Thursday, February 18, 2016

About Apple being ordered to unlock an iPhone

A Federal Judge has ordered Apple to unlock the San Bernadino terrorist's iPhone for the FBI.  Apple is resisting.  A lot of people are (sensibly) concerned over another example of Silicon Valley possibly crawling in bed with The Man.  It seems that there's more to this than meets the eye.

First, it appears that Apple could do this because the iPhone is old.  There's an in-depth analysis of this at Errata Security, but this is the bottom line:
The upshot is this. It's an older phone. If the iOS version is old, and especially if it's been configured to "trust" a laptop/desktop, then there is a good chance Apple or the FBI could decrypt it. If the software is reasonably up-to-date, my understanding of how iPhone's work, it's impossible at the moment for Apple to decrypt the device, especially as suggested by the court order.
If you have a newer iPhone (iPhone 6) then there's a hardware security module that would prevent this.  The Bad Guy had an iPhone 5 version that didn't have this.

There's more at El Reg that delves into the technical (for those that care) but also speculates on Apple's motives to resist the court order:
OK, so why is Apple going to war with the federal government over this?
It's hard to know for certain, but some or all of the following points are likely good reasons:
  • As mentioned above, it doesn't want to admit that its phones can be updated even when locked, by simply connecting a USB cable to them. Sure, you're updating it with official Apple firmware – just in this case, the firmware is deliberately insecure.
  • Apple doesn't feel it can back down now that it has publicly stood up to law enforcement and politicians on matters of privacy and security.
  • It fears that agreeing to this request would set a dangerous precedent for future versions of iOS. You trust Apple with every update – and now Apple's being asked to demonstrate that it can quite easily create insecure versions of its software and release them.
  • It sees a strong defense of customer data as a key differentiator in the market.
  • It has been waiting for a test case and thinks it can win this one, possibly all the way up to the Supreme Court.
  • It is still angry about the Snowden revelations and wants to force the US government into the open over its surveillance of citizens.
As the Mythbusters would say, "plausible".

5 comments:

bluesun said...

Never owned an apple product and never wanted too, but this situation is definitely making me like them more.

Old NFO said...

I DO believe they want this one to go to SCOTUS... Just sayin... :-)

matism said...

Since Apple has already given the FedPigs what they're asking for at least 70 times:
http://www.thedailybeast.com/articles/2016/02/17/apple-unlocked-iphones-for-the-feds-70-times-before.html
it is far more likely that this is just a dog-and-pony show orchestrated by Apple and the FedPigs in an attempt to convince consumers that Apple wants to protect them. The large US tech companies have lost a bunch of business ever since Snowden revealed what they have been doing in concert with the FedPigs. The tech companies want some of that business back, and the government wants them to GET that business back, not only so they can collect taxes off same, but also in order to spread their backdoors around the world again so they can get what they want from whoever they want without the trouble of getting a court order.

If you believe this story, you have FAR more faith in Apple - and the US government - than any sane person should have.

Anonymous said...

All of the above. Plus as Matism said it is a dog and pony show.

Unknown said...

"Since Apple has already given the FedPigs what they're asking for at least 70 times"

No, they have NOT:

https://www.techdirt.com/articles/20160219/07072533648/dont-believe-hype-no-apple-has-not-done-what-fbi-now-wants-70-times-before.shtml