Yeah, Apple, that’s some heavy-duty security ya got there…

When the news broke a few days ago that the government thought it had a way to get into the San Bernardino shooter’s phone without Apple’s help, someone on the radio made the point that this development meant both sides were losers:Apple_Logo_Png_06

  1. The government had to admit it was wrong that they could only get into the phone with Apple’s help.
  2. Apple, which based its refusal to provide this service to the country on the claim that it was just so important that its security remain intact, and that even Apple itself coming up with a way in would compromise the truly awesome security of its phones to an unacceptable extent, would be exposed as having lame security if a third party could indeed break in.

Here’s today’s news:

The Justice Department is abandoning its bid to force Apple to help it unlock the iPhone used by one of the shooters in the San Bernardino terrorist attack because investigators have found a way in without the tech giant’s assistance, prosecutors wrote in a court filing Monday.

The government said that investigators had now “accessed the data stored on” the shooter’s iPhone and no longer needed Apple’s help. They asked a court to vacate an earlier ruling forcing Apple to provide assistance….

It’s good that law enforcement can now see whether there’s any intel of value on the phone. It’s bad that we didn’t establish the precedent that Apple has to cooperate with law enforcement. But I console myself on that point with the fact that Tim Cook now has egg on his face because his vaunted security has been shown to… I believe the technical term is “suck.”

67 thoughts on “Yeah, Apple, that’s some heavy-duty security ya got there…

  1. Keith Marsh

    Yep, if you can write software someone can hack it. I think it will be interesting if Apple asks the feds how they did it and what the reply will be. Google offers rewards for people that can hack their software in order to make it more secure. I wonder if Apple will do that or quietly let this fade away. Guessing fade away…

  2. Doug Ross

    They could always crack the phone. This was a PR move to try and open the door for future backdoors to be built into even more secure operating systems in the future. They failed on the P.R. move and had to fall back to doing what we already knew they could do.

    And, yeah sure, they ONLY collect metadata in the NSA, Riggggghhtt…..

    1. Barry

      FBI was playing games.

      Hopefully APPLE will take the challenge very seriously and will keep pushing hard for privacy.

  3. Doug Ross

    Edward Snowden three weeks ago:

    Snowden: FBI Claim That Only Apple Can Unlock Phone Is “Bullsh&t”

    The article explains that the FBI had plenty of options at their disposal. This was all about trying to open up future phones.

    1. Doug Ross

      And the FBI director testified under oath not very long ago that the FBI did not have the ability to unlock the phone. Not that he’d lie under oath to further the FBI’s agenda… but how convenient for them.

      1. Doug Ross

        And before Brad goes off on one of his anti-Snowden rants, here’s what Colin Powell’s former chief of staff said about Snowden last week:

        “A retired Army colonel who served as the chief of staff to Secretary of State Colin Powell in President George W. Bush’s administration, Wilkerson has established himself as a prominent critic of U.S. foreign policy. He sat down with Salon for an extended interview, discussing a huge range of issues from the war in Syria to climate change, from ISIS to whistle-blower Edward Snowden, of whom Wilkerson spoke quite highly.

        “I think Snowden has done a service,” Wilkerson explained. “I wouldn’t have had the courage, and maybe not even the intellectual capacity, to do it the way he did it.”

        Snowden’s reputation in mainstream U.S. politics, to put it lightly, is a negative one. In the summer of 2013, the 29-year-old techno wiz and private contractor for the NSA worked with journalists to expose the global surveillance program run by the U.S. government.

        His revelations informed the public not only that the NSA was sucking up information on millions of average Americans’ private communications; they also proved that the U.S. government was likely violating international law by spying on dozens of other countries, and even listening to the phone calls of allied heads of state such as German Chancellor Angela Merkel, who subsequently compared the NSA to the Stasi, East Germany’s secret police.

        Breaking with establishment political figures, Col. Wilkerson commended Snowden for his work and the way in which he carried it out.

        “There’s a logic to what he has done that is impressive,” Wilkerson told Salon. “He really has refrained from anything that was truly dangerous, with regard to our security — regardless of what people say.”

          1. Doug Ross

            Excuse me if I trust the judgment of a guy who has a far better understanding of the environment. Experience matters, right?

