News Community Reacts to Apple vs FBI Story

[Dr. Courtney]

And that's just it: I think the "right to privacy" means a lot less than most people realize today (it does not enable one to evade a search warrant). Allowing uncrackable encryption would be a substantial expansion of it.

The main issue here is more concerned with the right of third parties to choose whether they assist in executing search warrants rather than the right of suspected criminals to evade them.

Further, while I have no interest in evading search warrants issued by US courts to US agencies, I'm not sure I want my electronic devices subject to searches by foreign governments. Apple points out that any precedents set by US agencies will also be pursued and likely acquired by foreign governments as well.

 

[Borg]

Apple really seems to be shooting themselves in the foot. They could have cooperated with the FBI and then make future phones truly non-decryptable. The FBI wouldn't have been able to ask to decrypt phones after that because Apple would be able to honestly say that it's impossible. At that point, the FBI couldn't go to court to unlock a particular phone and any court case attempting to make all non-decryptable phones illegal wouldn't make it very far. Their only recourse would be to petition congress to make it illegal. I don't think that the FBI would want to be seen as trying to create new laws. And, let's not forget that the FCC is the primary governing body for telecommunications so they would certainly get involved as well. In short, there would be so many narrow hoops for the FBI to jump through that I don't see a likely scenario where they could achieve a change like that after the fact.

By literally making a federal case out of this, Apple is forcing the judicial branch to make decisions concerning their business. The longer this goes on, the more likely that congress will also get involved. Both of those situations could impact their ability to create unbreakable phones in the future. Apple is lucky that they weren't fighting this case right before 9/11. If there is a significant terrorist act where a non-decryptable phone is involved, Apple's protests will be toast.

 

[anorlunda]

They could have cooperated with the FBI and then make future phones truly non-decryptable.

You're really missing the whole point of this thing. The government to order would require Apple to modify the design to give FYI access. Under that doctrine, nobody would be allowed to design a truly non-decryptable device (for public use) in the future.

 

[Borg]

You're really missing the whole point of this thing. The government to order would require Apple to modify the design to give FYI access. Under that doctrine, nobody would be allowed to design a truly non-decryptable device (for public use) in the future.

Not really. This case is no different than the government getting a court order to have a locksmith open a lock. He might have to make a key to do it but he is not changing the design of the lock. If Apple had truly created a non-decryptable phone, no locksmith-created key in the world would get anyone in.

 

[russ_watters]

Further, while I have no interest in evading search warrants issued by US courts to US agencies, I'm not sure I want my electronic devices subject to searches by foreign governments. Apple points out that any precedents set by US agencies will also be pursued and likely acquired by foreign governments as well.

That sounds wrong to me at face value, but given your other arguments and the vagueness of that position, I can't be sure what sort of scenario you are imagining -- but I expect it is probably unrealistic.

 

[Dr. Courtney]

That sounds wrong to me at face value, but given your other arguments and the vagueness of that position, I can't be sure what sort of scenario you are imagining -- but I expect it is probably unrealistic.

Is it unrealistic to expect that Americans traveling in other countries might have their electronics stolen or confiscated with subsequent attempts of those foreign governments to access the contents?

 

[russ_watters]

You're really missing the whole point of this thing. The government to order would require Apple to modify the design to give FBI access. Under that doctrine, nobody would be allowed to design a truly non-decryptable device (for public use) in the future.

I think - again - this is Apple's misrepresentation tripping you up. The court order specifies Apple making and using (and destroying, if they want) the new OS only on this phone. It doesn't say anything about future features of phones that don't exist (how could it?). Compliance with the order is only possible because of Apple's back door into the phone. If they had waited until they had a truly uncrackable phone to make a stand, there wouldn't really have even been any need for a stand! It would be futile to order someone to do something impossible!

I agree with Borg that they overplayed their hand here. They are probably overestimating their power of/over public opinion.

See Uber for how successful the Just Do It (and let the government catch up) approach can be.

 

[anorlunda]

It doesn't say anything about future features of phones that don't exist (how could it?).

That's absurd.

How could it? By precedent. Come on Russ, surely you're aware of how courts use precedent to reapply past decisions to future cases.

 

[russ_watters]

Is it unrealistic to expect that Americans traveling in other countries might have their electronics stolen or confiscated with subsequent attempts of those foreign governments to access the contents?

No, it isn't. But it is unrealistic (bizarrely) to think that Americans could/should be exempt from the laws of the countries they are visiting!

 

[russ_watters]

That's absurd.

