Was Apple right to refuse to make an iPhone ‘master-key’ for the FBI

By david s, 17 February, 2016

Forum
Other Apple Chat

So, it appears the encryption on our IOS devices is so good that the US government can’t hack into it. And government officials are asking Apple to create a master key so they can get into the devices as needed. Would you be willing to give up your info on your device? Would you feel safe knowing there is a master key out there?

Personally, I don’t want Apple to create or have a master key. I have so much info on my device that I am so glad the encryption is really good. For those that tells me Well, what about having to save the lives of future attack? I say isn’t that why we have an agency called FBI that spends millions on technology each year? Are they not doing their job? If they can’t break into a simple device like an iPhone, how can I expect them to break into devices that are better encrypted from the Russians or Chinese? No, I don’t use iCloud so I know my info is safe.

What are your thoughts?

Options

Comments

By Siobhan on Monday, February 22, 2016 - 08:16

It's already been proven that the Apple ID password was changed, This signifies that someone already tried, and screwed up causing the device to be locked. they are already saying within 24 hours, the ID password was changed, completely messing with the icloud backup. If they had just connected it to a wifi network, they could've gotten the backup though at a much later date then October 19 and gotten what they need. You still need to have permission to instal the IPSW file, needing to have access to the device int he first place. Oh rats, they don't have it.

By Paul on Monday, February 22, 2016 - 08:16

Brandon, the thing you fail to realize is that if Apple complies with the court order, it opens the door for more government demands for data. It's not just about one device as you and the FBI would have us believe. It is true that what the FBI requests only seems to affect devices that someone with the tool has physical access to, but if the malware (that's what it really is) were to leak, and that certainly is possible, it could be used by anyone, not just the US government. The thing about software is that it is incredibly easy to copy, it's not like a physical device that can be completely destroyed after a single use.

In this case, it appears incompetence (or malicious intent) is to blame for the FBI's inability to access information, assuming the shooter didn't disable backups. I wouldn't put it past a US government agency to intentionally do something to force a company into the position Apple finds itself in right now. In fact, a couple of news reports I've seen suggest that this is the case. I have no way to verify the information of course, but it sounds exactly like something the US government would do.

As for your assertion that Tim thinks he's untouchable, while he may in fact think that (no one can read another's mind), the US government, and frankly quite a few US citizens in my observation, believe that the US is the center of the world and above everyone. I think the thing you're most upset about when it comes to Tim's public stance is that he's the CEO of a big company rather than the US president, get over yourself.

By Siobhan on Monday, February 22, 2016 - 08:16

Paul, couldn't have said it better. Notice how quiet Brandon is? I'm sure he has chosen to stay silent as he clearly can't provide what he was thinking was concrete proof. I suggested another platform as clearly he would be unhappy with Apple if they decide to keep our privacy at the forefront of their decision. They've done it that way since they created Apple Pay too. Why the uproar over the news story and it being one sided, must be the eighth wonder of the world. ;)

By Apple Khmer on Monday, February 22, 2016 - 08:16

Alright, so what solution do y'all propose so the FBI may get the information they need,if y'all are so against Apple letting them in?

By Siobhan on Monday, February 22, 2016 - 08:16

@apple Kamer I for one, ahve never suggested I have the solution, it's not up to me to decide such things. Apple has built in practices to help investigations, and if the password was changed, if the iCloud backup feature has something wrong with it, the device has already been tampered with, Apple has already said as much. Why do we need to come up with a better solution when we're simply saying we don't want the back door created? I don't claim to have the intelligence to write software, nor do i think apple is some huge bad company if they do create it. what no one has thought of is pretty simple: someone's said oh its only for one device, what if your device, Mr. Law abiding citizen, gets stolen and is used in a commission of a crime? How would you feel then having your dientity at risk, are you then supporting Apple because well they let the police in to search the phone? No, you'd be the first one to have a fit, and by you, I mean you in general not you personally. The biggest reason the FBI and others are going after the phone is the original owner is dead. Call me out on that if you wish, but you show me an example of a live person needing access to the phone, not giving it, Apple being asked to comply. There's not one, because anyone would give up what was needed.

