Apple’s Reply to the FBI

 

Apple’s CEO Tim Cook has just released a message to Apple’s customers:

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

The Need for Encryption

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.

For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.

The San Bernardino Case

We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The Threat to Data Security

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

A Dangerous Precedent

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Tim Cook

Your thoughts?

Published in Islamist Terrorism, Science & Technology
Like this post? Want to comment? Join Ricochet’s community of conservatives and be part of the conversation. Join Ricochet for Free.

There are 185 comments.

Become a member to join the conversation. Or sign in if you're already a member.
  1. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Amendment 4: Search and Arrest
    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    The FBI is asking for warrantless search of my effects. GET. A. WARRANT.

    • #1
  2. Stephen Dawson Inactive
    Stephen Dawson
    @StephenDawson

    Lazy_Millennial:Amendment 4: Search and Arrest
    The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    The FBI is asking for warrantless search of my effects. GET. A. WARRANT.

    Let’s say there’s no difficulty in getting a search warrant (I’d be surprised if there were), it seems unlikely that a warrant could force Apple to undertake the engineering task asked of it.

    • #2
  3. I Walton Member
    I Walton
    @IWalton

    Who is a greater threat to us?  The government or the terrorists?  The terrorists in San Bernadino had encrypted phones, but their intentions were in front of us.   A government capable of not abusing the technology, leaking it or selling it could easily have stopped these two.

    • #3
  4. Stephen Dawson Inactive
    Stephen Dawson
    @StephenDawson

    I’m on Apple’s side on this.

    Initially I was a little shocked that a rewrite of the OS could reveal the hidden information since modern practice is to encrypt using a secret key, but this paragraph solves the problem:

    The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

    The electronic input needs no explanation. Presumably the ‘security features’ to be removed would be, at least, any lockout that might be invoked after a certain number of failed guesses.

    • #4
  5. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Lazy_Millennial: The FBI is asking for warrantless search of my effects. GET. A. WARRANT.

    No, they have a warrant. They’re asking for something else: the technology to effectuate such a search, with a warrant.

    • #5
  6. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Stephen Dawson: The electronic input needs no explanation. Presumably the ‘security features’ to be removed would be, at least, any lockout that might be invoked after a certain number of failed guesses.

    Not only lock it out, though, but presumably allow the user back in after he or she crosses some authentication hurdle. Users wouldn’t be pleased if data were just destroyed after x number of failed guesses.

    • #6
  7. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    I Walton:Who is a greater threat to us? The government or the terrorists? The terrorists in San Bernadino had encrypted phones, but their intentions were in front of us. A government capable of not abusing the technology, leaking it or selling it could easily have stopped these two.

    Actually, the initial rumor that they’d conveyed their jihadi enthusiasms on Facebook seems to have incorrect; or rather, reportedly they didn’t do so by posting on their pages, but rather through private messaging. (How the government subsequently knew that, I don’t know.)

    • #7
  8. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Claire Berlinski, Ed.:

    Lazy_Millennial: The FBI is asking for warrantless search of my effects. GET. A. WARRANT.

    No, they have a warrant. They’re asking for something else: the technology to effectuate such a search, with a warrant.

    Disagree. Apple’s already done everything they can for the phones of the shooters. The FBI is asking Apple to create a master key, promising to only use it once:

    Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

    In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

    The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

    • #8
  9. BrentB67 Inactive
    BrentB67
    @BrentB67

    I think the problem with this is that the FBI in effort to carry out the warrant is asking Apple for a master key to everyone’s home on the promise that the federal government will not use it outside of the Constitutional limits placed on law enforcement.

    I support Tim Cook’s position. Our federal gov’t has not proven trustworthy on privacy or security.

    Our safety and security is our individual responsibility, not the federal government.

    And of course as usual the federal gov’t finds it easier to potentially circumvent individual privacy rather than deal with the source of the San Bernardino attacks.

    • #9
  10. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    I Walton:Who is a greater threat to us? The government or the terrorists? The terrorists in San Bernadino had encrypted phones, but their intentions were in front of us. A government capable of not abusing the technology, leaking it or selling it could easily have stopped these two.

