John Oliver Explains Why You Should Side With Apple Over The FBI Better Than Most Journalists

from the and-better-than-apple dept

You had to know this was coming eventually, but the latest John Oliver main story was his take on the Apple v. FBI encryption fight. If you haven't seen it yet, here it is:
Not surprisingly, Oliver's take is much clearer and much more accurate than many mainstream press reports on the issues in the case, appropriately mocking the many law enforcement officials who seem to think that, just because Apple employs smart engineers, they can somehow do the impossible and "safely" create a backdoor into an encrypted iPhone that won't have dangerous consequences. He even spends a bit of time reviewing the original Crypto Wars over the Clipper Chip and highlights cryptographer Matt Blaze's contribution in ending those wars by showing that the Clipper Chip could be hacked.

But the biggest contribution to the debate -- which I hope that people pay most attention to -- is the point that Oliver made in the end with his faux Apple commercial. Earlier in the piece, Oliver noted that this belief among law enforcement that Apple engineers can somehow magically do what they want is at least partially Apple's own fault, with its somewhat overstated marketing. So, Oliver's team made a "more realistic" Apple commercial which noted that Apple is constantly fighting security cracks and vulnerabilities and is consistently just half a step ahead of hackers with malicious intent (and, in many cases, half a step behind them).

This is the key point: Building secure products is very, very difficult and even the most secure products have security vulnerabilities in them that need to be constantly watched and patched. And what the government is doing here is not only asking Apple to not patch a security vulnerability that it has found, but actively forcing Apple to make a new vulnerability and then effectively forcing Apple to keep it open. For all the talk of how Apple can just create the backdoor just this once and throw it away, this more like asking Apple to set off a bomb that blows the back off all houses in a city, and then saying, "okay, just throw away the bomb after you set it off."

Hopefully, as in cases like net neutrality, Oliver's piece does it's job in informing the public what's really going on.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: doj, encryption, fbi, going dark, iphone, john oliver, matt blaze, security, vulnerabilities
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    That One Guy (profile), 14 Mar 2016 @ 11:17am

    The perfect counter to a stupid argument

    "When I hear the 'If we can put a man on the moon we can do this' I'm hearing an analogy almost as if we're saying 'If we can put a man on the moon, well surely we can put a man on the sun.'" -Matt Blaze

    link to this | view in thread ]

  2. identicon
    RightShark, 14 Mar 2016 @ 11:20am

    Re: The perfect counter to a stupid argument

    Why not put a man on the sun? we just have to go at night.

    link to this | view in thread ]

  3. icon
    Crazy Hong Kong Monkey (profile), 14 Mar 2016 @ 11:30am

    The video appears to be encrypted with the "Theuploaderhasnotmadethisvideoavialableinyourcountry" key. Do you think Apple could decrypt it for me?

    link to this | view in thread ]

  4. identicon
    nerdbert, 14 Mar 2016 @ 11:34am

    Engineering reaction

    As much as I liked the overall video, I have to say that the engineers' reaction to a hacker finding a flaw at the end of the segment is too optimistic. Normally the reactions are much more panicked and much more vehement, especially if the flaw is being actively exploited and you were the guy responsible for the code in question.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 14 Mar 2016 @ 12:00pm

    Wow

    Hilarious, and deeply informative without once being "technical" (and not a single mistake on the presenter's part that I could see, which is VERY unusual).

    If only education and pop-sci journalism in general were this well done.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 14 Mar 2016 @ 12:19pm

    Re: The perfect counter to a stupid argument

    Oliver actually uses that quote in his segment.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 14 Mar 2016 @ 12:30pm

    Re: Re: The perfect counter to a stupid argument

    What a coincidence.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 14 Mar 2016 @ 12:37pm

    whether i mean to or not, i'm beginning to nudge george carlin's star over just a bit in that high and far constellation to make room for one for john oliver.

    link to this | view in thread ]

  9. icon
    Mike Masnick (profile), 14 Mar 2016 @ 1:29pm

    Re: Wow

    Hilarious, and deeply informative without once being "technical" (and not a single mistake on the presenter's part that I could see, which is VERY unusual).

    If only education and pop-sci journalism in general were this well done.


    His staff reached out to a number of experts, including two people I know who are really, really good on encryption.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 14 Mar 2016 @ 1:31pm

    Worn tires on wet pavement slide and create accidents. This is a far more common event than having to open an encrypted phone. So why isn't the government demanding that car makers do away with tires on all vehicles? It would have far more effective result than demanding Apple create a new government OS for it's phones.

