Apple GovtOS and the FBI continued

Apple CEO Tim Cook has spent a lot of effort keeping this case in the public, even giving an interview with Time Magazine’s Lev Grossman, which includes statements like:

Apple Coffee Thermos

Inside Apple this idea is nicknamed, not affectionately, GovtOS. “We had long discussions about that internally, when they asked us,” Cook says. “Lots of people were involved. It wasn’t just me sitting in a room somewhere deciding that way, it was a labored decision. We thought about all the things you would think we would think about.” The decision, when it came, was no.

Cook actually thought that might be the end of it. It wasn’t: on Feb. 16 the FBI both escalated and went public, obtaining a court order from a federal judge that required Apple to create GovtOS under something called the All Writs Act. Cook took deep, Alabaman umbrage at the manner in which he learned about the court order, which was in the press: “If I’m working with you for several months on things, if I have a relationship with you, and I decide one day I’m going to sue you, I’m a country boy at the end of the day: I’m going to pick up the phone and tell you I’m going to sue you.”

It also wasn’t lost on Cook that the FBI chose not to file the order under seal: if Apple wasn’t going to help with a case of domestic terrorism, the FBI wanted Apple to do it under the full glare of public opinion.

The spectacle of Apple, the most admired company in the world, refusing to aid the FBI in a domestic-terrorism investigation has inflamed public passions in a way that, it’s safe to say, nothing involving encryption algorithms and the All Writs Act ever has before. Donald Trump asked, “Who do they think they are?” and called for a boycott of Apple. A Florida sheriff said he would “lock the rascal up,” the rascal meaning Cook. Even President Obama, whose relations with the technorati of Silicon Valley have historically been warm, spoke out about the issue at South by Southwest: “It’s fetishizing our phones above every other value. And that can’t be the right answer.”

As against that, Apple has been smothered in amicus briefs from technology firms supporting its position, including AT&T, Airbnb, eBay, Kickstarter, LinkedIn, Reddit, Square, Twitter, Cisco, Snapchat, WhatsApp and every one of its biggest, bitterest rivals: Amazon, Facebook, Google and Microsoft. Zeid Ra’ad al-Hussein, the U.N. High Commissioner for Human Rights, spoke out in Apple’s defense. So did retired general Michael Hayden, former head of both the NSA and the CIA. The notoriously hawkish Senator Lindsey Graham, who started out lambasting Apple, switched sides after a briefing on the matter. Steve Dowling, Apple’s vice president of communications, showed me a check for $100 that somebody sent to support the world’s most valuable technology company in its legal fight. (Apple didn’t cash it.)

(click here to continue reading Inside Apple CEO Tim Cook’s Fight With the FBI | TIME.)

The case seems weak, for a number of reasons (encryption is not bound by political boundaries; Apple shouldn’t be compelled to work for the government especially when they have done nothing wrong; the laws referred to as CALEA would seem to forbid the FBI’s approach; we don’t live in a police state; and so on), but you can’t assume that the judge in the case can be swayed by logic. I’d rather Tim Cook and Apple engineers were spending time improving iTunes, and fixing bugs in Mac OS X El Capitan instead of fighting government overreach, but you can’t control the universe, only react to its whims.

Only the Thought is Dark
Only the Thought is Dark

I want to note another point, as discussed extensively by Jonathan Zdziarski: the idea of a warrant-proof zone. Doctor-patient privilege, diplomatic pouches, married couples, journalistic sources, these and other areas are also “dark” in the FBI parlance. Even in court, even in cases that inflame the public’s interest, even then, a lawyer cannot be compelled to reveal what their client told them. 

There are other examples that could be mentioned, but the point is that our country recognizes many laws and international treaties that support the concept of warrant proof as a valid concept. It is not only well within Apple’s rights to produce a product that happens to be warrant-proof, but it’s actually Apple’s responsibility to create a product that’s capable of enforcing the highest level of security permitted by our country’s laws… not the lowest. Apple is well within not only their rights, but in practices that support and place appropriate locks consistent with the levels of privacy our country recognizes. These products protect everyone – diplomats, doctors, journalists, as well as all of us. Of course they should be this secure. If our own country recognizes warrant proof as a thing, of course our technology should too.

We, as everyday Americans, should also encourage the idea of warrant proof places. The DOJ believes, quite erroneously, that the Fourth Amendment gives them the right to any evidence or information they desire with a warrant. The Bill of Rights did not grant rights to the government; it protected the rights of Americans from the overreach that was expected to come from government. Our most intimate thoughts, our private conversations, our ideas, our -intent- are all things our phone tracks. These are concepts that must remain private (if we choose to protect them) for any functioning free society. In today’s technological landscape, we are no longer giving up just our current or future activity under warrant, but for the first time in history, making potentially years of our life retroactively searchable by law enforcement. Things are recorded in ways today that no one would have imagined, even when CALEA was passed. The capability that DOJ is asserting is that our very lives and identities – going back across years – are subject to search. The Constitution never permitted this.

The bottom line is this: Our country actually recognizes warrant proof data, and Apple has every right and ethical obligation to recognize it in the design of their products. As Americans, we should be demanding our thoughts, conversations, and identities be protected with the highest level of security. This isn’t just about credit cards.

(click here to continue reading Apple Should Own The Term “Warrant Proof” | Zdziarski’s Blog of Things.)

Encryption as a Ribbon Around An Apple iPhone

Fonzo Killin Hipsters

By the way, I forgot to link to another good post by digital forensics expert Jonathan Zdziarski, explaining what the FBI is actually pressuring Apple to provide:

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way. NY DA Cy Vance has stated that NYC has 175 iPhones waiting to be unlocked (which translates to roughly 1/10th of 1% of all crime in NYC for an entire year). Documents have also shown DOJ has over a dozen more such requests pending. If FBI’s promise of “just this one phone” were authentic, there would be no need to order Apple to make this ribbon cutter; they’d simply tell them to cut the ribbon.

Why has the government waited this long to order such a thing? Because in spite of all of iOS 8’s security, the Chinese invented a ribbon cutter for it called the IP BOX. IP BOX was capable of brute forcing any numeric passcode in iOS 8, and even though it was junky, Chinese-made hardware with zero forensic credibility (and actually called home to servers in China), our government used it widely to break into iOS devices without Apple’s help. The government has really gone dumpster diving for forensic solutions for iOS. This ribbon cutter was used by both law enforcement and anyone with $200 to break into iOS devices, and is a great example of how such a ribbon cutter is often abused for crime.

So here’s the real question: Why is FBI asking for the invention of a ribbon cutter instead of just asking Apple to cut the ribbon? Well the answer to that comes back to precedent. If FBI can order the existence of this ribbon cutter, Cy Vance’s 175 phones will be much easier to push through the courts without the same level of scrutiny as a terrorism case. If FBI were simply asking for Apple to cut the ribbon, all future AWA orders would have to go through the same legal scrutiny in the courts for justification. Getting the ribbon cutter invented for a terrorism case opens the door for such a tool to then be justified by the DA for weaker cases – such as narcotics, computer crimes, or even simply investigations where the government can’t even prove to the courts that a crime was ever committed. Once it’s a tool, just like a Stingray box or a breathalyzer, the court’s leniency in permitting its use increases dramatically.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Now if I could only mandate that all politicians were required to understand the concepts before opening their speaking holes. I know, I know, zero chance…

https://i0.wp.com/farm2.staticflickr.com/1503/24422344743_076085f59b_z.jpg?resize=640%2C640&ssl=1
Additionally, there is this angle:

Also consider that the courts aren’t about to force Apple to hack into their own customer products. In fact, the customer purchased these products trusting that the manufacturer wouldn’t – even couldn’t – intentionally compromise them; ever since iOS 8, Apple has marketed these devices as so secure that Apple themselves cannot hack them. For Apple to be forced to backdoor their own devices would invite countless lawsuits from their own customers, betray consumer trust, and likely cost Apple millions, if not billions, in sales depending on how big of a PR nightmare it created. The courts, however, appear to be OK with forcing Apple to write what is being portrayed by the FBI as an innocent, fluffy tool for just this one device.