  4. Bryan Caskey

    In retrospect, Apple probably would have been smarter to have played ball with the FBI. Now they have to admit their security ain’t so great after all.

      1. Bryan Caskey

        Alternate theory: What if the FBI didn’t crack the code, but they want the bad guys to think that they cracked the code so as to drive them to use other devices? The ol’ iPhone fumblerooski.

        Yeah, that’a a little far-fetched, but fun to ponder.

  5. Bryan Caskey

    Smart terrorists will still find ways to encrypt their messages. But, hey, I’ll take catching dumb terrorists over catching no terrorists.

      1. Doug Ross

        You think we’ll ever hear that the phone didn’t provide any meaningful information?

        1. Brad Warthen Post author

          I don’t know, Doug. But I’ve got to ask: What difference would that make?

          You’ve brought up the possibility that there’s nothing of value on the phone before, as though it were an argument against the FBI having access to it.

          And yet, the only way to know that there’s nothing of value on the phone would be to gain access to it.

          So I don’t understand at all why you keep touching on this.

          My own guess is that there’s probably only about a 20 percent chance that there would be something of value to the investigation on the phone. It was his work phone, not his personal phone.

          But of course, of course, of COURSE the FBI needed to open that door to see…

          1. Doug Ross

            I’d put the chance of there being anything of value at 0.20% They probably already can get call logs (or from the NSA) and texts from the mobile carrier. What else would be on there? You have to measure the return on investment of resources. How likely is it that they would use a work phone subject to inspection/confiscation by their employer for terrorist activities?

            This was all about trying to set the stage for future battles to provide a backdoor.

            1. Bryan Caskey

              What’s all this stuff about “future battles” anyway? You mean you’re afraid that sometime in the future the FBI is going to want to search other phones obtained from other bad guys via legal search warrants? This is your scary hypothetical?

              Gee, that sounds really horrible. We gotta stop that.

              1. Doug Ross

                No I am concerned that they will start using the same backdoor to go after Americans who aren’t terrorists. Why not unlock the phone of Joe Drug Dealer and get all of HIS contacts? Oh, no, the FBI would never target U.S. citizens. They’d never collect information on anyone who wasn’t suspected of committing a crime. That sound you hear is J.Edgar Hoover’s ghost chuckling.

                Give them a hammer and everything will look like a nail.

                Why not lay out beforehand specifically what they are looking for and why? You know, something justifiable beyond: “We want to take a look at it”. What are they expecting to find? Has that been described? I’d just like to see what they’ve come up with so far that makes the phone such a vital link to national security. So they crack the phone, then what? Are they going to interview every person who ever received a phone call or text from the guy?

                Do you believe the FBI should have a backdoor into future Apple iPhone operating systems?

                Let’s take it a step further. When Google Glass type recorders become more pervasive, should the government be able to access encrypted video files of anyone who witnesses a crime?

                1. Bryan Caskey

                  “So they crack the phone, then what? Are they going to interview every person who ever received a phone call or text from the guy?”

                  I don’t know, maybe. I don’t have a problem with the FBI asking people questions. Is it impossible to believe that there are FBI agents who truly want to find the bad guys and not waste time on innocent people?

                  They’d never collect information on anyone who wasn’t suspected of committing a crime. That sound you hear is J.Edgar Hoover’s ghost chuckling.

                  You’re conflating the NSA data collection stuff with the completely different matter of the FBI looking at something that it has a legal (and specific) warrant to search. I think you’re hung up on the fact that it’s a phone. It’s just a device with information. It could be a filing cabinet, for all the law cares. Could you argue that the FBI shouldn’t be able to look into the filing cabinet of a terrorist that they found following the execution of a valid search warrant? It’s the same thing. Phones aren’t special, but people are getting all in a huff about it because it’s a phone.

                  Why not lay out beforehand specifically what they are looking for and why? You know, something justifiable beyond: “We want to take a look at it”. What are they expecting to find? Has that been described? I’d just like to see what they’ve come up with so far that makes the phone such a vital link to national security.

                  This step is already over. It happened. This was when the FBI asked for a warrant. The judge granted it based on the evidence presented. No one with any sense or understanding of the situation is even making this weird argument that you’re making here. You’re quite literally alone on this argument.

