and it forcing them to hack the phone but I'm siding with Apple. If the government can decript, fine. but forcing the manufacter to do it, not sure I like the idea.

link (http://www.latimes.com/local/california/la-me-apple-san-bernardino-terror-20160218-story.htmlhttp://)

doc, what if the company opened it in a room by themselves, then allowed the government fbi agents in to see what was on it, they left the room, then apple closes it back. That way no one from the government knows how to get past the code and can't hack any of them easily

The FBI just wants the resulting data. I gotta call BS on Apple's contention they can't access it, anything encrypted also has a way to unencrypt.

I call BS on the FBI demanding Apple programmers work for free for the govt, er lord of the manor. Are we slaves or serfs? We report, you decide.

To quote Apple:


Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

This is how the government erodes our liberties, bring a new technique in to fight terrorism or child abuse. Then it trickles into everyday cases over time, kinda like civil forfeiture. It was designed to target mob bosses and drug lords, now it is used in traffic stops. Quite simply, they are asking Apple to create a custom firmware that bypasses the unlock attempt limits plus a variety of other data safeguards (such as stripping out a bunch of the passcode calculations and checks). Even if it wasn't on Apple's dime, this is a VERY serious problem, while it is not a backdoor in the strictest sense. It is functionally the same thing, the difference between a literal backdoor and what they want is entirely trivial. They are asking Apple to strip out the most important software protections on your data. If someone got a hold of this firmware, unlocking the device would LITERALLY be trivial, you could unlock the phone in a couple minutes at the most.

They make a good point, if the US government can force Apple to make this software then so can every repressive regime in the world. The data would NOT be secure at all.

This isn't an issue of government having access to secure private data, this is an issue of exposing everyone with an Iphone's security if the new operating system happens to fall in the wrong hands, which it inevitably will. Government systems are always hacked.

This would be an unprecedented security risk, and the people need to stand behind Apple and refuse the FBI's demands. Once that data is encrypted, it will always be encrypted.

Tech companies should work with the government, however, to find other solutions. This one isn't the answer.

If Apple gives in to this request, there will be another, and the another, and then another

doc, what if the company opened it in a room by themselves, then allowed the government fbi agents in to see what was on it, they left the room, then apple closes it back. That way no one from the government knows how to get past the code and can't hack any of them easily

I'm for the government staying out of businesses affairs. What right does the govt have to come in and tell a company it has to obtain evidence for them? Let the government do their own dirty work and if they can't figure it out, tough.

I call BS on the FBI demanding Apple programmers work for free for the govt, er lord of the manor. Are we slaves or serfs? We report, you decide.

The order referenced compensation, Apple can bill for the work.

This isn't an issue of government having access to secure private data, this is an issue of exposing everyone with an Iphone's security if the new operating system happens to fall in the wrong hands, which it inevitably will. Government systems are always hacked.

This would be an unprecedented security risk, and the people need to stand behind Apple and refuse the FBI's demands. Once that data is encrypted, it will always be encrypted.

Tech companies should work with the government, however, to find other solutions. This one isn't the answer.

There are plenty of ways to make sure that doesn't happen, IF the hack isn't given to the government.

Apple can hack this one phone, turn over the data, and destroy the hack.

yes the people who wrote it could do it again, but the fact that they can do it at all means the potential is already there and it's already a risk that the Chinese or Russians or the NSA infiltrate Apple sufficiently to recruit the people to do it.

What Apple is worried about is showing that it can be hacked at all, by anyone. They sell the phones on the basis that the data is completely secure, but if they can hack it then with enough time and resources others can too, and then they lose a nice marketing feature of their phones.

If Apple gives in to this request, there will be another, and the another, and then another

No doubt about it, and eventually Congress will probably have to weigh in, but there are already laws on the books about things like exporting encryption technology that are there specifically to help protect law enforcement's ability to access data and prevent foreign governments and our enemies from having technology we can't crack. We're going to have to now address how that technology is implemented and if law enforcement needs mean that there has to be a way for them with proper court orders to access that information.

This would be an unprecedented security risk,

How can it be "unprecedented" if every other phone on the market can already be cracked and we know if it being done for law enforcement at least 70 times in the past by Apple alone? That's not "unprecedented", it's actually completely with precedent as we've been apparently doing for years.

Agree or disagree with the situation, but the unprecedented part is the government NOT having access to this information. that's the change here, not having access.

I'm for the government staying out of businesses affairs. What right does the govt have to come in and tell a company it has to obtain evidence for them? Let the government do their own dirty work and if they can't figure it out, tough.

