Judge orders Apple to help FBI hack SC Terrorists iPhone

Wow, this is interesting!

http://www.reuters.com/article/us-california-shooting-apple-idUSKCN0VQ02R

http://gizmodo.com/judge-orders-apple-to-help-the-fbi-hack-san-bernardino-1759533915

I am glad Apple is standing up to this. While I think we all are convinced of the guilt of the person in this case, this has much more far reaching privacy implications that can make the data of all people less secure in the future.

Heard it on radio-news while driving, at first I thought it was lousy of Apple to not help, but Tim Cook explained it well, the government is not asking Apple to give them the key to unlock their security just once, they're asking Apple for a key that doesn't exist, Apple to create that key and then turn it over.

Which as noted by B42 above, this could affect every Apple phone users privacy in the future.

I think people are ignoring the bigger issue here: how friggin inept are we that the FBI has to turn to Apple and beg for help?

Apple is saying they will not do this and will not comply with this order.

Are I-Phones known as something that are super hard to hack into?

Originally posted by Surtur
I think people are ignoring the bigger issue here: how friggin inept are we that the FBI has to turn to Apple and beg for help?

this is the first thing that i thought

Originally posted by Surtur
Are I-Phones known as something that are super hard to hack into?

Yes. In fact with models after the iPhone 5C Apple itself can't even enter them anymore, making the request moot.

Well shit then..these people should be asking Apple to help them build computer systems that people from other countries can't hack into.

Originally posted by Surtur
Well shit then..these people should be asking Apple to help them build computer systems that people from other countries can't hack into.

Sadly it's not as easy to secure large computer systems that are cooperatively used by multiple people as it is to secure one personal computer.

Originally posted by Surtur
Well shit then..these people should be asking Apple to help them build computer systems that people from other countries can't hack into. Well to be fair one of the things that helps make Apple more secure is that they can control all the specs of the technology that is being used and make it uniform.

Unlike Android or PC systems which require to compatible with a bunch of different hardware which can allow for more exploits.

Also people generally target android and pc because they have a larger share of the market therefore it has better return to focus on those.

Originally posted by Surtur
Are I-Phones known as something that are super hard to hack into?

They won't be if they are forced to put in BackDoors so easy the Feds can use them.

Why can't they just reset the password or something?

Because if they have to choose something besides Password1 they might forget it.

Originally posted by Bardock42
I am glad Apple is standing up to this. While I think we all are convinced of the guilt of the person in this case, this has much more far reaching privacy implications that can make the data of all people less secure in the future.

Since my friend told me if you enter the wrong password 10 times the phones gets deactivated or something. I don't understand what they do in the case of a lost password.

Originally posted by Surtur
Since my friend told me if you enter the wrong password 10 times the phones gets deactivated or something. I don't understand what they do in the case of a lost password.


The 10 tries is an optional feature of the iPhone. If the password is put in incorrectly 10 times the iPhone gets completely wiped of data

If you lose your password you are screwed and will have to factory reset the phone (that's the problem the FBI has right now)

There are a few things I noticed in one of the articles though. This line: "and helping investigators to submit passcode guesses electronically." This comes right after they discuss the 10 try password thing. I am no tech expert, but it sounds like they are also asking them to make it so they can put in a passcode, get it wrong, and not have it count towards the 10 password try attempts? If that is an optional feature then it would seem this specific phone has that option.

Also the one guy says our intelligence community "likely" could get into the device without Apple's help. Not sure how true this is. Of course it says the guy is a forensics expert.

Originally posted by Surtur
There are a few things I noticed in one of the articles though. This line: "and helping investigators to submit passcode guesses electronically." This comes right after they discuss the 10 try password thing. I am no tech expert, but it sounds like they are also asking them to make it so they can put in a passcode, get it wrong, and not have it count towards the 10 password try attempts? If that is an optional feature then it would seem this specific phone has that option.

Also the one guy says our intelligence community "likely" could get into the device without Apple's help. Not sure how true this is. Of course it says the guy is a forensics expert.

Yes, that's correct, they want Apple to deactivate the 10 passwords attempts and other mechanism that the iPhone uses to prevent brute-force hacking of the phone.

