[bjacobel]

> maybe it's time to hand this over before law enforcement wants even more which will doubtless pave the way for mass surveillance of devices.

The FBI is already paving that way with this case. They don't overly care about access to this particular iPhone. They're taking this case through the courts so that they can establish a precedent that allows them to force manufacturer cooperation to unlock any phone.

Edit: If they really cared about access to this individual phone, they wouldn't be going through the courts to get it; they'd be talking to the NSA TAO or other LEO with advanced forensic capability. As several people have pointed out, this iPhone 5C does not have a Secure Enclave and probably does not present a significant challenge to forensically analyze, to people that know what they're doing. They're going through the courts on this so they can get carte blanche to access iPhones 5S and above, which no LEO currently has capabilities to inspect.

Further edit: This is Farook's work phone. His main, personal phone was found destroyed in a dumpster near the site of the attacks. I find it incredibly unlikely the FBI really cares much about the contents of this individual phone, they just want a high-profile test case to expand their surveillance capabilities.

[Amezarak]

> They don't overly care about access to this particular iPhone. They're taking this case through the courts so that they can establish a precedent that allows them to force manufacturer cooperation to unlock any phone.

This is an analysis, not an objective and demonstrable fact.

I could just as well argue that yes, the FBI really does care a lot about this particular iPhone, and that's why the asked-for update is to be keyed to this iPhone and only this iPhone.

At the same time, even assuming that is true, we're talking about the FBI going through a legal process, reviewed by a judge, to get the data off one phone at a time. If that's how it works every time, I don't see a problem; that is how the system is supposed to work. I am kind of baffled as to why we're cheerleading the fact that Apple is refusing to perform what appears to be a perfectly reasonable request that is being made in accordance with the law. If you are operating under the presumption that the government is always a bad-faith actor, then we have much, much bigger problems.

Also, apparently this 'precedent' has already been set; according to a link in the article, Apple had previously offered custom firmware images to law enforcement after a court order that bypassed the lock screen on earlier iPhones.

http://www.cnet.com/news/how-apple-and-google-help-police-by...

[oxymoron]

US law enforcement has an impressive track record of extending their authority through unilateral reinterpretation of the US code. Once it's been established that Apple are able to extract data, what's to prevent agencies from slapping Apple with gag orders and forcing them to comply under completely opaque proceedings, that may not even have a way of appeal? I think Apple is right in resisting while it's still in the open. For all we now, this might really be about forcing them to demonstrate the technical capability to cooperate for use with in one or several secret cases we do not now.

[rconti]

Every comment I've read so far has said that Apple should help in this instance, so I don't see the cheerleading-- yet. Except now I may provide it. I just read Apple's letter to customers, and now I agree with them that the very creation of backdoor software -- even if it's only meant to help in specific instances -- is a dangerous thing. Applying specialized knowledge that Apple has about iOS and iPhones, plus Apple's engineers, to creating an innovative backdoor that does not exist today, means that it can never be un-designed. It will never have fewer people aware of it, unless you kill them after they create the software. The knowledge will only spread. The software can only leak. The engineers can only get conveniently hired by a competitor or foreign government or our own government. I agree, it is troubling.

[uxp]

> creating an innovative backdoor that does not exist today, means that it can never be un-designed

Wasn't it just yesterday a story was published about an upcoming documentary about the STUXnet virus that claims that the US and Israel developed it in secret together and had a very successful, but very limited use for it. Only when Israel allegedly went off on their own to modify and deploy it did it spread wide and far, popping up on the radar of anti-malware companies and getting researched and publicized.

Like what you said, after the exploit/backdoor/software is designed, it can never be un-designed. It will exist as a tool that can only be mitigated, but not destroyed.

[sliverstorm]

The knowledge will only spread. The software can only leak.

Then why don't we have Apple's private keys yet?

Plenty of companies keep a lot of things very secret, including things like powerful debug modes, for a long time. At least long enough that everybody forgets the details and the software has long since rotted away.

[dottedmag]

Because it's Apple who keeps them, not FBI.

Nobody in FBI would give a damn about leaking the patched OS image: it's Apple's reputation on stake, not FBI's.

[pilif]

But. The FBI doesn't want the keys in this case. They not even want a build that works for on any phone but the one in question.

There is nothing of value for the FBI to leak.

This is the huge difference between this order (which I can live with) and blanket encryption backdoors using key escrow or other crap (which I'm absolutely vehemently against and willing to fight to the teeth)

[st3v3r]

"They not even want a build that works for on any phone but the one in question."