    Ah, let’s give the government more power, but they surely won’t abuse it.

    As for leaking it, they already gave Chinese contractors root access to the Office of Personnel Management’s files. These people are not competent. Not even close.

    • #10
  11. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Lazy_Millennial:Disagree. Apple’s already done everything they can for the phones of the shooters. The FBI is asking Apple to create a master key, promising to only use it once:

    Yes, that’s what I mean. They’re asking Apple to create the technology to effectuate the warrant. It does not now exist.

    • #11
  12. EJHill Podcaster
    EJHill
    @EJHill

    The Feds can go pound sand.

    Reconcile the reasoning that allowing hundreds of thousands of Muslim refugees into the country poses no deadly threat to the idea that people will die if we don’t surrender our electronic privacy. Either safety is everything or its nothing.

    In this case it’s just an excuse that the Feds have been looking for for years.

    • #12
  13. hokiecon Inactive
    hokiecon
    @hokiecon

    I side with Apple on this.

    It’s refreshing to see a ferocious commitment to encryption in the days where online privacy is essentially nonexistent—especially from a technology company, whose peers have been surprisingly reticent on the matter. Why the FBI can’t corroborate that they won’t be the only ones using the supposed “one-time” backdoor I don’t know.

    I guarantee the first tech company to accommodate the FBI’s backdoor request will bring with it the first massive, massive, breach of security with huge ramifications in the long term. It won’t be the same going forward after that.

    • #13
  14. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Claire Berlinski, Ed.:

    Lazy_Millennial:Disagree. Apple’s already done everything they can for the phones of the shooters. The FBI is asking Apple to create a master key, promising to only use it once:

    Yes, that’s what I mean. They’re asking Apple to create the technology to effectuate the warrant. It does not now exist.

    If it were limited to just the one phone, I’d have no problem with it. But there’s no way to guarantee that. And even if we’d had a long national debate about this and Rand Paul had convinced us that the “master key” backdoor would only be used when a warrant had been obtained, I have no confidence in the government’s ability to keep the “master key” iOS off the black market. See OPM hack, Hillary’s server, etc.

    • #14
  15. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    BrentB67:

    And of course as usual the federal gov’t finds it easier to potentially circumvent individual privacy rather than deal with the source of the San Bernardino attacks.

    Here’s the court order. Pretty obviously, you could “deal with the source of the attacks” all you like, but this is still be a tool the government’s going to want. Without it, you can’t search these devices even with a warrant — which makes the metaphor of searching a home collapse. They’re basically arguing that the Constitution forbids reasonable search and seizure. It doesn’t. If I shoot the president in front of 500,000 witnesses and then repair to my apartment, my lawyer won’t get far with insisting the Feds shouldn’t be allowed to search my home even with a warrant because that violates my 4th Amendment rights.

    • #15
  16. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Lazy_Millennial: If it were limited to just the one phone, I’d have no problem with it.

    Nor would I.

    But there’s no way to guarantee that.

    Well, the court order seems to suggest there is. They want Apple to code the SIF with the phone’s unique identifier. So I think what Apple really wants is to establish a precedent — they’re casting themselves in the role of journalists who go to jail to protect their sources. But I don’t see that there’s any reason, constitutionally, to say they have the right to do this.

    And even if we’d had a long national debate about this and Rand Paul had convinced us that the “master key” backdoor would only be used when a warrant had been obtained, I have no confidence in the government’s ability to keep the “master key” iOS off the black market. See OPM hack, Hillary’s server, etc.

    It doesn’t seem to me that in fact what they’re asking for is some kind of master key. The judge says, “You can do this at an Apple facility, you don’t need to share the tool with us, we just want you to tell us what’s on that phone.” (They’re intimating that it’s a genuine ticking-time-bomb scenario, which it might be.) So the question is whether Apple trusts itself not to keep it off the black market, and the answer could be, “maybe not,” but I suspect it’s more about PR post-Snowden.

    • #16
  17. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Claire Berlinski, Ed.:

    BrentB67:

    And of course as usual the federal gov’t finds it easier to potentially circumvent individual privacy rather than deal with the source of the San Bernardino attacks.