Did you read what I wrote? FBI doesn't get to see how to open the info, only gets to see the info period. And what evidence, both people are dead, can't convict them
It's a matter of security in a world of terror. If there is information of a ring, or group or person who intends harm, destruction, attack, bomb whatever on that phone I want the FBI to have it it
I did ask for the FBI to have the software, just the information on that phone that might protect my family and possibly even yours

Did you read what I wrote? FBI doesn't get to see how to open the info, only gets to see the info period. And what evidence, both people are dead, can't convict them
It's a matter of security in a world of terror. If there is information of a ring, or group or person who intends harm, destruction, attack, bomb whatever on that phone I want the FBI to have it it
I did ask for the FBI to have the software, just the information on that phone that might protect my family and possibly even yours

And this is why we are slowly evolving into a police state, our civil liberties mean nothing because of terrorism. Everyone is almost FALLING over themselves to give more and more of their privacy and rights to the government. Bit by bit, and piece by piece, the government amasses more legal abilities to strip us of our rights, all because it "might" protect you and your family. As always safety is used to strip away liberty.

Mark my words, if this is approved, within five years EVERY single police department in the country will have this ability and thye will use it on EVERY phone in their possession. On top of that, once it is in the hands of the police stations, it WILL make it into the hands of less than honorable individuals for the same purpose. This is NOT analogous to wiretaps, because in a wiretap the hardware and whatnot is the property of the company. This whole thing stinks of the government using "Oh, no terrorism" to push further their ability to reach into our lives at will.

EDIT: I am not singling you alone out Jazy, you were just the last one to make this sentiment.

Did you read what I wrote? FBI doesn't get to see how to open the info, only gets to see the info period. And what evidence, both people are dead, can't convict them
It's a matter of security in a world of terror. If there is information of a ring, or group or person who intends harm, destruction, attack, bomb whatever on that phone I want the FBI to have it it
I did ask for the FBI to have the software, just the information on that phone that might protect my family and possibly even yours


Yes, I read what you wrote. And next time they want a phone hack they pick up the phone and call apple. And the time after that they do it again. Businesses have NO OBLIGATION to the government.

I agree with Apple, and I also agree with Pedro. Very slippery slope, and once it's done, the US Government will, just like it always does, find "other uses" for its new "toy"..........and most times those uses will not even resemble in any manner what the original intent was.

Back in the day if law enforcement agencies could show reasonable cause they could get a court order to "tap" the old land line telephones all of us used to use. They could also intercept USPS mail and read it before it got to you. There were probably abuses of those procedures, but I rarely heard people voicing concern about the practice. I am sure there were untold crimes that were avoided because of what they did, or criminals caught after the crime was commuted.

Why is there now such concern, by the average law abiding citizen, about law enforcement being able to access information on the mobile devices we use today?

I do see Apple's side of the issue, and their side is corporate profits which is a legitimate concern and one they could legitimately argue and possibly win that argument in court. But if their recalcitrance to assist law enforcement were to cause great harm to people in this country and that stubbornness is made public after the harm is inflicted on innocent people, how do we think the public will react?

Maybe law enforcement is over stepping their purview by asking for private individual information, and if I were a criminal of some sort, I would surely think they were doing just that. If security cameras, which are everywhere, except for public bathroom facilities, were all encrypted with some unbreakable code, known only to the company that owns and operates the cameras, would we feel that the law enforcement agency was over stepping their authority by asking the camera owner to give them the un encrypted video footage?

Just some thoughts of mine that may or may not be worthy of discussion.

Back in the day if law enforcement agencies could show reasonable cause they could get a court order to "tap" the old land line telephones all of us used to use. They could also intercept USPS mail and read it before it got to you. There were probably abuses of those procedures, but I rarely heard people voicing concern about the practice. I am sure there were untold crimes that were avoided because of what they did, or criminals caught after the crime was commuted.

Why is there now such concern, by the average law abiding citizen, about law enforcement being able to access information on the mobile devices we use today?

I do see Apple's side of the issue, and their side is corporate profits which is a legitimate concern and one they could legitimately argue and possibly win that argument in court. But if their recalcitrance to assist law enforcement were to cause great harm to people in this country and that stubbornness is made public after the harm is inflicted on innocent people, how do we think the public will react?

Maybe law enforcement is over stepping their purview by asking for private individual information, and if I were a criminal of some sort, I would surely think they were doing just that. If security cameras, which are everywhere, except for public bathroom facilities, were all encrypted with some unbreakable code, known only to the company that owns and operates the cameras, would we feel that the law enforcement agency was over stepping their authority by asking the camera owner to give them the un encrypted video footage?

Just some thoughts of mine that may or may not be worthy of discussion.

To answer your first question......

1) the public is much more aware of governmental abuses in these times compare to our days.

