edit: Topic has been split from the 2016 presidential election thread.


As of Feb 19, this seems to be the best summary of the situation: http://www.wired.com/2016/02/apples-fbi-battle-is-complicated-heres-whats-really-going-on/

----original posts below.---


The FBI sucks.

Some facts to further expand on this:
- The FBI "tried for 2 months" to get into the phone. Turns out they haven't tried a single passcode. (there is some justification here, but they are still really dumb)
- In at least one prior instance of the FBI physically bringing a phone to Apple for help getting in... Apple picked up the phone and there was NO FUCKING PASSCODE ON IT (http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html)
- The FBI sets quotas for how many terror plots they will disrupt. Just... just fucking think about that for a second!
- The FBI thinks there is going to be some possible data on his work phone and not his personal phone that the terrorist destroyed.





This shouldn't be a matter for Presidential candidates; this should be a matter for the public to understand fully: HEY, IF YOUR IPHONE IS STOLEN, THIS MEANS SOME HACKER CAN STEAL YOUR FUCKING BANK DATA OR ANY OTHER CONFIDENTIAL DATA OFF THAT PHONE!

While this is a good thing for the public to understand, this issue is huge. It may actually be the biggest issue in tech for over a decade. Using the All Writs Act of 1789 to force Apple to do this will set a horrible precedent if it is allowed to move forward. This will allow the government to mandate just about anything. You want every internet attached device to be turned into a government mandated surveillance tool? Cause this is how it happens. This is WAY beyond having your landlord give your apartment key to the police when they have a warrant. I'm not even sure what a good parallel is, but something along the lines of forcing a locksmith to break into a safe against their will might sort of scratch the surface.


There is further weirdness surrounding the situation. Apple asked the FBI to issue the request under seal, and then the FBI went public. I'm not really sure what to make of it but some believe this is the FBI trying to put pressure on Congress to push a bill through mandating crypto backdoors.

if your iphone is stolen, this means some hacker can steal your fucking bank data or any other confidential data off that phone

I know this is the election thread, but I wanted to touch on this for what will probably eventually split off into a dedicated news item thread.

TECHNICAL SHIT BELOW

While this is solid advice for being security aware, this situation (and several before it) is showing how awesome Apple security is, at least with their current phones. If you are on an iPhone with touchID and/or a long password (not 4 digit numeric) and you are running iOS 9... your phone is bulletproof. Nobody, not even Apple, can bypass that setup from what I understand. Add in the "wipe after too many bad PIN attempts" option and you make it even better.


The current phone in question is a 5c (no touchID) running iOS9 and with a 4 digit numeric and is probably set with the "wipe after too many bad PIN attempts". In theory, someone very skilled could get into this phone. That's definitely not the FBI though. The only thing they can get into on their own is iPhones running 8.1.1 and earlier by using a CHINESE hacking tool that will brute force a 4 digit PIN.



Android phones though? Yeah, they are weak across the board.


aaaanyway. i've clearly been too deep into this thing so I'll just go get back to that then.

The problem is, on the most basic level (which I'm sure you 100% appreciate), Apple is setting a precedent for privacy that they are unwilling to, as a business, intrude upon.

At this point, the ball is in the government's court... and they have to say "no, we can always intrude."

I don't understand how more people aren't talking about this.

Apple's answer is, basically "if you want to invade our customer's information, you have to be able to do it yourself" and that's fantastic.

We're not safer if we force apple to figure out a way to invade their new uninvadeable encryption, and I don't understand the people stupid enough to think this is a good idea.

Some facts to further expand on this:
- The FBI "tried for 2 months" to get into the phone. Turns out they haven't tried a single passcode. (there is some justification here, but they are still really dumb)
- In at least one prior instance of the FBI physically bringing a phone to Apple for help getting in... Apple picked up the phone and there was NO FUCKING PASSCODE ON IT (http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html)
- The FBI sets quotas for how many terror plots they will disrupt. Just... just fucking think about that for a second!
- The FBI thinks there is going to be some possible data on his work phone and not his personal phone that the terrorist destroyed.
See, Exhibit A of Why the FBI is STUPID.

They don't even have their own department that does this. And, yes, it is a testament to the bulletproof security of (newer) iPhones, which the FBI is attempting to render useless.

And, as you said, what they are doing also sets a precedent FOR SOMETHING AFTER THE FACT, FOR TWO LONE WOLF DEAD TERRORISTS, ON THE GUY'S WORK IPHONE.

Nearly EVERYTHING the FBI does is REACTIVE, because they are TOO FUCKING STUPID to be proactive.

I watched a really in-depth lengthy documentary about the Black Panthers on PBS last night.

Mind. Blown.

How J Edgar Hoover could get away with the shit that he did, basically issuing a death warrant to hunt down and kill all Black Panthers, is unbelievable.

And the FBI still gets away with unbelievably stupid crazy shit all the time. They have WAY TOO MUCH fucking power. And Americans are afraid of stripping them of that power. But what people have to understand is: THESE FBI PEOPLE ARE STUPID.

THIS IS WHERE FBI DIRECTOR COMEY SHOWS HOW FUCKING STUPID HE REALLY IS (https://theintercept.com/2015/07/08/fbi-director-comey-proposes-imaginary-solution-encryption/). The guy knows SHIT about tech yet is insisting on a magic rainbow unicorn solution that CANNOT EXIST. Like, well, I'm sure you nerd geniuses can come up with something! No, ASSHOLE, YOU DO IT! WE DARE YOU! YOU AND YOUR BRILLIANT FBI SUITS, WHO SO DEFTLY SECURED THE OPM SERVERS, GO AHEAD! And then maybe you can DRIVE TO MARS AND GET ME A MCSHAKE WHILE YOU'RE DOING THAT!

And Hillary and Bernie? Both can't use a computer to save their respective lives, I bet Bernie still uses fucking AOL. Hillary admits she only uses a Blackberry. So whatever they say on this subject is going to be a rehearsed answer from some congressional idiot else because they have NO FUCKING IDEA what any of this means and because PATRIOTISM evidently means bending over and taking it up the ass by the FBI.

This shit just gets me SO fucking pissed off. WAY fucking more than 2nd Amendment shit or any of this other pseudo important shit. The Government intruding into our lives, and in this case DEMANDING that REALLY REALLY EXPENSIVE equipment be MADE SUBPAR and SUSCEPTIBLE to hackers and making us subject to things like identify theft so that the Government can access it AFTER a possible act of terrorism has occurred to POSSIBLY gain information is BULLSHIT.

I don't understand how more people aren't talking about this.



FWIW, the tech/privacy/security realms are exploding over this. It's overwhelming and the first time I've been unable to keep up with everything surrounding a single story.

Apple has recently been doing a lot to remove themselves from the possibility of breaking into their customer's devices. I wouldn't trust my life on it (the NSA, at a minimum, can still get data going in/out of the device) but it's a huge bump.



The sad thing about some of the people talking about this are the ones who support the FBI. The answer to "should Apple help the FBI get into just the terrorist's phone" is all too frequently "yes." Nobody stops to think about the legal precedent or the fact that a backdoors for 1 mass produced phone is a backdoor into all of them.

The sad thing about some of the people talking about this are the ones who support the FBI. The answer to "should Apple help the FBI get into just the terrorist's phone" is all too frequently "yes." Nobody stops to think about the legal precedent or the fact that a backdoors for 1 mass produced phone is a backdoor into all of them.

