Hacker News new | past | comments | ask | show | jobs | submit login
The Time Tim Cook Stood His Ground Against the FBI (wired.com)
82 points by Elof on April 16, 2019 | hide | past | favorite | 21 comments

> The writ “was not a simple request for assistance in a criminal case,” explained Sewell. “It was a forty-two-page pleading by the government that started out with this litany of the horrible things that had been done in San Bernardino. And then this... somewhat biased litany of all the times that Apple had said no to what were portrayed as very reasonable requests. So this was what, in the law, we call a speaking complaint. It was meant to from day one tell a story... that would get the public against Apple.”

> The team came to the conclusion that the judge’s order was a PR move—a very public arm twisting to pressure Apple into complying with the FBI’s demands—and that it could be serious trouble for the company. Apple “is a famous, incredibly powerful consumer brand and we are going to be standing up against the FBI and saying in effect, ‘No, we’re not going to give you the thing that you’re looking for to try to deal with this terrorist threat,’” said Sewell.

On the contrary, Apple's refusal was a PR move, and this whole article is a submarine. https://www.wired.com/2016/02/apples-fbi-battle-is-complicat... has a better explanation.

What really happened is that Apple loudly proclaimed that they had made it impossible to comply with government data requests and even had a marketing page masquerading as a privacy page explaining that. The FBI asked Apple to put a build on a phone that would allow them to brute force the passcode, leaving the device and the build on Apple's premises the entire time. This showed that Apple's claim was false in practice. Apple quickly removed that marketing page in the wake of the news.

> The FBI asked Apple to put a build on a phone that would allow them to brute force the passcode, leaving the device and the build on Apple's premises the entire time.

It doesn't matter how well it might be locked down or secured. If the government coerced them into building it, it wouldn't be difficult to go one more step and require apple to hand over the modified OS.

This [1] does a great job of explaining why building a master key is just a bad idea. This is a pandora's box we do not need to open.

[1] https://www.youtube.com/watch?v=VPBH1eW28mo

The master key already exists. It is the key used to sign builds.

Edit: downvotes of easily verifiable facts are causing hn to block me from responding. At the time Apple made the false marketing claims, no passcode was required to install a signed build. Hence, the FBI's request.

The FBI was asking for no more than what Apple could already do, and it was letting Apple control the whole process. The problem was that what Apple could already do disagreed with what Apple told its customers that it could do.

Except in the case that the device will not accept the build without the user's passcode, right?

Correct. This may not have been perfectly locked down before the secure element, but Apple’s design goal has always been that the device hardware prevents even Apple itself from retrieving encrypted data without the passcode, and that passcode should have a strictly limited number of attempts to guess.

Bugs will always be found and it’s a mistake to think even the latest iPhone is immune to attack. In particular, the baseband continues to be a large attack surface, and IMO is the vector most likely used by the Saudis to remotely access iPhones on their cellular network.

I’d feel safer if a powered off iPhone did not connect to any network (WiFi, Cell, or USB) after booting until the passcode is entered.

How does the FBI asking Apple something make Apple's claim false?

Because Apple said to customers that it would be impossible for Apple to get data off the phone. The simple technique in the FBI's request showed that to be a lie.

See the "not technically feasible" marketing claim quoted on https://gizmodo.com/apple-wont-turn-over-your-phones-data-to... that has magically disappeared from the linked "privacy" page.

... it would be impossible (without creating a back door that would potentially weaken the entire line). Though it's undisclosed what the consultancy had done.

Nonsense. Apple already has a backdoor. It has the signing key that would allow it to create the build the FBI specified if Apple wanted to access the data on the phone. (The only problem for the FBI was that Apple didn't want to access the data because Apple claimed it was technically infeasible in a lie to its customers.) Securing the key and securing the build are essentially the same thing. Keep both on premises, and that is exactly what the FBI specified.

Why doesn't he stand up to the Saudis? It's quite strange. I know people will say it's about money, but that's a really unsatisfying answer.

> From a public relations standpoint, Apple had always been on the side of privacy advocates and civil libertarians.

Oh give me a break. Apple only cares about American user privacy, and only then because it aligns with their business interests. Where is the oh-so-noble Tim Cook protesting the heinous civil rights and privacy violations in the business they do in China? Nowhere. Apple only cares about user privacy so much as it makes them money - in the US that means resisting the government, and in China it means hopping into bed with Big Daddy Xi.

Edit: For example, Snowden leaked an NSA slide saying that Apple had given in to cooperate with Prism, but Apple denied-denied-denied as soon as the news broke. It was only post-Snowden, when privacy could be monetized, that Apple suddenly started to care.

You're downvoted because (ignoring for now the Apple fanboys who can't abide any criticism of Apple) your edit is wrong as explained elsewhere in these comments. Your initial China point is spot on.

While we are on the subject, shall we go over Apple caving in to Prism participation shortly after Jobs death?

Have Tim Cook pulled them out by any chance? Or are they still siphoning off pretty much everything feds want that way despite all their very hard and very public stance against the FBI? It might be not acceptable in court per se, but it does put their "pro-privacy stance" in perspective.

Apple didn't "participate in PRISM." The only participants in PRISM are the FBI, the NSA, and government contractors that implemented the PRISM system, as the slides clearly show: http://www.washingtonpost.com/wp-srv/special/politics/prism-...

PotatA-potatO. They are knowingly leaking.


(includes your slide in a proper context)

No, they knowingly complied with individual users' data requests from the FBI. That is not leaking. You seem to believe PRISM has access to a lot more data than it actually does.

Greenwald, out of an abundance of incompetence, believed that DITU was a device in the companies' datacenters. DITU is a division of the FBI, not a device.

Edit: downvotes are causing hn to prevent me from responding, but the sibling comment from Anechoic is also wrong. That is not what the slide shows. The linked slide shows that PRISM ingested data legally obtained by the FBI.

Generally when this debate comes up, folks point to this [0] slide as evidence that Apple was a willing participant when is says no such thing. You are correct that the slide you linked to indicates that the data were flowing through the FBI DITU.

[0] https://en.m.wikipedia.org/wiki/PRISM_(surveillance_program)...

PRISM is a data processing system that ingests data that the FBI already has. There is nothing in that system for Apple to participate in, willingly or unwillingly.

The slide shows that NSA was collecting data from those providers, not that the providers willingly supplied the data. When someone steals from you, the victim didn't "knowingly" give the property away.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact