FBI vs. Apple Isn’t Over

[Robin#]

*Fourth Amendment issues remain. Both sides need to argue more forthrightly.*



By L. GORDON CROVITZ
Updated March 27, 2016 6:06 p.m. ET
The FBI and Apple reached a cease-fire last week, but it can’t last, because it leaves unresolved the future of reasonable searches under the Fourth Amendment. It would be a public service if both sides started making their arguments forthrightly.

The FBI thought it needed Apple’s help to gain access to the iPhone used by San Bernardino terrorist Syed Rizwan Farook. Apple refused, claiming that doing so would require giving the government “backdoor” access to all iPhones.

Last week the FBI said a third party had come forward with a solution for unlocking Farook’s iPhone. So much for Apple’s claim.

Still, the issue won’t go away, because Apple says it plans to make more of its devices and services inaccessible to law enforcement. Nor will it become a mere philosophical question, as the Brussels terrorists’ evasion of surveillance make clear.

Apple should be more upfront about its corporate strategy. General counsel Bruce Sewell called “deeply offensive” the Justice Department’s allegations that the company deliberately changed iPhone security to block law enforcement. But Apple told its customers a different story when it announced changes to its operating system in 2014: “Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” the company announced. “So it’s not technically feasible for us to respond to government warrants.”

In a recent interview with Time magazine, Apple CEO Tim Cook described the FBI’s concerns as “a crock.” He claimed that “no one’s going dark” and added that “we shouldn’t all be fixated just on what’s not available.” His argument is that authorities should find other ways to prevent terrorism and enforce the law so that Apple can keep promising to protect its customers from court orders. That’s understandable as a corporate marketing initiative, but other industries aren’t allowed to operate that way.

Apple should also stop conflating the broader issue of encryption with helping unlock a single iPhone. Timothy Lee summarized the difference on Vox: “The fact that we don’t know how to make an encryption algorithm that can be compromised only by law enforcement doesn’t imply that we don’t know how to make a technology product that can be unlocked only by law enforcement.”

As for the FBI, it is technically correct that the case is about unlocking a single iPhone, but the bureau would have a stronger argument if it admitted that Apple is right that there are many other cases in which law-enforcement agents need help—especially now that Apple has put its operating system beyond their reach.

Technology companies report data on their court orders, subpoenas and warrants. According to the latest figures, in the first half of 2015 Facebook received more than 17,500 requests, Google more than 12,000, Microsoft nearly 6,000 and Apple almost 1,000. Apple objects that the Manhattan district attorney says he has 175 cases where he needs help from Apple similar to what the FBI sought, but that level of volume is hardly unprecedented.

The FBI should also acknowledge that it pursued litigation instead of a legislative solution because the supposedly unitary executive branch hasn’t been united. Until recently, President Obama ducked the issue. He finally took the FBI’s side earlier this month, at the South By Southwest conference in Austin, Texas.

“You cannot take an absolutist view on this,” Mr. Obama said. “If your view is strong encryption no matter what and we can and should produce black boxes, that does not strike the balance that we’ve lived with for 200 or 300 years. And it’s fetishizing our phones above every other value. That can’t be the right answer.”

If there’s no way to gain access to new communications devices, the president asked, “how do we solve or disrupt a terrorist plot? What mechanisms do we have to even do things like tax enforcement. . . . If government can’t get in, then everyone’s walking around with a Swiss bank account in their pocket.”

It’s a telling analogy. In the pre-digital era, Congress legislated that banks and traditional telecommunications companies must design their systems to comply with legal warrants. Under the Communications Assistance for Law Enforcement Act of 1994, telecoms must enable court-ordered surveillance such as wiretaps. Banks and telecoms may prefer to market their services as beyond the courts’ reach, as Apple does, but are barred by law.