I was screaming at my radio the other day, listening to these idiots weigh in with their opinions. They were basically implying that what Apple was doing was tantamount to treason, that they care more about this as a marketing ploy to advertise their product than they care about stopping terrorism, that people overly concerned with the security of their cell phones are narcissistic and paranoid... mockingly condescending about that in a "sorry Bub, nobody cares about what's on your cell phone. You're not that important. Go get a job or something... go outside, get some air."

Sometimes you just feel like you're losing your mind. You wade through the usual parade of cute-cat photos, looking for someone else talking about this incredibly important issue that's happening right now, and most of the commentary I see about it is from people mad at Apple, and failing to understand that if Apple capitulates at all to this kind of demand, it means that their claims about impenetrable security are ultimately null and void if a third party is legally empowered to ask for the keys.

Now John McAffey is weighing in, offering to decrypt the phone for the FBI so that Apple is not forced to do so... I'm not sure how this entirely resolves the issue, but it would certainly demonstrate incompetence on part of the government. Doesn't this also only create a new sort of precedent, where we know that if someone really wants your data, they can hire a team of mercenary hackers to access it? Either way, if McAffey does find an exploitable weakness, I would hope he would share the flaw with Apple so that they can improve their security.

And the FBI still gets away with unbelievably stupid crazy shit all the time. They have WAY TOO MUCH fucking power.


And Hillary and Bernie? Both ... have NO FUCKING IDEA what any of this means and because PATRIOTISM evidently means bending over and taking it up the ass by the FBI.

This shit just gets me SO fucking pissed off. WAY fucking more than 2nd Amendment shit or any of this other pseudo important shit. The Government intruding into our lives, and in this case DEMANDING that REALLY REALLY EXPENSIVE equipment be MADE SUBPAR and SUSCEPTIBLE to hackers and making us subject to things like identify theft so that the Government can access it AFTER a possible act of terrorism has occurred to POSSIBLY gain information is BULLSHIT.

Putting all of this together, maybe this means Hillary and Sanders are unqualified to be POTUS then. The only acceptable option with their technical capacity is for them to strip/block the govt from doing this. And that's something they certainly aren't proposing.


I'm not sure what all the GOP heads are saying but I know a lot are completely backing the FBI like a flashback to 9/11 "anything to get the terrorists" mentality. Rand Paul and Ron Paul are not only backing Apple, they want to stop the govt from doing this shit. It's a shame neither are running anymore.

This is why im fairly sure I'll be going 3rd party. If I vote at all... my time seems better spent finding more actionable ways to fix this shit.


If you haven't seen McAfee's OpEd where he offers to decrypt the phone so Apple doesn't... Well it's entertaining and he trashes the FBI a bit :) http://www.businessinsider.com/john-mcafee-ill-decrypt-san-bernardino-phone-for-free-2016-2

The sad thing about some of the people talking about this are the ones who support the FBI. The answer to "should Apple help the FBI get into just the terrorist's phone" is all too frequently "yes." Nobody stops to think about the legal precedent or the fact that a backdoors for 1 mass produced phone is a backdoor into all of them.
The thing is, those terrorists in Paris were using cheap throw-away phones and unencrypted data, NOT FUCKING SEVEN HUNDRED DOLLAR IPHONES! They use phones that can't be traced, then they toss them into the trash. They aren't spending a fuckload of money on expensive smartphones! What kind of unicorn world are these morons at the FBI living in? And these idiot Americans, are they REALLY thinking that terrorists ARE THAT FUCKING STUPID?

The FBI is just going for easy, low-hanging fruit, here, that will REAP ABSOLUTELY NOTHING BUT WILL EXPOSE AMERICANS TO 1980s LEVELS OF SECURITY HOLES.

Finding shit AFTER A FUCKING TERRORIST ATTACK HAS ALREADY HAPPENED doesn't mean shit. It's kinda like killing Osama bin Laden way the fuck after he already killed people. Yeah, big fucking deal, very anticlimactic, thousands of people were ALREADY DEAD.



Putting all of this together, maybe this means Hillary and Sanders are unqualified to be POTUS then. The only acceptable option with their technical capacity is for them to strip/block the govt from doing this. And that's something they certainly aren't proposing.
When I saw Bernie almost fall off a stage after speaking to a bunch of students in Iowa, showing how "elderly" he really is, as much as I didn't want to admit it, I don't know that I'd vote for him, either. He'll be dead in a year, with that job. When asked about campus sexual assaults and affirmative consent education, he answered yes we need to have assaults reported to the police (good answer) but then he said "no means no" which means the guy is still living in the 60s protest era, and I don't think he can grasp modern concepts like the NSA and this thing about Apple or even affirmative consent. He now has a bunch of black people pissed off at him for his flip negative response when asked about slave reparations, when he could have easily equivocated.

Honestly, I want to eventually get the fuck out of this country. Two choices just isn't enough. And I don't want to be in a country where there is an FBI and a Patriot (ha) Act.

But I sure as fuck will be voting 3rd party in this election.

Edit: FWIW, even though I generally really dislike Rubio, it ends up he is against this back door idea (http://www.dailydot.com/politics/apple-iphone-court-order-marco-rubio-ted-cruz-2016/). See also this (http://www.businessinsider.com/marco-rubio-apple-fbi-encryption-privacy-backdoors-2016-2).

See Rubio's video response imbedded in this Tweet (https://twitter.com/benthompson/status/700206104345600000?ref_src=twsrc%5Etfw).

If you haven't seen McAfee's OpEd where he offers to decrypt the phone so Apple doesn't... Well it's entertaining and he trashes the FBI a bit :) http://www.businessinsider.com/john-mcafee-ill-decrypt-san-bernardino-phone-for-free-2016-2
This is BRILLIANT.

And this is why the U.S. sucks and why China and Russia will win everything.

I still vividly remember Rusty & Edie's (https://en.wikipedia.org/wiki/Rusty_n_Edie%27s_BBS), with the FBI storming them and confiscating all their equipment and holding it hostage for YEARS and then the case was finally settled. The FBI had NO fucking idea about any of the computers, they sat in a warehouse, untouched.

And they never gave Dr. Ripco his confiscated computer equipment back (https://w2.eff.org/legal/cases/SJG/?f=ripco_case_closed.article.txt).

The good news is that the EFF will file (https://www.eff.org/deeplinks/2016/02/eff-support-apple-encryption-battle) an amicus brief. Also, Apple has retained some excellent lawyers, including Theodore Olsen (http://www.latimes.com/local/lanow/la-me-ln-ted-olson-joins-apple-fight-against-fbi-20160218-story.html). Apple's refusal to cooperate with law enforcement has been brewing for the last year; they refused (http://www.nytimes.com/2016/02/19/technology/a-yearlong-road-to-a-standoff-with-the-fbi.html?&moduleDetail=section-news-1&action=click&contentCollection=Technology&region=Footer&module=MoreInSection&version=WhatsNext&contentID=WhatsNext&pgtype=article) to unlock a drug dealer's phone in NYC last year.

I don't think the FBI even cares about the info on this particular phone, they've just been looking for a test case with the right buzzwords like Terrorism to be able to set the precedent.

From what I've read they thoroughly destroyed their personal phones before the attack, so the odds of him having used his work phone for anything related to the attack seem slim to me.

Sometimes you just feel like you're losing your mind.
You too can live in this state perpetually. Just join the the security and privacy geeks! If your only hope is within our political system, you'll be left oscillating between crying in a corner and wanting to light the world on fire.




Now John McAfee is weighing in, offering to decrypt the phone for the FBI so that Apple is not forced to do so... I'm not sure how this entirely resolves the issue, but it would certainly demonstrate incompetence on part of the government. Doesn't this also only create a new sort of precedent, where we know that if someone really wants your data, they can hire a team of mercenary hackers to access it? Either way, if McAfee does find an exploitable weakness, I would hope he would share the flaw with Apple so that they can improve their security.


