iPhone Unlocking Case About Setting A Precedent, Despite What The FBI Says

News
By Lucian Armasu
published

The FBI responded to Apple's open letter, which warned the FBI is trying to set a dangerous precedent, by saying the San Bernardino iPhone unlocking case isn't about setting a precedent at all. However, a new report says that the Justice Department is trying to unlock at least 12 other iPhones, none of which are related to cases of terrorism.

The FBI tried to make it very clear in its letter that it wants Apple to only help it unlock the phone in this specific case, and nothing more.

"The San Bernardino litigation isn't about trying to set a precedent or send any kind of message," said James Comey, the FBI Director. "The particular legal issue is actually quite narrow. The relief we seek is limited and its value increasingly obsolete because the technology continues to evolve. We simply want the chance, with a search warrant, to try to guess the terrorist's passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That's it. We don't want to break anyone's encryption or set a master key loose on the land."

Yet, the new report from the WSJ says exactly the opposite; there are at least 12 other cases where the Justice Department might want to unlock iPhones. Some local law enforcement officials have also made comments about it, saying how FBI's case against Apple could be helpful for their own cases.

"It may be a question of finding the right case," said Jake Wark, the spokesperson for the DA's office from the Suffolk County, Massachusetts.

"It's going to have significant ramifications on us locally," said Matt Rokus, deputy chief of Wisconsin's Eau Claire Police Department.

"The court's ruling could have a significant impact on conducting sensitive criminal investigations," said South Dakota, Minnehaha County State's Attorney, Aaron McGowan.

These comments seem to directly contradict the FBI Director. Plus, if the FBI does win this case, it can't prevent it being used a precedent for other cases. It seems rather obvious that even if the FBI never tries to use it in the future as a precedent, which seems unlikely and hard to believe, others will.

Playing Word Games

FBI's Director, James Comey, is also being quite misleading when he said that they "don't want to break anyone's encryption," while arguing that they want to "try to guess the terrorist's passcode without the phone essentially self-destructing and without it taking a decade to guess correctly."

The very purpose of encryption is to protect a message from being deciphered—not for only a month, or a year, but forever. Saying they don't want to directly decrypt the message with a master key, but only want the ability to easily crack that encryption is ultimately a distinction without a difference, and the FBI is merely playing word games.

It's actually no different than when the U.S. government forced all commercial companies to use 40-bit encryption two decades ago, with the argument that it doesn't want companies to stop using encryption, but it still wants to be able to break that encryption. When encryption can be easily broken or bypassed like that, then it's pointless.

Weak Protection Is No Protection

The FBI wants devices to be protected by only four or six digit PINs with no additional protection, because it knows four or six digit PINs can be easily cracked, which means they aren't very good at protecting information. That's why Apple, and recently Google as well, have added the rate limiter to PIN authentication. When too many ties (more than 10) are attempted, the device wipes itself to protect the data against forced unlocking.

Ultimately, it boils down to one idea: if a security feature can be broken within minutes or hours, then it's not a very good one, and at best it serves as security theater. The better the security, the safer our devices are, and the FBI is arguing the opposite; that our devices shouldn't be very secure so they, and anyone else who might steal the devices, can hack into them and obtain the data.

Anti-Cybersecurity Policy?

Despite its pleas for better cybersecurity and warnings that enemies of the U.S. could take down critical infrastructure or steal vital government information in the past, the U.S. government has quite a hostile attitude towards actual cybersecurity. It seems to believe that any security that can't be bypassed or broken within hours is a bad thing, and we should not accept it in our devices. This type of anti-cybersecurity policy could have quite terrible consequences in the long term, both from an economic and a general security point of view.

Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu. 

Follow us on FacebookGoogle+, RSS, Twitter and YouTube.

Lucian Armasu
Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
22 Comments Comment from the forums
  • koss64
    The Government's stance is to have devices protects, the smaller ther attack surface the less damage will occur in the event of an attack. Using quotes from persons outside the FBI does not necessarily help your case for the phones in this case not to be unlocked.
    Apple is trying to save face in light of the iCloud hacking scandal and trying to put on this notion that they have the public's privacy in mind, when that's far from the truth. I cannot fathom how leaving those phones locked does anyone any good to anyone but Apple and their shareholders, when rest assured in the regular cut and thrust of these matters,non-high profile cases are going to get the phones unlocked with no great fuss or public outcry.
    Reply
  • tical2399
    Oh well. The feds did it the right way. They went the legal route and got a warrant for the phone to be unlocked. If apple doesn't comply then Cook needs to be led out doing the perp walk and held in contempt until he has it unlocked. Its not like the feds just asked for no warrant. Due process was done, they had a legit reason for opening it, they asked a court for the warrant, the court agreed and provided an order. For all those who would try to scream rights this and constitution that; what the feds did was the definition of doing it by the book.
    Reply
  • Math Geek
    remember this is only a one time single super ultra important thing that will never need to be repeated!!