The security expert is just assuming that because the iPhone in question is quite old that there might already be exploits that the FBI could use, concluding that if that's true they are actually after getting a precedent that compels a company to go out of their way to help them (which could perhaps be used to demand backdoors in the future)

If I was Apple I would just tell them okay, you have infinite password guesses..have fun.

Originally posted by Surtur
If I was Apple I would just tell them okay, you have infinite password guesses..have fun.

It's not that easy, enabling that has consequences for all other models as well (not to forget the precedent it sets).

And if the FBI has infinite guesses it's very likely they'll be able to crack the password in a reasonable timeframe (unless the perpetrator had a very complicated password which seems unlikely. Especially since the default at the time was a 4 digit numeric passcode.

So what are they going to do if they try to appeal and it gets denied? What could the government do if they refuse?

Guys, the password is 0570.

Originally posted by Robtard
Guys, the password is 0570.

*Puts the alert out to locate a potential terrorist of unspecified gender in the area of California*

You are as good as caught.

Okay...here's what I don't understand...



The iPhone most certainly doesn't come with a bitlocker. And they can easily clone the entire contents of the SSD in the iPhone. Then they can setup several VMs to hack away at the phone. If done properly, the clone will stay at the remaining number of attempts left when the clone was created (So if they tried 5 times, there should be 5 attempts).

So they just need to create VMs with emulation to run each clone. After using 5 attempts and it fails to crack the passcode, wipe that clone away and reload the base clone and start over with 5 new attempts.

A script can be written to repeat this process until it is cracked. If it is indeed just four digits, then it can be cracked in 200 attempts (assuming 5 tries each time a new image is loaded into the emulator).



Since that seems too simple, there is probably something else going on. He may have third party software on the iPhone (which the FBI is not releasing nor should they release to the public). In that case, a far more complicated password and locking/wiping mechanism can be put in place making a cracking attempt, even through brute forcing with cloned and emulated environments, futile in any sort of reasonable time.

The iPhone does have full-disk encryption.

http://www.darthnull.org/2014/10/06/ios-encryption

Originally posted by Surtur
*Puts the alert out to locate a potential terrorist of unspecified gender in the area of California*

You are as good as caught.

570 is Muhammad's suspected birth year, how do the FBI not now this

Originally posted by Time-Immemorial
Wow, this is interesting!

http://www.reuters.com/article/us-california-shooting-apple-idUSKCN0VQ02R

http://gizmodo.com/judge-orders-apple-to-help-the-fbi-hack-san-bernardino-1759533915 Interesting.

Found something interesting. Apparently Apple in the past has indeed been asked to unlock phones and has done it.

http://www.msn.com/en-us/news/us/apple-unlocked-at-least-70-iphones-before-refusal/ar-BBpFBbK?li=BBnb7Kz

The figure of them doing this at least 70 times is an estimate, but the point is they seem to of done it before, but don't want to do it now. This adds a new layer to it.

So is this really over privacy or is it just they know deep down they can't do it? See if this is true and I actually bought Apple products? I never would again.

Am I crazy to think if this is true that Apple could potentially face a huge backlash to this?

They have done it in the past however the circumstances are completely different now.

To put this into a not perfect analogy:

Apple makes houses, they used to make wooden houses, sturdy, but not unbreakable, and used normal keys. The FBI back then asked them "can you let us into the house" and Apple, while not wanting to, knew that it could and would ultimately lose a court fight so they complied, went out with the FBI and unlocked the door with a simple key.

Since then Apple has upgraded their houses, they now make incredibly strong concrete houses, and they don't have normal keys, they have these passcode keys that only the person living in the house knows...the houses are really popular too, no one has ever broken into one of them, the people are a lot safer. Now, the FBI comes and asks the same question "can you let us into the house" and the fact is...Apple can't let them into these houses, so the FBI demands "well, you could let us into the houses before, so I think you should just downgrade all the houses back to the wood and key design and then let us into this specific house"...obviously that's a much bigger ask, and one that risks the now established security of every single person that bought one of these new concrete houses.

Yes, but do you agree Apple tried to partially frame this as a moral issue?

Since they weren't just going "oh they want us to downgrade" they tried to also preach about protecting the privacy of their customers. When in the past they didn't protect the privacy of customers. It's just now the violation attempts it seems would be infinitely more difficult.