                  “Do you believe the FBI should have a backdoor into future Apple iPhone operating systems?

                  I am perfectly fine with the FBI, or any other law enforcement for that matter, searching an iPhone that they seize as part of a valid warrant. The 4A says that no warrant may be issued without probable cause. I know you hate the answer of “Let the legal system work” because you’re an engineer-brained guy, but it works. If the FBI doesn’t have probable cause to search your phone, then they can’t use anything they find in court.

                  “Let’s take it a step further. When Google Glass type recorders become more pervasive, should the government be able to access encrypted video files of anyone who witnesses a crime?”

                  Gosh, I hope so. You mean there will be video evidence of the crime occurring, and you want to deprive the jury of that evidence? Sounds pretty great to me. What if Doug Ross is falsely accused of a crime (because the government wants to shut him up) and some Google Glass video exonerates you? Seems like it might be nice to have access to that kind of evidence. You know, to catch the real bad guys?

                2. Doug Ross

                  Sure you don’t have a problem with the FBI asking questions. But is it the right use of limited resources? If our national security is depending on this one thing, this one phone, then we’re screwed. This is the key to overthrowing ISIS?

                  I’m not hung up at all that it is a phone. I am “hung up” on the fact that this is not about that phone. It is about future phones. It’s about establishing a precedent and moving the bar of intrusiveness just a little further so that the next time they’ll say “But you did THAT, why won’t you be patriotic and do THIS?”

                  I’m a big believer in open government. If they got a warrant, how about sharing what they’re looking for. Do you know what the details of the warrant are? My guess: “This guy was a terrorist. We want to look at his phone. America!”

                  You want the legal system to work. It doesn’t always work. And then you’ll give the shrugging guy, “what me worry” response.

                  This could have been handled in a much different manner. The FBI screwed the pooch multiple times. They lied about being able to crack the phone. They grandstanded to try and paint Apple as some anti-American greedy profit machine. They failed to make their case… so didn’t the legal system work?

      2. Bryan Caskey

        So there are no other terrorists/jihadists out there who want to kill innocent people? The San Bernardino terrorists were the final terrorists?

        That’s your position?

        1. Doug Ross

          My position is that this phone is very, very, very, very unlikely to hold any evidence that will identify another terrorist. And if this work phone IS the key to unlocking the terrorist network, then whoever is working in the FBI is doing a lousy job. It would be very helpful to the American people to find out what exactly was found on the phone that made it worth expending so many resources to try and unlock. It’s find to go on a fishing expedition but using a battleship to catch a goldfish is not the best approach.

          1. Brad Warthen Post author

            And of course, whether there is a goldfish or a whale or nothing is a complete unknown until after you’ve gained access to the data.

            This is a weird argument to be having…

  6. Burl Burlingame

    Still flummoxed that this went public, unless that was the real agenda. The Feebs should have quietly asked Apple to crack the phone, and Apple should have quietly complied, and we’d never know about it. The was supposed to be about the data, not the process, right?

    1. Brad Warthen Post author

      I agree it should never have come to this. But the sensible scenario you propose — feds quietly asking, Apple quietly complying — depended on Apple complying.

      If I recall correctly, Apple used to do so routinely. This inexcusable refusal is a pattern that recently developed. The FBI was trying to reverse that trend, hence the public confrontation…

      1. Doug Ross

        Do you simply refuse to accept that the FBI could have an ulterior motive in this case? That they want to establish a precedent for future phones that offer stronger encryption? Do you reject the idea that if a backdoor is created for the government that some other entity might exploit it?

        1. Brad Warthen Post author

          You act like such an “ulterior motive” would be a bad thing. I think it’s very important that the government establish that companies such as Apple do NOT have the right to be such uncooperative, antisocial jerks.

  7. Claus

    The Feds have not “cracked” the encryption yet. All they’ve done is capture the data and copied it a bazillion times because if the password is attempted incorrectly 9 times on an iPhone it deletes it after the 10th unsuccessful attempt. So what the Feds have done is cloned the phone thousands of times and stated trying passwords (0001, 0010, 0100, 1000, 1001 etc…). They still do not have any unencrypted data. That process in itself could take years.