That is completely not true. There is no way to make such a thing that can only work on one particular phone. There will be some point at which the compromised firmware image checks to see if it's that device, at which point it would be possible to change that to whatever device you want.

"This is the huge difference between this order (which I can live with) and blanket encryption backdoors using key escrow or other crap (which I'm absolutely vehemently against and willing to fight to the teeth)"

No, there is absolutely no difference between those two.

[tertius]

The original argument is that if an bruteforcy firmware were created that there are now more people who have knowledge and they (Apple employees) are at great risk of exposing the capability in a real way.

Not LEOs.

[jljljl]

If Apple rotates their keys, that means that their private keys can be unlearned, whereas a method to backdoor iPhones could not be unlearned in the same way.

[yorwba]

If the backdooring method uses a special firmware update that needs to be signed by Apple, rotating their keys means that it could be unlearned as well.

[eli]

The court order specifically requests a firmware update that can only be used with that particular device ID.

[ec109685]

Replying to the reply: the FBI doesn't want this leaked because it would jeopardize their own agent's apple devices.

[chishaku]

> This is an analysis, not an objective and demonstrable fact.

No. You don't have to assume that law enforcement or intelligence agencies are bad faith actors to see they are constantly seeking to expand their powers.

http://thehill.com/policy/cybersecurity/235910-fbis-hacking-...

https://www.eff.org/issues/national-security-letters

http://www.latimes.com/nation/nationnow/la-na-nn-fbi-using-d...

https://epic.org/foia/fbi/lpr/

[scott_s]

Amezarak is not (necessarily) assuming they are bad faith actors. Amezarak is pointing out, I think correctly, that the parent poster is inferring intent of an organization from its actions. Without specific documents from that organization spelling out that intent, I agree that such inference is analysis and not fact. It may be reasonable or even probable analysis, but that does not make it fact.

[themartorana]

Also we don't have to assume it because we know it for a fact - they are bad faith actors.

[rfrank]

> If you are operating under the presumption that the government is always a bad-faith actor, then we have much, much bigger problems.

Given what we know about government surveillance programs, why would one assume the government is a good faith actor when it comes to encryption?

[settsu]

> If you are operating under the presumption that the government is always a bad-faith actor, then we have much, much bigger problems.

It needn't be "always", just (perceived as) too often. It seems fair to say the broad sentiment is that the national security arms of U.S. government have broached that barrier.

[gozur88]

>At the same time, even assuming that is true, we're talking about the FBI going through a legal process, reviewed by a judge, to get the data off one phone at a time. If that's how it works every time, I don't see a problem...

And how will we ensure that's the case? Once they have the firmware they need they can install it on other phones.

[delroth]

Maybe that would force manufacturers to be in a position where they can truthfully say "we can't do that". I'd prefer that to the current situation where Apple basically has a backdoor they're just trying to keep for themselves.

[zaphoyd]

As the original article mentions, it sounds like Apple has already engineered a situation where they can't get into their own phones. This Apple only backdoor option exists only in equipment that predates the secure enclave hardware (such as the phone in this case).

[delroth]

Except that there is no proof of this. It was stated as false by John Kelley, an ex Embedded Security engineer at Apple: https://twitter.com/JohnHedge/status/699882614212075520

For all we know so far, Apple could still provide a signed firmware bypassing the bruteforcing delay implemented by the Secure Enclave.

[jarin]

The only way to bypass the brute forcing delay would be to increase computing power, since it's a function of the encryption method used. It basically goes through a number of iterations chosen to make it take about 80 ms per attempt.

[st3v3r]

Such a thing does not currently exist, though. They would have to develop one.

[venomsnake]

They always can. Microcode updates come to mind. While apple have the ability to keep their ecosystems locked, they also have the capability to unlock them.

Probably not easy and not on mass scale. It may even need to have to see inside the silicone itself. Which is expensive and hard. But as long as the keys are on the device or in possession of apple - they can be extracted.

[scarface74]

The private keys are not in the possession of Apple though. The key is in the secure enclave.

[chillacy]

Worse case, you disassemble the die and read the bits off with an electron microscope. It's still possible, just expensive, painful, and maybe dangerous if you damage the chip.

[venomsnake]

As long as there is no law that mandates that a phone must be unlockable to be sold in US (which probably FCC has authority to insist for) - if there is technical capability for a device to be unlocked - it is manufacturers' fault and they must comply.

Apple chose themselves to have total control over the device, signing and ecosystem - now it backfires.