I'm seeing a lot of comments to the effect that the government will just try again at some point.<p>Well, welcome to life in a democracy. Nothing is ever settled with finality because there are plenty of ways for future generations to change the laws we cherish today--for good or ill.<p>We could revoke the 13th and 14th Amendments and have slavery again--there is no <i>legal</i> impediment to that. That we don't do that is a reflection of our cultural values--today--which we continually discuss and reinforce.<p>We could abolish the EPA, or the IRS, or the NSA. We don't because these have enough supporters who value what they do, today. The 2nd Amendment remains strong today because millions of Americans work every day to keep it that way.<p>So, the long-term solution for strong encryption must be a cultural one. We have to be prepared to fight the crypto wars forever, like unions are still fighting the labor wars a century later. Like civil rights activists are fighting racism even today--and will be for the foreseeable future.<p>Is that depressing? Not to me; I find it inspiring, much better than a world in which government decisions are truly final. Beware that level of power IMO.
I feel like cases shouldn't be droppable unless both parties mutually agree, and the courts also must first agree.the courts should not agree if it's a case that could set a precedent that can have far reaching implications.<p>What if next time, a smaller player than Apple was caught in this sort of case, and they can't fight back as easily? Then it'd be easier to setup a precedent favourable to one party. This seems like a way to legally manipulate the common laws, and I think courts should put in place measures to prevent such manipulation.
I would treat this claim with a great deal of skepticism. However, this is by far the smartest play for the government. Had they gone to court and lost (probably after an appeal), they would have set a precedent that would be very problematic for them going forward. By claiming this, falsely or otherwise, they hurt Apple's security reputation (most consumers will not understand or care that this happens to be an old iPhone with an old version of iOS - they will just hear or read that an iPhone was cracked), and they avoided a potentially problematic legal outcome.<p>The DOJ came out on top here, whether they are lying or not.
It stinks that the case ended like this — without setting a sensible precedent — but I think there is still some upside:<p>FBI director Comey's "Going Dark" narrative no longer holds water with anyone who's paying attention. He cried wolf so loud he's been heard on every continent. If and when he tries this again, he'll get a ton more blowback.<p>Similarly, Obama's jibes about security "absolutism" now appear ridiculous. As are his criticism of impenetrable black boxes protecting child molesters. What he really wants is for the Emmental-like extensions of our brains to have even more holes. That's an obviously un-winnable argument.<p>Also, the bar for proving you've tried all possible alternatives for gaining access just got a lot higher in applying the All Writs Act. It took three months plus a month of major international news stories specifically about this court case to gain entry — something that might really be impossible to achieve next time. But now everyone knows when they swore under oath many times in multiple public venues that they couldn't gain access, what they really meant was "not yet" and not "it's impossible".<p>Finally, Apple should now be motivated to remove themselves as the weak link in their security ecosystem. System updates shouldn't be possible without first wiping the information needed to derive the encryption key or first supplying that key. I can also dream about them open sourcing their code to allow security researchers to bug hunt (an impossible dream). And maybe they'll change their minds on bug bounties. Whatever happens, it's now beyond doubt that foreign entities are exploiting vulnerabilities in the iPhone and we all expect Apple to beef up their security accordingly — regardless of how this may hinder law enforcement.
You could say they dropped it because they accessed the phone.<p>You might also say they dropped it because going to court and losing would greatly narrow the scope of the All Writs act. Then the "maybe illegal" spying coersion becomes "actually illegal"
So in the last week, a lot of media reports around the Brussels attacks have focused on how, in the immediate aftermath of the arrest of an alleged Paris conspirator, the Belgian authorities were premature in announcing that they were learning information about his co-conspirators, which caused those people to bring forward their attack plans.<p>Now, the FBI has just announced to the world that any information locked up in the San Bernardino iPhone is now in their hands. Presumably any co-conspirators who thought their contact details might be in that phone are now aware of that.<p>Now, on the other hand, for the past month or so, the FBI has on the contrary been doing a very good job of informing the world, with to some extent Apple's help, that they did <i>not</i> have access to the information in that phone. That may have served to reassure those same conspirators that the FBI was not onto them.. When perhaps they had actually cracked the phone some time ago, and were in fact in the process of employing that intelligence.<p>Too charitable to suspect the FBI of having pulled that off?
