This is not about access to a terrorist's phone, it's about using a law from the 1800s to bypass congress and force Apple to backdoor their devices anytime the FBI wants an iPhone unlocked.

>>67992971
Hi Carl

>>67993129
Unlike Carl, I won't just give you just an
>ARE YOU KIDDING ME
in light of real justification.

The iPhone the terrorist used was his work iPhone. Had it been properly provisioned, the government (his employer) would have been able to get into it anyways. But even then his iPhone was set to backup to the iCloud, where the data would be readable by Apple. Apple told the FBI to take the phone to his home (Apple devices automatically back up to iCloud by default when they are on a known wifi network and plugged into power) but the cucks at the FBI changed his iCloud password to get in (not necessary as Apple had already agreed to retrieve available data on that end) and his iPhone could no longer log in.

The FBI used a law from the 1800s that allowed judges to rule when congress couldn't, e.g. they were preoccupied with war or somesuch. Problem is, what the FBI is demanding is already explicitly spelled out in the law as help Apple is not obliged to give (specifically, CALEA passed in the 1990s).

The FBI insists this is about one phone, but if it was they could have filed under seal and this case with the terrorist would not set a case law precedent. They did not file under seal, because thousands of law enforcement agencies want to be able to compel Apple to break the protections on their own devices at any time for non-terrorist cases.

>>67993373
So the FBI is making it look harder than it actually is?

Is McAfee right?

http://www.techinsider.io/john-mcafee-hack-iphone-2016-3

>>67993706
The FBI cannot unlock the iPhone without Apple's assistance. Basically before iOS version 8 (the software that runs on iPhone & iPad devices), the passcode was more of a prevention for people to open the phone but the data could be accessed unencrypted for most of the phone's contents. Snowden's shit comes out in 2013 and people become very privacy conscious, so they make iOS version 8 much more secure.

Essentially, only a small portion of the phone's software is kept unencrypted, to allow the phone to start and display the pin code screen. There's a tangled encryption key stored on the device, but it's incomplete. You need a PIN code to complete the formula. The device's contents cannot be read without the PIN. When you enter a PIN wrong several times, it starts adding time between attempts - after five attempts the cooldown for a PIN entry is a minute. After nine incorrect attempts, there is a one hour cooldown before you can enter another PIN. There's also an option (not enabled by default) that wipes the encryption key if ten incorrect PINs are entered in a row, making all data unrecoverable.

(more in a followup post to this)

>>67992869
https://www.change.org/p/hbo-replace-john-oliver-with-a-woman

>>67993895 here
The terrorist in this case used an iPhone 5C with older hardware. In this case, the iPhone's own iOS software enforces both the PIN entry delay and the 10 incorrect PIN attempt wiping. Newer iPhones (iPhone 5S and up) have a dedicated chip in the iPhone that enforces the delay and performs the wipe called the secure enclave.

Basically the FBI is saying that Apple should be compelled under the All Writs Act to make a special version of the iOS software, a separate branch, where the protections against automated PIN entry & wiping the phone for wrong PIN attempts are gone and PINs can be entered by a machine interface (either wired or bluetooth) so a machine can bruteforce the PIN for access to the phone in mere hours. This has substantial burden for Apple, is explicitly listed as help that Apple doesn't have to provide per CALEA (passed in the nineties), forces Apple to develop software they don't want to release (violation of their free speech).

iPhone devices also only run software that is digitally signed by Apple. Apple signs iOS devices with their private key, and then the public key is on the Apple devices to verify that the software is actually from Apple and intended to be run. Forcing Apple to sign a release that they do not want to make that disables key protections they feel are important is a violation of Apple's first amendment rights, since a digital signature by Apple is legally equivalent to a physical one, and is an endorsement that Apple backs the software.

iPhone software also does not work on per device (serial number) files, it works on builds for different hardware combinations (e.g. CDMA (sprint/verizon) 8gb iPhone 5C), meaning they can't make software easily that will only be usable on this one phone. The precedent of this case would require Apple to maintain a second codebase, because creating and destroying the code each time would be counterproductive.

[last bit in a moment]

>>67994178 here
If Apple has to maintain a codebase where the protections that allow device encryption to work properly and not be easily defeated by machine, then you are forcing Apple to maintain a government mandated backdoor so law enforcement can get in iPhones and iPads whenever they want. This software is dangerous, and should not exist. If it exists there is always a risk of it getting leaked - look at the Office of Personnel Management breach, for instance. Non-American governments and ne'er-do-wells will have a field day. If it stands, it would be hugely damaging to the US tech sector, as it would set a precedent that US hardware and software makers have to build in backdoors whenever the government wants. That's how flimsy the basis of the All-Writs Act is in the way the government is using it. Companies both internationally and domestically would be stupid NOT to switch to hardware, software, and services made by companies not subject to US law.

Anyone who backs the FBI's position on this case fundamentally misunderstands it. This is not about a terrorist's iPhone, this is about using terrorism to make Apple look bad in front of a public with limited interest/understanding to get a favorable ruling so the FBI can get a broad, sweeping precedent to have companies be compelled to work against their own users/customers.

>>67993895
How does this work in the case that someone legitimately forgets their pin?

Is there no override from a customer service point of view?

>>67993895
>>67994178
>>67994416
This is very informative. Thank you.

What would you do to get the data off the phone or is it gone forever?

>>67992869

Probably a bad idea to disagree with absolutely everything a person says just because they're been wrong before

>>67994498
There is no legitimate override from Apple's side. You can wipe the device to factory settings but it can't be unlocked.