2) the amount of collateral information. Taping a phone line or reading mail is one thing, cracking a phone is another. A line tap is likely to reveal info limited to the crime at hand. Not so much with a phone. I fear that such technology leak. In a time of identify theft, I can literally imagine the financial consequences if my phone which has my bank and investment accounts encoded on it were to be compromised

HOWEVER, to me that's not the issue. For me its the government requiring a private company to do something. IMO the government has no right to require apple to decrypt their product. Apple did nothing illegal, has not produced an illegal or dangerous product or violated any law.

I doubt this is a real issue towards security. Only the govt seeking public justification for hacking the info themselves illegally.
Just in case someone spills the beans again.

I doubt this is a real issue towards security. Only the govt seeking public justification for hacking the info themselves illegally.
Just in case someone spills the beans again.

I agree other than I'd not classify the hacking as illegal. Personally I don't have an issue with the government doing it. I wouldn't have a problem with any law enforcement agency doing it either. I have no issue with a police dept breaking into a suspects computer or phone to gather evidence but I would if they REQUIRED Dell or IBM to do it for them.

Heck, they can just borrow the tech needed off of Rupert Murdoch

Few thoughts:

1) Doc, the government has the absolute right to require companies to assist in law enforcement efforts via court orders. Companies are required to turn over records and allow physical access to premises all the time, and that is codified in the law.

Apple may be due compensation, but private companies do have an obligation to assist as determined by the courts.

2) If the tech to hack the phones is handed over to the FBI OK I get the concern, but if this one phone is cracked and the code then destroyed then it's not clear my privacy is at risk at all. The fact that there are people at Apple capable of writing that software means they are at risk of being cracked regardless, I'm not sure how much we marginally increase that risk if code is written and then destroyed. Yes someone there or some group will then know for sure how to do it, but they were capable of it all along.

3) It is apparently perfectly legal for the NSA or FBI to hire hackers to break the phone themselves, and then have that ability to use for any phone. IF Apple wins then won't they just hire those people and make it happen? Let me tell you guys, Apple is NOT the only group you could put together to hack these phones. Anything can be hacked with enough time and money and given the number of phones it seems a solid investment for the government.

So it's OK and not a privacy issue for the government to develop this ability on its own, as they have apparently done in the past, but it's a huge deal for Apple to do it? Of course not, it was a privacy concern all along, but this doesn't change the current balance at all to hack the phone b/c we know they've done it and are still doing it.

If this is a privacy concern we'd better start on legislation to ban the government from hacking any of these devices, right? B/c surely them doing it on their own with their own tech is worse than having to get a court order for Apple to do it. Yet that legislation doesn't seem to be out there on the docket, so really in the context of the broader problem this is a risk?

4) I don't want the government to be able to spy on me either, but this has followed the normal procedure for such a move, by going to the courts with valid reasons to invade someone's privacy and obtain the information. Happens every day in criminal investigations. Them having a court order to access ONE phone, with the order properly implemented to be as secure as possible with the tech to do so, isn't any great advancement of government powers of spying. Not compared to the NSA's ability to track literally every phone call and read every text in the country if they chose.


I'd rather the government not look into our business, but there is a clear need for government to investigate crimes and to secure the information they need for that investigation, and IMO that has nothing to do with terrorism per se. the system we have used for that for more than 200 years is that the law enforcement agency must go to the courts and prove enough cause to invade someone's privacy to get the information.

But now we're going to say no there's a firewall where if you can afford a $600 phone then you are insulated from that possibility and tough if there is a crime? Well it sure is going to make these things popular with drug dealers and pimps.

One other thought, isn't it interesting that once again it's the left leaning President who is all for the government having this ability? I find it interesting how privacy and libertarian rights issues cuts across the traditional left/right of politics.

I am FAR more concerned about government information gathering and even private corporate info gathering that does NOT go through any kind of judicial review than I am an isolated case where proper court orders were obtained. Those are the real issues, not the physical hacking of one phone that clearly has just cause to be investigated.

https://www.techdirt.com/articles/20160216/17393733617/no-judge-did-not-just-order-apple-to-break-encryption-san-bernardino-shooters-iphone-to-create-new-backdoor.shtml

Update is "yes the judge did".

http://www.cato.org/publications/commentary/real-reason-apple-fighting-fbi?utm_content=bufferf3036&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

CATO weighs in

https://www.techdirt.com/articles/20160216/17393733617/no-judge-did-not-just-order-apple-to-break-encryption-san-bernardino-shooters-iphone-to-create-new-backdoor.shtml

Update is "yes the judge did".

yes and no, which is the same answer as before. The order is specific that the code only work to open this one phone re the link you gave, and what they want is to turn off the deletion routine if you put in 10 wrong passwords so the FBI can put it on a machine and brute force attack it.

still the same issue, same concerns. if the code gets out others can use it, but others can work to develop that code anyway, and probably were already. the order in that link says it is for that one phone and we're right back to the same point, with the fear being it will be used more than this one time versus the need to investigate these people.