    http://www.wsj.com/articles/justice-department-seeks-to-force-apple-to-extract-data-from-about-12-other-iphones-1456202213

    or is it? also keep in mind there are literally hundreds of phones being held by local law enforcement all over the country waiting for apple to give in so they can jump onboard and get these phones hacked as well....

    hopefully no one actually believes that this is only a one time thing, believing that would be just stupid. add in the fact that once the ios is created and the phone is handed over. all the fbi has to do is extract the ios for themselves and they will have their own copy. course they would never do that now would they.......
    Reply
  • none12345
    "If apple doesn't comply then Cook needs to be led out doing the perp walk and held in contempt until he has it unlocked"

    How can you be held in contempt for not handing over something that doesn't exist. The technology to unlock it doesnt exist. And as far as being in contempt for refusing to create such a technology... you know perform work you dont want to do....err i thought we already outlawed similar practices? you remember slavery? indentured servitude? etc...

    I personally would like it to stay that way, privacy/financial security/etc is more important their their bullshit terrorist argument. You are 10s of thousands of more times likely to be killed in a car accident then by terrorists. You are more likely to be struck by lighting. As soon as its cracked, as soon as a back door is added, try as they might it WILL get out to everyone who wants to get into the phones. And that will cause far more harm/terror then the terrorists people seem to be so worried about. Remember this is the same government who has blank administrator passwords on thousands of government computers, they cant protect shit.
    Reply
  • hoofhearted
    The FBI just needs to build a proper QC and use Shor's (available in QCL).
    Reply
  • Andrew Pacely
    Its easy to say "The FBI went the legal route and Apple must comply," when you don't understand how harmful it is, nor do you understand the full context of the subpoena. There's nothing in the law that data a company Must device a new product for the government it hasn't even made previous too, and forcing it would be unconstitutional. Plus, the DoJ just confirmed that the FBI is bullshitting everyone and it one be just One phone. And the cyber sharks already know about all this, so if the tools Are made and used more than once, its only a matter of time before someone snatches it from the feds.... they already got into the CIA, and they are just as protected as the FBI....
    Reply
  • skit75
    17551950 said:
    Oh well. The feds did it the right way. They went the legal route and got a warrant for the phone to be unlocked. If apple doesn't comply then Cook needs to be led out doing the perp walk and held in contempt until he has it unlocked. Its not like the feds just asked for no warrant. Due process was done, they had a legit reason for opening it, they asked a court for the warrant, the court agreed and provided an order. For all those who would try to scream rights this and constitution that; what the feds did was the definition of doing it by the book.

    As if to say they had any other option available? This was their only course of action. After 9 incorrect guesses, the phone has a chambered bullet held to its head for the next incorrect guess. They do not have an alternative option. Apple designs their own chips and writes their own code.
    Reply
  • heliomphalodon
    The FBI chose this as its test case because it couldn't find a case involving an infant kidnapped by drug kingpins and strapped to a dirty bomb going tick-tick-tick...
    It's obvious that they hope that emotion and ignorance will carry the day and, sadly, recent polls appear to be proving them right.
    What very few people seem to realize is that Apple is being ordered not to give up a disk image of the iPhone in question, but rather to create a new forensic tool - an instrument. Such instruments must be vetted and they must be exposed in detail - not kept secret. Look here for the best discussion of the issue that I've been able to find: http://www.zdziarski.com/blog/?p=5645
    Reply
  • rwinches
    Apple has given iCloud information to the FBI on many occasions before this (so cooperation is not really the issue).

    On those occasions the FBI followed instructions from Apple to bring the phone to a familiar WiFi location and the phone will connect and auto log into the iCloud and auto backup.

    This time the FBI instructed the local authorities to reset the iCloud PW rendering the above procedure impossible. The phone is locked so the temp PW in an email can not be used and the phone will use the old PW.

    Was this 'mistake' on purpose? Who knows?

    I do wonder if previous backup info has any value or has it already been provided and found not useful?
    Reply
  • rastapop
    Should banks refuse to open a safebox even when a warrant is produced? Why would the iphones be the only boxes that the police can't open even when a judge is ordering it?
    Reply