Apple's open letter to the U.S. Gov't refusing to comply: lines drawn

This one is bouncing around my brain.

This is related to the shootings in San Bernadino - so important to pursue. Access for a specific phone(s) for specific reasons like this make sense.

But this, according to the letter, would create software that could get into ANYone’s iPhone and its contents. It would have to be “baked in” to the OS.

As a result, someone would have your information, and could turn on your mic and camera, etc. Chilling.

How much of this is going to play out in ways we will never know?

I wonder if Apple could create the necessary software, but before delivering it offer an OS update to all other iPhone users which would block the software from being usable on any other iPhone.

My first thought on this was: good for Apple, good for us. Apple’s position that any back door they build will be exploited by hackers is correct, I believe.

What do they think is stored on the phone that hasn’t already been intercepted by the NSA?

That is part of what I am considering with my OP thoughts re: how much of this is going on behind the scenes? How big of a deal is this really, if the Internet and Telecommunications networks are littered with backdoors, side doors, etc?

Or what have companies already done, or are doing, that enable other forms of access, but leave them able to argue strong for privacy?

The positions seem clear, black and white. The execution is complex, messy and very gray.

Phones are increasingly becoming a tool people use to move money. That concept depends on the fact (or perhaps the perception) that our phones are secure. For phones to be secure, there can’t be any back doors in the OS. I don’t have a problem with the idea that there are things the government can’t get at.

I’m still struggling to think of something vital to this investigation that would be on the phone, and only on the phone. Contacts? Maybe. But it seems to me that any text-based messaging probably exists elsewhere, and I assume that NSA still has phone call data.

I suspect the NSA is trying to use this extreme case to get Apple to add a back door to its technology. And even if it were to add one now, how does that help to unlock an existing, already locked phone?

I started a thread in Great Debates to talk about this very thing.

That part of the linked news story confused me. The FBI is asking Apple to create a new version of the OS that they will install on Farouk’s phone. How can they install a new OS without the passcode?

Cool. I don’t hang out there much. Feels like both threads make sense - one a debate if you have a strong position to argue; the other a general conversation about the hard choices being framed, etc…

From Wired Magazine, “The government asked the court to order Apple to provide it with a unique custom signed iPhone software that it can be loaded only onto the iPhone in question and run from the RAM, so that it would not change the operating system or any of the user data. This program would allow the FBI to test multiple passcodes on the device without triggering the auto-delete function, without having to type the passwords manually onto the touchscreen and without having the iPhone introduce excessive delays between password attempts.” The article goes on to say that the NSA recognizes that what they’re asking may not be possible.

Personally, I hope Apple sticks to its guns. During the past fifteen years, the government has demonstrated its willingness to ignore our privacy and snoop on all sorts of people.

Along the same lines here. The NSA has already overstepped things IMHO and I don’t see businesses being ordered to add to their tool kit. I may have to follow the GD to see if I learn something that isn’t springing to my mind right now.

I would assume that if Apple claims that it would be impossible, literally impossible, to comply with the order, then what? If they want a backdoor into all our phones, that is another matter and Apple must refuse.

Per Dewey Finn’s quote posting, that appears to be the case. Can’t do it after the fact; could only do it by baking it in.

Sounds like Roy Batty confronting Eldon Tyrell to overcome the Termination Date built into him as a Replicant.

ETA: clip from Blade Runner here -

What they’re asking for isn’t “a backdoor into all our phones”. They’re asking for a piece of software, which can specifically only be installed on this one individual device, which would disable the auto-erase function and allow them to try and brute-force the password without the device locking up. They still have to figure out what the password is - they just want to be able to do so without bricking the phone.

Hey, if that Ask could happen, there would be a different discussion. The point is that Apple appears to be saying that a one-off approach is NOT possible.

If so, and the only way is to have a backdoor installed in the core of the OS, well, here we are.

Their letter doesn’t provide any explanation of why it wouldn’t be possible - they simply assert that they’re being asked to make a “backdoor” and don’t address the specifics of the order’s request and why they aren’t doable.

Moreover, even if the software could somehow be modified in the wild to make it executable on any iPhone, the would-be hacker would still need to know the password in order to get into the phone.

and the difference is how you get that software onto a LOCKED phone - it requires there to be something in the OS that will allow that - which by definition affects ALL phones.

you have to have something already running to allow this backdoor to be opened - something at the OS or phone level that would allow ths new software to override the security mechanisms.

That functionality already exists and is available to Apple.

No - you’re reffering to software updates that are handled by the background process. So, yes, Apple can push out updates to phones via that process.

The FBI is asking for a tool that they can load onto a locked phone via ‘usb’ or some other means. In order for that to work, there would have to be something in the OS that allows for an external device to load said software - and that said software can then change the OS security model.

Two very different things.