Nobody is stopping the FBI from doing whatever they want with the phone. They have it in their possession and have a warrant to search it. Nobody is questioning that.
What is being questioned is whether a software manufacturer can be forced to build a way for the FBI to compromise the phone. This is much like the question of whether a firearms manufacturer can be forced to build a way for the FBI to compromise that type of device.
No those questions are not at all similar, one is about a device the FBI has, the other is about everyone's device.
The actual question is can the FBI force Apple to open the phone for them. That's it. Can the FBI force a bank to open a safe for them? It's not any different.
Just because there is technology involved does not change the fundamental nature of the question.
If you want a gun analogy can the FBI force a manufacturer to tell them the proper disassembly instructions for the gun. (For example if it needs some special tool, can the FBI force them to sell them that tool.)
Somewhat fair points, with a couple of key pieces of data left out:
> one is about a device the FBI has, the other is about everyone's device
Except that one Apple claim is making, whether realistic or not, is that once the "device the FBI has" is unlocked, it potentially exposes "everyone's device" to the same exploit
> If you want a gun analogy can the FBI force a manufacturer to tell them the proper disassembly instructions for the gun
Except that in the case of the gun, this is information the manufacturer already has. In Apple's case, they are claiming they do not currently have this information, and would need to do work to create the information being requested.
> Except that one Apple claim is making, whether true or not, is that once the "device the FBI has" is unlocked, it potentially exposes "everyone's device" to the same exploit
The court will not care about that. The FBI is expected to open devices only with a warrant and that's it. Just because they have a tool doesn't authorize them to use it.
Just because the FBI bought lockpicks, doesn't mean they can go around opening locks.
> this is information the manufacturer already has. In Apple's case, they are claiming they do not currently have this information, and would need to do work to create the information being requested.
Also irrelevant. At best Apple can request to get paid (and that would probably be approved).
It's completely ordinary for companies to be ordered to go collect and collate information relevant to a warrant. They can charge a reasonable fee to do so, but they can't refuse to unless it would severely impact them (and the definition of severely is up to the judge).
In Apple's case the Judge is unlikely to believe them that doing this would be a big problem for them - they are a huge company.
> Just because the FBI bought lockpicks, doesn't mean they can go around opening locks
Similarly, just because Schlage makes high security unbreakable locks, doesn't mean they have to create lockpicks for the FBI that will work on those locks. They spent a lot of money developing those high security locks and if they create lockpicks that can break through them with ease, they lose much of the value of those locks. The unbreakable lock is no longer unbreakable. So the loss of value for the company is not just the employee time to create the lockpicks, but also the loss in value of the product line when they can no longer say that there's no lockpick that can break in.
The FBI is free to study and try to break into the locks themselves, but if it is a truly unbreakable lock, then hooray, the world is arguably safer on the whole, even if a few criminals use the locks to hide their secrets.
> Just because they have a tool doesn't authorize them to use it.
Why do you think they wouldn't use it? Of course they would use the tools that are available. The FBI's regular use of "stingray" devices ("IMSI-catchers") has was in the news recently, as just one example.
Law enforcement does a lot of stuff without a warrant. The "exclusionary rule" doesn't prevent them from conducting a search; it only allows the defense to get the evidence from those warrantless searches thrown out. The problem with modern data technology (for both mass surveillance and easy access to private data such as an Apple phone) is that it makes parallel construction much easier, where data found during a warrantless search is laundered illegally into a new search that can be used in a court.
Besides, the FBI has stated many times how they intend to continue accessing phones and other network devices.
> they are a huge company
So you believe Apple should be de facto deputized into a law enforcement role against their will and at their expense, just because they are "huge"?
> Apple can request to get paid
As this will continue into the future (the FBI apparently already has a list of cases in waiting), do you really think the government will continue funding Apple for their new law enforcement role? The government doesn't get to nationalize part of a corporation just because it would be convenient for law enforcement.
>They can charge a reasonable fee to do so, but they can't refuse to unless it would severely impact them (and the definition of severely is up to the judge).
What is a reasonable fee? Tim Cook reportedly spent months trying to convince Chinese officials to sell the iPhone in China.
If China were to then ban iPhones on the premise that they don't the FBI to seize the data on iPhones belonging to Chinese nationals (remember, warrants only really apply to US citizens), could Apple then charge for the loss of the Chinese market (~$13B/quarter?). Should tax payer money be used to secure the investments of Apple's shareholders who banked on the fact that proper encryption would give Apple an appropriate foothold in China?
It's a disaster, and an absolute stain on HN, that your sensible comments are getting downvoted.
I am a huge advocate for privacy, and I understand the technical details, but like you, I can't see what magically protects iPhones from search warrants.
I _love_ that Apple have made it so hard for unauthorized access to my device, but I cannot understand on what basis they're making the current stand, given that the FBI are asking specifically for a modification that will let them attempt to brute-force the device, rather than anything more magical.
Because Apple realizes (rightfully so), that it's a slippery slope.
The only way to prevent a tool from being misused is to not create that tool in the first place.
If you _love_ that Apple is making it so hard for unauthorized access to your device, why do you also think they should create a tool that allows unauthorized access to your device? Are you so sure that you'll never be on the wrong end of a government fishing expedition?