It would only solve the legal precedent of using the All Writs Act in a way that will lead to the worst 1984 surveillance situation you can imagine. The ability for a team of hackers to bypass security isn't going to change here. Apple continuing to go the path they are with device security will fix that (if the govt doesn't block them). It's also worth noting that Apple HAS helped the govt in this way before, but they are clearly trying to close off the technical possibility of doing that anymore.


As for sharing the weakness.... Lets just say that I've been in the same... room.. with McAfee on more than one occasion. He is really hard to read, much like someone who has done way too many drugs. Yet, he can also break out of "character" to be completely serious and credible. Some of his presidential campaign videos demonstrate this. But he is absolutely a talented individual and he has plenty of contacts.


So, I'm a little curious about this just being a social engineering approach. Maybe he gets his hands on the phone and does something completely unexpected. Or maybe it's just empty political theatre along the lines of the Trump bullshit. (I really wish McAfee would get more news coverage and match him against Trump because of this)


However, let's say he is being honest here. There has been some conjecture on the technical possibilities for doing what the FBI wants. It amounts to pushing custom firmware that allows you to guess PIN codes much faster, and to disable the "wipe after too many bad passwords" option. This isn't so much an unknown hole. It's more of a known design insufficiency if you were going for maximum security. There are ways to prevent this in future designs, if Apple chooses to. They have already made improvements on the models after the iPhone 5c. They certainly have room to get better though.






The FBI is just going for easy, low-hanging fruit
I really feel like there is more going on here. Especially after hearing that Apple asked for the request to be under seal but the FBI decided to go public.





The FBI had NO fucking idea about any of the computers, they sat in a warehouse, untouched.

I have some stories about hackers trolling the shit out of the FBI by giving them "instructions" to unlock their data that would simply destroy it. :) Pretty sure I can't tell that publicly though :(


But this untouched computers thing.... is there ANY way they can benefit from that at the legal level? Like... make the defendent think the FBI unlocked everything and get them to admit everything?





The good news is that the EFF will file an amicus brief. Also, Apple has retained some excellent lawyers, including Theodore Olsen. Apple's refusal to cooperate with law enforcement has been brewing for the last year; they refused to unlock a drug dealer's phone in NYC last year.
The EFF is one of my favorite organizations to support, but they have been doing extremely good work lately.

I don't think the FBI even cares about the info on this particular phone, they've just been looking for a test case with the right buzzwords like Terrorism to be able to set the precedent.

From what I've read they thoroughly destroyed their personal phones before the attack, so the odds of him having used his work phone for anything related to the attack seem slim to me.
Further, the FBI has icloud backups from 1 month before the attacks. Nothing of use is in them.

Check out this Wired article by the awesome Kim Zetter. If anyone wants an easy to understand technical rundown of what the situation is, what is possible, what can be changed in the future, and how you can be secure now, this is the one to read.
http://www.wired.com/2016/02/apples-fbi-battle-is-complicated-heres-whats-really-going-on/
cliffs: choose a long, complex pin. It'll take years to brute force your password even IF custom firmware is installed on the phone to make it easy.

But this untouched computers thing.... is there ANY way they can benefit from that at the legal level? Like... make the defendent think the FBI unlocked everything and get them to admit everything?
No, see, that's why the case took 5 years and was eventually settled; the FBI had ZERO employees who knew how to search for GIFs or JPEGs of allegedly scanned pictures, or for any alleged stolen software stolen by users of the BBS (that the SYSOPS knew nothing about) so the computers just sat there because the FBI had this "evidence" but it might as well be a bunch of space ships.

And I have dealt with the FBI over the course of 30 years, personally, and I know that they really are that stupid, and I don't think this is a "test case" because I really do believe they really are this stupid to think there must be some kind of MASTER FUCKING PLAN ON THAT iPHONE GOD DAMNIT. They deal with one case at a time.

Anyway ... true FBI story ... One night, at around 8:00 p.m., as my husband and I were sitting down to dinner, two FBI agents showed up at my door asking "can we come in and 'show you some documents?'" Um ... why? What kind of "documents?" Some documents that were prepared in your law office related to a case. Um, no, thanks. Have a nice night.

A few days later, I was served with a subpoena at work requiring me to go downtown to the Federal building and submit to mug shots, finger prints, and to handwriting analysis. This was all related to one of our clients being arrested for a Bankruptcy fraud case, and the Feds were also going after my boss as an accomplice. So, why ME? It is called a "Fishing Expedition." Bring me in to "scare" the others. Except nobody cares. So, they made me sign the name of one of the clients, over and over, with both of my hands, for some shit that I didn't sign. They let me go, when it was obvious I didn't sign anything, and then subpoena'd me as a witness in the Federal trial. And the FBI guys actually seemed to feel bad (and stupid) over this REALLY STUPID SHIT, but, hey, the FBI AND THE FEDS TO DO WHATEVER THEY WANT. Including, at some point, calling up people on Defense witnesses expert list and harassing their customers. Which is, of course, illegal. What did the Federal Judge do? "Aw, bad boys, no no, naughty naughty." And that was it.

A few times, in the 80s, when my ex was running a BBS, FBI agents would show up looking for various dissidents and wanted my ex (and other BBS-owners we knew) to look for them because the FBI didn't know how.

Years later, in around 2002, I was working with somebody in the prosecution of a case involving the FBI and the FBI agents still didn't know how to read their email.

However, let's say he is being honest here. There has been some conjecture on the technical possibilities for doing what the FBI wants. It amounts to pushing custom firmware that allows you to guess PIN codes much faster, and to disable the "wipe after too many bad passwords" option. This isn't so much an unknown hole. It's more of a known design insufficiency if you were going for maximum security. There are ways to prevent this in future designs, if Apple chooses to. They have already made improvements on the models after the iPhone 5c. They certainly have room to get better though.
Isn't what the FBI wants is shutting down the phone and then hardwiring into something that pushes a forced iOS reboot with a new iOS and the new iOS does not have any passcode at all or has a back door? I guess what I'm mentally thinking is, in the old days, shutting down the computer and then putting a new operating system floppy in the A drive and then firing that baby back up :p

allegro - Holy shit that was a fun read. Thanks for sharing. Not related to the FBI, but I just got out of a subpoena by being an obnoxious fuck to the DA. (privacy requests, etc) He eventually told me just to stay home and if anything important came up that he would send a car if they needed me. It was fun.


As for the FBI goal here... I mean... why would they decide to not issue this under seal and instead go public? There has to be some reason for that, even if it's not very well thought out.

Kim Zetter's thoughts are: "If the controversy over the San Bernardino phone causes Apple to take further steps to close that loophole so that it can’t assist the FBI in this way in the future, it could be seen as excessive obstinance and obstruction by Capitol Hill. And that could be the thing that causes lawmakers to finally step in with federal legislation that prevents Apple and other companies from locking the government out of devices."
That seems plausible.

Isn't what the FBI wants is shutting down the phone and then hardwiring into something that pushes a forced iOS reboot with a new iOS and the new iOS does not have any passcode at all or has a back door? I guess what I'm mentally thinking is, in the old days, shutting down the computer and then putting a new operating system floppy in the A drive and then firing that baby back up :p
Almost. It's a request for a custom iOS to replace what is on the phone, but the goal is to allow the FBI to try passwords faster (the 9th bad attempt cause a 1hr wait) and without the risk of the device wiping itself on the 10th bad attempt (there is reason to believe this is turned on in the phone). Apple wouldn't actually be undoing the crypto, just allowing the FBI to much more easily guess the key.

