|
A Message to Our Customers - Apple
Not really sure what to make of this...
Customer Letter - Apple February 16, 2016 A Message to Our Customers The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand. This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake. The Need for Encryption Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going. All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data. Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us. For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business. The San Bernardino Case We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists. When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal. We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone. Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession. The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control. The Threat to Data Security Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case. In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge. The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable. The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe. We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them. A Dangerous Precedent Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority. The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer. The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge. Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government. We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications. While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect. Tim Cook |
Not really sure what to make of this...
I can make a hat, or a brooch, or a pterodactyl... |
Go check PARF.
Being discussed there. |
Quote:
Airplane Move Quote Rep. http://www.wordsonimages.com/pics/185551-o.jpg |
But seriously, making it public was probably the best course of action. Other companies have given in the NSA/CIA/FBI/DHS - willingly or by force, we'll never know. It takes a big brass pair to stand up to the feds, especially in a terrorism investigation. "To protect us from terrorism" has been the excuse every time "they" want to chip away at our rights and freedoms.
|
From OP's link:
Phone decryption On February 9, 2016, the FBI announced that it was unable to unlock one of the mobile phones they recovered, a county-owned iPhone belonging to one of the shooters, due to its sophisticated technology and use of encryption.[174][175] As a result, a federal judge ordered Apple Inc. to provide access of the iPhone's encrypted data to the FBI, following the company's declination to willingly provide assistance.[176] Apple Inc. opposed the order, citing the security risks posed towards their customers.[177] |
I'm not sure I believe they can't unlock THAT phone. They should. Creating a backdoor to unlock all phones prob sky isn't a good idea.
A dead terrorist has no rights. |
Quote:
|
Quote:
Would have stayed here if started here. |
So how would this be done? Open phone, access pins to memory chips, load new OS directly into memory?
|
Quote:
Similar to using an emulator to play old DOS games on a PC. With the right knowledge and time it could be done. One thing though... The phone asks you if you want to "trust" the connected PC so how would you get around that? |
Quote:
The OS is on a separate partition from the user/file space and is not encrypted. |
Quote:
Agree, no rights at all............AND, the phone is owned by the county (employer?)....Seems the county should have some say in this and would be all for obtaining the info on their phone...... |
I have a hard time believing the FBI can't crack it, or turn it over to the NSA. When I was studying computer forensics the FBI claimed they condo recover files from a drive that had been overwritten and erased 7x... If they admit to that what else can they do. They've got some damn good computer geeks there.
|
Contrast this thread to the Microsoft thread....
|
For someone like me who doesn't know much about iPhone software, etc. - can someone explain why Apple cannot just borrow the iPhone in question, get it unlocked, and then hand it back to the FBI on the condition they take out all the info and then destroy the iPhone afterwards.
And Apple can destroy the created software also that helped them unlock that one iPhone. Info retrieved...software and iPhone destroyed. Everyone is happy. |
The judge stated Apple should make "reasonable" accommodations to the govt. I am not sure they understand that software takes a lot of time to develop. What is considered reasonable? How many people should be involved? How many man hours is considered reasonable?
I think the govt would have issues with destroying the software once it is developed. Ideally, if your employer owns your phone, they should have all your passwords or be capable of reading everything on your phone. Corporate America does this. Why should govt employees be any different? |
I'm not buying the fact that this phone is locked up. Could it be that the Fed's have already seen the inside of this phone and Apple is just playing along as not to diminish the relationship with it's market base with good or bad guys?
