FBI–Apple Encryption Dispute - Wikipedia, the Free Encyclopedia 6/2/16, 6:59 AM
Total Page:16
File Type:pdf, Size:1020Kb
FBI–Apple encryption dispute - Wikipedia, the free encyclopedia 6/2/16, 6:59 AM FBI–Apple encryption dispute From Wikipedia, the free encyclopedia The FBI–Apple encryption dispute concerns whether and to what extent courts in the United States can compel manufacturers to assist in unlocking cell phones whose contents are cryptographically protected.[1] There is much debate over public access to strong encryption.[2] In 2015 and 2016, Apple Inc. has received and objected to or challenged at least 11 orders issued by United States district courts under the All Writs Act of 1789. Most of these seek to compel Apple "to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS 7 and older" in order to assist in criminal investigations and prosecutions. A few requests, however, involve phones with more extensive security protections, which Apple has no current ability to break. These orders would compel Apple to write new software that would let the government bypass these device's security and unlock the phones.[3] The most well-known instance of the latter category was a February 2016 court case in the United States District Court for the Central District of California. The FBI wanted Apple to create and electronically An iPhone 5C, the model used by one sign new software that would enable the FBI to unlock a work-issued of the perpetrators of the 2015 San iPhone 5C it recovered from one of the shooters in a December 2015 Bernardino attack terrorist attack in San Bernardino, California, that killed 14 people and injured 22. The two attackers later died in a shootout with police, having first destroyed their personal phones. The work phone was recovered intact but was locked with a four-digit password and was set to eliminate all its data after ten failed password attempts. Apple declined to create the software, and a hearing was scheduled for March 22. However, a day before the hearing was supposed to happen, the government obtained a delay, saying they had found a third party able to assist in unlocking the iPhone and, on March 28, it announced that the FBI had unlocked the iPhone and withdrew its request. In another case in Brooklyn, a magistrate judge ruled that the All Writs Act could not be used to compel Apple to unlock an iPhone. The government appealed the ruling, but then dropped the case on April 22 after it was given the correct passcode. Contents 1 Background 2 Apple ordered to assist the FBI https://en.wikipedia.org/wiki/FBI–Apple_encryption_dispute Page 1 of 15 FBI–Apple encryption dispute - Wikipedia, the free encyclopedia 6/2/16, 6:59 AM 2.1 Technical details of the order 2.2 Apple's opposition to the order 2.3 Legal arguments 2.4 FBI withdrawal of request 3 Other All Writs Act cases involving iPhones 4 Reactions 4.1 Support for Apple 4.2 Support for FBI 4.3 Calls for compromise 4.4 Proposed legislation 5 See also 6 References 7 External links Background In 1993, the National Security Agency (NSA) introduced the Clipper chip, an encryption device with an acknowledged backdoor for government access, that NSA proposed be used for phone encryption. The proposal touched off a public debate, known as the Crypto Wars, and the Clipper chip was never adopted.[4] It was revealed as a part of the 2013 mass surveillance disclosures by Edward Snowden that the NSA and the British Government Communications Headquarters (GCHQ) had access to the user data in iPhones, BlackBerry, and Android phones and could read almost all smartphone information, including SMS, location, emails, and notes.[5] According to The New York Times, Apple developed new encryption methods for its iOS operating system, versions 8 and later, "so deep that Apple could no longer comply with government warrants asking for James Comey, Director of the FBI https://en.wikipedia.org/wiki/FBI–Apple_encryption_dispute Page 2 of 15 FBI–Apple encryption dispute - Wikipedia, the free encyclopedia 6/2/16, 6:59 AM customer information to be extracted from devices."[6] Throughout 2015, prosecutors advocated for the U.S. government to be able to compel decryption of iPhone contents.[7][8][9][10] In September 2015, Apple released a white paper detailing the security measures in its then-new iOS 9 operating system. The iPhone 5C model can be protected by a four-digit PIN code. After more than ten incorrect attempts to unlock the phone with the wrong PIN, the contents of the phone will be rendered unaccessible by erasing the AES encryption key that protects its stored data. According to the Apple white paper, iOS includes a Device Firmware Upgrade (DFU) mode, and that "[r]estoring a device after it enters DFU mode returns it to a known good state with the certainty that only unmodified Apple-signed code is present."[11] Apple ordered to assist the FBI Tim Cook, Chief Executive Officer of Apple Inc. Cook and FBI Director The FBI recovered an Apple iPhone 5C owned by the San Bernardino Comey have both spoken publicly County, California government, that had been issued to its employee, about the case. Syed Rizwan Farook, one of the shooters involved in the December 2015 San Bernardino attack.[12] The attack killed 14 people and seriously injured 22. The two attackers died four hours after the attack in a shootout with police, having previously destroyed their personal phones. Farook's work phone was recovered intact, however.[13] The phone had been locked with a four-digit password.[14] On February 9, 2016, the FBI announced that it was unable to unlock the county-owned phone it recovered, due to its advanced security features, including encryption of user data.[15][16] As a result, the FBI asked Apple Inc. to create a new version of the phone's iOS operating system that could be installed and run in the phone's random access memory to disable certain security features that Apple refers to as "GovtOS". Apple declined due to its policy to never undermine the security features of its products. The FBI responded by successfully applying to a United States magistrate judge, Sherri Pym, to issue a court order, mandating Apple to create and provide the requested software.[17] The order was not a subpoena, but rather was issued under the All Writs Act of 1789.[18][19] The court order, called In the Matter of the Search of an Apple iPhone Seized During the Execution of a Search Warrant on a Black Lexus IS300, California License Plate 35KGD203, was filed in the United States District Court for the Central District of California.[20][21][22] The use of the All Writs Act to compel Apple to write new software was unprecedented and, according to legal experts, it was likely to prompt "an epic fight pitting privacy against national security."[23] It was also pointed out that the implications of the legal precedent that would be established by the success of this action against Apple would go far beyond issues of privacy.[24] Technical details of the order https://en.wikipedia.org/wiki/FBI–Apple_encryption_dispute Page 3 of 15 FBI–Apple encryption dispute - Wikipedia, the free encyclopedia 6/2/16, 6:59 AM The court order specified that Apple provide assistance to accomplish the following: 1. "it will bypass or disable the auto-erase function whether or not it has been enabled"[21] (this user- configurable feature of iOS 8 automatically deletes keys needed to read encrypted data after ten consecutive incorrect attempts[25]) 2. "it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available"[21] 3. "it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware"[21] The order also specifies that Apple's assistance may include providing software to the FBI that "will be coded by Apple with a unique identifier of the phone so that the [software] would only load and execute on the SUBJECT DEVICE"[21] There has been much research and analysis of the technical issues presented in the case since the court order was made available to the public.[26] Apple's opposition to the order The February 16, 2016 order issued by Magistrate Judge Pym gave Apple five days to apply for relief if Apple believed the order was "unreasonably burdensome". Apple announced its intent to oppose the order, citing the security risks that the creation of a backdoor would pose towards customers.[27] It also stated that no government had ever asked for similar access.[28] The company was given until February 26 to fully respond to the court order.[29][30] On the same day the order was issued, chief executive officer Tim Cook released an online statement to Apple customers, explaining the company's motives for opposing the court order. He also stated that while they respect the FBI, the request they made threatens data security by establishing a precedent that the U.S. government could use to force any technology company to create software that could undermine the security of its products.[31] He said in part: The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand. This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.[31] In response to the opposition, on February 19, the U.S.