As for the FBI goal here... I mean... why would they decide to not issue this under seal and instead go public? There has to be some reason for that, even if it's not very well thought out.
Because they knew that Apple would go public? Immediately?


Almost. It's a request for a custom iOS to replace what is on the phone, but the goal is to allow the FBI to try passwords faster (the 9th bad attempt cause a 1hr wait) and without the risk of the device wiping itself on the 10th bad attempt (there is reason to believe this is turned on in the phone). Apple wouldn't actually be undoing the crypto, just allowing the FBI to much more easily guess the key.
I think my idea, of not requiring a passcode at all, is a much better hack. The FBI = 0, Me = 1.

Oh, but there's also this (http://www.cultofmac.com/412870/how-apple-could-hack-terrorists-iphone-for-fbi-if-it-wanted-to/):


There could be alternative methods to accomplishing the FBI’s goal without creating a special iOS firmware. This brute force hacking machine only costs $300 and can unlock any iPhone PIN in 4.5 days (as long as it’s running iOS 8 and lower). Infamous iOS hacker Will Strafach aka Chronic also suggested on Twitter that it could be possible to get into the iPhone using other exploits.

It IS really sad, and McAfee is right, that the FBI has such a sad and stupid team of espionage people that they don't have hackers that can do this. I bet there are some teenagers out there that can do it in a few days with some pizzas and Mountain Do.

You ever hear of this guy named Glen Roberts (https://en.wikipedia.org/wiki/Glen_L._Roberts)? Used to run an independent newspaper called "Full Disclosure (http://oldnews.aadl.org/node/244791)," and then he did all this shit about anti-surveillance? I used to be friends with him in Ann Arbor, he was pretty inspirational to me and others back then, LOL. He is now known as a "guy without a country" who lives on bitcoins or something. He was "GLR" on MNET in Ann Arbor, and we all called him "GLUR" heh.

These FBI shenanigans are certainly old news.

I think my idea, of not requiring a passcode at all, is a much better hack. The FBI = 0, Me = 1.

No way to do that being that the file system is encrypted. You'd just be left with an unencryptable file system. The only known way to unencrypt it is with the pin and the phone's unique hardware key (both are needed at the same time).





Oh, but there's also this (http://www.cultofmac.com/412870/how-apple-could-hack-terrorists-iphone-for-fbi-if-it-wanted-to/):


Yeah, this is that Chinese stuff. It's called the IP-Box. It only works for iOS 8.1.1 and below though. Terrorshit is running 9. The FBI has absolutely used this before and they have gotten some flack about it in court being that the device is Chinese and it, apparently, sends data to China. Go FBI!




Glen Roberts (https://en.wikipedia.org/wiki/Glen_L._Roberts).
I actually hadn't heard of him. I'll have some fun reading to do. Love the stateless people. It's amusing you bring it up now because I was going to reply to your "move out of the country" comment with my desire to move out of everywhere and into the internet. Then I could drop all my 2nd amendment and focus entirely on the internet's version of the 2nd amendment: crypto!

No way to do that being that the file system is encrypted. You'd just be left with an unencryptable file system. The only known way to unencrypt it is with the pin and the phone's unique hardware key (both are needed at the same time).
Ahhhhhh, okay. Isn't there a way to just reset the passcode when it's rebooted with the new iOS? What about these idiots who forget their passcode?


I actually hadn't heard of him. I'll have some fun reading to do. Love the stateless people. It's amusing you bring it up now because I was going to reply to your "move out of the country" comment with my desire to move out of everywhere and into the internet. Then I could drop all my 2nd amendment and focus entirely on the internet's version of the 2nd amendment: crypto!
That sounds totally awesome!

Ahhhhhh, okay. Isn't there a way to just reset the passcode when it's rebooted with the new iOS? What about these idiots who forget their passcode?


You can reset the pin if you are ok with wiping the entire file system and starting clean. Customers who forget their PIN will loose all data and better hope they have made a backup through iTunes or iCloud (both of which tend to be a way for the FBI to get phone data... That's how some of the iCloud celebrity nudes hacking happen too).

Though, if you have the "find my iPhone" turned on a customer can't even reformat the phone. That's an antitheft thing that their customer service supposedly can't bypass but should be technically possible to override. I'll have to look into that more. Obviously the govt is never going to need this, but I'm sure it's a common customer problem. There is talk of Apple, in the future. extending the Find My iPhone reformat restriction to also block custom firmware replacement without the PIN. That would crush this FBI request too.


The pairing of the PIN with a hardware key is wonderful security too. Android doesn't have that yet, but they are working on it. In a PIN-only setup, anyone can just dump the encrypted file system and then try to crack the file system on a separate computer. Add in the hardware key (at least Apple's version) and you *need* that exact phone along with the PIN to decrypt the file system. Hell, you need that exact phone to even figure out if your guessed pin is correct. In theory, you can still dump the file system, but then you also have to guess the hardware key (some beasty 256 AES that's basically impossible to guess). The only theory I have heard for extracting the hardware key is by carefully shaving down the chip and using xray to see the silicon etching. But that's really expensive to do and its easy to defend against (a randomizing mask) and Apple hopefully did this.



I promise to split the non election stuff out to a dedicated thread when I'm not on mobile. But I'm going to keep going on about this stuff as long as anyone is interested or has questions.

OK posts are now split to a dedicated thread. I also copied a few posts to both threads so that conversation didn't get fractured.

Apple Says the Government Bungled Its Chance to Get That iPhone’s Data (http://www.wired.com/2016/02/apple-says-the-government-bungled-its-chance-to-hack-that-iphone/)

This story keeps evolving.

So basically, the FBI mishandles evidence then tries to force Apple to fix it, all while pushing for a huge negative change to the privacy of every citizen. And fuck them for not talking about this and trying to hide this fact.




(http://www.wired.com/2016/02/apple-says-the-government-bungled-its-chance-to-hack-that-iphone/)

Some very important details that are being obscured by officials:

http://i.imgur.com/qMJNAQW.png

And while discussing this, Snowden just let it slip that the FBI has direct access to XKEYSCORE. This is pretty big news and nobody has noticed it yet.

http://i.imgur.com/JkdC7Ri.jpg

And while discussing this, Snowden just let it slip that the FBI has direct access to XKEYSCORE. This is pretty big news and nobody has noticed it yet.

http://i.imgur.com/JkdC7Ri.jpg

I think the main reason that nobody seems to be noticing this is because, for some inexcusable reason, 99.9% of people out there have no idea what XKS is.

I think the main reason that nobody seems to be noticing this is because, for some inexcusable reason, 99.9% of people out there have no idea what XKS is.
Oh for sure. I meant news coverage though. This is headline worthy. To their credit, this was only posted a few hours ago and deep inside a chat (mention?) thread. Everyone that specializes in National Security has had a ridiculous busy week too. I'm sure they were hoping for a quiet friday evening.

here is a direct link: https://twitter.com/Snowden/status/700835149924143104
Snowden starts going on about Gandalf's eagle and it's like... wut?!

I was, for a while, so fucking paranoid about XKS that I went around researching XKS sniffers to track if I was being tracked by XKS.

What the fuck.

At some point, I realized that I hoped I was being tracked by the Government. For yucks.

But not by BAD key trackers, like hackers trying to figure out my credit card numbers.

Really, I think you are right, DigitalChaos, this is not really about this terrorist's phone; the FBI knows there ain't shit on that phone. They are only using this, PUBLICLY, to get PUBLIC "OMG ISIS IS GOING TO KILL US" sympathy (based on fear) to set a precedent to be able to do this whenever they want in the future, for drug deals, etc.

