
FBI agrees to unlock iPhone for Arkansas prosecutor - noarchy
http://abcnews.go.com/US/wireStory/fbi-agrees-unlock-iphone-arkansas-teens-murder-case-38041135
======
cmurf
How does the prosecution prove the plaintext came from defendants' devices?
When DNA is used as evidence not only is there chain of custody rules for
biological material, but the details of DNA extraction and comparison are
openly documented. You don't just have someone claim something is a match,
there's proof.

~~~
forgotpwtomain
They might just be planning to use the information learned from this to assist
in the prosecution without providing it as evidence? For example they could
subpoena those involved in the imessage conversations or find other criminal
leads?

~~~
downandout
Yes, that would be my take on it. The government can still make use of
inadmissible or illegally obtained evidence. The evidence here was obtained
legally, so it will likely be used to bolster the case against the defendants
and anyone that may have assisted them.

Even in the case of illegally obtained evidence, there are techniques like
parallel construction [1] that they can use to make their cases. They also
have the so-called "clean hands" exception, which allows allows the government
to introduce evidence into trial that was illegally obtained by a third party
when the government did not play any role in obtaining that information [2].

The US legal system was designed to seem exceedingly fair on its surface,
while allowing for unconscionable abuses by those skilled in maneuvering
through its loopholes.

[1]
[https://en.wikipedia.org/wiki/Parallel_construction](https://en.wikipedia.org/wiki/Parallel_construction)

[2] [http://jipel.law.nyu.edu/ledger-
vol-1-no-2-2-coffman/](http://jipel.law.nyu.edu/ledger-vol-1-no-2-2-coffman/)

~~~
cperciva
_parallel construction_

You're probably thinking of "inevitable discovery", which says that illegally
obtained information can be used anyway if the prosecution can show that they
would have obtained it anyway. Parallel construction is something intelligence
agencies do in order to hide how they obtained information in the first place
(whether legal or otherwise).

~~~
nxzero
FBI, local law enforcement, etc use parallel construction too; for examples,
look into how the FBI works with local law enforcement using tech like
Stringray.

------
hackuser
Remember that the FBI said that if Apple provided a solution, it would not be
used in other cases and that they were [Edit: not] going to use it as a
precedent (IIRC the details).

~~~
matheweis
> and that they were going to use it as a precedent

Directory Comey very explicitly said that "The San Bernardino litigation isn't
about trying to set a precedent or send any kind of message"

[https://www.lawfareblog.com/we-could-not-look-survivors-
eye-...](https://www.lawfareblog.com/we-could-not-look-survivors-eye-if-we-
did-not-follow-lead)

~~~
TheSpiceIsLife
Yes, and? Should we believe him? He's the director of the FBI, he's almost
_certainly_ lying. It will come out in some leak or declassified document, or
someones memoirs, or some such, in 30 years that the guy was lying through he
teeth.

We can't seriously be expected to believe that over the next six decades it
will come out that all these politicians and law enforcement folk were just,
upright, moral citizens, acting in everyones best interests.

~~~
hackuser
> He's the director of the FBI, he's almost _certainly_ lying.

If you mean that because he's FBI Director therefore he's lying, I strongly
disagree. Certainly, just like everyone else, FBI Directors don't always tell
the truth; the world is much more complicated than that. He is a human being,
not a saint or angel, who has dedicated his life to public service and has an
extremely high pressure, difficult job. I don't always like what he says but
he deserves a little respect.

~~~
shawn-butler
So we should respect accomplished liars? This seems totalitarian to say the
least.

Lying to the public to accomplish a goal is not admirable in my view; it is
contemptible.

It seems clear to me that he lied to Congress but parsed his testimony in a
way to provide deniability / accountability. You may choose to admire this but
the rest of us don't have to share your view.

I'll side with Socrates and condemn the Sophists.

