FBI vs. Apple

[Thomp]

Put4558350, let us continue our conversation here.

[Volbet]

A couple of things

1. It would probably help if you mentioned the person you want to talk with. That way the person knows you want to engage in a conversation.
2. If your goal is to have a conversation with a specific person(s), then I would recommend starting a PM thread instead of a public one.

[Thomp]

I am attempting to continue a conversation I was having with someone on YouTube.  I have linked them this thread, and we'd prefer it were public, and allow others to share their opinions as well.  Thanks for the tips though.

[put4558350]

Hallo, first of all. I was not us citizen. my words may look strange. my opinion might different. but it will be logical.

 

If fbi give that phone to apple apple unlock it remove all trace of tools and return it to fbi. no similar case request in mass later. that's ok.

 

But apple should not make master key that can unlock all iphone and give it to fbi. and that is what fbi request

 

1. fbi start with a lie by say that this is for only this phone.

 

2. but it's not only this phone there is about a 15 iphone in the pass and unknow number in future. They want the precedent in place so it's about all phone of all brand.

 

3. if they can ask for this kind of support. they will exploid it by ask apple to track every one camera microphone gps. and this lead to a search without warrant much like nsa prism.

 

4. they can order apple to remote listen, view camera, and get location. it have been happen until this mass surveillance was found on iphone in 2011. spyware like Carrier IQ found on 150 million devices before it was found. Sprint, T-Mobile using it and Carrier IQ now Acquired by AT&T.

 

5. iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device. FBI might lied and make this problem so they can get court order.

Edited February 24, 2016 by put4558350
change in part 5 to soften wording part 4 add name

[Thomp]

If you don't mind me asking, where are you a citizen of? 

 

1. fbi start with a lie by say that this is for only this phone.

 

This is not a lie, you misinterpret their request.  They have asked apple to do nearly exactly what you claimed would be okay for them to do, meaning they have no intention of using the technology without proper clearance. Each time an investigation takes place, they would collect a warrant, and have apple unlock that device. It would be a violation of Americans 4th amendment rights, and a huge, nationwide scandal if they abused it.

 

2. but it's not only this phone there is about a 15 iphone in the pass and unknow number in future. They want the precedent in place so it's about all phone of all brand.

 

This is an assumption based on fear.  You have a healthy skepticism of the governments intentions, and that is OK.  However, the point the FBI makes is clear.  No matter what kind of device, be it a PC, smartphone, camera, etc... if you are reasonably suspected of criminal activity, with reasonable suspicion that details or evidence of such activity resides on a digital device, that device shall become subject to search & seizure.   

 

3. if they can ask for this kind of support. they will exploid it by ask apple to track every one camera microphone gps. and this lead to a search without warrant much like nsa prism.

 

You are still making assumptions based on fear that this will be exploited. Apple are the only ones who could provide an official solution to this.  Any third party hacks/exploits would be patched by Apple upon discovery of them.  This is why they request Apple create a decryption method, provided the code for such a method be kept secret within Apple, and only utilized upon proper court order.  As far as NSA Prism, this is not an example of search without warrant.  When you post or search something on the internet, that word or phrase is public information.  The NSA simply has a way to search through and filter these phrases with an emphasis on things that could be construed as dangerous or threats to national security.  They can then use the fact that you've searched for / heavily researched a potentially dangerous topic, as probable cause for the warrant for search and seizure of your device. 

 

4. they can order apple to remote listen, view camera, and get location. it have been happen until this mass surveillance was found on iphone in 2011. spyware like Carrier IQ found on 150 million devices before it was found. Sprint, T-Mobile using it and Carrier IQ now Acquired by AT&T.

 

I will assume you are referring to this " Under a program that fell under the overall NSA domestic surveillance operation known as "Stellar Wind," the government swept up information including email accounts and IP addresses, but not the contents of the messages themselves. The program began by targeting emails with at least one party outside the United States, but expanded in 2007 to domestic messages. The Obama administration continued the effort after taking office before shutting it down in 2011.   I really don't see any harm that could be done by gathering e-mail addresses and IP addresses.  If they ordered Apple to " remote listen, view camera, and get location"  it would only be for a dangerous, suspected criminal, with a proper warrant.  We should hope these things could be possible for situations like, kidnappings, human trafficking, serial killers, etc...

 

5.iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device. FBI might lied and make this problem so they can get court order.

 

I think the keyword here is "might".  You are making another assumption that the FBI is lying, this is not a valid argument that proves any point.  In what way could the phone have been changed without a way to unlock it? Altering the device was not needed for court order... all they needed for that was the fact that the phone belonged to one of the terrorists who killed 14 innocent people.

