Apple's VP Of Software Engineering: No, We Have Never Given A Backdoor To Any Government
from the shut-up-DOJ dept
One of the more ridiculous claims in the DOJ’s filing against Apple last week, was its decision to pick up on former NSA lawyer Stewart Baker’s conspiracy theory that Apple had built backdoors into its products for China (side note: I met Stewart in person for the first time recently, and he mocked me about this, saying that I should agree with him on this point). However, as we noted in our post last week, there doesn’t seem to be much evidence to support Baker’s claims. The two key issues were using the Chinese wireless standard WAPI — which some have claimed includes some sort of backdoor, but it was also the only real local area wireless tech in China for a while — and the decision to store iCloud data in China. However, as we noted, there have been reports that the Chinese government tried to then conduct a man in the middle attack against the iCloud servers. If Apple had actually given the government a backdoor, then why would it need to do that?
Either way, in a declaration attached to Apple’s response, Apple had Craig Federighi, its senior VP of software engineering, tell the court directly that it has never installed a backdoor for any government ever:
Apple uses the same security protocols everywhere in the world.
Apple has never made user data, whether stored on the iPhone or in iCloud, more technologically accessible to any country’s government. We believe any such access is too dangerous to allow. Apple has also not provided any government with its proprietary iOS source code. While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device.
It is my understanding that Apple has never worked with any government agency from any country to create a “backdoor” in any of our products or services.
Now, some may push back on the point about WAPI, but again, making use of a third party technology that potentially has backdoors (some of which could be protected against) and being told by the government to build special backdoors just for that government are still vastly different scenarios.
Filed Under: all writs act, backdoors, china, craig federighi, doj, encryption, fbi, going dark, icloud, wapi
Companies: apple
Comments on “Apple's VP Of Software Engineering: No, We Have Never Given A Backdoor To Any Government”
So because whoever used some encryption developed by the nsa that had backdoors….
Let the cognitive dissonance kick in.
Not for lack of trying
It is my understanding that Apple has never worked with any government agency from any country to create a “backdoor” in any of our products or services.
DOJ/FBI’s (unspoken) response:
“We’ll see about that.”
It would be curious to see the response of the US government if Apple were to pick up and move to another nation. I have no doubt that many would by happy to be the new home base of this company. The harassment over a password that the FBI changed, and then lost is incredible.
Re: Re:
The harassment over a password that the FBI changed, and then lost is incredible.
That point really does deserve to be brought up more often, as it highlights just how absurd the whole thing is. Had the FBI not been so colossally incompetent in a case they claim is very important, there would have been no need to go to court. Had they simply managed to follow the basic instructions Apple sent them, rather than bungling everything like a pack of idiots, they could have had the contents of the device without any hassle, but because they screwed up in such an epic fashion they had to go whining to Apple to fix their mess.
Re: Re: Re:
Btw, did you read the Supplemental Pluhar Declaration (Mar 9 2016) ?
( I provided another link to a different copy in a conversation with you under a previous article, with microtext “Stacey Perino declaration”, but didn’t call out the Supplemental Pluhar declaration specifically within that 484 page pdf. )
Zdziarski continues to have questions about the government’s account of finding the iPhone 5c in a powered-off condition.
Re: Re: Re: Re:
Oh, and fwiw, just a note here to keep the document references straight, the Supplemental Pluhar Declaration is document 149-2, and was attached to the government’s March 10 “Reply In Support Of Motion To Compel and Opposition To Apple Inc’s Motion To Vacate Order” (Document 149).
Re: Re: Re: Re:
If it WAS powered-off, then it almost certainly doesn’t have any relevant location data on it, which is the one thing that I’d be willing to believe was on the phone that the terrorists didn’t destroy. Of course, if it was powered on, then I fail to see why we should trust a bunch of liars with the data.
Re: Re: No Mistake
…but because they screwed up in such an epic fashion they had to go whining to Apple to fix their mess.