(click here to continue reading On Ribbons and Ribbon Cutters | Zdziarski’s Blog of Things.)

Apple vs Republican Presidential Candidates

Apple Rising
Apple Rising

No wonder our country is in trouble: not one Republican candidate for president even understands the Apple/FBI issue, or at least admits to understanding it. Not even the CNN moderators! Even though Apple’s official response was released in the afternoon before this debate, nobody spent the time to read what it asserted, they were too busy getting makeup applied and practicing zingers. Facts are for losers.

Apple’s reasoning in the brief rests on three pillars. First, that forcing Apple to write code that weakens its devices and the security of its customers constitutes a violation of free speech as protected by the Constitution.

Second, that the burden the FBI is putting on it by requesting that Apple write the software and assist in unlocking the device is too large. Apple argues that it would have to create the new version of iOS, called GovtOS, which requires coding, signing, verification and testing. It would then have to create an FBI forensics laboratory on site at its headquarters and staff it. The burden would then extend to what Apple views is the inevitable onslaught of additional devices that would follow after the precedent was set.

In addition to free speech, Apple argues that the Fifth Amendment’s Due Process clause prohibits the government from compelling Apple to create the new version of iOS. Apple argues that there is no court precedent for forcing a company to create something new, like GovtOS.

“But compelling minimal assistance to surveil or apprehend a criminal (as in most of the cases the government cites), or demanding testimony or production of things that already exist (akin to exercising subpoena power), is vastly different, and significantly less intrusive, than conscripting a private company to create something entirely new and dangerous. There is simply no parallel or precedent for it,” reads the filing.

(click here to continue reading Apple Files Motion To Dismiss The Court Order To Force It To Unlock iPhone, Citing Free Speech Rights.)

Here’s the relevant part of the Republican presidential debate transcript, held in Houston, FEB. 25, 2016, with a few comments interspersed…

BLITZER: There’s a huge battle underway right now between the tech giant Apple and the federal government. The federal government wants Apple to unlock the phone used by that San Bernardino terrorist to prevent future attacks. Apple has refused, saying it would compromise the security of all of its customers. And just this afternoon, they went to court to block the judge’s order.

To prevent future attacks? Really? The San Bernardino killers are both dead, they destroyed their computers, their other phones, but left their government issued phone untouched. Apple turned over all the iCloud data on Apple servers (email, texts) within hours, and so what exactly is on the locked phone of grave import? Most likely nothing, yet the emotionally charged public opinion is on the FBI’s side, and so they push on.

Dana Bash, pick up the questioning.

BASH: Senator Rubio, you say it’s complicated, and that, quote, “Apple isn’t necessarily wrong to refuse the court order.” Why shouldn’t investigators have everything at their disposal?

Again, this is a misleading framing. Apple complied with the FBI’s request, quickly, and with good intent. What the FBI wants is a tool to allow the FBI to have the ability to open any phone for any reason. Do you really think the FBI couldn’t take the hard drive out of the phone and copy it to some server, and run NSA decryption tools on it? The FBI wants Apple to create a magic can-opener to open each and every phone, as needed, or as suspected they’ll need, in such a way that whatever evidence is found will be able to used in court, and survive questioning by defense lawyers. The San Bernardino killers are not going to be in court, they are both dead. This case is all about the precedent.

RUBIO: No, in fact what I have said is the only thing — the FBI made this very clear 48 hours ago — the only thing they are asking of Apple is that Apple allow them to use their own systems in the FBI to try to guess the password of the San Bernardino killer. Apple initially came out saying, “We’re being ordered to create a back door to an encryption device.” That is not accurate.

The only thing they’re being asked to do, and the FBI made this very clear about 48 hours ago, is allow us to disable the self- destruct mode that’s in the Apple phone so that we can try to guess using our own systems what the password of this killer was.

And I think they should comply with that. If that’s all they’re asking for, they are not asking for Apple to create a back door to encryption.

 Rubio is either misinformed, or intentionally wrong. The FBI is quite clearly asking Apple to spend a month or so of its own resources building a new version of Government iOS in order to bypass the weakest point of the iPhone’s protection, namely the passcode. 

BASH: So just to be clear, you did say on CNN a couple of weeks ago this is a complicated issue; Apple is not necessarily wrong here.

RUBIO: Because at the time, Apple was portraying that the court order was to create a back door to an encryption device.

BASH: But just to be clear — just to be clear, if you are president, would you instruct your Justice Department to force Apple to comply or not?

RUBIO: To comply with an order that says that they have to allow the FBI the opportunity to try to guess the password?

BASH: Correct.

RUBIO: Absolutely. That Apple phone didn’t even belong to the killer. It belonged to the killer’s employee (sic) who have agreed to allow him to try to do this. That is all they’re asking them to do is to disable the self-destruct mode or the auto-erase mode on one phone in the entire world. But Apple doesn’t want to do it because they think it hurts their brand.

Well, let me tell you, their brand is not superior to the national security of the United States of America.

(APPLAUSE)

Christ, what an asshole. Marcobot Rubio’s handlers coached him on this line obviously, you can tell by the smug little grin every time he remembers to recite one of his scripted lines, more or less in the right place. And for the thousandth time, it isn’t just “one phone”. There are multiple other requests in the pipeline, some federal, some at the state level. Thousands of potential cases in the US alone, waiting, anticipating, for precedent to be set. 

BASH: Senator Cruz, Apple CEO Tim Cook says this would be bad for America. Where do you stand: national security or personal privacy?

horrible framing. If Apple had refused to turn over iCloud backups, and refused to assist the FBI from the beginning, maybe, maybe this would be a valid question, but Apple isn’t supporting terrorism by refusing to become a code-slave to the federal government! Apple is appealing the ruling, as is their right!

CRUZ: Well, as you know, at that same CNN forum, both Marco and I were asked this question. His answer, he was on both sides of the fence. He’s now agreeing with me. And so I’m glad.

What I said is yes, Apple should be forced to comply with this court order. Why? Because under the Fourth Amendment, a search and seizure is reasonable if it has judicial authorization and probable cause. In this instance, the order is not put a back door in everyone’s cell phone. If that was the order, that order would be problematic because it would compromise security and safety for everyone.

I would agree with Apple on that broad policy question. But on the question of unlocking this cell phone of a terrorist, we should enforce the court order and find out everyone that terrorist at San Bernardino talked to on the phone, texted with, e-mailed. And absolutely, Apple doesn’t have a right to defy a valid court order in a terrorism investigation.

(APPLAUSE)

Note: metadata like who was called, texted, e-mailed was already turned over, not to mention most of that is also available from the telecommunication corporation (AT&T, Verizon, whomever), and it was disclosed within hours of the shooting. Apple surely does have the ability to use the courts to dispute a court order, they aren’t going rogue and fleeing the jurisdiction! They are using the American legal system, as is their right. Perhaps Ted Cruz recalls there are multiple levels of the judiciary? Including the Supreme Court…

BASH: Dr. Carson, Tim Cook, again, the CEO of Apple, says that this would be bad for America. What do you think?

CARSON: I think allowing terrorist to get away with things is bad for America.

(APPLAUSE)

 These particular terrorists are still dead, I’m not quite sure what they are getting away with. Dr. Carson must want the police to exhume the corpses and waterboard them or worse.

You know, we have the — we have a Constitution. We have a Fourth Amendment. It guards us against illegal and unreasonable search and seizure. But we have mechanisms in place with the judicial system that will allow us to gain material that is necessary to benefit the nation as a whole or the community as a whole. And that’s why we have FISA courts and things of that nature.

