Snowden on FBI and Apple

[Preacher]

Edward Snowden on Twitter

Hit the nail right on the head.

 

[waltky]

4 to the 4th power number of combinations...

How an Apple Passcode Has Foiled the FBI
Feb 18, 2016 - Four numbers hardly seem like a foolproof way to protect a smartphone.

But that's likely what has stumped federal law enforcement, who have been unable to break into the iPhone 5C used by one of the San Bernardino shooters. That has led to a standoff between Apple and the FBI over the agency's right to access the device's contents -- and its power to compel Apple to help it do so. Password-protecting an iPhone seemed unnecessary in the early smartphone days, when most devices contained little more than contacts and music. But as smartphones evolved into powerful mini-computers storing troves of personal, location and financial data, the need to safeguard them has soared. Phones today are better protected than they've ever been. "You have to go out of your way to not have a passcode," said Eric Burger, director of the Georgetown University Center for Secure Communications. "We're much better off."

The increased use of passwords may be keeping out hackers or jealous boyfriends, but now authorities are finding themselves locked out, too. The FBI's dilemma in the San Bernardino terror investigation has demonstrated how powerful these digital locks can be and could prompt more people to use them. "The tools of the good guys have gotten a lot more powerful, stronger and with a lot more capability," Burger said. The problem is the tools are available to everyone, including terrorists. As smartphone theft blossomed worldwide, consumers were urged to turn on features enabling them to identify the real-time location of the phone and delete its contents over the Internet.

The increased use of passwords may be keeping out hackers or jealous boyfriends, but now authorities are finding themselves locked out, too.The increased use of passwords may be keeping out hackers or jealous boyfriends, but now authorities are finding themselves locked out, too.​

Smartphone makers even require a passcode, at minimum, if users want to use their phones as mobile wallets that store digital copies of credit cards. "It's your banking information, who you had lunch with, where you've been," Burger said. "People are realizing criminals are using that information to clear out your bank account." Apple added an extra layer of security in 2013 when it introduced Touch ID, a fingerprint scanner that allows users to unlock their phones by pressing their fingerprint to the home button. Last year, Apple upped its security even more and remains the toughest device for outsiders to penetrate.

It increased the default passcode length to six characters from four, making them more difficult to crack. Apple also has deterred hackers from making multiple guesses. A security setting wipes an iPhone's data clean after 10 incorrect tries. That limit is what's stymieing FBI officials, who fear that if they keep trying to break into San Bernardino shooter Syed Rizwan Farook's iPhone 5C, they risk destroying all the content they're after. Other smartphone companies have touted their phones' security options in recent years. Samsung's Knox feature locks data under a separate password into a harder-to-access layer of the smartphone. Microsoft pitches a phone to business customers that gives corporate officials new powers to secure employees' devices.

MORE

 

[waltky]

FBI breaks into dead gunman's iPhone...

FBI-Apple case: Investigators break into dead San Bernardino gunman's iPhone
Tue, 29 Mar 2016 - The FBI says it has cracked the encryption on an iPhone used by an Islamist gunman, and drops its legal action against Apple.

The FBI has managed to unlock the iPhone of the San Bernardino gunman without Apple's help, ending a court case, the US justice department says. Apple had been resisting a court order issued last month requiring the firm to write new software to allow officials to access Rizwan Farook's phone. But officials on Monday said that it had been accessed independently and asked for the order to be withdrawn. Rizwan Farook and his wife killed 14 people in San Bernardino in December. They were later shot dead by police. US officials said Mr Farook's wide, Tashfeen Malik, pledged allegiance to the so-called Islamic State on social media on the day of the shooting.

Uncle Ferd wonderin' if it's like with dogs, the uglier dey are, the cuter dey are?[/center]

Last week, prosecutors said "an outside party" had demonstrated a possible way of unlocking the iPhone without the need to seek Apple's help. A court hearing with Apple was postponed at the request of the justice department, while it investigated new ways of accessing the phone. At the time, Apple said it did not know how to gain access, and said it hoped that the government would share with them any vulnerabilities of the iPhone that might come to light. On Monday a statement by Eileen Decker, the top federal prosecutor in California, said investigators had received the help of "a third party", but did not specify who that was.

Investigators had "a solemn commitment to the victims of the San Bernardino shooting", she said. "It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with co-operation from relevant parties, or through the court system when co-operation fails," the statement added. Responding to the move, Apple said: "From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. This case should never have been brought." The company said it would "continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated".