    Of course the car makers, tire makers, tire sellers, and tire shops are going to bitch, but hey automakers should be able to do anything they tell their engineers to come up with... /s

    link to this | view in thread ]

  11. identicon
    Anonymous Anonymous Coward, 14 Mar 2016 @ 1:39pm

    Re:

    "Of course the car makers, tire makers, tire sellers, and tire shops are going to bitch"
    Not nearly as much as insurance companies will. Wait till you see what they have to say about self driving vehicles.

    link to this | view in thread ]

  12. icon
    MSC (profile), 14 Mar 2016 @ 1:51pm

    I don't know what's more scary...

    The fact that the FBI might win their court case, or the fact that Lindsey Graham is the voice of reason in congress.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 14 Mar 2016 @ 1:51pm

    Re:

    No, because it isn't four digits long.

    link to this | view in thread ]

  14. icon
    Steve R. (profile), 14 Mar 2016 @ 1:53pm

    The Media Not Realizing That They Are Clueless Concerning Encryption

    Fox News this morning unbelievably continued to wage its erroneous biased war against the iPhone. In this case, there was a person who created third party software that allows communications to be encrypted. Fox News continued to rage how the encryption of the iPhone needs to be "broken" so law enforcement can examine the communications on an iPhone.

    Apparently Fox News was clueless to the fact that third party encryption software is different from the iPhone itself. Breaking the iPhone, will not magically give law enforcement access to the communications of terrorists using this third party software.

    Moreover, the existence of this third party encryption software means that the attack on the iPhone by law enforcement could be considered moot. Should the iPhone encryption be broken, the terrorists will simply adapt by using another form of encryption.

    What then security people? Essentially you have achieved nothing except create a security risk for law abiding people.

    To reiterate, unbreakable encryption is needed for legitimate business and personal reasons. Breaking it will only mean that the law abiding will become susceptible to security breaches and malicious hacking.

    link to this | view in thread ]

  15. identicon
    Anonymous Anonymous Coward, 14 Mar 2016 @ 2:05pm

    Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    Fox News isn't clueless. They are part and parcel of the same Rupert Murdoch empire that got nailed in the UK for scraping information off of peoples phones. They are likely doing, or want to do something similar here.

    The funny part of that is that they got in trouble for it in the UK. Probably because the government was jealous of their capability, or was incensed at their bringing the practice into the public's awareness.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 14 Mar 2016 @ 2:09pm

    Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    "Essentially you have achieved nothing except create a security risk for law abiding people."

    Let me work on that..

    "Essentially you have achieved nothing except further the cause of the endless war on terror, generate mega profits for the usual contractors, and keep many thousands of federal employees in plush pensions for ever and ever."

    Taht looks much better.

    "the law abiding will become susceptible to security breaches and malicious hacking"

    Of course. One can't make omelettes without breaking a few eggs. It's a shame and all that, but one must have one's priorities straight.

    link to this | view in thread ]

  17. icon
    Steve R. (profile), 14 Mar 2016 @ 2:51pm

    Re: Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    That may explain the endless stream of shills on Fox News only asserting that encryption only helps the terrorists, while blatantly ignoring the benefits of encryption for legitimate purposes.

    link to this | view in thread ]

  18. icon
    Leigh Beadon (profile), 14 Mar 2016 @ 3:20pm

    Re:

    Probably not an entirely fair comparison, because Carlin was one man and Oliver has a team of writers and researchers. But in simple terms of the quality of the satire they produce, I totally agree.

    link to this | view in thread ]

  19. identicon
    Rekrul, 14 Mar 2016 @ 6:00pm

    Re:

    The video appears to be encrypted with the "Theuploaderhasnotmadethisvideoavialableinyourcountry" key. Do you think Apple could decrypt it for me?

    No, but the PWN YouTube bookmarklet can do it for you;

    SD, MP4, 58MB
    https://www.sendspace.com/file/lassh6

    HD, MP4, 195MB
    https://www.sendspace.com/file/1fpk9v

    Download quickly, the file and/or this message may get deleted.

    link to this | view in thread ]

  20. identicon
    Rekrul, 14 Mar 2016 @ 6:03pm

    I'd show this video to my friend, but he probably would just dismiss the concerns of setting a precedent ("That's good!") and of the software getting out ("Not if they keep it in a safe place.") and would just say that Apple should unlock the phone themselves.

    link to this | view in thread ]

  21. icon
    Ryunosuke (profile), 14 Mar 2016 @ 7:58pm

    Re: Re: The perfect counter to a stupid argument

    so... what you are saying, is that the US Govt is making statements that North Korea is making?

    wait wait wait

    the USA, (one of) the most powerful nations on earth, with a sizable nuclear stockpile, is making bat-shit insane statements?