How could it? By precedent. Come on Russ, surely you're aware of how courts use precedent to reapply past decisions to future cases.

How can you apply the precedent of helping to crack a phone to phones that are uncrackable? The order does not forbid them from making future uncrackable phones. I think Apple is correct that the law will need to be clarified for that.

Heck, if you were correct about how broad the precedent could be, we wouldn't be having this conversation! Apple has always complied with phone cracking requests in the past, so by your logic they should already be forbidden to make uncrackable ones.

 

[jackwhirl]

Apple has always complied with phone cracking requests in the past, so by your logic they should already be forbidden to make uncrackable ones.

No comment on the rest, but this article states that previous requests did not compromise encrypted data.

From the fifth paragraph:

The scope of the encrypted data changed with iOS 8, moving to include contacts and texts, but the encryption itself didn’t change and there was a lot of app data that was simply inaccessible on both systems.

 

[nsaspook]

And that's just it: I think the "right to privacy" means a lot less than most people realize today (it does not enable one to evade a search warrant). Allowing uncrackable encryption would be a substantial expansion of it.

Uncrackable (robust non-key recovery encryption) encryption is allowed by default in the USA so a law disallowing it would be a reduction in the freedom to left alone. Prohibition didn't work with booze, drugs or with anything else a large percentage of people want and are willing to pay for. The computer hardware and code to implement digital privacy can't be made to disappear by waving the magic wand of law.

 

[Borg]

Uncrackable (robust non-key recovery encryption) encryption is allowed by default in the USA so a law disallowing it would be a reduction in the freedom to left alone. Prohibition didn't work with booze, drugs or with anything else a large percentage of people want and are willing to pay for. The computer hardware and code to implement digital privacy can't be made to disappear by waving the magic wand of law.

Makes me wonder how the current certificate authorities are currently set up. For the web server that I'm running, I created my own certificates. As soon as I did that, I couldn't view the pages on my phone. Even though I could accept the certificates, the phone wouldn't let me put them in my trusted folder without rooting the phone. It may be that the phone company that installed the OS, did that to protect people from themselves. However, I do wonder how many authorities in the default trust list have key recovery encryption capabilities for the certificates that they provide.

 

[russ_watters]

Uncrackable (robust non-key recovery encryption) encryption is allowed by default in the USA so a law disallowing it would be a reduction in the freedom to left alone.

You are referring to current law (and you are probably correct), but I am referring to what exists. A law change would limit what is allowed, but would not reduce the actual security/privacy that currently exists.

Apple says they want to give their customers uncrackable encryption and it is currently legal for them to do so (so why didn't they?).

It tends to be easier to do it and then let the government react, because the claim of a reduction in freedom is a lot easier to justify if people are already doing it.

Also, I said "probably" because the courts tend to like specificity in the law, but it is also possible to interpret existing law (previously cited) as already requiring access.

 

[nsaspook]

You are referring to current law (and you are probably correct), but I am referring to what exists. A law change would limit what is allowed, but would not reduce the actual security/privacy that currently exists.

Apple is not the entire domestic security universe. Products exist today that provide total encryption and no OEM backdoors for domestic use.
Example: https://silent-circle.myshopify.com/products/blackphone2

Not for sale to the public:
https://en.wikipedia.org/wiki/Boeing_Black

 

[Dr. Courtney]

No, it isn't. But it is unrealistic (bizarrely) to think that Americans could/should be exempt from the laws of the countries they are visiting!

It is appalling that you are OK with foreign countries imprisoning US citizens without due process, issuing warrants without probable cause, or hacking into the private phones and computers of US citizens without a legitimate reason. Are you really naive enough to believe that officials of all foreign governments visited by US citizens follow their own laws? Do you believe every court order issued by every nation is really just? When I was a Dept of Defense employee, there was a long list of countries we were not supposed to visit, because the DoD had no way to ensure our civil rights would not be violated while we were there. I'm sure that list of countries has grown by now.

Our founding fathers left the other nations of the world and set up something different, because of the rampant abuses of human rights throughout the world. These abuses still exist in much of the world. It is shameful that you would deny US citizens a technological advantage when being faced with the possibility of being subjected to these abuses.

Is it unreasonable to suppose that those who think its OK for US citizens to be subject to these human rights abuses by foreign governments won't object when our government does the same things?

 

[jackwhirl]

It is appalling that you are OK with foreign countries imprisoning US citizens without due process, issuing warrants without probable cause, or hacking into the private phones and computers of US citizens without a legitimate reason.