MORE

 

[waltky]

Secret not likely to stay secret for long...

FBI trick for breaking into iPhone likely to leak, limiting its use
Sat Apr 2, 2016 - The FBI's method for breaking into a locked iPhone 5c is unlikely to stay secret for long, according to senior Apple Inc engineers and outside experts.

Once it is exposed, Apple should be able to plug the encryption hole, comforting iPhone users worried that losing physical possession of their devices will leave them vulnerable to hackers. When Apple does fix the flaw, it is expected to announce it to customers and thereby extend the rare public battle over security holes, a debate that typically rages out of public view. The Federal Bureau of Investigation last week dropped its courtroom quest to force Apple to hack into the iPhone of one of the San Bernardino shooters, saying an unidentified party provided a method for getting around the deceased killer's unknown passcode.

If the government pursues a similar case seeking Apple’s help in New York, the court could make the FBI disclose its new trick. But even if the government walks away from that battle, the growing number of state and local authorities seeking the FBI’s help with locked phones in criminal probes increases the likelihood that the FBI will have to provide it. When that happens, defense attorneys will cross-examine the experts involved.

A new Apple iPhone 5C is on display at a Verizon store in Orem, Utah​

Although each lawyer would mainly be interested in whether evidence-tampering may have occurred, the process would likely reveal enough about the method for Apple to block it in future versions of its phones, an Apple employee said. "The FBI would need to resign itself to the fact that such an exploit would only be viable for a few months, if released to other departments," said Jonathan Zdziarski, an independent forensics expert who has helped police get into many devices. "It would be a temporary Vegas jackpot that would quickly get squandered on the case backlog." In a memo to police obtained by Reuters on Friday, the FBI said it would share the tool "consistent with our legal and policy constraints."

Even if the FBI hoards the information - despite a White House policy that tilts toward disclosure to manufacturers - if it is not revealed to Apple, there are other ways the method could come to light or be rendered ineffective over time, according to Zdziarski and senior Apple engineers who spoke on condition of anonymity. The FBI may use the same method on phones in cases in which the suspects are still alive, presenting the same opportunity for defense lawyers to pry. In addition, the contractor who sold the FBI the technique might sell it to another agency or country. The more widely it circulates, the more likely it will be leaked. “Flaws of this nature have a pretty short life cycle,” one senior Apple engineer said. “Most of these things do come to light.”

MORE

 

[waltky]

Mebbe dey just want to win the appeal to set precedent?...

Apple opposes U.S. appeal over iPhone in New York drug case
Apr 15 2016 - Apple Inc said the U.S. government had failed to show a continued need for its help accessing a locked iPhone in a New York drug case after a third party came forward with a solution to crack a different phone belonging to one of the shooters in December's San Bernardino killings.

Apple Inc said the U.S. government had failed to show a continued need for its help accessing a locked iPhone in a New York drug case after a third party came forward with a solution to crack a different phone belonging to one of the shooters in December's San Bernardino killings. The technology company made the argument in a brief filed in federal court in the New York City borough of Brooklyn on Friday, a week after the U.S. Department of Justice said it would push forward with its appeal of a federal magistrate's ruling saying he could not force the company to assist authorities. The government's decision to continue appealing the February ruling at a higher level, to U.S. District Judge Margo Brodie, came after an outside party provided the U.S. Federal Bureau of Investigation a way to access the phone in the San Bernardino case without Apple's help.

In its brief, Apple argued the government had not said if it had tried to use the secret method from the San Bernardino case on the iPhone in the drug case, nor if authorities had consulted with the unnamed third party or anyone else about it. Apple, which reiterated many of its other legal arguments in the case, said the government "has utterly failed to satisfy its burden to demonstrate that Apple’s assistance in this case is necessary." The Justice Department, in a statement, noted that some 70 times before the Brooklyn case emerged, Apple had helped authorities access data on iPhones. "Indeed, Apple has said it would take them only a few hours to open this kind of phone, because they already have a mechanism that would allow them to do so," the Justice Department said.