Since at the end of the day I still see it as Apple on multiple occasions had no qualms about invading peoples phones when asked. Not once or twice, but an estimated 70 times. So it's not like they did it once and had a change of heart.

If they have done it before then I can't see why they wouldn't do it for a terrorist. I understand the security is higher now, but they shouldn't of set the precedent of doing this kind of stuff in the past then, right? So now for me the only legit excuse is not that they won't do it, but that it is literally impossible for them to do.

Since otherwise..they pretty much did the same thing before, it just took less effort. To use your own example, if you build wooden houses and you go around letting the government into those houses then should you be surprised that they ask you to do this again in the future, even if you have come up with better more secure houses?

I think it is a moral issue, and I think Apple is right in framing it as such. More than that it's an issue of national security.

The question is, do citizens have the right to use tools that the government can't break into? And the FBI is basically saying no.

The New York Times made a very important point (and then strangely removed it in a rewrite):


http://daringfireball.net/linked/2016/02/18/nyt-china-apple

Originally posted by Bardock42
I think it is a moral issue, and I think Apple is right in framing it as such. More than that it's an issue of national security.

The question is, do citizens have the right to use tools that the government can't break into? And the FBI is basically saying no.

If it's a moral issue for Apple then how come the moral issue didn't crop up before? All I know is the company has a history of doing this so it's hard to see them specifically playing the morality card. Sounds like picking and choosing when to apply your morals. Which for me means you don't truly have any at all, they either apply or they don't.

People in wooden houses deserve the same consideration as those in the more advanced homes.

Originally posted by Surtur
If it's a moral issue for Apple then how come the moral issue didn't crop up before? All I know is the company has a history of doing this so it's hard to see them specifically playing the morality card. Sounds like picking and choosing when to apply your morals. Which for me means you don't truly have any at all, they either apply or they don't.

People in wooden houses deserve the same consideration as those in the more advanced homes.

Like I said, the instances before were not the same as the one now. Before they asked Apple to open up a lock that Apple had a key to. This time they are asking Apple to exchange all the secure locks for easily breakable ones. That's completely different.

But they still violated privacy, that is the thing. It's not 100% the same, but it's still a violation of privacy.

The only difference seems to be it would cause Apple a large headache to do what they are asking, but they still violated privacy in the past, correct?

So I would have them frame it as a business issue, as an issue of "we don't want to decrease the quality of our product". Not a privacy issue, since they violated that numerous times.

Originally posted by Surtur
But they still violated privacy, that is the thing. It's not 100% the same, but it's still a violation of privacy.

The only difference seems to be it would cause Apple a large headache to do what they are asking, but they still violated privacy in the past, correct?

So I would have them frame it as a business issue, as an issue of "we don't want to decrease the quality of our product". Not a privacy issue, since they violated that numerous times.

I don't think it's so clear cut. Apple is not breaking the law. In the earlier cases it was akin to them having a key and the FBI getting a warrant for Apple to use the key. Apple has to comply with that. And I'm sure their lawyers told the "You can try to fight it, but you will definitely lose, it's completely pointless". So they didn't fight it in court (they did however vehemently oppose it when a judge actually asked them whether they think they should be forced to do this).

Now in this case the FBI is asking for much, much, much more than just a key that's in Apple's possession. The FBI is asking to undermine the security of ALL users. And I suspect this time Apple lawyers told them "You can fight this, you might win, it's not as clear cut as in the past, it's worth a try". That's why they are now fighting it in court.

Morally I suspect they have always been opposed to it, at least their rhetoric (and the moves in software development) suggest so, but they are not going to partake in civil disobedience to fight for this, they'll go the legal route instead.

A cynic may also say that this is good for marketing as well, if Apple is seen as a company that fights for your privacy and that offers extensive security (both of which are true), that makes it more valuable in the eyes of consumers.

At any rate, I think the framing of it as a privacy issue is correct as well.

The problem with them trying to be a company that fights for your security is this story right here, which even if it isn't 100% the same it still doesn't reflect on them well. For some people all they'll need to know is Apple would help out in the past, but not with terrorists.