    Here’s the court order. Pretty obviously, you could “deal with the source of the attacks” all you like, but this is still be a tool the government’s going to want. Without it, you can’t search these devices even with a warrant — which makes the metaphor of searching a home collapse. They’re basically arguing that the Constitution forbids reasonable search and seizure. It doesn’t. If I shoot the president in front of 500,000 witnesses and then repair to my apartment, my lawyer won’t get far with insisting the Feds shouldn’t be allowed to search my home even with a warrant because that violates my 4th Amendment rights.

    Better analogy: Apple is refusing to build the FBI a massive fleet of infrared thermal imagers, even though they’re the only ones who could build on to look inside your home. Can’t build just one, it’s either a massive fleet or none.

    • #17
  18. Concretevol Thatcher
    Concretevol
    @Concretevol

    I’m with Cook on this one as well.  The Feds aren’t using the technology they have efficiently so let’s give them more!  I don’t blame the FBI on this however either.  It makes sense that law enforcement would push for as much as they can get.  They aren’t in the business of guarding out civil liberties.  They have one purpose, to solve crimes.  It’s the courts that have to protect those limits.

    • #18
  19. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Claire Berlinski, Ed.:

    Lazy_Millennial: If it were limited to just the one phone, I’d have no problem with it.

    Nor would I.

    But there’s no way to guarantee that.

    Well, the court order seems to suggest there is. They want Apple to code the SIF with the phone’s unique identifier. So I think what Apple really wants is to establish a precedent — they’re casting themselves in the role of journalists who go to jail to protect their sources. But I don’t see that there’s any reason, constitutionally, to say they have the right to do this.

    And even if we’d had a long national debate about this and Rand Paul had convinced us that the “master key” backdoor would only be used when a warrant had been obtained, I have no confidence in the government’s ability to keep the “master key” iOS off the black market. See OPM hack, Hillary’s server, etc.

    It doesn’t seem to me that in fact what they’re asking for is some kind of master key. The judge says, “You can do this at an Apple facility, you don’t need to share the tool with us, we just want you to tell us what’s on that phone.”

    This is still a master key. Just one that Apple controls rather than the FBI

    • #19
  20. BrentB67 Inactive
    BrentB67
    @BrentB67

    Claire Berlinski, Ed.:

    BrentB67:

    And of course as usual the federal gov’t finds it easier to potentially circumvent individual privacy rather than deal with the source of the San Bernardino attacks.

    Here’s the court order. Pretty obviously, you could “deal with the source of the attacks” all you like, but this is still be a tool the government’s going to want. Without it, you can’t search these devices even with a warrant — which makes the metaphor of searching a home collapse. They’re basically arguing that the Constitution forbids reasonable search and seizure. It doesn’t. If I shoot the president in front of 500,000 witnesses and then repair to my apartment, my lawyer won’t get far with insisting the Feds shouldn’t be allowed to search my home even with a warrant because that violates my 4th Amendment rights.

    I agree. However, if you did such a thing that doesn’t authorize the government to get a key to my apartment as well.

    • #20
  21. BrentB67 Inactive
    BrentB67
    @BrentB67

    Lazy_Millennial:

    Claire Berlinski, Ed.:

    Lazy_Millennial: If it were limited to just the one phone, I’d have no problem with it.

    Nor would I.

    But there’s no way to guarantee that.

    Well, the court order seems to suggest there is. They want Apple to code the SIF with the phone’s unique identifier. So I think what Apple really wants is to establish a precedent — they’re casting themselves in the role of journalists who go to jail to protect their sources. But I don’t see that there’s any reason, constitutionally, to say they have the right to do this.

    And even if we’d had a long national debate about this and Rand Paul had convinced us that the “master key” backdoor would only be used when a warrant had been obtained, I have no confidence in the government’s ability to keep the “master key” iOS off the black market. See OPM hack, Hillary’s server, etc.

    It doesn’t seem to me that in fact what they’re asking for is some kind of master key. The judge says, “You can do this at an Apple facility, you don’t need to share the tool with us, we just want you to tell us what’s on that phone.”