|
Quote:
Many of you miss the point completely. Apple is saying if we unlock this one then the process is out there. Right into the hands of terrorists. Many who say "I have nothing to hide" don't realize what an idiotic statement that is. You guys really need to go back and read your history books, this is one of the KEY POINTS of WW2 and nazism, fascism and communism. Unlocking any official will know your sexual history and orientation, medical history, your political affiliations, your religion, race, your causes, who your friends are, your business contacts and dealings, prototype designs, national secrets...the list is endless. There are items in the above lists that you were sent to concentration camps, dragged out of you bed and murdered, ostracized, employment curtailed, insurance denied, wealth stolen and spied upon. Again the list is endless. My mom's family who was upper middle class british, (she's a middle class canadian war bride) would never put a election sign on the front lawn because historically you could get lynched just for the party you supported. People don't realize how dangerous things like FB, twitter, phones, smart TV's etc., really are and that they're are the greatest assets that the CIA, Homeland Security and terrorists could have ever dreamed of. The brave men and women who gave their lives for freedom in WW2 and beyond are rolling in their graves. . |
Quote:
I'm not asking why it shouldn't be done. I'm asking why it couldn't be done. Go into a back room - get it done - then destroy the software and iPhone. No cameras....just a couple lab guys and an independent observer. No identities given - no locations given - total covert operation. Nothing ever mention to the media or public again. Just like it never happened..... |
How would people react if the FED mandated that every new house built and every house that currently stands be fitted with an additional door specifically for law enforcements use in case they decided they wanted to pay you a visit whenever they wanted.
Oh, and you are not allowed to lock it or tie it into your security system to protect yourself from every lowlife out there that now knows these doors exist. That is what the FED wants. No thank you. |
Quote:
You can't unring the bell. |
Quote:
Now how would you even know that happened? You were not there. There were no cameras there. I did not go on social media and tell everyone what happened. The event was not covered by the media. Verizon did not issue a statement to it's customers. Just like it never happened..... |
Quote:
It is wrong, but we roll over in the name of 'safety'. I'm not an Apple fan in any way, but I support them here. |
I tried to find the court order but was not successful.
In some articles it mentions "the phone" (belonging to Farook) and the request seems to target that phone only asking Apple to provide "reasonable technical assistance". I think I am ok with that concept as long as the Feds have no insight into Apples encryption algorithms (if that is the correct term). It appears Apple made the leap to the "back door". In any case, I am for getting the data off the phone. I am not for the Feds having any insight into Apples encryption of the creation of a "back door". |
Just give it to the geeks on the TV shows. They can hack into the most secure computers and phones in seconds.
One show had the guy reset the clock on a iPad in maybe 5 seconds. I don't even know how anyone can reset the clock on iPads or iPhones at all. Back to the real world, it is amazing that the Feds don't already have a way to get to the data. The dead terrorist did not even own that phone so there is for sure no privacy rights on that one phone. I am amazed they can't clone the entire phone several times and then hack away until they crack it. |
Quote:
It is my understanding that Apple is not being asked to break the encryption, but rather to disable the feature that wipes the phone after X number of bad password guesses so that the FBI can brute-force its way in. Not quite the same thing, but still as chilling. |
Quote:
And your analogy is not correct. You asked Verizon to help you fix your device. That's not remotely the same thing as the FED asking "Verizon" to create a way (that currently does not exist) to "fix" your device without your knowledge. Huge difference. In fact NOT knowing it happened is far worse than knowing. |
Quote:
|
Quote:
|
Quote:
The device is end to end encryption meaning the hash is based on each unique individual phone. The hash exists no where else. No physical device, no hash. Even Apple, by design, does not have access to a specific phones hash which makes me believe it's a randomly generated string embedded in a component at time of manufacture. But what that means is as soon as the device is unlocked any data can be accessed unencrypted. The device does the decryption on the fly. That is the reason the device needs to be unlocked. You could take the phone apart and pull the raw bits from the NAND but it will be encrypted and since no one knows that specific devices hash and the hash is not recoverable the raw data can't (easily) be decrypted. What the FED want is for Apple to disable the auto wipe feature that kicks in after 10 failed unlock attempts. What that entails is most likely a version of iOS that has been modified to not include that feature. Not a trivial task that one does during lunch break. That's a huge problem because it makes all the other security features useless. You don't need to worry about encryption when you have an accessible device so that's out the window. On a 4 pin phone there are only 10.000 possible pins. 10% of 4 pin phones can be accessed using 1234, 1111, 0000 There are 20-30 commonly used pins that will get you access to 30% of devices. Some guys built a robot that physically taps in pins on a screen that can run through all 10,000 possible pins in under 20 hours. Same guys are working on a pad that will mimic a finger press on the screen and they figure that should be able to run through all 10k pins in a few of hours. |
Quote:
As for the last part, you may not care about the integrity of anyone else's data, security, privacy, and rights but some of us do. This is not just about one dead terrorists phone. It's all part of the FEDs long game. They want a way into any device and they are using this to scare people into supporting their efforts to infringe on our rights. And sadly it seems to be working. |
Quote:
|
Quote:
NOTE: private sector includes criminal enterprises. |
|
The government's main point is that they want Apple to create a tool (a modified OS) that will be used once and only once to unlock this one and only this one phone.
