
Apple Says It Has Never Worked With NSA To Create iPhone Backdoors - IBM
http://techcrunch.com/2013/12/31/apple-says-it-has-never-worked-with-nsa-to-create-iphone-backdoors-is-unaware-of-alleged-dropoutjeep-snooping-program/
======
malandrew
They cannot make this statement until we get rid of national security letters.
It's a statement that even the company itself can't verify as true or false.

Instead they should have released a PR statement like so:

"Apple's is unaware of any help it has provided the NSA in creating iPhone
backdoors, but due to the presence of National Security Letters that would gag
us if we had, we can neither confirm nor deny whether we have helped the NSA.
If we have, no one in the company but those that aided the NSA would know. We
urge the citizens of this country to challenge the constitutionality of NSLs
so that we may be able to confirm whether or not we have aided in the creation
of iPhone backdoors."

That's the only truthful statement that could be uttered at this point.

~~~
IBM
Apple is on the record as having never received an NSL. NSLs may prohibit you
from disclosing information, but they cannot force you to lie (especially by
one you've never received).

~~~
magicalist
This is not correct. You're thinking of Apple's "warrant canary", which
covered only Section 215 of the USA PATRIOT Act, "Access to records and other
items under the Foreign Intelligence Surveillance Act", aka mass FISA
requests.

Apple almost certainly has received many NSLs, which is why they can only
disclose "1000-2000 account information requests" for the first half of 2013
in their transparency report. That number combines law enforcement and
national security order requests in order to keep vague the exact number of
the latter. If you take a look at that transparency report[1], you can see
they come as close as you can to confirming that they have received NSLs when
(so far) you can of course not confirm that you've ever received NSLs.

[1]
[https://www.apple.com/pr/pdf/131105reportongovinforequests3....](https://www.apple.com/pr/pdf/131105reportongovinforequests3.pdf)

~~~
IBM
I was under the impression that section 215 was the NSL since it mentions the
bit about gag orders on Wikipedia:

>The section carries a gag order stating that "No person shall disclose to any
other person (other than those persons necessary to produce the tangible
things under this section) that the Federal Bureau of Investigation has sought
or obtained tangible things under this section"

~~~
magicalist
No, the modern NSL was defined in section 505 of the USA PATRIOT Act, though
it modifies statutes going back many decades. It was section 505, though, that
let the FBI go hog-wild with them.

------
bananacurve
Apple's statement:

"Apple has never worked with the NSA to create a backdoor in any of our
products, including iPhone. Additionally, we have been unaware of this alleged
NSA program targeting our products. We care deeply about our customers’
privacy and security. Our team is continuously working to make our products
even more secure, and we make it easy for customers to keep their software up
to date with the latest advancements. Whenever we hear about attempts to
undermine Apple’s industry-leading security, we thoroughly investigate and
take appropriate steps to protect our customers. We will continue to use our
resources to stay ahead of malicious hackers and defend our customers from
security attacks, regardless of who’s behind them."

Not that it will convince anyone around here, but at least they can be called
liars if any evidence did turn up.

~~~
Touche
It's interesting to say the least. If they are to be believed, what accounts
for the NSA's claim of "100% success" with iPhones? Or is that just empty
posturing?

~~~
astral303
Given that almost all early iPhone OS and iPhone have bugs and vulns that
allow jailbreaks and carrier unlocks, it's completely unsurprising that the
NSA had a 100% success physically.

For example, iPhone 3GS released in 2009 can be jailbroken with 2010-era
latest iOS 4:
[http://www.iclarified.com/jailbreak/iphone3gs/mac.php?firmwa...](http://www.iclarified.com/jailbreak/iphone3gs/mac.php?firmware=4.3.5)

I don't think you even need baseband access to do all the spying. I think all
of that can be done on a jailbreak.

------
daegloe
Anyone else notice that the bottom-right corner of the NSA doc is dated
20070108? Is that a month after the original iPhone was released or 6 months
before?

Either way, quite the implication if the claims are authentic.

Plausible deniability can be an effective tool for a company too. It's
certainly possible that Apple team members were indeed collaborating with the
NSA (or FBI or some contractor equivalent) or that the NSA had access to Apple
tech without the leadership aware of the specifics or even without any
official corporate authorization/mandate in the first place.

~~~
Crito
_" (civilian vernacular: mm/dd/yy or mm/dd/yyyy;[165][166] other formats,
including dd Month yyyy and yyyy-mm-dd, are common or prescribed—particularly
in military, academic, scientific, computing, industrial, or governmental
contexts. See Date and time notation in the United States.)"_

My money is on January.

------
sigsergv
This could be true. Technically. You don't need to work with NSA, you may, for
example, work with some another organisation tightly coupled with NSA. There
also could be carefully planted vulnerabilities in the software, it would be
extremely stupid for Apple to implement clearly recognizable backdoor. And of
course they will deny anything always.

------
moron4hire
It doesn't matter what they say. If they had, the law requires them to lie and
say they didn't.

~~~
sigzero
It does matter. Apple could tell the truth and let the NSA take them to court.
What a nightmare that would be for the NSA.

------
fit2rule
How it works: NSA uses its immense resources to find jailbreaks. Finds
jailbreaks. Sets up a 'hacker front' to publish jailbreaks/establish hegemony
over the subject in the mindset of the iPhone-jailbreaking public. Regularly
publish jailbreaks.

Oila: a few million remote installations. (EDIT: .. on known-subversive
phones. Only subversive types jailbreak.)

------
eximius
So the NSA hacked the iPhone so thoroughly without help? Yikes.

------
Zigurd
My follow up question would be: Has Apple created back doors for law
enforcement?

The only way to keep spy agencies out is to made data inaccessible to
everyone.

------
melling
This is not a HN story. We skip most responses to the original tin foil
stories.

~~~
cracell
A story about a very large and popular technology company's response to
allegations of them intentionally adding backdoors to one of their flagship
products isn't appropriate for a technology news site?

Edit: HN's on-top guidelines "On-Topic: Anything that good hackers would find
interesting. That includes more than hacking and startups. If you had to
reduce it to a sentence, the answer might be: anything that gratifies one's
intellectual curiosity."

Seriously, I would like to understand why you think this isn't HN appropriate.

~~~
esrauch
I think you are missing the sarcasm; he's pointing out that HN votes up
sensationalism and not the follow up stories.

~~~
Touche
This is on the front page of HN.

~~~
melling
When I made the comment it wasn't, and I had the only comment. It took about
an 45 minutes to gain any traction, which can be verified by the age of the
comments.

The original story would have been on the front page in minutes, with dozens
of comments.

~~~
Touche
If the difference between a sensationalist vs. reaction article is only 45
minutes I think HN is doing fairly well compared to other online communities.

~~~
melling
A story is almost gone in 45 minutes on HN. You'll often notice people
complaining about posting a story posted a day earlier that didn't get any
traction and is highly voted on resubmission. Someone has to start a
conversion or it has to get up voted quickly. I was the 4th upvote and the
first comment.

