Showing posts with label Apple. Show all posts
Showing posts with label Apple. Show all posts

Tuesday, 29 March 2016

Apple responds to the FBI hacking the San Bernardino shooter's iPhone

Earlier today, the FBI announced that they were able to extract the data that they needed from the iPhone 5c that was used by the San Bernardino shooter, Syed Rizwan Farook. The long and gruesome battle between Apple and law enforcement was now over.
Apple responded with the following statement:
From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. This case should never have been brought.
We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated.
Apple believes deeply that people in the United States and around the world deserve data protection, security and privacy. Sacrificing one for the other only puts people and countries at greater risk.
This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion.
It's unclear what the future holds at this point. As Apple said in its statement, they will continue to increase the security of its products as threats and attacks become more sophisticated. If they choose to patch the flaw that law enforcement used, this whole mess could start up all over again.

Friday, 18 March 2016

Apple Encryption Engineers, if Ordered to Unlock iPhone, Might Resist


SAN FRANCISCO — If the F.B.I. wins its court fight to force Apple’s help in unlocking an iPhone, the agency may run into yet another roadblock: Apple’s engineers.
Apple employees are already discussing what they will do if ordered to help law enforcement authorities. Some say they may balk at the work, while others may even quit their high-paying jobs rather than undermine the security of the software they have already created, according to more than a half-dozen current and former Apple employees.
Among those interviewed were Apple engineers who are involved in the development of mobile products and security, as well as former security engineers and executives.
The potential resistance adds a wrinkle to a very public fight between Apple, the world’s most valuable company, and the authorities over access to an iPhone used by one of the attackers in the December mass killing in San Bernardino, Calif.
It also speaks directly to arguments Apple has made in legal documents that the government’s demand curbs free speech by asking the company to order people to do things that they consider offensive.
“Such conscription is fundamentally offensive to Apple’s core principles and would pose a severe threat to the autonomy of Apple and its engineers,” Apple’s lawyers wrote in the company’s final brief to the Federal District Court for the Central District of California.
The employees’ concerns also provide insight into a company culture that despite the trappings of Silicon Valley wealth still views the world through the decades-old, anti-establishment prism of its co-founders Steven P. Jobs and Steve Wozniak.
“It’s an independent culture and a rebellious one,” said Jean-Louis Gassée, a venture capitalist who was once an engineering manager at Apple. “If the government tries to compel testimony or action from these engineers, good luck with that.”
Timothy D. Cook, Apple’s chief executive, last month telegraphed what his employees might do in an email to customers: “The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe,” Mr. Cook wrote.
Apple declined to comment.
The fear of losing a paycheck may not have much of an impact on security engineers whose skills are in high demand. Indeed, hiring them could be a badge of honor among other tech companies that share Apple’s skepticism of the government’s intentions.
“If someone attempts to force them to work on something that’s outside their personal values, they can expect to find a position that’s a better fit somewhere else,” said Window Snyder, the chief security officer at the start-up Fastly and a former senior product manager in Apple’s security and privacy division.
Apple said in court filings last month that it would take from six to 10 engineers up to a month to meet the government’s demands. However, because Apple is so compartmentalized, the challenge of building what the company described as “GovtOS” would be substantially complicated if key employees refused to do the work.
Inside Apple, there is little collaboration among teams — for example, hardware engineers usually work in different offices from software engineers.
But when the company comes closer to releasing a product, key members from different teams come together to apply finishing touches like bug fixes, security audits and polishing the way the software looks and behaves.
A similar process would have to be created to produce the iPhone software for the Federal Bureau of Investigation. A handful of software engineers with technical expertise in writing highly secure software — the same people who have designed Apple’s security system over the last decade — would need to be among the employees the company described in its filing.
That team does not exist, and Apple is unlikely to make any moves toward creating it until the company exhausts its legal options. But Apple employees say they already have a good idea who those employees would be.
They include an engineer who developed software for the iPhone, iPad and Apple TV. That engineer previously worked at an aerospace company. Another is a senior quality-assurance engineer who is described as an expert “bug catcher” with experience testing Apple products all the way back to the iPod. A third likely employee specializes in security architecture for the operating systems powering the iPhone, Mac and Apple TV.
“In the hierarchy of civil disobedience, a computer scientist asked to place users at risk has the strongest claim that professional obligations prevent compliance,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center. “This is like asking a doctor to administer a lethal drug.”
There are ways an employee could resist other than quitting, such as work absences. And it is a theoretical discussion. It could be a long time before employees confront such choices as the case moves through the legal system.
The security-minded corner of the technology industry is known to draw “healthfully paranoid” people who tend to be more doctrinaire about issues like encryption, said Arian Evans, vice president for product strategy at RiskIQ, an Internet security company. But that resolve can wither when money gets involved, he said.
An employee rebellion could throw the F.B.I’s legal fight with Apple into uncharted territory.
“If — and this is a big if — every engineer at Apple who could write the code quit and, also a big if, Apple could demonstrate that this happened to the court’s satisfaction, then Apple could not comply and would not have to,” said Joseph DeMarco, a former federal prosecutor. “It would be like asking my lawn guy to write the code.”
Mr. DeMarco, who filed a friend of the court brief on behalf of law enforcement groups that supported the Justice Department, also noted that if the engineers refused to write the code, rather than outright quit, “then I think that the court would be much more likely to find Apple in contempt,” he said.
Rather than contempt, Riana Pfefferkorn, a cryptography fellow at the Stanford Center for Internet and Society, said Apple could incur daily penalties if a judge thought it was delaying compliance.
The government has cracked down on tech companies in the past. A judge imposed a $10,000-a-day penalty on the email service Lavabit when it did not give its digital encryption keys to investigators pursuing information on Edward J. Snowden, the former intelligence contractor who leaked documents about government surveillance.
The small company’s response could be indicative of how individual Apple employees reacted to a court order. When Lavabit was held in contempt, its owner shut down the company rather than comply.