  8. Assistant

    I see that there’s a sizable contingent that holds the notion that what terrorists encrypt should stay encrypted. Okay, I assume that these same folks have an aversion to strenuous questioning of captured terrorists too. The really good news is that there is a country where folks like that can see their preferences followed, Belgium.

    When Salah Abdeslam, believed to be the logistics chief for an Islamic State terrorist cell, was captured, Belgian officials followed law enforcement procedures with precision. They provided Abdeslam a lawyer, told him he had the right to remain silent and put him into the Belgian criminal-justice system. Four days later, the terrorist cell carried out bombings in Brussels that killed 35 people — including at least four Americans — and injured hundreds more.

    Astonishingly, officials did not question Abdeslam at all for his first 24 hours in custody. He spent Friday night in the hospital recovering from a leg wound sustained in the raid. When he was finally returned to the police on Saturday, he was questioned by authorities for a grand total of . . . two hours — and then was not questioned again until after the attacks. Why? “He seemed very tired and he had been operated on the day before,” a senior Belgian security official told Politico.

    He seemed tired? That’s precisely when they should be interrogating him. The CIA used sleep deprivation as one of its most effective interrogation tools. But for Belgians, a terrorist’s exhaustion is a reason to stop questioning, not intensify it.

    But here is the most incredible part: During those two hours of questioning, The Post reports, “investigators did not ask . . . about his knowledge of future plots.” Seriously? Abdeslam was the logistics chief for the Brussels-based terrorist cell that carried out both the Paris and Brussels bombings. According to the New York Times, “He was the fixer, renting cars, finding apartments, picking people up and dropping them off.” He could have identified the other members of his cell; the safe houses they used; how they communicated, moved money, picked travel routes; and — most important — the targets they had selected.

    But investigators did not bother to ask him about plans for new attacks. Instead, The Post reports, they “concentrated solely on the Paris attacks . . . and then no other discussions were held until after Tuesday’s attacks.”

    Quite civil, no? That, mesdames et messieurs, is the Belgian waffle, and the way many here think we should go about treating those folks who kill in cold blood.

  9. Doug Ross

    I think Apple should file a Freedom of Information Act request for all information related to how the FBI was able to crack the phone. Let’s see how they respond. #dowhatwesaynotwhatwedo

    1. Bryan Caskey

      I think the FBI should simply respond: “Thanks so much for your FOIA request. Turns out, we took a chance and guessed the password on the first try. Turned out it was “Jihad4Eva'”.


  10. Doug Ross

    Here’s a level headed analysis of the Apple vs. FBI situation. I would encourage Brad and Bryan to read it. It was never about the phone – as the article points out, the FBI already has a process available to enlist the help of the NSA to crack a phone. It’s fine to be stubborn in the face of facts, but I would hope you’d at least TRY to get a little bit of enlightenment.

    1. Bryan Caskey

      Okay. I read it. It’s kind of a general article that doesn’t tell me anything I didn’t already know. The article certainly doesn’t get very in-depth, as there’s no mention of the actual, controlling precedent US vs. New York Telephone Co. which sort of makes me question how much Fred Kaplan knows. For instance, he says:

      “And so the FBI has to let this test case go and wait—who knows how long—for another tempting case to materialize. Apple, which some lawyers and industry experts believed had a weak case to begin with, legally and politically, should be heaving a sigh of relief—but there’s a downside from its viewpoint, too.”

      (emphasis mine)

      Yes, Doug. “Some lawyers” can be found for any legal proposition under the sun. “Some other lawyers” can also be found for the opposite. In any event, you would think the controlling legal precedent would at least merit a mention if you’re going to opine about the strength of the case.

      If the NSA could open the phone, then that would be a defense that Apple could have/would have raised in the process. I’m not sure how that’s provable, though.

      Also, I don’t really care if the FBI was looking for a test case in which to have the Court system adjudicate the issue. There’s no guarantee the FBI have ultimately won, as stuff like this that goes up to SCOTUS could go either way. Heck, US vs. New York Telephone Co. was a 5-4 decision, so it’s not like even SCOTUS was united on this issue back then.

      By the by, if this had happened under a Caskey Administration, at the point the FBI was provided the ability to crack the iPhone, I would have directed them to keep their mouths shut about it and just withdrawn the case for some innocent reason. I would keep intelligence successes on the terrorist front quiet, rather than publicly crowing about it.


