
Apple wants the FBI to reveal how it hacked the San Bernardino killer's iPhone - salmonet
http://www.latimes.com/business/technology/la-fi-tn-apple-next-steps-20160330-story.html
======
incepted
I really find this whole thing hilarious.

First, it's Apple sticking it to the FBI by making a stand for privacy and
receiving public accolades doing so as a champion of privacy. The FBI is the
bad guy trying to invade our privacy.

Now, it's the FBI sending a giant "screw you" to Apple by not only letting
them know they were able to hack into the phone without Apple's help but at
the same time, making a mockery of Apple's entire security claims. And now,
Apple is in panic mode, slowly realizing that they went from being the hero of
privacy in the modern age to the company that wasn't able to secure its phone
from the FBI. From the FBI. Of all things.

No wonder they are freaking out and they want to know how the FBI did it.

Except that if I were them, I certainly wouldn't ask that publicly, I would at
least pretend I know how the FBI did it and claim that it's already fixed in
the next version of the OS.

Which still means that tens of millions of iPhones are at risk today and will
be for months, but at least, you get to pretend that you're ahead of the FBI
while right now, it's pretty obvious that Apple has been outsmarted by a
government agency.

The bottom line is that in this line of work, it pays to be discreet and
humble.

~~~
mikeash
This certainly isn't how it looks to me. The FBI comes off looking like
complete fools to me. They said that they needed Apple's help to get into this
phone, that there was no other way, and that Apple's refusal to help
endangered national security, humanity, and the universe. Then they got called
in front of Congress and schooled by a Congressman, one of the last places
you'd expect to find anyone remotely technically competent, about NAND
mirroring. A few weeks later, they call the whole thing off, saying they
didn't need Apple's help after all.

They come off looking like complete fools _at best_ , since their huge public
spectacle was based on "only Apple can do this," and now that it turns out
they could have done it themselves, it just looks like they're incompetent.

Meanwhile Apple comes off as fully committed to their customers' privacy even
when it means standing up to the US government. The fact that the FBI was able
to get into this phone doesn't really change much; the mere fact that _Apple_
could have gotten into it already means that security was lacking on it, but
it seems to me that everybody understood that this was an older model and
newer ones are better. Which is funny, because I'm pretty sure both the FBI's
proposed attack from Apple and whatever the FBI did themselves would work on
the latest hardware too, but just about everyone is convinced that the Secure
Enclave would prevent it. And then in September Apple will announce the iPhone
7 with Even Better Security, further demonstrating their commitment in this
area.

~~~
visarga
> Meanwhile Apple comes off as fully committed to their customers' privacy
> even when it means standing up to the US government.

My conspiracy theory instincts tell me that this is a play to fool us into
thinking that Apple is fighting for our privacy, in order to make us trust
Apple unconditionally and in the meantime not develop new ways of hiding our
communications. In reality I think the government always gets what it wants.

------
overloaded
Can anyone find any actual citation for Apple wanting "the FBI to reveal"
anything? There's quotes from an AVG spokesperson in the article, and the
paragraph "Attorneys for Apple are researching legal tactics to compel the
government..." but no specific sources.

The author, on Twitter, said that "last week" Apple said they wanted to know
what the exploit was, but the announcement about a successful exploit was only
two days ago.

~~~
fjarlq
Good point. The only official statement from Apple that I can find is this
one, which doesn't ask the FBI to reveal or do anything:

[http://www.loopinsight.com/2016/03/28/apples-statement-on-
go...](http://www.loopinsight.com/2016/03/28/apples-statement-on-government-
dismissal-of-iphone-case/)

(I couldn't find this statement on apple.com, but it has been relayed by many
news sources so I believe it is indeed official.)

------
laurencei
Doesn't this create a kind of precident for future requests to unlock iPhones
on a newer OS? If the FBI/US Gov go to court saying they require Apples
assistance - can't Apple turn around and basically say "this is what you said
last time - and you worked it out - so we are sure you'll work it out again
without our help"?

~~~
viraptor
> for future requests to unlock iPhones on a newer OS

It won't work on newer phones. The whole discussion is possible right now
mainly because it's an iPhone 5c without a secure enclave. With (I believe) 6
and up the protection checking lives inside of an equivalent of PC's TPM. You
can tell it "here's data and key, decode it" or "validate these bytes", but
not "give me the internal key" \- it doesn't support this on hardware level.
(apologies to anyone annoyed at the simplification)

------
bsder
Um, Apple doesn't really care, but they are continuing to stick it to the FBI.

If the FBI cracked the phone, then Apple can smack them with it when this
comes around again. If the FBI didn't crack the phone, then Apple can smack
them with it for dropping the lawsuit.

