{"id":11381,"date":"2016-02-23T08:33:02","date_gmt":"2016-02-23T13:33:02","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=11381"},"modified":"2019-03-22T08:07:12","modified_gmt":"2019-03-22T12:07:12","slug":"apple-versus-fbi","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/apple-versus-fbi\/11381\/","title":{"rendered":"Apple vs. FBI \u2013 what&#8217;s going on?"},"content":{"rendered":"<p>Over the past week-plus, we have seen <a href=\"https:\/\/threatpost.com\/apples-cook-opposes-court-order-to-hack-san-bernardino-shooters-phone\/116274\/\" target=\"_blank\" rel=\"noopener nofollow\">an escalation between Apple and the FBI<\/a> in regards to unlocking the iPhone belonging to one of the shooters involved in the <a href=\"https:\/\/en.wikipedia.org\/wiki\/2015_San_Bernardino_attack\" target=\"_blank\" rel=\"noopener nofollow\">San Bernardino, Calif. terrorist attack in December<\/a>.<\/p>\n<p>The latest on the fight is that both the FBI and Apple CEO Tim Cook <a href=\"http:\/\/www.nytimes.com\/2016\/02\/23\/technology\/apple-unlock-iphone-san-bernardino.html\" target=\"_blank\" rel=\"noopener nofollow\">have been invited to a hearing<\/a> of the House Energy and Commerce Committee on privacy and national security \u201cto explain to Congress and the American people the issues at play and how they plan to move forward.\u201d<br>\n<img decoding=\"async\" class=\"aligncenter wp-image-11383 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/02\/06022912\/fbi-apple-FB.jpg\" alt=\"Apple vs. FBI \u2013 what's going on?\" width=\"1280\" height=\"1280\"><\/p>\n<p>There are people with strong opinions on both sides of the fence as to what is right and what is wrong in this instance. This is something worth keeping an eye on as this case continues to progress for anyone who owns a smartphone, is concerned with privacy or works on the Internet. Be sure to stay tuned into <a href=\"https:\/\/threatpost.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Threatpost<\/a> for all the breaking news on security and privacy.<\/p>\n<p>In case you\u2019re behind on the news, here is a quick overview to help you pick a side in the debate.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"zxx\" dir=\"ltr\"><a href=\"https:\/\/t.co\/KOLN11BVAC\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/KOLN11BVAC<\/a><\/p>\n<p>\u2014 Fabio Assolini (@assolini) <a href=\"https:\/\/twitter.com\/assolini\/status\/701747530518949888?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 22, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h3>Back Story<\/h3>\n<p><a href=\"http:\/\/www.macrumors.com\/2016\/02\/22\/fbi-vs-apple-icloud-password-reset\/\" target=\"_blank\" rel=\"noopener nofollow\">Reportedly<\/a>, Apple gave the FBI data that was backed up to the iCloud service from the San Bernardino shooter\u2019s phone. The last copy was made in October 19, when the criminal allegedly stopped backing up the phone. The FBI wants the newer data to fill in the gaps and has a <a href=\"https:\/\/assets.documentcloud.org\/documents\/2714001\/SB-Shooter-Order-Compelling-Apple-Asst-iPhone.pdf\" target=\"_blank\" rel=\"noopener nofollow\">court order<\/a>, which tells Apple how exactly the company should help with the investigation.<\/p>\n<p>That is to say:<br>\n1) disable the functionality that wipes the memory when more than 10 wrong passcodes are entered in a row;<br>\n2) create a software that can enter passwords automatically;<br>\n3) disable the delay between each passcode entry.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-11385 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/02\/06022909\/apple-versus-fbi-1.png\" alt=\"What FBI wants from Apple\" width=\"800\" height=\"325\"><\/p>\n<p>In other words, FBI wants to bruteforce the passcode and asks Apple to turn off all security constraints. If Apple agrees, it would only be a matter of time for the FBI to crack the code, for example, you can break a 4-digit PIN in <a href=\"https:\/\/theintercept.com\/2016\/02\/18\/passcodes-that-can-defeat-fbi-ios-backdoor\/\" target=\"_blank\" rel=\"noopener nofollow\">several hours<\/a>.<\/p>\n<p>Apple CEO Tim Cook published a <a href=\"http:\/\/www.apple.com\/customer-letter\/\" target=\"_blank\" rel=\"noopener nofollow\">message to customers<\/a> saying that the company had already shared with law enforcement agencies all data it had. Cook rightly noted that the FBI asked Apple to make a \u201cmaster key;\u201d \u201cNow the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.