Who will have access to this tool?. If the government gets it - legitimately or otherwise - then it will be used again and again, to unlock any iPhone the government wants to, with or without anyone knowing about it. If Apple manages to keep the tool from the government and immediately destroys it, then the next time the government wants to unlock an iPhone, it will get the same court order requiring Apple to build the same tool. The more such orders the government gets, the easier the next one will be to get. Start with a globally reviled terrorist, end up with any accused criminal. So effectively, iPhones will open to government searches. "Government" does not mean just the US government. The Chinese government could order Apple to do this. The Russian government could order it. And they might take the tool too. If the US government does, other governments will quickly follow. Will Apple keep spending - what, millions of dollars? - each time it is ordered to unlock an iPhone? Or will it eventually give up and build a backdoor into the operating system?. Well, Apple has a lot of money and a CEO who is uncommonly strong willed. But would Dell, IBM, Cisco, Juniper, Samsung, Oracle, Google, Microsoft fight long and hard? That is the "slippery slope" argument. I think it is very realistic. And will happen. The fact that this iPhone was owned by a horrible terrorist is irrelevant. The government has carefully picked this as its test case. "Hard cases make bad law". |
Aye - there's the rub:
Law enforcement agencies across the country are being thwarted by Apple’s encrypted devices, and the FBI likely chose this case—which involves an infamous terrorist—as its best chance to force Apple to change course. |
I just look to the past to realize how the government will use this in the future:
Look up "stingrays". Yeah, only supposed to be used when a warrant is issued. San Diego is in hot water for all the secrecy around owning and deploying such devices. They are just the first city/LEA to get caught. How many more are rolling around out there we don't know about. And if the LEAs have them, I guarantee you "bad guys" have them, too. Same thing applies to this back-door. If LEAs (and by extension, criminals) have a way to overwrite the core iOS to remove the security wipe feature, no-one's iPhone is secure. This is the core of the discussion. Even though the FBI/CIA/NSA was able to get their call history, browser history, text message history (and probably more) - they are focusing on the phone. Why? Because it would give them a repeatable method for all other iOS devices. |
I confess I don't get it. What exactly is on the phone that is encrypted ? Notes ?
Anything email related they can get from the servers. Any phone conversation the can wiretap with a warrant. Texts I imagine are also archived. The phone's cell tower chatter and GPS chip makes us all trackable. Anything on Icloud has been breached.. There's RFID chips on a lot of cards these days... On top of that, our social # are out there already from various hacks (ask me, someone else filed my taxes last year). What's on an iphone that they can't already get? The only thing not covered by the above on my phone is my pictures and evernotes because I don't use Icloud... I like my privacy, but the phone of a dead terrorist ? I disagree with Apple. OK a backdoor is probably not a good idea because it will be cracked (especially this publicized), but they should implement something that works. I almost lost a few friends in Paris... there's nothing top secret on my smart phone. I'm a little disappointed in the NSA too, you cannot crack an Apple device ? I'm hoping it's a nice disinformation campaign ! |
That will never happen, Baz. Once it's done neither party will let it go. Even if the special "software" is destroyed, the knowledge and process to replicate it is there. As much as I think it important to know what is on that phone, I think almost all of us can recognize whatever data the government acquires will eventually be compromised.
|
| All times are GMT -8. The time now is 01:15 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website