So absolutely, I would — I would expect Apple to comply with the court order. If they don’t comply with that, you’re encouraging chaos in our system.

If a policeman asks him to turn in all his guns and stop practicing his religion, Dr. Carson would comply, right away, or else he’d be encouraging chaos in our system. Because no matter what the Constitution says or implies, the police get to supersede it whenever they say the magic word, “terrorism”.

BASH: Mr. Trump…

(APPLAUSE) KASICH: I want to weigh in on this please. I want to just tell you that the problem is not right now between the administration and Apple. You know what the problem is? Where’s the president been? You sit down in a back room and you sit down with the parties and you get this worked out. You don’t litigate this on the front page of the New York Times, where everybody in the world is reading about their dirty laundry out here.

The president of the United States should be convening a meeting, should have convened a meeting with Apple and our security forces. And then you know what you do when you’re the president? You lock the door and you say you’re not coming out until you reach an agreement that both gives the security people what they need and protects the rights of Americans. This is a failure of his leadership to get this done as an executive should be doing it.

And I’ll tell you, that’s why you want a governor. I do this all the time. And we reach agreements all the time. Because as an executive, you’ve got to solve problems instead of fighting on the front page of the newspaper.

(click here to continue reading Transcript of the Republican Presidential Debate in Houston – The New York Times.)

Ah, yes, Obama has been golfing again or something, right? And the FBI didn’t make public statements inflaming public sentiment before Apple even had a chance to respond? Uhh, wrong as usual, Mr. Kasich…

from APPLE INC’S MOTION TO VACATE ORDER COMPELLING APPLE INC. TO ASSIST AGENTS IN SEARCH, AND OPPOSITION TO GOVERNMENT’S MOTION TO COMPEL ASSISTANCE: 

There are two important and legitimate interests in this case: the needs of law enforcement and the privacy and personal safety interests of the public. In furtherance of its law enforcement interests, the government had the opportunity to seek amendments to existing law, to ask Congress to adopt the position it urges here. But rather than pursue new legislation, the government backed away from Congress and turned to the courts, a forum ill-suited to address the myriad competing interests, potential ramifications, and unintended consequences presented by the government’s unprecedented demand. And more importantly, by invoking “terrorism” and moving ex parte behind closed courtroom doors, the government sought to cut off debate and circumvent thoughtful analysis.

and also:

The government says: “Just this once” and “Just this phone.” But the government knows those statements are not true; indeed the government has filed multiple other applications for similar orders, some of which are pending in other courts. And as news of this Court’s order broke last week, state and local officials publicly declared their intent to use the proposed operating system to open hundreds of other seized devices—in cases having nothing to do with terrorism. If this order is permitted to stand, it will only be a matter of days before some other prosecutor, in some other important case, before some other judge, seeks a similar order using this case as precedent. Once the floodgates open, they cannot be closed, and the device security that Apple has worked so tirelessly to achieve will be unwound without so much as a congressional vote. As Tim Cook, Apple’s CEO, recently noted: “Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks—from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”

Chairman Trump
Chairman Trump

The short-fingered vulgarian didn’t get a chance to respond, but we can guess what he would have said…

Republican presidential candidate Donald Trump called on Friday for a boycott of Apple Inc products until the tech company agreed to help the U.S. government unlock the cellphone of one of the killers in last year’s San Bernardino, California, shooting.

“Boycott Apple until such time as they give that information,” Trump said at a campaign event in Pawleys Island, South Carolina. “It just occurred to me.”

(click here to continue reading Trump calls for boycott until Apple unlocks shooter’s phone | Reuters.)

The Dangerous All Writs Act Precedent in the Apple Encryption Case

Don’t be a Production Slacker
Don’t be a Production Slacker

One more angle on the FBI vs. Apple case, as discussed by Amy Davidson of The New Yorker:

Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that “the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.” The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.

The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesn’t exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?

(click here to continue reading The Dangerous All Writs Act Precedent in the Apple Encryption Case – The New Yorker.)

I’d already asked and answered myself about the second part of the question – I’m strongly against the so-called back door being built into all devices – so for me, the first part of the question was by far the most interesting. The government can really force a company to create something just for the government’s purposes? How long can the task take before you are free? Years? Decades? What happened to Capitalism? Talk about feeling entitled, or as Ms. Davidson puts it:

And so Judge Sheri Pym, a California district-court magistrate, has ordered Apple to come up with a new software bundle that can be loaded onto the phone and, in effect, take over the operating system and tell it to let the F.B.I. in. (Apple will have a chance to object to the order in court.) As an added point of convenience, this bundle is also supposed to let the agents enter passcodes electronically, rather than tapping them in, which is one of the many points on which the government seems to have moved from asking for compliance with a subpoena to demanding full-scale customer service. 

I don’t understand why this isn’t more troubling to people, especially to libertarian-leaning Republicans. The US government is asserting that if they ask, a company has to drop everything else and get working for the government or else you’ll be sent to the proverbial salt mines in Siberia. Why? Why? How dare you ask! Because War On Terra, that’s why!  No wonder this is “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple Continued – Apple ID Changed While iPhone In Government Hands

Restoring iPhone From Backup 2015-01-01 at 11.33.01 AM
Restoring iPhone From Backup 

The unnamed FBI official who was boasting to WSJ journalists about the Farook case being “nearly perfect” as a test probably wishes that quote hadn’t been used now in light of this development:

[Apple said it] had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident.

Apple sent trusted engineers to try that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed. (The FBI claims this was done by someone at the San Bernardino Health Department.) Had that password not been changed, the executives said, the government would not need to demand the company create a “backdoor” to access the iPhone used by Syed Rizwan Farook

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Did you notice? The FBI had possession of Farook’s iPhone for over 24 hours, before some agent or other employee changed the Apple ID password. (!!!???!!!)

Changing the Apple ID password isn’t hard, but it isn’t something you do without meaning to.  You’d have to log-in, give the old password, then create the new password, entering it twice. Presumedly, you’d either commit the password to memory, or WRITE IT DOWN.

Hmmm, “nearly perfect test case” indeed. 

Terrorism theatre, part the 234,323rd.

After the FBI sneeringly complained that encryption, privacy and security were merely marketing phrases to Apple, Apple responded with an eyeroll…

Creating the backdoor access, the executives said, would put at risk the privacy of millions of users. It would not only serve to unlock one specific phone, they said, but create a sort of master key that could be used to access any number of devices. The government says the access being sought could only be used on this one phone, but Apple’s executives noted that there is widespread interest in an iPhone backdoor, noting that Manhattan District Attorney Cyrus Vance said Thursday that his office has 175 Apple devices he’d like cracked. They also claimed that no other government in the world has ever asked Apple for the sort of FBiOS the government is demanding that it build now.

Asked why the company is pushing back so hard against this particular FBI request when it has assisted the agency in the past, Apple executives noted that the San Bernadino case is fundamentally different from others in which it was involved. Apple has never before been asked to build an entirely new version of its iOS operating system designed to disable iPhone security measures.

The Apple senior executives also pushed back on the government’s arguments that Apple’s actions were a marketing ploy, saying they were instead based on their love for the country and desire not to see civil liberties tossed aside.

(click here to continue reading Apple: Terrorist’s Apple ID Password Changed In Government Custody, Blocking Access – BuzzFeed News.)

Booting Up

If you haven’t read digital forensics expert Jonathan Zdziarski’s blog post entitled “Apple, FBI, and the Burden of Forensic Methodology”, you should click through and read it right away (well, within 5 seconds). The FBI’s request is quite a big ask, not something considered last minute, but obviously planned carefully for maximum impact. Director Comey has been pushing for back doors to Apple and Google smartphones for a long time. 

