](Customer Letter - Apple)
According to the linked AP article, there is a similar case in the U.S. District Court for the Eastern District of New York, so it seems unlikely that if this order stands it would be the last and only time that Apple (or another company or person) would be forced to help hack into a device.
Should the government’s order stand? Should Apple (or any company or person) cooperate?
[ol]
[li]Whether the benefits of forcing Apple to do this outweigh the risks[/li][li]Whether the government has the power to do this under current law.[/li][/ol]
The answers to these questions are not directly correlated, and are worth keeping separate.
I’m not a legal expert, but I’m puzzled as to how the government has the power to force Apple - a company not subject to any criminal suspicion in this matter - to create a new system (as opposed to merely releasing information that they already have). That itself is troubling, even beyond Apple’s stated concerns.
I can understand Apples concerns, but, would it be possible for apple to unlock and download the information and give the information to the FBI and still deny the FBI the technical information to unlock the phones
I don’t find Tim Cook’s letter very compelling, but perhaps some others could clear up a few factual matters for me that I think are very important.
Let’s say Apple creates this new version of iOS, which per the court order is installed on the single target device. The FBI would then have to brute force the unlock code for that iPhone, without the risk of the iPhone being wiped. Am I correct so far?
Cook’s letter basically says that there is a huge risk of the techniques used by this special version of the iOS leaking out into the world, compromising all iPhones. What I’m not quite clear on is whether the concern is that the actual modified iOS software would leak out, or that the software engineers, once they figure out how to bypass the security of the iPhone in order to write this special version of the iOS, can’t be trusted to keep their mouths shut, and they would reveal the techniques used to write the software to other, bad people.
I’m of the opinion that it is totally pointless to require manufacturers to install backdoors in all devices and software, but the futility of this idea doesn’t diminish from the seriousness that law enforcement will have fewer tools to catch criminals. Others who are much stronger on the pro-encryption side, and tend to diminish or gloss over the impacts on law enforcement, have often said that backdoors are a terrible idea because law enforcement could always use other, more targeted techniques to often get what they are looking for. Upon first reflection, this seems like one of those targeted techniques.
I think analogies that compare encryption to safeboxes are always strained, but it seems like Cook’s argument boils down to, if we figure out a way to break into the safe we built, then all safes are compromised, and we think that’s a bad idea. What I’m missing here is the legal basis for Apple to challenge the judge’s order. Perhaps Bricker or some others can illuminate whether search warrants or similar judicial orders can or have been successfully challenged on the basis of “it is bad government policy?”
For me, the most troubling parts are that the government expects Apple to essentially compromise its own product, and to do it on their own nickel. Apple has nothing to do with this case; it’s more that they made security that’s tough enough that the government can’t get into it without these dubious shenanigans. They don’t have any real obligation to help the government here, especially considering it might cost them business and/or tarnish their reputation.
If I was Apple, I’d consider telling the government to go to hell, AND launching a major publicity campaign about the security of iPHones, touting just how secure they are, and trot out the court order as proof. (“So secure, even the FBI can’t get into an iPhone!”)
For what its worth, I’d consider the government compelling some company to direct its personnel to go do some particular thing a taking, and in my opinion the government ought to compensate the company for that effort.
They want Apple to create a version of the OS that can be installed so it’ll allow the FBI to brute force guess at passcodes/passwords at trillions of times a second without increasing time delays or limited attempts before wiping the phone. Then put this in the hands of who knows how many people at the agency?
Yes, just think of the potential harm that could be done if anyone at the FBI could try to break into Syed Farook’s phone and only Syed Farook’s phone, seeing as the court order specifies the software be installable only on that specific device.