Thus the first round of FBI vs. Apple has handed the key question to Congress: Either the Fourth Amendment permits reasonable, warranted searches in the digital era or Internet companies can design systems to defeat court orders, putting themselves—and criminals, including terrorists—above the law.
*Apple and the FBI are in the middle of a huge battle that could affect the privacy of millions of people — here's everything that's happened so far*

The battle between the FBI and Apple over a phone used by one of the San Bernardino shooters is poised to be one of the biggest technology stories for years.
In short, the FBI wants Apple to help it hack a phone it can't access because it has its passcode lock turned on.
The FBI says that Apple is obstructing a critical investigation with national security implications by refusing to build custom software to bypass the phone's passcode.
Apple says it's unfair that the government can tell companies they have to do something that they don't necessarily want to, and that what the FBI wants endangers all of its customers.
In short, there are big differences in outlook between the two groups, and both have the budget and desire to fight this to the end.
Here's what you need to know about how it all started, and where Apple's battle with the FBI stands today.



September 2014: Apple seriously upgrades the iPhone's encryption systems as part of a software update. Before, parts of iPhone data were encrypted, such as emails and calendar data. But the iOS 8 software update put much more of the interesting data under lock and key, including text messages, photos, and contacts.



Before Apple released iOS 8, it told law enforcement:

Please note the only categories of user generated active files that can be provided to law enforcement, pursuant to a valid search warrant, are: SMS, photos, videos, contacts, audio recording, and call history. Apple cannot provide: email, calendar entries, or any third-party App data.

After the update, all of that data became locked by a user's passcode.

September 2014: Almost immediately, law enforcement officials react. FBI Director James Comey and Manhattan District Attorney Cyrus Vance criticize Apple within weeks of the iOS 8 update. Those two officials remain among the most outspoken Apple critics on the topic of encryption.


FBI Director James Comey

“There will come a day when it will matter a great deal to the lives of people . . . that we will be able to gain access” to such devices, Comey said just days after Apple turned on its improved iOS security.

Even then-Attorney General Eric Holder weighed in. “It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy. When a child is in danger, law enforcement needs to be able to take every legally available step to quickly find and protect the child and to stop those that abuse children. It is worrisome to see companies thwarting our ability to do so,” he said at a conference on child sexual abuse less than a month after Apple turned on full-disk encryption by default.

October 2014: Google appears as if it will back up Apple and turn on full-disk encryption by default on Android phones, but then it quietly backs away.
Part of the reason why Google can't turn on full-disk encryption is twofold: first, it's up to the actual phone manufacturer whether to turn it on by default, and second, Android updates trickle out to users much more slowly than Apple updates.

December 2, 2015: Two terrorists burst into a government building in San Bernardino, California, killing 14 and injuring 22 in what has become one of the most high-profile terrorism cases in the past decade.



People who were near a shooting rampage at a social services center that killed multiple people and wounded others arrive at at a community center to reunite with their family members in San Bernardino, Calif., Wednesday, Dec. 2, 2015.

December 3, 2014: The FBI starts investigating the San Bernardino case. The shooters, Syed Rizwan Farook and Tashfeen Malik, crushed their personal phones. But Farook had a government-issued iPhone 5C so that he could perform his job as a health inspector.

December 2014: Farook's iPhone 5C running the most recent version of iOS made full iCloud backups, which were obtained by the investigation, but there was a gap of a few months between the last backup and when the phone was obtained.

February 16, 2016: Sheri Pym, a federal judge in California, publicly orders Apple to assist the FBI to help it crack Syed Farook's iPhone. Specifically, it says it wants Apple to create custom software that would mean the phone would not wipe itself after 10 failed passcode attempts.

February 17, 2016: Apple springs into action, even though, according to CEO Tim Cook, it only learned about the court order from the press. After huddling with his top legal advisors, within 24 hours of the order, CEO Tim Cook posts an open letter to Apple customers on the front page of Apple.com, explaining Apple's approach to encryption and why the company opposes the FBI order to create a "backdoor."



You can read the full letter here.