Donald Trump has now called for a boycott of Apple until they succumb to the demands of the FBI.

But he continues to tweet from an iPhone. Of course, when called out for it, he said he's going to switch to his Samsung.

This is so fucking ludicrous.

I so wish I had a rifle so I can blow his fucking head off.

This whole thing is crazy, respect to Apple for their stance.

I was, for a while, so fucking paranoid about XKS that I went around researching XKS sniffers to track if I was being tracked by XKS.

What the fuck.

At some point, I realized that I hoped I was being tracked by the Government. For yucks.

But not by BAD key trackers, like hackers trying to figure out my credit card numbers.

Really, I think you are right, @DigitalChaos (http://www.echoingthesound.org/community/member.php?u=598), this is not really about this terrorist's phone; the FBI knows there ain't shit on that phone. They are only using this, PUBLICLY, to get PUBLIC "OMG ISIS IS GOING TO KILL US" sympathy (based on fear) to set a precedent to be able to do this whenever they want in the future, for drug deals, etc.

Some of us actively try to get special attention so that we can get infected by the NSA and then study the infection just like malware.

I can almost guarantee that you are in xkeyscore. Just mathematically, the "2 hop" association puts most people in it. Personally, I am 1 hop away from nearly a dozen targets. I don't know if posting together on ETS counts as a hop, but you are welcome to connect with me on facebook :) I've been meaning to run a FOIA on myself. However, I just had lunch with <person from active target list> and said he was concerned about FOIA because of all that resulting info becoming public record. This is especially concerning for people who have some level of publicity. You ever FOIA yourself?

Apple Says the Government Bungled Its Chance to Get That iPhone’s Data (http://www.wired.com/2016/02/apple-says-the-government-bungled-its-chance-to-hack-that-iphone/)

This story keeps evolving.

So basically, the FBI mishandles evidence then tries to force Apple to fix it, all while pushing for a huge negative change to the privacy of every citizen. And fuck them for not talking about this and trying to hide this fact.

(http://www.wired.com/2016/02/apple-says-the-government-bungled-its-chance-to-hack-that-iphone/)

The story on this has advanced: http://www.buzzfeed.com/johnpaczkowski/apple-terrorists-appleid-passcode-changed-in-government-cust

cliffnotes:
- Apple points out that a backdoor probably wouldn't be needed if the iCloud password wasn't reset after the FBI got their hands on the phone. (the phone was pushing full backups to icloud, which the FBI can get with ease)
- SB County's IT people were blamed for resetting the password completely on their own. (not sure if the blame came directly from FBI, or from press being confused)
- Later, SB County tweeted that they only reset the iCloud password because the FBI asked them to.
- Later, the FBI confirmed this to be true with a "but that doesn't stop Apple from making our backdoor!"
- The FBI's court filing completely glances over the fact that the FBI fucked this up. There are multiple instances in the court filing that fit this pattern of lame ass covering.


Next time the govt complains about the "Going Dark" problem, remind them that things might not be so dark if they didn't poke their own goddamned eyes out.

I have a feeling this is going to keep getting uglier and much more info will come out. This is also really interesting to watch unfold being that most of the public talks about how much control the govt and big corporations have over eachother. You can't get much bigger than Apple.

Some of us actively try to get special attention so that we can get infected by the NSA and then study the infection just like malware.

I can almost guarantee that you are in xkeyscore. Just mathematically, the "2 hop" association puts most people in it. Personally, I am 1 hop away from nearly a dozen targets. I don't know if posting together on ETS counts as a hop, but you are welcome to connect with me on facebook :) I've been meaning to run a FOIA on myself. However, I just had lunch with <person from active target list> and said he was concerned about FOIA because of all that resulting info becoming public record. This is especially concerning for people who have some level of publicity. You ever FOIA yourself?

Nah, I'm anonymous for a reason, LOL.

I so wish I had a rifle so I can blow his fucking head off.

And how do you plan on getting past Secret Service with that rifle, chief?

Back on topic, very interested in to see where this case goes next week.

I swear I'm going to slap the next person I hear bitching about how Apple is sympathizing with terrorists. I'm going to see if I can make time to head out to one of these protests on Tuesday (http://gadgets.ndtv.com/mobiles/news/worldwide-protests-supporting-apple-in-encryption-fight-with-fbi-planned-by-internet-rights-group-804933)

http://i.imgur.com/nZqdf6f.jpg

http://www.maximumpc.com/john-mcafee-we-are-20-years-behind-china-and-russia-fbi-apple-iphone-san-bernardino/
(http://www.maximumpc.com/john-mcafee-we-are-20-years-behind-china-and-russia-fbi-apple-iphone-san-bernardino/)
Holy hell this shit is scary and very concerning. Most of this is news to me.
I had absolutely no idea about some of the things you guys talked about earlier and had to look most of it up.
I thought I was fairly competent on some of this stuff but in reality I'm completely ignorant about all of it.
I'm glad I read this thread.

The article I linked above is a compelling read.
Here is some stuff I found to be interesting.


Tuan: Why is the FBI not hacking the iPhone itself? Why does it need Apple to do it?
McAfee: I don't believe the FBI has the capacity to do so. I think our government is illiterate in cybersecurity for the following reasons:
Number one, it's become a massive bureaucracy, where no one is ever fired—you're just promoted. And the technology departments are out of date; they do not keep up with changing technology. And they have a life time job so, why should they care? Number two, they will not hire the only people who can help them; that is the hackers of the world.
And why? Have you ever been to Defcon or Hack Miami or any hacking group? Well you see what people look like. Mohawks a half mile high, pierced ears, face tattoos. And every one of them is going to demand that they smoke weed on the job. Now, the government isn't going to hire those people. But I promise you, if you went to China, or Russia, and knocked on the doors of the Kremlin or the equivalent in China, and said, "I'm the world's greatest hacker, will you hire me," they'll say absolutely! And you say "Well wait a minute, I need to smoke weed," they'll say "Perfect, we'll put you in the basement and you can smoke as much as you want." Why? Because they're smart! We're stupid.
We want everybody to look like the bureaucracy. To wear a three-piece suit, polish your shoes, blue tie, and look and act like everyone else. Well that's not hacking. And that is not creative. And it does not create a society that can keep up. We're twenty years behind the Russians and Chinese.


Tuan: So do you think the Russians and Chinese already have the tools to decrypt the iPhone?
McAfee: That's common knowledge in the hacking community—absolutely. And not just decrypt the phone! The Chinese and Russians have the ability to bring our society to its knees. With the push of a button, the Chinese can terminate our electrical production and put us permanently without power. This is a known fact in the hacking community. We are so far behind that it's incomprehensible that we still call ourselves a world power.




Tuan: I read your piece on the OPM mission, and it said that the other countries easily penetrated our security systems. Out of all the possibilities, how high of a priority would it be to get access to our phones?
McAfee: I would say that it's extremely high. And in fact, I guarantee you, that the Chinese and Russians are praying on their knees now, that Apple gives in. In fact, they probably would pay a hundred billion dollars to Tim Cook to cave in. Why? Because it would get them total access, total control, to everything in America.
Now the FBI thinks that they have it. But the FBI and the NSA don't even have the data reduction capacity. Sure they can tap everybody's phone, but there's so much data they can't refine and use it. Trust me. The Chinese can. They're that far ahead. So, they would love for Apple to cave in. They would love for a federal judge to say, "Yes, [Apple], do this," because that means they just won the cyberwar. Why? Because every man and woman in America, carries [a smartphone].