By Apple Khmer on Monday, February 22, 2016 - 08:16

So what should Apple do then if you don't want them to create a back door?

By Siobhan on Monday, February 22, 2016 - 08:16

Do you have a position, if so, stand behind it, put it out there for us. Hiding behind the well what do you have for a solution, only forces me and anyone else who wishes, to state their position in as clear terms as are possible. I was clear, I do not, have a solution, don't expect to undertake such development while keeping our privacy as it is now. How you missed that in my previous comment i am unaware. Put up a position, if you have one, otherwise why is this comment thread remaining open?

By Apple Khmer on Monday, February 22, 2016 - 08:16

My position is theer should be a balance between privacy and security. If you're going to keep on tagging Apple's ass, you might as well say social media profiels shouldn't be part of the screeninng process for people who want to enter the US. I think they should be part of the screening process. I also think Apple and the FBI needs to come to how they can work with each other. After all, they are the "best and brightest." What the FBI wants may seem like small fish to yuo, but it actually is not.

By Nathan Stocking on Monday, February 22, 2016 - 08:16

I will not argue an opinion; I am here to state facts only. There is a solution that Apple could use to continue their current structure of privacy requests. It is, essentially, the following.
Do nothing.
Right now, apple can open data such as icloud accounts and some logs in their possession with a court order. This has been done. Apple cannot at this point access data stored only on a phone's physical drive. If their position is that they have established a valid balance between privacy and need to divulge data, then they need not change their position.
As apple have taken the position that they would rather not give away any more access, they can argue that the proposed increases in access are invalid for some reason. This seems to be their current opinion. Therefore, I would usually assume that those who stand with apple generally hold the same opinion.
On the subject of an IPSW file, these are firmware and operating system images that are used at times to backup, restore, and circumvent the original operating system. Update packages use them internally, some jailbreak operations make use of the images, etc. Therefore, the IPSW file created by apple if they were to comply with the request would contain the code to access the phone. This could be imaged onto any device. Perhaps apple would attempt to have the only copy of this and keep it protected. Perhaps law enforcement authorities would have access to it. In any case, there is no solution that could be tailored to only one device. The reason for this is that each device runs essentially the same code. There are differences to deal with screen size or other hardware differences, but the system architecture is the same.

By brandon armstrong on Monday, February 22, 2016 - 08:16

heres some news for all of you. this just came out today on twitter. 51 percent of the public support the FBI getting access to the data it needs, 38 percent are against it, and 11 are undecided. so what does that tell us? clearly for those who live under the rocks of apple and I don't want this to happen, guess what folks, it's more then likely going to happen. by the way to the guy that said IPSW files will work on other iPhones, it won't happen, reason being, signatures on the different devices won't match. that's what I'm getting at with this whole argument, so before you come screaming out from under your apple can do no wrogn rocks to yell at me, considder that fact.

By Apple Khmer on Monday, February 22, 2016 - 08:16

Was it a professional poll or poll doe by someone who isn't versed in stats?

By Joseph on Monday, February 22, 2016 - 08:16

Well I'm still gonna stay under my so called "apple can do no wrong" rock, because I support the company as a whole. So there you have it. And I saw that on twitter as well. Guess what? You can't believe everything you see on twitter, or indeed on the wider web. For all you know that could be an unprofessional pole done by some wise guy who thinks he knows everything and anything about how stats work and how to conduct poles. 51% does not guarantee that something *will* hapen, no matter what it is, whether it's the master key, or the threat of an oncoming storm, or someone saying that the likelyhood of you or someone else dieing tomorrow is 51%. It's just a bit overkill to assume that just because the pole says that 51% of americans want the master key to be created, it's probably gonna happen. Things can change really, really quickly. Just saying..