February 17, 2016: In the days after Cook posted his open letter, a few Silicon Valley executives start publicly backing Apple. Notably, Google CEO Sundar Pichai backed Apple in a series of tweets.



February 19, 2016: The Justice Department files a motion against Apple accusing it of refusing to unlock the phone as part of its "public brand marketing strategy" instead of a legal or moral rationale.


Attorney General Loretta Lynch

"Do we let one company, no matter how great the company, no matter how beautiful their devices, decide this issue for all of us?” Current Attorney General Loretta Lynch said recently.

February 19, 2016: A senior Apple executive speaking on the condition of anonymity tells reporters that the custom software the FBI is requesting would work on other iPhones, and highlights the fact that law enforcement may have screwed up the investigation by resetting the phone's iCloud password. The executive signals that Apple will continue to build even more privacy-protecting user security into its devices.

February 20, 2016: The FBI is forced to release a statement confirming that it had ordered the investigation to reset the iCloud password on the shooter's iPhone.


FBI HQ ((Headquarters))

"Since the iPhone 5C was locked when investigators seized it during the lawful search on December 3rd, a logical next step was to obtain access to iCloud backups for the phone in order to obtain evidence related to the investigation in the days following the attack," the FBI's statement read. "The FBI worked with San Bernardino County to reset the iCloud password on December 6th, as the county owned the account and was able to reset the password in order to provide immediate access to the iCloud backup data."

Full story here.

February 21, 2016: FBI Director Comey lays out his rationale for Apple to unlock Farook's iPhone in a opinion posted on the Lawfare blog.


FBI Director James Comey.

His full post, "We Could Not Look the Survivors in the Eye if We Did Not Follow this Lead," is here.

"The San Bernardino litigation isn't about trying to set a precedent or send any kind of message. It is about the victims and justice. Fourteen people were slaughtered and many more had their lives and bodies ruined. We owe them a thorough and professional investigation under law. That's what this is. The American people should expect nothing less from the FBI," Comey wrote.

February 22, 2016: Apple posts an FAQ on its website that suggests that the company is planning to make its encryption even stronger going forward.



The full FAQ is available here.

February 22, 2016: The American public is polled about the issue by Pew Research Center, revealing that 51% of respondents side with the FBI and think that Apple should comply with the court order.



More information from the poll here.

February 25, 2016: Apple files its official legal response to the FBI. The document is written clearly and is meant to persuade a larger audience, according to senior Apple executives.


Bruce Sewell

Apple general counsel Bruce Sewell is leading Apple's legal, which includes big-time outside help, including Ted Olson, a top-tier litigator who argued against Proposition 8 in California, and Marc Zwillinger, one of the top information security lawyers in the world.

March 1, 2016: Finally, the showdown heads to Capitol Hill. Congressmen from both sides of the aisle grill FBI Director James Comey over the FBI's court order, and later press Apple's lawyer Bruce Sewell over what he would like an encryption law to look like.



In general, the representatives on the Judiciary Committee, which held the hearing, were skeptical of Comey's arguments, and a good deal more receptive to Sewell's statement.

It looks like aside from its legal battle, Apple will soon have to convince Congress to pass what it believes an encryption backdoor law should be.


All this information was copy/pasted from here and here.

[.Matthew.]

Hey, at least they have court and the government on their side
Besides, if anybody is related to a crime like murder or terrorism, there shouldn't be any obstructions to crack them down and use any means necessary to obtain more evidence or information using the suspect's phones, computers and similar. And Apple protecting such people, they should just imagine having some of their family members die in a terrorist attack or murdered by somebody, and see how quickly they'd unlock it then.

[Gnb_22]

Hey, at least they have court and the government on their side
Besides, if anybody is related to a crime like murder or terrorism, there shouldn't be any obstructions to crack them down and use any means necessary to obtain more evidence or information using the suspect's phones, computers and similar. And Apple protecting such people, they should just imagine having some of their family members die in a terrorist attack or murdered by somebody, and see how quickly they'd unlock it then.

