[_rknLA]

It's unclear if you're trolling, but assuming you're not, the analogy doesn't work because digital things and physical things behave in fundamentally different ways.

In the physical example, according to the FBI's "just this one iPhone" claim, one would reasonably expect that the company could then destroy the hypothetical master key as soon as it's used. This makes sense in a physical world, but the analogy breaks down completely in a digital world. [Returning your spider doesn't solve the problem](http://www.27bslash6.com/overdue.html).

In the digital world, you can't guarantee that the key hasn't been copied, and you can't guarantee that destroying the "original instance" of the key destroys all others.

The custom OS that the FBI is asking Apple to build will also take development time, and likely take more than one person to develop, meaning that if there's a security breach during the OS's development, any number of intermediate builds may also be stolen during development, before the FBI can even access the particular phone in question.

[DAddYE]

> It's unclear if you're trolling, but assuming you're not, the analogy doesn't work because digital things and physical things behave in fundamentally different ways.

I'm not trolling at all. Genuine question.

Assuming what Apple said in the open letter is true:

> Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

Is like ask the Company to create a tool/masterkey able to open "just that safe".

I well know that in software you can make the OS to auto destroy itself (TTL) etc... but still imagine that after they get the OS they will copy it and start reverse engineering it.

If we want to force the example is like when they 3D Printed the TSA's master luggage key from ... a picture: (http://www.wired.com/2015/09/lockpickers-3-d-print-tsa-lugga...)

[rhino369]

>In the physical example, according to the FBI's "just this one iPhone" claim, one would reasonably expect that the company could then destroy the hypothetical master key as soon as it's used. This makes sense in a physical world, but the analogy breaks down completely in a digital world.

Why not? Can't apple just delete it?

>In the digital world, you can't guarantee that the key hasn't been copied, and you can't guarantee that destroying the "original instance" of the key destroys all others.

You can't do that in the physical world either. But you can be pretty damn certain that it isn't done.

>The custom OS that the FBI is asking Apple to build will also take development time, and likely take more than one person to develop, meaning that if there's a security breach during the OS's development, any number of intermediate builds may also be stolen during development, before the FBI can even access the particular phone in question.

Apple already takes this risk with every since iOS release.

[_rknLA]

Yes, but leaks of pre-release iOS software can't be installed on locked phones as a means of unlocking them, so the risk is not nearly the same.

If you really want to carry this analogy to term, fine, I'll concede that you can't be 100% sure that a physical key wasn't copied before you destroy it, but then you must take into consideration the complexity of manufacture and duplication - if the complexity of duplication is high, and you only make one, and guard it at all times, you can have a fairly high confidence (barring ridiculous film plots) that the key you're destroying is the only one.

With digital things, the complexity of duplication is beyond trivial. One copy leaks, and instantly there are tens of thousands, if not millions of copies in all corners of the internet. Physical objects simply do not behave this way.

[studentrob]

> Why not? Can't apple just delete it?

Are you kidding? Law enforcement across the country wants to use this on thousands of phones.

Even if it were truly going to be used only on one phone, there's still a risk that the signed software gets out. That risk is exponentially increased when you realize that Apple will be required to retain this software for responses to law enforcement requests indefinitely.

[martin-adams]

>> It's unclear if you're trolling, but assuming you're not, the analogy doesn't work because digital things and physical things behave in fundamentally different ways.

I'm not sure I fully agree that things are different because it's physical over digital.

Lets say that the way a safe manufacturer could circumvent the lock on the safe is to build a custom tool that can rapidly try every combination much faster than any currently known method. Such a tool could be reverse engineered (i.e. copied) after returning it.

I agree that copying software is far easier than hardware, but it's the design of the tool that's important, not it's physical representation.

The only way I would agree with the FBI's "just this one iPhone" statement is if they got Apple to crack it and they just returned the data but not the method. Which of course they wont do.

[studentrob]

> I'm not sure I fully agree that things are different because it's physical over digital.

...

> I agree that copying software is far easier than hardware, but it's the design of the tool that's important, not it's physical representation.

So you do understand that software is different. It is easily copyable, and all software is copyable.

> The only way I would agree with the FBI's "just this one iPhone" statement is if they got Apple to crack it and they just returned the data but not the method. Which of course they wont do.

I wouldn't even agree to that. Creating a signed copy of this software creates a vulnerability in iPhones worldwide that does not exist today.