DOJ To Court: Hey, Can We Postpone Tomorrow's Hearing? We Want To See If We Can Use This New Hole To Hack In
from the oh-really-now? dept
So, this morning we wrote about a new flaw found in the encryption in Apple's iMessage system -- though it was noted that this wouldn't really have impacted what the FBI was trying to do to get into Syed Farook's work iPhone. However, just a little while ago, the Justice Department asked the court to delay the big hearing planned for tomorrow afternoon, because of this newly disclosed vulnerability:Since the attacks in San Bernardino on December 2, 2015, the Federal Bureau of Investigation (“FBI”) has continued to pursue all avenues available to discover all relevant evidence related to the attacks.This could mean a variety of different things... including that the DOJ is looking for a way "out" of this case without setting the precedent it doesn't want, after discovering that the case and public opinion didn't seem to be going the way the DOJ had hoped it was going to go when it first brought it last month. Either way, there's never a dull moment in this case...
Specifically, since recovering Farook’s iPhone on December 3, 2015, the FBI has continued to research methods to gain access to the data stored on it. The FBI did not cease its efforts after this litigation began. As the FBI continued to conduct its own research, and as a result of the worldwide publicity and attention on this case, others outside the U.S. government have continued to contact the U.S. government offering avenues of possible research.
On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. (“Apple”) set forth in the All Writs Act Order in this case.
Accordingly, to provide time for testing the method, the government hereby requests that the hearing set for March 22, 2016 be vacated. The government proposes filing a status report with the Court by April 5, 2016.
Update: And the judge has accepted the request, meaning the hearing is off. The DOJ put out a statement trying to spin this as being about how they're just really interested in getting into this one phone and not about setting a precedent:
Our top priority has always been gaining access into the phone used by the terrorist in San Bernardino. With this goal in mind, the FBI has continued in its efforts to gain access to the phone without Apple's assistance, even during a month-long period of litigation with the company. As a result of these efforts, an outside party demonstrated to the FBI this past weekend a possible method for unlocking the phone. We must first test this method to ensure that it doesn't destroy the data on the phone, but we remain cautiously optimistic. That is why we asked the court to give us some time to explore this option. If this solution works, it will allow us to search the phone and continue our investigation into the terrorist attack that killed 14 people and wounded 22 people.Of course, that statement is more misleading bullshit from the DOJ. It's pretty clear that the DOJ is just trying to get out of this case as it's realized that the original plan completely backfired, and they were likely to lose.
Update 2: Okay, the court has officially posted its decision to grant the DOJ's request. You can see it below as well.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: all writs act, court, doj, encryption, fbi, going dark, hacking, syed farook, vulnerability
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
If so, Apple might want to do that, even if it costs them more now, just so they (and the rest of us) don't have to do this every couple of years.
[ link to this | view in thread ]
The US Doj put on the full court press and lambasted Aplle every chance they got and made sure they put it to the courts and especially the public that Apple was thumbing it's nose at Law Enforcement and was on the side of criminals and terrorists with it's failure to give the US DOJ what it wanted.
If it wasnt for the weight of the tech companies, the EFF and others throwing their weight behind Apple would the US DOj really be backing down, I doubt it. The US DOJ was hoping to get Apple to buckle under the pressure, and Apple did not.
I really hope the court does not allow the US DOJ to back peddle it's way out of this when they are the ones who pushed for this to get rules upon. It would be nice to get the court to put a ruling in place and set the ground rules so the US DOJ can not continue to trample all over people and companies rights because they have or seem to believe they have the power to.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
(1) The judge has already asked them if they'd pursued all the options available using federal resources....
(2) ... implying that was a relevant question.
(3) But the only way that question could be relevant would be for an negative answer to weaken the government's case enough to cause the judge to not issue the warrant.
(4) At the time the fibbies equivocated "We don't have to ask EVERY federal agency"... realizing the ramifications of the question.
(5) So a negative answer provides a face-saving way of getting the warrant squashed without setting any precedent.
In a month or three the fibbies can truthfully say, in court, what anyone could reasonably have said at the beginning, "we've investigated this phone's data and metadata and usage patterns enough to be reasonably certain the hate criminals (not really "terrorists", just ordinary hate-your-neighbor misanthropes with violent tendancies) did not use that phone to make their plans AND didn't need help from anyone else to perpetrate them."
That leaves the question open "Did they really crack the phone?" because ... hey, everyone expects that the criminals used their own phones (not their work phone) to make their plans, and destroyed those phones before perpetration.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
However in this case there's a response and a motion and so they can delay (with the Court's approval) but in the end unless they sweet-talk Apple then Apple's reply and motion will be heard.
[ link to this | view in thread ]
This is a ploy to save face while backing out of a situation that exploded in their faces beyond their worst PR nightmares.
[ link to this | view in thread ]
Re: Re:
The case is, at least at this point, about this one phone. And Apple is a third party, not a defendant. If the FBI says it no longer needs Apple to help with the phone, I don't think Apple can press the issue - at that point, they've won. Courts are for deciding actual controversies - once both sides say the phone isn't needed, that's that.
[ link to this | view in thread ]
Mar 22 Hearing Vacated
[ link to this | view in thread ]
Re:
Note that it wouldn't be a win for Apple, rather a bit of a loss. The FBI isn't going forward for the moment because apparently Apple's OS has a big enough hole in it that they should be able to walk right in. Apple certainly is not a winner if that is the case.
[ link to this | view in thread ]
[ link to this | view in thread ]
This is actually bad news
[ link to this | view in thread ]
Posponed until when?
[ link to this | view in thread ]
[ link to this | view in thread ]
So, does this mean John McAfee won't be eating his shoe on live TV now?
