FBI backs off of Apple

[79wjd]

8 minutes ago, typographie said:

Did you encrypt it? Or did Apple encrypt it for you, probably without your input? It may well be a situation where the law hasn't caught up with the times, but I don't think a company in any other context is allowed to hide information in such a way that it cannot be obtained under a legal warrant. Just because it's a tech product, I don't think that should change anything.

 

We aren't talking about the times when the government decides to ignore the restrictions, and we aren't talking about China or Russia. This is an American case and they do have a warrant.

Or I bought an iPhone because I know it's encrypted. Who actually encrypts it doesn't matter.

 

A company just has a legal right to disclose data that it HAS ACCES to. By encrypting it they don't have access to the aforementioned data. And thus they should have no requirement to create a backdoor to decrypt the device. 

 

Its an american case that will have global ramifications. But even forgetting about the rest of the world, I don't trust the US government (or any government for that matter) to have my best intentions at heart (and it's not like that's an unfounded belief -- when governments are given an inch they take a mile -- they'll basically do whatever they want).

[CommandMan7]

@typographie

 

Most of our government has been reasonably trustworthy, but the FBI has never been a trustworthy agency. For it's first 37 years of existence, the director of the FBI, J. Edgar Hoover, regularly abused the FBI's power for his own gain. He scared and intimidated presidents. Harry Truman said, "we want no Gestapo or secret police. The FBI is tending in that direction. They are dabbling in sex-life scandals and plain blackmail." Nixon said of Hoover "We may have on our hands here a man who will pull down the temple with him, including me." This isn't the first time the FBI has sought to bypass the legal system - in 1956, the COINTELPRO project sought to prosecute people based on their political opinions, bypassing recently passed laws forbidding just that. The FBI has never been a friend of the American public and will continue to act according to it's own motives. Although it's been 45 years since J. Edgar, I seriously doubt the organization he essentially founded has changed very much. 

[Markmjb]

Some security analist was speculating on why the FBI backed out, interesting stuff to read for you all (I stole this link from a dutch article btw)

http://www.zdziarski.com/blog/?p=5966

to copy the interesting part of it :

Quote

Most of the tech experts I’ve heard from believe the same as I do – that NAND mirroring is likely being used to some degree to brute force the pin on the device. This is where the NAND chip is typically desoldered, dumped into a file (likely by a chip reader/programmer, which is like a cd burner for chips), and then copied so that if the device begins to wipe or delay after five or ten tries, they can just re-write the original image back to the chip

 

[typographie]

14 minutes ago, CommandMan7 said:

Although it's been 45 years since J. Edgar, I seriously doubt the organization he essentially founded has changed very much. 

All very good and valid historical references, and that's exactly why we require them to have a warrant to conduct a search. It's only when they're trying to bypass the system of checks and balances already in place that we have a problem.

 

15 minutes ago, djdwosk97 said:

Or I bought an iPhone because I know it's encrypted. Who actually encrypts it doesn't matter.

Whether you choosing to buy an iPhone for it's encryption features is equivalent to encrypting it yourself is the sort of question that probably needs a court precedent, and I doubt it's been tackled before. But, hell, it might be a good point. If this case were framed in that way and actually argued that way, I'd probably even be on your side. But that's not what I've been seeing.

[Blade of Grass]

52 minutes ago, typographie said:

Did you encrypt it? Or did Apple encrypt it for you, probably without your input? It may well be a situation where the law hasn't caught up with the times, but I don't think a company in any other context is allowed to hide information in such a way that it cannot be obtained under a legal warrant. Just because it's a tech product, I don't think that should change anything.

 

We aren't talking about the times when the government decides to ignore the restrictions, and we aren't talking about China or Russia. This is an American case and they do have a warrant.

If they do not have access to the data, they cannot be compelled to "give it up". 

 

I.E. 

