SoylentNews is people
SoylentNews
Judge Orders Apple to Unlock iPhone Belonging to San Bernardino Shooter
Apple has been ordered to assist in the unlocking of an iPhone belonging to one of the San Bernardino shooters. This may require updating the firmware to bypass restrictions on PIN unlock attempts:
Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to one of the San Bernardino shooters in California. US magistrate Sheri Pym says Cupertino must supply software that prevents the phone from automatically annihilating its user data when too many password attempts have been made.
The smartphone belonged to Syed Farook, who with his wife Tashfeen Malik shot and killed 14 coworkers on December 2. The couple died in a gun battle with police soon after. Cops have been unable to access Syed's iPhone 5C because they do not know the correct PIN, and will now gain the assistance of Apple, as ordered by Judge Pym [PDF] on Tuesday.
iOS 8 and above encrypts data on devices, requiring a four to six-digit PIN to unlock. After the first few wrong guesses, iOS waits a few minutes between accepting further PIN entry attempts, escalating to an hour's delay after the ninth failed login.
[...] Judge Pym wants Apple to come up with some magic software – perhaps a signed firmware update or something else loaded during boot-up – that will allow the FBI to safely brute-force the PIN entry without the device self-destructing. This code must only work on Farook's phone, identified by its serial numbers, and no other handset. The code must only be run on government or Apple property, and must not slow down the brute-forcing process.
Apple has five days to appeal or demonstrate that it cannot comply with the order. It is crucial to note that the central district court of California has not instructed Apple to crack its encryption – instead it wants Apple to provide a tool to effectively bypass the unlocking mechanism. "It's technically possible for Apple to hack a device's PIN, wipe, and other functions. Question is can they be legally forced to hack," said iOS security expert Jonathan Ździarski.
Apple Ordered to Aid FBI in Unlocking Shooter's iPhone
According to this Reuters article, "A U.S. judge on Tuesday ordered Apple Inc to help the FBI break into a phone recovered from one of the San Bernardino shooters, an order that heightens a long-running dispute between tech companies and law enforcement over the limits of encryption.
Apple must provide "reasonable technical assistance" to investigators seeking to unlock the data on an iPhone 5C that had been owned by Syed Rizwan Farook, Judge Sheri Pym of U.S. District Court in Los Angeles said in a ruling."
"...Forensics expert Jonathan Zdziarski said Tuesday Apple might have to write custom code to comply with the order, presenting a novel question to the court about whether the government could order a private company to hack its own device.
Zdziarski said that because the San Bernardino shooting was being investigated as a terrorism case, investigators would be able to work with the NSA and CIA on cracking the phone. Those U.S. intelligence agencies likely could break the iPhone's encryption without Apple's involvement, he said."
Update: EFF to file an amicus brief in support of Apple's position.
Update 2: mendax writes: The New York Times has some "breaking news" which says that Apple will not comply with the judge's order. It's a good way to get in trouble with the judge but it's the right decision on Apple's part.
Previously: FBI Unable to Decrypt California Terrorists' Cell Phone
(Score: 1, Interesting) by Anonymous Coward on Thursday February 18 2016, @12:29AM
In late 2013, Apple used to have a statement in their transparency report that stated they had "never received an order under Section 215 of the USA Patriot Act." In 2014, that statement vanished [gigaom.com], suggesting that it was no longer true.
Judge Pym and the FBI made a dumb mistake by making a public call for short-circuiting one of the most fundamental protections of any input-based login scheme. Dumb, because Apple has enough money to pay the lawyers and any billion-dollar fines that may ensue, and they'll be able to play a gambit against their competitors who have to stay quiet, either because they don't want guilt by association, or they've already been complicit in providing backdoors to US (and/or other) government agencies for their products.
But does this mean that future requests will only be made through secret courts, under gag orders? Do we suddenly start seeing warrant canaries dropping left and right? The precedents of key disclosure law [wikipedia.org] are already scary enough, where one could be imprisoned indefinitely for refusing to disclose
Our society is being held captive by belligerent troglodytes who are completely unaware of the societal implications of the technology they are charged with regulating. It hasn't been this bad since the 19th century Industrial Revolution years, and it will take decades of fixing, if it can be fixed at all. (And most of the "fixing" will be in the form of time passing, causing those currently in congress to retire or expire, probably to be replaced by unapologetic Tea-partiers or Clayton-Christensen-acolyte-bubble-dwellers.)
(Score: 2) by timbim on Friday February 19 2016, @01:20AM
you got a way with words bro