OpenCdA’s post on February 19th titled Apple Bites provided a link to the “G’s” motion to compel Apple to devise a way to block Apple’s own ten-tries-you’re-out-forever safeguard against a brute force password attack on an Apple iPhone 5c. The “G” wants access to the iPhone 5c used by the San Berdo Two.
Apple was given until today to respond to the “G’s” motion.
Here is Apple’s response: Apple Inc’s Motion to Vacate Order Compelling Apple Inc. to Assist Agents in Search, and Opposition to Government’s Motion to Compel Assistance.
We don’t know how the Court will rule. Although it is a case probably ripe for litigation, we wish that both parties could enlist an outside third party to help them arrive at a non-litigious solution if one is possible.
Our suggestion (made while we’re holding our nose) is that at this point, the US Congress may more appropriate than the courts to address the national security issues raised by private key encryption in the public’s hands.
The Congress, if the children we elected to go there can ever learn to play well in the Fantasyland-on-the-Potomac sandbox together, owes it to the public and private interests to reach a compromise that enables lawful counterintelligence and counterterrorist operations affecting the national security to continue effectively while at the same time not infringing on a private corporation’s freedom to build a better mousetrap.
How do you order someone to invent something that at this point does not exist?
So far, the best analogy I’ve heard is like a man telling a woman I’ll only put the tip in.
Maybe on future Iphones a door can be built but the buyers would need to know their info is not safe.
I put this in the same file of “if you have nothing to hide”.
I am a little concerned that the Government apparently does not have programmers as smart as Apple.
Comment by Mike Teague — February 29, 2016 @ 10:26 am
Mike,
That’s the point Apple is making: What authority does the government or anyone else have to compel Apple to develop a way to defeat a security measure it developed and paid for? It wasn’t done under government contract, and in fact, the government has been encouraging private industry to use encryption and other safeguards to protect customer and employee privacy.
Apple spent a great deal of R&D money to develop that product. Add to that the cost of replacing every Apple product that would be potentially compromised if a Court upheld the Federal Magistrate Judge’s original order. That total is at least how much money the government would have to spend to fairly compensate Apple for its losses.
On the other hand, don’t overestimate the quality of Apple’s or any other product’s engineering and design people. People in those occupations often fall in love with their product and become blind to the vulnerabilities that they have inadvertently (and carelessly and negligently) engineered in. When confronted with incontrovertible evidence of a major vulnerability, everyone from the lowest snuffy design engineer up through their lying lawyers and the CEO in another country will deny the proof proves what it clearly does prove. If I were Apple, I would prefer that the US government know how to bypass the security measures rather than having that information in the hands of any other government or competitor. And if you’re a foreign government, you really do want to be able to defeat or override Apple’s safeguards.
Comment by Bill — February 29, 2016 @ 11:59 am