7 comments

[ 3.3 ms ] story [ 16.7 ms ] thread
The difference between the old cases and the current one is that in the new case, Apple is being forced to develop and install a backdoor to circumvent security features. That sets an entirely different precedent compared against simply providing the feds with information that already have.
It's the difference between unlocking a safe to help execute a warrant (typically legally required) and making a key that unlocks all safes.
It is in fact not clear that what would be produced would be a master key. The warrant, for example, specifies that such a tool only apply to one device id. Given that firmware images need to be signed by Apple to be loaded, it would be relatively straightforward to create a firmware image that would only work on a single device and could not be used on a different device without Apple's assistance (e.g. generating and signing a new image tied to a different device ID).

More likely it is the case (as they have said explicitly) that they do not want to create a key because that would tarnish their image and suggest to the government that they could, again in the future, be called upon to unlock an individual's phone. Most specifically here, Apple would be generating software for the government to use to undermine the security of their products.

Further, until they move more functionality into hardware, a very similar technique could be used on current devices, suggesting that Apple products are not yet quite as airtight as they would like you to believe. Specifically, Apple seem to have implied that they can update the software for the Secure Enclave without requiring a passcode. See here:

https://stratechery.com/2016/apple-versus-the-fbi-understand...

Perhaps instead of a master key, they have a machine to make any specific key. It takes a device ID as in input.

I don't know if that is really practically different than a master key.

The difference isn't that you couldn't unlock (or, actually, just weaken) each device. It's that with Apple presumably in control of their signing key, they would need to get Apple's assistance any time they wanted to unlock a specific device. The obvious benefit would be that the tool can't be used indiscriminately - presumably they would need to be presented with a legal order.

This, then, seems to be an attempt to get ahead of the game. They have the benefit of being able to acknowledge having received a request and use that request as an opportunity to give their objection to weakening users' security. This would not be the case if instead they had been presented with a National Security Letter (as may have been the case in some of the instances suggested by the article).

Apple wants to stay as far away from hacking the world as possible. If a weapon/tool like that exists, they'll be asked to use it. Or it'll be stolen. Or copied. Etc.
Knocking and asking someone to open the door for you to let you in their house is different from asking someone for the key to their house.