By Nathan Stocking on Monday, February 22, 2016 - 08:16

Again, you are incorrect. The data used by software for apple devices is written by apple. Therefore, if they want, they can generate a system that will work on other devices. Second, IPSW are data storage images. They are not necessarily linked to specific devices by UDID. If you look for the use of IPSW files in the jailbreaking community, you will find that resources exist for downloading an IPSW firmware image simply by identifying your device model and version, no signature required. Designing a firmware specification linked irrevocably to device identifier is possible, but as the data is compiled from source code, even this would not result in a restrictive setup. A master key is possible.

By Siobhan on Monday, February 22, 2016 - 08:16

I'd be inclined to believe Nathan as he is speaking with a level head, unlike the original poster who has thought we're under Apple can do no wrong rocks. If an Iphone could've stopped the Paris attacks, I would've been ecstatic if that were the case. Unfortunately, Brandon is misguided again on a simple fact, your math doesn't add up. Let me see if i remember grade school math: 38+10=48+1=49 percent, so What's up with that one percent of the poll? i'm almost positive that's not the margin of error, polls usually have around a two to three percent margin for either up or down depending on their factual findings. Note: invited you to find credible links, you come back with a 140 character or less synoppsis of your view point. Whatever does happen, Apple's already stated they are standing by their customers. Should anything change, and i disagree with the privacy issues, I will most happily switch going back to a nonaccessible phone, if I have too. When it isn't three in the morning, i'l find as much fact about this case weeding out the bias if possible.

By LaBoheme on Monday, February 22, 2016 - 08:16

i'm to cynical to even comment on this. as far as i'm concerned, the govt has ways to break int apple devices, and apple has help the govt numerous times. don't ask me to backup my statement, because it is not important. the thing is if you really care about your privacy, you should read this:
http://www.apple.com/business/docs/iOS_Security_Guide.pdf

it gives you some details about how ios works so you can make informed decisions when it comes to your securithy and privacy.

if you are too lazy to read, let me give you a short summary:
facetime appears to be the most secure service, imessage comes second. icloud is generally ok, but if you have something very sensitive, try not to use icloud backup.
the stuffs kept on your device are the most secured of all.

By Paul on Monday, February 22, 2016 - 08:16

It was pointed out in an article on Apple Insider that it wasn't clear about whether the survey participants understood what it was Apple is being ordered to do by the FBI. The answers for the relevant question in the survey talk about Apple "unlocking" the phone, and it is clear to me that people believe Apple already has the ability but just won't do it because it would look bad to their customers. Therefore, it is not outside the realm of possibility that at least a significant number of the 51% of people think Apple already has the ability to unlock the phone.

By the way Siobhan, the margin of error given in the survey report is +/-3.7%, and it is worth pointing out that the 11% you added to the 38% who support Apple either had no opinion or didn't want to answer the question. As much as I hate to admit it, it seems like the majority may truly be on the side of the FBI. Given the scare tactics used by US law enforcement agencies, the claim the FBI only wants to do it once, and the fact Apple is a big company and therefore not trust worthy in the public's mind, the survey result doesn't surprise me.

By Joseph on Monday, February 22, 2016 - 08:16

True. but like I posted in reply to Mister Armstrong's comment, 51% on any pole doesn't necessarily mean that something's going to happen, and since the margin of error is plus or minus 3.7%, it could go either way really. Just my thought though.

By Siobhan on Monday, February 22, 2016 - 08:16

Hi Paul. The math Idid in my last post, was given by someone earlier in this thread. I knew the error margin wasn't that low. I can't exactly remember who put up the math, I think it was Mr. Armstrong but I'm not positive. Plus, I haven't had coffee so excuse me. As for La boem, I realize apple is essentially not perfect, I won't use Icloud for anything like photos, videos notes etc. I don't need my wifi password stored on my device leaked around. I do have my contacts backed up on there, that's simply for convinence, if I upgrade and I can get back up and running faster. I'm aware of the flaws apple have. Unlocking the phone, if needed for a true reason, I'm sure people don't mind that Apple have the ability, it's because of the dead shoter, the password being changed and other facts that people are os against this.