it doesn't require that the feature be disabled on all Apple phones or that the ability to do it even be turned over to the FBI. It just orders Apple to deal with this one phone. Then we have to balance the risk of it getting out and the damage of that versus law enforcement needs.

http://www.cato.org/publications/commentary/real-reason-apple-fighting-fbi?utm_content=bufferf3036&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

CATO weighs in

A good case, but clearly the fear there is that this creates enough precedent that the NSA et al can force companies to put spyware on phones, etc. NO doubt that is a scary situation, and I'm as anti-government as anyone, but it doesn't follow to me that legally that precedent is created. I do think 100% the government wants that ability, I have zero doubt, but I'm not sure this opens that door.

I'd like to offer a second scenario that is just as scary IMO: a world of completely secure communications across the globe that allows any criminal or terrorist to be insulated from any kind of technological tracking or investigation if caught. A secure phone on each end using a VPN tunnel with proper security, operating peer to peer or to an untouchable foreign server, and they are completely protected in the world where companies can produce rock hard security and government has no access.

That's great if we're the Founding Fathers fighting tyranny or Chinese dissidents, not so great if it's Sinaloa drug lords or Al Queda terrorists coordinating attacks in the US.

Few thoughts:

1) Doc, the government has the absolute right to require companies to assist in law enforcement efforts via court orders. Companies are required to turn over records and allow physical access to premises all the time, and that is codified in the law.

Apple may be due compensation, but private companies do have an obligation to assist as determined by the courts.

The government is not asking them to turn over records or allow access to premises. I see these as two different things. Encryption is there to insure security. If the law enforcement wants access then let them do it themselves. If they can't, so be it.

2) If the tech to hack the phones is handed over to the FBI OK I get the concern, but if this one phone is cracked and the code then destroyed then it's not clear my privacy is at risk at all. The fact that there are people at Apple capable of writing that software means they are at risk of being cracked regardless, I'm not sure how much we marginally increase that risk if code is written and then destroyed. Yes someone there or some group will then know for sure how to do it, but they were capable of it all along.

3) It is apparently perfectly legal for the NSA or FBI to hire hackers to break the phone themselves, and then have that ability to use for any phone. IF Apple wins then won't they just hire those people and make it happen? Let me tell you guys, Apple is NOT the only group you could put together to hack these phones. Anything can be hacked with enough time and money and given the number of phones it seems a solid investment for the government.

I agree so why is the gov't asking a private company to do their dirty work? This is not Apple's job. They are not in the law enforcement or terrorism prevention business. They make phones, computers and software. They don't solve crimes.

So it's OK and not a privacy issue for the government to develop this ability on its own, as they have apparently done in the past, but it's a huge deal for Apple to do it? Of course not, it was a privacy concern all along, but this doesn't change the current balance at all to hack the phone b/c we know they've done it and are still doing it.

Not for me. While the privacy is at part of the issue, most is that I don't want the gov't telling business to do the gov't or law enforcement job. To me its too slippery of a slope to go down.

If this is a privacy concern we'd better start on legislation to ban the government from hacking any of these devices, right? B/c surely them doing it on their own with their own tech is worse than having to get a court order for Apple to do it. Yet that legislation doesn't seem to be out there on the docket, so really in the context of the broader problem this is a risk?

4) I don't want the government to be able to spy on me either, but this has followed the normal procedure for such a move, by going to the courts with valid reasons to invade someone's privacy and obtain the information. Happens every day in criminal investigations. Them having a court order to access ONE phone, with the order properly implemented to be as secure as possible with the tech to do so, isn't any great advancement of government powers of spying. Not compared to the NSA's ability to track literally every phone call and read every text in the country if they chose.


I'd rather the government not look into our business, but there is a clear need for government to investigate crimes and to secure the information they need for that investigation, and IMO that has nothing to do with terrorism per se. the system we have used for that for more than 200 years is that the law enforcement agency must go to the courts and prove enough cause to invade someone's privacy to get the information.

But now we're going to say no there's a firewall where if you can afford a $600 phone then you are insulated from that possibility and tough if there is a crime? Well it sure is going to make these things popular with drug dealers and pimps.,

Doc, when a private company provides premises access, they use their key and open the door, they don't tell the government they have to break it down.

Tech companies are compelled every day to search for records and turn over phone records, GPS data, financial transactions, etc. In fact per the 1992 law internet and phone companies are obliged to keep certain things and make them available to government, which is very similar to this situation.

So it's preferable and even OK for the NSA to hire hackers and hack the Apple secure key so they can upload anything they want to phones to break them or disable them or spy on them, but compelling Apple to use their code to upload something on one phone is a big deal? I don't get that at all.

