“Apple’s legal showdown with the federal government over the security of iPhones likely won’t be settled for many months, or even years if the case goes all the way to the Supreme Court,” Aaron Pressman reports for Yahoo Finance. “But the world’s biggest technology company could easily make upcoming versions of the iPhone even more secure, all but eliminating its ability to help law enforcers crack the encryption.”
“In the current case, the FBI wants Apple to create a special, less secure version of its iOS iPhone software and install it on the phone of deceased San Bernardino terrorist Syed Farook,” Pressman reports. “With the weaker software installed, the FBI would have a much easier time guessing Farook’s password. That’s only possible because the iPhone’s hardware allows certain kinds of software updates from Apple without requiring a password. Future phones could be designed to lock out any such changes or erase data if changes were made.”
Pressman reports, “‘I bet Apple will move towards making the most sensitive parts of that stack updatable only in very specific conditions: wipe user data, or keep user data only if the phone is successfully unlocked first,’ Ben Adida, security expert and lead engineer at Clever who formerly worked at Square and Mozilla, wrote on his blog on Thursday. ‘The interesting question will be whether Apple will be legally allowed to engineer their phones this way.'”
Read more in the full article here.
MacDailyNews Take: If this fiasco makes our iOS devices even more secure, it’ll have been worth it.
SEE ALSO:
Prediction: Apple will cave to U.S. government demand to crack open iPhone, Donald Trump will get the credit – February 20, 2016
Apple: Terrorist’s Apple ID password changed in government custody, blocking access – February 19, 2016
Petition asks Obama administration to stop demanding Apple create iPhone backdoor – February 19, 2016
Newspaper editorials back Apple over U.S. government 8 to 1 – February 19, 2016
Apple likely to invoke First Amendment free-speech rights in against U.S. government backdoor demands – February 19, 2016
Donald Trump calls for Apple boycott over San Bernardino terrorist iPhone encryption – February 19, 2016
Secret memo details U.S. government’s broader strategy to crack phones – February 19, 2016
DOJ escalates war against Apple, files new motion to compel company to break into iPhone – February 19, 2016
Apple is still fighting Big Brother – February 19, 2016
Apple co-founder Woz: Steve Jobs would have fought this U.S. government overreach, too – February 19, 2016
Mother who lost son in San Bernardino terrorist attack sides with Apple against U.S. government backdoor demands – February 19, 2016
iPhones don’t kill people, people kill people – February 19, 2016
Any guesses how long before this gets fast tracked to the supreme court?
Bet it gets there quiucker than Apple’s Samscum appeal…
With a 4-4 sitting Court, it won’t matter how quickly it gets to the Supreme Court. Thus the reason that 9th seat needs to be filled as quickly as possible – there are things that need to be decided / resolved.
apple, microsoft, google and many many others have out smarted themselves. in order to stop piracy of software they only let us use the software, we don’t own it, that way we can’t do what we want to with the software.
this situation is apple’s problem alone and so is every iPhone in the world.this is more about not having to hire people just to deal with unlock request from around the world.
secondly, if apple has reached any agree anywhere else in the world, regardless of local law, that allows access to personal data on the phone, china?, if presented with a court order they may as well stop wasting money on lawyers.
Too bad that they are not smart enough to sell us the software with the device. there is no expectation of privacy when someone else owns the software and can access the device to change the software at any time.
cook comply with any court orders, period. so if it is technically possible, when the court order is presented, comply or get your toothbrush, cause you need to spend a few nights away from home until you do.
Also, require an alphanumeric passcode. That has been estimated to increase the average time for a brute-force attack from 22 hours to 300 years.
…Or more, depending on its randomness and length. That’s up to the individual, not Apple. So the US government can’t hassle Apple about that. Or can they? 😛
I know you just momentarily forgot Amazon DC, right…?
TRYING to forget Amazon. 😉
Apple stopped making iPhones without fingerprint detection, the 5c was the last one. Most criminals won’t think to turn that off making the bulk of detective work by police MUCH easier.
The police should be thanking Apple instead of giving them a hard time.
Not as big a help as you might think. That will only work if the police have an iPhone in their possession, a live suspect in custody (Apple engineered the system so that dead fingers don’t work, for obvious reasons), and a judge willing to issue a warrant for his finger on the button. The phone has to be sleeping, not turned off, or it will not unlock with a finger without the passcode. The suspect cannot be forced to provide the passcode, because that would violate his right against self-incrimination. The device will also require a passcode if there has been a substantial time gap since the last login. The police would have to guess the right finger, since the iPhone will require a passcode after a few bad tries.
Most criminals are caught off guard, which means the phone is in sleep mode. How often do people actually leave their phone off, almost never. If the smart bad guys know the police are coming, there will not be a phone left for them to investigate. (most criminals are not even close to being smart)
Getting a fingerprint of of a dead person and then creating a print that will work with an iPhone is child’s play to a good CIS investigator.
Yes, of course police need a warrant, that’s a given. They won’t be able to use the iPhone as evidence in court without one.
Bottom line, criminals are not that smart. If they were, police would never even bother to look for fingerprints, yet they do just that every day. Because they find them.
Perhaps. But it wouldn’t take long for the battery to drain …
After 48 hours the fingerprint reader is useless. The secure enclave holds an unlocked key in memory for up to 48 hours between successful unlocks. If the phone is resting for more than 48 hours the SE will delete the unlocked keys, once again requiring the PIN/Passcode to use the device.