    THAT should scare the *FUCK* out of any sane person.

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 14 Mar 2016 @ 8:18pm

    going dark means stop using tech. you dont talk about murdering someone on the phone then take snap-chats of the body unless your OJ, organized crime, terrorist, and police figured this out awhile back.

    link to this | view in thread ]

  23. icon
    Whatever (profile), 14 Mar 2016 @ 8:46pm

    The video is great, but it's a perfect example of the mixing of issues to try to scare people about what the FBI has asked Apple to do.

    The FBI didn't ask for encryption to be broken, or for a patch that breaks encryption to be applied to every phone Apple ever made. That's bullshit. That's Apple's scaremongering script being recited almost word for word.

    Yes, Oliver got it right, the FBI wants unlimited shots at the passcode. But honestly, he brushed over it and made it a fast joke about remembering passcodes, and then went right back to ranting on about Apple being forced to destroy the encryption on every other phone in the world.

    It's an artful pack of Apple propaganda, and not much more. Gotta bet he's a fanboi.

    link to this | view in thread ]

  24. identicon
    ryuugami, 14 Mar 2016 @ 9:01pm

    Re:

    The FBI didn't ask for encryption to be broken, or for a patch that breaks encryption to be applied to every phone Apple ever made.

    Unfortunately, there is no magic that allows Apple to do exactly that. If they weaken the encryption for this one phone, it's weakened for all iPhones of that generation. No matter what Apple marketing would like you to think, iPhones are mass produced, not lovingly crafted by hand, each phone a unique work of art.

    I know neither you nor FBI understand technology and think Apple can just command their flock of wizards to do your bidding, but please keep your fanfics to yourself. Out here in the real world you could do a lot of damage with that powerful imagination of yours.

    Your post is an artful pack of government propaganda, and not much more. Gotta bet you're a fanboi.

    link to this | view in thread ]

  25. icon
    Whatever (profile), 14 Mar 2016 @ 10:13pm

    Re: Re:

    "Unfortunately, there is no magic that allows Apple to do exactly that. If they weaken the encryption for this one phone, it's weakened for all iPhones of that generation. No matter what Apple marketing would like you to think, iPhones are mass produced, not lovingly crafted by hand, each phone a unique work of art."

    Nonsense. Apple controls the update system, they would not and will not be forced to apply the same patch to every other phone out there. Moreover, their strict control on updates (go outside the box, you own an expensive brick) means that the patch ain't going out in the wild.

    "Your post is an artful pack of government propaganda, and not much more."

    You aren't even a very good troll. Gotta bet your a Mike Fanboi. ;)

    link to this | view in thread ]

  26. icon
    JMT (profile), 15 Mar 2016 @ 12:24am

    Re:

    Your Apple hatred is getting really tiring. You offer nothing to the discussion except attacks on Apple, completely missing the bigger, far more important issues.

    link to this | view in thread ]

  27. icon
    Whatever (profile), 15 Mar 2016 @ 1:40am

    Re: Re:

    JMT, I understand the biggest issues. What you aren't understanding is that this issue isn't connected to the bigger issues. The FBI request is NARROW, it is FOCUSED, and it is for something that does not harm, change, or any way backdoor the encryption.

    Most importantly: The special OS patch (because it will be just a minor patch) won't get rolled out every Apple phone in the world. The small change (likely something to reset an attempt counter back to zero every couple of milliseconds) is just that, a small change to a single phone.

    I understand the biggest issues, and that is a separate debate. Apple is trying to link the two in order to avoid dealing with simple issue that their short pincode system essentially defeats all of their encryption. If Apple could just fess up to that and deal with it, the rest of the debate might be easier to swallow.

    link to this | view in thread ]

  28. icon
    Gal Or (profile), 15 Mar 2016 @ 1:59am

    credit to his sizable team of writers :)

    where its due. It always annoyed me, even when he acted on the Daily Show, that the presenters get all the credit, and the show's writers get none.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 15 Mar 2016 @ 2:59am

    Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    Sort of. unfeaibly breakable encryptionis the primary goal. The reason why it needs to be unfeasible is so that very few of the world's fascist agents can crack the encryption for a good long while.

    link to this | view in thread ]

  30. icon
    That One Guy (profile), 15 Mar 2016 @ 3:04am

    Re: Re: Re:

    The FBI request is NARROW, it is FOCUSED, and it is for something that does not harm, change, or any way backdoor the encryption.