As for your slippery slope, I get your concern, but we got down that hill a long time ago. Via court order the government can compel a car company to turn on tracking and report the location of a car, or compel access to about anything. This is just compelling access to a device.

I'm more worried about the privacy question, and if this were to be an order to put a permanent backdoor on a phone I'd be deeply worried, but if the government has to go to a court and get an order to access the phone then the same protection is in place that we have used for centuries and use every day currently.

Doc, when a private company provides premises access, they use their key and open the door, they don't tell the government they have to break it down.

Tech companies are compelled every day to search for records and turn over phone records, GPS data, financial transactions, etc. In fact per the 1992 law internet and phone companies are obliged to keep certain things and make them available to government, which is very similar to this situation. They are asking the company to by pass something the company has put in. Its totally different. The gov't is perfectly able to come into Apple and search their premises. I've no problem with that.

So it's preferable and even OK for the NSA to hire hackers and hack the Apple secure key so they can upload anything they want to phones to break them or disable them or spy on them, but compelling Apple to use their code to upload something on one phone is a big deal? I don't get that at all.
Sorry that you don't get it. Not sure why. I'm against the government compelling a private company what to do when the company has done nothing illegal. I'm against the government telling a private company they MUST assist them in overriding a product that the company legally designed and produced, a product that is 100% legal to own and use. Maybe next week the gov't will compel me to do something I have no interest in doing. Who knows, maybe they are looking for a gun seller looking to sell guns to the Mexican Cartel as part of Fast and Furious part deux. You interested? Perhaps the government forcing you to would change your attitude on them overstepping their bounds.

Also, its not OK for the gov't to upload anything they want, but then I didn't realize that was the topic at hand. I stand with Rand on that.

As for your slippery slope, I get your concern, but we got down that hill a long time ago. Via court order the government can compel a car company to turn on tracking and report the location of a car, or compel access to about anything. This is just compelling access to a device.

I'm more worried about the privacy question, and if this were to be an order to put a permanent backdoor on a phone I'd be deeply worried, but if the government has to go to a court and get an order to access the phone then the same protection is in place that we have used for centuries and use every day currently.

I too am worried about the privacy issue. Its a valid concern. .

I would be pretty surprised if the NSA didn't already have the capability to do this. They might want to keep that a secret and have Apple do it for them publically to make it seem to be a one off thing.

I would be pretty surprised if the NSA didn't already have the capability to do this. They might want to keep that a secret and have Apple do it for them publically to make it seem to be a one off thing.

I'd be more than surprised, shocked even.

Very good discussion, folks. I've learned quite a bit more from reading here than from the media reports. No, I'm not surprised by that, either.

Sent from my SM-G900T using Tapatalk

http://money.cnn.com/2016/02/20/technology/apple-fbi-san-bernardino-shooting/index.html

I knew there was a reason I do not use Icloud and rarely connect to a wifi network with my phone

I knew there was a reason I do not use Icloud and rarely connect to a wifi network with my phone

The "cloud" is a very bad idea IMO for anything you don't mind putting on a billboard. They're pushing outlook for cloud and accounting like Quicken, so as abusiness all your emails, calendars, tasks, accounting is all on some central server that could easily be accessed by government or criminals with their hacking.

Forget it. I had to do extra work to keep the old way, but I have my own email server, my own accounting on my own drives. I'm a worthless target for any real hacking, but those big corporate serves aren't. It's harder and harder to do it this way b/c the new software wants to force everything to the cloud so they can charge monthly, but I'm sticking with it.

To do it I had to abandon Quicken and use an open source product, also b/c Quicken doesn't allow multi-user access or use a real database. Outlook I can still run through Exchange server, but they're slowly trying to limit it as well, which is insane as it's the dominant email server product on Earth.

I knew there was a reason I do not use Icloud and rarely connect to a wifi network with my phone

It's true they probably shouldn't have changed the cloud password, but I agree wiht the FBI that backup had already been turned off. It backed up every week until the last six before the shooting, he turned it off.

Since this phone is owned by San Bernandino County government, it makes one wonder why they didn't "privately" ask to open the phone. Once the Feds put in in the "public" that they want a back door you knew they answer would be no. As has been noted earlier, I am surprised that the Feds own people couldn't hack this.

Since this phone is owned by San Bernandino County government, it makes one wonder why they didn't "privately" ask to open the phone. Once the Feds put in in the "public" that they want a back door you knew they answer would be no. As has been noted earlier, I am surprised that the Feds own people couldn't hack this.

They likely can, they want this ability so they can filter it down to all of the police precincts allowing them to use it for any crime, real or alleged, that they wish.

If Apple gives in to this request, there will be another, and the another, and then another

It is little different than the phone companies being required to wire tap. Compensate them for their time, trouble and a reasonable profit.