You're really reading a lot into what russ said. When it comes to corrupt governments and repressive regimes like you are describing, Apple can ignore demands from such, pretty much with impunity.

 

[russ_watters]

It is appalling that you are OK with foreign countries imprisoning US citizens without due process...

Yeah, and that's what I mean about your vague posts having elaborate fantasies behind them. I have no idea where you are getting that idea and I certainly wouldn't be ok with any such thing. Maybe if you describe a very specific scenario, I'll let you know what I think about it.

To be clear, here:

Is it unrealistic to expect that Americans traveling in other countries might have their electronics stolen or confiscated with subsequent attempts of those foreign governments to access the contents?

Try applying that to, say, France. Let's say you start a Ponzi scheme in France and use your iPhone to orchestrate it. Do you think your Apple encryption should be allowed to protect you from a French search warrant? I don't. If the French government confiscates your cell phone and attempts to access its contents, I think it should be entitled to after going through proper legal channels. Heck, if you kept the records of your fraud in a duffel bag instead of a cell phone, they wouldn't need to crack it, they could just get a warrant and confiscate it. You think a cell phone should be exempt from that because...it is possible to do it?

 

[zoobyshoe]

Can I just say that I believe that if you used the device in commission of a felony, you've lost your right to have the information hidden?

That means that the information can be viewed, it can only be used as evidence, evidence can either make you not guilty or guilty, so it should be allowed. In the case of terrorism, there should be no question, it should be allowed.

Everyone has forgotten that the County of San Bernadino owns this phone. They bought phones for their employees for work purposes. The County of San Bernadino gave the FBI permission to get into the phone pretty much from the get-go. Farook was a government employee. That fact is the tip of an iceberg that no one has explored. Apple is not taking a stand here for the privacy of individual citizens who might buy their phones.

Googling, I find this very interesting site:
http://www.apple.com/r/store/government/
Apple offers volume discounts to government agencies.

The question I have, though, is why do government agencies buy phones for their employees at all? They have a job, why can't they get their own phones? This article from a few years ago sheds light:
http://www.cnn.com/2012/02/03/tech/mobile/government-android-phones/

Currently, the United States doesn't allow government workers or soldiers to use smartphones for sending classified messages because the devices have not met security certifications.

Officials have said they worry that hackers or rogue apps could tap into the commercial version of Android and spill state secrets to foreign governments or to the Web through a publisher such as WikiLeaks. As many as 5 million Android users may have had their phones compromised by a recent virus outbreak rooted in apps found on Google's market, said security software maker Symantec.

But with a secure smartphone, a soldier could see fellow infantry on a digital map, or an official could send an important dispatch from Washington's Metro subway without fear of security breaches.

As you'd expect, the government is concerned about the security of its own communications. The employee's own phone might not be secure enough.

But, San Bernadino county didn't give androids out, it gave Apples. This next (also old) article explains that the government has also been giving its employees Apples (not just androids):

The Army is issuing iPhones, iPads, Android-based devices, Touch Pros, Palm Treos, and Kindles as part of its http://www.informationweek.com/news/government/mobile/228800712 . The program aims to equip soldiers with the communications and other tools they need from the classroom to the battlefield.

One of the key reasons Apple and Android-based smartphones and tablets are becoming popular with federal agencies is their ability to support video and other graphics-rich applications, Keitt said.

A pilot project at the Bureau of Alcohol, Tobacco, and Firearms provides a glimpse of the possibilities. ATF http://www.informationweek.com/news/government/mobile/224200223 using iPhones and other smartphones that let agents in the field monitor surveillance video taken by IP cameras of drug trafficking and other crimes. The idea, similar to the Army's interest in the devices, is to give agents access to pertinent information anytime, anywhere.

Agents with the U.S. Marshals Service today carry BlackBerries. But the agency is mid-way into a six month trial of iPads, iPhones, and Android-based devices, according to its CIO, Lisa Davis. http://www.informationweek.com/news/government/enterprise-apps/228000084 are also reportedly using iPhones.

http://www.informationweek.com/mobile/federal-agencies-embrace-iphones-ipads/d/d-id/1098071?

So, in all this Apple vs FBI situation, no one has mentioned the huge number of government and military personnel who require completely secure phones, nor all the recent experiments it has undertaken with different kinds of phones to achieve security. That Farook had this very secure phone at all, was because he was a government employee. Don't lose sight of that.