Apple must be prepared to defend their tool and methodology in court; no really, the defense / judge / even juries in CA will ask stupid questions such as, “why didn’t you do it this way”, or “is this jail breaking”, or “couldn’t you just jailbreak the phone?” (i was actually asked that by a juror in CA’s broken legal system that lets the jury ask questions). Apple has to invest resources in engineers who are intimately familiar with not only their code, but also why they chose the methodology they did as their best practices. If certain challenges don’t end well, future versions of the instrument may end up needing to incorporate changes at the request of FBI.

If evidence from a device ever leads to a case in a court room, the defense attorney will (and should) request a copy of the tool to have independent third party verification performed, at which point the software will need to be made to work on another set of test devices. Apple will need to work with defense experts to instruct them on how to use the tool to provide predictable and consistent results.

In the likely event that FBI compels the use of the tool for other devices, Apple will need to maintain engineering and legal staff to keep up to date on their knowledge of the tool, maintain the tool, and provide testimony as needed.

In other words, developing an instrument is far more involved than simply dumping a phone for FBI, which FBI could have ordered:

  • Developed to forensically sound standards 
  • Validated and peer-reviewed 
  • Be tested and run on numerous test devices 
  • Accepted in court 
  • Given to third party forensics experts (testing) 
  • Given to defense experts (defense) 
  • Stand up to challenges 
  • Be explained on the stand 
  • Possibly give source code if ordered 
  • Maintain and report on issues 
  • Defend lawsuits from those convicted 
  • Legally pursue any agencies, forensics companies, or hackers that steal parts of the code. 
  • Maintain legal and engineering staff to support it 
  • On appeals, go through much of the process all over again

The risks are significant too:

  • Ingested by an agency, reverse engineered, then combined with in-house or purchased exploits to fill in the gap of code signing.
  • Ingested by private forensics companies, combined with other tools / exploits, then sold as a commercial product.
  • Leaked to criminal hackers, who reverse engineer and find ways to further exploit devices, steal personal data, or use it as an injection point for other ways to weaken the security of the device.
  • The PR nightmare from demonstrating in a very public venue how the company’s own products can be back doored.
  • The judicial precedents set to now allow virtually any agency to compel the software be used on any other device.
  • The international ramifications of other countries following in our footsteps; many countries of which have governments that oppress civil rights.

This far exceeds the realm of “reasonable assistance”, especially considering that Apple is not a professional forensics company and has no experience in designing forensic methodology, tools, or forensic validation. FBI could attempt to circumvent proper validation by issuing a deviation (as they had at one point with my own tools), however this runs the risk of causing the house of cards to collapse if challenged by a defense attorney.

(click here to continue reading Apple, FBI, and the Burden of Forensic Methodology | Zdziarski’s Blog of Things.)

Not something an Apple intern can do in an afternoon, in other words, but a significant task imposed on a private corporation by a government agency, in support of “what some law-enforcement officials privately describe as a nearly perfect test case.” 

FBI vs. Apple – The Fight Over Smartphone Encryption

Cell phone-iphile
A few more details re: the FBI vs. Apple case

A conspiracy minded person might wonder how much the FBI and NSA knew about the planned attack before it happened. Maybe James Comey decided a little collateral damage was a fair price to pay?

As the fight between federal officials and tech companies over encryption has intensified in recent years, talks between the two sides have produced few results, while Congress has struggled to craft legislation on the issue.

FBI leaders had been scanning for a case that would make a compelling argument about the dangers of encryption. In the San Bernardino phone, they found what some law-enforcement officials privately describe as a nearly perfect test case.

(click here to continue reading U.S. and Apple Dig In for Court Fight Over Encryption – WSJ.)

Again, having 9 Justices on the SCOTUS is extremely important, for many reasons, including this case:

Apple has a few more days to file its formal response to the court, which can be summed up as: “No.”

After a series of briefings at this local level, if neither side is happy, the case will be passed on to the District Court. Still no solution? The case would then be escalated to the Court of Appeals for the Ninth Circuit, the court which handles these sorts of issues on the US West Coast.

If that court backs the FBI, and Apple again refuses, it could eventually reach the US Supreme Court, whose decision will ultimately be final, and in this utterly fascinating case, precedent setting.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Cell Phone Evolution
Cell Phone Evolution

Is it even possible to do what the government is requesting? Yes, it does seem so, per the analysis of Dan Guido.

Again in plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered. This customized version of iOS (*ahem* FBiOS) will ignore passcode entry delays, will not erase the device after any number of incorrect attempts, and will allow the FBI to hook up an external device to facilitate guessing the passcode. The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus. As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware.

(click here to continue reading Apple can comply with the FBI court order – Trail of Bits Blog.)

Would You Believe
Would You Believe

and finally, some other tech companies spoke up in support of Apple’s stance:

On Wednesday, Apple’s peers in the technology industry – also eager to keep reputations over security intact – gave their backing to the iPhone maker.

Jan Koum, the creator of Whatsapp, which is owned by Facebook, wrote: “We must not allow this dangerous precedent to be set. Today our freedom and our liberty is at stake.”

The Information Technology Industry Council, a lobbying group that represents Google, Facebook, Microsoft, Samsung, Blackberry and a host of others, put out this statement: “Our fight against terrorism is actually strengthened by the security tools and technologies created by the technology sector, so we must tread carefully given our shared goals of improving security, instead of creating insecurity.”

Google chief executive Sundar Pichai said: “Forcing companies to enable hacking could compromise users’ privacy.”

Edward Snowden, whose revelations about US government spying provoked Apple’s stance on passcode-protected data, said the FBI was “creating a world where citizens rely on Apple to defend their rights, rather than the other way around”.

(click here to continue reading Apple vs the FBI – a plain English guide – BBC News.)

Apple Doesn’t Want to Create Special Software For the FBI To Bypass Security

Pippin's New MBA

I’m on Apple’s side on this, 1,000%, the government should not be allowed such latitude. Apple currently has the full letter on their website, some excerpts below.

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

(click here to continue reading Customer Letter – Apple.)

A new version of the iOS, created just for the government to inspect our private communications? That doesn’t sound good, in fact, that is a horrible precedent for private industry. I assume this case will be appealed all the way to the Supreme Court, all the more reason to have a full 9 Justices sitting on the court.

Apple store

Tim Cook continues:

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

 

(click here to continue reading Customer Letter – Apple.)

for reference:

The All Writs Act is a United States federal statute, codified at 28 U.S.C. § 1651, which authorizes the United States federal courts to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

(click here to continue reading All Writs Act – Wikipedia, the free encyclopedia.)

Apple Logos

The NYT gives a little context:

Apple said on Wednesday that it would oppose and challenge a federal court order to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

On Tuesday, in a significant victory for the government, Magistrate Judge Sheri Pym of the Federal District Court for the District of Central California ordered Apple to bypass security functions on an iPhone 5c used by Syed Rizwan Farook, who was killed by the police along with his wife, Tashfeen Malik, after they attacked Mr. Farook’s co-workers at a holiday gathering.

Judge Pym ordered Apple to build special software that would essentially act as a skeleton key capable of unlocking the phone.

But hours later, in a statement by its chief executive, Timothy D. Cook, Apple announced its refusal to comply. The move sets up a legal showdown between the company, which says it is eager to protect the privacy of its customers, and the law enforcement authorities, who say that new encryption technologies hamper their ability to prevent and solve crime.

(click here to continue reading Tim Cook Opposes Order for Apple to Unlock iPhone, Setting Up Showdown – The New York Times.)

The WSJ adds:

Apple Inc. Chief Executive Tim Cook said the company will oppose a federal judge’s order to help the Justice Department unlock a phone used by a suspect in the San Bernardino, Calif., attack.

In a strongly worded letter to customers posted on Apple’s website early Wednesday, Mr. Cook called the order an “unprecedented step which threatens the security of our customers” with “implications far beyond the legal case at hand.”

