Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Encryption Government Privacy Security United States Apple

AG Barr Seeks 'Legislative Solution' To Make Companies Unlock Phones (engadget.com) 92

stikves shares a report from Engadget: Last December, a Saudi Arabian cadet training with the U.S. military opened fire at Naval Air Station Pensacola, killing three soldiers and wounding eight others. The FBI recovered two iPhones, and after failing to access their data, asked Apple to unlock them. The company refused, but eventually the FBI unlocked at least one of them without Apple's help, and discovered substantial ties between the shooter and terrorist group al Qaeda. U.S. Attorney General Barr suggests forcing Apple to take action in the future, saying "...if not for our FBI's ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered. The bottom line: our national security cannot remain in the hands of big corporations who put dollars over lawful access and public safety. The time has come for a legislative solution."
This discussion has been archived. No new comments can be posted.

AG Barr Seeks 'Legislative Solution' To Make Companies Unlock Phones

Comments Filter:
  • Yeah, sure (Score:4, Insightful)

    by barakn ( 641218 ) on Monday May 18, 2020 @08:32PM (#60076124)

    It'll sound like a great idea up until the moment some unknown actor is compromises his phone. I'm sure A.G. Barr has no skeletons in his closet.

    • So, the government learned that a terrorist had links to a terrorist group, and could not have surmised this without cracking his iPhone. Furthermore, we’re all safer because they discovered this. So much safer that we need a backdoor to every phone.

      I can see the headlines now:

      “After searching his iPhone, the FBI learned that the file-sharing priest was, in fact, Catholic.”

    • This guy definitely has a lot of skeletons in his closet, and one of them is probably the real Barr.

    • He keeps his skeletons out in the open. There are few people who genuinely have "nothing to hide," but he may be one of them. Until next year anyway.
      • Re:Yeah, sure (Score:4, Insightful)

        by CoolDiscoRex ( 5227177 ) on Tuesday May 19, 2020 @03:39AM (#60077372) Homepage

        Everyone should have many things to hide. I wouldn’t want to know someone that didn’t.

        Something would be seriously wrong with you if you didn’t have tons of things that would embarrass you if they got out.

        Please, everyone, have something to hide. Have lots of things to hide. Humans are self-riteous, judgmental assholes, and they are all bizarro albino-midget-fuckers behind closed doors. If everything you do would please these hypocrites, then you have never lived.

        Go out and get something to hide. Now. For your own sake.

        • Humans are self-riteous, judgmental assholes, and they are all bizarro albino-midget-fuckers behind closed doors.

          Wait ... you're supposed to close the door?!!? And I suppose the blinds as well, huh?

          Oh well, I suppose I should just accept my new role as a at-home teacher and start asking the local elementary school about my paycheck. I wonder how I'm supposed to administer tests and grade?

    • Creates regulation to wipe out small innovative phone competitors and destroys our privacy in one fell swoop. Typical lawyer tactic.
    • Several scumbag companies sell law enforcement company's and contracts - instant breaks for Apple and other phones. Including despot states. Go to any invite only 'Arms Fair' and you can see a demo, or pay $1000 or so for any phone you have. Broken instantly. You must assume FBI got kicked off scumbag software lists for breaking conditions - ie not paying per phone - quite a lot. And unwilling to pay ex-contractors, or unwilling to put a real name against the person authorizing the break. If FBI is not will
      • by jythie ( 914043 )
        I suspect the FBI has these tools and does not actually care about backdoors. This seems to be more of a political thing, with the publicly visible fight over encryption being more important than the tools themselves. Just like the fights the DoJ had with the telcos years ago, it is all about showing who is boss and more importantly showing your supporters that YOU are boss.

        Back doors has become a 'pro law enforcement vs order hating tech companies' culture war
    • Sounds like a great idea? It sounds like China. So we hate them, but we want to do it their way?

  • by jmccue ( 834797 ) on Monday May 18, 2020 @08:36PM (#60076142) Homepage

    "...if not for our FBI's ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered.