Even the touch ID sensor (fingerprint) on the newer iPhones is implemented in a way where that unlock won't work under certain occasions. Essentially the PIN entry loads keys onto the secure element chip that allow the fingerprint reader to work. These keys are destroyed:
>Upon restart of the phone
>if the fingerprint reader is not used for 48 hours
>If 5 incorrect fingerprint attempts are made

https://support.apple.com/en-us/HT204306
>Unless you made a backup before you forgot your passcode, there isn't a way to save your device's data. You'll need to erase your device, which deletes all of your data and settings. Choose a way to erase:

>>67994641
The FBI should kiss the data goodbye. They have all the terrorist's data up to a month and a half or so before the attack, which is the date of the last iCloud backup. The data is not recoverable without Apple's assistance.

http://www.nytimes.com/2016/02/19/technology/how-tim-cook-became-a-bulwark-for-digital-privacy.html
>Apple had asked the F.B.I. to issue its application for the tool under seal. But the government made it public, prompting Mr. Cook to go into bunker mode to draft a response, according to people privy to the discussions, who spoke on condition of anonymity. The result was the letter that Mr. Cook signed on Tuesday, where he argued that it set a “dangerous precedent” for a company to be forced to build tools for the government that weaken security.

If the government had done what Apple asked, the court order would not be public, and this case would not serve as legal precedent to get other iPhones unlocked. The FBI thought they could use "BUT MUH TERRORISTS! APPLE ISN'T HELPING AGAINST TERRORISTS" card and have Apple fold to public pressure. Instead, everyone in the tech industry and people who understand how bad it would be if this ruling were to pass stood in opposition.

Look at all the companies that have submitted briefs in favor of Apple to the court:
https://www.apple.com/pr/library/2016/03/03Amicus-Briefs-in-Support-of-Apple.html

>>67995076 here
I forgot to mention, if the San Bernardino government was competent and used a mobile device management tool like SAP Afaria, MobilIron, etc., his employer could have reset the PIN code from that console. This would have worked if the phone was active (online) at the time they made the request. If the phone went offline after the attack this wouldn't have worked either. This is bog standard shit at companies/enterprises but apparently they didn't bother to have it installed on his government owned device:
http://www.ibtimes.com/apple-vs-fbi-county-officials-bought-mdm-unlock-software-never-installed-it-2316632
>The work-issued iPhone of San Bernardino gunman Syed Rizwan Farook, which is at the center of a dispute between Apple and the FBI, could have easily been unlocked with mobile device management (MDM) software. Not only were San Bernardino officials aware of the software, they were paying for it, according to a Sunday report from the Associated Press.
>As the software was never installed and configured on Farook’s device, officials lost a crucial method of regaining access to the device.
>Using MDM, Farook’s employers could have carried out a number of tasks without his permission. They could delete any data stored on board, track the device’s location, restrict services and unlock the phone’s passcode restriction. The software is normally used in organizations and schools to manage issued devices. It costs around $4 per phone per month.

>MobileIron Inc. was providing MDM software to the county, but county spokesman David Wert said the software was the responsibility of each department, and that there is no countywide policy on installation.

Had the government simply made sure his work owned device had this software on it (and all other work owned devices), they would have had issue accessing the phone.

My work iPhone can be unlocked, wiped, or read by my employer at any time... common sense shit.

>>67995543
>would have had issue
would have had zero issue*

SB government fucked up, FBI fucked up, lots of fuckups. Point is, the FBI seeks the most extreme remedy (forcing Apple to make backdoored software) in the worst possible way (where it's precedent for open season by all US law enforcement officials to request the backdoored software in any case, terrorist or not) and people wonder why Apple and others oppose it.

>>67994895
>>67995076
You really know your stuff.

I was originally for Apple hacking the phone as long as it was just for that specific phone, but there is clearly more to this.

Know that you've convinced someone that what the FBI is asking for is unreasonable.

>>67992869
>THESE HACKERS PLAYED SO MANY VIDEO GAMES THAT THEY FORGOT THAT CARS ARE ACTUALY OBJECTS TAHT CARRY ACTUAL PEOPLE
hahahahahah wooow what a prank bro, so funny XDD VIDEO GAMES GET IT?

They already have access but are pretending otherwise to lure terrorists into a false sense of security.
It's all theater, ignore it

>>67995821
Thanks. I work in software (not for Apple) and regularly implement encryption as part of working internally and with my customers. The FBI is making an unreasonable request here; not just for the security of devices themselves, but also abuse of the all writs act would basically nullify the legislative branch and do whatever the judicial branch feels might be helpful to law enforcement in a variety of aspects.

If the US gets a backdoor, every other government will claim they need one too, and apple will have to deliver if they don't want China and the EU to seize all their assets. The US goverment can't provide any political support to apple since they've claimed themselves it's a necessary tool to fight terror.
The result will be that Apple removes the encryption, because if they can't guarantee the safety of the encrypted data the encryption is worthless anyway: It's not up to Apple whether the data is safe or not, it's up to everyone who has a backdoor. It also costs money to make backdoor operating systems to every government every time there is an iOS update.

You might trust your own government, but other governments and Apple's customers in other countries don't. You might say "haha too bad for those idiots", but Apple won't spend money making encryption technology that most of their customers consider worthless. There are plenty of other functions that money could be used towards, functions useful to everyone. In the end no one will have any privacy, and everyone can get access to your phone.