I also suspect this might be about marketing, but in a different way: Apple doesn't want to seem incompetent. Since I would ask why the government isn't asking them to do what they did before..and the only thing that makes sense is because they can't, so they think the only option is for Apple to mess with the security of all customers. You might think "wait it makes Apple look good, their devices are so secure" but some would see it and think "Hmm, Apple can't even get into an individual device, to the point where the only way is to screw over every customer?".

Plus it just seems the scale has changed. Apple was cool with invading the privacy of customers, just not in a way that screwed over every single customer. Which eh, doesn't paint them as champions for freedom and privacy. So they *will* invade your privacy if possible, just they won't sacrifice the security of everyone to do it. Is that a fair statement to make?

Originally posted by Surtur
The problem with them trying to be a company that fights for your security is this story right here, which even if it isn't 100% the same it still doesn't reflect on them well. For some people all they'll need to know is Apple would help out in the past, but not with terrorists.

I also suspect this might be about marketing, but in a different way: Apple doesn't want to seem incompetent. Since I would ask why the government isn't asking them to do what they did before..and the only thing that makes sense is because they can't, so they think the only option is for Apple to mess with the security of all customers. You might think "wait it makes Apple look good, their devices are so secure" but some would see it and think "Hmm, Apple can't even get into an individual device, to the point where the only way is to screw over every customer?".

Plus it just seems the scale has changed. Apple was cool with invading the privacy of customers, just not in a way that screwed over every single customer. Which eh, doesn't paint them as champions for freedom and privacy. So they *will* invade your privacy if possible, just they won't sacrifice the security of everyone to do it. Is that a fair statement to make?


I agree that the FBI chose a very good case to get their framing through. This is a convicted terrorist and that's how a lot of news outlets will report it ("Apple refuses to help in case of convicted terrorist". It sucks for people who value their privacy, but it's good that Apple is standing up for them (Microsoft and Google agreed as well).

Oh no, you misunderstand the technical background. Apple is working towards being unable to get into an iPhone. That's the holy grail of security, if not even the company that makes your device can get it, that's the goal. Apple has taken many steps to get us there and the iPhone 5C is a transitional step where Apple is still able to get in with a lot of effort, this may not even be possible with the iPhone 5s and subsequent models anymore.

I dont think Apple was "cool" with invading the privacy of their users previously. They were just aware that the laws of the US were written in such a way that they couldn't avoid complying.

See for me some reason I just feel..weary of that. Of something that is utterly 100% hack proof. Not that I want people to be able to be hacked, but just look at a situation like this with the phone..I have no idea what is on the phone, but what if in the future there was a case where something potentially threatening to national security was on a phone? Or even not a threat to national security, but something that could save hundreds of lives?

I am uncomfortable about both things, about the government spying on us..but on the other hand about tech so advanced that our intelligence agency just can't crack it at all.

Originally posted by Surtur
See for me some reason I just feel..weary of that. Of something that is utterly 100% hack proof. Not that I want people to be able to be hacked, but just look at a situation like this with the phone..I have no idea what is on the phone, but what if in the future there was a case where something potentially threatening to national security was on a phone? Or even not a threat to national security, but something that could save hundreds of lives?

I am uncomfortable about both things, about the government spying on us..but on the other hand about tech so advanced that our intelligence agency just can't crack it at all.

That's fair enough, it's a valid viewpoint to have. But you must realise that if the FBI has a backdoor into your phone that backdoor can also be used by China, that backdoor can also be used by Russian Hackers, that can be used by anyone with malicious intent as well.

There's no backdoor that only good guys can use. And I personally think people should have the right to a perfectly private and secure computer.

http://www.nbcnews.com/storyline/san-bernardino-shooting/we-don-t-want-break-anyone-s-encryption-fbi-fires-n523186

FBI says they simply want to be able to type in passwords without the data being erased. How does making this one specific phone able to have as many password guesses as they need..going to seriously compromise the security of other customers? It's hard to believe altering this one phone would set off a chain reaction to every other I-Phone user.

Also the article says Apple has stated they literally lack the capability to break their own encryptions. It's almost like that question..can God make a rock so heavy even he can't lift it?

Originally posted by Bardock42
I agree that the FBI chose a very good case to get their framing through. This is a convicted terrorist


Convicted Terrorist?

I thought this was just another case of Workplace Violence like the Ft Hood incident.

Originally posted by Flyattractor
Convicted Terrorist?

