• DOJ Threatens To Seize iOS (Apple) Source Code

    https://apple.slashdot.org/story/16/...os-source-code

    The DoJ is demanding that Apple create a special version of iOS with removed security features that would permit the FBI to run brute-force passcode attempts on the San Bernardino shooter's iPhone 5c. Meanwhile, President Barack Obama has made public where he stands on the Apple vs. FBI case, which has quickly become a heated national debate. In the court papers, DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state." Footnote Nine of DoJ's filing reads:

    "For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."

    As Fortune's Philip-Elmer DeWitt rightfully pointed out, that's a classic police threat. "We can do this [the] easy way or the hard way. Give us the little thing we're asking for -- a way to bypass your security software -- or we'll take [the] whole thing: your crown jewels and the royal seal too," DeWitt wrote. "With Apple's source code, the FBI could, in theory, create its own version of iOS with the security features stripped out. Stamped with Apple's electronic signature, the Bureau's versions of iOS could pass for the real thing," he added.


    Sign up for a free account to add your comment!


    Comments 23 Comments
    1. puppetmaster's Avatar
      puppetmaster -
      $#@! the doj
    1. presence's Avatar
      presence -
      so what crime did apple commit again?
    1. TheTexan's Avatar
      TheTexan -
      Quote Originally Posted by presence View Post
      so what crime did apple commit again?
      Perhaps one of these?

      Disguise to obstruct justice
      Material support for terrorism
      Aiding and abetting
      Interfering with a police officer
      Sightseeing tours by automobile; unlicensed
      Railroad employ inexperienced personnel
      Municipal light co conflict of interest
      Employing armed guards during a strike
      Manufacture/sale of novelty lighters
      Union organizing, improper payment/solicitation
      Dog order, disobey (c. 140 s. 157a)
      Theatrical agent, unlicensed
      Hunt with Ferret/Fitch
      Paint, mislabelled (c.94 s.291)
      Bakery allow sleeping
      Fire doors locked during business hours
      Forest warden, fail to aid
      Fornication
      Frozen desserts, mislabeled
      Loan secured by firearm
      Lobster, take egg-bearing
      Lobster, sell/offer uncooked dead
      Mayhem
      Pond/reservoir, drain without notice

      I'm sure at least one of these would stick.
    1. DamianTV's Avatar
      DamianTV -
      Quote Originally Posted by presence View Post
      so what crime did apple commit again?
      Terrorism by Encryption! Duh!
    1. puppetmaster's Avatar
      puppetmaster -
      Quote Originally Posted by TheTexan View Post
      Perhaps one of these?

      Disguise to obstruct justice
      Material support for terrorism
      Aiding and abetting
      Interfering with a police officer
      Sightseeing tours by automobile; unlicensed
      Railroad employ inexperienced personnel
      Municipal light co conflict of interest
      Employing armed guards during a strike
      Manufacture/sale of novelty lighters
      Union organizing, improper payment/solicitation
      Dog order, disobey (c. 140 s. 157a)
      Theatrical agent, unlicensed
      Hunt with Ferret/Fitch
      Paint, mislabelled (c.94 s.291)
      Bakery allow sleeping
      Fire doors locked during business hours
      Forest warden, fail to aid
      Fornication
      Frozen desserts, mislabeled
      Loan secured by firearm
      Lobster, take egg-bearing
      Lobster, sell/offer uncooked dead
      Mayhem
      Pond/reservoir, drain without notice

      I'm sure at least one of these would stick.
      funny had me for a second
    1. idiom's Avatar
      idiom -
      To Wit, the NSA already has the source code and the private key.
    1. FindLiberty's Avatar
      FindLiberty -
      Memo to Apple emplyees: Eat it, chew swallow poop and then flush the cache!

      productsCache.Flush();
    1. ghengis86's Avatar
      ghengis86 -
      Quote Originally Posted by idiom View Post
      To Wit, the NSA already has the source code and the private key.
      They just want to make the evidence admissible in court, thus making all pilfered data allowable instead of making up fake reasons on how they got it 'legally'
    1. Son_of_Liberty90's Avatar
      Son_of_Liberty90 -
      Quote Originally Posted by ghengis86 View Post
      They just want to make the evidence admissible in court, thus making all pilfered data allowable instead of making up fake reasons on how they got it 'legally'
      Exactly. Their deceiving tactics are straight out of a fiction novel. They're scum beyond repute.
    1. muh_roads's Avatar
      muh_roads -
      I am so sick of these bull$#@! lies by the FBI. The Feds have the phone in their possession and that is more than enough. You take the phone apart and with the help of a hardware engineer and a software engineer they can break in. Kids do this all the time when they solder in a modchip in a game console to bypass security features.
    1. brushfire's Avatar
      brushfire -
      They already have access to the hardware required to attack/clone the device. Not to mention, the NSA data - Obama confirms this.

      This is not about encryption, or the phone, its about setting a precedence and controlling a private company.
    1. DamianTV's Avatar
      DamianTV -
      Fascism - merger of corporate and state. Corporations run the govt, and govts run the companies. ... into the ground.