The order, reflected in legal filings unsealed Tuesday, marks a watershed moment in the long-running argument between Washington and Silicon Valley over privacy and security.

In the order, U.S. Magistrate Judge Sheri Pym agreed with a Justice Department request that Apple help unlock an iPhone 5C once used by Syed Rizwan Farook. The order calls on Apple to disable certain security measures on the phone, including a feature that permanently disables the phone after 10 unsuccessful tries at the password. Such measures have kept agents from reviewing the contents of the phone, according to the filing. When the phone is locked, the data is encrypted.

Apple said it isn’t opposing the order lightly nor does it question the FBI’s intentions, but it feels that the government has overreached.

In her order, Judge Pym gave Apple five days to appeal.

(click here to continue reading Apple Opposes Judge’s Order to Help Unlock Phone Linked to San Bernardino Attack – WSJ.)

Publishers Weigh Ways to Fight Ad Blocking

ATM$ Inside
ATM$ Inside…

Adblocking software is a default installation for any browser on any computer I set up, usually using Ghostery. I am frequently amazed at the sheer amount of tracking code a typical publisher uses. Dozens and dozens of third party cookies, sometimes even more.

Browsing the web without ads is actually kind of nice. No popups stealing your screen. No autoplaying video ads making the page load as slowly as if it were being dialed up through America Online circa 1999. And millions of people seem to agree. They’ve installed extensions to their web browsers that delete the ads from most, if not all, of of the sites they visit. One popular ad blocker, AdBlock Plus, claims that it’s been installed on people’s browsers more than 400 million times and that it counts “close to 50 to 60 million active users,” said Ben Williams, communications and operations director at Eyeo, the company that makes AdBlock Plus.

Ad blocking isn’t a new issue. People have been installing these extensions for years. But those people were considered a fringe group. But that group is getting closer to the mainstream as kids who grew up browsing the web on their parents’ computers are getting their own laptops that they can customize all the way.

And advertisers’ target audience du jour — millennials — appear to be more likely to use ad blockers than any other age group. Of the survey respondents who were between the ages of 18 and 29 years old, 41% said they use ad blockers. As further evidence ad blocking isn’t abating, Mr. Williams said AdBlock Plus has averaged 2.3 million downloads a week since 2013.

(click here to continue reading Publishers Weigh Ways to Fight Ad Blocking | Media – Advertising Age.)

Nelson Muntz Furniture
Nelson Muntz Furniture

If the trend continues, the ad-supported model of web publishing will die soon. I’m not sure what will replace it – a subscription model I guess – but web publishers did themselves no favors by making ads increasingly more obnoxious. Autoplay videos are evil, and I cannot wait until Apple allows ad blocking software on iPhones and iPads.

Ad blocking extensions have been possible on Safari for Mac for a long time, but plugin architecture for Safari on iOS is much more limited. With iOS 9, Apple has added a special case of extension for ad blockers. Apps can now include ‘content blocker’ extensions that define resources (like images and scripts) for Safari to not load. For the first time, this architecture makes ad blockers a real possibility for iOS developers to make and iOS customers to install and use.

The inclusion of such a feature at this time is interesting. Apple is also pushing its own news solution in iOS 9 with the News app, which will include ads but not be affected by the content blocking extensions as they only apply to Safari. There is also clearly the potential for Safari ad blockers to hurt Google, which seems to be a common trend with Apple’s announcements recently…

(click here to continue reading iOS 9 lets app developers make ad blockers for Safari | 9to5Mac.)

Blocking ad tracking is also parenthetically about user privacy, and Apple is more likely to increase capabilities for its customers to opt out of the massive marketing databases of contemporary corporations like Acxiom, with the exception of inclusion in Apple’s own massive database of course. Apple is not a benevolent grandmother, but at least they are being more open about their marketing and data collection practices than some of their technology company peers.

Apple’s senior vice president of software engineering, Craig Federighi, who was onstage to present new “proactive” artificial intelligence features of the next iPhone operating system, paused before one of the slides to make the company’s devotion to privacy clear.

Yes, he said, the new software will try to anticipate your information needs, based on things like your calendar and location — something that its rival, Google, already does. But, Federighi added, “we do it in a way that does not compromise your privacy. We don’t mine your email, your photos, or your contacts in the cloud to learn things about you. We honestly just don’t wanna know.”

He continued: “All of this is done on [the] device, and it stays on [the] device, under your control.” And Apple says that if it does have to perform a lookup [online] on your behalf, it’s anonymous, it’s not associated with your Apple ID, and it’s not shared with third parties.

In case you missed that point, Federighi immediately repeated: “You are in control.”

(click here to continue reading Walt Mossberg: Apple’s Latest Product Is Privacy | Re/code.)

Waste Your Time and Money
Waste Your Time and Money

We are talking significant revenue at stake already:

“Consumers want a faster web, significantly less tracking by unknown third parties and clean, well-lit media experiences. [Apple’s mobile ad-blocking plan] just accelerates it, and opens up a significant share of the marketplace,” said Jason Kint, CEO of online publisher trade group Digital Content Next. That significant share would significantly cut into publishers’ revenues. Take the biggest digital ad seller — Google — as a proxy. PageFair has estimated that Google, which made $59.1 billion from advertising in 2014, lost $6.6 billion that year because of ad blocking. As Vice’s chief digital officer Mike Germano said at an industry conference in New York earlier this month, “I love my audience, but fuck you, ad blockers — 20% of my revenue is gone.”

How to Get Your Business To Show Up On Google
How to Get Your Business To Show Up On Google

Apple Response To National Center for Public Policy Research Re Climate Change

Apple Store with Tree
Apple Store with Tree

From Apple, Inc.’s 2015 Proxy Statement is this proposal from conservative think tank, The National Center for Public Policy Research. We’re quoting the proposal, and Apple’s response to it (which boils down to a long-winded no, are you crazy?, for many reasons). This think tank exists mostly for the task of “dispelling the myths of global warming by exposing flawed economic, scientific, and risk analysis”, and to publicly scold corporations that drop support for ALEC, so you can imagine why they are pressuring Apple. For the lolz, of course. And to support their corporate masters…

On page 62 of the Proxy Statement:

Proposal No. 5 – Shareholder Proposal The Company has been advised that The National Center for Public Policy Research, 501 Capitol Court, N.E., Suite 200, Washington, D.C 20002 (the “NCPPR”), which has indicated it is a beneficial owner of at least $2,000 in market value of the Company’s common stock, intends to submit the following proposal at the Annual Meeting: Risk Report

and the proposal:

WHEREAS, The Securities and Exchange Commission has recognized that climate change regulations, policy and legislation pose a business risk to companies. One risk is that federal, state and/or local government policies, adopted in whole or in part due to climate change concerns, that subsidize renewable energy and upon which company business plans rely may be repealed or altered. These changes in policy may be significant, and may come with little advance notice to the company.

RESOLVED: Shareholders request that the Board of Directors authorize the preparation of a report, to be issued by December 2015, at a reasonable cost and excluding proprietary information, disclosing the risk to the company posed by possible changes in federal, state or local government policies in the United States relating to climate change and/or renewable energy.

concluding with

Apple Inc. has made renewable energy a priority. The Wall Street Journal reported on September 17, 2013, “Apple Inc. now gets 16% of its electricity from solar panels and fuel cells that run on biogas.” One state in which Apple has significant renewable energy investments is North Carolina, which may soon repeal its law providing advantages for renewable energy production, following a report by two think-tanks concluding that this law will cost state consumers $1.845 billion between 2008 and 2021. Subsidies and policies favorable to renewable energy also are being challenged in other states and also at the federal level, where renewal of the approximately $12 billion wind production tax credit (PTC) is challenged annually and in the past has only been renewed at the very last minute, following closed-door negotiations by lawmakers. The PTC’s future is impossible to predict. 

