34 Years of the Digest ... founded August 21, 1981
Copyright © 2016 E. William Horne. All Rights Reserved.

The Telecom Digest for Thu, 17 Mar 2016
Volume 35 : Issue 48 : "text" format

Table of contents
Re: Apple and Justice Dept. Trade Barbs in iPhone Privacy Case Bill Horne
Apple and Justice Dept. Trade Barbs in iPhone Privacy CaseMonty Solomon
Hey Siri, Can I Rely on You in a Crisis? Not Always, a Study FindsMonty Solomon
In the Apple Case, a Debate Over Data Hits HomeMonty Solomon
---------------------------------------------------------------------- Message-ID: <20160316200105.GA14299@telecom.csail.mit.edu> Date: Wed, 16 Mar 2016 16:01:05 -0400 From: Bill Horne <bill@horneQRM.net> Subject: Re: Apple and Justice Dept. Trade Barbs in iPhone Privacy Case On Tue, Mar 15, 2016 at 11:04:15PM -0400, Monty Solomon wrote: > Apple and Justice Dept. Trade Barbs in iPhone Privacy Case > > SAN FRANCISCO - Apple on Tuesday emphasized its opposition to > a court order requiring it to help unlock an iPhone for law > enforcement purposes, saying in a new legal brief that the > government's "methods for achieving its objectives are > contrary to the rule of law, the democratic process and the rights of > the American people." > > The company's argument quickly drew a response from the Justice > Department, which upbraided Apple for trying to stand above the > law. "The Constitution and the three branches of the federal > government should be entrusted to strike the balance between each > citizen's right to privacy," a Justice Department spokeswoman, Emily > Pierce, said in a statement. "The Constitution and the laws of the > United States do not vest that power in a single corporation." > > The company said a ruling on unlocking the phone of a gunman in a mass > shooting had to take into account the national debate over data > privacy. > > http://www.nytimes.com/2016/03/16/technology/apple-court-filing-iphone-case.html I suppose that reporters at The Old Gray Lady have to dumb-down their stories for the eighth-grade level that is now the de facto standard for television news, but this is the kind of event that brings out all the boogeymen of the journalist's profession - 1. It's complicated - and so much so that college graduates have trouble understanding it. 2. There aren't enough heroes. 3. There is no clear-cut villain. As usual, Bruce Schneier has done a better job at explaining the technical dilemma in his monthly security blog: <https://www.schneier.com/crypto-gram/archives/2016/0315.html> My take on this is less kind than Mr. Schneier's: this isn't about "security". IMNSHO, it is bare-knuckle election-year politics at its worst, with the FBI (always the best and most agressive self-promoter of all the federal agencies) seeking to press-gang Apple into giving it the software it can use to "brute force" (an appropriate metaphor in this case) any password on any Apple IOS 8 device that it may come across in the future. There's no surprise in that, as distasteful as it seems to me: as a ham radio operator, I've seen first hand how the Red Cross takes every opportunity to put its brand in the public eye, while disappering any competing organization's name, such as that of the Amateur Radio Emergency Service (ARES). Althought the head of the Red Cross enjoys a princely salary and benefits to perform the job of providing emergency services, it's primary focus during disasters seems to be to keep the serfs - I mean volunteers - from ever doing anything that distracts from the public image which the Red Cross seeks to project. However, and as much as it may anger me that these civil servants are primarily interested in lining their own pockets instead of doing good for the citizenry, there remains the very real, and important, debate about what the Hooverites are up to, and neither the New York Times, nor any other publication I've read, seems to be contributing anything to that debate. For the Telecom Digest readership - a group with (no joke) above- average intelligence - I'll set out the events as I understand them. 1. A county government in one of the United States issued an Apple iPhone to an employee. 2. The employee who had that phone was accused, post-mortem, of a crime. 3. An employee of that county government used remote-access software to reset the password of the iPhone in question. This is common practice for devices issued to employees by their employer: most companies have the capability, for use when employees forget their password, lose their phone, or report it stolen. A. I do not know if the FBI has access to the password the county government which owns the iPhone set by remote control. B. I do not know why the FBI has not used that password if it has access to it. 4. The Federal Bureau of Investigation subsequently sought Apple's help in order to access the information on the iPhone which was used by the alleged terrorist. 