“Ten engineers and a month of work — that’s what it could take for Apple Inc. to write the program the FBI says it needs to crack the San Bernardino terrorist’s iPhone,” Dina Bass and Joshua Brustein report for Bloomberg. “In a court filing responding to a government request that it help break into the device, Apple said the order that it provide ‘reasonable technical assistance’ doesn’t take into full account what that assistance would entail — and that it won’t be fast or easy.”
“One part of its argument that the order be dismissed depends on convincing the court that, as a third party to the investigation, it shouldn’t be required to expend time and resources that would create something that undercuts its own products,” Bass and Brustein report. “‘The compromised operating system that the government demands would require significant resources and effort to develop,’ Apple wrote in a brief filed with the court Thursday. ‘The order violates both requirements by conscripting Apple to develop software that does not exist and that Apple has a compelling interest in not creating.'”
“There’s no easy way for Apple to remove the limits on repeatedly guessing passwords, said Erik Neuenschwander, Apple’s manager of user privacy,” Bass and Brustein report. “Because the FBI doesn’t want to modify the operating system on the phone itself, the new version of iOS — which he dubs GovtOS — would have to run on the device’s random access memory, which would require it to be much smaller and simpler than Apple’s existing phone software. ‘Apple’s ecosystem is incredibly complicated,’ Neuenschwander argued in a declaration included in the filing. ‘Changing one feature of an operating system often has ancillary or unanticipated consequences.’ In the worst case scenario, GovtOS could inadvertently erase the data the FBI is after, Apple said.”
Read more in the full article here.
MacDailyNews Take: Oh, no, 200 photos of school cafeteria trays could be lost!
Apple’s filing also states: “And if the new operating system has to be destroyed and recreated each time a new order is issued, the burden on Apple will multiply.”
As we wrote on Monday:
The day the U.S. government can force anybody to write something is the day the United States of America as we know it dies.
If this keeps up, you won’t need to build a wall. Nobody will want in.
Of course, Apple has in its power to render even these methods, should they be forced upon the company, moot with future iOS updates that protect user privacy from government overreach.
It would be nice, however, not to have to depend on a company to enforce U.S. Constitutional rights, but rather to have a government – made up of people who swear oaths to the Constitution, no less – that protects citizens’ Constitutional rights jealously instead of wiping their asses with the document daily.
SEE ALSO:
U.S. government sought data from 15 Apple devices in last four months – February 25, 2016
Here are the 12 other cases where the U.S. government has demanded Apple help it hack into iPhones – February 23, 2016
U.S. government seeks to force Apple to extract data from a dozen more iPhones – February 23, 2016
Apple CEO Cook: They’d have to cart us out in a box before we’d create a backdoor – February 22, 2016
Tim Cook’s memo to Apple employees: ‘This case is about more than a single phone’ – February 22, 2016
Obama administration: We’re only demanding Apple hack just one iPhone – February 17, 2016
Click the link. The full article goes into much more detail than this blurb and makes clear that, even leaving aside the risk associated with creating this software, there would be substantial additional effort to document, maintain, protect, etc. GovtOS and additional similar efforts.
Great, 10 engineers… When can they get started? Apple is acting anti-American and the government should drop the hammer on them if they do not comply.
Great. Can’t wait until someone steals your bank information or your doctor/lawyer/many ect. makes to come into the office to communicate with you because they will no longer conduct business via smartphones and tablets.
Anti-American is systematically eliminating all of our constitutional rights.
Ridiculous djackson1973x. Get a copy of the US Constitution and read it. Pay careful attention to the three amendments Apple cites: The First, Fourth and Fifth. Then read Apple’s ‘Motion To Vacate’ and note how each amendment applies.
Anti-American = defying and ignoring the US Constitution. The government will lose if the US Constitution is upheld.
I’m with Tim.
I’m with Tim.
Fee: $1 Billion for unique services. Fund it from Barry’s vacation budget.
This has little to do with Obama. The security infrastructure is yanking his chain the same way they yanked Bush’s, Clinton’s and whoever comes next.
I’m with Tim.
It’s the old “they all do it” excuse for the current POS president. The truth is that they don’t all do it.
Spying on Americans up 1000% under Obama:
http://investigations.nbcnews.com/_news/2013/06/11/18887491-fbi-sharply-increases-use-of-patriot-act-provision-to-collect-us-citizens-records
I’m with Tim.
If Apple loses the fight, let them charge the government for the service. Ten engineers for 30 days at 12 hours/day is 3600 manhours. The government antitrust lawyer assigned to monitor Apple was charging $1100/hour plus 15% administrative costs. Using that charge rate brings the total to about $4.5 million. Make it a fixed price contract, so add contingency, to say $10 million. Assume that Apple does not release the software externally and destroys it after use, for security.
So each phone any government agency wants de-nutted will cost $10 million. (The Manhattan DA says he has 175 right now.) In return, make the government publish an inventory of the “evidence” extracted, e.g. 50 selfies, 2 grocery lists, public phone numbers of 14 coworkers, etc. Let’s see how long the public supports this use of taxpayer dollars.
Bill the NSA for the effort. They already reverse-engineered it and tracked and monitored all paths to and from that device. Why mess with a dead person’s phone? Maybe it would provide the trail to the three military-dressed men who did the real shootings and the gov need to cover its lower backside.
Meanwhile in China…http://www.latimes.com/business/technology/la-fi-apple-china-20160226-story.html
Apple is not a chinese company. Tim Cook is not a citizen of China.