Apple Logos
Apple Logos

Apple’s response:

The Company’s Statement in Opposition to Proposal No. 5 The Board recommends a vote AGAINST Proposal No. 5. This proposal would result in the production of a narrowly focused report that would yield an incomplete and therefore inaccurate analysis of the Company’s exposure to risks associated with changes in government policies with respect to climate change and renewable energy. In effect, the proponent is asking the Company to spend valuable time and limited resources analyzing hypothetical changes in U.S. federal, state or local governmental policies. The Company has already presented an analysis of the risks and opportunities associated with climate change on its website at www.apple.com/environment/climate- change and in its public filings with the SEC, as well as in a shareholder-requested and industry- recognized reporting tool, the CDP questionnaire.

and continues:

The additional report would therefore provide little to no additional value. As explained on its website, the Company believes climate change caused by emissions from burning fossil fuels is a real problem, and has committed to reducing the Company’s carbon footprint.

The Company also provides detailed information on its renewable energy and sustainability efforts in its annual Environmental Responsibility Report, available online at www.apple.com/environment/reports.
In 2014, the Company also provided detailed responses to the CDP questionnaire. Those responses, requested by shareholders, outline the Company’s views on the risks and opportunities of dealing with climate change. The report requested by the proponent would focus on one domestic aspect of climate change potential risk.

This approach distorts the global realities of climate change risk for the Company and its shareholders. The Company continually evaluates its reliance on both traditional and alternative energy sources and regularly makes decisions to mitigate the Company’s exposure to potential price increases, supply shortages and changes to federal, state and local government policies related to the environment. The Company’s public filings and reports already provide substantial disclosure regarding the Company’s approach to renewable energy and sustainability.

For example, with respect to regulatory risks, the Annual Report included a risk factor entitled “The Company is subject to laws and regulations worldwide, changes to which could increase the Company’s costs and individually or in the aggregate adversely affect the Company’s business.” This risk factor specifically addresses potential changes in laws and regulations, which could “make the Company’s products and services less attractive to the Company’s customers, delay the introduction of new products in one or more regions, or cause the Company to change or limit its business practices.”

The report requested by the proposal would not, in substance, provide any more meaningful detail than the Company’s existing disclosures nor would it justify the use of significant resources associated with preparing such a report. The Company believes that the fulsome disclosure already publicly available in the Company’s public filings and on the Company’s website are more than adequate to address the underlying issues outlined in the proposal. The Company also believes that producing the report requested by the proposal would not be an efficient use of Company resources nor an effective way to protect shareholder value.

Let’s hope this proposal fails. I voted against it1

Footnotes:
  1. I once bought 11 shares of Apple with some extra money I made, I only regret I didn’t purchase more, especially as these shares have risen dramatically in value, and then split seven-for-one in 2013. If I had bought more Apple shares when they were $85 instead of paying health insurance, for instance, maybe I could have some money in the bank… []

iTunes 12 Syncing Is Broken Beyond Belief

Hello Would You Like To Restore Your iPhone Again
Hello Would You Like To Restore Your iPhone Yet Again?

Kirk McElhearn, a long-time Mac columnist, adds his voice to the chorus of iPhone owners dismayed with iTunes 12 and iOS 8.

Now, syncing an iOS device—iPhone, iPad, or iPod—is too often an ordeal. And it is because it’s become untrustworthy. Will the sync work at all or will your content disappear and be transformed into something that fills the amorphous “Other” category in iTunes’ capacity bar. Will all of your content sync or just your music, or music, or apps?

Sync problems between iTunes and iOS devices are all too common. (See the last thirty days of posts in Apple’s support forums about iTunes sync issues.) In a way, this may be a predictable side effect of Apple’s push to online services. The company wants everything to be in the cloud, and it would prefer that you buy all your music and movies from there as well. Local syncing isn’t really a part of that plan and so may be treated as an afterthought. The difficulty is that not all users are right for the cloud model. For those with large iTunes libraries, or with limited broadband bandwidth, cloud storage simply isn’t usable.

Given that, it’s time to revisit local syncing. In its current state, iTunes syncing is broken and it can only be fixed by Apple.

Apple needs to fix syncing. While users who don’t sync their iOS devices in this way aren’t affected by these issues, those people with small and large iTunes libraries alike report syncing problems. It’s frustrating, and the fact that there’s no way to find out what’s wrong makes it even more so. In an ideal world iTunes would have some kind of sync log or sync diagnostic tool, akin to the Network Diagnostics utility, that would help ferret out problems and let people get on with enjoying their media.

(click here to continue reading iTunes syncing is broken: Apple, please fix it | Macworld.)

 iPhone 6 and iOS 8 restore number 12
iPhone 6 and iOS 8 restore number 12

I’ve written at least once about my frustrations with syncing, and by my count, I’ve had to restore my iPhone 6-minus at least ten times since I got it last fall. Ten times! New Year’s Eve1 was number eleven, and for some reason2 the PIN I used yesterday would not unlock my iPhone today. Since I have Find my iPhone turned on, I was unable to restore directly via my Mac, and had to log on to https://www.icloud.com/#find, and remotely wipe the iPhone. 

Sync Music 2015-01-01 at 12.10.18 PM

Restore Number 12 finally began, and because I use my iPhone for more than just a phone, the syncing takes for freaking ever3, and I probably won’t have use of a phone for several hours. 

Sure there are much worse problems in the world, but iPhone owners want devices that we spend thousands of dollars annually4 on to actually work. Currently, the iTunes 12/iOS 8 platform is not up the usual Apple standards. Constantly having to reinstall the software is not customer-friendly.

Restoring iPhone From Backup 2015-01-01 at 11.33.01 AM

Syncing photos 2015-01-01 at 12.09.28 PM

Syncing apps 2015-01-01 at 12.24.52 PM

Footnotes:
  1. yesterday, 12/31/2014 []
  2. fat fingers, or the beginning stages of a good buzz, or Jony Ive’s sense of humor, whatever []
  3. between 4-5 hours, plus time to reset Apple ID, iCloud, the thumbprint, Apple Pay, etc. []
  4. the device itself, the monthly bill, the apps and songs and etc. []

Apple Easily Wins iPod Antitrust Trial

Tech Graveyard
Tech Graveyard.

Briefly, since we marveled at this ridiculous lawsuit recently, the iPod DRM Class Action litigation lost in front of a jury:

A jury ruled in favor of Apple Inc. on Tuesday in a class-action lawsuit that accused the technology giant of violating antitrust laws by suppressing competition for its iPod music players.

After deliberating for only a few hours, an eight-person jury in U.S. District Court in Oakland, Calif., found that Apple’s iTunes 7.0 was a genuine product improvement, and therefore not a violation of antitrust laws. The decision was unanimous.

The plaintiffs had said Apple made changes to its iTunes music service so that iPods wouldn’t operate with other companies’ products, driving up the cost of the devices. The plaintiffs, representing an alleged eight million harmed consumers, were seeking $350 million in damages, which could have been tripled under antitrust laws.

(click here to continue reading Apple Wins iPod Antitrust Trial – WSJ.)

Dead 4G iPod
4G iPod

Another amusing part of this trial was that the original plaintiffs were thrown out since they didn’t even own iPods during the time in question. Embarrassing for the plaintiffs’ legal team, and a ridiculous waste of the court’s docket…

The lawyers fighting Apple in a class-action lawsuit involving iPods have managed to do a few remarkable things: They persuaded a judge to bring a decade-old lawsuit to trial here last week, for one. They even managed to drag the famous Steve Jobs into giving a videotaped testimony shortly before he died three years ago.

But they have one big problem: Their case has no plaintiff.

A federal judge on Monday disqualified the only remaining plaintiff in the case, Marianna Rosen of New Jersey, after Apple’s lawyers successfully argued that she did not even buy any iPods for which she is seeking damages.