This is just Apple saying "Fuck you, FBI, for bringing this lawsuit and then
dropping it when things went badly. You're gonna sweat some more before you
get off the hook."

~~~
dogma1138
Apple does care because the public (mainly non US) cares. That said Apple
can't really smack the FBI, in fact if the FBI tries this again on a different
case saying that they've exhausted all options and that neither them nor any
other 3rd party can unlock the phone that puts pressure on Apple not the FBI.

And considering that the according to polling data only about 30% of the
people say that Apple should not unlock the phone and 50% saying they should
the public opinion doesn't really works for them currently.

The FBI might be playing the long game, they'll unlock a couple of phones (or
pretend to do so), even cooperate with Apple and when the time comes go back
to court saying that Apple fixed any potential flaw, and that the FBI might've
even assisted them in doing so and now they hit a wall and need Apple's help.

------
gilgongo
The only people who don't notify software developers of exploits they find in
their systems are criminals. That the FBI are happy to act like black hat
hackers in this is pretty amazing.

~~~
TheSpiceIsLife
I'd be pretty amazed too if I wasn't jaded by knowledge of the history of TLAs
(Three Letter Agencies, or more broadly Three Letter Acronym). I bet TLAs have
quite the collection of exploits and vulnerabilities they don't tell you
about. I'm quite sure some TLAs even acquire exploits on the black market. As
if they _don 't_.

I mean, for heaven's sake, "in Syria, militias armed by the Pentagon fight
those armed by the CIA"[1]. And that's just the latest incarnation of this
tired old worn out story.

Governments are nothing but the criminals we've decided we'd be better paying
off than let run loose, whatever good it's done us. That's why governments
are, ostensibly, so against 'organised crime', just a turf war really.

The only question left, then, is: What major bit of dumbshittery will
government agency XZY slap itself in the face with next and get away with it.

1\. [http://www.latimes.com/world/middleeast/la-fg-cia-
pentagon-i...](http://www.latimes.com/world/middleeast/la-fg-cia-pentagon-
isis-20160327-story.html)

------
bigB
This whole article is hilarious. At no stage whatsoever has Apple actually
made a statement that confirms they haven even requested the method used. All
this laughable article could provide is "quotes" from an antivirus company.
Apple don't really care how they did it, or even if they really did crack it,
just as long as they didn't have to be seen doing it for the government.

~~~
leecarraher
i'm sure they care how it was done so they can fix the security flaw in future
ios devices. but they also have very little legal recourse to get them to do
so (maybe dmca reverse engineering provisions, but thats never been very
viable in court). Furthermore, it's fairly likely they've circumvented the
issue via the secure enclave enhancements in newer ios devices. so why would
they waste a bunch of money on litigation, to argue a position that if they
win only results in exposing their security team of some minor incompetence
that may not even be an issue in current generation devices.

------
belorn
Is it legally acceptable that FBI knows about a criminal activity and do not
act to stop it? A security vulnerability like this will sooner or later be
used by criminals, and the FBI are in the authoritative position to prevent
it. Could future victims sue the government for allowing the crime to occur?
There have been many lawsuits where an ISP has been found guilty for knowingly
host a copyright infringer on their network and not acting to prevent it, so
it should not be too implausible that a government agency responsible to
prevent crime is held to equal or higher standard.

~~~
rtpg
That's a strange standard to hold the FBI up to.

Should police, upon seeing an unlocked car, promptly find the owner and inform
them? Of course that's a nice thing to do as people, but it's not really a
legal obligation.

~~~
studentrob
It's more like, if the police identify an exploitable weakness in a bank
vault, they tell the bank. Businesses and the FBI usually work together to
increase the safety of the public. In this case, there is disagreement about
how to keep the public the most safe.

The FBI does not understand that no government will ever be able to force all
encrypted software to do key escrow with them. That misunderstanding is
costing a heap of tax payer dollars and risking public safety.

------
drjesusphd
Why are we believing anything the FBI says on the matter?

~~~
studentrob
Because it's possible that they actually do think this is the right way to
keep the public safe, and it is possible that domestic law enforcement's
understanding of tech is a lot worse than we imagine.

The NSA and the FBI are very different in their understanding of tech. Former
NSA director Hayden already said he thinks the FBI's plan is no good. He also
said he understands why Comey is pursuing this path. He did _not_ say Comey is
lying.

~~~
drjesusphd
I don't care what Hayden says.

They lied about the motivation for the case, and they lied about a software
update from Apple being the only means of recovering the data.

~~~
studentrob
A good portion of the public still believes James Comey. That includes lower
level law enforcement officers. I want them to do their jobs well. Depending
on access to encrypted communications residing in the phones of terrorists
isn't going to cut it in the future.

It'd be nice if they realized this future is coming very soon. We pay the FBI
to be good at maintaining public safety.

On top of that, the polls about this issue showed there is somewhere between
40 and 50 percent of the public who sides with the FBI in the SB case. If
backdoor legislation is introduced following a terrorist attack, there is a
chance it could pass. We're better off educating the public now about how
encryption works and where it is used.

The people we want to convince already trust the government. They will not
listen if you include "the FBI lied about everything" in your argument. I
think they could understand that backdoor-less encryption tech is better for
our safety than backdoored encryption, given some explanation that one
weakness exposes all devices. And, I think they could understand the
impracticalities of enforcing what the government wants, given some discussion
about how encryption is used in both commercial and free and open source
messaging apps.