Its not the same as a wire tap. The gov't is asking ATT to develop the technology to do the wire tapping and then obtain the wire tap information.

Its not the same as the gov't searching a business as part of an investigation, or requesting a businesses records.

The gov't is basically forcing a company to do something it does not want to do. Apple does not want to create a backdoor to to by pass the security they put into their phones. They placed that security feature in there for a reason and creating a back door basically invalidates it and makes it worthless. Why would any company create something, then create something that makes what they initially created less valuable? And why should we allow the gov't to force a company to do it?

DOJ is asking for same thing from Apple in multiple other cases:

https://mobile.twitter.com/CNBCnow/status/701983871378837504

I heard something on talk radio at lunch that NYC has about 175(?) phones that they want to get into as well.

It only takes on cave in one of the multiple fronts to become precedent. As I said earlier, Apple may have been far more helpful if the question was asked privately over a brew at a Cupertino watering hole.

Saw this quote (which references Archer, the adult cartoon on FXX):

The FBI and DOJ saying "just this one iPhone" is the legal equivalent of "just the tip."

So you guys are all good with the alternative, which is the iphone being the most popular phone for coordinating drug deals and terror attacks?

The US government has has the right to open safes, tap communications and hack computers for a very long time, so long as they have a court order where a judge says the public need to investigate a crime or possible crime is greater than the privacy of that one person or persons.

Yet b/c Apple can now make a phone that essentially self destructs the government no longer has that authority and that public need no longer exists?

Bookies in the old days wrote their tickets on flash paper so if they got raided they could destroy stuff fast. Drug operations keep records on removable drives so they can keep the data out of the hands of LEOs on raids. Now they can just keep it on their Apple and not worry?

I find this view completely out of balance. It's OK to require a background check and keep records on someone buying a firearm b/c of perceived public risk even if that person hasn't broken a law in their life, but a KNOWN criminal or terrorist where we have enough proof they are a threat that a judge signs an order, that's protected if they bought a secure enough device. Really?

Would law enforcement use this technique in some form to open phones for "common crimes", you know like drug dealers and slave traffickers and murderers? Well.... uh... HELL YEAH they would, and that's a good thing b/c we need to investigate these people and prosecute them, and find out who they are coordinating with in their dealings.

Now, if they start stopping you and I on the street and checking them that's a problem. If they start putting spyware on EVERY phone that's a problem, but if they have a court order from a judge that says they can open that specific device b/c there is enough probable cause the owner is a criminal, or in this case where we know for a fact, then how is that a privacy problem?

The only risks to privacy are

1) they stop getting court orders and start getting Apple to put in spyware etc. Well this order is just to turn off the self-destruct feature, so even if they have that tech in their possession all it does is let them physically brute force a phone, not remotely do anything. I don't see how doing this in any way creates a legal precedent to do more like inject spyware.

2) The government or others could hack some part of some of this that gets out and use Apple's unique ID to then create spyware/malware to inject onto phones. the problem with this argument is that apple already has these phones out there and the IOS updates, so clearly reverse engineering that info is tough or it would have been long done, and Apple can always inject the phones then return them to LE.

It's a risk but it's a very manageable one IMO, and the marginal increase in the risk of that ID being found (people are no doubt working daily to crack it already) has to be weighted against the ability of law enforcement and US intelligence being able to do their jobs.

If this were a proposal to build a backdoor into every phone the government could use at any time, or even with a warrant, I'd be nervous. But if Apple only does this themselves and only does it if they are presented with a court order in the form of a search warrant, I fail to see how this is any real expansion of government intrusion.

And trust me, I see intrusion everywhere. I'm far more worried about other bigger intrusions than this one.

Its not the same as a wire tap. The gov't is asking ATT to develop the technology to do the wire tapping and then obtain the wire tap information.

Its not the same as the gov't searching a business as part of an investigation, or requesting a businesses records.

The gov't is basically forcing a company to do something it does not want to do.

You think companies want to spend time putting in wire taps and pulling bank records?

They don't want to do any of it, but the public need to investigate crimes requires they cooperate. Safe companies routinely hand over safe combinations, and in fact communications companies do have to deal with complying with government needs to tap and monitor communications, and those have been in the form of court orders for years.

As for making the phone less valuable, it doesn't do that at all. Your iphone and mine will self destruct just like always and be just as secure as it is now. the only exception is if the government obtains a warrant for the phone and we're fool enough to not smash it like the terrorist did his other phones.

The problem isn't requiring Apple to help, that standard has been established in this country for more than 200 years, compelling businesses and individuals to assist law enforcement.

The issue is that warrant.