The judge appeared annoyed about the discrepancies with Ms. Rosen’s iPods and scolded the plaintiff lawyers for failing to do their homework. Another plaintiff in the case dropped out last week.

 …

Last week, Ms. Rosen testified that she had bought two iPods: an iPod Nano in the fall of 2007 and an iPod Touch in December 2008. Apple’s lawyer asked whether Ms. Rosen kept receipts for her purchases. Ms. Rosen said she probably did not have the paper receipts, but later said her iPod Touch was in her bag.

Apple’s lawyers looked up the serial number of Ms. Rosen’s iPod Touch and found records showing it was bought in July 2009. The class action seeks damages for iPods bought from September 2006 to March 2009. So this iPod Touch missed the cutoff.

Apple’s lawyers last Wednesday pointed out the discrepancy about Ms. Rosen’s iPod Touch in a letter to the judge. They also raised similar concerns about the second plaintiff’s iPod purchases. On Friday, the second plaintiff dropped out of the case, leaving Ms. Rosen as the lone plaintiff.

Ms. Rosen’s lawyers then provided Apple a receipt showing two iPod purchases made in September 2008. But Apple pulled up its copy of the receipt for those iPods, which indicated they were bought by the Rosen Law Firm, the firm owned by Ms. Rosen’s husband. Apple’s lawyers argued that these were not iPods bought directly by Ms. Rosen, and therefore she could not claim injury.

(click here to continue reading Setback for iPod Class-Action Lawsuit as Sole Plaintiff Is Disqualified – NYTimes.com.)

iPod Classic Returned From The Dead
iPod Classic  

Just ridiculous from the beginning. Speaking as a consumer who owned an iPod during this time, and could prove it, the litigation is (was?) groundless – I played music from many sources on my iPod without issue. And it would be like suing a CD manufacturer because some moron bought an 8-track tape and stuck it in a CD player, and the 8-track didn’t play. Is it the responsibility of the CD manufacturer to play every kind of music format ever created? No, this case was a joke.

Robbins Geller Rudman & Dowd should lose their license to practice law…

Bonney Sweeney, the antitrust attorney at Robbins Geller Rudman & Dowd who claims to represent the interests of 8 million aggrieved Apple customers, now represents nobody but a roomful of lawyers.

On Monday, Sweeney lost her last plaintiff, a resident of New Jersey named Marianna Rosen. It turns out the “supracompetitive” price Rosen claims to have paid in 2008 for an iPod (“greater than she would have paid, but for the antitrust violations alleged herein”) was charged to her law firm’s credit card.

(click here to continue reading How dumb is this Apple iPod antitrust suit?.)

Nano gift

iPod Nano 

Especially since this is their second bite of the apple…

After a judge rejected Version 1.0 of the lawsuit, CNET says, lawyers changed their tune to accuse Apple of making software updates that kept rival music stores off the iTunes platform.

This is typical in class-action land. As with any repeated game, class-action lawyers are a well-defined group of players who must establish a reputation for fighting hard in every case and racking up as much expenses on the defense side as they can, in order to induce companies to come to the settlement table. That’s where they make their money, and the convenient fiction that they are suing on behalf of consumers collapses as they get down to the real negotiations, which are over the fee they will be paid without any objections from their supposed opponents across the table.

But for the whole process to work, they still need clients. And those clients must have a case. Defense lawyers have slowly but steadily woken up to the fact that those clients often come with baggage — Bill Lerach, the founder of the predecessor to Robbins Geller, went to jail for paying his clients to appear in securities class actions — and they are digging into their backgrounds to find out if they can even serve as plaintiffs. This must strike some plaintiff lawyers as strange, since everybody knows the “client” is just a vehicle for assembling a case that often is already loaded in their computer, ready to be filed. But it’s the law

(click here to continue reading Whoops! No Plaintiff! Apple Tells Court iPod Owner Isn’t In Class She Represents.)

Mirrored

The current case involving iPods is complex, having evolved significantly since the original January 2005 filing. The suit initially alleged that Apple broke the law by restricting owners of its iPod to songs purchased only through iTunes. A court deemed that legal, however, and the plaintiffs have since altered the suit, alleging instead that Apple made a series of software updates to iTunes specifically designed to shut out competing music stores’ ability to load their songs onto iPods.

The case will aim to determine what effect Apple’s FairPlay technology — a so-called digital rights management tool that acts like a watermark made of code — had on the market for MP3 players when it restricted iPod owners to iTunes and how to interpret Apple’s behavior in protecting FairPlay using software updates. Apple refused to license FairPlay to competing music stores and would not allow other MP3 players to connect to iTunes.

Apple’s Isaacson says the iTunes 7.0 and 7.4 updates were designed to improve security and purposefully keep third parties like RealNetworks, which Apple still considers a hacker, out of its system. “Harmony was outdated when FairPlay was updated. All Apple was doing was updating FairPlay,” he said. “That’s what happens when you reverse engineer the product and there’s an update of that architecture.”

Neither RealNetworks nor any of the retailers named in the suit, including Best Buy and Walmart, have filed suits of their own. RealNetworks executives will not appear as witnesses.

(click here to continue reading Apple misled iPod owners, plaintiffs allege at class action trial – CNET.)

Tech and Media Companies Back Microsoft in Email Seizure Case

Over Under Sideways

Good for Microsoft, and good for the tech industry to rally behind Microsoft1

A broad array of organizations in technology, media and other fields rallied on Monday behind Microsoft’s effort to block American authorities from seizing a customer’s emails stored in Ireland.

The organizations filing supporting briefs in the Microsoft case included Apple, Amazon, Verizon, Fox News, National Public Radio, The Washington Post, CNN and almost two dozen other technology and media companies. A cross-section of trade associations and advocacy groups, from the American Civil Liberties Union to the United States Chamber of Commerce, and 35 computer scientists also signed briefs in the case, which is being considered in New York by the United States Court of Appeals for the Second Circuit.

“Seldom do you see the breadth and depth of legal involvement that we’re seeing today for a case that’s below the Supreme Court,” Bradford L. Smith, Microsoft’s general counsel, said in an interview.

The case involves a decision by Microsoft to defy a domestic search warrant seeking emails stored in a Microsoft data center in Dublin. Microsoft has argued that the search warrant could provide a dangerous precedent that is already leading to privacy concerns among customers. The case is especially relevant, the company says, to customers who are considering conducting more of their electronic business in the cloud.

(click here to continue reading Tech and Media Companies Back Microsoft in Privacy Case – NYTimes.com.)

Even the Faux Walls have eyes
Even the Faux Walls have eyes

You know who isn’t mentioned here or at Microsoft’s public blog page for this case? Google. I wonder why? Seems like a pretty high profile case to be siding with the US DOJ instead of privacy advocates.

Today represents an important milestone in our litigation concerning the U.S. Government’s attempt to use a search warrant to compel Microsoft to obtain and turn over email of a customer stored in Ireland. That’s because 10 groups are filing their “friend of the court” briefs in New York today.

Seldom has a case below the Supreme Court attracted the breadth and depth of legal involvement we’re seeing today. Today’s ten briefs are signed by 28 leading technology and media companies, 35 leading computer scientists, and 23 trade associations and advocacy organizations that together represent millions of members on both sides of the Atlantic.

We believe that when one government wants to obtain email that is stored in another country, it needs to do so in a manner that respects existing domestic and international laws. In contrast, the U.S. Government’s unilateral use of a search warrant to reach email in another country puts both fundamental privacy rights and cordial international relations at risk.  And as today’s briefs demonstrate, the impacts of this step are far-reaching.

Today’s briefs come from:

Leading technology companies such as Verizon, Apple, Amazon, Cisco, Salesforce, HP, eBay, Infor, AT&T, and Rackspace. They’re joined by five major technology trade associations that collectively represent most of the country’s technology sector, including the BSA | The Software Alliance and the Application Developers Alliance. These groups raise a range of concerns about the significant impact this case could have both on the willingness of foreign customers to trust American technology and on the privacy rights of their customers, including U.S. customers if other governments adopt the approach to U.S. datacenters that the U.S. Government is advocating here.