By Joseph on Monday, February 22, 2016 - 08:16

If my calculations are correct, 51+38+11 does equal 100% all totaled. So the math certainly isn't wrong. but with that plus or minus 3.7% margin of error with each percentage, it could be a 97.3 or something at the highest maybe even lower than that.

By Greg Wocher on Monday, February 22, 2016 - 08:16

Some questions for everyone to consider. Is Apple above the law? The reason I ask is that they have been given a lawfully obtained court order. If any normal person is given one of these and do not comply, they have to suffer the consequences. Whether that is a fine of some kind or jail time. SO if Apple refuses to comply with the court order do people think they should be punished for it? DO people think Apple is so mighty as they do not need to comply with the law? These are questions I really have not heard many people discussing.

By Siobhan on Monday, February 22, 2016 - 08:16

Ok, I was wrong in that, I apologize, I shouldn't attempt math at three thirty int the morning. ;) lol my bad.

Greg did make a few valid points, here are my answers: is Apple above the law, of course they aren't. However the only reason this is going as far is because the iPhone owner is dead. If Apple doesn't comply, oyes they should be punished and they will be. we all know Apple can pay off the huge fine ti will most likely get. I haven't thought Apple is above any sanctioned compliance with orders, but we have the sticky situation of the dead shooter and now the changed password of the apple ID. Apple has done as much as they have cooperated with, if they had stuck their heads int he sand and promised not to help at all, I'd be more worried then when they have complied up until the create master key order. That's the problem everyone has heard about.

The master key that the government is ordering Apple to produce cannot identify one device. It can, and would, be used to break into any iDevice that the government wishes to apply it to. And, based on our government's past behavior, do you honestly want them to have access yo your phone? How about your neighbor's? How about the potential for this master key to be passed from government worker to another to another to another, then to some unauthorized persons? Again, once the key has been developed, it becomes available, by accident or on purpose, to people who should never be able to have it. If the key is never created, problem solved. And to those who want Tim Cook to lose this battle just because he thinks that he is above the law, you're absolutely out of your minds. He is not pretending to be on the side of the customer. He actually is on the side of the customer who buys an iDevice due to the very security feature that the government now is ordering Apple to do away with. It's about time that you stand up and be American, show American values, and, if nothing else, mature.

By charles on Monday, February 22, 2016 - 08:16

In reply to by Apple Khmer

The question was asked: " So what should Apple do then if you don't want them to create a back door?" The answer: Exactly what they are currently doing. Standing up for the rights of their customers and tell the government "no".

By Siobhan on Monday, February 22, 2016 - 08:16

according to the Walstreet journal, 12 more iPhones supposedly want to be accessed. so much for that one device right? Here here, Charles, well said sir. No one is forcing anyone to stick with apple. You think they are selling out? By all means find another platform, then complain loudly you had it better with a device that workes seemlessly out of the box, but you have your rights, so you go with another platform. I challenge anyone to go to another device, decide they are happier with another their rights intact, then come back to telling us, we're wrong because we stand for what we want done. Don't forget, the order is based on an eighteenth century act that hasn't been updated since it was put into law. Oh that's got core values doesn't it? No one will take me up on a challenge such as I proposed because the reality is you want it just to work, so you won't go for another platform, learn their ways because if you did, you wouldn't be posting in the first place. I used an inaccessible phone for years, I didn't cut my teeth on an iPhone like some of you, so if I choose to find another device, it won't give me the shakes to not have twitter fb and all the other apps i have grown acustomed too on my iPhone. food for thought, chew carefully. ;)

Let me start off by saying that comparing a company with an individual is really comparing apples with oranges, because an individual doesn't usually have the ability to affect millions of people by complying with a court order. That being said, Apple is certainly not above the law and if they break the law they should be punished (as much as I hate to say that in this case). However, Apple has not yet broken the law, they have been given an opportunity to challenge the court order, and they have done that in the court of public opinion, and soon they will present their challenge in a court of law.

