Tag Archives: Encryption

Featured, Privacy, Technology

FBI Cracks San Bernardino iPhone, Moves To End Case Against Apple

Leave a comment

The Federal Bureau of Investigation claimed Monday that it successfully gained access to the iPhone used by one of the suspects in the San Bernardino shooting without the help of Apple Inc.

While the agency has not revealed the method it used or if any data was retrieved from the phone, it reportedly released a statement claiming that it is now “reviewing the information on the iPhone.” 

“The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016,” prosecutors wrote in a filing dated March 28.

The Associated Press noted that “withdrawal of the court process also takes away Apple’s ability to legally request details on the method the FBI used in this case.”

After U.S. magistrate Judge Sheri Pym ruled in February that Apple must comply with the FBI by building software that would allow the agency to break the iPhone’s encryption, the agency requested a motion to vacate the hearing the night before it was scheduled. 

[RELATED: FBI Claims It Has Found ‘Outside Party’ To Break Into iPhone in San Bernardino Case] 

The FBI’s filing, which was approved by Judge Pym on March 21, named an unknown “outside party” and proposed that to make time for testing to determine “whether it is a viable method,” the government should have until April 5 to submit a status report. 

Apple also released a statement, criticizing the FBI’s initial demand and saying that the case should never have been brought.”

[pull_quote_center]From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought. We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated.[/pull_quote_center]

The statement went on to say that the company believes that people in the U.S. and around the world “deserve data protection, security and privacy,” and that “sacrificing one for the other only puts people and countries at greater risk.”

“This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy,” the tech company concluded. “Apple remains committed to participating in that discussion.”

Follow Rachel Blevins on Facebook and Twitter.

Civil Liberties, Featured, Government Accountability, Privacy

FBI Claims It Has Found ‘Outside Party’ To Break Into iPhone in San Bernardino Case

Leave a comment

The night before Apple Inc. and the Federal Bureau of Investigation were set to face off in court over whether Apple should be forced to create software to override the iPhone’s encryption, the FBI requested that the hearing be cancelled.

The court hearing set for Tuesday was over the case of the iPhone used by Syed Farook, a suspect in the San Bernardino shooting in December. After claiming that the only way to access the data on Farook’s iPhone was for Apple to create software to break the phone’s encryption, the FBI stated Monday night that the agency may have found another method to hack the phone.

[RELATED: Apple: Founding Fathers ‘Would Be Appalled,’ Accuses DoJ of Trying to ‘Rewrite History’]

In a court filing, the FBI asked U.S. Magistrate Judge Sheri Pym to vacate the hearing, claiming that on Sunday, “an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone.”

[pull_quote_center]Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. set forth in the All Writs Act Order in this case.[/pull_quote_center]

The filing did not name the “outside party,” but proposed that to make time for testing to determine “whether it is a viable method,” the government should have until April 5 to submit a status report.

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]

Judge Pym granted the FBI’s request around 9:30 p.m. EST Monday. She sided with the agency in February, ruling that the All Writs Act of 1789 justified the government forcing Apple to create the software to decrypt the iPhone, in order to access information on the phone used by Farook.

In contrast, Brooklyn Magistrate Judge James Orenstein ruled on March 1 that the government cannot use the All Writs Act to force Apple to provide data from a locked iPhone, in the case of a suspect facing criminal drug charges in New York.

Orenstein wrote, “The implications of the government’s position are so far-reaching — both in terms of what it would allow today and what it implies about congressional intent in 1789 — as to produce impermissibly absurd results.”

[RELATED: NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case] 

Including the cases of the San Bernardino shooting suspect in California and the criminal drug suspect in New York, Apple is facing a total of 12 cases in which the FBI is pushing for the company’s help to gain access to encrypted data.

Fred Cate, a law professor at Indiana University, told Ars Technica that while the FBI’s request to vacate the hearing could be “good news” for Apple, it is not the end of an escalating security struggle.

“As a practical matter, if the FBI’s new technique works, it likely means that Apple will add more protection to its devices, which is a good thing for consumers, and the FBI will be back in court in the future asking a judge to compel Apple to help the government defeat Apple’s improved security,” Cate said. “So the issue probably has been deferred, not resolved.”

Follow Rachel Blevins on Facebook and Twitter.

Featured, Government Accountability, Privacy, Technology

Apple: Founding Fathers ‘Would Be Appalled,’ Accuses DoJ of Trying to ‘Rewrite History’

Leave a comment

In preparation for next week’s hearing, Apple Inc. submitted a court filing Tuesday criticizing the United States Department of Justice, claiming that the U.S. founding fathers “would be appalled” at the department’s order.