If this starts getting done without one, if the government starts injecting spyware onto phones or requiring backdoors on every phone THAT is a big problem. But requiring APple to assist when they have a valid warrant for a specific device isn't a threat. It's only if the government or some other criminal enterprise starts using the tech in some other illegal way, and it's not clear to me this increases the odds of APple's IDs getting into those hands.

Every IOS update includes that private key so the phone will accept the update, and there are millions of copies of that update running around and surely available to the NSA and the Chinese and private hackers, and I see no reason to think this one update is somehow more vulnerable to reverse engineering than any other.

So even if the NSA or a hacker got this entire update, something that should be very hard to do, all it would let them do is turn off the self destruct so they could brute force the password. They'd need to physically possess the phone at that point, and if it happened all Apple has to do is change their private keys in an update and it's useless again.

I just don't see a big gaping security risk here, and the legal precedent is only to help with a phone where we have a warrant, and that does nothing to help the government's case for putting backdoors in all these devices.

FWiW that's the fight that has been going on for years, and there I agree with the privacy side. No way should the government have blind access to any phone "just in case", but I don't think this helps advance that argument any more than granting a search warrant for a home helps make the case that police should be able to bust in without one "just because".

BTW, just to wrap up, this is about that Apple ID.

To keep phones from being hacked and viruses injected, the IOS on the iphone checks an update for a unique private key, or ID, that insures it's an update from Apple.

That's what this is all about. The FBI could pay people to write the code, presumably just get the NSA to do it, but to get the update to be accepted by the phone it has to have the right security codes. That's what they want Apple to do, put the update that turns off the self destruct in one of their delivery packages so the phone will accept it.

That means there are two risks here.

1) apple hands over that code and the government uses it to turn off self destruct on phones. OK, but that's still only phones they possess, b/c they still have to brute force the password. Honestly if they have it in their possession they probably have a warrant or could get one without issue already, but there is some risk they just use it even without a warrant. it's possible, but hardly a big privacy risk in the big picture compared with the benefits.

1a) The risk that code falls into criminal hands. Could happen, but that's why Apple should do the phones at their facility and not give out the code. They already have apparently ample security to protect the keys themselves and the code that creates the other updates, but this piece of code they can't protect the same way? Why? They already have to do exactly that with the iOS keys and IDs, no reason to think they can't do it with this one update as well. This also insures it's only done with a court order b/c it's a firewall to the government doing it themselves unsupervised.

2) Somehow the government or others get that ID from this package or can somehow hack it to deliver whatever they want and the phone accepts it as being from Apple. then they can put on spyware, malware, etc.

The problem is that those updates are already being done on millions of phones around the world and apparently no one has reverse engineered the keys yet. I presume it uses some variation along the idea of PGP encryption, which can be broken but obviously is very tough b/c you can bet the NSA and Chinese and Russians are working on it.

So even if this one update gets into the wild, how does it make it easier to reverse engineer the keys and let people do more than what the update intended? I don't see why that would be the case.


I just don't see how this can't be handled in a way that has minimum risk. Those keys already are kept secure by APple, they have them and people there must have access to them in some way or there is some code that puts them in the updates, so if they use all those same procedures for this how does this create a risk more than any iOS update?

Maybe I'm missing it, but I don't think so. Apple just doesn't want there to be any public perception of their phones being defeated, but the truth is they can do it and have done it in the past and that isn't enough reason to hold up prosecution of potentially hundreds of criminals and even some terrorists. Not so long as they only do it when there is a court order.

I heard something on talk radio at lunch that NYC has about 175(?) phones that they want to get into as well.

That can't true. Its ONLY one case. The government said so.

Saw this quote (which references Archer, the adult cartoon on FXX):

The FBI and DOJ saying "just this one iPhone" is the legal equivalent of "just the tip."

I tried that line my freshman year. It didn't work for me either.

IMHO it comes down to whether you want a world with encryption or you want a world with no encryption. Because if the government can compel Apple to give them a back door, then there's no reason why it can't compel any entity to do the same for whatever encryption it uses. And call me crazy, but given the many breaches over the last few years, I don't trust that such information won't leak.

IMHO it comes down to whether you want a world with encryption or you want a world with no encryption. Because if the government can compel Apple to give them a back door, then there's no reason why it can't compel any entity to do the same for whatever encryption it uses. And call me crazy, but given the many breaches over the last few years, I don't trust that such information won't leak.

Or it comes down to if we want a world (or country) where the government can tell a company what to do or not to do. Above the phone company and wire taps was used. Fine. If ATT wants to put in the work and effort to put wire taps on, fine. Their choice. Apple doesn't. Apple has made it clear they are not in the decryption business and have no desire to be in the decryption business. THAT IS THEIR CHOICE. What right does the government have to force them into that business? Apple is not beholden to the US gov't or the department of justice or any law enforcement agency, nor is their product illegal.

