FBI demanding Apple build in a backdoor to the IPhone

[Tribble]

Btw, we can already call bullshit on the idea that this is a one-off situation:

http://www.wsj.com/articles/justice-dep ... 1456202213

Justice Department Seeks to Force Apple to Extract Data From About 12 Other iPhones; Apple embroiled in phone court fights beyond San Bernardino; cases don't involve terrorism charges, sources say

The Justice Department is pursuing court orders to force Apple Inc. to help investigators extract data from iPhones in about a dozen undisclosed cases around the country, in disputes similar to the current battle over a terrorist's locked phone , according to people familiar with the matter.

The other phones are at issue in cases where prosecutors have sought, as in the San Bernardino, Calif., terror case, to use an 18th-century law called the All Writs Act to compel the company to help them bypass the passcode security feature of phones that may hold evidence, these people said.

The specifics of the roughly dozen cases haven't been disclosed publicly, but they don't involve terrorism charges, these people said.

Related

* Apple, FBI Wage War of Words

* Apple Calls for Commission to Address Issues Over San Bernardino Gunman's Phone

* San Bernardino Had Software That Could Have Given FBI Access to Shooter's iPhone

Privacy advocates are likely to seize on the cases' existence as proof the government aims to go far beyond what prosecutors have called the limited scope of the current public court fight over a locked iPhone used by one of the San Bernardino shooters.

Law-enforcement leaders, however, may cite the existence of the other cases as evidence that the encryption of personal devices has become a serious problem for criminal investigators in a variety of cases and settings.

In the San Bernardino case, the Federal Bureau of Investigation is trying to force Apple to help it beat the passcode system on a work phone used by Syed Rizwan Farook who, along with his wife, carried out a terror attack on his co-workers on Dec. 2 that killed 14 and injured 22. A judge has granted the Justice Department's request for a court order directing Apple to help the FBI, and Apple is fighting the order .

Separately, federal prosecutors in New York are sparring with Apple over an iPhone seized in a drug investigation there. In that case, prosecutors filed a letter with U.S. Magistrate Judge James Orenstein late Monday that indicates there are other cases in which the government has obtained similar court orders, but the letter doesn't provide further detail.

"In most of the cases, rather than challenge the orders in court, Apple simply deferred complying with them, without seeking appropriate judicial relief,'' the prosecutors wrote.

Apple argues that helping the FBI the way the bureau wants would endanger the privacy of its customers . "Forcing Apple to extract data in this case, absent clear legal authority to do so, could threaten the trust between Apple and its customers,'' the company has argued in court papers in the New York case.

In that case, prosecutors have criticized Apple for resisting their demands, saying the company for years complied with such orders until late last year, when Apple began asserting it should not be forced to provide such assistance. Prosecutors have been particularly critical of Apple's contention that to help bypass the passcode feature would "tarnish the Apple brand.''

The judge in the New York case has asked whether it was legal for the government to force Apple to extract data from a locked phone--an indication to some legal experts that he is considering rejecting the government's rationale.

The dozen other phones now the subject of legal battles were seized in a variety of criminal investigations, but they are not terrorism cases like the San Bernardino investigation, people familiar with the matter said.

The dozen or so cases are also distinct from San Bernardino in that many of them involve phones using an older Apple operating system, which has fewer security barriers to surmount, these people said.

But they are similar in the sense that the government is trying to force Apple through the courts to help investigators extract data from otherwise locked iPhones, these people said.

As the fight over the San Bernardino phone became public last week, federal prosecutors and the FBI said they are not seeking to set a precedent in the case, but to get the company to help them open a single phone that may hold crucial evidence to help explain the most deadly terrorist attack on U.S. soil since Sept. 11, 2001.

In a filing last week in the San Bernardino case, federal prosecutors argued the order they have obtained "is tailored for and limited to this particular phone. And the order will facilitate only the FBI's efforts to search the phone... Nor is compliance with the order a threat to other users of Apple products.''

The same filing also argued that what is at stake in the case is permission for the government "to search one telephone of an individual suspected of being involved in a terrorist attack.''