Here, on the forum, we hold a "copy" of the password that you use; we use it for authentication when you log into the forum. If the government believed that you used the same password on some other site that they wanted access to your accounts on, could they compell us to give them your password? 

Heres the trick though, we don't actually know what your password is. If we look in our database, your password only shows up as something like:

$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a 

(Note, this password hash is the example from the PHP documentation)

We store passwords as a one way hash, and have no access to the original text of it, so what would we do?

We could give them the hash, but it wouldn't be of any help to them.

So what would we do? 

The reality is, there's really nothing that we can do, there's no way we could comply with an order like that. They could charge us thousands of dollars per day, jail is, threaten our families, whatever, but there's nothing we could do to comply with the warrant, and that is exactly why we wouldn't have to. We have no means or capabilities to give them the data (ignoring the fact that the All Writs Act can only require "reasonable technical assistance"), and there's nothing we can change about that. 

 

Apple has a very strong case against the FBI, with a significant amount of precedent behind them. I wouldn't be surprised if the FBI is just trying to put off the court date because they're scrambling to recover from Apple tearing apart their entire argument in the last brief. 

[patrickjp93]

16 hours ago, mathmeister said:

I'm happy that if this works, FBI gets the information and then Apple fixes the exploit and the FBI doesn't get back in. But I was hoping for there to be more of a fight to make a point that information and privacy is important. Many people say, "I'm not doing anything wrong so why does it matter." This goes back to the argument of not caring about free speech because you have nothing to say.

You should be free to say and do what you want until you infringe upon the rights of someone else. That is the premise of common law. You're free to tell "Fire" in a crowded theater without an actual fire, but there are severe consequences for doing so because you infringed upon others' rights to life (herd psychology leads to stampede, long-winded argument) in the process.

[LukeTim]

1 hour ago, typographie said:

Did you encrypt it? Or did Apple encrypt it for you, probably without your input? It may well be a situation where the law hasn't caught up with the times, but I don't think a company in any other context is allowed to hide information in such a way that it cannot be obtained under a legal warrant. Just because it's a tech product, I don't think that should change anything.

 

We aren't talking about the times when the government decides to ignore the restrictions, and we aren't talking about China or Russia. This is an American case and they do have a warrant.

Why do people think this weakening encryption will help at all?

Do people really think organised criminals and terrorists would be stupid enough to rely on US Companies' devices' built in encryption to keep their communications secure? They are going to have their own - probably open source - solutions that they use to keep everything encrypted regardless of what device they're using.

In the case of San Bernardino, the phone was his work phone. Is it really likely to have any information pertaining to the case?

[typographie]

27 minutes ago, Blade of Grass said:

snip

Right, I understand that they do not have access to the data and cannot be compelled to give up data they can't get, and it was never my intent to argue otherwise. Nor do I want Apple to provide the FBI with a backdoor to all iPhones, for the record.

 

But it was Apple's own design that resulted in this situation. My original argument was that I think it seems at least irresponsible for Apple to have deprived themselves of the tools they'd need to comply with this sort of court order. I'm not a lawyer, nor am I am Apple engineer, but it seems dumbfounding to me that Apple would not have foreseen that someday law enforcement might have probable cause to see what's on an iPhone. I'm not necessarily saying the case could proceed in that direction, just that as a U.S. citizen I have trouble seeing Apple as a real "underdog" in this situation.

[Bensemus]

23 minutes ago, typographie said:

But it was Apple's own design that resulted in this situation. My original argument was that I think it seems at least irresponsible for Apple to have deprived themselves of the tools they'd need to comply with this sort of court order.

In the document Apple submitted when the FBI was taking them to court they referenced a law passed by congress that protected company's ability to use end to end encryption. Apple has done nothing illegal by locking themselves out of the OS. I'd suggest reading that document as it seems like the FBI has no case. 