    This is still a master key. Just one that Apple controls rather than the FBI

    And Apple clearly has no interest in the liability or loss of customer trust that engenders.

    • #21
  22. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Lazy_Millennial:

    Better analogy: Apple is refusing to build the FBI a massive fleet of infrared thermal imagers, even though they’re the only ones who could build on to look inside your home. Can’t build just one, it’s either a massive fleet or none.

    Not really: From the court order,

    Screen Shot 2016-02-17 at 13.45.39 Screen Shot 2016-02-17 at 13.47.11 Screen Shot 2016-02-17 at 13.47.28

    • #22
  23. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    hokiecon: I guarantee the first tech company to accommodate the FBI’s backdoor request will bring with it the first massive, massive, breach of security with huge ramifications in the long term. It won’t be the same going forward after that.

    Apple’s been cooperating with such requests for ages; they’ve only just stopped, as opposed to only just beginning. And the more I look at the government’s case, the less the All Writs Act looks like “some obscure 1789 law.” It looks like “overwhelmingly established precedent.”

    • #23
  24. Lazy_Millennial Inactive
    Lazy_Millennial
    @LazyMillennial

    Claire Berlinski, Ed.:

    Lazy_Millennial:

    Better analogy: Apple is refusing to build the FBI a massive fleet of infrared thermal imagers, even though they’re the only ones who could build on to look inside your home. Can’t build just one, it’s either a massive fleet or none.

    Not really: From the court order,

    Screen Shot 2016-02-17 at 13.45.39 Screen Shot 2016-02-17 at 13.47.11 Screen Shot 2016-02-17 at 13.47.28

    Again, I’ll quote Tim Cook,

    The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices.

    At this point we’re gonna need an independent expert to tell us who’s right here: Cook or the FBI

    • #24
  25. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    Lazy_Millennial: At this point we’re gonna need an independent expert to tell us who’s right here: Cook or the FBI

    Well, Cook sure isn’t earning my trust by dismissing the government’s request as an “unprecedented” use of the All Writs Act. It’s in a fact a “pretty standard use of the All Writs Act as it was written and as it’s been interpreted since 1789.”

    • #25
  26. Tenacious D Inactive
    Tenacious D
    @TenaciousD

    https://xkcd.com/504/

    • #26
  27. BD Member
    BD
    @

    Yeah, I actually fear terrorists more than the US Government at this point. Maybe the US shoots up Christmas parties or flies planes into skyscrapers, I don’t know. I don’t listen to Alex Jones.

    • #27
  28. The King Prawn Inactive
    The King Prawn
    @TheKingPrawn

    The key part of the All Writs Act is this phrase:

    agreeable to the usages and principles of law

    Which principle of law gives government the power and authority to command a person or business to aid them in such a way?

    • #28
  29. Claire Berlinski, Ed. Editor
    Claire Berlinski, Ed.
    @Claire

    BD:Yeah, I actually fear terrorists more than the US Government at this point. Maybe the US shoots up Christmas parties or flies planes into skyscrapers, I don’t know. I don’t listen to Alex Jones.

    I fear both — an over-powerful government is dangerous; that’s why we have a limited government — but I certainly don’t think terrorism (or any kind of felony crime, for that matter) is imaginary, or a threat the government hypes up every now and again to arrogate to itself more power.

    • #29
  30. David Carroll Thatcher
    David Carroll
    @DavidCarroll

    I have no expertise in criminal procedure, but philosophically, I stand with Tim Cook on this.  It is wrong for the government to affirmatively order a private entity to perform services, even if it agrees to pay the reasonable cost (as the order appears to provide).

    A warrant can order a private party to permit access, but it is wrong to order the party to take specific affirmative steps.  For example, a warrant may authorize the search of a mountain cabin, but it should not order the owner to climb the mountain and bring the contents back down, I think.  That is unduly intrusive.

    Removing the analogies from the criminal realm, we now have private companies working on space travel. Can the government order them to create a weapons satellite for the government’s use?

    How far can the government properly go in ordering private citizens to do the government’s bidding (the draft comes to mind)?

    • #30
Become a member to join the conversation. Or sign in if you're already a member.