Seventeen major and diverse news and media companies, including CNN, ABC, Fox News, Forbes, the Guardian, Gannett, McClatchy, the Washington Post, the New York Daily News, and The Seattle Times. They’re joined by ten news and media associations that collectively represent thousands of publications and journalists. These include the Newspaper Association of America, the National Press Club, the European Publishers Council, and the Reporters Committee for Freedom of the Press. These organizations are concerned that the lower court’s decision, if upheld, will erode the legal protections that have long restricted the government’s ability to search reporters’ email for information without the knowledge of news organizations.

(click here to continue reading Business, Media and Civil Society Speak Up in Key Privacy Case – The Official Microsoft Blog.)

Footnotes:
  1. not a sentence I’d thought I’d type []

Sign in To YouTube Using an iOS Device Like an iPhone

Illinois Central

Electric Shocking Power!

For perhaps the five hundredth time this decade,1 I spent a long time trying to login to YouTube to upload a video, and my password was not accepted, even though I’d copied it right out of 1 Password. After wasting about ten minutes trying to figure it out, I remembered that because I have set up a 2-Step Verification for my Google account, I have to generate an App specific password for logging into YouTube. I’m not sure why YouTube is different than other 2-Step Verification services2, but at least the solution is easy enough, once you remember that is why your password keeps failing. You’d think Google could update YouTube to at least give a hint that enabling 2-Step verification means a user can’t login simply with email and password. I mean, would it be that hard for the YouTube iOS App to add a footer to the login page? Or at least a suggestion to look to the App passwords page if a password fails a few times?

Anyway, after I did the proper Google search, I ended up here, with these instructions.

Sign in using App Passwords

An App password is a 16-digit passcode that gives an app or device permission to access your Google Account. If you use 2-Step-Verification and are seeing a “password incorrect” error when trying to access your Google Account, an App password may solve the problem. Most of the time, you’ll only have to enter an App password once per app or device, so don’t worry about memorizing it.

  1. Visit your App passwords page. You may be asked to sign in to your Google Account.
  2. At the bottom, click Select app and choose the app you’re using.
  3. Click Select device and choose the device you’re using.
  4. Click Generate.
  5. Follow the instructions to enter the App password (the 16 character code in the yellow bar) on your device.

 

(click here to continue reading Sign in using App Passwords – Accounts Help.)

That’s pretty clear, and simple, once you know that is what you are required to do.

Perhaps since I’m writing a post about this procedure, I’ll remember next time I’m uploading a video from a new iOS device, or a new app that uses YouTube.

Also, the video was pretty dark, I’ll have to retry with better lighting next time I have a can of Nuclear Winter beer by Finch’s Beer…

My app specific list looks like this3

Screen Shot 2014 12 03 at 9 22 36 PM
Google App specific passwords, a partial list

Vimeo version…

Nuclear Winter Boilermaker- Finch’s Beer from Seth Anderson on Vimeo.

With a name like Nuclear Winter, what else could I do?


update, damn, this post became a spam comment magnet so we’re disabling comments for a while. Sorry.

Footnotes:
  1. every time I get a new iPhone or iPad, or Apple TV basically. Though some apps use YouTube as well, I’m guessing this has happened more than three million times since I’ve enabled 2-Step Verification []
  2. for instance, I use 2-Step Verification for Tumblr, for Twitter, for Buffer, and probably some others too []
  3. not all shown []

Class Action Madness Against Apple’s iPod

iPod beach joy
iPod Original Model.

To be blunt, this is bullshit.

The latest case to bring Mr. Jobs’s spirit into a courtroom is set to begin on Tuesday in Oakland, Calif. It is a class action involving older iPods, which played only songs sold in the iTunes Store, or those downloaded from CDs, not music from competing stores. The plaintiffs are consumers who say Apple violated antitrust law because to keep their music, people had to stay with the iPod, and buy higher-priced ones rather than cheaper, alternative music players. Apple has since discontinued this system.

(click here to continue reading Star Witness in Apple Lawsuit Is Steve Jobs – NYTimes.com.)

Maybe there is more to this litigation than is being reported, but as an owner of many iPods (including several of the early models, including the one that only worked with Macs), I can attest that all iPods were able to play music in the MP3 format from any source. If you got music from converting CDs you own (like I did and still do), or downloaded files from rival services like eMusic, or wherever, as long as the file was in the MP3 format, it played fine on any iPod. Now, perhaps there were music stores that sold tunes that were encoded in other proprietary formats, but why should Apple have to support those formats? Especially since if you downloaded, for instance, a WMA file from Music Match, you could easily convert the track to MP3 on your computer in seconds.

Dead 4G iPod
Dead 4G iPod

I don’t understand why this case hasn’t been tossed out yet. What am I missing?

Apple and Others Encrypt Phones, Fueling Government Standoff

Apple Store in Soho
Apple Store in Soho.

Apparently this ridiculousness is still going on, we blogged about it last month, and previously

The No. 2 official at the Justice Department delivered a blunt message last month to Apple Inc. executives: New encryption technology that renders locked iPhones impervious to law enforcement would lead to tragedy. A child would die, he said, because police wouldn’t be able to scour a suspect’s phone, according to people who attended the meeting.

 …

Apple executives thought the dead-child scenario was inflammatory. They told the government officials law enforcement could obtain the same kind of information elsewhere, including from operators of telecommunications networks and from backup computers and other phones, according to the people who attended.

Technology companies are pushing back more against government requests for cooperation and beefing up their use of encryption. On Tuesday, WhatsApp, the popular messaging service owned by Facebook Inc., said it is now encrypting texts sent from one Android phone to another, and it won’t be able to decrypt the contents for law enforcement.

AT&T Inc. on Monday challenged the legal framework investigators have long used to collect call logs and location information about suspects.

In a filing to a federal appeals court in Atlanta, AT&T said it receives an “enormous volume” of government requests for information about customers, and argued Supreme Court decisions from the 1970s “apply poorly” to modern communications. The company urged the courts to provide new, clear rules on what data the government can take without a probable cause warrant.

(click here to continue reading Apple and Others Encrypt Phones, Fueling Government Standoff – WSJ.)

Law enforcement officials are clever, they can find ways to get data in other ways, like this, for instance…

PRISM
PRISM

And good for Tim Cook – he suggests that Apple Inc. should not be in the business of enabling the police in their quest to snoop on our phones without first getting warrants. You know, like if we were living in a constitutional Democracy with a Bill of Rights again?

In June 2013, Mr. Snowden provided reporters with documents describing a government program called Prism, which gathered huge amounts of data from tech companies. At first, tech-company executives said they hadn’t previously heard of Prism and denied participating. In fact, Prism was an NSA code word for data collection authorized by the Foreign Intelligence Surveillance Court. Tech companies routinely complied with such requests.

 More than a year later, tech executives say consumers still mistrust them, and they need to take steps to demonstrate their independence from the government.

Customer trust is a big issue at Apple. The company generates 62% of its revenue outside the U.S., where it says encryption is even more important to customers concerned about snooping by their governments.

These days, Apple Chief Executive Tim Cook stresses the company’s distance from the government.

“Look, if law enforcement wants something, they should go to the user and get it,” he said at The Wall Street Journal’s global technology conference in October. “It’s not for me to do that.”

In early September, Apple said the encryption on its latest iPhone software would prevent anyone other than the user from accessing user data stored on the phone when it is locked. Until then, Apple had helped police agencies—with a warrant—pull data off a phone. The process wasn’t quick. Investigators had to send the device to Apple’s Cupertino, Calif., headquarters, and backlogs occurred.