      Yeah, once Apple's IOS source is "legally" pilfered by the govt, I wonder what that will do to Apple's reputation as a company that sells products that you can have some small degree of privacy or anonymity with? I wonder what that will do to all other tech based US companies? Hmm, let me just rub my crystal balls together...
    1. jmdrake's Avatar
      jmdrake -
      And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.
    1. donnay's Avatar
      donnay -
      "National Security!"

      There's no free market.
    1. DamianTV's Avatar
      DamianTV -
      Quote Originally Posted by jmdrake View Post
      And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.
      +Rep

      Only thing to not blindly hand over is the encryption keys.

      For those who dont understand what an encrption key is, I'll briefly explain. In order to decrypt something, a Key needs to be used so that the information can be retreived. It can be something as simple as an alphanumeric key. A=1, B=2, C=3. Thats basically what a key is. A Hash is a bit different. Hashes are NOT supposed to be decrypted. Hashes are useful when comparing an unknown element and comparing it to the already hashed version of the data. Lets say you had a password of "Fido1-1-2012". When a one way Hash is applied it comes up with something like a1c2b3d4blabla. When a user comes along and puts in the password, that password is also Hashed, and the output is compared to the hashed string. If the hashed values match, the user put in the correct password, but if hashed values dont match, then the original password is also expected to be incorrect. Basically, on server side, its not comparing "Fido1-1-2012", its comparing a1c2b3d4blabla to a1c2b3d4blabla, which is what will result if the correct password is entered.
    1. thetruthhurtsthefed's Avatar
      thetruthhurtsthefed -
      Didn't Blackberry almost go under for the same reason? The original owners would not give up the source code or algorithm for their encryption....
    1. osan's Avatar
      osan -

      If Apple loses this battle, the software industry will be screwed, as will the rest of us. Lots of people have no idea what this represents.
    1. osan's Avatar
      osan -
      Quote Originally Posted by brushfire View Post
      They already have access to the hardware required to attack/clone the device. Not to mention, the NSA data - Obama confirms this.

      This is not about encryption, or the phone, its about setting a precedence and controlling a private company.
      This is on the money.
    1. DamianTV's Avatar
      DamianTV -
      Quote Originally Posted by osan View Post
      If Apple loses this battle, the software industry will be screwed, as will the rest of us. Lots of people have no idea what this represents.
      The FedGov is willing to lose a war to win one battle.

      This is the exact reason why so many have lost confidence in the electorate. It is that very same shortsightedness that has cost us our jobs, our way of life, our rights, our respect, our responsibility, our spirit. Instead of planning out for the long game, our leaders look for the quick buck and the laziest way to achieve things regardless of the long term consequences. Sacrifice our entire future for whatever seems important in the present.

      If they do this, the entire tech industry in the US will be considered by the rest of the world to be less trustworthy than a tech industry run by North Korea.
    1. osan's Avatar
      osan -
      Quote Originally Posted by jmdrake View Post
      And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.
      I meant to address this earlier. I agree. If the security algorithms are correct, Theye can have all the source code they want; it will avail them nothing.

      The real problem is the algorithm. Thus far, true randomness and true one-way functions are things of which one dreams. Even one-time pads can be cracked. The methods used are so counterintuitive that most would never imagine them. Then there is the quantum computer, against which it is theorized there is no defense.

      As a matter of technology, it may be a forgone conclusion that privacy will become a thing of the part - all else equal, which is often not the case. But given the current status quo, open source is the way to go because branches and deltas can be reviewed by one and all. Assuming algorithms equal to their ostensible purposes, competent analysts may determine the integrity of a given implementation to said purpose.

      That all said, the lines have been drawn for better or worse. Apple has chosen proprietary means and the DoJ, et al, have made their demands known. One party must prevail and I hope to hell it is not "government". I do, however, question the mechanics of the follow-through on the threats made. What will DoJ do, send in paramilitary teams to physically seize the assets in question? To that possibility, I would hope that Apple would have a monster server plantation offshore in full mirror of their front-line production systems such that the former could be brought immediately to the fore as a self-destruct command was propagated through the machines operating in the trenches. Were I running Apple, I would be on the warpath as this is typed, making damned certain that Theye got nothing of value from us.

      There is yet another question, however. Even if Theye obtain that which they seek, what of it? Assuming sound algorithms and their implementations, there is nothing in the code that is going to help them decrypt the phones in question, and I mean NOTHING. The only possible value to Themme would come in the form of backdoors built into the code, which would then have to be returned to Apple. Then, of course, Theye would have to force Apple to sell that hacked product. This would be either known or suspected and Apple would go tits-up shortly thereafter, unless of course they diversified into toasters or erasers for pencils.

      Barring some technology unknown in Theire hands, those phones are likely to remain opaque to the prying eyes of the hubris-poisoned bastards at Doj. Getting what they demand, however, sets a number of other precedents that should have people's blood running very much colder in their veins.


    Sign up for a free account to add your comment!





    Continue / discuss in the forums Read More

  • Follow us on Twitter! Like us on Facebook! Subscribe to our top news RSS Feed! New! Subscribe to us on YouTube!