Apple has directly challenged those claims.

"The government suggests this tool could only be used once, on one phone. But that's simply not true,'' Apple CEO Tim Cook wrote last week in a letter to customers. "Once created, the technique could be used over and over again, on any number of devices... The government is asking Apple to hack our own users and undermine decades of security advancements.''

Yes, they are talking about older phones, but that's not the point - it's quite clear that what law enforcement agencies are really after is the legal precedent that would let them get court orders for every phone that seize in an investigation.

[Channel72]

Yes - and this is already a problem for like 80% of smart phone users in the world - since you can already do this with Android. So my point is simply, why is everyone so worried about this?

As I've said multiple times before, it's the legal precedent that's the problem, since it would potentially allow the FBI and other law enforcement agencies to get court orders demanding that cellphone companies assist with every phone that they seize. I guarantee they are not going to stop with this particular phone. As I mentioned earlier, If this turns into a precedent which law enforcement agencies can use, phone companies may have to develop one-off software for every phone that they are ordered to assist with (which could easily number in the thousands, if not more), develop software that can open up all of their phones (in order to save costs), or design their phones in such a way so that law enforcement agencies can access them without needing the phone companies' help.

I am no legal expert in any way - so I can't comment directly on how much of a threat this is. But my understanding is that law enforcement agencies routinely issue court orders for private companies (like Facebook) to hand over private user information for the purposes of an investigation. Everytime some idiot shoots up a school, all their private chats and everything are usually handed over to the police/FBI. Why is this incident significantly different?

I understand in this case the FBI actually wants Apple to create a customized OS just for them... but given that this is already possible with other mobile OS's...

[Dominus Atheos]

Because two words: warrantless dragnets. We now know that the government has been spying on literally everyone for years now, vacuuming up all data that they can get their hands on without ever asking a judge or anyone else.

If we knew for sure that the government would only use this capability with a duly issued warrant (and IMO not ex parte, some public defender or somebody should be there to argue against the warrant, but that's probably a separate issue) then maybe we could have a discussion about it, but not while there is any chance that the FBI or NSA (or China) could use it as they please with no oversight.

[Terralthra]

It's worth noting that if the All Writs Act and this precedent is interpreted as the FBI want it to be - that coding a new version of the OS is not an undue burden, because coding OSes is something Apple does - there's nothing preventing a court order to, say, a shredding company to make shredding machines that shred things less thoroughly, because thoroughly shredded documents are too hard for the FBI to piece back together.

Is that a legal precedent you're comfortable setting?

Uh... yeah, that's the point. Apple creating a patched iOS that bypasses security measures also doesn't magically make it running on my phone. Is my point really that unclear to you?

Okay - fair enough. I brought up Android precisely because anybody can already create a version of Android that bypasses security. So it's not like this is really any kind of serious threat, since these hacked versions of Android aren't going to be distributed by vendors - and it's the same with iOS.

iOS phones can be made to install a software update externally, provided said software is signed with Apple's private key.

I'm a native English speaker, and my impression here is that the FBI just wants Apple to create a one-off version of iOS that disables the timeout - not necessarily force Apple to integrate backdoors into future version of iOS that will run on everyone's phone.

Creating a security-compromised version and signing it with Apple's private encryption key would let it run on any compatible phone (iPhone 5C in this case). Apple could be legally compelled by any agency of any government of a country in which Apple hopes to do business to provide said version to them, as well. China, Russia, Saudi Arabia, anywhere. The security of all iPhones is now dependent on the operational security of the worst agency of the worst government in the world. The US had the OPM's vital records stolen. Do you want to trust agencies that are doubtless worse with it?

So far as I know, most Android versions do not have auto-update in this fashion. You have to crack the bootloader (possible in some instances, certainly) and install it manually. It's certainly a little easier than for older iPhones just because of closed source, but it's still non-trivial due to the need to crack the bootloader and various software verification schema built into those (many of which are proprietary). Newer iPhones should be close to invulnerable if set up properly, due to the separate encryption processor, unless the precedent is set here that Apple can be compelled to create an insecure OS.