Wednesday, 16 March 2016

3 things you need to know about the war between Apple and the FBI

Apple Chief Executive Tim Cook has said abiding by the government’s request would mean creating the software equivalent of cancer.
The fight between the government and Apple Inc. over unlocking a San Bernardino shooter’s iPhone has gotten uglier with each salvo.
The Justice Department has accused Apple of creating “a diversion” by sounding alarms about security and privacy as part of a marketing ploy.
Apple disagrees. Bruce Sewell, Apple’s AAPL, +2.01%   general counsel, told reporters that “In 30 years of practice, I’ve never seen a legal brief more intended to smear the other side….It seems like disagreeing with the Justice Department must mean you’re evil and anti-American. Nothing could be further from the truth.”
It all started when a federal court in California ordered Apple to help the Federal Bureau of Investigation crack the iPhone used by the San Bernardino shooter who killed 14 people in December at a holiday gathering.Apple and government attorneys make their cases before the U.S. District Court for the District of Central California on March 22. Here are three things to keep in mind.
1. The FBI is trying to compel Apple to write a software that doesn’t exist right now.
This case has been boiled down to a simple question: Should Apple be forced to help the FBI unlock an iPhone used by a suspected terrorist? But it’s actually a bit more complicated.
The FBI is trying to unlock an iPhone used by Syed Rizwan Farook, who worked at the San Bernardino County Department of Health. The device at issue is an iPhone the county issued to him as a work phone. He had a personal phone, too, and destroyed that before the attack. The county has cooperated with the FBI and has given the agency permission to search the phone, but investigators have been paralyzed by several security features.
But the phone is locked with a passcode. County officials don’t know the passcode and Farook is dead, so they can’t get it from him. The phone also has a setting enabled that erases data if incorrect passwords are attempted 10 times. And on top of that, the phone introduces delays between each wrong password guess.
So the FBI wants Apple to write new software that it can load onto the phone that would kill the self-destruct function, as well as any delays when guessing passwords. It wants that software to allow for electronic password guesses so investigators don’t have to poke at the screen by hand.
U.S. prosecutors take aim at Apple again
The Justice Department criticized Apple for allegedly helping the Chinese government access customer phone data while refusing to assist U.S. agents.
Apple has turned over iCloud backups associated with the phone, but the most recent was in October, and the shooting occurred in December. (The company and the FBI have been arguing about whether the investigators fumbled any chances at obtaining a more recent backup by resetting the password within 24 hours of acquiring the device.) Apple says writing a new software for the government is a terrible idea for several reasons. For one, the company says if it abides by this request, it could set a precedent in which the government could ask — among other things — for Apple to allow investigators to spy on people through their iPhone cameras. Apple also says this could open up users to all kinds of security risks at a time when cyberattacks are already a growing threat.
2. Many doubt the iPhone in question contains any evidence.
San Bernardino Police Chief Jarrod Burguan joined security and tech experts when he said he doubts there’s much of value on the phone everyone is fighting about anyway.
“I’ll be honest with you, I think that there is a reasonably good chance that there is nothing of any value on the phone,” he told NPR.
That’s because Farook took the time to destroy personal devices but not this employer-issued work phone. Many in the tech and security communities have doubted it contains evidence beyond what the FBI has already gathered from sources like iCloud backups and metadata, or the information about who was communicating and when. FBI Director Jim Comey has said the effort to unlock this phone is about completing as thorough an investigation as possible in hopes of gleaning any additional evidence because “we can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead.”
3. This isn’t about just one phone.
The government has repeated in its court filings that its request pertains to just one phone but legal experts have agreed with Apple that each case sets precedent, which other courts rely on for future cases. Manhattan’s district attorney and other state and local officials have said they would follow the FBI’s example if it wins this case in pursuit of unlocking other iPhones. And Jim Comey himself admitted at a hearing on Capitol Hill last month that the case could set a precedent.