I wish Apple would be able to recoup their legal costs from the DoJ -- the government shouldn't be allowed to force a company to spend money on defending their rights (using our "unlimited" tax dollars to do so), only to drop the case at the last minute making the entire case moot.<p>Apple should be able to recover their legal costs.
Who wants to take bets on how? My bet is they copied the flash, and are iterating passcode guesses until it slows down too much (or implodes, however it's configured) and then they reflash and iterate again. And it was only a 4 digit passcode, so it was pretty easy to do this.<p>The next bet is whether they find anything relevant? My bet is no. Next bet after that is whether they admit it? My bet is they won't.<p>But the more important one is if they tell Apple or open a CVE for the exploit they used if it's not a flash and guess technique they used? Is it ethical for FBI to sit on an exploit?
This is possibly the worst outcome. The tide of public opinion was turning towards Apple and privacy, and away from the FBI; for it to enter the court under this pretence there was a strong argument to be made against the latter. With this announcement, for the many, this matter will now be "resolved". When it inevitably rears its ugly head again, the same pretence may no longer be true.
The reality is that the FBI accessed it, so they no longer required Apple's help.<p>"The Justice Department said Monday it has accessed data on the iPhone used by a shooter in last year's San Bernardino, California, attacks and no longer needs Apple's help in cracking it."<p>Apparently a 3rd party from Israel (<a href="http://www.cellebrite.com/" rel="nofollow">http://www.cellebrite.com/</a>) helped the FBI which begs the question, how did they do it? Do they have universal access to all iOS devices or just this particular device? This really makes me start to think there is a backdoor.
The FBIs motives have always been nakedly transparent in this case. They had no interest in the specific phone, they wanted to use it as a wedge issue to force a precedent. Once they figured out this avenue was a bust, they withdrew to find a different angle. Since everything is classified anyway, it's irrelevant if they actually cracked the phone or not but if they did, it was probably by buying an exploit from the NSA TAO store [1].<p>[1] <a href="https://en.m.wikipedia.org/wiki/NSA_ANT_catalog" rel="nofollow">https://en.m.wikipedia.org/wiki/NSA_ANT_catalog</a>
So what happens to the other 200+ iphones that law enforcement needed opened?<p>It seems like there are at least certain iphones that can be opened using this method and similar hardware based approaches. Are the feds going to move forward with that? It seems like accessing this particular phone wasn't trivial or cheap. So I'd imagine that it will come down to whether or not it's "worth" the cost of flashing individual chips for each of the other devices.<p>And what happens if there is potentially exonerating evidence on one of those phones? Does the defense team have to come up with the money to pay for a lab or outside company to open the phone? And also, is an encrypted phone going to be the new 'dna evidence'? Like, will a brand new iphone that's linked to a major crime be held away for years until the security community can hack it, potentially setting people free or sending them to jail?<p>Sorry for all the interrogatives. Even though this particular case has been settled, there are still a lot of questions surrounding default device level encryption.
Am I thinking right when it seems to me like the feds are kicking the can down the road?<p>Even though the feds found an exploit that allows 'em to decrypt the current iOS, Apple's response is undoubtedly gonna be much-improved security in the next version.<p>So in a few years when the feds demand that an iOS 10.x device be decrypted, this whole pageant will start over again.
Reminder that the FBI used the deaths of 14 people to prop up their agenda of 'make the invoices we receive cheaper'.<p>They chose this case and not any of the dozens of similar investigations mentioned in articles that have come out since.<p>It's a disgrace to the victims, their families and friends.<p>It's also a disgrace to the public, trying to scare us into complacency.
