gizmodo.com/watch-steve-wozniaks-take-on...tm_medium=socialflow

Steve Wozniak appeared on Conan last night and predictably gave his take on the ongoing battle between Apple and the FBI. Perhaps unsurprisingly as a founding figure of the Electronic Frontier Foundation, he sides with Apple.

Video:

Više na tu temu:

gizmodo.com/why-you-should-care-about-ap...h-the-fbi-1759639200

Why You Should Care About Apple’s Fight With the FBI

The FBI wants Apple’s help to investigate a terrorist attack. Apple says providing this help is the real danger. We’ve reached a boiling point in the battle between tech companies and the government over encryption. And what happens will affect anyone who uses a smartphone, including you.

After the San Bernardino shootings, the FBI seized the iPhone used by shooter Syed Rizwan Farook. The FBI has a warrant to search the phone’s contents, and because it was Farook’s work phone, the FBI also has permission from the shooter’s employer, the San Bernardino County Department of Public Health, to search the device. Legally, the FBI can and should search this phone. That’s not up for debate. If the FBI gets a warrant to search a house and the people who own it say okay, there’s no ambiguity about whether it can search the house.

But if the FBI comes across a safe in that house, the warrant and permission do not mean it can force the company that manufactures the safe to create a special tool for opening its safes, especially a tool that would make other safes completely useless as secure storage. That’s the situation that Apple’s dealing with here.

The FBI obtained an order from a California district court asking Apple for assistance cracking Farook’s passcode. The court order doesn’t flat-out demand that Apple unlock the phone, which is an iPhone 5C* running iOS 9. Instead, the judge is asking Apple to create a new, custom, terrorist-phone-specific version of its iOS software to help the FBI unlock the phone. Security researcher Dan Guido has a great analysis of why it is technically possible for Apple to comply and create this software. (It would not be if Farook had used an iPhone 6, because Apple created a special security protection called the Secure Enclave for its newer phones that cannot be manipulated by customizing iOS.)

The fight isn’t over whether Apple can comply in this case. It’s whether it should.

If Apple makes this software, it will allow the FBI to bypass security measures, including an auto-delete function that erases the key needed to decrypt data once a passcode is entered incorrectly after ten tries as well as a timed delay after each wrong password guess. Since the FBI wants to use the brute force cracking method—basically, trying every possible password—both of those protections need to go to crack Farook’s passcode. (Of course, if he used a shitty password like 1234, the delay wouldn’t be as big a problem, since the FBI could quickly guess.)

The security measures that the FBI wants to get around are crucial privacy features on iOS9, because they safeguard your phone against criminals and spies using the brute force attack. So it’s not surprising that Apple is opposing the court order. There is more than one person’s privacy at stake here!

Apple equates building a new version of iOS with building an encryption backdoor. CEO Tim Cook published a message emphasizing that the company can’t build a backdoor for one iPhone without screwing over security for the rest:

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

Apple will be writing its own malware if it complies with this order. It would be creating the best tool to break into its own (older) devices.

“Essentially, the government is asking Apple to create a master key so that it can open a single phone,” the Electronic Frontier Foundation wrote in a statement supporting Apple. “And once that master key is created, we’re certain that our government will ask for it again and again, for other phones, and turn this power against any software or device that has the audacity to offer strong security.”

Don’t sit there chuckling if you use an Android, by the way. If Apple is compelled to create this malware, it will affect anyone who uses technology to communicate, to bank, to shop, to do pretty much anything. The legal basis for requesting this assistance is the All Writs Act of 1789, an 18th century law that is becoming a favorite for government agencies trying to get tech companies to turn over user data. The AWA is not really as obscure as Apple suggests, but it is a very broad statute that allows courts established by Congress to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

The Department of Justice has even tried to use it to force Apple to turn over suspects’ messages before. I know 18th century law sounds boring, but this is an 18th century law that could fuck you big time.

The All Writs Act can only force a company to do something if it’s not an “undue burden.” Seems like making Apple create malware that will fundamentally undermine its core security features is an enormous burden. And if it’s not deemed “undue” in this case, that sets a horrible precedent. After all, if compelling Apple to maim itself is allowed, compelling Google and Facebook and Microsoft to write security backdoors would also be allowed.

Correction 1:06pm: *I originally wrote that Farook had an iPhone 5S. He had an iPhone 5c. The post has been updated to fix that error.

Ovo je još bolje - FBI koristi u svoju obranu i objašnjenje njihovih zahtjeva zakon star 227 godina...:

gizmodo.com/the-227-year-old-statute-bei...pple-into-1759736160

The 227-Year-Old Statute Being Used to Order Apple to Endanger Your Privacy, Explained

The FBI and Apple are fighting over modern technology using a very old law. A 227-year-old statute, created at the same time as the federal courts themselves, is now at the center of a showdown about privacy.