The company first brought attention to the conflict in February, when a U.S. magistrate judge ordered Apple to create the software to decrypt the iPhone 5c used by San Bernardino shooting suspect Syed Farook.

Apple CEO Tim Cook argued that creating software to override the iPhone’s encryption “has implications far beyond the legal case at hand,” and could set a precedent for future cases.

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]  

In the court filing released Tuesday, Apple’s lawyers argued that the DoJ and the FBI are seeking an order from this Court that would force Apple to create exactly the kind of operating system that Congress has thus far refused to require,” and that in doing so, “they are asking this Court to resolve a policy and political issue that is dividing various agencies of the Executive Branch as well as Congress. “

The DoJ has used the All Writs Act of 1789 as justification for its order. The act states that “The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law” and that “an alternative writ or rule nisi may be issued by a justice or judge of a court which has jurisdiction.”

[RELATED: NY Judge: DoJ Cannot Force Apple To Extract Data from Locked iPhone in Drug Case]

Apple is currently facing 12 orders from the DoJ to provide data from iPhones in various cases. On Feb. 29, Brooklyn Magistrate Judge Orenstein became the first federal judge to rule that the All Writs Act does not justify “imposing on Apple the obligation to assist the government’s investigation against its will” in a criminal drug case.

Apple argued that the court should reject the DoJ’s order in the San Bernardino case because the All Writs Act “cannot be stretched to fit this case,” claiming that by using it, the government “attempts to rewrite history.”

[pull_quote_center]This Court should reject that request, because the All Writs Act does not authorize such relief, and the Constitution forbids it. The All Writs Act cannot be stretched to fit this case because to do so ‘would be to usurp the legislative function and to improperly extend the limited federal court jurisdiction.’ …The government attempts to rewrite history by portraying the Act as an all-powerful magic wand rather than the limited procedural tool it is.[/pull_quote_center]

“According to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up,” Apple argued. “The Founders would be appalled.”

[RELATED: FBI Director Admits Apple’s ‘Backdoor’ Could Be Used for Other iPhones]

Apple also criticized comments made by FBI Director James Comey during a recent congressional hearing from March 1, and questioned why the DoJ has not gone to the NSA, if it is just wanting to hack into the one iPhone in question.

“The government does not deny that there may be other agencies in the government that could assist it in unlocking the phone and accessing its data; rather, it claims, without support, that it has no obligation to consult other agencies,” Apple wrote, noting that former National Coordinator for Security, Infrastructure Protection and Counter-terrorism, Richard Clarke said, “Every expert I know believes that NSA could crack this phone.”

The court hearing is scheduled for March 22, and in its court filing, Apple’s lawyers argued that the DoJ’s order is far from what the government has described as a “modest” rule only applying to a “single iPhone.”

“Instead, this case hinges on a contentious policy issue about how society should weigh what law enforcement officials want against the widespread repercussions and serious risk their demands would create,” Apple wrote.

Follow Rachel Blevins on Facebook and Twitter.

Government Accountability, Privacy

Bipartisan Senators to Introduce Bill Forcing Companies to Override Encryption

Leave a comment

A bipartisan team of United States senators is reportedly close to introducing a controversial bill that would let law enforcement force companies to comply with court orders seeking access to encrypted data.

Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.), both members of the Senate Intelligence Committee, began working on the bill after mass shootings occurred in Paris in November, and in San Bernardino, California, in December.

Following the shootings, Feinstein said she was “going to seek legislation if nobody else is,” and she claimed that it was in sync with the changing world.

“I think this world is really changing in terms of people wanting the protection and wanting law enforcement, if there is conspiracy going on over the Internet, that that encryption ought to be able to be pierced,” Feinstein said.

[RELATED: U.S. Police Chiefs Demand Access to Encrypted Communications Following Paris Attacks]

One of Feinstein’s aides reportedly said that while the bill will require companies to decrypt previously encrypted data and turn it over to law enforcement, it does not list a specific penalty for noncompliance, which would leave the punishment up to the courts.

While the bill could be introduced this week, Feinstein told The Hill she passed the text along to the White House, leaving the timing of the introduction up to President Obama, and Burr said it “depends on how fast the White House gets back to us.”

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]

The bill has received criticism from Sen. Ron Wyden (D-Ore.), who told the Huffington Post that he believes it will give tech companies few options, and as a result, “the American people will be less safe and less secure in their homes and neighborhoods.”