The theory is that it wasn’t a “screw up” so much as an excuse. Knowing that there was likely nothing that they really wanted on the phone, the FBI deliberately locked themselves out so that they could get the test case they wanted.
Re: Re: Re: No Mistake
A theory.
Consider it in conjunction with the bizarre media invasion of the Redlands home on Dec 4, 2015. And that latter incident must be taken in along with Director Comey’s answer to Sen Feinstein about that circus. (Sen. Feinstein’s questions begin about the 55:20 timemark.)
How well-managed was this entire investigation in the early days?
Re: Re: Re: No Mistake
What? You mean the FBI manufactures cases? I’m shocked, I tell you! Shocked!
Re: Re: Re:2 No Mistake
shocked you say, the fbi has a round metal object they want you to put in a certain location.
Re: Re:
I can just see the DOJ/FBI responding to Apple moving to another country saying something like that with Apple moving to another country shows that Apple is trying to evade the law and which shows Apple to be criminals as to why else would a criminal flee to another country just to avoid being brought to law. /sarcasm
Re: Re:
Since Apple (and many of their other Tech buddies) have been very good about shipping profits offshore already, it’s not clear that it would make a huge fucking difference at this point.
http://www.informationweek.com/government/leadership/apple-taxes-and-why-tim-cook-is-wrong/a/d-id/1323729
almost 60 billion of taxes “avoided”… not sure that Apple is really a good friend of the US to start with.
Re: Re: Re:
every company on the fortune 500 just likes having a double irish with a dutch sandwich. and congress doesnt seem to want to make them eat there lunch at home.
This is nothing new...
The government has been giving it to us in through the backdoor for years. I guess they just want a new boyfriend.
Well, technically all Apple devices do have a backdoor. It’s called “automatic updates”. Nobody is preventing Apple from shipping an update that weakens device security. Another backdoor feature app store providers usually have is pushing updates for specific apps or disabling them remotely.
(Just to make sure this doesn’t get misunderstood: I’m not saying Apple does that, I’m just saying the tool is there and since Apple devices work more like consoles or entertainment media players, updates might even be required for continued service.)
By the way: the auto-update feature for apps might be another avenue a government might use. Can’t get Apple to open its doors? How about a backdoor hidden in an third-party vendor app. Given the NSA’s capabilities, that vendor doesn’t even have to be a willing accomplice. Just infiltrate the systems of one of the million mobile app shops out there.
Again: I’m not endorsing this, just saying the paths are there. Personally I really don’t like smartphones for that very reason: they take the control over my device and data away from me.
“Apple has also not provided any government with its proprietary iOS source code.”
No major government has any need to ask for it: they can simply take it, whether by hacking Apple or perhaps the more expedient approach of buying an Apple engineer or two. Given the importance of that code and the budgets in play, the latter approach stands a good chance of working.
Re: Re:
Money. Ideology. Compromise. Ego.
Re: Re:
“Court-Ordered Access to Smart Phones: In Brief”, Congressional Research Service, Feb 23, 2016, p.6 (p.9 in PDF):
If the iPhone is so secure why can't the president use one?
As reported by main stream press he is banned from using an iPhone for his emails.
http://www.theguardian.com/technology/2013/dec/05/barack-obama-cant-have-an-iphone-security-blackberry
Turn Rotten Apple
Apple should search the apple devices of all government employees and make public any and all questionable or illegal activity for the public to see… from the bottom to the top. Let’s see the cockroaches scurry.
Director Comey visits in Beijing
“Chinese state councilor meets FBI director”, Xinhua, Mar 14, 2016
a rose by any other name...
AC #9 – this guy gets it.
meanwhile blackberry is jumping up and down in the back of the room waving there hands..
i cant believe this angle isn’t getting more attention in the press.
http://appleinsider.com/articles/15/05/18/president-obama-uses-iphone-to-make-first-post-on-personal-twitter-account