I'm generally law abiding, yet I still don't think the government should be able to view my private records just because my name came up on some secret watchlist that I'm not allowed to know about and could entirely be because my name matches someone else's name.
The only reason the FBI didn't ask that Apple fully decrypt the device is because they know that bruteforcing a small keyspace is trivial if the device doesn't have countermeasures - not because they thought they were overstepping the bounds of their request.
You're assuming that this request is at the bottom of the slippery slope rather than at the top.
The FBI made clear that this was a special case, just one solitary phone to decrypt from a nasty terrorist. And no one likes terrorists, so we can all agree that we need to read his secret data.
But then it's revealed that there are dozens, perhaps even hundreds of these requests in queue, and few involve terrorism.
And after the government is successful at coercing Apple into creating special software, why do you think that the next stop won't be to coerce apple into handing over signed code that will work on any phone (or even signing keys themselves)? After all, if the government needs to read data off of thousands of phones, surely they can't wait for Apple to do them all.
> The FBI didn't ask Apple to decrypt the device because that would be impossible.
Decrypting the phone is only impossible if the user had a strong passphrase, which is unlikely, so if Apple turns off the brute force checks, decrypting the phone means only cycling through 10000 or 100000 passphrases. A few hours or a few days at most.
If decrypting the device is impossible, then the FBI wouldn't be asking for Apple's help.
Not all slopes are slippery. But Americans have had several hundred years to get to the grips with search warrants allowing the government to search stuff. Nobody seems to want to answer why an iPhone should be more privileged than — say — a diary.
Apple cannot decrypt the phone. Removing the brute force checks is not the same as decrypting it, because even in the nightmare scenario where the FBI get their hands on this modified software, and randomly start installing it without a warrant, it only works if they have the device and you've used a crappy pin code. If you use a strong pin, you're protected, still. Except for the whole contempt of court thing.
Don't we have freedom of speech in this country? What other situations could the government compel Apple to say or write something for the FBI? Or do you think that computer code is not a form of protected speech?
One kills people (gun), one connects people (phone).
One shutdown pre-emptively (gun) prevents deaths (ostensibly) -- the other reveals the plans of the killers.
I do not have a more appropriate analogy, but I feel that the government has NO FUCKING RIGHT to ask apple to do what they are doing in a supposed free-market capitalist state.
These are the acts of tyrannical/dictatorial states.
So fuck the government in this case. no WAY should apple comply.
1) There is no search warrant in the case in question, but an order under the All Writs act.
2) If Apple had designed the phone properly in the first place (ie, impenetrable even with their help), then they would indeed be protected from attacks via search warrant.
A sufficiently robust security solution doesn't care whether the attack happens to come from the state.
Apple is going to lose this, and it should, under the law. It should also be free to develop a Secure Enclave that prevents iOS updates in lock, which sounds as though it is already in development.
> 1) There is no search warrant in the case in question, but an order under the All Writs act.
I was under the impression that there is a search warrant that the government has secured to search the phone, and an order under the All Writs Act dragooning Apple into writing custom software to support the search authorized by the warrant.
Right, sure. I meant that there is no search warrant at issue in FBI v. Apple (or whatever the case ends up being called). Nobody disputes that the FBI properly effected a search warrant against the home of the shooters.
But Apple is not a party to that document, and its legitimacy is not in dispute in this case.
Are you sure? (Other than your inflammatory "involuntary servitude" silliness.)
A warrant actually can compel third parties to help in a search. What do you think happens when a business gets a warrant? They have to assign someone to go search for and find the records the warrant asks for.
Or if you serve a bank a warrant to open a safe - the bank has to go and help open the safe.
While true, in your examples the third party is obtaining something that is already within their possession and they are not being asked to create something new. There is a reasonableness to searching for a document, but essentially Apple is being asked to create something that does not exist.
Think about the first court case where this "FBiOS" is used against a person that is on trial. Wouldn't the defense have a potential field day with this, and wouldn't Apple then be drug into every trial to testify? I could see the defense claiming that because the OS was replaced it is impossible to determine for sure what the original device contained versus what the government may have added to it.
Essentially from my very limited understanding of forensic techniques, techs are not allowed to ever add software to a device and can only search the device. Otherwise they are essentially "modifying" evidence. But I am not an expert in this area so I may not be fully understanding some of the intricacies.
Yea, it may be true for this one case that they are not looking for evidence so much as leads. The problem is this one case affects 100's or potentially thousands of others in the future, by setting legal precedent.
Based on news reports there are currently 100's of criminal cases and many prosecutors waiting to use the "FBiOS" once it is developed. If the DOJ's goal was strictly about terrorism there are alternative ways to solve this and Apple would likely be more accommodating, as it appears they have been in the past. But the DOJ is now looking to establish legal precedent within the courts so it can be used routinely and not just for terrorism cases.
No. That is what the draft does. And if it is legal and constitutional for the government to take a kid, ship it half way across the world and get him killed - i think that commenting two if's in a codebase and recompiling are quite less onerous.
The draft is authorized by express constitutional provisions regarding the militia and powers related thereto assigned to Congress (for providing rules for calling them into service) and the President (for directing them once so called) and implemented through statutes adopted by Congress.
Unless you imagine that the All Writs Act is intended to be an exercise of Congress powers relating to the militia, that's not really going to support this order.
One has a court issued search warrant. The other doesn't.
Why should iPhones be magically protected from search warrants?