    The 'request' is for Apple to create custom code for the express purpose of removing security features. If Apple can be forced to do that here then it's not a stretch at all to expect that it's only a matter of time until they're presented with a 'request' to decrypt data or ensure that they can do so whenever presented with 'a lawfully given order', especially as the DOJ/FBI is already arguing that Apple specifically implemented their security features in order to avoid being able to do so.

    When the government's legal filings already include a demonization of encryption by claiming that it's implemented primarily to avoid warrants it's a stretch not to think that an order to remove security in one case won't lead to the very thing happening more later on, especially when you've got other groups sending in support for the FBI/DOJ making it clear that if Apple can be forced in this case they will use the precedent in other cases.

    Most importantly: The special OS patch (because it will be just a minor patch) won't get rolled out every Apple phone in the world.

    Strawman argument, no-one's saying it would be. What people are saying is that with the multitude of 'requests' to undermine and/or remove security that Apple will be presented with if they are forced to do so here it's not a matter of 'if' those 'patches' will leak, but 'when', making things less secure for everyone. Not to mention the idea that a company should be allocating resources deliberately undermining security, when companies should be doing the absolutely opposite is just asking for trouble

    The small change (likely something to reset an attempt counter back to zero every couple of milliseconds) is just that, a small change to a single phone.

    That 'small change' is estimated by Apple to require half a dozen people working for a month to create, and that's just for this case. If the precedent is set that they can be compelled to do this then they are going to be very busy making 'small changes' for everyone that comes knocking, either starting from scratch each time and making patches that only work on one phone, or making a patch that works for a large number of phones and keeping it for future 'requests', which opens up hefty problems for when that patch is leaked.

    Speaking of 'small change' however, if your argument is that it's not that difficult so they should just do it, wasn't that long ago that an article was posted here on TD talking about how the FBI almost certainly already has the capabilities to bypass the password restriction with just a little tinkering with the hardware. That sounds like a pretty easy process to me, and would likely take less time than waiting for Apple, so if there really is sensitive and valuable data on the phone they should have skipped the court case entirely and gone with that route.

    Of course let's not forget that this could have been avoided entirely had the FBI not monumentally screwed up by letting the public root through the home of the perpetrators of an active case, followed by their bungling that resulted in the device password being reset in the first place. Not Apple's fault the FBI is so freakin' incompetent, so don't see why they should be forced to step in and clean up the FBI's mess.

    Apple is trying to link the two in order to avoid dealing with simple issue that their short pincode system essentially defeats all of their encryption.

    That 'simple' pincode system is apparently enough to stop the FBI/DOJ cold(helped along by the fact that both are so lazy).

    Of course even if the password system were flawless what stops the DOJ, FBI or any other agency from going to Apple and demanding 'Remove the requirement to enter the password'? Right now the limit on attempts is what's stopping them, if something else like encryption is what keeps them from accessing the data in another case, and they've got a precedent that they can force a company to remove security features that keep them from otherwise 'protected' data, then the fight is already mostly won for them.

    1) Companies can be compelled to remove security features that prohibits access to data.
    2) Encryption is a security feature that prohibits access to data.
    3) Therefore companies can be compelled to remove or bypass the encryption that they implemented to allow access to the data.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 15 Mar 2016 @ 3:51am

    Re:

    Its also on the Last Week Tonight facebook page - no restrictions.

    link to this | view in thread ]

  32. icon
    klaus (profile), 15 Mar 2016 @ 4:28am

    Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    "...third party encryption software is different from the iPhone itself. Breaking the iPhone, will not magically give law enforcement access to the communications of terrorists using this third party software."

    My take on this is that the goal is to access the endpoints. The easiest way to defeat encryption is not to brute force decrypt (which is hard, if not outright impossible) but to access an endpoint, and thereby gain access to the plaintext. This case against Apple is a step in that direction.

    link to this | view in thread ]

  33. identicon
    Anonymous Coward, 15 Mar 2016 @ 4:38am

    Re: Re: Re: Re:

    … the FBI almost certainly already has the capabilities to bypass the password restriction with just a little tinkering with the hardware.
    The government is almost certainly misstating material facts. Should we conclude that there is a high probability the government is intentionally misstating material facts?