I thought this was just another case of Workplace Violence like the Ft Hood incident.

Yeah, you make a good point, I guess we don't really know why they did it, and I was a bit too quick to claim terrorism, though it seems like they had connections to extremist organizations.

I also misspoke saying he was convicted, since he's dead. However there isn't really any doubt as to his guilt, I guess that's what I meant really.

http://i199.photobucket.com/albums/aa158/Bardock42/CbrVEohUUAAXepA_zpsdef4uwkq.png


Pretty accurate.

Except for the fact Apple in the past totally helped people violate the privacy of their customers, so they don't have a leg to stand on. Doesn't matter if what the government is asking for now is way more then before, point is before they did it and didn't say no. So even if they aren't being asked to do 100% the same thing, they flat out violated privacy of customers before. What is that saying? If you feed a stray cat once don't be surprised if it comes back again for more.

Here is Bill Gates take on it, and he supports the FBI:

http://www.nbcnews.com/storyline/san-bernardino-shooting/bill-gates-backs-fbi-over-apple-san-bernardino-iphone-battle-n524031

You don't get to help the FBI violate privacy for an estimated 70 times and then suddenly grow a conscience. So it needs to be said if there is a victim in this scenario it is not Apple. The victims are their customers, and they are victims either way since Apple in the past already violated their privacy. So even if Apple is able to get out of doing this..the customers still have suffered. Just not every single customer, but still more then just 1.

I'd be quite curious to learn about the circumstances of these estimated 70 times they helped the FBI. Those situations better not of had anything to do with terrorism.

That's just not accurate. There's a huge difference between helping what is currently legally possible (which Apple is willing to do, and has done so in this very case), and creating a backdoor in the software that can potentially be exploited in the future by anyone.

Apple helped the FBI in this case as well, they provided iCloud backups. They helped them try to get the newest iCloud backup, but the FBI actually reset the iCloud password, making it impossible for Apple to help in this way.

There's really only two ways you can look at the FBI resetting the password (and thereby destroying its best chance to get the data) it's either incompetence (in which case we should definitely not let them make software decisions that affect a billion people) or it's malice (because they want a case of terrorism to strong arm Apple into creating an insecure backdoor for them (and for China and for Russian Hackers)). Neither makes the FBI look good in any way.

Just answer one simple question: in the past has Apple violated the privacy of certain customers for the FBI?

If you really want to learn more about this here's a couple of articles (though I think you really need to start by trying to understand the technical details to even begin to understand how it is so very different, and how dangerous a precedent this would be)

Why the FBI Request will affect Civil Rights for a generation:
http://www.macworld.com/article/3034355/ios/why-the-fbis-request-to-apple-will-affect-civil-rights-for-a-generation.html

The EFF on the law that the FBI uses to compell Apple to comply:
https://www.eff.org/deeplinks/2015/10/judge-doj-not-all-writs

The ACLU's take:
https://www.aclu.org/news/aclu-comment-fbi-effort-force-apple-unlock-iphone

Regarding the statement that Apple unlocked 70 phones and some technical background how it is incorrect:
http://techcrunch.com/2016/02/18/no-apple-has-not-unlocked-70-iphones-for-law-enforcement/

Noted Security Expert Bruce Schneier in The Washington Post on why to side with Apple:
https://www.washingtonpost.com/posteverything/wp/2016/02/18/why-you-should-side-with-apple-not-the-fbi-in-the-san-bernardino-iphone-case/

The FBI's **** up (or malicious destruction of the way to get the information they need)
http://www.buzzfeed.com/johnpaczkowski/apple-terrorists-appleid-passcode-changed-in-government-cust#.yqzyw6eyE

The New York Times on the ramifications (for example for China) if the security is weakened:
http://www.nytimes.com/2016/02/21/technology/apple-sees-value-in-privacy-vow.html?mwrsm=Twitter&_r=1

And finally Apple's FAQ regarding the issue:
http://www.apple.com/customer-letter/answers/

I could see it could set a dangerous precedent. But then isn't that sort of like the precedent Apple set by helping the FBI violate certain customers privacy in the past?

If they did this many many times before I can't really understand why they seem surprised the FBI would eventually up the ante and begin to ask for more and more.

