Pixel Envy

Written by Nick Heer.

Establishing Precedent

Megan Cassella reporting for Reuters:

The court ruling ordering Apple Inc. to help unlock an iPhone belonging to one of the San Bernardino attackers represents just one case, the White House said on Wednesday, emphasizing that the U.S. Department of Justice is asking the tech giant for access to a single device.

In a briefing with reporters, White House spokesman Josh Earnest deferred to the Justice Department but said it’s important to recognize that the government is not asking Apple to redesign its product or “create a new backdoor to its products.”

It is entirely disingenuous for the DOJ to claim that this is only about this single iPhone. This order is about establishing a precedent for future cases, and that explains Apple’s opposition to it. Here’s the actual text from the order:

[Provide] the FBI with a signed iPhone Software file, recovery bundle, or other Software Image File (“SIF”) that can be loaded onto the SUBJECT DEVICE. The SIF will load and run from Random Access Memory (“RAM”) and will not modify the iOS on the actual phone, the user data partition or system partition on the device’s flash memory. The SIF will be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the SUBJECT DEVICE. The SIF will be loaded via Device Firmware Upgrade (“DFU”) mode, recovery mode, or other applicable mode available to the FBI. Once active on the SUBJECT DEVICE, the SIF will accomplish the three functions specified in paragraph 2. The SIF will be loaded on the SUBJECT DEVICE at either a government facility, or alternatively, at an Apple facility; if the latter, Apple shall provide the government with remote access to the SUBJECT DEVICE through a computer allowed the government to conduct passcode recovery analysis.

That’s a request for Apple to build a master key. It cannot be done for this device alone; there’s no reason that firmware could not be used against any other pre-5S iPhones. The notion that Apple could code “a unique identifier […] so that the SIF would only load and execute on the SUBJECT DEVICE” is revealing in its ignorance.

Update: According to Matthew Panzarino, the proposed solution would compromise the security of all iPhones, not just those without secure enclaves.