“I will do anything necessary to block a bill that weakens strong encryption,” Wyden said. “I will use every procedural tool in the Senate to block a bill that weakens strong encryption because I believe that weakening strong encryption will leave millions of Americans less safe and less secure.”

[RELATED: NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case]

The introduction of Feinstein and Burr’s bill comes at a time when Apple Inc. is pushing back against the Department of Justice on 12 different court orders that would require the company to go from extracting contacts photos and call records from an iPhone, to designing new software that would let the government override the iPhone’s encryption altogether.

Follow Rachel Blevins on Facebook and Twitter.

Editor’s Pick, Featured, Government Accountability, Privacy

FBI Director Admits Apple’s ‘Backdoor’ Could Be Used for Other iPhones

Leave a comment

While the FBI has formerly claimed that its order for Apple to create a “backdoor” into the iPhone was only to extract data from one specific phone used by a suspect in the San Bernardino shooting, it appears that the agency is retreating from that argument as FBI Director James Comey admitted it could set a precedent for future cases.

During a House Judiciary Committee hearing Tuesday, Rep. Ted Poe (R-Tx.) questioned Comey on what would stop the FBI from using the “backdoor” software created by Apple on other phones if it wins the case.

“Apple develops the software and gives it to [you for] the phone, but that’s not the only phone in question, is that correct?” Poe said. “There are other phones that the FBI has in lawful possession that you can’t get into?”

Comey replied, “Sure, law enforcement increasingly encounters phones [in] investigations all over the place that can’t be unlocked.”

Poe asked how many other phones are in lawful possession of the FBI that the agency cannot extract data from with the current software. Comey said there were several, and he did not know the exact number.

“What would prevent the FBI from then taking that software and going at all of those other phones you have, and future phones you seize?” Poe asked.

“This seems like a small difference, but I think it’s actually kind of a big difference,” Comey replied. As he continued, he said that the software would only be used on iPhones in the same predicament as the one used the San Bernardino shooting suspect.

[pull_quote_center]The direction from the judge is not to have have Apple get us into the phone, it’s to have Apple turn off—by developing software that will tell the phone to turn off—the auto erase and the delay features, so that we can try and guess the password. So in theory, if you get another 5c running iOS9, which is what makes this relief possible, I mean it when I say it’s obsolete, because I understand that [with the iPhone 6] there is no door for us to even try to pick the lock on, so it wouldn’t work, but if there were phones in the same circumstances, then sure, you could ask for the same relief from a court to try and make effective the search warrant.[/pull_quote_center]

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]

Comey was later questioned by Rep. Ted Deutch (D-Fl.), who asked about whether the creation of a “backdoor” into the iPhone would make it susceptible to terrorists and child predators.

“When this tool is created, the fear is that it might be used by others and there are many who will try to get their hands on it, and will then put at risk our information on our devices,” Deutch said.

Comey noted, “There would be substantial risks around creating this software.”

[RELATED: Reality Check: Why McAfee Says FBI Really Wants To End Encryption, Not Hack Just One iPhone]

Deutch replied, “If that’s the case that it’s usable in more than one phone and it applies beyond there, then the public safety concerns that a lot of us have [about] if the public got access to our phones and our children’s phones, in that case, those are really valid, aren’t they?”

Comey said it is a valid concern, but claimed that it’s a question “we’re going to have litigation about is how reasonable is that concern,” adding “slippery slope arguments are always attractive.”

Comey acknowledged that the software may not be used for only the iPhone in the San Bernardino case, when he was questioned by Rep. Bob Goodlatte (R-Va.)

“It won’t be a one-time request. It’ll set precedent for other requests from the FBI and any other law enforcement,” Goodlatte said.

“Sure, potentially,” Comey said.

[RELATED: Apple Policy Says They Won’t Unlock Devices for Government Requests]

Apple General Counsel Bruce Sewell was later added to the hearing, and Comey said that in regards to the risks that would come with the creation of the software, “It’s not [Apple’s] job to watch out for public safety. That’s our job.”

Sewell told the committee that the company is not trying to look out for public safety as much as it is protecting its First Amendment rights to free speech and its Thirteenth Amendment rights to deny forced labor as a private citizen.

Sewell said the FBI’s argument that Apple is using the San Bernardino case as a marketing ploy “makes my blood boil.”

[pull_quote_center]This is not a marketing issue, that’s a way of demeaning our argument. We don’t take out billboards for our security. We don’t take out ads for our encryption. We’re doing this because we think it’s the right thing to do. To say that it’s a marketing ploy to to say that it’s about PR really diminishes a very serious conversation that should be about security of the American people.[/pull_quote_center]

[RELATED: FBI Ordered Password Reset on San Bernardino Shooting Suspect’s iPhone]

As previously reported, the FBI admitted in February that it reset the password on the iPhone used by San Bernardino shooting suspect Syed Farook within 24 hours of the shooting.