\u201d<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-11386 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/02\/06022908\/apple-versus-fbi-2.png\" alt=\"What Apple thinks of FBI's request\" width=\"800\" height=\"229\"><\/p>\n<p>There are obviously a number of open questions that may need some clearing up on, so we\u2019ll do our best to summarize below.<\/p>\n<h3>What laws does the government rely in this case on?<\/h3>\n<p><em>It\u2019s a good question.<\/em> The government is using the All Writs Act that was signed into law in 1789. Basically, this act <a href=\"http:\/\/www.cnet.com\/news\/apple-versus-the-fbi-why-the-lowest-priced-iphone-has-the-us-in-a-tizzy-faq\/\" target=\"_blank\" rel=\"noopener nofollow\">helped establish<\/a> the judiciary system in the US, which was rather young at the time. The act was giving federal courts the power to issue orders that do not fall under a pre-existing law. Gizmodo published a <a href=\"http:\/\/gizmodo.com\/the-227-year-old-statute-being-used-to-order-apple-into-1759736160\" target=\"_blank\" rel=\"noopener nofollow\">detailed review<\/a> of the act and how it is used by the justice system that is worth the read.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Obviously, Congress wasn\u2019t considering iPhone security at the time it passed All Writs Act of 1789 <a href=\"https:\/\/t.co\/dqAgGLN5WM\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/dqAgGLN5WM<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/AWA?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#AWA<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/security?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#security<\/a><\/p>\n<p>\u2014 Just Security (@just_security) <a href=\"https:\/\/twitter.com\/just_security\/status\/701867825988661248?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 22, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<h3>Why does the FBI need Apple to hack the iPhone?<\/h3>\n<p>Apparently, FBI agents can\u2019t do this as Apple\u2019s security measures work good.<\/p>\n<p>But there are other facts.<\/p>\n<p>Recently <a href=\"http:\/\/gizmodo.com\/apple-this-mess-couldve-been-avoided-if-the-government-1760211382\" target=\"_blank\" rel=\"noopener nofollow\">Apple invited journalists<\/a> to separate conference calls, which were held under strict rules: nobody was to cite Apple experts word for word or disclose their names. The company revealed that FBI accidentally reset the San Bernardino shooter\u2019s iCloud password. If the bureau did not do that the phone would automatically synchronize with iCloud and make a newer backup, and Apple would readily share it with the agents. After the reset this scenario was impossible to fulfil.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/BweBCNBxJxM?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<h3>Where do the parties stand?<\/h3>\n<p>Apple\u2019s public position was revealed in February 16: FBI\u2019s idea was equal to the backdoor development. This solution endangered Apple\u2019s clients, so the company <a href=\"https:\/\/threatpost.com\/apples-cook-opposes-court-order-to-hack-san-bernardino-shooters-phone\/116274\/\" target=\"_blank\" rel=\"noopener nofollow\">didn\u2019t want to comply<\/a>.<\/p>\n<p>FBI responded quietly with a court claim in February 19. According to the bureau, Apple could help but decided against in favor of protecting its brand.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-11388 size-full\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2016\/02\/06022907\/apple-versus-fbi-3.png\" alt=\"FBI explains, why Apple refuses to collaborate\" width=\"800\" height=\"551\"><\/p>\n<h3>Can Apple do what FBI requires?<\/h3>\n<p><a href=\"https:\/\/threatpost.com\/apple-technically-able-to-help-fbi-crack-shooters-iphone\/116321\/\" target=\"_blank\" rel=\"noopener nofollow\">Maybe<\/a>. Tim Cook\u2019s announce doesn\u2019t include a clear response to this question: \u201ctoo dangerous to create,\u201d \u201csomething we simply do not have\u201d and so on. Of course, Apple is the developer of iPhone software and hardware, so it can do a lot. Following the results of the \u201csecret\u201d Skype-call with Apple employees, <a href=\"http:\/\/gizmodo.com\/apple-this-mess-couldve-been-avoided-if-the-government-1760211382\" target=\"_blank\" rel=\"noopener nofollow\">Gizmodo confirms<\/a> that it is technically possible for the company to create this kind of software in demand. But will Apple do it and what will the consequences be?<\/p>\n<p>According to the FBI, there is nothing to fear. The bureau claims, that Apple can bound the hack to the terrorist\u2019s iPhone only. Moreover, allegedly the FBI doesn\u2019t ask the company to share this software with their specialists.