A worker checks an iPhone in a repair store in New York​

Prosecutors are challenging a Feb. 29 ruling by U.S. Magistrate Judge James Orenstein holding he did not have the authority to order Apple to disable the security of an iPhone seized in a drug probe. That case has taken a higher profile after prosecutors dropped their effort to get Apple's help accessing the phone of Rizwan Farook, one of the two killers in the San Bernardino massacre, which left 14 people dead and 22 wounded, after a third party provided the FBI a method to crack it.

FBI Director James Comey said last week that the method used on the San Bernardino iPhone 5c would not work on other models, including the iPhone 5s, the type in the Brooklyn case. That phone belonged to Jun Feng, who has pleaded guilty to participation in a methamphetamine distribution conspiracy, which prosecutors are continuing to investigate. Unlike the phone used in San Bernardino, Feng's phone had an older operating system, iOS 7, which is not protected under the same encryption technology, which is why Apple could access it.

Apple opposes U.S. appeal over iPhone in New York drug case

 

[waltky]

Feds drop New York fight with Apple after gaining access to iPhone...

U.S. drops New York fight with Apple after gaining access to iPhone
Apr 22 2016 - The U.S. Justice Department on Friday dropped its effort to force Apple Inc to help unlock an iPhone in a drug case in New York after someone provided authorities the passcode to access the device.

In a letter filed in federal court in Brooklyn, New York, prosecutors said that investigators late on Thursday used that passcode to access the iPhone at issue, and as a result "no longer needs Apple's assistance." The letter marked a sudden end to a closely watched case, in which the Justice Department had been appealing a ruling by a federal magistrate judge holding that he could not force Apple to assist authorities. The case gained further significance after prosecutors in March dropped a similar effort to force Apple to help access an iPhone used by one of the shooters in December's San Bernardino killings, after a third party provided a way to crack it. Justice Department spokeswoman Emily Pierce said the cases have "never been about setting a court precedent; they are about law enforcement's ability and need to access evidence on devices pursuant to lawful court orders and search warrants." An Apple spokesman declined comment. Previously, the company had argued in court that prosecutors had not provided any evidence to bolster their claim that they had exhausted other methods to get data from the phone. Apple said it was not even clear that they had asked the suspect and his associates.

Though officials said the passcode had just come to light, the development marks the second time the federal government has dropped a contentious fight over the extent of its power over private companies after Apple pressed it to say what methods it had tried. Prosecutors had been challenging a Feb. 29 ruling by U.S. Magistrate Judge James Orenstein holding he did not have the authority to order Apple to disable the security of an iPhone seized in a drug probe. The case predated the government effort to force Apple to help access the phone of Rizwan Farook, one of the two killers in the San Bernardino massacre, which left 14 people dead and 22 wounded. While the Justice Department dropped that bid after a third party provided a way to access the San Bernardino phone - apparently for more than $1 million - it continued appealing Orenstein's ruling. FBI Director James Comey has said that the method used on the San Bernardino iPhone 5c would not work on other models, including the iPhone 5s, the type in the Brooklyn case.

Details are pictured on the backside of an Apple Iphone 6 on a table in a restaurant in Hanau, Germany​

The phone belonged to Jun Feng, who has pleaded guilty to participation in a methamphetamine distribution conspiracy, which prosecutors are continuing to investigate. Unlike the phone used in San Bernardino, Feng's phone had an older operating system, iOS 7, which is not protected under the same encryption technology, which is why Apple could access it. Apple has some 70 times before the Brooklyn case emerged helped authorities access data on iPhones, according to court filings. The company changed its stance last year after the New York magistrate invited them to argue whether the Justice Department was stretching the more than 200-year-old and very general All Writs Act, which compels help executing warrants, to include more active assistance. Apple said prosecutors were going too far, especially since Congress had more recently limited what communications providers could be compelled to do.

Magistrate Orenstein agreed. Though prosecutors have continued to push for mandated cooperation, in many cases under seal, Apple has been objecting and appealing. The New York case has drawn less attention than the one in California, but the fact that a ruling favorable to Apple has been allowed to stand gives it more significance going forward. While the FBI is continuing to fight in other courts, more attention has turned to a draft bill by leaders of the Senate Intelligence Committee that would force all manner of companies to turn over unencrypted data when served with a court order. The majority of the technology industry bitterly opposes the measure, arguing that requiring back doors would make all communication more vulnerable to hackers and that U.S. citizens and companies would simply get their encryption from providers in other countries.

U.S. drops New York fight with Apple after gaining access to iPhone