Apple officials criticized the move, and reportedly claimed that changing the password revoked the company’s access into an auto-backup of the phone. Comey admitted that this was a “mistake,” and claimed that even if the FBI had acted differently, it still wouldn’t have been able to access everything on the phone without Apple’s help.

[RELATED: NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case]

The FBI is currently attempting to use the All Writs Act of 1789 to justify forcing Apple to extract data from iPhones in 12 different cases. In some cases, that involves using existing capabilities to pull contacts and calling information, but in other cases it would require Apple to create new software to break the iPhone’s encryption.

New York Magistrate Judge James Orenstein ruled Monday that in one of the cases, a criminal drug case in Brooklyn, the All Writs Act does not justify “imposing on Apple the obligation to assist the government’s investigation against its will.” While this ruling is not binding in any other court, it does mark the first time a federal judge has ruled in Apple’s favor.

Follow Rachel Blevins on Facebook and Twitter.

Featured, Government Accountability, Privacy

NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case

Leave a comment

In an unprecedented move, a New York Magistrate Judge ruled Monday that the United States Department of Justice cannot force Apple Inc. to extract data from a locked iPhone, as ordered by the Federal Bureau of Investigation, in a criminal drug case.

While the ruling is not binding in any other court, and the case deals with the iPhone 5 belonging to Jun Feng, who pleaded guilty to drug charges in October, the FBI is using the same defense that it is using to order Apple to “build a backdoor” into the iPhone of a San Bernardino shooting suspect.

[RELATED: Apple Policy Says They Won’t Unlock Devices for Government Requests]

The All Writs Act of 1789 states that “The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law” and that an alternative writ or rule nisi may be issued by a justice or judge of a court which has jurisdiction.”

In a ruling issued Monday, Brooklyn Magistrate Judge James Orenstein became the first federal judge to rule that the All Writs Act does not justify “imposing on Apple the obligation to assist the government’s investigation against its will.”

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]  

“The implications of the government’s position are so far-reaching — both in terms of what it would allow today and what it implies about congressional intent in 1789 — as to produce impermissibly absurd results,” Orenstein wrote.

[pull_quote_center]The Application before this court is by no means singular: the government has to date successfully invoked the AWA to secure Apple’s compelled assistance in bypassing the passcode security of Apple devices at least 70 times in the past; it has pending litigation in a dozen more cases in which Apple has not yet been forced to provide such assistance; and in its most recent use of the statute it goes so far as to contend that a court — without any legislative authority other than the AWA — can require Apple to create a brand new product that impairs the utility of the products it is in the business of selling.[/pull_quote_center]

[RELATED: FBI Ordered Password Reset on San Bernardino Shooting Suspect’s iPhone]

Claiming that it is “clear that the government has made the considered decision that it is better off securing such crypto-legislative authority from the courts,” Orenstein noted that former proceedings which were “shielded from public scrutiny,” have shown that the government has chosen to forego “taking the chance that open legislative debate might produce a result less to its liking.” 

[pull_quote_center]It is thus clear that the government is relying on the AWA as a source of authority that is legislative in every meaningful way: something that can be cited as a basis for getting the relief it seeks in case after case without any need for adjudication of the particular circumstances of an individual case (as the arguments that the government relies on here to justify entering an AWA order against Apple would apply with equal force to any instance in which it cannot bypass the passcode security of an Apple device it has a warrant to search).[/pull_quote_center]

This case is just one of the 12 government orders Apple is contesting. The Intercept noted that while some cases such as the case of Jun Feng, would require Apple to “use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS7 and older,” other cases such as the one in the San Bernardino shooting would require Apple to “design new software to let the government circumvent the device’s security protocols and unlock the phone.”

[RELATED: Reality Check: Why McAfee Says FBI Really Wants To End Encryption, Not Hack Just One iPhone]

During a recent Reality Check segment, Ben Swann interviewed John McAfee, a cybersecurity expert and the creator of McAfee security software, who questioned whether the FBI was honest when it claimed it wanted an encryption key to hack a single iPhone.

Reality Check: McAfee Claims FBI Wants To End All Encryption,…

Reality Check: McAfee Claims FBI Wants To End All Encryption, Not Just Hack One iPhone

Posted by Ben Swann on Tuesday, February 23, 2016

Follow Rachel Blevins on Facebook and Twitter.