The FBI wants Apple to write custom software that will help the FBI break into a seized phone. Apple doesn’t want to do that, because it would be creating a serious security flaw in its own privacy protections, a flaw that could be exploited to hurt its millions of customers. Depending on how the All Writs Act is interpreted by a judge, Apple may have to comply.

So what is the All Writs Act? “Writs” is just an old-timey word for “formal order.” It was part of the Judiciary Act of 1789, which created the federal court system. George Washington signed it into law. It’s Founding Fathers-level old.

Old, but not long. This is the entirety of the statute giving Apple so much grief:

(a) The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.

(b) An alternative writ or rule nisi may be issued by a justice or judge of a court which has jurisdiction.

(June 25, 1948, ch. 646, 62 Stat. 944; May 24, 1949, ch. 139, § 90, 63 Stat. 102.)

The All Writs Act gives courts power to issue orders that do not fall under a pre-existing law. It provides a sort of interstitial power,and serves as a procedural tool for courts dealing with odd and miscellaneous issues that haven’t been covered by other laws yet. (The legalese is casus omissus.)

You can see how All Writs made sense to bust out when the justice system was new and full of holes. And you can see how it is ripe for misuse today. It’s law that, if interpreted broadly, gives judges the court-order version of a blank check.

This does not mean a court could use All Writs as justification to create an order that goes against the law or has nothing to do with it. A judge can’t issue an order for Tim Cook to execute Jony Ive or to move to a condo in Yonkers. It’s not that broad. A 1948 Supreme Court ruling, Price v. Johnston, explains how All Writs functions as a complement to the rest of the law, describing it as “a legislatively approved source of procedural instruments designed to achieve ‘the rational ends of law.’”

Yet despite these limitations, it’s still a powerful tool. One of the turning points for All Writs came in 1977. The Supreme Court ruled in favor of the government when it used All Writs to compel a telecom company to help it conduct surveillance to make a racketeering sting. And once the Supreme Court permitted All Writs as a way to compel a pen register, lower courts used it in similar ways.

All Writs is not used frequently in modern courts. There have been some high-profile “uses” of All Writs in military courts in recent years, but the courts have argued that they did not have authority under All Writs. Here’s why Chelsea Manning trial couldn’t have public access, for instance, according to Just Security:

In the Bradley Manning court martial proceedings, for example, the highest court in the military justice system – the Court of Appeals for the Armed Forces (CAAF) – held that it lacked the authority under the All Writs Act to grant extraordinary relief to protect the First Amendment right of public access to criminal trials identified by the Supreme Court in Richmond Newspapers and its progeny.

As Popular Mechanics notes, when All Writs is used in modern times, it is often to “effectuate” a search warrant. In this Apple/FBI situation, this is how it’s being used. The FBI wants to search a phone, and it’s using All Writs to make Apple help.

All Writs has been used to compel tech companies to help the government decrypt devices, so this certainly isn’t a huge leap. All Writs has already been used to compel Apple to help law enforcement unlock iPhones. A United States Attorney recently said that the government used All Writs to compel Apple to unlock iPhones 70 times. In 2014, for instance, Judge Gabriel Gorenstein used All Writs to compel an unnamed tech company to unlock a phone, and cited that 1977 Supreme Court case while outlining why it made sense.

The bad news for Apple: Only one judge has questioned All Writs in these cases.

In 2005, Judge James Orenstein dismissed the government when it tried to convince him he could use All Writs to authorize surveillance, saying that this sort of All Writs interpretation “invites an exercise of judicial activism that is breathtaking in its scope and fundamentally inconsistent with my understanding of the extent of my authority.” And in 2015, Orenstein even questioned whether All Writs was appropriate for compelling Apple. “The question becomes whether the government seeks to fill in a statutory gap that Congress has failed to consider or instead seeks to have the court give it authority that Congress chose not to confer,” he wrote.

(Getting our privacy potentially fucked isn’t funny, but it is excellent that these judges are named Orenstein and Gorenstein. Petition to get them a reality television program, like Judge Judy, only Judge Orenstein & Gorenstein, sort of a Siskel and Ebert type situation.)

The judge who gave this week’s court order, US Magistrate Judge Sheri Pym, has given Apple five days to respond to the request. Now, remember that 1977 Supreme Court case that I described as a “turning point?” That case determined that third parties (like Apple) can assist the government, if certain conditions are met. If it is “unreasonably burdensome” for that third party, it doesn’t have to help. So Apple needs to persuade Pym that creating custom malware is an undue burden on Apple. If it does, there’s a chance she could decide that All Writs won’t fly in this case.

If she decides in favor of the government, however, this case will set a very serious precedent that will encourage agencies to pursue court orders to compel tech companies to cooperate, even if that cooperation means forcing companies to create security backdoors that undermine the purpose of the products they create.