Saturday, 12 March 2016

APPLE VS FBI : PRESIDENT OBAMA SWINGS BETWEEN PRIVACY AND SECURITY

Barack Obama has sided with authorities in the encryption debate (AP)
US president Barack Obama has backed authorities in the debate pitting encryption and personal privacy against national security, saying authorities need access to data on electronic devices because the "dangers are real".
Mr Obama, appearing at an annual technology festival in Austin, Texas, delivered his most extensive comments to date on the issue being played out in court.
Apple, one of the world's largest technology companies, is challenging the US government's request that it help the FBI access data on a mobile phone used in the San Bernardino, California, attack that killed 14 people.
The issue has rocked the tech industry and divided Mr Obama's advisers, but the president seemed to side with law enforcement despite also saying the matter would not be settled by adopting an "absolutist view".

READ ALSO
He restated his commitment to strong encryption but also raised the question of how authorities would catch child pornographers or disrupt terror plots if smartphones and other electronic devices were designed to keep their data locked away forever.
"My conclusion so far is that you cannot take an absolutist view on this," the president said.
"So if your argument is strong encryption, no matter what, and we can and should, in fact, create black boxes, then that I think does not strike the kind of balance that we have lived with for 200, 300 years.
"And it's fetishising our phones above every other value. And that can't be the right answer."
At the end of a nearly hour-long, question-and-answer session with Evan Smith, CEO and editor in chief of The Texas Tribune, Mr Smith asked the president "where do you come down?" on the privacy versus security debate. He was not asked to comment on the dispute with Apple.
Mr Obama said the government should not be able to "just willy nilly" access smartphones full of very personal data. But at the same time, while asserting that he was "way on the civil liberties side", he said "there has to be some concession" to be able to obtain the information in certain cases.
Apple and the government are embroiled in a legal fight over Apple's refusal to help the FBI access the iPhone used in San Bernardino.
The FBI has been unable on its own to unlock the phone and wants Apple to create a programme specifically for that phone to help the bureau get to the data on it. But Apple has refused, saying that would set a terrible precedent.
Congressman Darrell Issa, who has sharply questioned FBI director James Comey during congressional hearings on the matter, said Mr Obama's comments showed his "fundamental lack of understanding of the tech community, the complexities of encryption and the importance of privacy to our safety in an increasingly digital world".
Mr Issa said the solution, or key, that the government wanted Apple to create could be eventually compromised.
"There's just no way to create a special key for government that couldn't also be taken advantage of by the Russians, the Chinese or others who want access to the sensitive information we all carry in our pockets every day," he said.