Featured, Privacy, Technology

Bill Gates Sides with FBI, Downplays Order to Create ‘Backdoor’ for iPhone

Leave a comment

Microsoft founder Bill Gates set himself apart from other Silicon Valley CEOs when he pledged his support to the FBI, and criticized Apple for refusing to comply with the government’s order to “build a backdoor” into the iPhone.

While Apple CEO Tim Cook said that creating the technology to break into an encrypted iPhone “has implications far beyond the legal case at hand,” Gates told Financial Times that he disagrees with Cook’s interpretation of the request.

“Nobody is talking about a ‘backdoor,’ so that’s not the right question,” Gates said. “This is a specific case where the government is asking for access to information. They are not asking for some general thing, they are asking for a particular case.”

The “particular case” that Gates is referencing is the iPhone used by Syed Farook, who is a suspect in the shooting that killed 14 people and wounded 22 in San Bernardino, California, in December. Last week, U.S. Magistrate Judge Sheri Pym ordered Apple Inc. to break into Farook’s iPhone to access its data.

[RELATED: Apple Rejects Government Order To Create ‘Backdoor’ for iPhone]

However, in a letter to customers last week, Cook asserted that the government’s order was for Apple to create “a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation.”

Cook claimed the software “does not exist today,” and said that in the wrong hands, it would have “the potential to unlock any iPhone in someone’s physical possession.”

[RELATED: FBI Ordered Password Reset on San Bernardino Shooting Suspect’s iPhone]

The FBI confirmed on Friday that it ordered San Bernardino county officials to reset the iCloud password of the iPhone used by Farook, which reportedly eliminated “the possibility of an auto-backup” of the device’s data.

In his interview with Financial Times, published Tuesday, Gates insisted that Apple still has access to the information.

“Apple has access to the information,” Gates said. “They’re just refusing to provide the access, and the courts will tell them whether to provide the access or not. You shouldn’t call the access some special thing.”

Gates went on to say he believes this case is no different than the FBI asking a bank to hack into the account of one of its customers.

“It is no different than [the question of] should anybody ever have been able to tell the phone company to get information, should anybody be able to get at bank records,” Gates said. “Let’s say the bank had tied a ribbon round the disk drive and said, ‘Don’t make me cut this ribbon because you’ll make me cut it many times’.”

Gates also told FT that he hopes there will be a debate “so that the safeguards are built and so people do not opt” to say “it is better that the government does not have access to any information.”

[RELATED: Facebook, Twitter Among Companies Support Apple in Fight Against FBI]

The views expressed by Gates contrast those of other major tech companies and their CEOs.

Facebook issued a statement claiming it will “continue to fight aggressively against requirements for companies to weaken the security of their systems.” Twitter co-founder and CEO Jack Dorsey said he supports Apple and thanked Cook for his leadership. Google CEO Sundar Pichai said “forcing companies to enable hacking could compromise users’ privacy.” And WhatsApp CEO and co-founder Jan Koum said tech companies “must not allow this dangerous precedent to be set.”

Follow Rachel Blevins on Facebook and Twitter.

Featured, Government Accountability, Hot, Technology

FBI Ordered Password Reset on San Bernardino Shooting Suspect’s iPhone

Leave a comment

Apple Inc. indicated on Friday that the reason the FBI was requesting a “backdoor” into the iPhone of one of the suspects in the San Bernardino shooting was because the agency reset the iCloud password on the phone, leading to Apple’s inability to obtain backup data.

The iPhone in question was reportedly used by Syed Farook, who, with his wife, Tashfeen Malik, are suspects in the shooting that killed 14 people and wounded 22 in San Bernardino, California in December.

Apple Inc. CEO Tim Cook initially spoke out about the FBI’s request on Tuesday when he revealed that the agency wanted Apple to create a way to decrypt the iPhone, which he believed “has implications far beyond the legal case at hand” due to the fact that once “a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.” 

[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone] 

The Guardian reported that the phone used by Farook belonged to his employer, San Bernardino County, and that while Apple has provided the FBI with the backup data it accessed through Farook’s iCloud account, the last backup was performed on Oct. 19, six weeks before the shooting.

The FBI filed a motion with the Department of Justice on Friday to demand Apple’s cooperation, claiming that rather than assist the effort to fully investigate a deadly terrorist attack by obeying this court’s [order], Apple has responded by publicly repudiating that order.” 