[Gnun1x]

just listen the fuck to the feds and stfu, i dont get this shit

[Blade of Grass]

17 minutes ago, typographie said:

Right, I understand that they do not have access to the data and cannot be compelled to give up data they can't get, and it was never my intent to argue otherwise. Nor do I want Apple to provide the FBI with a backdoor to all iPhones, for the record.

 

But it was Apple's own design that resulted in this situation. My original argument was that I think it seems at least irresponsible for Apple to have deprived themselves of the tools they'd need to comply with this sort of court order. I'm not a lawyer, nor am I am Apple engineer, but it seems dumbfounding to me that Apple would not have foreseen that someday law enforcement might have probable cause to see what's on an iPhone. I'm not necessarily saying the case could proceed in that direction, just that as a U.S. citizen I have trouble seeing Apple as a real "underdog" in this situation.

But it is also our "design" that deprived us of access to the data. Because we hash the passwords instead of storing them in plaintext we cannot access them. Should we be required to change this? 

 

Can a company make an indestructible safe?

[Roawoao]

4 hours ago, Blade of Grass said:

If they do not have access to the data, they cannot be compelled to "give it up". 

 

I.E. 

Here, on the forum, we hold a "copy" of the password that you use; we use it for authentication when you log into the forum. If the government believed that you used the same password on some other site that they wanted access to your accounts on, could they compell us to give them your password? 

Heres the trick though, we don't actually know what your password is. If we look in our database, your password only shows up as something like:

$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a 

(Note, this password hash is the example from the PHP documentation)

We store passwords as a one way hash, and have no access to the original text of it, so what would we do?

We could give them the hash, but it wouldn't be of any help to them.

So what would we do? 

The reality is, there's really nothing that we can do, there's no way we could comply with an order like that. They could charge us thousands of dollars per day, jail is, threaten our families, whatever, but there's nothing we could do to comply with the warrant, and that is exactly why we wouldn't have to. We have no means or capabilities to give them the data (ignoring the fact that the All Writs Act can only require "reasonable technical assistance"), and there's nothing we can change about that. 

 

Apple has a very strong case against the FBI, with a significant amount of precedent behind them. I wouldn't be surprised if the FBI is just trying to put off the court date because they're scrambling to recover from Apple tearing apart their entire argument in the last brief. 

Not really true if compelled by court order they could get you to copy the password as it is entered by altering the login to not hash the entry for that particular user. That way there is no need to reverse the one way hash. Alternatively as they have before they could sieze the entire site and operate as if nothing changed while altering the login prompts and adding all manner of telemetry since it is a software system that physically exist elsewhere. They could even skip the site owners and just goto the physical server location and carry out the order there.

 

Also you would also need to provide the salt to make brute forcing easier so the analogy of helping the FBI as a site owner is even simpler as the user owns no physical hardware and you do have the ablity to weaken the security of the hash by providing said salt which simplifies brute forcing down to the strength of the user password. Even the auto-erase could be replicated on a website as a sort of account automatic delete but this too would be trivial to bypass as an site owner. 

 

And as I've said from the start copying the NAND was the easiest solution and kicks the can down the road. With and FPGA/CPLD bodged with a blob of DRAM you can even emulate a writable NAND or if the boot process doesn't mind a just a simple read only NAND then you will physically disable the automatic wipe or emulate it to trick it into thinking it is erasing while you actually just write the writes to RAM and on reset the flash is just reloaded.

 

Such techniques while much more risky could also be applied to secure enclave phones although you probably would need to get court orders for the fabs where the chips are made/tested/packaged as they will have the hardware test jigs needed to make the process much easier. Again Apple could in theory be bypassed as they don't actually spin the chips themselves. TSMC/Samsung (Taiwan/South Korea) and their friends obviously already has the easy route in bypassing Apple's security model as the physical manufacturing occurs overseas so helping themselves to say things like UIDs/programmed device keys would be trivial as would tampering the the central trust model by say inserting hidden hardware backdoors about and only a chip fab that inserted even be able to point it out and to exploit you would need to be at an advanced test lab which would make it virtually impossible for normal security researchers to detect.