The FBI has put Apple in the vice and is squeezing it while Apple grits its teeth and tries to endure in order to reassure all its government and military customers (among others) who need secure devices, that it won't compromise its security for anyone. Ironically, everyone, including the FBI, has forgotten Farook was a government employee who required a secure device. The crime was emotionally incendiary, so now he's exclusively viewed by the FBI (and everyone) as a terrorist and his capacity as a government employee is forgotten. That's a twist no one in the quest for secure government phones anticipated and which people have avoided focussing on: the terrorist was a government employee with a need for a secure device.

The crime was emotionally incendiary, so the FBI has had many fires lit beneath it, no doubt, to "do something!" Squeezing Apple is "something", therefore Apple must be squeezed, despite the fact it's doubtful there's anything important on the phone. There are probably huge numbers of high ranking people in government and the military, and also lawyers and people in industry - people who want completely secure phones - who are afraid to speak up for Apple in this case, because of the weird "perfect storm" circumstance, where speaking up for complete phone security can, and is being, construed by moral entrepreneurs (Senator Tom Cotton) as pro-terrorist.

On top of having fires lit beneath it, the FBI, and all law enforcement, has had a big issue with "going dark" for a while. Encryption (going dark) hinders them, so, from their perspective, it's a bad thing. Politicians, judges, government agencies, and all branches of the military, however, want good encryption for obvious reasons, so every branch of the government outside law enforcement is at odds with law enforcement on this issue. (But, I'm sure, very regretfully so.)

Anyway, I think the FBI is going to squeeze Apple very hard, not because of this one refusal, but because it is frustrated at Apple for being a leader in phone security. But, while secure phones hinder law enforcement, don't forget they hinder people who want to listen in on people in the government, in the military, and in law enforcement. That includes terrorists, and governments like those of North Korea, Iran, Syria, etc.

In short, this is a very complicated situation.

 

[nsaspook]

Everyone has forgotten that the County of San Bernadino owns this phone. They bought phones for their employees for work purposes. The County of San Bernadino gave the FBI permission to get into the phone pretty much from the get-go. Farook was a government employee. That fact is the tip of an iceberg that no one has explored. Apple is not taking a stand here for the privacy of individual citizens who might buy their phones.
...
In short, this is a very complicated situation.

This just means the FBI and The County of San Bernadino displayed gross incompetence in handling this phone.
http://www.theguardian.com/technology/2016/feb/20/san-bernadino-county-fbi-gunman-apple-account

 

[zoobyshoe]

This just means the FBI and The County of San Bernadino displayed gross incompetence in handling this phone.
http://www.theguardian.com/technology/2016/feb/20/san-bernadino-county-fbi-gunman-apple-account

Whatever. You're completely missing my point: this has nothing to do with some individual's right to privacy. Apple is posturing here for the benefit of other parts of the government (other than law enforcement) who want secure phones. Apple wants the largest possible piece of the Government market for secure phones. Think about it. Best case scenario: everyone in the military is required to have an iPhone.

 

[Dr. Courtney]

Try applying that to, say, France. Let's say you start a Ponzi scheme in France and use your iPhone to orchestrate it. Do you think your Apple encryption should be allowed to protect you from a French search warrant? I don't. If the French government confiscates your cell phone and attempts to access its contents, I think it should be entitled to after going through proper legal channels.

The French are probably smart enough for their own geeks to crack it or to have McAfee's geeks crack it.

The Iranians, Mexicans, and most nations many likely to abuse such invasions of privacy probably won't be able to crack it.

Can you make a strong case that Apple is the only party in the US capable of cracking this phone?

Can you make a strong case that a search warrant is not just _permission_ for government to search, that it confers on the government the power to conscript any party they deem necessary to execute the search to their satisfaction?

Finally, which foreign countries will it be acceptable to conscript US parties to execute their searches? France seems to have your approval already.

 

[mheslep]

The one sided statements from Apple on this issue irk me, as this is a hard problem and pretending it's one sided makes it worse. By contrast, here is director Comey

"But in the larger conversation, I think our role is just to make folks understand what are the costs associated with moving to a world of universal, strong encryption.

"There's tons of benefits," Comey continued. "I love encryption, I love privacy, but when I hear corporations saying we're going to take you to a world where no one can look at your stuff, part of me thinks, that's great, I don't want anybody looking at my stuff.

"Then I step back and say, law enforcement, which I'm part of, really does save people's lives, rescue kids, rescue neighborhoods from terrorists, and we do that a whole lot with court orders that are search warrants; and we do it a whole lot with search warrants of mobile devices."

Comey is the finest appointment Obama has made in his tenure.

