
Apple unlocked iPhones for the Feds 70 times before - pthreads
http://www.thedailybeast.com/articles/2016/02/17/apple-unlocked-iphones-for-the-feds-70-times-before.html
======
RandomBK
The difference between the old cases and the current one is that in the new
case, Apple is being forced to develop and install a backdoor to circumvent
security features. That sets an entirely different precedent compared against
simply providing the feds with information that already have.

~~~
paulddraper
It's the difference between unlocking a safe to help execute a warrant
(typically legally required) and making a key that unlocks all safes.

~~~
plorg
It is in fact not clear that what would be produced would be a master key. The
warrant, for example, specifies that such a tool only apply to one device id.
Given that firmware images need to be signed by Apple to be loaded, it would
be relatively straightforward to create a firmware image that would only work
on a single device and could not be used on a different device without Apple's
assistance (e.g. generating and signing a new image tied to a different device
ID).

More likely it is the case (as they have said explicitly) that they do not
want to create a key because that would tarnish their image and suggest to the
government that they could, again in the future, be called upon to unlock an
individual's phone. Most specifically here, Apple would be generating software
for the government to use to undermine the security of their products.

Further, until they move more functionality into hardware, a very similar
technique could be used on current devices, suggesting that Apple products are
not yet quite as airtight as they would like you to believe. Specifically,
Apple seem to have implied that they can update the software for the Secure
Enclave without requiring a passcode. See here:

[https://stratechery.com/2016/apple-versus-the-fbi-
understand...](https://stratechery.com/2016/apple-versus-the-fbi-
understanding-iphone-encryption-the-risks-for-apple-and-encryption/)

~~~
phamilton
Perhaps instead of a master key, they have a machine to make any specific key.
It takes a device ID as in input.

I don't know if that is really practically different than a master key.

~~~
plorg
The difference isn't that you _couldn 't_ unlock (or, actually, just weaken)
each device. It's that with Apple presumably in control of their signing key,
they would need to get Apple's assistance any time they wanted to unlock a
specific device. The obvious benefit would be that the tool can't be used
indiscriminately - presumably they would need to be presented with a legal
order.

This, then, seems to be an attempt to get ahead of the game. They have the
benefit of being able to acknowledge having received a request and use that
request as an opportunity to give their objection to weakening users'
security. This would not be the case if instead they had been presented with a
National Security Letter (as may have been the case in some of the instances
suggested by the article).

~~~
paulddraper
Apple wants to stay as far away from hacking the world as possible. If a
weapon/tool like that exists, they'll be asked to use it. Or it'll be stolen.
Or copied. Etc.

------
dmak
Knocking and asking someone to open the door for you to let you in their house
is different from asking someone for the key to their house.