Apple will win this, they have more money then Obama's bankrupt government.

What do you think about the help Apple has given the FBI in the past?

That was individual circumstances I believe, what no one is talking about is there is at least 157 phones that the FBI wants access too.

Wait what, because the FBI has been acting like they want access into a single phone. What are the other 156 phones for?

Other phones they want access too

But for what reason? They want the one phone because terrorism.

There are other phones they cannot get into that they want access to in other cases.

So why doesn't Apple just say "we'll help with the terrorism stuff, but nothing else" ? At least it shows a willingness to cooperate.

Apple wins, Judge tells Feds to F*** off.

http://www.npr.org/sections/thetwo-way/2016/02/29/468625914/brooklyn-judge-sides-with-apple-in-another-legal-faceoff-with-fbi

Originally posted by Time-Immemorial
Apple wins, Judge tells Feds to F*** off.

http://www.npr.org/sections/thetwo-way/2016/02/29/468625914/brooklyn-judge-sides-with-apple-in-another-legal-faceoff-with-fbi

judge ruled in favor of apple for some drug cases too

I think the problem was the FBI at first wanted one thing and then a bunch of other people said "well yeah once they are done I have 10 phones I need cracked" and so on. Once again greediness gets in the way. This doesn't mean if those others didn't ask it would of happened, but who knows.

Well the FBI cracked the phone without the help of Apple. Is that good or bad for Apple customers?

Originally posted by Surtur
Well the FBI cracked the phone without the help of Apple. Is that good or bad for Apple customers?
I think it's good because by not forcing Apple to do it for them they didn't create a precedent that would allow countries like China and Russia to demand the same.

Originally posted by Omega Vision
I think it's good because by not forcing Apple to do it for them they didn't create a precedent that would allow countries like China and Russia to demand the same.

In all fairness, do you think China and Russia would need a US precedent to justify doing it in their country instead of just doing it?

Originally posted by Omega Vision
I think it's good because by not forcing Apple to do it for them they didn't create a precedent that would allow countries like China and Russia to demand the same.

I understand this aspect, but I'd also thought people were against it just because the notion of hacking into the phone would lessen security for everyone.

Great news for Apple. Now they can change their protocols to fix this "supposed" FBI hack. Now if they ever bring another lawsuit they will look like idiots.

Apple now wants the FBI to tell them how they hacked the phone. F*cking priceless.

If I were the FBI I'd tell them to eat a fat dick. Like a big fat dick, the type of dick that ends up in the book of world records for being so large and veiny.

No, what happened here really is that the FBI wanted something and didn't understand the technical aspects. They put on a case that completely appeals to emotion (that people like you bought into), meanwhile 100% of tech experts were against it because of the immense ramifications it has. Now we can speculate whether it was incompetence or malice that led to this, but it is very obvious that once the exact technical argument has come to light, the FBI dug in its heels.

Additionally, manly many people have explained to the FBI that there are exploits into getting into this kind of iPhone, so if it actually had been just about the one phone it seems unlikely they would have done this. This makes it very likely that they wanted a precedent, but luckily ultimately the reasonable side won out, in this case even so far as to convince people like Lindsay Graham who make a living out of being on the wrong side.

It was great from Apple that they stood up for civil liberties like that, and it came with an immense hit in popularity for them in the US, so it is clear they did it for the principle.

What exactly are you saying "no" to? What I said about what Apple is now asking doesn't contradict what you just said.

You also say since it came with an immense rise in popularity it means it is clear they did it for the principle. I don't see how you reach that conclusion. I'm not saying they did or didn't do it for that reason, though they certainly weren't standing up for civil liberties in the past when they helped the FBI.

Originally posted by Surtur
What exactly are you saying "no" to? What I said about what Apple is now asking doesn't contradict what you just said.

You also say since it came with an immense rise in popularity it means it is clear they did it for the principle. I don't see how you reach that conclusion. I'm not saying they did or didn't do it for that reason, though they certainly weren't standing up for civil liberties in the past when they helped the FBI.

Oh yeah, I should have quoted, I initially referred to your March 2nd post, but then really went on to make my own point, should have taken the no out, really.

Oh and I said hit, not rise.

Should the FBI give Apple the info they want?

Not necessarily, but Apple should ask for it regardless.