You must be some kind of special if you don't know the severity of the precident that would be set if Apple were to do this. And lets be honest getting access to that phone isnt going to stop terrorism in the future or changed what happened already in that attack.
Here take a look at this video, its comedy but its factual shit maybe it would enlighten you a little bit.

[Link9rly]

Imagine having some of their family members die in a terrorist attack or murdered by somebody, and see how quickly they'd unlock it then.

*cough*

Not only that but the phones I presume they used were cheap burner phones. I would never support the government having backdoors since they're incapable of foresight.

[.Matthew.]

Never said they should have a backdoor that can be accessed whenever they feel like it, just saying that Apple should do it when there's a guy proved committing terrorist acts. Specifically like in the case which started the court events.

[Robin#]

Topic was updated.

[TiMoN]

Fuck Apple and their business practices, if FBI wants access to the phone of a convicted felon, they should have it no questions asked.

[Robin#]

Fuck Apple and their business practices, if FBI wants access to the phone of a convicted felon, they should have it no questions asked.

Apple want their customers privacy safe. And most of them agree with that.

[.Matthew.]

FBI wants to access a terrorist's phone, what's the fucking issue? common sense they shouldn't make a backdoor that can be accessed anytime whenever someone feels like it, but when they bring in a request to open a phone of a terrorist then fucking make do.

[Robin#]

But the fact is, Israeli firm 'helped FBI crack San Bernardino gunman's cell phone without Apple's help!

[TiMoN]

Apple want their customers privacy safe. And most of them agree with that.

Terrorists aren't entitled to anything but a life sentence.

[Robin#]

An Israeli company helped the FBI in unlocking the iPhone used by one of the San Bernardino, California shooters, according to reports.
Israel's Cellebrite, is a provider of mobile forensic software that says it does business with thousands of law enforcement and intelligence agencies, militaries and governments in more than 90 countries.
An official source told NBC News that the company had helped. Neither the FBI nor Cellebrite has confirmed the reports.
The FBI hacked into the iPhone used by gunman Syed Farook, who died with his wife in a gun battle with police after they killed 14 people in December in San Bernardino.
The iPhone, issued to Farook by his employer, the county health department, was found in a vehicle the day after the shooting.

The FBI is reviewing information from the iPhone, and it is unclear whether anything useful can be found. 
A great deal of speculation centers on Cellebrite — an Israel-based forensics firm that says it does business with thousands of law enforcement and intelligence agencies, militaries and governments in more than 90 countries — though it remains one of several possible candidates.

A company spokesman declined to comment last week.
Cellebrite, founded in 1999, is a subsidiary of Japan's Sun Cor and has had contracts with the FBI dating back to at least 2013.
The firm makes devices that allow law enforcement to extract and decode data such as contacts, pictures and text messages from more than 15,000 kinds of smartphones and other mobile devices.
It also makes commercial products that companies can use to help their customers transfer data from old phones to new ones. Apple even uses Cellebrite devices in some of its stores.
Suncorp's shares have more than doubled in the six weeks since Apple published its letter refusing to help the FBI, reports Fortune.
The FBI's announcement is a public setback for Apple, as consumers suddenly discover they can't keep their most personal information safe and Apple remains in the dark about how to restore the security of its flagship product.
Apple software engineers — and outside experts — are puzzled about how the FBI broke the digital locks on the phone without Apple's help. It also complicated Apple's job repairing flaws that jeopardize its software.