[ link to this | view in thread ]
Look Me in the Eye and Say It Again
[ link to this | view in thread ]
[ link to this | view in thread ]
[ link to this | view in thread ]
There is no hole...
Apple bucked the FBI and stood fast, right up to where they were looking at a huge win against the government.
Suddenly, the government "finds a hole" in Apple's SECURITY and announces it to the public.
It's a "screw you, Apple!" move. What they REALLY just did is announce to the world that Apple's security isn't actually secure. It's going to cost Apple a lot of money.
And I suspect the "exploit" doesn't really exist.
[ link to this | view in thread ]
Re: There is no hole...
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: There is no hole...
It is the very nature of the business that exploits will be found. Not just with Apple, but anybody in the business. Google, Microsoft, Facebook, Samsung, etc... What matters is how quickly Apple issues patches to their users to fix exploits found.
[ link to this | view in thread ]
I see two possible outcomes
2. The FBI is unable to break iMessage but declares that in so attempting they 'accidentally' destroyed the phone.
Either way, this issue is now moot. No more need to order Apple to break into this phone. Thank you for playing.
Now the FBI can regroup and focus on their next attempt to get unlimited access into anyone's phone at any time without supervision. That is what this was about, after all.
[ link to this | view in thread ]
Re:
How do you punish someone whose ego is that they can do no wrong?
[ link to this | view in thread ]
Re: Re: There is no hole...
[ link to this | view in thread ]
Re: Re: There is no hole...
[ link to this | view in thread ]
Was the FBI previously aware of this approach?
Has the FBI tried this approach before?
If the FBI was previously aware, why was it not tried before filing the initial motion?
Did any government agency the FBI contacted recommend this approach before?
Why is this being tried now?
Is the party with this method a private or government entity?
If a government agency, was this one previously contacted?
If a government agency, and not contacted, why not?
Who initiated the contact with the other?
When was contact first made?
When was the offer to "hack" the iphone by the party first made?
When was the offer to "hack" the iphone accepted?
[ link to this | view in thread ]
Two completely separate issues
[ link to this | view in thread ]
Re: Two completely separate issues
The timing of the two announcements may be purely coincidental. However, one should not be too quick to discount the possibility that the timing is more than fortuitous—the FBI/DoJ PR game(*) has been in full swing.
(*) Apple's PR has been in full swing too, but while they may have been able to influence the timing of the release of the Johns Hopkins paper, it seems less likely that Apple PR alone (in the absence of collusion with DoJ) would have had the capability to influence the timing of the DoJ CDCal Motion.
[ link to this | view in thread ]
Re: There is no hole...
Then you're a fool.
Security holes are found (and publicly announced) in Apple's products about once a quarter. It won't affect Apple's market because it happens, and it's known to happen to everyone. Apple will patch it, and life moves on.
That's not the same as knowingly keeping a backdoor to give the "Democratic People's Republic of America" access to your information, which WOULD hurt their sales.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: This is actually bad news
[ link to this | view in thread ]
Re: Re: There is no hole...
No one in their right mind gets too bothered that mass-market vehicles from Ford and Toyota won't withstand “Cartridge, Caliber .50, Saboted Light Armor Penetrator, M903”.
Instead, people would rather pay for things like battery-operated passenger vehicles. Or 0 - 60 mph. They're not as worried about certain causes of holes.
It's a car analogy. The iPhone is a battery-operated, consumer device. No one expects their bank to use an iPhone to replace an expensive, dedicated Hardware Security Module.
[ link to this | view in thread ]
Re: This is actually bad news
...can we see your phone to be sure you don't have any contacts in Brussels?
[ link to this | view in thread ]
Re: Re: Two completely separate issues
[ link to this | view in thread ]
Re:
What laws are they trying to get overturned?
[ link to this | view in thread ]
Article conflict.
But Apple is hardly the bad guy.
Hint: There are no good guys in this game.
[ link to this | view in thread ]
Re: Re: There is no hole...
im with bamboo. it doesn't exist.
this is gaming by the fbi so that the door doesn't get closed on coercing a company to do something against its will. they'll be able to take another shot at it one day.
but my guess is you'll never hear from the fbi about the case again.
[ link to this | view in thread ]
Re: Re:
How ironic that they seem to have "found" it right before the court date.
And if it's that big of a hole (your words), you'd think they WOULD'VE found it before going through the courts in the first place.
So you say it isn't a win for Apple, but they didn't have to commit any internal resources so the FBI could go out for coffee & donuts, instead of doing some fucking work them fucking selves. I fail to see how that's a loss.
[ link to this | view in thread ]
Dream on eh. You'd have to be in a democratic country to pull that kind of shit off.
[ link to this | view in thread ]
Which is a shame
It'd be like telling a behavioral research specialist that he has to interview Hannibal Lecter. Most of them would be drooling from the salivation.
[ link to this | view in thread ]
Re: There is no hole...
How is this any different to all the other times vulnerabilities are found and patched in ALL phone's (not just iPhones). Did they all cost the manufacturers a lot of money too? Why do you think this one's so different?
[ link to this | view in thread ]
Transcipt of Telephone Conference
In The Matter Of The Search Of An Apple iPhone Seized During The Execution Of A Search Warrant On A Black Lexus IS300, California License Plate 35KGD203
Reporter's Transcript of Oral Proceedings
Monday, March 21, 2016, 4:00 p.m.
[ link to this | view in thread ]
Re: Re: There is no hole...
Then you're a fool."
What does that make you? The particular exploit the effabeeI is speaking of may not exist. You my foolish friend do not know for sure do you?
[ link to this | view in thread ]