    That sounds like a pretty easy process to me.
    Has the government already tested the particular technique to which you're referring?

    Some of the other approaches that have been sketched out should not be characterized as “pretty easy”. The approaches that have the greatest probability of success —overwhelming odds— required advanced equipment, expertise, and a certain amount of care. In particular, one of the two techniques for running unsigned code on the A6 processor would require substantial reverse engineering effort. Even the second, less-invasive technique would require information about the off-processor bus architecture that I have not found in the open literature, and thus may need to be reverse engineered.

    link to this | view in thread ]

  34. icon
    That One Guy (profile), 15 Mar 2016 @ 5:47am

    Re: Re: Re: Re: Re:

    The government is almost certainly misstating material facts. Should we conclude that there is a high probability the government is intentionally misstating material facts?

    Oh they wouldn't necessarily have to lie directly, they could simply lie by omission. They could claim that they cannot do A without (forced) assistance from Apple, and just 'forget' to mention that they can try B, C and D completely on their own.

    Has the government already tested the particular technique to which you're referring?

    Here's the article that discusses the technique I'm referring to. Put simply they remove the chip that contains the file system key, copy the data to another device, install the chip back in the phone and make the attempts. If they don't get it in those attempts they remove the chip, copy the original data back into it, which resets the counter, and then try again.

    Time consuming and a hassle to be sure, but assuming the idea is sound then it's simply a matter of how badly do they want the data and how much work are they willing to spend to get it. Unless the person who wrote about the technique was wildly off the FBI/DOJ does have a way to break into the phone, it would just take them a good deal of work to do it, and more importantly from their point of view wouldn't grant them the precedent they want so badly from this case.

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 15 Mar 2016 @ 6:06am

    Re: Re: Re: Re: Re: Re:

    … they wouldn't necessarily have to lie directly
    Stacey Perino declaration (Mar 9, 2016; Document 149-3) p.4-5 (p.312-3 in PDF):
    c. The data contained on the Subject Device can be decrypted only on the Subject Device. This is because the encryption key includes a unique identifier that exists only on the Subject Device. (Part D.) Because the decryption must occur on the Subject Device, and because only Apple-signed software can run on the Subject Device (Part B.2), any code or software tools needed to assist in testing passcodes (even code that includes components that already exist, Part C) must be signed by Apple.

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 15 Mar 2016 @ 6:09am

    Re: Re: Re: Re: Re: Re:

    Here's the article that discusses the technique I'm referring to.
    Thank you for the pointer to that article, I appreciate the courtesy. But you didn't address the question I asked—

    Has the government already tested that technique?

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 15 Mar 2016 @ 6:26am

    Re: Re: Re: Re: Re: Re:

    Oh they wouldn't necessarily have to lie directly
    Christopher Pluhar declaration (Feb 16, 2016) p.5 (p.25 in PDF):
    These features prevent the government from running any other software on the SUBJECT DEVICE to attempt to recover data.

    link to this | view in thread ]

  38. icon
    That One Guy (profile), 15 Mar 2016 @ 6:31am

    Re: Re: Re: Re: Re: Re: Re:

    Has the government already tested that technique?

    On this particular device, not as far as I'm aware, though unless I misread it the technique was pretty simple(if time-consuming) as far as it goes, so they should have no problem doing so if they wanted to.

    At this point however I'm firmly of the opinion that they're in it for the precedent, not the contents of the phone, and as such I wouldn't expect them to actually try to get the contents themselves, as that wouldn't give them the precedent they want.

    link to this | view in thread ]

  39. icon
    scatman09 (profile), 15 Mar 2016 @ 6:39am

    beware the ides of march

    1. If Apple is forced to decrypt now, they'll be forced to do so again, and again, and again...
    2. Apple isn't the only company making encryption software. We've been down this whack-a-mole road before. When metallica sued Napster, did file sharing stop?
    3. Whoever expects Apple to decrypt at the command of the government, should also expect no privacy with anything that they do online (emails, medical records [thanks President Obama], online purchases...the whole 9)
    4. Per usual, the terrorists win because we always attack each other after being attacked by the terrorists.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 15 Mar 2016 @ 6:50am

    Re: Re: Re: Re: Re: Re: Re: Re:

    pretty simple (if time-consuming)
    Imo, any reasonable engineer taking that particular approach would simply emulate the NAND flash, rather than attempting to repeatedly reattach an actual flash device.

