
Apple unlock: Judge compares request to execution order - Libertatea
http://www.bbc.com/news/technology-34647704
======
teekert
I strongly feel that my personal computing devices are extensions of my brain.
They help me think, contain personal thoughts, notes and pictures, allow me to
communicate with people I love and determine who I am even to some degree
(i.e. without them I would not be punctual).

I deeply hate the fact that anybody thinks anything on my personal devices
belongs to them. I think my devices should fall under the inviolability of the
physical body and that decrypting them is akin to forcing me to testify
against myself.

I do realize how hypocritical I sound carrying an Android device (Googles
customers are the advertisers) but I can be a bit idealistic and pragmatic at
the same time, can't I?

~~~
kitbrennan
Something we forget on Hacker News is that the vast majority of data and
information requests are not made to spy on citizens without due cause.

The majority of requests are made because someone suspected of a crime (pick
any crime: fraud, possession of child pornography, drug dealing) - and they
believe there to be evidence on the device.

If we prevented legal authorities from accessing data on your phone, then in
theory a peadophile would only have to ensure he/she downloads illegal images
to their phone to ensure they cannot be caught.

\---

The reason we have warrants is to ensure there is a second layer to verify
that a search is proportionate. Obtaining information from a phone should
certainly require a warrant issued by a judge; but it certainly should not be
completely unobtainable.

~~~
beambot
Don't particularly care for the example.... but going with your example:
Assume the peadophile has photographic memory (or even just an active
imagination). If we had the capability of reading out wetware memories from
their biological brain (eg. via neural stimulation & recording), would those
be searchable with warrants too?

~~~
kitbrennan
I'm not saying there isn't a line to be drawn - obviously given your example
most people would shrink away from the idea of using someones thoughts to
convict (literal thought-crime).

It's a question of where we draw the line. If we don't allow a judge to issue
a search warrant for a phone where there is reasonable suspicion of illegal
activity - why should we allow a judge to issue a warrant to search a
car/property/paper-work?

Of course that completely oversteps the line in the other direction though.
Conviction rates for many crimes would drop through the floor if the legal
authorities have no way of obtaining evidence.

Given how powerful smart phones have become and you come run a criminal
enterprise solely through your phone, it is reasonable to expect that the
police with a proper warrant would be able to inspect your phone.

~~~
beambot
But that's what the GP was referring to. "Personal electronic storage" is
increasingly becoming an extension of our mind. It may be cellphones today,
but the era of implantable media may not be far off.

In fact... for a pretty reasonable sum, I could build a sub-dermal implant
beneath the skull with many GBytes of storage that is wirelessly powered and
supports USB-like data rates. (See profile.) So this isn't an academic
argument.

In reality, I think you could make a pretty reasonable case that my lab
notebooks (whether paper or electronic) are just a "more accurate version of
my wetware memories." I'm not sure I understand why this "brain extension"
isn't afforded more protections accordingly.

I appreciate that this notion wasn't explicitly spelled out in the
constitution -- these advances are REALLY new from a historical perspective.
But I would wager: The laws will likely need to change.

------
pflanze
What I don't understand is: what's different with iOS8 and 9 so that they
can't do it anymore? If the difference is that the older version's user data
is not encrypted, then why are they asking Apple to unlock it versus
unsoldering the flash chip on the phone themselves? Is there a law that
prevents the government from doing so?

~~~
drakenot
Removing the flash chips wouldn't do anything for you. The encryption key is
combined with a UID value stored in the Secure Enclave (assigned during
manufactoring). The Secure Enclave is a blackbox which receives values,
combines them with its secret key and then spits out the final value. [0] A
high iteration count is also used which also makes this process take around
80ms.

Cracking of the passcode must be done "on device" unless someone can extract
the UID from the Secure Enclave. Additionally, any device using an A7 or newer
has incorrect passcode rate limits enforced by the Secure Enclave as well.

As to what is different between iOS7 vs iOS8/9, I'm not entirely sure. Matthew
Green speculates[1] that they may load special firmware that bypasses the
"lock" screen which is purely a UI hack. Apparently before iOS8 only a subset
of user data was being encrypted compared to what is being encrypted now.

[0]
[https://www.apple.com/business/docs/iOS_Security_Guide.pdf](https://www.apple.com/business/docs/iOS_Security_Guide.pdf)

[1] [http://blog.cryptographyengineering.com/2014/10/why-cant-
app...](http://blog.cryptographyengineering.com/2014/10/why-cant-apple-
decrypt-your-iphone.html)

~~~
pflanze
What I'm taking away from this is:

1\. re encryption:

> Apparently before iOS8 only a subset of user data was being encrypted
> compared to what is being encrypted now.

Which leaves my question unanswered: in that case the government could still
unsolder the flash chip and access that data. Your link [1] mentions that this
would include pictures and SMS messages, which is probably what they were
after.

2\. Custom firmware from Apple will help to access _encrypted_ parts since it
would allow to run the OS under the cracker's control, who then only needs to
brute force the password and not the UID. According to [1] this is still
slowed down to 12.5 attempts per seconds (80 ms) and newer iPhone hardware
additionally contains hardware enforced rate or number of guesses limits.