A što se dogodilo s tim Farukom? Poginuo?
Ako je živ, ne mogu vjerovati da ne mogu izvesti neku pravnu makinaciju da ispadne da je pod jurisdikcijom NSA ili CIA-e umjesto FBI pa da ga ovi drogama natjeraju da progovori. To bi im sigurno moralo biti lakše, nego ova zajebancija.

Ma , da je živ nebi ovo pisali.

Koliko sam ja skužio još prije, lik je živ, samo im ne želi ništa reći, a znaju da se ključne stvari nalaze zaključane u mobitelu i do toga zbog zaštite ne mogu doći...

FBI vs Apple: When Security and Privacy Collide

Since far before the shooting in San Bernardino and the terror attacks that precluded it, there have been questions and concerns over what ends justify the means of national security and legal investigations. What are we, as a people, willing to sacrifice for safety? What are we willing to forgive for it? Do corporations owe their allegiance to the government, over the people they serve?

The interests of privacy and security have often been at odds, especially in an age where sensitive information is stored digitally, and electronic hacking and surveillance are common. The dilemma is this: with access to more information, the government can investigate and prevent crime of monumental proportions. On the flip side, such techniques can compromise the privacy (and sometimes safety) of American citizens.

The recent legal dispute between Apple and the FBI is a case that exemplifies the ongoing conflict between privacy and security. While on surface this case comes down to a single iPhone, the implications are profound, and may color the future of government-company cooperation (or lack thereof) internationally.

On February 16, Apple was issued an order by The United States District Court for the Central District of California to create and provide a “backdoor” into an iPhone recovered during the FBI’s investigation of the terror attack in San Bernardino, California. Apple sent a public letter that very day explaining why the tech company would and could not comply with this request.

“The FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation,” Apple’s CEO Tim Cook wrote. “In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.”

Though targeted toward just one device recovered in the investigation, Apple warns that such a backdoor would be “the equivalent of a master key, capable of opening hundreds of millions of locks.” The FBI filed a motion on the 19th asking the court to order Apple to comply, and a hearing is scheduled to take place on March 22.

Reasonable measures

Corporations including Apple already comply with the US government to provide useful data for federal investigations. Subpoenas and search warrants allow the government entities to access specified data that tech companies have the rights to, like cloud backup records, for example. In past versions of the iOs, Apple has assisted the FBI in similar cases, but newer iPhones’ encryption simply can’t be broken without introducing a new (and in Apple’s opinion, dangerous) vulnerability to the software. Doing so, Apple argues, could set a precedent to repeat the process in thousands of future investigations and leave all iPhones vulnerable to hackers.

The NSA’s own surveillance tactics have been a hot topic of debate since ex-contractor Edward Snowden leaked documents on PRISM, a surveillance program that collected internet communications with the cooperation of nine large technology companies. Companies like Google, Facebook and Apple had their names dragged into the dirt and have been working to re-earn consumer trust ever since.

In the case of Apple vs FBI, some have accused Apple of prioritizing their reputation over the fight against terrorism. Even so, some NSA insiders are siding with the tech company:

“I must admit, my old tribe is not unanimous on the view I’ve taken,” Michael Hayden, former director of both the NSA and CIA told me recently on Yahoo News, “but there are other folks like me, other former directors of the NSA who have said building in backdoors universally in Apple or other devices actually is bad for America.”

“I think we can all agree it’s bad for American privacy,” Hayden continued. “We’re arguing it’s bad for American security in terms of what adversaries will be able to do against U.S. citizens.”

Indeed, even if a universal backdoor has the potential to be help the government (or be abused by it), in the hands of our adversaries it could certainly endanger more citizens than it protects.
What’s next?

With the March 22 hearing fast approaching, both Apple and the FBI are being judged in the court of public opinion. Though Apple certainly earned points among others in the technology sector, the same is not true of a populace swept up in fears of Islamic terror in the wake of ISIS’ rise. According to a poll by Pew Research, 51 percent of Americans believe Apple should cooperate with the FBI and unlock the iPhone.

According to FBI director James B. Comey, the case highlights “that we have awesome new technology that creates a serious tension between two values we all treasure — privacy and safety.” In his opinion, “That tension should not be resolved by corporations that sell stuff for a living.”

Internet pioneer and philanthropist Bill Gates agrees that the solution should not be on the terms of one party, but would at best be a cooperation between both government and corporations. “For tech companies there needs to be some consistency, including how governments work with each other,” Gates said. “The sooner we modernize the laws the better.”

In the meantime, we can rest assured that our own cellphone encryption is working. It may work for criminals, as well, but at least the chances of villainous hackers hijacking a master key remain highly improbable for now.

www.linkedin.com/pulse/fbi-vs-apple-when...ide-bianna-golodryga