    It's been awhile since I've worked with FPGAs, but I'm reasonably confident that an FPGA and some DRAM (and might still want to to pass through to actual flash for non-volatile data) would emulate the NAND flash with sufficient speed that there wouldn't be any need to slow clocks down.

    Of course, hacking together a NAND flash emulator would require some engineering effort. So, it'd be worth looking to see whether an off-the-shelf flash emulator would work in this application.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 15 Mar 2016 @ 7:00am

    Re: Re: Re: Re: Re: Re: Re: Re:

    I'm firmly of the opinion that they're in it for the precedent
    I posted a question in another recent article, but got not replies, so I'm going to repeat it here, in abbreviated form—

    Back on February 18, the New York Times reported:
    Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity.
    Do we believe this? Do we believe that Apple would have acceded to the government's request, had the application been made under seal?

    Imo, the confidence placed in this anonymously-sourced intelligence goes towards an assessment of the government's motives.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 15 Mar 2016 @ 7:38am

    Re: Re: Re: Re: Re: Re: Re: Re: Re:

    emulate the NAND flash
    In contrast, btw, simulating the baseband processor would probably not necessarily require emulating the actual capacity to make phone calls. A simulated baseband processor just has to convince the application processor that it's ok to boot up and load trusted code from “flash”.

    link to this | view in thread ]

  43. icon
    Paul Keating (profile), 15 Mar 2016 @ 7:51am

    Who says incription must be mass produced?

    2 things:

    1. I understand the FBI can complete a work-around by isolating the chip and using brute force without any assistance from Apple.

    2. Going out on a limb here and I'm not an encryption wiz. However, why does encryption need to be developed on a 1-size-fits-all basis? Why can't the underlying code be set so that it achieves a different result for each phone? sort of like a PGP approach. Admittedly difficult and expensive but that would remove Apple from the issue.

    I'm sure many of you can let me know how silly that idea is?

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 15 Mar 2016 @ 7:56am

    Re: Re: Re: Re: Re: Re: Re: Re:

    … not the contents of the phone
    Suppose that they've gamed this out, and expect Apple to ultimately prevail in court.

    Then, FBI and friends —through a massive PR effort— —involving fraud on the courts— would have just convinced the great bulk of the public to believe that a 4 digit pin is sufficient to protect their secrets against the motivated assault of a major nation-state.

    link to this | view in thread ]

  45. identicon
    Anonymous Coward, 15 Mar 2016 @ 7:59am

    Re: Who says incription must be mass produced?

    Why can't the underlying code be set so that it achieves a different result for each phone?
    I don't understand this question. What do you mean by “a different result for each phone”?

    link to this | view in thread ]

  46. identicon
    Anonymous Coward, 15 Mar 2016 @ 8:18am

    Re: Who says incription must be mass produced?

    1. I understand the FBI can complete a work-around by isolating the chip and using brute force without any assistance from Apple.
    Of the techniques for getting unsigned code to run on the A6, the one in which I have the highest degree of confidence involves isolating the application processor from simulated RAM. Due to the “Package-on-Package” stacking of the application processor die with the Elpida LPDDR2 RAM, that approach would require removing the outer package of the A6.

    So yeah, isolating the “chip”.

    link to this | view in thread ]

  47. icon
    PRMan (profile), 15 Mar 2016 @ 8:18am

    Re: Re: Re:

    It will be the most sought-after software in the entire world, both by foreign governments and by organized crime.

    If they get a copy they WILL hack it and gain entry to all iPhones.

    As a software developer that has done encryption software, Apple is 100% correct. You can't make encryption that just works for the good guys. It either works, or it doesn't.

    link to this | view in thread ]

  48. icon
    WDS (profile), 15 Mar 2016 @ 8:21am

    Accurate News

    It is a sad state of affairs when then most accurate reporting you can get on the important issues is on the satire shows. Granted they only do one show a week and dig deep into a few stories. Still "The Daily Show" "This Week Tonight", etc do more accurate reporting than any of the "True" news outlets with their repetitive sound bites and willingness to pass on press releases with almost no research into what are in them.

    link to this | view in thread ]

  49. identicon
    Anonymous Coward, 15 Mar 2016 @ 8:36am

    Re: Re: Re: Re:

    If they get a copy they WILL hack it and gain entry to all iPhones.
    Well, in the larger scheme of things, so what?