The Justice Department's announcement that it was dropping a legal fight to compel Apple to help it access the phone also took away any obvious legal avenues Apple might have used to learn how the FBI did it.
Magistrate Judge Sheri Pym vacated her February 16 order, which compelled Apple to help the FBI hack their phone, on Tuesday.
The Justice Department declined through a spokeswoman to comment Tuesday.
A few clues have emerged. A senior law enforcement official told The Associated Press that the FBI managed to defeat an Apple security feature that threatened to delete the phone's contents if the FBI failed to enter the correct passcode combination after 10 tries.
That allowed the government to repeatedly and continuously test passcodes in what's known as a brute-force attack until the right code is entered and the phone is unlocked.
It wasn't clear how the FBI dealt with a related Apple security feature that introduces increasing time delays between guesses. The official spoke on condition of anonymity because this person was not authorized to discuss the technique publicly.
FBI Director James Comey has said with those features removed, the FBI could break into the phone in 26 minutes.
Apple said in a statement Monday that the legal case to force its cooperation 'should never have been brought,' and it promised to increase the security of its products.
CEO Tim Cook has said the Cupertino-based company is constantly trying to improve security for its users.
The FBI's announcement — even without revealing precise details — that it had hacked the iPhone was at odds with the government's firm recommendations for nearly two decades that security researchers always work cooperatively and confidentially with software manufacturers before revealing that a product might be susceptible to hackers.
The aim is to ensure that American consumers stay as safe online as possible and prevent premature disclosures that might damage a U.S. company or the economy.



As far back as 2002, the Homeland Security Department ran a working group that included leading industry technology industry executives to advise the president on how to keep confidential discoveries by independent researchers that a company's software could be hacked until it was already fixed.
Even now, the Commerce Department has been trying to fine-tune those rules. The next meeting of a conference on the subject is April 8 in Chicago and it's unclear how the FBI's behavior in the current case might influence the government's fragile relationship with technology companies or researchers.
The industry's rules are not legally binding, but the government's top intelligence agency said in 2014 that such vulnerabilities should be reported to companies.
'When federal agencies discover a new vulnerability in commercial and open source software — a so-called 'zero day' vulnerability because the developers of the vulnerable software have had zero days to fix it — it is in the national interest to responsibly disclose the vulnerability rather than to hold it for an investigative or intelligence purpose,' the Office of the Director of National Intelligence said in a statement in April 2014.
The statement recommended generally divulging such flaws to manufacturers 'unless there is a clear national security or law enforcement need.'

Last week a team from Johns Hopkins University said they had found a security bug in Apple's iMessage service that would allow hackers under certain circumstances to decrypt some text messages. The team reported its findings to Apple in November and published an academic paper after Apple fixed it.
'That's the way the research community handles the situation. And that's appropriate,' said Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute. She said it was acceptable for the government to find a way to unlock the phone but said it should reveal its method to Apple.
Mobile phones are frequently used to improve cybersecurity, for example, as a place to send a backup code to access a website or authenticate a user.
The chief technologist at the Center for Democracy and Technology, Joseph Lorenzo Hall, said keeping details secret about a flaw affecting millions of iPhone users 'is exactly opposite the disclosure practices of the security research community. The FBI and Apple have a common goal here: to keep people safe and secure. This is the FBI prioritizing an investigation over the interests of hundreds of millions of people worldwide.'




This information was copy/pasted from here.

[Teddy]

The FBI needs to disclose to Apple how they breached the phone so Apple can secure their product. Plain and simple. Allowing such an exploit to be left open exposes devices around the world to similar attacks which affects national security. It's really in their best interest.

The FBI fucked up. They had a chance to open the device originally but they made a mistake and Apple wasn't able to help them any further.

[Teddy]

FBI wants to access a terrorist's phone, what's the f**cking issue? common sense they shouldn't make a backdoor that can be accessed anytime whenever someone feels like it, but when they bring in a request to open a phone of a terrorist then f**cking make do.

Once a backdoor exists, it'll find its way to the open and anyone can use it. If it be the FBI, or the lonely criminal sitting in mommy's basement after your credit card details. By merely having the idea of it in existence you undo decades worth of research and progress in information security. Undermining everything specifically in the last 5 or so years in encryption.

[Hevar.]

Proud Samsung Galaxy S6 user here =)