[RELATED: Facebook, Twitter Among Companies Supporting Apple in Fight Against FBI]

During a conference call Friday afternoon, an anonymous Apple official reportedly revealed that the iCloud password on the suspect’s iPhone was changed “less than 24 hours after the government took possession of the device,” which revoked Apple’s access into the iCloud account that was used for the backup content.

The San Bernardino County Wire Twitter account confirmed the revelation on Friday evening saying, The County was working cooperatively with the FBI when it reset the iCloud password at the FBI’s request.”

The FBI reportedly released a statement on Saturday stating that it “worked with” county officials to reset the iCloud password, claiming that “a logical next step was to obtain access to iCloud backups for the phone in order to obtain evidence related to the investigation in the days following the attack.”

The Guardian reported that “an Apple executive noted that had the password reset not happened, America’s most valuable company might not be going to court with its own government.”

While the mother of one San Bernardino shooting victim said she believes Apple is “definitely within their rights” to refuse to create a backdoor into the iPhone, a lawyer said he was contacted last week by “the Justice Department and local prosecutors,” and will be representing a number of the shooting victims in a lawsuit against Apple.

Follow Rachel Blevins on Facebook and Twitter.

Editor’s Pick, Featured, Hot, Privacy, Technology

Apple Rejects Government Order to Create ‘Backdoor’ for iPhone

Leave a comment

In an unprecedented ruling Tuesday, a magistrate judge ordered Apple Inc. to infiltrate the iPhone of a suspect in the San Bernardino shooting case, and the CEO of Apple issued a public statement vowing to fight back against it.

As part of an investigation into the shooting that occurred in San Bernardino, California in December when a couple opened fire at a work Christmas party killing 14 people and wounding 22, U.S. Magistrate Judge Sheri Pym ordered Apple to help the Obama administration break into an encrypted iPhone that belonged to Syed Farook, one of the suspected shooters.

Apple Inc. CEO Tim Cook posted a statement regarding the order online, and said he opposes it due to his belief that it has implications far beyond the legal case at hand.”

According to Cook, the government has ordered Apple to create “a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation.”

Cook acknowledged the importance of encryption, and said that although he was shocked and outraged by the deadly act of terrorism in San Bernardino,” he feels that Apple has worked with the FBI to the fullest extent in retrieving information related to the case.

[pull_quote_center]When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.[/pull_quote_center]

Cook brought up the unparalleled power that would come from Apple agreeing to “build a backdoor” into the iPhone, which would create “the potential to unlock any iPhone in someone’s physical possession.”

“Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”

Cook noted that “Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.”

Cook went on to say that while the government has argued that building a backdoor for just one iPhone is a simple, clean-cut solution,” he believes that once “a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.”

“Opposing this order is not something we take lightly,” Cook said. “We feel we must speak up in the face of what we see as an overreach by the U.S. government.”

[pull_quote_center]We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.[/pull_quote_center]

Cook said “the implications of the government’s demands are chilling,” and noted that if a backdoor to the iPhone is built, the U.S. government could “extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.”

[pull_quote_center]We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications. While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.[/pull_quote_center]

[UPDATE: Facebook, Twitter Among Companies Supporting Apple in Fight Against FBI]

Follow Rachel Blevins on Facebook and Twitter.

Government Accountability, Opinion, Privacy, Technology

U.S. Police Chiefs Demand Access to Encrypted Communications Following Paris Attacks

Leave a comment

As the world heals from the recent terror attacks in Paris, we are witnessing a range of reactions from heads of state and media pundits. The corporate media is doing its part to repeat the mistakes witnessed following 9/11, including support for curtailing of the rights of Muslim-Americans and an increase in surveillance and violations of constitutional freedoms.

The attacks in Paris, which claimed the lives of 130 people, have ignited a call from police chiefs and prosecutors who seek to pass legislation which would give investigators access to encrypted communications in an attempt to stop terrorism.

On Tuesday, the International Association of Chiefs of Police (IACP) and the National District Attorneys Association (NDAA) announced in a press release that they were joining forces to “press for immediate action to address this critical threat.” The statement reads:

[pull_quote_center]The proliferation of sophisticated encryption technology and other technological barriers have increasingly hindered law enforcement’s ability to lawfully access criminal and terrorist related communications.[/pull_quote_center]

The groups also state that encryption has led to numerous instances where police could not access encrypted information “that could have allowed them to successfully investigate and apprehend criminals or prevent terrorists from striking.”

Although there is not yet evidence that ISIS member used encrypted communication programs to plan their attacks, lawmakers are calling for legislation which would allow law enforcement to access a “backdoor” to encrypted data with a warrant.