------
molecule
LA Times is reporting that the phone is an iPhone 6

 _> The FBI has agreed to help prosecutors gain access to an iPhone 6 and an
iPod that might hold evidence in an Arkansas murder trial, just days after the
agency managed to hack an iPhone linked to the San Bernardino terror attacks,
a local prosecutor said Wednesday._

[http://www.latimes.com/local/lanow/la-me-ln-arkansas-fbi-
pho...](http://www.latimes.com/local/lanow/la-me-ln-arkansas-fbi-phone-
access-20160330-story.html)

~~~
Pwngea
IIRC, didn't the unlock in the San Bernardino case use an exploit(s) specific
to the 5C or something? Also IIRC the iPhone 6 has some sort of hardware-level
protection against this.

~~~
plorg
Anything you may have heard is almost certainly speculation. It seems pretty
likely that a particular Israeli company supplied the FBI with an exploit, but
no one has said anything about that exploit being specific to the 5c.

Even Apple does not seem to know what the exploit was, as they are pursuing
legal options (or dropping hints to that effect) to compel the FBI to reveal
it to them.

~~~
taspeotis
> no one has said anything about that exploit being specific to the 5c.

Cellebrite describes [1] the solution as working for iOS 8.x on the following
devices:

> Cellebrite's unlocking capability supports the following devices: iPhone 4S
> / 5 / 5C, iPad 2 / 3G / 4G,iPad mini 1G, and iPod touch 5G running iOS 8 ...

[1] [http://www.cellebrite.com/Pages/cellebrite-solution-for-
lock...](http://www.cellebrite.com/Pages/cellebrite-solution-for-locked-apple-
devices-running-ios-8x)

~~~
jonah
This comment someone posted in reply to my query on another article might be
of interest to you.

[https://news.ycombinator.com/item?id=11387909](https://news.ycombinator.com/item?id=11387909)

~~~
taspeotis
Sorry I didn't reply sooner, I did find that interesting. Thanks for sharing.

------
usaphp
Serious question: how is this "unlocking iPhone case", any different from what
fbi and other agencies used to do for a while when they seize computers for
example, or a locked safe? They also "unlocked" those devices after they got a
warrant, what makes this "iPhone case" any different? If they have a warrant -
and a way to unlock the device - what is the reason of all this buzz around
it?

~~~
einarvollset
I think because Apple decided, after the Snowden illegal wiretapping stories,
to grandstand for PR purposes. And many tech writers took that bait.

~~~
Gustomaximus
That's really not a fair summary of the situation. Apple took a stand, rightly
in my view, to dig their heels in under the request to make a permanent back
door for FBI (and likely other groups) usage. There is a massive difference.

~~~
riquito
> That's really not a fair summary of the situation. Apple took a stand,
> rightly in my view, to dig their heels in under the request to make a
> permanent back door for FBI (and likely other groups) usage. There is a
> massive difference

This is history rewriting, the request, in his least dangerous form, was to
unlock a single phone from inside Apple labs by Apple people

~~~
mk4p
Incorrect -- they requested an "instrument", which carries with it all sorts
of legal requirements beyond creating an in-house tool.

Source:
[http://www.zdziarski.com/blog/?p=5645](http://www.zdziarski.com/blog/?p=5645)

~~~
daxfohl
They made both requests. Apple refused both requests.

------
matheweis
... this also severely contradicts the narrative we were fed about "it's just
this one phone, for, you know, TERRORISM".

~~~
einarvollset
No it does not. Govt never claimed this. What it does is show that, the FBI
will do exactly what the Chinese are currently most likely doing if need be.

~~~
bediger4000
FBI Director James Comey claimed that unlocking this phone was really really
about Terrorism: "So I hope folks will remember what terrorists did to
innocent Americans at a San Bernardino office gathering and why the FBI simply
must do all we can under the law to investigate that."
([https://www.lawfareblog.com/we-could-not-look-survivors-
eye-...](https://www.lawfareblog.com/we-could-not-look-survivors-eye-if-we-
did-not-follow-lead))

It's possible, by some weird John Yoo-style contorted reading of the facts to
say "FBI Director Comey said that, the US Government didn't say 'because
terrorism'". That contorted reasoning would amount to lying by splitting
hairs. Don't lie by splitting hairs.

~~~
einarvollset
I think you are confusing the arguments for granting a search warrant in this
specific case (terrorism), with the overall argument behind granting the
powers that a search warrant provides in general ( _not_ terrorism specific)