Tuan: There seems like there's a big gap in terms of America's cyber-warfare capabilities. You're running for president, but it seems like cybersecurity is a non-partisan issue. What sort of advice would you give to the Democrat and Republican nominees?
McAfee: I would give them minus numbers! Here's an example. I explained the Apple situation, that backdoors are the worst things we could ever do. We stopped using backdoors in the nineties—for anything, any purpose whatsoever. Because hackers immediately got access to them, and caused havoc. He wants to boycott Apple, to force Apple to put backdoors in their software. And he's running for president! It shows, an unbelievable lack of understanding, of the technology of cybersecurity. In a world where if you do not understand that, and we are approaching a cyberwar, why are you running for president?

I love this advice:


Tuan: Do you have any advice for our readers and the public in general. How should we secure our phones and laptops and desktops?

McAfee: Don't worry about your laptops and desktops. There are very few people who hack these anymore. On your smartphones, every time you download an app, look at the permissions that it asks for, and read them. And if it's a Bible reading app, and late at night you're too tired to read, and you turn the lights off and you ask it to read Genesis to you... all it needs is access to the microphone. Let's face it. And if that app, and all of them do, ask permission to [access] the camera, to read your emails, to read your text messages, to make phone calls on your behalf, to read your contacts, then don't use that app. I don't care how good the app is. That's my advice. That's how we screw ourselves, every time.

DOJ would allow Apple to keep or destroy software to help FBI hack terrorist's iPhone (http://www.nytimes.com/aponline/2016/02/20/us/politics/ap-us-apple-encryption.html?_r=0)


The Obama administration has told a U.S. magistrate judge it would be willing to allow Apple Inc. to retain possession of and later destroy specialized software it has been ordered to design to help the FBI hack into an encrypted iPhone used by the gunman in December's mass shootings in California.

"Apple may maintain custody of the software, destroy it after its purpose under the order has been served, refuse to disseminate it outside of Apple and make clear to the world that it does not apply to other devices or users without lawful court orders," the Justice Department told Judge Sheri Pym. "No one outside Apple would have access to the software required by the order unless Apple itself chose to share it."

I love this advice:
It really is good. The android platform gives you a lot of freedom and control over the phone, but people are lazy and can't handle freedom. Some apps ask for way too much access out of crappy coding practices and/or ulterior motives.

The advertising and retail industries contain plenty of surprising examples. I'm happy to provide citations for any of these, but here are some:
- Certain apps can listen for ultrasonic thumbprints embedded into audio of commercials on your TV, radio, or even some ads while you are on your computer. This allows advertising agencies to pair the identity of your phone with your computer and figure out quite a lot about your TV/Radio usage.
- Retail spaces are starting to track you by the wireless and/or bluetooth radios on your phones. They can tell where you went in the store and for how long you were there. Several companies then use those perks/coupon smartphone apps to then associate your phone with your identity & credit card. There are various attempts at sharing this data between stores. So now they can tell where you are going around town, when, and for how long.

If these are examples of what the commercial space is openly doing, imagine the possibilities for surreptitious actors.

Meanwhile... Google just announced a new Android messaging app called Jibe. jibe.google.com It's based on RCS.
Deep in the RCS specs you'll find that it is designed to "allow compliance with legal interception procedures" by stripping encryption from the messaging. Fuck off google stop with all these shitty messaging apps that hand our privacy away.



People need to start DEMANDING security and privacy in the products and services they use. Apple has a long way to go, but they are leading. Other companies seem to have much less integrity.

DOJ would allow Apple to keep or destroy software to help FBI hack terrorist's iPhone (http://www.nytimes.com/aponline/2016/02/20/us/politics/ap-us-apple-encryption.html?_r=0)
if only Apple could also keep/destroy the horrible legal precedent that this would set if the FBI wins.

This stuff is so fucked up that Apple has now posted a FAQ http://www.apple.com/customer-letter/answers/
Here is their answer to this one:

Could Apple build this operating system just once, for this iPhone, and never use it again?

The digital world is very different from the physical world. In the physical world you can destroy something and it’s gone. But in the digital world, the technique, once created, could be used over and over again, on any number of devices.

Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks. Of course, Apple would do our best to protect that key, but in a world where all of our data is under constant threat, it would be relentlessly attacked by hackers and cybercriminals. As recent attacks on the IRS systems and countless other data breaches have shown, no one is immune to cyberattacks.

Again, we strongly believe the only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.

I understand the concern about precedent, so for the love of god, please leave that out of any answer to this question. That's not what I'm asking about. This is mostly just devil's advocate/trying to see things from both sides/get my head wrapped around this.

Apple is arguing over and over again that if they create this backdoor, it'll mean hackers WILL end up with it. Not an IF, but a WHEN. But they also keep saying that newer phones are absolutely bulletproof, and that the only reason they might be able to install a hack on this is because it's running older hardware. This leaves me with a few questions.

1) If they're already admitting that it's a matter of refusing to compromise the old phone, by their logic aren't they admitting that hackers will eventually figure out how to break into that system anyway?
2a) Couldn't the backdoor be written on offline computers, pushed to the phone, then destroyed? I'm talking fire and brimstone, industrial magnets, running the computers over with tanks...just completely obliterate any and all trace of the code that had been written.
2b) Once said backdoor was written, IF they decided to keep a copy of the code, save it as a text file on one of these supposedly bulletproof phones and store it in a safety deposit box in one of the Fort Knox-esque vaults in NY or freaking Belgium or something? Even if the physical bank is compromised, hackers wouldn't be able to get it off the phone, right? If they can, then it would prove that the encryption is already broken, making the code moot.

Just things that I've been curious about. Again, please don't bring precedent into this, because I know damn well already that it's the #1 concern.

Thoughts on Bill Gates siding with the FBI?

Thoughts on Bill Gates siding with the FBI?
it's little more nuanced, but it's not like Gates has a strong record as a user rights/privacy advocacy.

Just things that I've been curious about. Again, please don't bring precedent into this, because I know damn well already that it's the #1 concern.
I agree, and at some point this is such a weird 1x situation that applies to homeland terrorism and the White House has specified that this does not apply to drug dealers or whatever, and that it is not setting precedent, that it is applying only to this one situation of trying to figure out this couple's situation in killing all those people in an act of terrorism and if they belonged to a bigger network, etc.

We live in different times, now. We may have to have the magic exploding hack that Apple uses once and then sets on fire. No, this doesn't set a precedent, it is used once it is then set on fire, the FBI or the government never takes possession of it, especially because it applies to an old iOS that will be extinct very soon. And this is a one-time situation applying to a few outlying terrorists. But I think the CIA or another division of the government needs to take over, because the FBI has already shown themselves to be totally incompetent.

I think a whole other division of the government needs to be created, and that the FBI needs to be disbanded and all of them need to be fired, actually. They're fucking useless suits.

1) If they're already admitting that it's a matter of refusing to compromise the old phone, by their logic aren't they admitting that hackers will eventually figure out how to break into that system anyway?
2a) Couldn't the backdoor be written on offline computers, pushed to the phone, then destroyed? I'm talking fire and brimstone, industrial magnets, running the computers over with tanks...just completely obliterate any and all trace of the code that had been written.

Comprising the "old phone" has little to do with hackers (in my opinion), and much more to do with the fact that you can be forced to unlock your phone with a fingerprint but not forced to enter in your code. They are attempting to break into an iPhone 5C, if I remember correctly, which doesn't have Touch ID. You said you didn't want precedent brought up, but that's all this is, they are trying to "set" legal precedent.