By Bingo Little on Monday, February 22, 2016 - 08:16

@Greg I have responded to this point in detail in earlier comments. Apple is entitled to appeal the court order, which was obtained ex parte. When one is appealing a mandatory injunction like this one, the injunction is stayed. If there were no stay, there would be no point in appealing or rather, Apple's legitimate right of appeal would be rendered worthless. As to whether they should be punished, it depends if there is a penal notice attached to the injunction. If there is not, ten nobody from apple can go to prison or receive a punitive sanction without a further application to show cause being made. Apple isn't above the law, but nor is it below the law, so what they are doing is entirely legitimate.

By Fatima.Hamoud10 on Monday, February 22, 2016 - 08:16

I don't think apple should create a master key because that's not a good idea. The government are the one's who should be punished because they asked apple to compete in a crime with them. Maybe apple should have the right to say no and call the cops on the government. Then the government will go to jail because they asked apple to find ways to have access to our data. To make sure that this doesn't happen to us we should all put strong pass codes on our devices (not 6 digit ones). For voiceover users: if you scroll down and double tap settings, then double tap pass codes and you should be able to follow the prompts on your screen. When you turn pass code on, make sure you double tap "pass code options" Anyway, Apple doesn't have the right to do what the government is asking. We should all protect our privacy.

By DPinWI on Monday, February 22, 2016 - 08:16

If people are interested in a seasoned, reasoned analysis of the issue, I recommend this week's installment of Steve Gibson's Security Now podcast.

Mr. Gibson breaks down the issue intelligently, and discusses the actual technical questions it presents. His conclusion is that Apple could create and install targeted versions of iOS to aide law enforcement to gain access to protected devices, without endangering all devices. Because of the methodology of iOS installations, it is not possible for one unlock to open any other phones. Apple signs each installation with the unique identifier of both Apple's private key, and the target phone's key.

This is not to suggest Apple should do this. I will leave that to the legislators and courts, but it does suggest Apple could comply with the request without opening up all iDevices to a master key.

By Siobhan on Monday, February 22, 2016 - 08:16

Hi. I agree that it is, possible, for the "key" to be created. However, you are suggesting, based on the podcast, that Apple can install targeted IOS versions of software to aide law enforcement, the only problem is, technically, there's still an identity, security risk, based on the fact that it's still someone's personal access to the phone, their photos, videos etc. In the end, it's still not a great idea to ask for a key to be created, because as soon as your phone, whether you're a problem with the local cops or not, gets into the act of committing a crime, you then are at risk of having your own identity if not stolen, breeched, at least your identity has now been viewed by someone other then your eyes.

By david s on Monday, February 22, 2016 - 08:16

While it may be possible to unlock a targeted phone, think of what can happened next. Today, it’s the FBI, tomorrow it’s the local police. The day after that, another country’s government. When will it end? IF Apple does it one time, there is no guarantee it will not happen again. And should they refuse the next time, they’ll end up going to court again which will cost them lots of money.

It’s amazing how the Obama admin tells the Chinese government no US company will create a back door on it’s technology products and here they are asking Apple to create one.

I suspect the government already cracked the encryption code and it’s attacking Apple for a different reason. Can you honestly say the NSA hasn’t already figured it out? With the billions they get annually to spend on brain and computer power, hacking an iPhone wouldn’t cause them any difficulties.

By DPinWI on Monday, February 22, 2016 - 08:16

I am not supporting the creation of a back door, or a master key. I was merely attempting to shine light on the actual technical issues at hand., not some slippery slope arguments and what if's based on misunderstandings of the actual case and possible resolution. It appears that Apple has the ability to make it easier for the unlocking of one specific device, without endangering all other devices at the same time.