~~~
bediger4000
I'm sorry, I don't see how the above statements relate to John Comey's public
explanations of why hacking the iPhone in question was so important. Maybe you
can expand on the above to clarify that relationship?

~~~
einarvollset
Law is not made on a case by case basis. There is a general set of powers that
gets granted for something like a search warrant. Just because a govt official
argues that a specific case is terrorism related, does _not_ mean that the
general powers granted by a search warrant is "just cause terrorism". Instead,
to have a coherent argument you have to argue against why the govt should have
been given the search warrant in the first place.

If you're a programmer you'll understand - you can't argue generally about a
class because of the properties of an instance of that class.

~~~
bediger4000
_Law is not made on a case by case basis._

I see where you've gone astray: law is made on a case-by-case basis in the
USA. The USA has a "common law" system
([https://en.wikipedia.org/wiki/Common_law](https://en.wikipedia.org/wiki/Common_law))
where precedent
([https://en.wikipedia.org/wiki/Precedent](https://en.wikipedia.org/wiki/Precedent))
is overwhelmingly important.

If I understand correctly, the FBI was attempting to set a precedent, using an
instance that has lots of emotional appeal ("Terrorism!") and they were really
working that emotional aspect ("Couldn't look the survivors in the eye") hard.
Once that precedent is set, the USA's legal system would require some new laws
to make the precedent go away (in a legal sense). The FBI could at the least
operate under the legality of the precedent until the new law(s) take effect,
if such new laws get made. They often don't, and the USA just rides on the
precedent.

------
rcthompson
I don't really have a too much of a problem with them unlocking individual
phones. I have a problem with them asking for the master key to all phones,
which is what they were doing in the San Bernardino case.

~~~
nitrogen
But this request also shows that unlocking was never about just that one
phone.

------
Mtinie
...and now it begins.*

* Officially, because presumably it's been going on for a long time but not publicly discussed to the degree that it is being discussed now.

------
free2rhyme214
I'm glad I have an iPhone 6. Anything without touchID is now insecure thanks
to the FBI. It sounds like Apple knew this would happen which is why they
recently hired a Signal developer:

[http://techcrunch.com/2016/02/25/apple-hires-developer-
behin...](http://techcrunch.com/2016/02/25/apple-hires-developer-behind-
signal-edward-snowdens-favorite-secure-chat-app/)

~~~
perfectstorm
"The FBI has agreed to help prosecutors gain access to an iPhone 6 and an
iPod..."

So yea, it's an iPhone 6.

[http://www.latimes.com/local/lanow/la-me-ln-arkansas-fbi-
pho...](http://www.latimes.com/local/lanow/la-me-ln-arkansas-fbi-phone-
access-20160330-story.html)

~~~
x0054
If you use your iPhone 6 WITH touch ID, that is, you actually use touch id to
unlock it, it makes it all the more easy for them to unlock it. They can not
compel you to provide a password, as of yet, but they can compel you to
provide a finger print, and they would probably have a fingerprint of yours
anyway, as that is a standard procedure during booking. If you (for some
reason) are concerned about FBI having access to your phone, do not use touch
ID.

~~~
XorNot
Or you know, just lift one off the case which you spend all day touching with
the fingers you use the phone with.

~~~
TillE
Unless they already have a routine procedure for doing this, that's just not
going to happen within 48 hours (the TouchID timeout) of seizing the device in
a normal criminal case.

------
x0054
Are there any good articles on the difference between iPhone 5, 5c, 6, and 6c
in terms of security? Also, has anyone covered why NAND Flash clone attack
vector would not work? I had many people tell me that is definitely, for sure,
certainly would not work, and yet no one I spoke with could explain exactly
why that was the case.

~~~
ghshephard
Good (excellent) article on IOS security:
[https://www.apple.com/business/docs/iOS_Security_Guide.pdf](https://www.apple.com/business/docs/iOS_Security_Guide.pdf)

See Page 12 on advantage of A7 or higher processor, but, in particular:

"On devices with an A7 or later A-series processor, the delays are enforced by
the Secure Enclave. If the device is restarted during a timed delay, the delay
is still enforced, with the timer starting over for the current period. "

The question still outstanding, is whether the Secure Enclave can be modified,
and also, whether it can be modified without a passcode.

~~~
venomsnake
And where does Secure Enclave store the counter? Does it have flash inside the
processor? Otherwise - just unplug and replug the battery

Edit: Any device that is nand cloned will not be using apple power anyway. And
we have all kinds of low temperature, low voltage bit flip attacks anyway.