CIS Investigators know that, getting a warrant in that amount of time is normally not a problem.
If they live in Mayberry and the judge is out on a weekend fishing trip, then all they need to do is unlock the phone with the fingerprint and then put the phone back to sleep without looking at it. That will reset the clock.
CIS Investigators know that too.
1. A dead finger can be made to work. Even an imprint made off a dead finger will work. Heck, my iPhone 6s has a nasty habit of somehow unlocking itself in my pocket.
2. Yes, the suspect can be forced to give his passcode. While there has not been a definitive ruling by the Supreme Court, there area number of cases that have been brought or are currently being fought. Further, in this particular case, a National Security Letter would be issued – ask Lavabit about those.
Every iPhone owner should immediately increase their phone unlock password from 4 to 8 letters/numbers. Easy to do in settings.
If Apple is forced to do so, then they should move to Canada which also has lower corporate taxes.
How about Ireland? Buy the Cayman’s perhaps?
No, Ireland. Better pubs.
Why doesn’t the FBI just go to the NSA, who record EVERYTHING.
Because the FBI could not care any less about what is actually on the phone; they already know there is nothing (Farook destroyed the phone that had actually been used to communicate with other terrorists). This case is ALL about the precedent.
You can do a software update on a locked iPhone?
the police can’t force a suspect to provide the password to their phone because it would violate their rights but the government can force a law abiding company to rewrite code to get into the phone. Am I getting this right??????
there has been a lot intelligent posts on this case so I won’t touch on those things covered but I would like to add this:
— USA manufacturing has been in decline for a while hit by low cost overseas competitors. For more than a decade the rallying cry AND the Govt. (even Obama has chimed into it) was that the USA is moving into HIGH TECH where all the high paying jobs are, the low paying assembly type jobs are unlikely to come back.
Digital Security is one core component of this high tech industry.
This encryption demand by the govt. is going to drive one big stake into it.
As editorials are pointed out if Apple is forced into it, it’s going to be a slippery slope as it’s a PRECEDENT (the govt. is not just asking for ‘access’ it’s asking for company to create a ‘tool’ for it, in spite of the fact the tool will be contrary to the companies interests ) the USA govt (politicians, NSA, CIA, Homeland, Police , DEA etc) can then make all kinds of other demands on other industries : to compromise servers, routers, PCs, cabling systems etc. Modern economy depends a lot on secure digital assets and transmission. (Note the govt. has already been caught tapping into internet cable lines leading to the homes of the general public as well as politicians including foreign allies etc ). If Apple loses and FBI wins and the process to weaken USA tech’s security increases what do people think will happen to USA’s industries foreign customers?
(And that’s BESIDE the point of the hacking tool govt . is forcing Apple to design — and perhaps other tools in the future — falling into hackers hands and compromising digital security everywhere — one billion iOS users for a start. Be absolutely sure as those numerous agencies start demanding Apple decrypt hundreds perhaps thousands of phones under “this case will save lives, this case is national security” the tool WILL leak. Snowden has shown us the govt can’t keep secrets… )
From Apple’s point of view it becomes a disaster, will foreign governments ban iPhones, ask for ‘backdoors’ themselves etc. Does Apple need to make a SEPARATE version for the iPhone for every of 100 countries as you obviously can’t have govt. like Russia be able to hack USA phones etc ?
Multiply this by all the other industries i’ve mentioned: cabling , routers, PCs etc that might also be compromised.
I also believe that undermining digital security even if in the short term aid certain police investigations will eventually result in a tidal wave of crime. The NY police dept were the ones originally complaining that the rise in crime is due to iPhones weak security (iPhones being 50% of the crime spike) — muggers were stealing them, erasing and selling the devices. Now if govt succeeds in forcing Apple to make ‘tools’ and backdoors and iPhones are less secure all kinds of things are vulnerable to hackers , bank accounts, home security cameras, electronic passkeys etc . Currently Police can’t even deal with simple identity theft cases …
With the USA trillions of dollars in debt hurting the last golden goose — High Tech — seems really stupid (btw note Apple is currently the largest USA taxpayer) , it’s a great victory for ISIS and al Qaeda . It’s like dropping one landmine on one road and making the govt. shut down motor transport in general.
Now that the government has secured its right to force us to not only purchase a product (health insurance), but to also purchase the product that the government itself has regulated… It was only a matter of time before the government decided it was time to regulate the other things we buy. Hello, big brother. Goodbye, individual rights and freedoms. The USA has become the USSA – United Socialist States of America.
Gee, they also make you pay for roads that you don’t use. Don’t be such a baby. Health plans are used by almost all developed countries for the good of the most disenfranchised of the population. Only an idiot would balk at it.
I already thought I had a setting on my iphone that says if 10 wrong passwords entered in a row, wipe the phone.
This is not Apples fault. The borders are wide open. Barry would like to change the angle from the borders to a phone. We need border security.
Unlock The Donald’s and Congress’s phone. Boy let the crying game begin.
I am sure I am not the only one who is thinking this but there have been articles that if my iPhone (or any other phone) fell into criminals hands then all my data would be taken.
Now the States with the best CSI labs in the world cannot unlock the phone! Happy days, my phone data is safe.
Now I have an idea for the iPhone 7. I want the ability to turn off the fingure print readed for unlocking my iPhone, but if I do try to unlock my phone with it, it will wipe all my data. ; )
Notwithstanding all technical comments, I ind very worrying that a public company like Apple sets itself up as a deciding entity in a debate that is in the domain of the elected government and its official agencies