Apple Refuses Court Order to Unlock Encrypted iPhone

John Lister's picture

Tech company leaders are backing Apple in its defiance of a court order to make it easier for the FBI to access a murderer's iPhone. However, a poll shows public support for officials despite Apple's claims that the order threatens security.

The case involves a phone belonging to Syed Farook who, along with his wife, shot dead 14 people in California last December. He was killed in a police shootout, but the FBI wants to examine his phone to see if it contains any details about the planning of the attacks and links to terrorist groups.

FBI Needs More Than 10 Password Attempts

The problem is that the phone is encrypted - so much so, that even Apple can't unlock it. The only way to access data on the phone is to correctly type in the passcode, but a security feature on the iPhone means that after 10 failed attempts, it will simply wipe the data on the phone.

The FBI says Apple should modify the phone's operating system to disable this feature. It can then hook it up to a computer and use a program to simply try every possible passcode until they find the correct one.

A court has now agreed to the FBI's request that Apple be forced to do this. It's done so using the All Writs Act, a law made way back in 1789 that effectively means a federal court can order anybody to so something if it will help the pursuit of justice. In practice, previous court rulings mean this can't be used for demands that are "unreasonably burdensome."

Apple Refuses To Set Precedent

Apple has vowed to defy the order with chief Tim Cook saying the demand would threaten user security. He says that the way the FBI wants it to modify the phone would mean creating a new version of the operating system without the 10-guesses feature.

According to Cook, that creates an unacceptable risk that this modified software could find its way into the wrong hands and effectively allow somebody to bypass security on any iPhone. He also says that if the FBI is allowed to enforce this demand, it would create a precedent that would let it demand further access to phones, perhaps even by forcing Apple to install surveillance software.

Mark Zuckerberg of Facebook has commented on the case, stating that "It's not the right thing to try to block [encryption] from the mainstream products people want to use. And [it's not the right] regulatory or economic policy to put in place." (Source: recode.net)

Meanwhile, a survey by the Pew Research Center found 51 percent of people backed the FBI, while 38 percent backed Apple and 11 percent were unsure. However, there's some question over whether the details of the case were fully explained by the pollsters. (Source: appleinsider.com)

What's Your Opinion?

What's your general view on the balance between privacy and security? Does that view change with the specifics of this case? Do you agree with politicians who've proposed laws that would mean all phones had to be capable of unlocking by the manufacturer?

Rate this article: 
Average: 4.2 (6 votes)

Comments

Dennis Faas's picture

I'm with Apple on this one. If they make software designed to circumvent their own security policies, it means that anyone will be able to hack an iPhone and steal information. It's not a good idea and not worth the risk even in this case.

read.tom_5843's picture

I agree with Dennis - if the courts rule against Apple, I guess that's when I look for a new phone. Interesting that Bill Gates has sided with the government - I find that very illuminating.

edjbaxter_3688's picture

I'm not sure it is even technically possible for Apple to update the OS on the phone if it is locked. The OS would have to have an existing 'backdoor' in the OS to enable updating the OS using WiFi (or bluetooth).

doulosg's picture

Why would I want an iPhone? Do (Did) Apple's customers know this?

georgegrimes's picture

doulosg, of course Apple's customers know this! It is for their protection. If someone steal an iPhone and tries to break into it, this assures that they will fail. Brute force attacks cannot work. This is a deliberate security feature. Anything else puts the user's data a risk if the phone is lost or stolen.

Boots66's picture

I agree with Dennis on the problem that allowing the information out to the world.
What we need to do is to setup a Digital Cracking Lab. It would be as secure as the Human Virus/BioHazzard Lab in Winnipeg, that was just in the news creating a Zika anti-virus serum.
Nothing can get out of that lab or mankind is in real danger.
We need the same kind of lab in North America, that can be called upon as needed,
like this, if it will help to stop this human stupidity called Terrorism!
Do I like the idea of giving up yet more of my Privacy - It is totally at risk now - NO!!
But if anyone else has an idea, let's get out there for discussion

phamilton2's picture

I'm afraid I don't believe the government when they say, "The cracking software will only be used just this one time on just this one phone, then Apple can destroy the software." I read an article a few days ago that said that law enforcement agencies across the country are watching the outcome of this case very closely because they have "hundreds of phones that they want Apple to crack."