 

[nsaspook]

Whatever. You're completely missing my point: this has nothing to do with some individual's right to privacy. Apple is posturing here for the benefit of other parts of the government (other than law enforcement) who want secure phones. Apple wants the largest possible piece of the Government market for secure phones. Think about it. Best case scenario: everyone in the military is required to have an iPhone.

That's your position but I think it misses the mark on why this case is happening now. Sure Apple wants to sell secure phones to governments (a slice of the profit pie) but it also doesn't want to 'sell' secure phone cracking software that might reduce it's larger public sales slice of that same pie.
Apple phones are not secure from the managers of supplied phones unless those managers fail to lock-down the access correctly with MDM software. Farook was a government employee with a government managed Apple phone and a government IT dept that could have configured the phone to allow them access period but they didn't.

The governments fall-back position is to force Apple to produce something that could be used at future requests on any individual's phone with a proper warrant or court order if the FBI wins. I personally think the balance is with the FBI in this one case but soon technology will make winning a moot point.

 

[nsaspook]

The one sided statements from Apple on this issue irk me, as this is a hard problem and pretending it's one sided makes it worse. By contrast, here is director Comey
Comey is the best appointment Obama made in his tenure, period, end of story.

Sure, it's a hard problem for law enforcement to circumvent the bill of rights by limiting domestic use of universal, strong encryption. I don't think they are close to making that case today even if it was remotely possible for a law to be effective.

What about the children? Heavy sigh.

 

[zoobyshoe]

That's your position but I think it misses the mark on why this case is happening now. Sure Apple wants to sell secure phones to governments (a slice of the profit pie) but it also doesn't want to 'sell' secure phone cracking software that might reduce it's larger public sales slice of that same pie.
Apple phones are not secure from the managers of supplied phones unless those managers fail to lock-down the access correctly with MDM software. Farook was a government employee with a government managed Apple phone and a government IT dept that could have configured the phone to allow them access period but they didn't.

The governments fall-back position is to force Apple to produce something that could be used at future requests on any individual's phone with a proper warrant or court order if the FBI wins. I personally think the balance is with the FBI in this one case but soon technology will make winning a moot point.

I think the general public would have easily been placated by Apple endorsing the FBIs story that it's just this one time and they are destroying the tool after one use. This stand is to impress someone else.

The FBI is likely going to try and fold this case into their larger agenda against "going dark":
https://www.fbi.gov/about-us/otd/going-dark-issue
and Apple is posturing for parts of the government who actually need completely "dark" phones, and wouldn't like to think Apple keeps tools on hand to let the FBI in when it asks. I believe they feel they are ahead in this technology and would get the lion's share of the government market.

 

[Evo]

It used to be Blackberry that furnished all of the cell phones to the government. They had more secure servers and if a phone was missing, they could remotely erase all information on it. Phones could be locked and the IT department had to be pretty dumb not to have these passwords.

My opinion on the matter - By refusing to allow a criminal/terrorist investigation to proceed because you want more money from future sales is criminal, I feel Apple is intentionally obstructing a criminal investigation and they should face charges if they do not give access to the phone's information if it has been legally warranted.

Together with state and federal prosecutors around the country, they viewed tech companies as making money while protecting terrorists, kidnappers, pornographers and others who use encryption to hide illegal schemes.

http://www.latimes.com/nation/la-na-fbi-apple-20160220-story.html

Being a cell phone is no different than getting access to an alleged criminal's home, safety depost box, financial accounts, and anything else that could shed light on the criminal investigation. Since these other things are allowed, a cell phone is no different, it just contains information that can and should be obtained in any criminal investigation.

 

[zoobyshoe]

But refusing to allow a criminal/terrorist investigation to proceed because you want more money from future sales is criminal, I feel Apple is intentionally obstructing a criminal investigation and they should face charges if they do not give access to the phone's information if it has been legally warranted.

You can spin it that way. You can also spin it such that the FBI is working to prevent the military from having secure phones, which puts our troops in harms way. It's easy to spin it any way your confirmation bias leads you.

 

[Evo]

You can spin it that way. You can also spin it such that the FBI is working to prevent the military from having secure phones, which puts our troops in harms way. It's easy to spin it any way your confirmation bias leads you.

They would need to follow the same security protocals as any in place for any means of sensitive information.

 

[zoobyshoe]

They would need to follow the same security protocals as any in place for any means of sensitive information.

Not sure what you mean. My point is that a person can pick any party they want in this and demonize them. Demonizing makes it easier to reach a mental conclusion and dissolve cognitive dissonance.