So, the US DOJ has in hand an exploit which allows them to access protected data on an iPhone, access that Apple and the phone's designers clearly did not intend to be allowed. Ethical behavior would have the US DOJ describe the exploit to Apple immediately so that the flaw in the system can be repaired. Publishing the exploit in publicly available documents would speed Apple's efforts to repair the fault.
Who wants to be there was absolutely nothing on the phone of value for the intelligence community? It's like the Reddit "what's in the safe" threads.<p>I just wonder what methods they used, I think it'd be pretty interesting to learn just the general strategy, as I assume they would never tell how exactly they did it.
Was I the only one who assumed the DOJ could unlock the phone for a while now, but instead chose to legally force Apple to do it to set a precedence? This news almost seems like a win for Apple; if there was a good chance that the DOJ would have won the case, they probably would have pursued it till the end.
I promise I don't wear a tin foil hat, but it would be great if they proved that they did access it. The cynic in me wonders if they're tapping out because they didn't want to lose in court and set a precedent they don't like.
The case is droppable because it lacks public support. That was clear a month ago. It's an impossible scenario - requiring an engineering effort from a consumer focused company. If Apple wanted to comply, it would have been extraordinarily costly.<p>What's good about the case is that it brought forth a discussion about privacy. This case coupled with the Clinton email scandal should move a few ideas forward developing solutions that wouldn't otherwise have been profitable ventures. Where Lavabit had a very niche market a few years ago, companies thinking along those lines will have success moving forward.
This doesn't really mean anything. The question is: Does Apple have the right to make an uncrackable phone? We have no resolution on that issue: Only the knowledge that the iPhone 5s is not such a phone.
This is a legally naive question, but how does this not run afoul of the Computer Fraud and Abuse Act?<p>Particularly, how isn't this some violation of section a2 ("intentionally accesses a computer without authorization or exceeds authorized access," the same thing that got Aaron Swartz indicted)? Is it basically, since the feds had a warrant, they can do whatever they want? (And if they don't have a warrant, is it still legal?)
One question I'm not seeing often ...<p>From here, what's stopping the FBI from claiming they found X, Y, and Z on the phone, and further claiming they were all important pieces of evidence, that could possibly have prevented the attack, etc., etc., when they really didn't? Then, use that to bolster their arguments against encryption and privacy?<p>What means will keep them honest about what they did or did not find?
So, the long-term solution for strong encryption must be a cultural one. We have to be prepared to fight the crypto wars forever, like unions are still fighting the labor wars a century later. Like civil rights activists are fighting racism even today--and will be for the foreseeable future.<p>So true .. and it up to you to continue our peoples struggle. - I've seen this time and time again .. WTC7 was one of those don't believe your eyes. and Now the Gov. lackeys need your info to sell as so-called information brokers to get you special offers. Based on any and all of your actions. ( think supper cookies ) but moved to a mobile platform you! And you if don't want special offers - then you are a terrorist! - and YOU become the focus. Not WTC7 - Waco or that poor man in the US house who forgot he was 2nd admin C&C denied. But did not get a chance to explain - before the cover up started. I support APPLE & Mr. Snowden vs. the FBI/INFORMATION BROKERS on this hope you do as well.
This claim seems dubious at best. There's no proof that they got access, and it's in their best interest to claim they did. On one hand, I'm not totally sure we should assume that they're not capable of gaining access to iPhones willy-nilly. On the other hand, I'm re-evaluating my security posture...
While this case might have ended, but the battle isn't over yet. Via Matthew Keys on Twitter:<p>"There are 6 other cases where Apple is still fighting the DOJ re: unlocking phones"<p><a href="https://twitter.com/matthewkeyslive/status/714583232117755904" rel="nofollow">https://twitter.com/matthewkeyslive/status/71458323211775590...</a><p>^ Link includes an image with 7 other cases where Apple has either objected to warrants, 2 that are still in process.<p>The most interesting one is the last, which involves an iPhone 6+ running iOS 9.1. It's not yet clear whether the zero day that allowed the government to access the San Bernardino phone also works on the iPhone 6, which has a secure enclave (unlike the San Bernardino phone). There are some other iPhone 6 and iPhone 5S devices in the list too running older versions of iOS.