[Darth Holbytlan]

Such a firmware would not seem to be generally useful for attacking other iPhones, though. The FBI's request is that the special firmware be tied to the specific device. Every iPhone contains a multitude of unique identifiers that are baked into its hardware (the serial number, the cellular radio IMEI, and the Wi-Fi and Bluetooth MAC), and the court order explicitly states that the custom firmware must be tied to the San Bernardino phone's unique identifier, such that it can only run on that specific phone.

Assuming that this can be done (and done robustly), it means that even if the custom firmware were given to nation-states or even published on the Internet, it would not serve as a general-purpose way of performing brute-force PIN attacks. It would be useless on any device other than the San Bernardino device. To make such leakage less likely, the court order does allow for the possibility that the custom firmware might be used only at an Apple location, with the FBI having remote access to the passcode recovery system.

Interesting. That changes the technical analysis of the dangers of the request, at least regarding this request in isolation. I would have some questions about how unchangeable/unspoofable these identifiers are to someone with physical access to the phone, but on the whole it seems likely that creating and signing the modified OS as requested by the FBI would risk anyone else's phone significantly.

Oddly enough, I think there might be more dangers to an equivalent modification to Secure Enclave phones. The reason being that the Secure Enclave, being a small, isolated unit, is less likely to have access to a unique identifier usable for this purpose. In fact, current generation iPhones might have nothing usable—I know it has the UID and GID, but the UID is unknown to Apple and the GID isn't unique.

Once you start considering what happens as, inevitably, they have to deal with regular warrants for iPhone searches becomes more complex, as they would have to implement a regular process to handle and create these security-cracking OS images. Any process like that becomes vulnerable to attack or simple mistakes.

Yes - and this is already a problem for like 80% of smart phone users in the world - since you can already do this with Android. So my point is simply, why is everyone so worried about this?

I think the 20% of people with better security might object to having the extra security they paid for taken away. And the 80% might object to having the option to get better security in the future removed as well. Smart phones have large amounts of personal information on them (much more than a typical wallet for most people); their owners have a right to be concerned about weakening the potential to protect themselves from identity theft after their phone is stolen now and in the future.

How much this court order actually threatens this—either directly through the created OS or from the order's wider implications—is a different question.

[Paolo]

Not sure if any attorneys are members that might want to weigh in on this, but I'd like to know more about the All Writs Act and, in this particular case, how the 13th Amendment may apply.

There's a reddit discussion on the matter.

[Borgholio]

A Federal judge just ruled that the government overstepped the intended use of All Writs Act, and that Apple does NOT have to comply with the government's request.

http://www.nytimes.com/2016/03/01/techn ... .html?_r=0

A federal judge denied the United States government’s request to open an Apple iPhone in a drug case in New York, a move that gives Apple’s pro-privacy stance a boost and that has implications for other cases where federal investigators are trying to get data from tech companies.

Magistrate Judge James Orenstein in New York’s Eastern District said in a ruling on Monday that the United States government couldn’t use a law called the All Writs Act to force Apple to hack into an iPhone that was seized in connection with a drug case. The government overstepped what the All Writs Act was intended for, the judge wrote.

“After reviewing the facts in the record and the parties’ arguments, I conclude that none of those factors justifies imposing on Apple the obligation to assist the government’s investigation against its will,” Judge Orenstein wrote. “I therefore deny the motion.”

The All Writs Act is also at the center of Apple’s recent fight with the F.B.I. over a phone used by one of the attackers in last year’s mass shooting in San Bernardino, Calif. A federal magistrate judge in California ordered Apple to help break into the device, prompting Apple’s chief executive, Timothy D. Cook, to publicly defy the order.

In the San Bernardino case, the government goes beyond using the All Writs Act to ask Apple for data and also asks the company to create new software that would help it to bypass security functions on an iPhone.

[biostem]

Quick question: Can the government compel the maker of a physical lock to assist them in opening said lock? Isn't that kind of what's going on here?