As far as doing something offline, I believe that's part of the technology they're complaining about having to build. Every major change to someone's account gets authenticated somewhere/somehow by Apple servers, whether it has to wait for you to be online or whatever the case may be. I'm assuming the technology they come up with would still involve connecting to a LAN, as I doubt they would build a whole new platform with the backdoor.

I understand the concern about precedent, so for the love of god, please leave that out of any answer to this question.
well, its the big component that everyone keeps forgetting in the national discussion.


That's not what I'm asking about. This is mostly just devil's advocate/trying to see things from both sides/get my head wrapped around this.

I wasn't aware I was answer your question seeing as how you haven't asked any prior to this post. I'm certainly happy to answer questions though.



Apple is arguing over and over again that if they create this backdoor, it'll mean hackers WILL end up with it. Not an IF, but a WHEN. But they also keep saying that newer phones are absolutely bulletproof, and that the only reason they might be able to install a hack on this is because it's running older hardware. This leaves me with a few questions.

1) If they're already admitting that it's a matter of refusing to compromise the old phone, by their logic aren't they admitting that hackers will eventually figure out how to break into that system anyway?

Sure, and those hackers have released tools for doing this compromising. It's these very hacker tools that the FBI has used in the past. Thing is, these hacker tools have only made it to iOS 8.1.1. Current version is 9.2.1. Shooter phone is 9.x. Pre 8.1.1, the phones were getting cracked while they were still newest generation. There is now an extremely large hurdle to cracking anything after 8.1.1. I would actually not be surprised if Apple was able to keep all of their now current products out of the reach of hackers for some time. They are already a full year of iOS versions since the last tool could crack the phone. (please keep in mind, this is only talking about a locked phone with a good passphrase and good security options enabled)

So, hopefully that leads you toward some of the bad reasons for creating such a tool.

It's also important to keep in mind just how hard it is to do this with current phones. So keep these two possibilities in mind:
1- There is the custom OS that Apple is being asked to write. I have no idea how difficult that would be for a 3rd party to do
2- There are talks of extracting the hardware key (half the puzzle) in these phones with some microscopic magic that would run north of $1mil for the first attempt, but then would be trivial after that. This would have to be redone each time Apple creates new crypto hardware though.
3- Some yet to be discovered bug/hole in the software or hardware of the phone. This is where every hacker has approached the topic. This is also why everyone says that a backdoor WILL be discovered and used eventually. It's just a question of time.


However, this is where I don't fully understand Apple... because what they are being asked to do isn't placing a hole in every version of iOS. They are essentially being asked to exploit a current hole in their phone. It's entirely possible I am missing something... but read on...




2a) Couldn't the backdoor be written on offline computers, pushed to the phone, then destroyed? I'm talking fire and brimstone, industrial magnets, running the computers over with tanks...just completely obliterate any and all trace of the code that had been written.


All of these things can be done, and it would be a great cost to Apple and their employees, especially to do it safely. But it still leaves many doors open. The biggest concern is that this phone still has to go back to the FBI with the custom OS on it? Remember, the FBI is asking for a custom OS from Apple so that the FBI can then guess the pin without risk of wiping the phone and to make guess attempts faster. There is very likely a huge possibility of extracting that OS right back off the phone.

Have I mentioned how completely FUCKED it would be to for a governmetn force people to do this against their own free will?

And why would they want to wipe this backdoor when they are going to have dozens or hundreds of similar requests pouring in after this when the legal precedent opens that door? Sure the FBI says Apple can keep the code and burn it, probably because the the FBI isn't the one who has to pay for the code.



2b) Once said backdoor was written, IF they decided to keep a copy of the code, save it as a text file on one of these supposedly bulletproof phones and store it in a safety deposit box in one of the Fort Knox-esque vaults in NY or freaking Belgium or something? Even if the physical bank is compromised, hackers wouldn't be able to get it off the phone, right? If they can, then it would prove that the encryption is already broken, making the code moot.

There are much more secure ways of storing data than on an iPhone. However, there are also many easy ways of getting access to that data. A working backdoor is worth a LOT of money, as I've already outlined. Compromising just one of the engineers working on the project, or one of the people working physical security, or or or... Our government is already using this approach to insert bugs into enterprise equipment. It's been demonstrated on a large scale multiple times just this year. There are just way too many ways this code could be obtained.

But there are probably other concerns beyond just someone getting the custom OS code, or pulling it off a device (of which there will be hundreds of). I don't know exactly what this custom OS will look like and there may be much larger avenues for abuse that nobody realizes but Apple at the moment.

a weird 1x situation
so just as I was typing the prior post, this came out: https://theintercept.com/2016/02/23/new-court-filing-reveals-apple-faces-12-other-requests-to-break-into-locked-iphones/

Apple has objected to 12 government request to break into iPhones, just since September. Some of those phones were running earlier versions than 8.1.1 and Apple still rejected because they don't want to be forced to become an agent of law.

this is not really about this terrorist's phone; the FBI knows there ain't shit on that phone. They are only using this, PUBLICLY, to get PUBLIC "OMG ISIS IS GOING TO KILL US" sympathy (based on fear) to set a precedent to be able to do this whenever they want in the future, for drug deals, etc.

yup. this is what i think about it, precisely.

also thevoid99 , why you so murderous ;)

so just as I was typing the prior post, this came out: https://theintercept.com/2016/02/23/new-court-filing-reveals-apple-faces-12-other-requests-to-break-into-locked-iphones/

Apple has objected to 12 government request to break into iPhones, just since September. Some of those phones were running earlier versions than 8.1.1 and Apple still rejected because they don't want to be forced to become an agent of law.

Yes, but we knew that the Feds have wanted to get into drug dealers' phones and they are right, that is indeed setting precedent and making them an "agent of law enforcement."

But this is the first time two idiot Islamic terrorists have used an iPhone. I think in the entire world, because generally terrorists are too smart to use iPhones but not these two morons (who picked the husband's OFFICE as a target).

But this is the first time two idiot Islamic terrorists have used an iPhone. I think in the entire world, because generally terrorists are too smart to use iPhones but not these two morons (who picked the husband's OFFICE as a target).
That's exactly why it's debatable that these weren't islamic terrorists as opposed someone going postal... but ignoring that... where is the legal justification for conscripting people to build backdoors? We already have CALEA (https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act) which is supposed to be the updated version of All Writs Act for computers and networks. It absolutely does not cover this request.

Obviously the FBI is arguing that the All Writs Act allows for this, but there does not seem to be any support for that claim.

i have a feeling that apple will fold, even if they don't do so publicly.
they may have ALREADY folded.

That's exactly why it's debatable that these weren't islamic terrorists as opposed someone going postal... but ignoring that... where is the legal justification for conscripting people to build backdoors? We already have CALEA (https://en.wikipedia.org/wiki/Communications_Assistance_for_Law_Enforcement_Act) which is supposed to be the updated version of All Writs Act for computers and networks. It absolutely does not cover this request.

Obviously the FBI is arguing that the All Writs Act allows for this, but there does not seem to be any support for that claim.

Personally, I don't think the All Writs Act does shit. I think the Patriot Act (Section 215) which is now in that stupid Freedom Act probably applies more than the fucking All Writs Act.

I STILL don't understand why they asked the employer to change the passcode. WHY THE FUCK DID THEY DO THAT? I just don't understand. It was the passcode to iCloud for backups? What the fuck was the reasoning for that? Did anybody explain?

yup. this is what i think about it, precisely.

also @thevoid99 (http://www.echoingthesound.org/community/member.php?u=254) , why you so murderous ;)

Cause I'm in a very bad fucking mood. Part of me died last month and he's not coming so I'm already on edge at this point.