If it only worked this once, why not declassify it?<p><a href="http://money.cnn.com/2016/03/28/news/companies/fbi-apple-iphone-case-cracked/index.html" rel="nofollow">http://money.cnn.com/2016/03/28/news/companies/fbi-apple-iph...</a>
Congratulations Apple and encryption. A precedent has be set. The FBI can't just bully companies into complying with their requests. Hopefully companies in future will have the integrity and courage to stand up like Apple did.
Hard to verify.
Perhaps if the FBI or other law enforcement continue to use the supposed vulnerability - eventually information obtained from a breached iPhone will appear in court as evidence..
While the claim about accessing the iPhone seems difficult to substantiate, the suggestion that the FBI have dropped the case seems likely. The fact that they can drop the case in this instance, when the wheels had started to come off, smacks of having their cake and eating. Let's hope the next case where they try to get the ball rolling towards the dangerous precedent they are looking to set yields a similar outcry as this one.
Meh. If any of this exposes anything, it is that you do not want your secrets to rest in anyone's hands but your own. Apple may/may-not have managed to protect their keys, but there is no guarantee that is the case.<p>Meanwhile Joe Public comes away with the idea Apple==SafeEncryption.<p>If this were some new encrypted messaging service we'd all be ripping the shit out of it just on this basis.
Now does this mean that iPhones can be hacked? The government has said that in the vast majority of cases it will disclose security vulnerabilities, though in a small handful it doesn't. It would be good for everyone’s security if they disclosed, but they probably won’t
I'm a little worried now about how long it will be before they come back and claim that there was some critical piece of evidence on the phone and start saying how evil Apple is for not wanting to cooperate because what are they, freedom haters?
As much as I dislike its implications, this is the way the case should have gone. Most of us knew the Feds would eventually crack the iPhone - the attempt to deputize Apple in their investigation was a matter of expedience.
> Government agencies are now able at least to break into handsets which don’t yet have the latest software upgrades.<p>Surely that should be latest <i>hardware</i> upgrades. The latest software upgrades are no good if not backed up by the secure enclave.
How do we think they did this?<p>Probably copied phone's memory and implemented a way to restore the state of the phone, then brute force try passcodes? I guess that could take only a week if they had only a 4 digit passcode.
Here's what really happened: they made Apple the offer they couldn't refuse, and Apple unlocked it. The rest is just a PR move for naive people to keep thinking their Apple phones are secure.
Is there any avenue for Apple to begin legal action against the US Gov't for hacking the phone, in order to shine a light on the truth of how the phone was "hacked"?
So, finally, the need for the perception that they can accomplish this on their own outweighed the need for the perception that they can compel this of a third party.<p>Meh
I suspect they didn't actually crack it. I think it's likely that they just realized the losing battle they were fighting. It sounded like a lot of public sentiment was against the FBI and they were unlikely to win the case (and it seemed like the information wasn't vital to them anyway) so they just gave an excuse to drop the case.<p>This has an additional benefit: rather than having the "boundaries" here be defined by a ruling, now in theory they have more time to work in a "gray area".
fwiw, John McAffee has said that he can decrypt the iPhone:
<a href="http://www.siliconbeat.com/2016/02/18/102312/" rel="nofollow">http://www.siliconbeat.com/2016/02/18/102312/</a>
Woah, wait a minute. By purposely bypassing security restrictions present on the device via some sort of exploit isn't the FBI violating the iPhone terms of use? Could Apple theoretically sue them for doing this (and most importantly, for not sharing _how_ they did this)?
Told ya. <a href="https://news.ycombinator.com/item?id=11199093" rel="nofollow">https://news.ycombinator.com/item?id=11199093</a>
Just a random thought: Isn't it quite an interesting coincidence that they found a way into the iPhone just as people were reporting problems with iOS 9.3?