[EmeraldKiwi]

I am kind of curious as to who the "outside party" is.

[Roawoao]

33 minutes ago, EmeraldKiwi said:

I am kind of curious as to who the "outside party" is.

Probably just a random security researcher it doesn't take much to do the NAND dump and emulation most university ECE students with a little bit of FPGA/CPLD knowledge would know how to do it in theory and in practice it just takes a hot air rework gun or even easier just some bodge wires to test pads or traces. I'm sure the iPhone is the subject of a lot of academic security research so it is probably a trivial task for many (Secure enclave phones on the other hand, which this one is not, would require more resources than most researchers would have). The outside part probably doesn't want the PR shitstorm that would result if his name was given out which will likely happen anyway.

[Blade of Grass]

4 hours ago, Roawoao said:

Not really true if compelled by court order they could get you to copy the password as it is entered by altering the login to not hash the entry for that particular user. That way there is no need to reverse the one way hash. Alternatively as they have before they could sieze the entire site and operate as if nothing changed while altering the login prompts and adding all manner of telemetry since it is a software system that physically exist elsewhere. They could even skip the site owners and just goto the physical server location and carry out the order there.

In this case where the user is dead though, this couldn't happen. The difference in your scenario though is that the government is doing it themselves instead of ordering us to do it, quite a bit different from this case. 

Quote

Also you would also need to provide the salt to make brute forcing easier so the analogy of helping the FBI as a site owner is even simpler as the user owns no physical hardware and you do have the ablity to weaken the security of the hash by providing said salt which simplifies brute forcing down to the strength of the user password. Even the auto-erase could be replicated on a website as a sort of account automatic delete but this too would be trivial to bypass as an site owner. 

The password hash I posted includes the salt in it. It still doesn't really help the FBI, and really would be no different than Apple just providing them a copy of the phone's encrypted NAND (which I'm sure the FBI would not be happy with).

EDIT: To clarify, the hash contains the salt in an accessible format, if you base64 decode the part of the hash after the last $, you will find a delimiter in it that separates the user's password and the salt. 

Side note, security of the hash is not weakened, the salt is never considered to be a secret (hence why it is available in plaintext in what I posted), instead, it is used to prevent the use of rainbow tables (precomputed table of password values). 

Quote

And as I've said from the start copying the NAND was the easiest solution and kicks the can down the road. With and FPGA/CPLD bodged with a blob of DRAM you can even emulate a writable NAND or if the boot process doesn't mind a just a simple read only NAND then you will physically disable the automatic wipe or emulate it to trick it into thinking it is erasing while you actually just write the writes to RAM and on reset the flash is just reloaded.

Yeah, I haven't disagreed with you on that. Most experts have been screaming at the FBI that this is an option for a while. 

Quote

Such techniques while much more risky could also be applied to secure enclave phones although you probably would need to get court orders for the fabs where the chips are made/tested/packaged as they will have the hardware test jigs needed to make the process much easier. Again Apple could in theory be bypassed as they don't actually spin the chips themselves. TSMC/Samsung (Taiwan/South Korea) and their friends obviously already has the easy route in bypassing Apple's security model as the physical manufacturing occurs overseas so helping themselves to say things like UIDs/programmed device keys would be trivial as would tampering the the central trust model by say inserting hidden hardware backdoors about and only a chip fab that inserted even be able to point it out and to exploit you would need to be at an advanced test lab which would make it virtually impossible for normal security researchers to detect.

Although in an "ideal" world this may work, it would A) never happen through the public legal system and B) would pose a large security threat (as all backdoors do). There are many places in the world that would have the capabilities to detect those changes, and while "most" wouldn't be able to, you have no control over the few who do. 

