DOJ Threatens To Seize iOS (Apple) Source Code

Published on 03-15-2016 07:21 PM

https://apple.slashdot.org/story/16/...os-source-code

The DoJ is demanding that Apple create a special version of iOS with removed security features that would permit the FBI to run brute-force passcode attempts on the San Bernardino shooter's iPhone 5c. Meanwhile, President Barack Obama has made public where he stands on the Apple vs. FBI case, which has quickly become a heated national debate. In the court papers, DoJ calls Apple's rhetoric in the San Bernardino standoff as "false" and "corrosive" because the Cupertino firm dared suggest that the FBI's court order could lead to a "police state." Footnote Nine of DoJ's filing reads:

"For the reasons discussed above, the FBI cannot itself modify the software on the San Bernardino shooter's iPhone without access to the source code and Apple's private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers."

As Fortune's Philip-Elmer DeWitt rightfully pointed out, that's a classic police threat. "We can do this [the] easy way or the hard way. Give us the little thing we're asking for -- a way to bypass your security software -- or we'll take [the] whole thing: your crown jewels and the royal seal too," DeWitt wrote. "With Apple's source code, the FBI could, in theory, create its own version of iOS with the security features stripped out. Stamped with Apple's electronic signature, the Bureau's versions of iOS could pass for the real thing," he added.

23 Comments

puppetmaster - 03-15-2016, 06:19 PM
- Reply
$#@! the doj

presence - 03-15-2016, 06:56 PM
- Reply
so what crime did apple commit again?

TheTexan - 03-15-2016, 07:18 PM
- Reply
Originally Posted by presence

so what crime did apple commit again?

Perhaps one of these?

Disguise to obstruct justice
Material support for terrorism
Aiding and abetting
Interfering with a police officer
Sightseeing tours by automobile; unlicensed
Railroad employ inexperienced personnel
Municipal light co conflict of interest
Employing armed guards during a strike
Manufacture/sale of novelty lighters
Union organizing, improper payment/solicitation
Dog order, disobey (c. 140 s. 157a)
Theatrical agent, unlicensed
Hunt with Ferret/Fitch
Paint, mislabelled (c.94 s.291)
Bakery allow sleeping
Fire doors locked during business hours
Forest warden, fail to aid
Fornication
Frozen desserts, mislabeled
Loan secured by firearm
Lobster, take egg-bearing
Lobster, sell/offer uncooked dead
Mayhem
Pond/reservoir, drain without notice

I'm sure at least one of these would stick.

DamianTV - 03-15-2016, 07:18 PM
- Reply
Originally Posted by presence

so what crime did apple commit again?

Terrorism by Encryption! Duh!

puppetmaster - 03-15-2016, 07:32 PM
- Reply
Originally Posted by TheTexan

Perhaps one of these?

Disguise to obstruct justice
Material support for terrorism
Aiding and abetting
Interfering with a police officer
Sightseeing tours by automobile; unlicensed
Railroad employ inexperienced personnel
Municipal light co conflict of interest
Employing armed guards during a strike
Manufacture/sale of novelty lighters
Union organizing, improper payment/solicitation
Dog order, disobey (c. 140 s. 157a)
Theatrical agent, unlicensed
Hunt with Ferret/Fitch
Paint, mislabelled (c.94 s.291)
Bakery allow sleeping
Fire doors locked during business hours
Forest warden, fail to aid
Fornication
Frozen desserts, mislabeled
Loan secured by firearm
Lobster, take egg-bearing
Lobster, sell/offer uncooked dead
Mayhem
Pond/reservoir, drain without notice

I'm sure at least one of these would stick.

funny had me for a second

idiom - 03-15-2016, 07:54 PM
- Reply
To Wit, the NSA already has the source code and the private key.

FindLiberty - 03-15-2016, 08:10 PM
- Reply
Memo to Apple emplyees: Eat it, chew swallow poop and then flush the cache!

productsCache.Flush();

ghengis86 - 03-15-2016, 08:14 PM
- Reply
Originally Posted by idiom

To Wit, the NSA already has the source code and the private key.

They just want to make the evidence admissible in court, thus making all pilfered data allowable instead of making up fake reasons on how they got it 'legally'

Son_of_Liberty90 - 03-15-2016, 08:30 PM
- Reply
Originally Posted by ghengis86

They just want to make the evidence admissible in court, thus making all pilfered data allowable instead of making up fake reasons on how they got it 'legally'

Exactly. Their deceiving tactics are straight out of a fiction novel. They're scum beyond repute.

muh_roads - 03-16-2016, 03:03 PM
- Reply
I am so sick of these bull$#@! lies by the FBI. The Feds have the phone in their possession and that is more than enough. You take the phone apart and with the help of a hardware engineer and a software engineer they can break in. Kids do this all the time when they solder in a modchip in a game console to bypass security features.

brushfire - 03-16-2016, 03:17 PM
- Reply
They already have access to the hardware required to attack/clone the device. Not to mention, the NSA data - Obama confirms this.

This is not about encryption, or the phone, its about setting a precedence and controlling a private company.

DamianTV - 03-16-2016, 04:57 PM
- Reply
Fascism - merger of corporate and state. Corporations run the govt, and govts run the companies. ... into the ground.