SeaSteve's picture

The ONE caveat that keeps me in the "unsure 11%" is...The FBI wants access to the data for security and public safety reasons. Apple is defying the order for monetary business gains.

Apple doesn't really care about customer's data security, they care about their business, and they'll loose customers if the software to access IPhones is created.

I agree, it's a "Slippery Slope" but it was only a matter of time before this sort of issues was bound to come up and we have many more to come.

Last comment is...I think many Apple customers DIDN"T know, and probably still DON"T know, the 10 password limit exists. Users, especially the "ubiquitous IPhone" users, often don't pay enough attention to details to know these things.

russoule's picture

I hate to disagree with Dennis, but I don't see the difference between a search warrant for a diary and/or other "working papers" and a search warrant for a phone - IPhone or Android or Microsoft or whatever. This is the same thing as wiretapping a telephone to catch ALL the bad guys. Or offereing a plea deal to someone because there is a "higher-up" who planned the crime. Or using an under-cover agent to infiltrate an organization. In law enforcement, these are all tools that are used regularly and any claims of "privacy" are moot because of "the greater good" value. Will it or could it impact IPhone sales? Possibly, but the only people who need absolute privacy are those whose secrets could do harm to others.

As for IPhone users knowing about this "feature", I must say that my spouse uses an IPhone for work and I am pretty darn sure she doesn't know about a "10 tries and ZAP, there goes your phone" since she has well over 100 contacts on her phone and a problem remembering even the most simple passwords I can design for her. I myself was not aware of this "safety feature" and will definitely have to advise her to NEVER forget her password. BTW:
If this "feature" is so good for everyone, why hasn't Android or Microsoft chosen to add it to their phones?

INXS9000RPM's picture

I'm afraid that SeaSteve has got it wrong, by suggesting that the FBI wants access for the "Public Benefit", whereas Apple is only concerned about its profits. For a start, Apple has done more to benefit "society" with its products than the FBI has ever produced (other than bullying individuals and groups with its legal might). SeaSteve's assertion that Apple doesn't care about its customers' data security is myopic, and belies his/her biases against the company. If it wasn't for Apple's profitability (and the vision of Steve Jobs) smartphone technology and similar digital gadgets would still be languishing in Microsoft's and Samsung's IN Tray.

Moreover, this FBI demand is a fishing expedition, as it has not provided any proof that genuinely useful information is contained within this "terrorist" cell phone. As for implying that the US Public should trust the FBI's assertions of Need, Confidentiality and National Security, SeaSteve has obviously never read what Edward Snowden leaked about the nefarious practices of the FBI, CIA, NSA, and other covert Agencies practices.

I believe Apple needs our moral support to defend its stance against the legal contortions of Govt lawyers, DAs and counselors, all comfortably salaried by Public Taxpayer dollars.

SeaSteve's picture

I don't entirely disagree with most of your points, which is why I'm in the us-sure 11%!

I WILL always believe Apple bases it's decision on the bottom line cost. Not to say it's WRONG for a U.S. capitalistic corporation to protect it's product investment. But to believe Apple is taking the higher moral ground would be as naive as believing the entire Federal Government will NOT over reach it's data collection of private citizens.

The most important issue is, as current technology outpaces our laws, we need to start having more of these debates to define the fair and moral line...Referencing the 1789 All Writs Act which basically says the Federal Government can do what ever it wants!

almaharr_6484's picture

Why couldn't Apple create the software to decrypt the phone then have the FBI send them the terrorist's phone for Apple to decrypt itself without sharing that decrypting software??

Things are tough enough for all of us to be protected from violent fanatics who are bound to attack us. They use the darknet to communicate and in this instance, Apple encryption qualifies as part of that darknet. So, I'm against Apple's position on this.

kitekrazy's picture

This is a unique situation where the phone belongs to one deceased. Send it to Apple but blanket government solutions are never good.

lepitbull's picture

I too hate to disagree with Dennis, as I do believe 'Privacy' is a god given right.
But criminals, especially mass murdering terrorists have given up or forfeited all
of their privacy rights. The Law officials (FBI. CIA and court orders) do it for all
of our public safety. The law abiding should keep their Privacy in place and can not
be affected. But criminals should be ! Maybe Apple will loose money if they so stop
being a Hub for Terrorists. I believe the Law should be allowed to read the iPhone as it may help thwart any possible future attacks. They do it for Pedophiles - Why not terrorists ? Answer that ! Privacy has degrees, the innocent and the good should have their privacy protected and secure, not murders...

matt_2058's picture

I'm glad to see that Apple didn't cave in to this. I'm against the movement to require a backdoor for law enforcement anyway. And if it should ever be accomplished, I'd like to see stiff penalties for misuse.....20-30 year MINIMUM sentences for government employees including contractors.

