Tag Archives: San Bernadino

Edward Snowden defends Apple in fight against FBI

Edward Snowden — the ex-NSA contractor who started this whole privacy debate — has joined the ranks of Apple defenders.

On Tuesday, a federal magistrate-judge ruled that Apple must help the FBI break into the phone of one of the San Bernardino shooters. The FBI was unable to figure out the shooter’s passcode, which is the only way to get inside his iPhone.

Apple CEO Tim Cook is furious, saying that the U.S. government is trying to undermine the security of its flagship product.

“The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers,” Cook said.

Apple plans to fight the decision, aided by the ACLU.

On Wednesday, the divide was clear: politicians versus engineers.

“The FBI is creating a world where citizens rely on Apple to defend their rights, rather than the other way around,” Snowden said Wednesday morning on Twitter.

Late Wednesday, Silicon Valley’s powerful tech industry trade group came out in support of Apple too.

“We worry about the broader implications … of requiring technology companies to cooperate with governments to disable security features, or introduce security vulnerabilities,” said the Information Technology Industry Council, which represents Dell, Facebook (FB, Tech30), Google, Hewlett Packard (HPE, Tech30), IBM (IBM, Tech30), Microsoft (MSFT, Tech30), Nokia (NOK) and others.

For years, the FBI has demanded special access into smartphones. Tech companies have refused, instead increasing the security of their customers’ data.

Cryptographers, the scholars who build security into technology, have unanimously warned that special access is a dangerous idea. To them, this isn’t about security competing with privacy. It’s just about security.

The San Bernardino shooter, Syed Farook, used an iPhone 5C. The FBI has been trying to guess his passcode to unlock it. If they guess wrong 10 times, Farook’s iPhone will permanently erase all the data stored inside.

Apple doesn’t hold the keys to his device. But the FBI wants Apple to create a special version of its iOS software that will get loaded onto the phone, circumvent Apple’s security features and let agents hack it.

Dan Guido, who runs the cybersecurity firm Trail of Bits, explained in a blog post Wednesday that this hack is possible. He said it would work on any iPhone 5C or older model, putting them “at risk when they’re confiscated by law enforcement around the world.”

Last year, the world’s top cryptographers issued a joint paper saying this is a bad idea. CNNMoney asked them if this particular San Bernardino case changes their mind. All seven who responded said no.

Matthew Green, who teaches cryptography and computer security at Johns Hopkins University, fears it’s a slippery slope. If Apple complies with the government this time, it’ll be forced to in the future.

“I haven’t seen any guiding principle that would prevent this from getting out of hand. It could easily result in every American becoming less secure,” he said.

Columbia University computer science professor Steven M. Bellovin said that if Apple doesn’t resist the FBI, it’ll soon face the same pressure from authoritarian and repressive governments like China.

“This makes it much easier for others — other police departments, other governments — to demand the same thing,” he said.

Bruce Schneier, one of the world’s top cryptographers, warned that criminals could also use this kind of special access to break into people’s phones to steal messages, photographs and other personal information. If Apple creates a weaker version of its operating system, others will get their hands on it.

Most tech industry executives — who normally tout privacy — remained silent Wednesday. WhatsApp cofounder Jan Koum stood out with this message on Facebook: “We must not allow this dangerous precedent to be set.”

U.S. Senator Ron Wyden of Oregon, one of the few politicians to rise to Apple’s defense, said “no company should be forced to deliberately weaken its products.”

(Read more: Manhattan DA says Apple makes terrorism cases ‘go cold’)

Other politicians pushed back on that idea Wednesday. White House Press Secretary Josh Earnest told reporters that the FBI is “not asking Apple to redesign its product or create a new backdoor to one of their products. They’re simply asking for something that would have an impact on this one device.”

Leading Republican presidential candidate Donald Trump weighed in too, saying, “we have to open it up.” Marco Rubio, who is also vying for the Republican presidential nomination, said Apple should give up its fight and be “a good corporate citizen.”

But even those who support the FBI’s demands say it’s a point of no return. Cyrus Walker teaches at the government-funded Cyber Defense Analysis Center, where he trains federal agents and police how to hack smartphones in criminal cases.

“If Apple demonstrates the ability to get around its own security countermeasures, that bell is rung and can’t be un-rung,” said Walker.

FBI Still Can’t Access San Bernardino Shooter’s Encrypted Phone

Although the phone has been taken as evidence, there is still no way to find out what information it holds due to the encryption key that only the owner can unlock.


The FBI still cannot unlock the encrypted cellphone of one of the San Bernardino shooters more than two months after the California terrorist attack.

FBI Director James Comey told the Senate Intelligence Committee on Tuesday that his agency’s inability to access the information in the retrieved phone is an example of the effect on law enforcement of the growing use of encryption technology.

Comey said the problem of “going dark” is overwhelmingly affecting law enforcement at all levels.

“It affects cops and prosecutors and sheriffs and detectives trying to make murder cases, car accident cases, kidnapping cases, drug cases,” Comey said.

He said the biggest concern was phones that automatically locked and secured all information inside.

“It is a big problem for law enforcement armed with a search warrant, when you find a device that can’t be opened even when a judge said there’s probable cause to open it,” Comey said.

Sen. Dianne Feinstein of California, the ranking Democrat on the committee, and the committee’s chairman, Sen. Richard Burr, R-N.C., have said they are considering legislation that would compel manufacturers to provide law enforcement access to encrypted data when there’s a court order. Industry associations have opposed such proposals.

While encryption issues are more common in local criminal cases, counterterrorism investigations are also affected, Comey said. He cited the December attack in San Bernardino, in which Syed Rizwan Farook and Tashfeen Malik killed 14 people at a holiday party.

“In San Bernardino, a very important investigation to us, we still have one of those killers’ phones that we have not been able to open. It’s been over two months now; we’re still working on it,” Comey said.

Comey previously told Congress that investigators could not read more than 100 text messages that one of the shooters who attacked a cartoon contest in Garland, Texas, last year exchanged with an “overseas terrorist.” The contest was to draw caricatures of the Prophet Muhammad.

Privacy advocates who oppose limits on encryption argue that giving such backdoor access to data opens devices to thieves and hackers. A recent report from Harvard University’s Berkman Center for Internet and Society concluded that law enforcement fears of encryption are exaggerated, in part because increasingly sophisticated technology is opening up other ways for police to conduct surveillance.

National Intelligence Director James Clapper told the senators that he thinks the government and tech companies should be able to work out a solution without resorting to legislation.

“I’m not sure we’ve exhausted all the possibilities here technologically,” Clapper said.

Adm. Michael Rogers, director of the National Security Agency, said “encryption is foundational to the future.” The challenge, he said, is finding the balance between privacy and security.