Thursday, 10 March 2016

Bill Gates Discusses Apple vs. FBI, Quantum Computing During Reddit AMA


Microsoft co-founder Bill Gates is no stranger to Reddit's Ask Me Anything (AMA) sessions. The billionaire software developer turned philanthropist took part in his third AMA yesterday answering questions on several topics, including his take on Apple's standoff with the FBI over iPhone encryption.
The way Gates sees it, there has to be a discussion that centers on when the government should be able to gather information. He also thinks the government needs to make clear what safeguards are in place to prevent it from abusing its position.
"Right now a lot of people don't think the government has the right checks to make sure information is only used in criminal situations. So this case will be viewed as the start of a discussion," Gates said. "I think very few people take the extreme view that the government should be blind to financial and communication data but very few people think giving the government carte blanche without safeguards makes sense. A lot of countries like the UK and France are also going through this debate. For tech companies there needs to be some consistency including how governments work with each other. The sooner we modernize the laws the better."
Asked what he do if he was in charge of Apple, Gates said one possible solution is to propose some kind of plan that would balance the government being able to obtain information in some cases with having safeguards in place to ensure the government's powers don't trickle out beyond specific cases.
"There is no avoiding this debate and they could contribute to how the balance should be struck," Gates said.
On the topic of quantum computing, Gates said it's something that Microsoft and others are currently working on, but doesn't know when it will work or become mainstream.
"There is a chance that within 6-10 years that cloud computing will offer super-computation by using quantum. It could help us solve some very important science problems including materials and catalyst design," Gates said.

Wednesday, 9 March 2016

Apple has support of independent voters in FBI iPhone battle

CNET
In a 2-to-1 margin, independent voters say the iPhone maker shouldn't cooperate with government efforts to crack open a terrorist's iPhone, according to a new poll.
Apple has at least one firm political ally in its fight with the FBI over an encrypted iPhone linked to the deadly San Bernardino terrorist attack: the independent voter.
Overall, Americans are equally divided as to whether national security interests outweigh privacy concerns, according to a poll of registered voters released Tuesday. The poll, conducted by Wall Street Journal and NBC News, asked respondents which scenario concerned them more: that the US won't go far enough in monitoring terror suspects' communications, or that the government would go too far and violate the privacy of its citizens.
Overall, 47 percent said they feared the government wouldn't go far enough in protecting national security, while 44 percent feared it would intrude too far into citizens' privacy. Republicans leaned toward protecting national security over a government overreach concerns, 57 percent to 37 percent, respectively. Meanwhile, Democrats were a little more evenly split on the subject, with 50 percent worrying the government would go too far and 40 worrying it wouldn't go far enough.
The only voter group that seems to be siding with Apple on the issue is the independent voter. By a 2-to-1 margin, independent voters, who don't tend to identify with either major US political party, said Apple shouldn't cooperate with in the FBI's efforts to crack open a phone (58 percent) compared with those who said the company should cooperate (28 percent).
The poll results give a little more insight into the closely-watched standoff between Apple and the feds intensifies. At issue is whether courts and law enforcement agencies can compel Apple to break the iPhone's security features.
In arguing for a February 16 court order, the FBI said the situation is specific to the single iPhone 5Cused by one of the terrorists involved in a December massacre in San Bernardino, California, in which 14 people died and 20 others were wounded. Apple CEO Tim Cook says if the government gets its way, the company's phones will be inherently less secure.
The encryption debate is complex and divisive among US citizens, according to multiple surveys. A Pew study found about 51 percent of those surveyed believed Apple should comply with the court order, while 38 percent said the tech giant shouldn't unlock the iPhone. However, a Reuters poll had opposite results. About 46 percent actually agreed with Apple's stance and 35 percent disagreed. In a CNET poll with more than 22,000 responses, an overwhelming majority sided with Apple's refusal to assist.
Besides the support of the independent voter, Apple also has the backing of more than 40 top tech companies, including Amazon, Facebook, Google and Microsoft, that filed amicus briefs last week to show their support for Apple in the battle.
A court hearing to determine whether Apple should be forced to comply with the FBI's request is set for March 22 in federal court in Riverside, California.
Apple did not immediately respond to a request for comment on the poll, which surveyed 1,200 registered voters between March 3 and 6.