 

6. Consider if FBI asked Apple to create a separate lock screen for emergency use by the government.  Such a lock screen would have the same encryption methods as the normal user lock screen (data erase after 10 failed attempts, device lock up for long periods of time upon failed attempts).  This emergency lock screen could access the device through a one-time, time-sensitive, randomly generated code by Apple, and given to the authorities under the proper circumstances.  Apple would have complete control over these access codes, when they are generated, and how they are kept secure.  This is the kind of solution that I believe the FBI wishes for Apple and other companies to provide. Not to mention in this particular case, that the phone in question is the terrorists work phone, owned by the state.

 

 

[put4558350]

Thai

 

1. This is not a lie, you misinterpret their request.  They have asked apple to do nearly exactly what you claimed would be okay for them to do, meaning they have no intention of using the technology without proper clearance. Each time an investigation takes place, they would collect a warrant, and have apple unlock that device. It would be a violation of Americans 4th amendment rights, and a huge, nationwide scandal if they abused it.

 

- it is a lie. there public request and court order is not the same thing. and court order is to make master key for every phone.

 

2. This is an assumption based on fear.  You have a healthy skepticism of the governments intentions, and that is OK.  However, the point the FBI makes is clear.  No matter what kind of device, be it a PC, smartphone, camera, etc... if you are reasonably suspected of criminal activity, with reasonable suspicion that details or evidence of such activity resides on a digital device, that device shall become subject to search & seizure.   

 

- it's support that fbi lie more than one. they say they want to unlock only this phone but there is about a 15 iphone in the pass. and apple have been give icloud backup to fbi too.

 

3. You are still making assumptions based on fear that this will be exploited. Apple are the only ones who could provide an official solution to this.  Any third party hacks/exploits would be patched by Apple upon discovery of them.  This is why they request Apple create a decryption method, provided the code for such a method be kept secret within Apple, and only utilized upon proper court order.  As far as NSA Prism, this is not an example of search without warrant.  When you post or search something on the internet, that word or phrase is public information.  The NSA simply has a way to search through and filter these phrases with an emphasis on things that could be construed as dangerous or threats to national security.  They can then use the fact that you've searched for / heavily researched a potentially dangerous topic, as probable cause for the warrant for search and seizure of your device. 

 

- NSA Prism is search without warrant. phone call, email and other communications is not public information there loophole is one side "might" not in usa.

 

4. I will assume you are referring to this " Under a program that fell under the overall NSA domestic surveillance operation known as "Stellar Wind," the government swept up information including email accounts and IP addresses, but not the contents of the messages themselves. The program began by targeting emails with at least one party outside the United States, but expanded in 2007 to domestic messages. The Obama administration continued the effort after taking office before shutting it down in 2011.   I really don't see any harm that could be done by gathering e-mail addresses and IP addresses.  If they ordered Apple to " remote listen, view camera, and get location"  it would only be for a dangerous, suspected criminal, with a proper warrant.  We should hope these things could be possible for situations like, kidnappings, human trafficking, serial killers, etc...

 

- I talk about Carrier IQ it's open door to every phone and for every one that not get update or root/jailbreak to remove it. phone's location. logging key input. again search without warrant.

 

5. I think the keyword here is "might".  You are making another assumption that the FBI is lying, this is not a valid argument that proves any point.  In what way could the phone have been changed without a way to unlock it? Altering the device was not needed for court order... all they needed for that was the fact that the phone belonged to one of the terrorists who killed 14 innocent people.

 

- as late news FBI already confirms that it reset the San Bernardino shooter's iCloud password since 2/21/16. fbi may try to change iCloud password to log in to the phone. but using someone who don't know every thing on important evidence. fbi is really that stupid ?

 

Apple ID / iCloud password can change at https://iforgot.apple.com

 

6. Consider if FBI asked Apple to create a separate lock screen for emergency use by the government.  Such a lock screen would have the same encryption methods as the normal user lock screen (data erase after 10 failed attempts, device lock up for long periods of time upon failed attempts).  This emergency lock screen could access the device through a one-time, time-sensitive, randomly generated code by Apple, and given to the authorities under the proper circumstances.  Apple would have complete control over these access codes, when they are generated, and how they are kept secure.  This is the kind of solution that I believe the FBI wishes for Apple and other companies to provide. Not to mention in this particular case, that the phone in question is the terrorists work phone, owned by the state.

 

- when iphone update. phone will send extra infomation to apple. this extra infomation will be mix in signature so it can used only one time. but fbi can get every copy of that update using Man-in-the-middle attack. after alot of time they can figure the signature / Encryption Algorithm that can open all iphone.

 

that why I say If fbi give that phone to apple. apple unlock it remove all trace of tools and return it to fbi. no similar case request in mass later. that's ok for me.