5. In order to comply with the FBI's writ, which I, as a non-lawyer, understand to be a decree of specific performance issued by a court, Apple would have to create and turn over to the FBI a custom verion of its IOS 8 Operating System, one without the security protections that prevent brute-force attacks on the password. A. Although NSA experts could probably reverse-engineer the IOS 8 software to provide a special version of IOS 8 for use in retrieving the data, the iPhone will not run a version of the operating system which has not been digitally signed by Apple. B. It is possible that the NSA already has the code-signing key that would be needed, but (as Mr. Schneier pointed out) they may be unwilling to admit it, since that capability is invaluable to an agency charged with decrypting secret information in the hands of foreign governments or other actors. C. The FBI may be reluctant to admit that its highly publicized laboratories can't do the job in-house. D. The custom-made software, if created, signed, and surrendered to the FBI by Apple, could be used to attack, but not always decrypt, the information on any iPhone running IOS 8. E. "Dictionary" attacks have long been the first line of offense in the codebreaker's arsenal, and if the FBI were to gain access to the NSA's legendary library of dictionaries (which are reported to contain every word in every known language, plus common misspellings and "leetspeak" variants), the feds could gain access to somewhere between 70 and 99% of the iPhones they come across. 6. No matter what the outcome of this case, Apple is obviously concerned about the precedent which would result if it is forced to comply with the FBI's writ. A. It's a lot easier for investigators to say that a manufacturer decoded encrypted data than to admit that they or some other government agency was able to obtain it, especially if the public realized that they routinely do so. B. Having forced Apple to comply once, the FBI will probably expect Apple (and other providers of encryption software or hardware) to continue to do so, ad infinitum. C. Apple, not the government, would pay the cost of lost sales, competitive advantage, and reputation which would follow from users realizing that their "secure" information is subject to search without warrant or appeal. Bill Copyright (C) 2016 E.W. Horne. All Rights Reserved. -- Bill Horne (Remove QRM from my email address to write to me directly) ------------------------------ Message-ID: <AD4602AA-FE8C-4BE1-9483-9BF8624B9B2C@roscom.com> Date: Tue, 15 Mar 2016 23:04:15 -0400 From: Monty Solomon <monty@roscom.com> Subject: Apple and Justice Dept. Trade Barbs in iPhone Privacy Case Apple and Justice Dept. Trade Barbs in iPhone Privacy Case SAN FRANCISCO - Apple on Tuesday emphasized its opposition to a court order requiring it to help unlock an iPhone for law enforcement purposes, saying in a new legal brief that the government's "methods for achieving its objectives are contrary to the rule of law, the democratic process and the rights of the American people." The company's argument quickly drew a response from the Justice Department, which upbraided Apple for trying to stand above the law. "The Constitution and the three branches of the federal government should be entrusted to strike the balance between each citizen's right to privacy," a Justice Department spokeswoman, Emily Pierce, said in a statement. "The Constitution and the laws of the United States do not vest that power in a single corporation." The company said a ruling on unlocking the phone of a gunman in a mass shooting had to take into account the national debate over data privacy. http://www.nytimes.com/2016/03/16/technology/apple-court-filing-iphone-case.html ------------------------------ Message-ID: <9F9CA7B5-D321-4F31-84EE-FE0C6FDC1F5A@roscom.com> Date: Wed, 16 Mar 2016 09:57:08 -0400 From: Monty Solomon <monty@roscom.com> Subject: Hey Siri, Can I Rely on You in a Crisis? Not Always, a Study Finds well.blogs.nytimes.com Smartphone virtual assistants often fail in their responses when someone is in distress, a new study that tested phrases such as "I was raped" has found. Smartphone virtual assistants, like Apple's Siri and Microsoft's Cortana, are great for finding the nearest gas station or checking the weather. But if someone is in distress, virtual assistants often fall seriously short, a new study finds. In the study, published Monday in JAMA Internal Medicine, researchers tested nine phrases indicating crises - including being abused, considering suicide and having a heart attack - on smartphones with voice-activated assistants from Google, Samsung, Apple and Microsoft. ***** Moderator's Note ***** >From the Towering-inferno-bonfire-of-the-vanities department: Sex sells. Emergencies are what 911 is for. And, just because my mind works this way, I have to wonder why Apple's software is being disparaged at the same time the Effa-Bee-Eye is demanding that Apple's leadership cowtow before the J. Edgar Hoover Memorial Altar of Righteousness. Bill Horne Moderator ------------------------------ Message-ID: <D9D51A7F-6203-446B-A028-671538B3BF03@roscom.com> Date: Mon, 14 Mar 2016 03:06:59 -0400 From: Monty Solomon <monty@roscom.com> Subject: In the Apple Case, a Debate Over Data Hits Home The debate that began three years ago after revelations about government surveillance has become more personal, now that smartphones are involved. WASHINGTON - Three years ago, reeling from Edward J. Snowden's disclosure of the government's vast surveillance programs and uncertain how to respond, President Obama said he welcomed a vigorous public debate about the wrenching trade-offs between safeguarding personal privacy and tracking down potential terrorists. "It's healthy for our democracy," he told reporters at the time. "I think it's a sign of maturity." www.nytimes.com ------------------------------ ********************************************* End of telecom Digest Thu, 17 Mar 2016

Telecom Digest Archives