~~~
x0054
The Secure Enclave does have it's own flash, it apparently even has it's own
OS. What do you mean by bit flip attack? I am actually really interested in
how it would be possible.

~~~
andyjohnson0
A bit flipping attack is where a change to the cyphertext results in a
predictable change to the (decrypted) plaintext [1]. Re venomsnake's comment,
I'm not sure how this applies to the secure enclave though, or the relevance
of low temperatures.

[https://en.wikipedia.org/wiki/Bit-
flipping_attack](https://en.wikipedia.org/wiki/Bit-flipping_attack)

~~~
venomsnake
No - I meant literal bit flipping in a processor when you play tricks with
ambient temperature, voltage and so on ...

------
marcoperaza
Put down the pitchforks people. This is standard operating procedure and
you're not gonna win any arguments opposing it. If the government gets a
search warrant for the contents of a safe in your home, they're perfectly
entitled to crack it open with whatever techniques they discover. The now-moot
case against Apple was about whether they can compel the safe-maker's
assistance, which is a very different issue.

This is the protection against search and seizure that you're entitled to
within the US:

> _The right of the people to be secure in their persons, houses, papers, and
> effects,[a] against unreasonable searches and seizures, shall not be
> violated, and no Warrants shall issue, but upon probable cause, supported by
> Oath or affirmation, and particularly describing the place to be searched,
> and the persons or things to be seized._

------
hellofunk
I wonder what they are all thinking over Apple HQ about this... I suspect it
is some variant of "Ok, now how to make these phones even more secure?"

~~~
pbhjpbhj
>"Ok, now how to make these phones even more secure?"

Or more likely how to _market_ the next round of phones as being more secure
and whether claiming the upgrade is essential for businesses ("our old phones
are all broken now, you must upgrade") will lead to a gross increase in
profits or not.

------
droithomme
Fairly obvious that no actionable information is being discovered on these
phones.

~~~
einarvollset
How so?

~~~
bediger4000
First, the San Bernadino shooters destroyed a lot of other
computers/phones/disks - yet they left that iPhone unscathed
([http://abcnews.go.com/US/san-bernardino-shooters-destroy-
pho...](http://abcnews.go.com/US/san-bernardino-shooters-destroy-phones-hard-
drives-sources/story?id=35570286)). It was also a phone provided by Farook's
employer. Unless Farook was a big dope, he used it for work stuff only. Since
nobody got wind of the crimes before they happened, Farook was evidently Not a
Dope. Third, the FBI has had access to iCloud backups from that device
([http://www.latimes.com/business/la-fi-tn-apple-fbi-
call-2016...](http://www.latimes.com/business/la-fi-tn-apple-fbi-
call-20160219-story.html)), apparently the iCloud password was changed as part
of accessing the backup data. The changed iCloud password is what caused the
FBI to not be able to access the phone directly.

So, I think we can be reasonably sure that no info of value will come off that
phone. It's possible, but it seems unlikely.

~~~
einarvollset
So are you arguing that the police should _not_ explore all reasonable sources
of information when investigating a crime?

You know, just sample a few and then if nothing comes up, just infer that
everything is kosher?

~~~
bediger4000
Dude... you were the one that asked "How so?" in response to a statement that
nothing of value would be recovered from the iPhone that the FBI was using as
a means of creating a precedent. I gave you the "how so" reasons, I didn't say
_anything_ about not exploring reasonable sources of information. If FBI
investigative time is a scarce resource, I would expect them to prioritize the
sources of information, putting "less likely to yeild results" lower in the
prioritized list. I would also expect them to stop investigating the material
way down on the priority list if the material high on the priority list had
yielded results.

~~~
einarvollset
Dude. Clearly you have insights into this investigation that neither I, any
media outlet or even in fact the FBI even has. So in that case, congrats, you
win.