------
halis
I'm skeptical that the FBI hacked into the iPhone. Seems more like a 4th
grader trying to save face.

------
_Understated_
Is there any way for Apple to compel them to provide the details? I would
imagine that the Government has made the laws so they don't have to comply
with them the same way we do.

------
bl4ckdu5t
We don't know for sure if the FBI is only bluffing about hacking the phone
just to not have to drag the case further

------
dcw303
Deduction should make it pretty simple. There are a large number of phones out
that law agencies want hacked. If the FBI completely stops asking for
assistance, Apple can consider the exploit still active.

------
marincounty
Which company, or group did the hacking? I was told it was an Israeli company?
If the company is listed, I would be tempted to gamble my last $500?

My luck--it will go down.

(I am curious if someone they really did hack it.)

------
Mikhail_Edoshin
I guess they should file a motion or how does this work to force FBI to
disclose what they did :) It's only fair to give the FBI a chance to write a
public letter too.

------
clort
well it seems to me that now they know the bug exists, and they have the
source code, that makes it easier to find. They have plenty of clever people
at Apple I'm sure they will work it out.

I guess the biggest problem really is that they don't know if this
vulnerability exists in current versions or if it was already fixed. I don't
know that they would normally bother to fix old vulnerabilities but they do
need to work on identifying this one at least.

------
cordite
The FBI usually went with the no-stones-left-unturned analogy. But did they
actually find anything meaningful under this stone that they accidentally
locked up?

------
ccarter84
To best of my knowledge, there's no law saying the Government has to disclose
squat to Apple. Given the public bickering/brinksmenship going on these past
couple weeks, I doubt they'll be inclined to do so, and they're probably also
bound by NDA's from Cellebrite or whoever created the hack (if the Feds even
know how they did it)

There's some irony in here somewhere...

~~~
okonomiyaki3000
Is it possible that the FBI has violated the DMCA?

~~~
clort
Probably not, according to Bruce Schneier

    
    
      https://www.schneier.com/blog/archives/2008/08/dmca_does_not_a.html

~~~
okonomiyaki3000
Yeah, I guess I should have expected that.

------
dexterdog
Does anybody really believe that Apple doesn't either know how it was done or
at least know it was one of X ways (with X being the number of exploits they
know about internally that could have been used)?

This whole circle jerk was about the govt compelling Apple to bypass its own
security so that they can do it in every other case to come after.

------
justdream
Would the TPP be a possible basis for legal action in a case like this?

------
dtf
If it was a million dollar hardware-level exploit, does it really matter? Much
of the excited reporting on this seems to assume the FBI exploited an iOS
software bug... do the press know something we don't?

------
return0
If they want to find out, they should buy Cellebrite.

------
stefanix
I am sure TAO has a rich portfolio of zero day exploits for iPhones. Still
appaled how easily people took this stunt as proof the iPhone is not a
surveillance end point.

------
jackyau
Compared with android phone, it's still better for us. Encryption means it's
hard to decryption not impossible to decryption.

------
tallerholler
what if they just guessed the passcode based on numbers found associated with
the couple or some other means of figuring it out like discovering a commonly
used pin?

------
riotdash
Ask these guys, not the feds: [http://www.cellebrite.com/Pages/cellebrite-
solution-for-lock...](http://www.cellebrite.com/Pages/cellebrite-solution-for-
locked-apple-devices-running-ios-8x)

You are welcome Apple.

~~~
crb
The San Bernadino phone was running iOS 9. (It's reasonable to assume that if
there was a vulnerability in 8.x, Apple would want to have fixed it in 9.)

~~~
camillomiller
Cellebrite is a multinational with lots of resources. I would expect they
already had some solution for iOS 9 devices in the pipeline, which was not
ready to be made into a public product yet. Nonetheless they were more than
happy to field test it with the San Bernardino terrorist's phone. DISCLAIMER:
That's my speculation, based on my own coverage of the whole Apple-FBI thing.

------
bhouston
Isn't this how it was done:

> Apple already knows, and you can be sure the engineers already knew the
> mechanism that can be exploited. They hired an Israel firm to remove the
> nand flash, clone it, and brute force the pin code by trying each
> combination until valid data was readable from the nand flash (combined with
> the hardware encryption key located on a second chip). It's not particularly
> difficult with the right tools and engineers.

Source:
[https://www.reddit.com/r/worldnews/comments/4cj2pd/apple_wan...](https://www.reddit.com/r/worldnews/comments/4cj2pd/apple_wants_the_fbi_to_reveal_how_it_hacked_the/d1iqog9)

~~~
viraptor
It's speculation. Maybe it was, maybe not. Random reddit comment from a person
unrelated to FBI is unlikely to know. Also the "combined with the hardware
encryption key located on a second chip" is handwaving away a lot of
complexity. That's actually the only hard part in this scenario.