Now it is 8 phones--the slippery slope res ipsa loquitur

Or it comes down to if we want a world (or country) where the government can tell a company what to do or not to do. Above the phone company and wire taps was used. Fine. If ATT wants to put in the work and effort to put wire taps on, fine. Their choice. Apple doesn't. Apple has made it clear they are not in the decryption business and have no desire to be in the decryption business. THAT IS THEIR CHOICE. What right does the government have to force them into that business? Apple is not beholden to the US gov't or the department of justice or any law enforcement agency, nor is their product illegal.

Doc, for the same reason the right to put in roads. The functioning of the nation is predicated on, among other things, effective law enforcement. If any business could refuse to cooperate then you could harbor criminals in a 7-11 and refuse to let cops in, that's just silly.

AT&T has no choice on wire taps. They MUST comply by force of law, and it is not their choice and hasn't been their choice for 200 years.

Let's say your business is robbed. The police come to investigate but for whatever reason you don't want that investigation to go forward. Could you refuse to let them into the crime scene, refuse to let them gather evidence and not turn over video you may have? Guess what, they can absolutely compel you to do those things b/c we must pursue and prosecute these criminals, the public need to do so is greater than your right to do what you want.

Maybe you're afraid b/c it's a guy you know is dangerous. OK, you can't be compelled to testify, but you can be compelled to turn over video or to allow CSI to come in and look for evidence. Likewise, Apple may have their reasons but they can be compelled to cooperate to a point. Not to the point of crippling all their phones, but to the point of providing the means for access for a phone that has obtained a proper court order? Yes.

You, me, we are ALL beholden to the government to cooperate to a point in criminal investigations. The determiner or where that line is drawn, how much we must cooperate, is determined by the courts. When they decide that cooperation is in the best interests of the whole and those interests justify the invasion of our right to choose, they issue a warrant or order.

Now it is 8 phones--the slippery slope res ipsa loquitur

I presume it will be hundreds and eventually thousands, just as thousands of those phones are no doubt opened now (just older ones) when they are obtained as part of the commission of a crime.

So long as a proper warrant is obtained and only that phone that a judge has said should be opened is actually opened, it's no different than the thousands of orders given every year to search homes, cars, or monitor communications. In fact it's far less risky than communications monitoring b/c they would have to either have physical control over the phone or they would have had to install some kind of spyware that currently isn't being done and would be it's own massive issue beyond any encryption issues.

IMHO it comes down to whether you want a world with encryption or you want a world with no encryption. Because if the government can compel Apple to give them a back door, then there's no reason why it can't compel any entity to do the same for whatever encryption it uses. And call me crazy, but given the many breaches over the last few years, I don't trust that such information won't leak.

Actually I find this to be a very reasonable compromise so we can KEEP encryption.

For decades the government has fought against companies using or selling encryption technology. This approach says it's OK for Apple to sell such things and for us to own them, but if there is a legal requirement to investigate a crime and an order is obtained then Apple must help them to access that encrypted device so they can obtain the information.

That beats the snot out of not allowing encryption at all, something that has been argued for many times over the years (esp. for any export of such technology).

for those that don't know, Zimmerman was investigated criminally for allowing "PGP" encryption technology leave the US b/c encryption software and algorithms are considered "munitions" under export laws. And he is far from alone.

And the reason is obvious. We NEED to be able to monitor terrorists in Afghanistan and to prosecute drug cartels in the US. If we have total encryption and the government has no access that job becomes infinitely more difficult, if not impossible. Now those groups already take steps to secure their information, but when we do have a chance to get one of their phones and maybe find out what they are doing and who else is involved, it's an opportunity we can't afford to miss.

If they wanted to build a backdoor into all phones I'd be completely against it, but what is being proposed isn't that radical. Apple can, with a proper search warrant, upload an update that then allows the phone to be brute forced. No reason to think that will get out to be an update on all phones, and even if in some crazy circumstance it gets into the wild Apple could simply update the iOS to make the update not work by refusing it.

This is all about those keys I discussed above. I heard some theory that if Apple wrote this the Chinese would "have it within a week." If that's true, then China already has those security keys b/c it's the same security and facility, etc. right? IF they have the keys this is a moot point, they can already do this on their own, and if they don't have the keys and clearly woudl like them and haven't gotten them with years of them existing, then that's pretty secure.

The thing is Apple can quickly patch around this even getting into the wild.

Apple just doesn't want to go to the trouble and doesn't want anyone to think that their phones can be hacked, as a marketing point. Sorry but that's not enough reason to hold up criminal investigations.

We can have a world of encryption, but law enforcement having the ability to get around it when they have a valid warrant seems pretty reasonable as a middle ground to me.