    If people trust the strength of a 4-digit pin when the physical hardware in the hands of a determined, capable, resourceful adversary… well…

    I mean, you don't even necessarily have to put a major nation-state as the adversary in your threat model. How about the resources and capabilities of a large multinational corporation? Say a Boeing-owned iPhone falls into Airbus hands.

    Just saying.

    link to this | view in thread ]

  50. icon
    That One Guy (profile), 15 Mar 2016 @ 9:06am

    Re: Re: Re: Re: Re: Re: Re: Re: Re:

    Do we believe this? Do we believe that Apple would have acceded to the government's request, had the application been made under seal?

    Possible, but unlikely I'd say, though a large part would depend on how far ahead Apple's lawyers were thinking. In the short term, folding and doing what the FBI/DOJ demanded is certainly cheaper than duking it out in court, but long-term they'd basically have been dousing themselves in blood and jumping into shark infested water by doing so, which would have made fighting the better choice. Once they'd done it once they would have known that refusing future requests would have been all the harder, which means they'd have been stuck doing so time and time again.

    Given they can be stupid at times, but not that stupid I imagine they still would have fought the order in court, even under seal, it just wouldn't have turned into the circus it has since the matter went public.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 15 Mar 2016 @ 9:42am

    Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

    Do we believe this? Do we believe that Apple would have acceded to the government's request, had the application been made under seal?
    Possible, but unlikely I'd say
    In the EDNY case, Apple was invited to intervene by Magistrate Judge Orenstein, and their initial response in that case was rather tepid.

    Is the critical difference between the two cases iOS 7 (EDNY) as opposed to iOS 9 (CDCal) ?

    link to this | view in thread ]

  52. identicon
    Dingledore the Flabberghaster, 15 Mar 2016 @ 11:06am

    Re: Re:

    Can I just put forward The Bugle Podcast as evidence that Oliver is a brilliant satirist even without a team of writers.

    link to this | view in thread ]

  53. identicon
    Dingledore the Flabberghaster, 15 Mar 2016 @ 11:12am

    Re: Re: The Media Not Realizing That They Are Clueless Concerning Encryption

    jealous of their capability


    ??
    Jealous of "people not changing the default pins on their voicemail"/"people being socially engineered into giving their pin out"/"journalists mimicking caller-id"

    ??

    link to this | view in thread ]

  54. icon
    Nop (profile), 15 Mar 2016 @ 11:53am

    Re:

    Torrent sites are your friend. As are VPNs.

    link to this | view in thread ]

  55. identicon
    Anonymous Coward, 15 Mar 2016 @ 5:02pm

    Re: Re:

    Until YouTube adopts Netflix's stupid strategy of blocking VPNs and all sorts of proxies.

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 15 Mar 2016 @ 5:05pm

    Even if it was possible, somehow, to enable encryption for good guys only, it would be abused because "good guys" like the NSA would spy on "bad guys" like Snowden, Poitras, Assange, Manning, Greenwald etc.

    link to this | view in thread ]

  57. identicon
    Anonymous Coward, 15 Mar 2016 @ 5:06pm

    Re:

    PS: NSA already spy and harass that people, who encrypt their communications.

    link to this | view in thread ]

  58. icon
    JMT (profile), 15 Mar 2016 @ 5:07pm

    Re: Re:

    "The FBI request is NARROW, it is FOCUSED, and it is for something that does not harm, change, or any way backdoor the encryption."

    The FBI request is narrowly focused on bypassing an important security feature that makes the encryption effective. The encryption will be irrelevant if the passcode can be so easily hacked. Arguing that this in not backdooring the encryption is a lame semantic point. The effect is exactly the same.

    "The special OS patch (because it will be just a minor patch) won't get rolled out every Apple phone in the world. The small change (likely something to reset an attempt counter back to zero every couple of milliseconds) is just that, a small change to a single phone."

    Once again, you look very foolish sticking to this very early claim that most people, even those on the government's side, now realize is completely false. Hard to take you seriously when you keep repeating it with such conviction.

    link to this | view in thread ]

  59. identicon
    Anonymous Coward, 15 Mar 2016 @ 8:35pm

    Re: Re: Re:

    You aren't even a very good troll

    You should know. After all, you speak from experience, master humorist.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.