Apple is an american company doing business in China. What is wrong with complying to local laws?
If you are so noble, you can go there and fight other people’s wars for them… That’s assuming, they even want you to fight for them.
And, at the end of the day, all Tim is trying to do in the US is comply with the law, which is different from complying with law enforcements wishes.
Involuntary servitude. Didn’t we have a little skirmish 150 years ago that put an end to that practice here in the USA?
I’m with Tim.
It doesn’t matter if this coding effort happens in a locked room with body searches, biometric locks and isolated servers. The methodology of the crack will be in the heads of every one of those engineers. Suppose an NSA agent comes along with a bit of blackmail. Or an INS agent hints at deporting a relative. Or a Chinese agent comes along with a briefcase full of cash.
There has never been a better time to remember the story of Pandora’s box. This is it.
It’s more dangerous than that, although you make a great point. The code to allow the crack will be tangible and can therefore, in and of itself, but stolen, blackmailed out of someone with access, etc. as you indicated.
The feds don’t see this as a Pandora’s Box because they’re leaving the consequences of making the key to opening the lid entirely with Apple. Part of the ‘undo burden‘ argument is how Apple is stuck with all the consequences of opening the lid, both from legal requests for further opening and illegal efforts to obtain the code/methodology for opening.
Obviously, if the key is made and the box is opened, everyone who values and demands their right to privacy will GET A NEW BOX that can’t use this key. Apple may create a new, more tamper-proof box, of people may apply entirely different encryption to the box, or may simply turn off the simplistic password system on the box and apply an incredibly long and complicated password, making the key effectively useless until the mythological quantum computer is created. Then the feds will ask for another key… And we’re in a competitive spiral.
I’m with Tim.
If such perfectly encrypted systems that provide no way for the provisions of the Fourth Amendment to be legally performed is deemed unconstitutional, at minimum sales of all such devices may be curtailed effective immediately.. May be as irresponsible as having a child and claiming no responsibility for it or its actions.
Wow, another great insight! And what an echo of our current era where much of the world’s society is breaking down precisely because of the many factors that cause parents to take little responsibility for their children, resulting in a variety of screwed up kids and eventually adults. I attribute the ‘Me Generation’ and subsequent cultural narcissism to absent parents problems. In the worst cases, the poor experiences of kids can inspire psychopathic behavior, resulting in the antithesis of what I consider humane behavior. This is somewhat involved with the eternal war mentality of children in many war torn countries and territories. The syndrome is famous in Palestine. The idiotic USA vs the Middle East crap of the last few decades insights much the same. Thus the concept of the USA creating its own terrorist resistance. If we’d taken the opposite approach, not fallen for the Military Industrial Complex profit incentive, ad nauseam, may suspect the current wave of fake-Muslim extremism would not have occurred. If we’d either left them alone or actually benefitted them, instead of constantly keeping them off balance and exploited, the current times would, following this theory, be considerably more peaceful.
But my head is now blowing steam out my ears. So I’ll take a break. GREAT chatting with you!
I’m with Tim.
You’re right about the spiral. Apple is reportedly working on new encryption technology to supersede what the spooks want to crack. And if the FBI actually makes progress in their demands, then I wouldn’t be surprised if the App store is opened up to more 3rd-party encryption techniques. I think we’ll see similar efforts from other vendors.
When this Apple case gets to the Supreme Court, I’d expect a pretty narrow ruling, whichever way it goes. This means another test case later on, based on the FBI (and clueless congress) trying to outlaw new encryption techniques, or require back doors, or whatever other hare-brained idea they have. This means that cases will keep going to the Supreme Court for years.
The Court will not want to rule broadly on any of these things, since it would mean declaring the 4th Amendment (and parts of the 1st and 5th) to be without value. Since the Constitution is our governing document, they clearly can’t do that. So it will mean case after case, along with escalating technological solutions.
I do hate to hear politicians using the fear equation to trick regular citizens into voting against their own best interests. The San Bernardino killings were terrible, along with all of the other mass shootings we have on a regular basis. There’s no guarantee that cracking that phone will save a single life. But it’s quite likely to hurt the lives of innocent millions.
As I understand, the time required to crack the password it dependent on the number of characters in the password including numbers, uppercase and lower case letters, and symbols. How can anyone predict the time to crack the password if these variables are unknown?
That is not what Apple is estimating. Apple is estimating the work required to thwart the security against brute-forcing iOS passcodes, so the FBI can do so. However long it take the FBI to brute force the passcode it is not part of this estimate.
Talking about missing the point entirely. Let’s say for argument’s sake that ten engineers and a month of work is all that’s required to create a version of iOS that the FBI could use to hack into Apple iOS devices.
The problem with this sort of estimate is that it’s apparently assuming that iOS will stay exactly where it is now, as opposed to to growing in complexity and features as time goes on.
In other words, at the moment it may take only ten engineers and a month of time to do, but it’s only realistic to assume that that won’t always be the case.
Then there’s the most important argument of all, which has been already put forth by Tim Cook, namely this is a slippery slope for Apple to embark on, with an ending that certainly doesn’t benefit them.
So why in the name of whatever deity you may happen to worship would they do it?
go read the real costs:
Apple, FBI, and the Burden of Forensic Methodology | Zdziarski’s Blog of Things
http://www.zdziarski.com/blog/?p=5645
what a crock Shiite! so it would take a month an 10 engineers to crack it. ummmmmm sooo you couldnt just use crypto key …