<\/p>\n<p>From Apple\u2019s point of view, if such solution is created, <a href=\"https:\/\/www.kaspersky.com\/blog\/golden-key-encryption\/10725\/\" target=\"_blank\" rel=\"noopener nofollow\">cybercriminals will devote resources<\/a> trying to recreate it and produce their own backdoor. In this case iPhones would lose their reputation as a secure device.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">ICYMI: The FBI is scaring people into being worried about weird implausible theories of terrorism. <a href=\"https:\/\/t.co\/ymatij7Qk8\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/ymatij7Qk8<\/a><\/p>\n<p>\u2014 thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) <a href=\"https:\/\/twitter.com\/thegrugq\/status\/701119097111642112?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 20, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>This story is in the right place at the right time. The Apple vs FBI fight is going\u00a0<a href=\"https:\/\/threatpost.com\/fbi-on-encryption-its-a-business-model-question\/115622\/\" target=\"_blank\" rel=\"noopener nofollow\">in the middle of the global dispute<\/a>, which tries to draw a distinction between privacy concern and national interests, including crime and terrorist attacks investigation.<\/p>\n<h3>So why does encryption matter?<\/h3>\n<p>You see, encryption is made of math, not magic. It\u2019s impossible to weaken it for a charmed er, select, circle only. Sooner or later other people will find the soft spot and nobody guarantees that bad guys will not detect it before the good ones (as mentioned above).<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Would a golden key actually solve encryption issues? <a href=\"https:\/\/t.co\/2JUAypdDf3\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/2JUAypdDf3<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/apple?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#apple<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/FBiOS?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#FBiOS<\/a> <a href=\"https:\/\/t.co\/O8btU4j7Xy\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/O8btU4j7Xy<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/700708053151309824?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">February 19, 2016<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In fact, every pressure that threatens privacy, puts encryption at risk as well and correspondingly, security of data and communications gets on the firing line. The consequences could be crucial.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>What\u2019s going on with Apple and the FBI? Find out.<\/p>\n","protected":false},"author":53,"featured_media":11382,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[14,1449,261,1448,1447,1250,26,1450,43,97],"class_list":{"0":"post-11381","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-apple","9":"tag-backdoors","10":"tag-encryption","11":"tag-fbi","12":"tag-fbios","13":"tag-ios","14":"tag-iphone","15":"tag-politics","16":"tag-privacy","17":"tag-security-2"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/apple-versus-fbi\/11381\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/apple-versus-fbi\/6752\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/apple-versus-fbi\/6813\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/apple-versus-fbi\/6728\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/apple-versus-fbi\/7794\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/apple-versus-fbi\/7574\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/apple-versus-fbi\/10950\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/apple-versus-fbi\/5257\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/apple-versus-fbi\/7080\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/apple-versus-fbi\/10534\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/apple-versus-fbi\/10950\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/apple-versus-fbi\/11381\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/apple-versus-fbi\/11381\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/apple\/","name":"Apple"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11381","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/53"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=11381"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11381\/revisions"}],"predecessor-version":[{"id":26117,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/11381\/revisions\/26117"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/11382"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=11381"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=11381"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=11381"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}