        1. Bryan Caskey

          Ha; nice of you to say. Luckily (for all of us) that’s never going to happen. 🙂

  11. Bob Amundson

    I have friends that are (or have been) military intelligence officers. In discussing this situation, ALL OF THEM would love to have access to the type of information that may be on that phone. One name, and the concept of “six degrees of separation,” could yield a treasure trove of information.

    I see your point, Doug, but my utilitarian analysis results in a belief that the benefit of cracking that phone are more than the costs. We can agree to disagree …

    1. Doug Ross

      It was a work phone, Bob. We’ll never know if there actually was any useful information on it. As I said before, they would already be able to access the call history from the mobile carrier. What else could possibly be on the phone? I’d love to hear some guesses.

        1. Doug Ross

          A name or number that wasn’t available in the cellphone records? I’m asking what would be on the phone specifically, A photo maybe? A Words With Friends game with Osama bin Laden’s relative? A Facebook LIke of an ISIS Fan Page?

          The terrorists in Brussels used burner phones. My guess is that even the dumbest terrorist knows that from watching 24 or Homeland on TV.

            1. Doug Ross

              So how many terrorists have been thwarted by the FBI lately? I’d settle for even a dumb one. Seems like the only ones we hear about are the ones who are killed after they commit a terrorist act.

              1. The FBI

                We could tell you all the details about thwarted attacks, but then we’d have to kill you.

                Oh, and we’d like to look through your iPhone, too. We see that you’re quite the terrorist sympathizer.

  12. Bart

    If my old, fading memory still serves well, when this issue was first addressed, I made the comment that there is no code or access key/code that does not have a “backdoor”. Of course my comment was ridiculed, no names to be mentioned. Doug and I made the point that it was very likely the FBI, etc., probably had the technology to access the information and this was a test case to establish precedent in a court of law.

    What happened in the interim is still unclear and why the government decided to call off the hearing literally at the 11th hour does give one reason to wonder why. At this point, neither side comes out without a little egg on their face and IMHO, we are back at square one on the issue of cooperation between Apple, etc., and the government when it comes to the issue of privacy on cellphones and other devices especially in matters of national security or interest.

    The irony of the situation is that the technology available to the general public is also available to almost every country in the world, friends and enemies alike. Which raises an ethical question, not necessarily a right to privacy matter. If a cellphone or other communication device’s encryption is so secure, no one can break it, what civic responsibility does the company have who developed the technology and/or sells devices with the unbreakable encryption as a standard feature? If any device contains names, locations, plans, or any other information that can lead to or locate anyone in connection to another Brussels, San Berdino, Paris, or any location, friend or foe, that ends up with mass murder of innocent citizens, who is responsible for indirectly fomenting another attack if the information storage device cannot be accessed by anyone other than the owner?

    Better yet, consider the proliferation of child pornography. If a pedophile can use an Apple device to communicate with other pedophiles or child porn purveyors and the information cannot be accessed, who is responsible when another child is molested or used by complete degenerates and the child could have been saved if the information on just one pedophile’s Apple phone could have been accessed? Would you be willing to support Apple if it was your child, grandchild, sister, brother, relative, or close friend who was molested or had their photos distributed across a network of devices that were so secure, legal authorities wouldn’t be able to obtain the information?

    Something to think about.

    1. Brad Warthen Post author

      I don’t have to think about it. Apple’s cooperation with legitimate law enforcement investigations should be complete and unhesitating.

      Apple insists it has good reasons not to provide such cooperation. I have yet to hear a convincing reason.

      Perhaps they just haven’t explained it right. Perhaps there is something that techies all understand and I do not, and it’s one heckuva convincing argument. If so, they need to find a way to translate the argument from their number-oriented brains to my word-oriented one.

      Thus far, I have not seen an argument presented in the English language that was worth more than a snort of derision from my point of view.

      1. Doug Ross

        ” If so, they need to find a way to translate the argument from their number-oriented brains to my word-oriented one.”


      2. Doug Ross

        Your use of terms like complete and unhesitating are scary. The FBI works for US, we don’t work for THEM. They are public servants not masters.