[Darth Holbytlan]

A Federal judge just ruled that the government overstepped the intended use of All Writs Act, and that Apple does NOT have to comply with the government's request.

http://www.nytimes.com/2016/03/01/techn ... .html?_r=0

There is a lot of interesting detail in the article (not quoted by Borgholio), and it links the actual order. Apparently, Apple has been complying with these All Writs Acts orders for a while (in 70 cases) without questioning that they were legitimate. When a case came up before this judge, with the FBI requesting yet another writ, the judge basically asked Apple if they were sure they didn't want to contest—basically suggesting that the FBI might be asserting authority through the courts not available to them. Apple's lawyer's did contest, and started doing so in other cases (about a dozen, including the San Bernadino case). This looks like the origin of Apple's objections in the San Bernadino case.

The iPhone in this case is also a 5c, although one running iOS 7. Quotes from the ruling imply that Apple would have a much easier time breaking into this phone than the San Bernadino phone, presumably due to the latter running a later edition of iOS.

Since this isn't an appellate ruling, it doesn't set any precedent. But after reading some of it I believe the judge does intend for it to be referenced and influential. I'm not qualified to comment on whether his arguments are any good, though.

[Iroscato]

Quick question: Can the government compel the maker of a physical lock to assist them in opening said lock? Isn't that kind of what's going on here?

I think it's more like trying to get them to create a master key that unlocks all locks ever made by that company, or forcing them to make locks with a getaround in the future. I've not been following too closely, but from what I've heard I'm definitely on the side of Apple here - and that is not a sentence I ever thought I'd be typing.

[General Zod]

Quick question: Can the government compel the maker of a physical lock to assist them in opening said lock? Isn't that kind of what's going on here?

If it was just a one-time off fix, in theory, with a court order. But it's impossible for Apple to create a one-time off fix that they can guarantee won't be used again and again by the FBI whenever they want.

[Borgholio]

And naturally the FBI is playing the fear card to try and turn the public against Apple.

http://www.usatoday.com/story/news/2016 ... /81111440/

WASHINGTON — FBI Director James Comey said Tuesday that Congress must decide if it wants Apple and other tech companies to have the power to effectively bar law enforcement from obtaining evidence of crime and terrorism from encrypted smartphones and other electronic devices.

"The core question is this: Once all of the requirements and safeguards of the laws and the Constitution have been met, are we comfortable with technical design decisions that result in barriers to obtaining evidence of a crime?" Comey asked the House Judiciary Committee.

Comey said the government is not trying to expand its surveillance power, but he is concerned about the emergence of "warrant-proof spaces" where critical information cannot be found by law enforcement.

"Rather we are asking to ensure that we can continue to obtain electronic information and evidence pursuant to the legal authority that Congress has provided us to keep America safe," he said.

Comey testified at a hearing in which the FBI faced off with Apple for the first time since the federal government went to court to try to force the tech giant to unlock a terrorist's encrypted iPhone.

Comey and Apple's senior vice president and general counsel, Bruce Sewell, were witnesses at a Judiciary Committee hearing titled "The Encryption Tightrope: Balancing Americans' Security and Privacy."

The difficulty of finding that balance has been underscored by the legal battle between the FBI and Apple over whether the government can force the company to create software to unlock the iPhone of a dead terrorist who shot 14 people to death and wounded more than 20 others in San Bernardino, Calif. in December.

Comey said the FBI's request would only affect the iPhone of terrorist Syed Farook, who was killed along with his wife in a shootout with police.

But Apple warned Tuesday that writing new code to unlock Farook's phone will create a backdoor into the encrypted iPhones of millions of consumers, making the devices vulnerable to hackers, cyber criminals and government surveillance.

"Do we want to put a limit on the technology that protects our data, and therefore our privacy and our safety, in the face of increasingly sophisticated cyber attacks?" Sewell testified. "Should the FBI be allowed to stop Apple, or any company, from offering the American people the safest and most secure product it can make?"

A federal magistrate ordered Apple earlier this month to cooperate with the FBI to unlook Farook's phone. Federal agents believe the phone could contain answers about whether Farook and his wife worked with others to plot their attack.