[stconquest]

4 hours ago, Roawoao said:

And as I've said from the start copying the NAND was the easiest solution and kicks the can down the road. With and FPGA/CPLD bodged with a blob of DRAM you can even emulate a writable NAND or if the boot process doesn't mind a just a simple read only NAND then you will physically disable the automatic wipe or emulate it to trick it into thinking it is erasing while you actually just write the writes to RAM and on reset the flash is just reloaded.

 

 

12 minutes ago, Blade of Grass said:

Yeah, I haven't disagreed with you on that. Most experts have been screaming at the FBI that this is an option for a while. 

I know literally nothing about encryption/decryption and this very suggestion was the first thing I posted here regarding this debacle so many weeks ago;  in a crude way ofc.

[Roawoao]

2 hours ago, Blade of Grass said:

In this case where the user is dead though, this couldn't happen. The difference in your scenario though is that the government is doing it themselves instead of ordering us to do it, quite a bit different from this case. 

The password hash I posted includes the salt in it. It still doesn't really help the FBI, and really would be no different than Apple just providing them a copy of the phone's encrypted NAND (which I'm sure the FBI would not be happy with).

Side note, security of the hash is not weakened, the salt is never considered to be a secret (hence why it is available in plaintext in what I posted), instead, it is used to prevent the use of rainbow tables (precomputed table of password values). 

Yeah, I haven't disagreed with you on that. Most experts have been screaming at the FBI that this is an option for a while. 

Although in an "ideal" world this may work, it would A) never happen through the public legal system and B) would pose a large security threat (as all backdoors do). There are many places in the world that would have the capabilities to detect those changes, and while "most" wouldn't be able to, you have no control over the few who do. 

Doesn't mean they can't force it for future targets as this does happen in practice for far more illegal sites. The government can do it themselves in a sense but they are still forcing some company to comply and assist with their takeover. No server farm is going to say nope to a legitimate court order as the legal consequences are severe.

 

The salt is important and Apple has provided it in the past to the FBI and it is different than just providing the encrypted NAND as the salt is not stored on the NAND but burned into the processor and while not hidden is typically not revealed willy nilly. The same for a website in that you don't go parading around the real salts (I doubt many would like it if you posted the entire forum's actual salt values even if you got rid of the hash). Typically speaking the salts while in plain text are still protected as they too are important data which without the value makes a brute force attack nearly impossible with a long random salt value. Again no one should go posting their apple UDIDs as this is a poor security decision. UDIDs are also in plain text but it is a bad idea to go posting your real one. 

 

Just as you did not post the salt values from the actual database as that would be a poor security decision. Not only does the salt protect against rainbow table attacks it does this by key stretching the user key with a random value if you lack this salt brute forcing would be very difficult. In this way you help by providing the hash and salt in good faith instead of trying to make it as hard as possible for them to brute force the code. 

 

If you say only handed over the hash minus the salt saying that is all the FBI was asking it would much more difficult to brute force without the salt value known. They would obviously get a court order to force you to hand over the entire string salt included and you have no recourse. This is assuming you say wanted to be difficult even though you had the technical means to help.

 

On the hardware attack side,

A) Asia has a different/multiple legal systems making it almost impossible to know if there isn't already a backdoor embedded in silicon that possibly even Apple does not know exists.

B) Obviously it is a large security threat expect only governments of any kind can really exploit it due to the resource/expertise cost being so high.

C) Nothing prevents a targeted attack from occurring in say one revision or for one region or even to specific individuals (intercept shipping transplants). To detect this you would have to do extensive analysis on countless samples spending millions of dollars and even then it would be difficult. How can you tell the difference when they could just say they are different revisions of the die or in the case of multiple suppliers just fab specific differences. (Apple does like dual sourcing)

 

Relying on security researchers with enough resources to detect such changes means your relying on what is likely government agencies which may be the same groups implementing the hardware backdoor. Independent researchers wouldn't have the coverage needed to detect a targeted attack with such sophistication without some government backing which would then obviously lead back to the same problem. You literally would need to be some large government intelligence agency to be able to detect such attacks.