Tim Cook promised to take this to SCOTUS if needed.
I'm betting a lot of Scalia haters are suddenly missing his presence, meanwhile the Scalia loving neocons who side with the FBI won't wanna talk about that. I'm now questioning the timing of the Apple v FBI situation and Scalia's death too. I'm not fully informed on everything Scalia has done, but I feel he would have sided with Apple here. Anyone disagree?




Personally, I don't think the All Writs Act does shit.

Check this out.

Source is Plum Creek Lumber Company v. Hutton (1979)

"The All Writs Act, read with the New York Telephone gloss, permits the district court, in aid of a valid warrant, to order a third party to provide nonburdensome technical assistance to law enforcement officers. It does not give the district court a roving commission to order a party subject to an investigation to accept additional risks at the bidding of OSHA inspectors."
http://www.leagle.com/decision/19791891608F2d1283_11653/PLUM%20CREEK%20LUMBER%20CO.%20v.%20HUTTON

wtf is the FBI doing?! I'm still standing next to the idea that this is a plan to push Congress into making a law that forces companies into helping. Maybe a change to CALEA or something. Patriot Act type stuff is too specific to terrorism, even though "terrorism" can be easily applied to most things.

wtf is the FBI doing?! I'm still standing next to the idea that this is a plan to push Congress into making a law that forces companies into helping. Maybe a change to CALEA or something. Patriot Act type stuff is too specific to terrorism, even though "terrorism" can be easily applied to most things.
I don't see that type of law passing Congress. The privacy rights people will have a field day. Also, I'm willing to bet that corporations would also have a problem with that law, because it's just asking for corporate espionage. There would be a back door in any phone used for communications.

Apple filed a response (http://www.nytimes.com/2016/02/26/technology/apple-unlock-iphone-fbi-san-bernadino-brief.html) today. Ars Technica (http://arstechnica.com/tech-policy/2016/02/apple-fires-back-at-doj-this-is-not-a-case-about-one-isolated-iphone/) has an overview of their response; they're using a combination of First Amendment and Fifth Amendment rights, with a dash of "this order violates the 3 part test imposed by United States v. New York Telephone Company".

As Granick just pointed out: This is the only case in which the FBI Director has blogged about pending litigation. This probably suggests the FBI doesn't believe the data will yield critical evidence about other subjects.

Discussion bait:

Let's talk about how Citizens United helps Apple. It seems that much of Apple's case would fall apart if corporations weren't people. How else would a corporation have 1st and 5th amendment rights?

No? Nobody wants to touch the Citizens United situation? Apple *did* hire Ted Olson (the lawyer who won Citizens United) to represent them in the FBI situation...

NSA Is Mysteriously Absent From FBI-Apple Fight
https://theintercept.com/2016/03/03/nsa-is-mysteriously-absent-from-fbi-apple-fight/

This is the greatest bit of complete stupidity. This rivals the "series of tubes" comment from years back.

San Bernardino DA says seized iPhone may hold “dormant cyber pathogen”
http://arstechnica.com/tech-policy/2016/03/san-bernardino-da-says-seized-iphone-may-hold-dormant-cyber-pathogen/

This is the greatest bit of complete stupidity. This rivals the "series of tubes" comment from years back.

San Bernardino DA says seized iPhone may hold “dormant cyber pathogen”
http://arstechnica.com/tech-policy/2016/03/san-bernardino-da-says-seized-iphone-may-hold-dormant-cyber-pathogen/
LOL. And that's after the police chief told NPR that there was probably nothing (http://arstechnica.com/tech-policy/2016/02/police-chief-theres-a-reasonably-good-chance-not-much-is-on-seized-iphone/) on the phone. In addition, Apple won their court case (http://arstechnica.com/tech-policy/2016/02/apple-prevails-in-forced-iphone-unlock-case-in-new-york-court/) over the phone of a drug dealer in NYC.

Snowden has weighed in, saying that the FBI's claim that they cannot hack into the phone is complete bullshit (http://www.theguardian.com/technology/2016/mar/09/edward-snowden-fbi-san-bernardino-iphone-bullshit-nsa-apple)

Snowden has weighed in, saying that the FBI's claim that they cannot hack into the phone is complete bullshit (http://www.theguardian.com/technology/2016/mar/09/edward-snowden-fbi-san-bernardino-iphone-bullshit-nsa-apple)
He's had quite a lot to say about the topic.
He mentions hardware attacks in this statement, and there are a few that can be used in this specific situation. It's doubtful that the FBI has the skills to actually do it though. They could certainly pay someone else or have a more skilled org like the NSA do it. But the FBI's claim that ONLY Apple is capable of this is certainly bullshit and is an important distinction.

I'm really looking forward to the next iPhone though. Apple has already signaled that they will be doing things to further remove their ability to get into your phone. I not only want to see what that will be, but I want to see if they end up marketing that. It will be SO FUCKING COOL to see security and privacy (even against our own govt) become such an important thing that it gets elevated to Apple commercial level. Apple's iconic 1984 commercial could really use a 2nd remake... :)

And if you didn't pick up on Snowden plugging the app "Signal", do take note. It really is an excellent app that secures your text messages and phone calls. It's dead simple to use too, my parents even managed to instantly start using it without any instruction. The only thing missing is a desktop client, which they currently have in beta.

get it!
apple: https://itunes.apple.com/us/app/signal-private-messenger/id874139669
android: https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms


interesting bit of info: Snowden has been a proponent of Signal for quite some time and was talking about how much he uses it before the Andriod version came out... which means Snowden has an iPhone. :) (don't read too much into it, it's just a fun fact)

Obama weighs in while speaking at SXSW...

http://www.nytimes.com/2016/03/12/us/politics/obama-heads-to-south-by-southwest-festival-to-talk-about-technology.html

“If, technologically, it is possible to make an impenetrable device or system, where the encryption is so strong that there is no key, there is no door at all, then how do we apprehend the child pornographer?”
Fucking.... really!?


If the government has no way into a smartphone, he added, “then everyone is walking around with a Swiss bank account in your pocket.”
yeah, that should only be something rich people should have access to! /s
It sounds like a great idea, actually. thanks obama!

John Oliver does a great segment on crypto and the FBI v Apple topic. However, there is one *extremely* dangerous portion... Do NOT use Telegram for privacy. It's weak and backdoored. Use Signal instead.

It's unfortunate that so many more people are choosing such a bad "privacy" app.


https://www.youtube.com/watch?v=zsjZ2r9Ygzw

Snowden has weighed in, saying that the FBI's claim that they cannot hack into the phone is complete bullshit (http://www.theguardian.com/technology/2016/mar/09/edward-snowden-fbi-san-bernardino-iphone-bullshit-nsa-apple)
Oh look, Snowden was right!
FBI just canceled the hearing. Turns out Apple didn't hold the "exclusive ability to access the phone" as the FBI was claiming.
http://i.imgur.com/4dr3w0N.jpg


Too bad... I would have loved to get a ruling on the books so the FBI couldn't attempt this again in the future.

A month after the FBI testified under oath that they can't get into the phone without Apple.... Thy got into the phone without Apple.

Apple wants the FBI to reveal how it hacked the San Bernardino killer's iPhone (http://Apple wants the FBI to reveal how it hacked the San Bernardino killer's iPhone)

LOL

http://www.bbc.com/news/technology-35933239

http://www.bbc.com/news/technology-35933239

Shouldn't be surprising. Once law enforcement has a tool, why would they withhold it from other cases?

The "only one phone" thing was only something the FBI was claiming for the situation in which Apple would be forced to build the backdoor. Even that was obvious bullshit, but they never claimed 3rd party methods were as limited. They have used a lot of 3rd party tools in many situations.