The funny part of the FBI's case...
"A court has now agreed to the FBI's request that Apple be forced to do this. It's done so using the All Writs Act, a law made way back in 1789 that effectively means a federal court can order anybody to so something if it will help the pursuit of justice. In practice, previous court rulings mean this can't be used for demands that are "unreasonably burdensome."

How does the FBI expect to get this applied to citizens or corporations when congressional members can't be required to comply with basic laws that apply to citizens. Isn't there a defense based on precedent of not applying the law? What's that form of government ....of the elite, by the elite, for the elite?

jamies's picture

Yes - Apple should code as requested - that is once they have a contract agreeing they will be paid for the work, and the effect on their sales -

Every government employee's IPhone should be made open to all who want to run the software - which, as it is being created by court order should be in the public domain.

Me - I'm probably going to start imbedding my private and commercially sensitive communications using graphical images or 2048 bit encryption or other encoding of our own corporate devising so the interception of the message at ISP transmission - store & forward stage will be very much more difficult.

Well why shouldn't we all keep up with the techniques used by foreign governments, terrorists, and drug cartels.

Heck - maybe we'll go back to ricepaper for the office communications so providing a nourishing meal with the message.

Doccus's picture

Just typical. One of the very few times a large corporation goes to bat to protect one of the very basic and extremely critical human rights, that of basic dignity and privacy. Obviously, it's only because both corporate and citizen's interests are congruent, but even so.. you would THINK the general majority would support this.. but instead.. they support invasive encroachment because of the american mentality of :
""nobody has any human rights if we need to "make them pay!" for their 'crimes'. Even if we don't know their guilt for sure.. if the media says they're guilty, that's good enough. Human rights are only for people that haven't 'done anything wrong'""
Well, I'm glad y'all are so tolerant to be willing to surrender YOUR basic rights and freedoms when the government suddenly comes calling on YOU because of your favorite activities now suddenly having become illegal. Such as.. oh.. I don't know.. wearing a crucifix around your neck.. going to church.. or maybe sending a politically incorrect letter to the local newpaper..
This is the majority that are siding with the gov't against Apple.. So bleedin' sad ;-(

blueboxer2's picture

you just might get it. The simplest actions can be booby traps - and irrevocable. Even the classical Greeks knew this - Pandora's Box was a one-time, one-way proposition. Likewise, there's no way to unscramble an egg.

Privacy commissioner Anne Cavoukian has cautioned that should Apple comply with the order and succeed, experience indicates that their methodology will be found out soon by criminals and malevolent governments, foreign and local. And it will be used. No encryption method will be fully safe again - not your online purchase order, not your bank transactions, not anything personal you put on the internet.

The U.S. government, with its typical approach of exceptionalism, wants its way. Some reports indicate the phone did not even belong to the user, but was assigned to his use by is employer. If true, did anyone even ask the employer if the passcode had been recorded? Is there credible reason to believe that there is criminal information recorded on the phone, or that is is not determinable from other sources? We have seen from recent criminal trials that the police can routinely secure tower records that tell them when and where a given cellphone was used. Logs exist (for billing purposes, if nothing else) of every use of every cellphone. Let the FBI show if these even suggest a case may exist.

A couple of years back, the Government of India demanded that Blackberry compromise the security of their phones when the government demanded. Blackberry refused. Negotiations took place and a settlement was reached, with no public statement made by either party. Look at Blackberry's sales then and now, and guess what security means to corporate survival. Bet Tim Cook knows.

What happens if Tim Cook comes back and tells the court, "gee, we tried, but we just couldn't figure out how to do it"?

Since so much of world commerce and personal activity - like medical or credit records, for instance - depend on encryption and transmission methods that cannot be cracked, should all of this be put at risk to see if a murderer at some time spoke to a malefactor about something maybe related to a single crime?

And by the way, if what the court demands of Apple is possible, how come the FBI with all the resources of the US government behind it, hasn't figured out its own methodology already? Or is the case a coverup for the fact that they have?