Yeah, once Apple's IOS source is "legally" pilfered by the govt, I wonder what that will do to Apple's reputation as a company that sells products that you can have some small degree of privacy or anonymity with? I wonder what that will do to all other tech based US companies? Hmm, let me just rub my crystal balls together...

jmdrake - 03-16-2016, 05:20 PM
- Reply
And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.

donnay - 03-16-2016, 05:22 PM
- Reply
"National Security!"

There's no free market.

DamianTV - 03-16-2016, 06:34 PM
- Reply
Originally Posted by jmdrake

And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.

+Rep

Only thing to not blindly hand over is the encryption keys.

For those who dont understand what an encrption key is, I'll briefly explain. In order to decrypt something, a Key needs to be used so that the information can be retreived. It can be something as simple as an alphanumeric key. A=1, B=2, C=3. Thats basically what a key is. A Hash is a bit different. Hashes are NOT supposed to be decrypted. Hashes are useful when comparing an unknown element and comparing it to the already hashed version of the data. Lets say you had a password of "Fido1-1-2012". When a one way Hash is applied it comes up with something like a1c2b3d4blabla. When a user comes along and puts in the password, that password is also Hashed, and the output is compared to the hashed string. If the hashed values match, the user put in the correct password, but if hashed values dont match, then the original password is also expected to be incorrect. Basically, on server side, its not comparing "Fido1-1-2012", its comparing a1c2b3d4blabla to a1c2b3d4blabla, which is what will result if the correct password is entered.

thetruthhurtsthefed - 03-17-2016, 08:41 AM
- Reply
Didn't Blackberry almost go under for the same reason? The original owners would not give up the source code or algorithm for their encryption....

osan - 03-17-2016, 12:53 PM
- Reply
Originally Posted by DamianTV

https://apple.slashdot.org/story/16/...os-source-code

If Apple loses this battle, the software industry will be screwed, as will the rest of us. Lots of people have no idea what this represents.

osan - 03-17-2016, 12:59 PM
- Reply
Originally Posted by brushfire

They already have access to the hardware required to attack/clone the device. Not to mention, the NSA data - Obama confirms this.

This is not about encryption, or the phone, its about setting a precedence and controlling a private company.

This is on the money.

DamianTV - 03-17-2016, 03:19 PM
- Reply
Originally Posted by osan

If Apple loses this battle, the software industry will be screwed, as will the rest of us. Lots of people have no idea what this represents.

The FedGov is willing to lose a war to win one battle.

This is the exact reason why so many have lost confidence in the electorate. It is that very same shortsightedness that has cost us our jobs, our way of life, our rights, our respect, our responsibility, our spirit. Instead of planning out for the long game, our leaders look for the quick buck and the laziest way to achieve things regardless of the long term consequences. Sacrifice our entire future for whatever seems important in the present.

If they do this, the entire tech industry in the US will be considered by the rest of the world to be less trustworthy than a tech industry run by North Korea.

osan - 03-18-2016, 04:10 AM
- Reply
Originally Posted by jmdrake

And this is why open source rocks. If this was an open source solution Apple could say "Just go download it yourself twerps." Security through obscurity is inherently flawed.

I meant to address this earlier. I agree. If the security algorithms are correct, Theye can have all the source code they want; it will avail them nothing.

The real problem is the algorithm. Thus far, true randomness and true one-way functions are things of which one dreams. Even one-time pads can be cracked. The methods used are so counterintuitive that most would never imagine them. Then there is the quantum computer, against which it is theorized there is no defense.

As a matter of technology, it may be a forgone conclusion that privacy will become a thing of the part - all else equal, which is often not the case. But given the current status quo, open source is the way to go because branches and deltas can be reviewed by one and all. Assuming algorithms equal to their ostensible purposes, competent analysts may determine the integrity of a given implementation to said purpose.

That all said, the lines have been drawn for better or worse. Apple has chosen proprietary means and the DoJ, et al, have made their demands known. One party must prevail and I hope to hell it is not "government". I do, however, question the mechanics of the follow-through on the threats made. What will DoJ do, send in paramilitary teams to physically seize the assets in question? To that possibility, I would hope that Apple would have a monster server plantation offshore in full mirror of their front-line production systems such that the former could be brought immediately to the fore as a self-destruct command was propagated through the machines operating in the trenches. Were I running Apple, I would be on the warpath as this is typed, making damned certain that Theye got nothing of value from us.

There is yet another question, however. Even if Theye obtain that which they seek, what of it? Assuming sound algorithms and their implementations, there is nothing in the code that is going to help them decrypt the phones in question, and I mean NOTHING. The only possible value to Themme would come in the form of backdoors built into the code, which would then have to be returned to Apple. Then, of course, Theye would have to force Apple to sell that hacked product. This would be either known or suspected and Apple would go tits-up shortly thereafter, unless of course they diversified into toasters or erasers for pencils.

Barring some technology unknown in Theire hands, those phones are likely to remain opaque to the prying eyes of the hubris-poisoned bastards at Doj. Getting what they demand, however, sets a number of other precedents that should have people's blood running very much colder in their veins.