Tuesday, 8 March 2016

Criminals call locked iPhones a 'gift from God,' NYPD official says

Apple's refusal to unlock iPhones tied to criminal investigations does nothing but help lawbreakers, according to the New York Police Department's counter-terrorism chief.
John Miller lashed out at Apple's iPhone encryption security on a radio talk show, the New York Daily News reported Sunday. Miller specifically criticized Apple's decision to remove the ability to bypass an iPhone's passcode to access personal data, a feature added last year with the iOS 8 mobile operating system as a way to strengthen security.
"You are actually providing aid to the kidnappers, robbers and murderers who have actually been recorded on the telephones in Riker's Island telling their compatriots on the outside, 'You gotta get iOS 8. It's a gift from God' -- and that's a quote -- 'because the cops can't crack it,'" Miller said during the radio interview.

Apple is embroiled in a battle with the FBI over one iPhone in particular. The FBI has demanded that Apple help unlock an iPhone used by one of the terrorists in the San Bernardino, California, massacre in December. The FBI believes the phone's contents are important to the investigation. Apple has so far refused, arguing that it would need to create an entirely new custom version of its iOS software and build a backdoor that would put all iPhones in jeopardy.
The case reopens the always-prickly conflict between individual privacy and national security. Apple and others say encryption, which ensures that personal data cannot be read without proper authorization, protects private information and communications. Law enforcement officials contend that the ability to access such data is vital in the investigation and prevention of crime and terrorism.
Though the iPhone 5C used by one of the San Bernardino shooters has triggered the latest controversy, Miller called attention to a batch of iPhones held by New York City prosecutors in criminal cases. The phones contain recordings of people admitting to crimes, according to Miller, but Apple won't help law enforcement officials access the devices.
"Right now Cy Vance, the Manhattan district attorney, has 175 iPhones stacked up in his office that are subject to search warrants, issued by judges, involved in crimes," Miller said
"Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person's smartphone," Federighi said in an op-ed in The Washington Post on Sunday.
On March 1, FBI Director James Comey and Apple General Counsel Bruce Sewell faced a five-hour barrage of questions from Congress over the iPhone encryption showdown. On March 22, the two sides will face each other in US District Court to argue their respective positions.

Sunday, 6 March 2016

Criminals like Apple Phone because of Encryption


Criminals have been favoring Apple iPhones in their criminal activities because of the strong encryption the devices have, three US law enforcement groups said in a court filing.
The groups said they knew about “numerous instances,” in which criminals switched from burner devices to iPhones, but didn’t name any specific examples.
Their brief, however, cited a call intercepted by New York authorities, in which a criminal branded the iPhone encryption system a “gift from God.”
The hearing took place within the framework of the legal battle between Apple and the US Department of Justice.
Last month, the country’s authorities obtained a court order urging the tech giant to design new software, to enable police to hack into an iPhone used by the gunman in the San Bernardino, California shooting last December.
Apple stated that such an order would set a dangerous precedent, putting their users’ security at risk.
Their concerns were echoed by fellow tech giants: on Thursday, Google, Facebook and Microsoft, and some 25 other companies sent legal briefs in support of Apple’s statement.

It comes just as French parliament voted in favor of the law that would see phone makers penalized for non-cooperation with the authorities in matters of security, and terror threats in particular.
The bill is an amendment to existing legislation. It states a private enterprise that refuses to give encrypted data to investigators would face up to five years in jail and a €350,000 fine.
Speaking at the National Assembly on Thursday, center-right lawmaker Philippe Goujon said the amendment is a "realistic sanction," adding that it could set up "the criminal responsibility of encryption key makers who refuse to cooperate" with authorities.
Socialist Justice Minister Jean-Jacques Urvoas said he supported the intent of the document, but raised questions about its legal basis. Urvoas added that increasing penalties only for terrorism-related crimes would create inconsistencies in the French penal code, and urged the lawmakers to work on developing the document and avoid any discrepancies, according to French media outlet Le Monde.
Courtesy: RT 

The government has been opposed to the bill, and is reportedly reluctant to deal with phone giants in such a way, so it remains to be seen whether the bill will make it to the statute books and become law

MY AD 2