------
spacehome
"just this one phone"

------
arthurgibson
"Drexler and Staton have both pleaded not guilty to capital murder, aggravated
robbery and other charges in the deaths of the c, who were both 66."

Is it just acceptable at this point to publish AP content with typos?

~~~
spacehome
Would you pay more money for a proofread article?

Would you pay anything at all for online journalism?

------
merpnderp
So if the FBI is just going to have the Israeli company Cellebrite unlock the
phone, why couldn't Conway prosecutor's office do this directly? And given the
number of public articles of opinion offered to the FBI on how trivial it was
to unlock 5c and previous iPhones, and the number of companies offering
unlocking them as a service, is the FBI just incredibly slow at setting a
standard forensic process, or is there some other reason these phones aren't
being unlocked?

------
x0054
Apple SHOULD NOT demand to find out how the FBI did it because it would expose
them to discovery requests in future court cases where they would have to tell
other people (read China / Russia) how to do it. For now they have plausible
deniability and they have plenty of talent to figure out how it was done, or
if all else fails, they can pay that same security firm to tell them under
cover of an NDA.

~~~
nobodyshere
Nope. It could be one of many security flaws that are unknown. And you can't
be sure which one they used.

~~~
x0054
But the problem still remains, if it's well publicized that they were told
about the hack, next time they are compelled by the court they will have to
tell everyone what FBI told them.

------
sschueller
Can apple sue to get the FBI or that Israeli firm that unlocked the San
Bernardino phone to find out how they are unlocking these phones?

~~~
roel_v
Anyone can sue for anything anytime, but there is no way they'll ever get to
compel the FBI to do so, no.

------
roel_v
I'm pretty sure there are quite a few FBI people chuckling these days about
how all of this turned out for Apple :)

------
SixSigma
At least it is in the Zeitgeist now, these kind of stories will be around for
a while.

------
jerianasmith
Glad to learn that. I am sure it is gong to be a welcome step.

------
dang
Url changed from [http://techcrunch.com/2016/03/30/sure-why-not-fbi-agrees-
to-...](http://techcrunch.com/2016/03/30/sure-why-not-fbi-agrees-to-unlock-
iphone-for-arkansas-prosecutor/), which is a knockoff of an AP story that they
mention but never link to.

------
ihsw
The technique used will be passed on down to anyone that the FBI deems fit, be
it public or private.

There is no oversight or limitations.

Complete and total lack of justification.

There's a word for this -- corruption.

~~~
einarvollset
I don't think that word means what you think it means.

Would it have pleased you more if, oh let's just for the sake of argument say:
the government had to get some kind of a court order to get the information?

~~~
bhickey
Well, the grandparent did say "There is no oversight or limitations."

So, yeah. I believe it would please 'em more if there was a court order
involved.

~~~
einarvollset
Sorry. Sarcasm doesn't come across well: there _is_ a court order, but because
Apple decided to not help, they were removed from the oversight chain, hence
arguably weakening the oversight.

~~~
marcoperaza
If the government gets a search warrant and seizes a safe from your home, they
don't need the safe-maker's permission to crack it open.

~~~
teacup50
They would if the safe was purely digital, based on vendor-controlled platform
DRM that granted the vendor and only the vendor additional access to the safe.

------
kregasaurusrex
This is a blatant violation of
[https://www.law.cornell.edu/uscode/text/18/2511](https://www.law.cornell.edu/uscode/text/18/2511)
which prohibit direct interception of communications, 4th amendment/UN rights
to privacy and encryption
[http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForS...](http://www.ohchr.org/EN/Issues/FreedomOpinion/Pages/CallForSubmission.aspx)
extending to personal devices, and circumventing 5th amendment rights of
compelled decryption.

~~~
DannyBee
Errr, it's pretty much none of those things :) (ie they have a valid search
warrant, the fifth amendment does not protect you here under any current
caselaw, etc)

~~~
profmonocle
> the fifth amendment does not protect you here under any current caselaw

I can't see even a _speculative_ 5th amendment argument. If they can crack
your phone without your cooperation, how could they possibly be forcing you to
incriminate yourself?