The Information Technology Industry Council told the Hill that creating backdoors would “actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy.”

Still, the chiefs are seeking access to protected communications by updating laws such as the Communications Assistance for Law Enforcement Act and the Electronic Communications Privacy Act. The groups state that they are committed to finding a solution “which balances the needs of the law enforcement community with protecting the public’s right to privacy.”

Last week, The Washington Post reported that Manhattan District Attorney Cyrus R. Vance Jr., an outspoken critic of encrypted communications, asked Congress to pass a law requiring the unencrypted content of any smartphone made or sold in the United States to be accessible to law enforcement officers with a search warrant. Vance said the changes were necessary following the Paris attacks.

“Every tip will be investigated, every lead will be followed, but every time one of those trails leads to an encrypted cellphone, it may go cold,” Vance stated.

Whether or not Americans continue to be granted the right to privacy depends on how willing we are to accept these radical changes in the name of security. How can we strike a balance between freedom and security while knowing that the U.S. government is funding the same terrorists whom we are supposed to fear? Are Americans willing to give up their rights once more in the hopes that the U.S. government will keep us safe?

Police State, Politics

FBI Director: Government-Proof Encryption Threatens National Security

5 Comments

On Monday, Federal Bureau of Investigation Director James Comey penned an op-ed in the national security blog Lawfare which claimed that data encryption techniques that are effective enough to challenge the government’s ability to crack them are a threat to national security.

The logic of encryption will bring us, in the not-to-distant future, to a place where devices and data in motion are protected by universal strong encryption. That is, our conversations and our ‘papers and effects’ will be locked in such a way that permits access only by participants to a conversation or the owner of the device holding the data,” said Comey. After paying brief lip service to the benefits of strong encryption, Comey began to lay out why he thinks future advancements in encryption technology will “inexorably affect my ability to do [my] job.

When the government’s ability—with appropriate predication and court oversight—to see an individual’s stuff goes away, it will affect public safety,” asserted Comey. He continued, evoking terrorism, “That tension is vividly illustrated by the current ISIL threat, which involves ISIL operators in Syria recruiting and tasking dozens of troubled Americans to kill people, a process that increasingly takes part through mobile messaging apps that are end-to-end encrypted, communications that may not be intercepted, despite judicial orders under the Fourth Amendment. But the tension could as well be illustrated in criminal investigations all over the country. There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption.”

According to National Journal, Comey will testify on Wednesday before the US Senate’s Intelligence and Judiciary committees on the challenges law enforcement agencies face in keeping up with encryption techniques.

Earlier this year, President Obama took a position similar to Comey’s on the issue and said, “If we get into a situation which the technologies do not allow us at all to track somebody we’re confident is a terrorist… that’s a problem.

National Journal’s Dustin Volz wrote, “Many believe there is no such thing as a ‘golden key’ for encryption that could allow law-enforcement or national security professionals access into an encrypted device without also creating a vulnerability that malicious hackers could exploit.

Government Accountability, Privacy, Technology

Report Exposes CIA’s Attempts to Hack Apple Devices

1 Comment

A report released on Tuesday by The Intercept asserted that researchers within the Central Intelligence Agency (CIA) have been engaged in a “multi-year, sustained effort” to sabotage the security of Apple’s iPhones and iPads, using a variety of methods including creating dummy software targeted towards developers and attempting to crack Apple’s encryption keys. The Intercept based its report on documents provided by NSA whistleblower Edward Snowden.

According to The Intercept, the researchers discussed ways to exploit security flaws of the devices at a secret annual meeting called the Trusted Computing Base Jamboree. It is claimed that the researchers created a modified version of Xcode, Apple’s development software that is used to create apps. The modified version of Xcode would let the CIA, NSA and other agencies to access apps created by developers using the modified software:

“The researchers boasted that they had discovered a way to manipulate Xcode so that it could serve as a conduit for infecting and extracting private data from devices on which users had installed apps that were built with the poisoned Xcode. In other words, by manipulating Xcode, the spies could compromise the devices and private data of anyone with apps made by a poisoned developer — potentially millions of people.”

The Intercept reported that the researchers had also made efforts to utilize keylogging software, which would record every stroke typed by a user affected by the software.

The documents provided by Snowden do not specify that the CIA’s efforts to break into Apple devices have been successful. The CIA and NSA have not yet responded to The Intercept’s report.

“Spies gonna spy,” Steven Bellovin, a former U.S. Federal Trade Commission chief technologist who is now a professor at Columbia University, told The Intercept. “I’m never surprised by what intelligence agencies do to get information. They’re going to go where the info is, and as it moves, they’ll adjust their tactics. Their attitude is basically amoral: whatever works is OK.”

