what they will and will not do for law enforcement, and they haven't really changed in years. What changed is that the phones are finally secure enough that there was major difficulty getting into this phone, and the FBI decided they needed to compel Apple to break their rules in this case.
@MrGlass
And likely the FBI wanted a precedent. Perhaps they had the "last recourse" option all along, but hoped that making their test legal case a terrorist case would steamroll opposition, as courts have a history of favoring the govt in high-risk security cases whenever courts understand neither the technology nor the privacy issues, and do not wish to study up.
Courts traditionally hate feeling stupid and out of their depth. Sometimes courts handle that but blatantly favoring one side, just to make it easy.
There are plenty of phones the FBI wanted into before this one. Either they had a way in without the courts/Apple, or the FBI thought thise cases weren't ideal legal test cases and were willing to wait.
It's all great PR for Cellebrite.
@f00l Interesting, never been told "Courts traditionally hate feeling stupid and out of their depth. Sometimes courts handle that but blatantly favoring one side, just to make it easy" but it jives with some other cases I know of, like Weev.
Some people think that the FBI was surprised by all this opposition, but I don't but it. I think they tested the waters, backed off, and have enough ammo to ask for an anti-encryption law from congress.
The FBI realized they were going to lose the court case.
It's as simple as that.