        1. Bart

          Yes, the FBI works for us, they are public servants. Since they are public servants and have been assigned the task of catching the bad guys, they need the necessary tools to do their job. If an encrypted phone prevents them from doing their job, how can they be effective public servants?

          I am not for an unfettered agency that is free to do whatever it pleases, we are still a nation of laws. However, at times it is necessary to take a hard look at the laws and determine what the cost would be if we continue to allow them to be broken or ignored due to an issue like the one before us.

          1. Doug Ross

            They had the tools all along. The NSA was available and had been used before. This was about compelling Apple to write software to do something. This wasn’t handing over a key to the house, this was forcing Apple to come up with a master key that opens any house.

            1. Bryan Caskey

              Ok, explain this to me:

              If, as you say, the NSA was available to open up this iPhone, why couldn’t they open up any iPhone? Don’t they already have a “master key” according to your argument?

            2. Brad Warthen Post author

              Let’s suppose your paranoid view is right. The FBI was lying; they could have gotten into it all along, with the help of the wizards at NSA.

              So what? That makes it OK in your mind for Apple to refuse to cooperate in an investigation? That sort of antisocial malevolence is OK in your book?

        2. Barry

          I agree Doug.

          Brad tends to side with the government on such issues though. I find that scary.

          1. Barry

            and I have a reason to be scared

            my cousin is a federal probation officer. The sort of junk he tells me (without naming names and telling me everything) about their system, and approach to things would scare a Navy Seal.

    2. Doug Ross

      On the child porn issue, there was a story today about the FBI supposedly cracking part of the underground network that uses encryption software called TOR to round up many child porn distributors. But now the issue becomes whether the FBI has to reveal to defense lawyers what they did to crack the encryption that allowed them to find the IP addresses of the people accessing the site. Can a proper defense be provided without that crucial information? There was also some discussion of the fact that the FBI allowed the encrypted server to remain up for some period of time to catch people… was that ethical to allow the child porn to continue to be disseminated after you’ve discovered it? Sort of like letting a drug dealer sell heroin for a couple weeks to round up all his buyers.

      1. Bart

        I read the article and the link to Motherboard for the Paul Harvey, “Now for the rest of the story”, part.

        After reading the articles and some of the descriptions of what the FBI saw on the Playpen site, it was so damn disgusting, I would gladly assist if I could to bring these lowlifes to justice using any means necessary. It takes a uniquely sick individual to take perverse pleasure in watching the sexual and S&M exploitation of a child and to share it with other sick bastards.

        This is one area of the law where there should never be any shades of gray. If a website specifically targets child pornography and the other disgusting, sick crap these sob’s enjoy, it and the so-called “visitors” to the site should not enjoy any protection of privacy at all once the purpose of the site is known.

        And if I was a member of the team who brought these lowlifes to justice and was asked to reveal to the defense exactly how the information was gathered, I would gladly spend time in jail for contempt of court before revealing it.

        I have great respect for your Libertarian convictions but on this one, we will have to strongly disagree.

        1. Doug Ross

          But Bart – what if they were wrong and identified the wrong person? How does a defense team NOT use that to establish reasonable doubt? How do they KNOW that John Doe was at the other end of the network when it happened?

          And are you okay with them allowing the images to remain out there for some period of time while they attempted to round people up? Certainly there were non-U.S. citizens who were accessing this smut.

          1. Bart

            Doug, understand your position but in turn, if the IP address is identified as the articles indicate and based on a little research about these dirtbags, they don’t usually allow anyone access to their computer. They go to great lengths to protect their identity and secret obsessions. Jared Folger is a prime example of a child pornographer and pedophile. He hid his crimes against children for decades until his friend was caught and Jared was tied to him via the internet.

            As to the question about allowing the images to remain out there for some period of time, it was for 2 weeks. It is distasteful and allowed the sick SOBs more time to view the filth but it ended up catching a lot more than one or two. Yes, that aspect is disturbing but considering the wide range of trash Playpen had available and over 200,000 members across the world, at least the FBI shut the server in Lenoir, NC and the other one in another state. And if research is accurate, most of the content is older and very little new is put on the internet.

            I will admit I have a more than passing interest in stopping these people at almost any cost.

Comments are closed.