[Thomp]

I agree with the solution you propose. Although I personally believe Apple could create a software solution to this, similar to the one I proposed, that would be just as hard to infiltrate as the current security on the device. The reason the FBI wouldn't be able to figure out the encryption algorithm, is that Apple would be in control of when the one time key is generated.  Until this very specific key is generated, no key could open the lock. I imagine Apple could input the device's specific serial number, using that as a parameter to generate a key, that will only work on the device with that serial number, will only work one time, and no other key be accepted until another specific one is generated by Apple. 

 

It is essentially the same solution you have accepted, except it removes the need to physically give the phone to Apple for it to be unlocked.  I feel that giving the phone to Apple to unlock could introduce skepticism about whether or not Apple tampers with possible evidence/data on the device before it is given back to FBI.  I understand this would likely be considered treason, but would be very difficult if not impossible to prove without a non bias third party, or gov official to witness that the device is only unlocked, tools removed, and nothing else. 

 

and by the way, I read about Prism and saw nothing about phone calls, emails, or communications... All I read was about a search filter for specific keywords. Can you direct me where to read about this?  And as for carrier IQ, they had nothing to do with the government... they wanted to collect data that could help carriers fix problems and their program ended up being arguably flawed/illegal.  This is not a search without warrant, there would have to be law enforcement to search...  this is just invasion of privacy by private company.  Some merely speculate FBI had access to this data.  Speculation is not a valid argument. 

 

[Nup]

Well props for you guys having a pretty chill discussion. 

[Thomp]

Thanks Nup, do you have any thoughts on the subject?

[put4558350]

https://en.wikipedia.org/wiki/PRISM_%28surveillance_program%29#The_program

 

as for carrier IQ. AT&T, Sprint, and T-Mobile confirm that it was on there phone. apple samsung htc also participate. it's just too big group to using only one software and on usa only. we don't know where data go. and fbi denied give manual to public until now so it's a good speculation.

[LukeTim]

I am on Put's side in this.

This is definitely not only about the San Bernadino phone. This is about the legal precedent. They are using San Bernadino because they know it will garner the most public support.

 

Do you really think the FBI couldn't figure out a way to decrypt it themselves? They want legal justification so they can do this as freely and as easily as they like any time in the future. If they want to decrypt an Android phone, too, they'll have a precedent for that. In fact it extends even beyond phones. Any encrypted device. It gives them legal precedent to access any of your private, encrypted data they like provided they have "reasonable suspicion" (somewhat vague and I understand was very relaxed by the Patriot Act) that you're up to no good.

On top of all of this, I don't even think it would help. Do you really think a Terrorist organization like ISIS is dumb enough to trust an American hardware manufacturer's encryption to keep their private communications secure? They will have external protocols and encryption schemes which would keep communications secure regardless of the device's own built in encryption. If they don't I would be very surprised. They seem pretty tech savvy to me. And in fact even if they (and others) don't now, they all will in future if the FBI starts decrypting all these phones. Nothing (besides perhaps a little time) stops the criminals from adding any extra encryption they like.

And because it won't help in terrorist investigations, the only effect it is going to have is that innocent individuals like you and I could potentially be at risk if this weakened version of iOS were to somehow get into the hands of black hat hackers.

It's lose-lose. I can't see any positive outcome of the FBI getting what they want here.

Oh, and if you think the FBI are just going to hand the phone to Apple and then Apple will decrypt and hand it back I am not sure you understand security. That is trusting a third party with critical data in an investigation. They would never do that. They can't afford to trust Apple not to tamper with anything before handing it back. They want a backdoor they can use themselves. They want Apple to essentially give them an iOS update they can manually install that cripples the encryption. If this were to get out somehow (these things find a way, and I am sure cyber criminals would pay highly for it), then every average joe with an iPhone could potentially be fucked.

 

Those are my thoughts on the whole thing anyway. The point about criminals using their own encryption I think is the most important. You cannot stop people from using encryption to block you from seeing their information if they want to. So, I think that any attempt to do so is not only futile but just leaves everybody worse off.

[Thomp]

You make some really good points Luke.  I agree with most of what you said.  However,  lets pretend an encrypted device is a locked home.  If there is probable cause, a search warrant is granted and law enforcement shows up to search this home.  This is already legal and common practice.  The door is locked so they ask the homeowners to let them in, providing the search warrant.  The homeowners refuse to open the door.  At this point the government has a decision to make.  Do they

 

A. Find a way to pick the lock or break down the door on thier own?

 

B. Contact the lock manufacturer and ask for assistance in opening the lock?

 

C. Court order all lock manufacturers to create master keys to their locks to be provided to the government?

 

Answer C sounds absurd, and many believe this to be what the FBI seeks to gain from the momentum of the terrorist attack.  I personally see their request to apple as more of the answer B approach.  So long as the FBI can prove thier actions are kosher, why should companies deny them assistance?  Our FBI should bear the burden of learning to pick locks and decrypt software on top of the already monumental burden of enforcing federal law?  Whatever the FBI needs to do in terms of rewording their request, or reformatting thier court order, needs to be done so the idea of setting a legal precedent for answer C stops weighing on everyones mind.  Unlock this one lock without telling the FBI or anyone else how its done, and be done with it.