 

 

 

Pfsense has the right idea on all this government surveillance worries.

https://forum.pfsense.org/index.php?topic=71015.0

Quote

6. You cannot be sure. Unless you have inspected all the source code that goes into pfSense and the FreeBSD base code personally and then built it yourself on a machine you trust implicitly. Then there is the prospect that whatever hardware you run it on may have been compromised already as JimP mentioned. At least with pfSense you can run on anything you like so that tips the odds in your favour massively. 

With a phone you trust TMSC, Samsung, Fedex, UPS, Amazon/Ebay/..., countless middle men, customs, government, ... the list is massive in how many people you implicitly trust with your device's physical security before you even hold it in your hand. Some groups may not even be in the same country and some countries may have wildly different ideas on privacy. 

 

Some people get paranoid at this point but I just don't care I know of it as Google analytics already knows where I visited before I even owned a cellphone and before I even turned on location services how kind of them to work backwards.... 

 

We trade our privacy every day many of the apps on your cellphone probably have more access then the FBI could ever get. Some are super shady and love to take device IDs and use permissions well beyond what is needed to function to get the best possible telemetry and most people are blissfully unaware.

 

Finally civilization/society/business only operates because of trust and given we vote to elect our governments in say the US/Canada I tend to find it odd that some think the government is some evil dictatorship and cook up all sorts of crazy conspiracy theories. (Maybe vote for someone else next time) Do I care that Google knows where I go 24/7/365 no. Would I care if the government knew where I was as well no not either especially since they can always figure that out via cell records. 

 

Things like automated cars imply a future of total surveillance otherwise how else would roads and cars automatically share data to map out the roads/people/objects in real time (Smart roads, signals, cameras, cars... all being processed in the "cloud"). Some level of trust and regulation is obviously needed but I don't think it is impossible to find some balance. Also in an future with more advanced hololens type stuff having a online realtime map of the 3d world (at least public streets) would be revolutionary in useful applications but at the same time not only are you being tracked down to the sub mm precision in 3d but the entire world may end up being captured in real time to make AR super useful.

 

As all the scaremongering government officials love to say it is just a matter of time before dumb terrorists realize how to use strong encryption to hide their activities and when they do it will be mathematically difficult to access such information they are just slower than most smart non-terrorists but it doesn't mean it will never happen. When that time comes the backlash against balanced regulation will be insane and you'll get another patriot act type thing and NSA insanity of downloading the internet just this time with all the private signing keys. That would be what I'd call a catastrophe. 

 

Also encryption is a waste of energy fundamentally speaking it uses far more energy than plain text and now even has a physical resource pinned to it due to fixed function accelerators being used as encryption becomes a requirement for no particular reason. Many garage openers still use fixed codes which are terribly insecure but people still use them because it also happens to be illegal to steal. Furthermore almost all physical locks used in practice are easily lock picked yet there is no security catastrophe. Obviously financial transactions should be encrypted and safety critical systems should really just not be on the internet in the first place. 

 

The ultimate example of waste of energy on cryptography is cryptocurrencies where you literally must a significant amount of energy just to complete a transaction even if it is just for a cup of coffee if you didn't want to rely on middlemen. A centralized trust model works well enough if done right and doesn't have the same energy requirements as a proof of work system. (Also it can scale easily to millions of encrypted transactions per second with far lower overhead than bitcoins) 

 

 

[Hexram]

13 hours ago, huilun02 said:

This and Trump make Hitler look like a saint

But Americans seem fine with it

Is that a joke? That is extremely offensive. Unless you were alive between 1939 and 1945 i dont think you can make a comment like that. 60 million people died as a result of Hitlers actions. You statement makes light of the losses that were sustained. For you to think the FBI requesting access to a terrorists phone and someone excersising their right to freedom of speach while campaigning because these are different from your beliefs is worse than 60 million people being killed or the other terrible things Hitler did you must be one self entitled asshole.