Apple filed a motion last Thursday to dismiss the government's request, charging that it is in conflict with Americans' constitutional rights to free speech and to avoid self-incrimination. Google, Facebook, Twitter and Microsoft are among the tech companies supporting Apple's position.

As the dispute plays out in court, members of Congress are trying to decide what — if anything — they should do legislatively to try to resolve the encryption debate.

"Americans have a right to strong privacy protections and Congress should fully examine the issue to be sure those are in place while finding ways to help law enforcement fight crime and keep us safe," Judiciary Committee Chairman Bob Goodlatte, R-Va., and Rep. John Conyers of Michigan, the panel's senior Democrat, said in a joint statement.

Lawmakers are proposing two very different solutions to the dilemma.

House Homeland Security Committee Chairman Michael McCaul, R-Texas, and Sen. Mark Warner, D-Va., a former tech entrepreneur who serves on the Senate Intelligence Committee, introduced a bill Monday to create a national commission on digital security.

The 16-member panel, modeled after the 9/11 Commission that recommended how to prevent terrorist attacks, would be made up of civil liberty and privacy advocates, law enforcement and intelligence officials, professors, lawyers, tech executives, and computer science and cryptography experts. Apple has expressed support for the idea.

Taking a different approach, Sen. Dianne Feinstein, D-Calif., and Senate Intelligence Committee Chairman Richard Burr, R-N.C., plan to introduce legislation to require companies to provide encrypted data to the government if law enforcement officials have a court order.

Manhattan District Attorney Cyrus R. Vance, Jr., said encryption poses a problem for state and local police and prosecutors trying to catch and convict criminals.

"Technology companies should not be able to dictate who can access key evidence in criminal investigations," Vance said in written testimony to the Judiciary Committee. "No device or company, no matter how popular, should be able to exempt itself from court obligations unilaterally. And they should not be able to write their own laws..I urge Congress to enact a national solution."

A cybersecurity expert said the best thing Congress can do is give the FBI the resources it needs to create an investigative center with agents who have "a deep technical understanding of modern telecommunications technologies."

"The FBI must learn to investigate smarter," said Susan Landau, professor of cybersecurity policy at Worcester Polytechnic Institute in Massachusetts. "Congress can provide it with the resources and guidance to help it do so. Bring FBI investigative capabilities into the 21st century. That’s what is needed here — not undermining the best security that any consumer device has to date."

[Eternal_Freedom]

Why do the FBI need the stuff on this phone so badly anyway? Surely they already have enough evidence to convict the shooter.

[aerius]

Why do the FBI need the stuff on this phone so badly anyway? Surely they already have enough evidence to convict the shooter.

Convicting the shooter would be kinda redundant considering that the police already killed him in a shootout.

Allegedly, the FBI wants the info on the phone since it may lead them to more terrorist ties or something along those lines. Considering that the shooters wiped their personal phones and that the phone the FBI has is a company issued work phone, it's pretty unlikely that there's anything terrorist related in any way on the damn thing.

[General Zod]

Why do the FBI need the stuff on this phone so badly anyway? Surely they already have enough evidence to convict the shooter.

Convicting the shooter would be kinda redundant considering that the police already killed him in a shootout.

Allegedly, the FBI wants the info on the phone since it may lead them to more terrorist ties or something along those lines. Considering that the shooters wiped their personal phones and that the phone the FBI has is a company issued work phone, it's pretty unlikely that there's anything terrorist related in any way on the damn thing.

The FBI's already admitted that they probably aren't going to get anything of value on the phone anyway, so it's basically just a fishing expedition.

[Eternal_Freedom]

Ahhh. I thought it would be something like that given how they're doing the "you're stopping us investigating" thing.

[AMX]

It seems a pretty safe bet that they are not actually interested in the phone at all - they want the precendent:
"TLAs can legally force software companies to create and sign custom versions of their products which lack important security features, making them vulnerable to the TLAs' existing attack capabilities."

[Elheru Aran]

Yeah... I can see how this could be extended to, say, software companies, not just phone manufacturers. It's definitely not a precedent which should exist.