 

 

[put4558350]

Question is how to make sure that fbi don't push for answers C in future.

 

there is 10+ phone before this and fbi ask apple to unlock. they know how icloud work and create this problem by reset icloud.

 

once it pass fbi can ask other spying stuff form apple, google etc

cover everything under gag order. and other nations will request the same.

 

[Thomp]

Well lets hope the FBI realizes this and changes their request to something less intrusive. 

 

Thanks for all the info put, i know there was a language barrier and it was hard to understand you at times, but you are quite intelligent.

 

If you don't mind me asking, do you still live in Thailand?  if you do, what sparked your interest about all this?  It's weird to imagine people in other countries taking such an interest in affairs like this one.  Is it because people there buy iphones too, and would be worried about our government having access?

[straight_stewie]

What bothers me about this deal is that it's making me confused as to why the NSA even exists. If anything Edward Snowden leaked was true, or if the court cases where the NSA and the FCC sued Verizon for the "production of tangible things" aren't made up, and if they built a data center in Lehigh Utah to store mobile network data, why on Earth don't they already have the data that's on the phone? 

This might be my tin foil hat talking, but it seems obvious that one of four cases exists: The NSA will not share information with the FBI (in which case, why do they exist?), the NSA has shared the information with the FBI and they now need a way to publicize that information, the NSA's capabilities are grossly overrated, or any of the previous options and the FBI/government just sees an opportunity to make a legal precedent to do this (not that they need it, read the Freedom Act, it's already legal).

[Okjoek]

It's the age old debate of privacy/liberty VS Security/order

I personally think security takes priority. Apple should cooperate IMHO.

[put4558350]

I was a programmer who love to get information about it. I know how to hack easy stuff like brute force zip file or undeleted stuff after empty recyclebin or run usb linux to get file form virus/unbootable pc, ect. So I know how important this case is.

 

In thai we have complicated politics affairs. include single gateway plan that just expose. because of it I might too attention in privacy news.

 

there is one thing I have to tell every one who still support unlock this iphone. those who change privacy for security. will not get both. good guy have one more tools, but bad guy also adapt (and sometime get that same tools). normal people loss privacy and have same (or less) security.

[Thomp]

Quote

11 hours ago, straight_stewie said:

What bothers me about this deal is that it's making me confused as to why the NSA even exists. If anything Edward Snowden leaked was true, or if the court cases where the NSA and the FCC sued Verizon for the "production of tangible things" aren't made up, and if they built a data center in Lehigh Utah to store mobile network data, why on Earth don't they already have the data that's on the phone? 

This might be my tin foil hat talking, but it seems obvious that one of four cases exists: The NSA will not share information with the FBI (in which case, why do they exist?), the NSA has shared the information with the FBI and they now need a way to publicize that information, the NSA's capabilities are grossly overrated, or any of the previous options and the FBI/government just sees an opportunity to make a legal precedent to do this (not that they need it, read the Freedom Act, it's already legal).

 

Stewie, the NSA does have the data you are speaking of.  This data would not include files/pictures/data on the local phone storage.  The mobile carriers did not want to build & maintain large servers to hold all this archived data (phone calls, emails, texts, Things that are sent over the mobile carrier network).  So the NSA said "okay we'll build the servers, you guys dump all the data onto our servers when you would normally get rid of it."  The NSA and the FBI still need proper search warrants to access those servers in Utah. But no, much of the data on this phone wouldn't be located on those servers, and any of the data that was, has likely already been recovered. 

I agree with Okjoek that Apple should cooperate, which I feel that they will in time.  They will appeal the court orders and talk it out with some security experts and come up with a way to retrieve the phone's storage contents without putting all the other Apple customers at risk.  If the government isn't willing to come together and work out a solution, then Apple should hold their ground.  As for setting a legal precedent, the feds can already regulate businesses to create guns, drugs, cars, etc.. in specific ways that keep us safe and healthy.  There is no legal precedent being set here, it's just a matter of the security of smartphone users possibly being put a risk by way of forcing an insecure OS being created in the public eye. 

 

[put4558350]

if fbi/nsa fix paper work, let apple unlock this phone, not seek to develope there own unlock methord, sing some agreement not set any legal precedent.

 

Apple should unlock this one phone. and it must be only one time.

 

my idea is kind of like this two guy. listen to them.

v