[Roawoao]

16 minutes ago, Hexram said:

Is that a joke? That is extremely offensive. Unless you were alive between 1939 and 1945 i dont think you can make a comment like that. 60 million people died as a result of Hitlers actions. You statement makes light of the losses that were sustained. For you to think the FBI requesting access to a terrorists phone and someone excersising their right to freedom of speach while campaigning because these are different from your beliefs is worse than 60 million people being killed or the other terrible things Hitler did you must be one self entitled asshole.

Refer to,

http://tvtropes.org/pmwiki/pmwiki.php/Main/GodwinsLaw

Complex to determine.

[Hexram]

19 minutes ago, huilun02 said:

It will happen again if people accept a crackhead leader like that.

And then what about my freedom of speech?

If you think mr Donald Duck is special and has more rights to speech, I think he needs you on his team.

Sounds to me like some fear mongering about one of the worst wars history.

 

Assuming you are an American who is suppressing your freedom of speech? 

[Roawoao]

15 minutes ago, huilun02 said:

More like every war in history

When you put yourself above others its the the perfect precedent for "hell yeah, lets go kill some people!" 

 

A country is nothing without its people, and if they don't exercise their rights to ensure a sane leader, Albert Pike is is a clever bastard.

Wait there is something odd with your logic if the people elect Trump (I don't like him, also think he is crazy) sane or not that is their will and they will just have to live with it. It is called democracy after all. Being a Canadian I have no say in the matter as I can't vote in the US elections.

 

Secondly political candidates and lawful access are two different things. Even Obama is pro surveillance given he also spouts the whole there should be a way for law enforcement to access phones while saying he is not talking about anything specific.

 

Finally freedom of speech does not mean anyone can say or do whatever you want without consequences.

https://xkcd.com/1357/

 

It applies to Trump and you. The majority/moderators/people/... will decide.

[Roawoao]

32 minutes ago, huilun02 said:

Eh

I'm not American

Its your loss

 

If you wana just read off a book titled "Everything's fine"

I'm not American either so then neither of our opinions actually count towards the presidential election in terms of actual votes as neither of us can actually vote. Note quite sure what your point is here as everything clearly is not fine on many levels of society and across the planet. Not to mention in terms of just ecological, biological threats there is plenty of work to be done to keep civilization growing. Lawful access abuse is on the far lower tiers of things that could ruin human society in short order.

 

Also if your not american the freedom of speech protections of the US do not apply to you as your country may have wildly different rules.

 

[ace_cheaply]

On 3/22/2016 at 6:45 AM, huilun02 said:

This and Trump make Hitler look like a saint

But Americans seem fine with it

Really?  This is so utterly devastating and deplorable as to make the deaths of tens of millions of soldiers and the genocide of millions of innocents look like saintly acts in comparison?  I'm all for hyperbole, but come on, man.  Think a little.

[BoomBrush]

Personally, I think Apple is right to say that they should protect the phones of their customers by not helping make software to violate existing security. However, I don't think that the FBI catering to Apple's customers is their biggest priority. If they want to get in, they are going to find a way - probably even if its illegal. I think thats the reality of the situation. It's fair to say that the FBI will not easily stop trying and they are pretty determined into getting into this phone.

 

I think it would have been better if Apple gave in, because then Apple has some idea of what exactly is going on and what the FBI has. If the FBI buggers off and tells Apple "nah, nevermind mate we don't need you anymore we found another way in thx anyway" then Apple has no idea what is going on the what the FBI know. This is assuming this "external company" doesn't reveal the information or anything.

 

(http://www.bbc.com/news/technology-35863861)

[StarSearch]

On 3/22/2016 at 4:09 AM, ShadowCaptain said:

I think its more about crushing all the negative media around the FBI, and trying to kill this thing quietly before they look like the bad guys

 

#cynical

If the FBI wanted to crush the negative media concerning themselves, they would indict Hillary Clinton for her felonies as Secretary of State already.