This does not change the precedent setting nature of the case.
.

How does your phone differ from your mail, email, home, and phone calls? All of these can be monitored. If you have a safe in your home, the law enforcement agencies can procure appropriate warrants, enter your home, seize the locked safe, and open it by whatever means necessary.

While I share the concern of over reach into private information, I don't yet see how the phone is such a completely different thing that it is not subject to search and seizure. As I said, this is something for the courts and legislators to decide, and we are watching that play out right now.

By charles on Monday, February 22, 2016 - 08:16

If the key to unlock the iPhone existed, Apple would have to abide by the court order. Seeing as it does not exist, it is a clear violation of the law for a private corporation to be forced to create such a key against the corporation's wishes. This would be involuntary servitude, which is clearly against the law.

Maybe the FBI should be locked up in jail because they are asking apple to do awful things. Technology can do so many things but there are other things that technology is not allowed to do. The way you not allow it is to not create it. I suggest that the FBI go to jail just because they committed a crime with Apple which is not a good idea.

By TJT 2001 on Tuesday, March 22, 2016 - 08:16

The FBI not only cannot, but will not ever be punished for reasonably asking a company for access to information. Imagine if we could say, "Let's put the government in jail because I do not like a certain policy". Such an idea is ridiculous. Apple is not above the law, and the FBI--and the government of any other country--have every right to ask Apple to grant them information. Despite what Tim Cook might think, Apple must abide by the laws that also govern every other transnational corporation, and in my opinion, it should remain that way.

By Bingo Little on Tuesday, March 22, 2016 - 08:16

Simple examples can be really effective. However, they can also be so simple they end up being completely wrong. Of course governments can be punished! i'm not suggesting the FBI would be, in fact that would not happen here at all, but governments are punished all the time! all right, they don't go to prison, but they are often forced to chane policies because someone who doesn't like the policy brings a claim for judicial review. A topical example in the UK is the recent announcement on sugar tax. The legality of that policy is being challenged by the soft drinks industry, by way of judicial review. So, I'm afraid, if we don't like a policy we can do exactly what the previous poster said we could not do.

As for the Apple being above the law point, I will just repeat an observation I made a few posts back. Apple is not above the law, but nor is it below the law. Tim Cook is perfectly entitled to take the stance being taken, whether you agree with the merits or not. The point about transnational companies actually works in his favour. A US court injunction granted in circumstances which could potentially have effects on people outside the jurisdiction of the United states is precisely the sort of injunction that should be scrutinised very, very carefully.

By Bingo Little on Tuesday, March 22, 2016 - 08:16

It's not gone on long enough. These are serious issues and we should take our time over this litigation. If you think it's gone on too long I'm afraid you will disappointed to hear that in my view this will go on for a year or more.

By Larry on Tuesday, March 22, 2016 - 08:16

In reply to by DPinWI

Well a phone contains more information, pictures, documents, Facebook, e-mail, messages, contacts and so on... Yes the Police would be able to go into your home if the court signed off on it, they find a safe that they want to get into, but can't, would they then force the safe company to come and unlock it?

As someone else said, where does it end? If Apple unlocks 1 phone it will never stop there, when is security more important than privacy?

By Fatima.Hamoud10 on Friday, April 22, 2016 - 08:16

In reply to by david s

Okay, so why can't Apple just kill the FBI then? Wouldn't it be a great idea so that the FBI no longer exists?

By Joseph on Friday, April 22, 2016 - 08:16

That's honestly the stupidest thing I've ever heard. No, apple can not, nore will it ever be able to kill the FBI so that it no longer exists. If the FBI didn't exist, think how many issues we have. And we think the US is bad now.

As has been previously stated, apple is not above the law, and for that record, neither is any other company.