Edit: custom firmware would of course also help in case 1 in the sense that it
makes it unnecessary to unsolder the flash. But my estimate for the effort
needed to do the latter would be around USD 1000 if done exceptionally,
perhaps USD 100 if done often enough. I wonder if Apple's unlocking service
would be any cheaper. So perhaps the reason it's not being done is
psychological (Apple complying is offloading the question whether it's OK), or
the law, or worries about the constitution.

~~~
wyldfire
Apple still brokers the key exchange, so they can be used to facilitate a
lawful interception at that point.

~~~
pflanze
What key exchange? Are you talking about SSL or software signing keys? These
wouldn't give the DoJ access to the data on the device in this case. It would
only help while the user is still using it, unsuspectingly entering the
password.

------
wahsd
The thing I hope corporations and people will at some point realize is that
the very reason the founders of the USA constructed the nation through the
Constitution and Bill of Rights the way they did was to barricade society
against the very kind of government demon that is rearing it's vile head these
days.

If you take these kinds of cases and carry them to their logical conclusion,
there is nothing that will bar the government from using mind reading
technology to read your mind even if it is just to assess your "mental state"
and preemptively remove you from society, monitor you on a constant basis, set
up traps and tricks to ensnare you, etc. The worst kind of enemy is the enemy
saboteur from within, which the US and other governments are starting to
become.

~~~
pjmlp
Being the first generation to live in free Portugal after 40 years of
dictatorship I never understood how Americans, specially given the McCarthy
phase, ever trusted the government to play nice and by the rules.

~~~
pavel_lishin
Easily - McCarthy was going after evil commies, and _we 're_ not evil commies,
and we _hate_ evil commies! Full steam ahead, Mr. McCarthy!

------
at-fates-hands
I think its interesting that Apple has been doing this years, suddenly has a
change of heart and now the DOJ is trying to get a judge to get them to do
that.

I guess this goes deeper than just the searching of the phone. Is Apple not
allowed to ever change its mind, on anything?

------
laotzu
>Once we have surrendered our senses and nervous systems to the private
manipulation of those who would try to benefit from taking a lease on our eyes
and ears and nerves, we don't really have any rights left. Leasing our eyes
and ears and nerves to commercial interests is like handing over the common
speech to a private corporation, or like giving the earth's atmosphere to a
company as a monopoly.

-Marshall McLuhan

~~~
wyager
He was wrong; we're having much more trouble with public (i.e. governmental)
manipulation.

~~~
laotzu
Such trouble would not be so feasible if it weren't for the centralized nature
of commercial ISPs and big tech (Facebook, Google, Apple) in general and their
collaboration with the government.

[https://en.wikipedia.org/wiki/PRISM_(surveillance_program)](https://en.wikipedia.org/wiki/PRISM_\(surveillance_program\))

~~~
wyager
I'd hardly call being forced under threat of imprisonment "collaboration".

~~~
laotzu
Whether they want to collaborate or not is trivial. What is important is that
they possess the information and tools for easy dragnet surveillance in the
first place. Moving towards more distributed network tech like Mesh Networks
is the only viable solution to dragnet surveillance I know of.

------
goffley3
It's hard to believe something like this wouldn't fall under the fourth or
fifth amendment.

~~~
rtpg
There's some interesting case law around locked things. One train of thought
is that the govt can force you to give the key to a safe, but can't force you
to give the combination to a safe.

The Apple extension would be that the govt can force unlocking by Apple (since
they have a key) but not by you. All the more you reason to make it
technically impossible ...

~~~
sbov
Do they have a key? I thought the point of the recent iPhone encryption is
that they don't have a key?

~~~
rtpg
In the case mentioned, the phone was running an older version of iOS where
they could, in fact, unlock the phone.

But the recent ones make it impossible, yeah

------
thegayngler
Apple doesn't have the authority to execute a warrant.

------
SonaMathews
There is always a conflict for any order given by any judge

------
enlightenedfool
So, now they can go to a higher court or something? Or do they respect the
opinion of this judge. Other courts in the past had different opinion right?
Why is the law so vague that the judicial system can't come to one conclusion?

~~~
Shivetya
the typical path this will follow is will go to the Appeals level and might
work its way to the Supreme Court if enough of a push is made. Likely the
government will push it up with the idea they can make it happen. Another
angle they are going to follow is pushing Congress to legislate the
requirement.

So the real question is when does this happen? Will Congress get involved at
the behest of the Justice Department and mandate access? If so, how long
before phone companies are required to lock out devices running a version of
the software that does not comply?

I still want an erase/panic code for my phone, both through pass phrase and
touch sensor. That way I could hand over an unlocked phone that is effectively
returned to manufacturer specs.

~~~
niccaluim
At which point you get nailed for tampering with evidence.

~~~
donarb
At which point I would say "What evidence?" The government, with its warrant,
is seeking to find information on my phone, if there's no information on my
phone, who's to say it was there in the first place?

~~~
elpool2
A wiped phone is evidence that you obstructed an investigation. You can go to
prison for clearing your browser cache.

------
venomsnake
Can't believe I am writing it, but I am siding with the government here. Apple
arguments are just weak. They created their device with the ability for them
to decrypt it, not only the owner. So do as you are told.

