Hacking Apple


Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.

But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

Apple’s point is that the government is essentially trying to bypass the ongoing political and legal debate over encryption. We’ve mentioned this debate before: companies like Apple and Google are giving their phones encryption capabilities that are supposedly unbreakable. The federal government is trying to force them to provide backdoors into those encryption methods. But Apple notes, correctly, that there’s no such animal as a “backdoor” that would be exclusive to the government. It would compromise all the security on their phones, creating a capacity that any hacker could use.

(I would also note that, even if this were not true, creating a backdoor for the government is a huge problem. We have seen, with the Patriot Act and mass surveillance, that the federal government can not be trusted to use these power for “only” terrorism. Inevitably, these capabilities will be used to pursue the War on Drugs, the War on Sex Work, the War on You.)

Forcing Apple to develop new software to access Farook’s phone is an attempt to bypass this debate and create backdoors without a national debate, without an act of Congress and without input from civli libertarians. It may also be on very shaky legal ground:

Second, as the Post article notes the use of the All Writs Act in this manner appears to be unprecedented and, if upheld, would essentially allow the government to do almost anything in the name of law enforcement and intelligence gathering. Finally, and perhaps most strongly, it’s important to note that law enforcement isn’t asking Apple to provide information that it already has, which is what an ordinary search warrant does. It is essentially asking a Federal Court to compel Apple to do something, in this case create a backdoor that does not exist. This arguably falls well outside the scope of the Fourth Amendment and, if upheld, would give law enforcement authority to compel technology companies to do almost anything conceivable in the name of a purported investigation or surveillance of a target. That seems to go well beyond what the Constitution and existing law permits law enforcement to do.

But not beyond what they want to do. This is not just about Farook’s phone; they are demanding that Apple provide a capacity that can be used with any phone. I suspect that the feds know that their case is weak — they invoked Farook’s victims immediately as if a massive tragedy abrogates the Constitution.

It’s not like the FBI has nothing to go on here. They have access to the meta-data. They have the phone itself. They have any computers. They can get warrants for e-mail servers.

Apple should stand their ground here. They should fight this all the way to the Supreme Court if necessary (and this makes me miss Scalia, who could sometimes be good on Fourth Amendment issues). If the Federal government establishes a precedent that they can force tech companies to hack into our electronic devices, the Fourth Amendment will be hanging by a thread.

Comments are closed.

  1. trade_pro

    I can set up a computer out of the box and turn it on.  I have now given you my full knowledge of computers.  With that said:

    Why can’t the Feds ask Apple to take the data off the phone and give it to them on a floppy(joking)?

    Thumb up 0

  2. Hal_10000 *

    Why can’t the Feds ask Apple to take the data off the phone and give it to them on a floppy(joking)?

    Because it’s encrypted. You need password to get access and they don’t know if Farook used the setting that erases the phone after 10 unsuccesful attempts to crack the password.

    Thumb up 0

  3. Hal_10000 *

    One issue was raised in a McArdle-Lake chat.  A backdoor into iphones would be a Godsend to totalitarian regimes trying to crack down on dissidents.  This isn’t just about protecting your dick pics (nobel as that cause may be).

    Thumb up 1

  4. trade_pro

    Hal I understand its encrypted but someone wrote a program to do so. They are saying they cant break their own program…not that they should but I find it surprising that they cant.
    plus i can tell them right now…its a diamond pattern…thats what eveybody uses. 2684. I say we get 10 tries…try that one.

    Thumb up 0

  5. TxAg94

    Is it likely there is anything on that phone that is still of any urgent national security value?  If the group the information would implicate hasn’t already changed to mitigate that risk then they are likely amateur or sloppy enough to catch them by other means.


    That being said, wasn’t Apple working with NSA and other agencies to spy on us as recently as a couple of years ago?  Now they have privacy and security concerns?

    Thumb up 0

  6. repmom

    So….I may not be totally up-to-date, but….

    Donald Trump pushes for boycott of Apple. Marco Rubio “sort of” skirts the issue on Sean Hannity.

    I’m more impressed with Rubio, who says it’s a complicated issue. But then, I may be prejudiced.

    Thumb up 0

  7. louctiel

    I’m sorry, but there is so much wrong with this post that needs to be corrected.

    Apple is not being told to break the encryption on the data or even the pass codes.  According to the order, Apple is being told to disable the feature that wipes the data after 10 failed pass codes are entered and disable the wait time between being able to enter pass codes on the device.  (The wait time between entering wrong passcodes goes up with each failed attempt to the point where the wait time between the 9th failed pass code and entering the 10th pass code is 1 hour.)  In addition, Apple must ensure the FBI can enter pass codes onto the phone.

    The software modification to accomplish this is device specific to the specific phone in question.  Apple may, but does not have to supply the code to the FBI / government.

    It should be noted that while Apple is saying it does not have a “backdoor,” that is not quite accurate.  When the phone is made, there are two 256 bit security keys unique to each phone.  Apple includes those keys to make sure that non-secure or false code cannot be updated or installed onto the phone.  But Apple itself has the “master keys” which enable it to send out secure updates to the operating systems of the phone.   Using that same operating system update, the government says Apple can disable the auto wipe and the time delay features.

    For those wondering about the privacy issue, there is none.  The phone in question was used by one of the San Bernardino shooters.  He did not own the phone.  The San Bernardino Authority did and they have consented to the search of the phone.  Even if Farook owned the phone, the right to privacy died with him.

    While Apple is saying this is about “encryption,” technically it is not as the data files will still be encrypted if Apple complies with the order.  Furthermore, Apple is not being told to break the pass codes, only to disable the autowipe and time features.

    This case is not going to turn on privacy and security issues.  What is going to matter is if Apple can prove that complying with the order is “overly burdensome” to them which is the third part of a legal test to apply the All Writs Act.  (The first two have clearly been met.)

    As for the idea that demanding a company do something in aiding an investigation, that is already settled law by the All Writs Act.  Furthermore a 1977 Supreme Court case affirmed the governments right to demand a company assist in an investigation.  (The case is United States v. New York Telephone.)  There the SCOTUS upheld an order for the New York Telephone Company to install a tap (in the form of a so called “pen reader”) on a telephone line under the All Writs Act.   In other words, not only has this action been taken with the consent of Congress, it has been upheld by a fairly recent Supreme Court decision.

    (It should also be noted that Apple can bill the government for their time to create bypassing of the autowipe and time delay features.)

    As I said, Apple is going to have to show in their appeal that creating this update to the OS is “overly burdensome.”  That is going to be a tough road to hoe for them.

    Thumb up 0

  8. InsipiD

    I want Apple to fight the good fight here.  This is the kind of case that sets a dangerous precedent.  It’s not that I’m against the FBI having the info from this phone, I just don’t want this phone to make it easier to search anyone else’s later.  A smart phone is a computing device with the power and storage of a desktop computer of less than 15 years ago.  It keeps breadcrumb trails of internet searches and browser history that are valuable circumstantial evidence.  If the phone’s user had the forethought to protect it with a passcode and encrypt the data, then it should be hard to break through that.  This is a small part of why stuff like DMCA exist: modified code would be harder and riskier to break.  It’s just like anything invoking the hated acronym DRM.  Remember, it’s your rights that someone else is trying to digitally manage.

    Thumb up 1