According to The Intercept, government agencies have desired the continuous ability to “bypass security tools built into wireless devices.” Apple’s CEO, Tim Cook, made a pledge last year to protect the privacy of Apple users, especially from all government agencies. On Apple’s website, Cook wrote that “I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”

Apple declined to respond to the report from The Intercept, and instead referred the publication to the company’s previous privacy statements.

Featured, Police State, Politics, Technology, US

Prosecutors Say 1789 George Washington Law Requires Google, Apple to Decrypt Smartphones for Cops

Video 17 Comments

Ever since whistleblower Edward Snowden revealed that the National Security Agency has been spying on Americans’ private digital communications in a widespread, warrantless, and indiscriminate manner, technology companies like Google and Apple have begun to respond to consumer demand for anti-government snoop prevention tools by developing smartphones that come with unbeatable security measures that prevent anyone other than the phone’s owner from unlocking it and accessing its data. As courts wrestle with the question of whether judges can order cell phone companies to help cops gain access to suspects’ smartphone data, tech giants are stepping out in front of the issue by developing smartphones and tablets that they themselves can not even unlock.

In response to mobile technology companies’ self-interested attempts to protect users’ privacy, according to Ars Technica, federal prosecutors have successfully argued two times so far that an obscure catch-all law, signed in 1789 by George Washington during his first year in office, requires tech firms to assist the government in obtaining suspects’ private smartphone and tablet data. The All Writs Act, which first made its way into federal statute as a part of the Judiciary Act of 1789 and which was later tweaked into its current form in 1911, grants federal courts the power to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.” The above-provided video by Cybersecurity Fellow at the Center for International Security and Cooperation Jonathan Mayer breaks down the logic that prosecutors might use when arguing that the All Writs Act could be utilized to compel a tech company to unlock a phone or decrypt its data on behalf of the government.

The Wall Street Journal notes that, on October 31 of this year, prosecutors successfully utilized George Washington’s law to this effect when a judge ordered an unnamed cell phone company to unlock a smartphone in order to assist the court in effectuating a warrant in a New York credit card fraud case. Said US Magistrate Judge Gabriel Gorenstein, who presided over the case, “It is appropriate to order the manufacturer here to attempt to unlock the cellphone so that the warrant may be executed as originally contemplated.”

Ars Technica also provided court documents from a November 3, 2014 case in which federal attorneys used the All Writs Act to compel Apple to assist police in accessing data on an iPhone 5s that was seized from a suspect. Assistant US Attorney Garth Hire argued in the case, “This Court has the authority to order Apple, Inc., to use any capabilities it may have to unlock the iPhone.”

While Magistrate Judge Kandis Westmore did order Apple to help prosecutors obtain data from the phone during the proceedings, she placed limits on that compulsion that could set a precedent rendering this usage of the All Writs Act totally useless in future situations involving newer smartphones that tech companies do not have the ability to decrypt or unlock. Judge Westmore required Apple to “provide reasonable technical assistance to enable law enforcement agents to obtain access to unencrypted data.” She also limited the degree to which the government can compel Apple to help by saying, “It is further ordered that, to the extent that data on the iOS device is encrypted, Apple may provide a copy of the encrypted data to law enforcement but Apple is not required to attempt to decrypt, or otherwise enable law enforcement’s attempts to access any encrypted data.”

Federal Bureau of Investigation Director James Comey criticized tech companies for developing decryption-proof phones for customers in comments cited by The Register, “What concerns me about this is companies marketing something expressly to allow people to place themselves above the law.” It is not yet known how the All Writs Act will be applied in the future in cases involving phones that companies like Apple and Google can not unlock.

ACLU attorney Alex Abdo, in comments to Ars Technica, argued that the government should not be using an 18th century law to address a technological issue that could not possibly have been imagined by those who penned it. Said Abdo, “It is disconcerting that the government is relying on a catch-all law to seek surveillance powers that it should be seeking from Congress and the public… If the government wants new spying tools, it should allow our democratic process to debate them openly first.”

Some have raised concerns that the All Writs Act could be used to compel tech companies to provide backdoors into their devices, granting the government general access to all users’ data. The Electronic Frontier Foundation has argued that such an effort to twist a Founding Father’s words to undermine the Fourth Amendment would be “unreasonably burdensome” on tech companies, therefore failing to meet a crucial test in the law’s application in that it would require a company to weaken its own security measures, rendering its product ineffective at its advertised purpose.