    You mean someone in government had to do real work ? The horrors.

    Sad how far this country fell, compare that to NASA and the moon project, in say ~15 years we went from barely able to get a rocket working to send people to the moon. Now people are afraid of math

    • by antdude ( 79039 )

      "Math is hard." --Barbie :P

    • Sorry, feeling argumentative. Let me try..

      "Oh come on you know there's 1 moon and 5000 people worked on that project but there are 100000 criminals so you're saying we need 500000000 agents right? OK!"

    • in say ~15 years we went from barely able to get a rocket working to send people to the moon. Now people are afraid of math

      "Math class is tough!" -- that wise sage, Barbara Millicent Roberts.
      Link [nytimes.com]
      Search [google.com]

  • If this goes into law, one of these days evil bastards will break into the backdoor of a major brand and make front page news. The company will point out they were required to by law. Whoever sponsored the bill better hope they are no longer in politics by then.

    • There is no bill, no one has written anything.

      Yet.

      When they do, do the same thing us 2A people do when they write all these crazy bills: Call, write, email. Lots. Often.

      It's *our* government. They work for *us,* we don't work for *them*. Tell them. They do listen, from time to time.

      And AG Barr can go fuck himself on this one. He's part of the swamp that needs to be drained. That man's full of bad ideas on a number of subjects, not just privacy.

      • It's *our* government. They work for *us,* we don't work for *them*. Tell them. They do listen, from time to time.

        I would like some of whatever you are smoking.

        Please?

      • There is no bill, no one has written anything.

        Yet.

        When they do, do the same thing us 2A people do when they write all these crazy bills: Call, write, email. Lots. Often.

        It's *our* government. They work for *us,* we don't work for *them*. Tell them. They do listen, from time to time.

        And AG Barr can go fuck himself on this one. He's part of the swamp that needs to be drained. That man's full of bad ideas on a number of subjects, not just privacy.

        No Bill, only Communications Assistance for Law Enforcement Act https://en.wikipedia.org/wiki/... [wikipedia.org]

        • by suutar ( 1860506 )

          Which is about calls in progress, not data at rest on a phone. They need a new bill, if only to modify CALEA to cover this.

    • by Tailhook ( 98486 )

      one of these days evil bastards will break into the backdoor of a major brand and make front page news

      Sony Pictures. North Korea...?

      If your best argument hinges on the sanctity of corporate systems then give up now; there is no hope.

      • by Tablizer ( 95088 )

        I'm not saying corporations are great or reliable, only that if a legally-mandated back-door creates a hacking stir, the politicians behind it will have egg on their faces.

      • Re: (Score:1, Informative)

        by sexconker ( 1179573 )

        Sony's hack came from within. It came days after secret meetings with government spooks, too.

        No one in the infosec space believed the NK story for a second. Go ahead, ask any cybersecurity expert about it.
        And don't forget all the leaks around the time of the NSA tools, many of which were designed to make attacks look like they came from specific nations such as NK or Russia.

        Sony's hack was either:

        A: An inside job involving a rogue Sony employee, with the government coming in to frame it as NK.
        B: An outrigh

    • by jythie ( 914043 )
      Whoever writes such a bill will be closely tied to the pro-law enforcement lobby, which tends to benefit from increased crime, so their political career will likely be fine.

      The LEO lobby doesn't really care about what happens to non-cops, or even cops for that matter.
    • "If this goes into law..."

      Then someone (possibly Apple or Google) will make new encryption that they can't get into. Possibly even a 3rd party based outside US jurisdiction could make it. IOS and Android could even offer APIs allowing this functionality. Tech can move 1000 faster than the law and knows no borders. It isn't new that criminals just started using codes to hide their activity. Also, not all cases rely on the contents of a phone. Honestly, if thats the only real evidence then it's a weak case to

  • Already posted on /. and has a lively discussion:
    https://apple.slashdot.org/sto... [slashdot.org]

    E

  • Dear Mr. Barr (Score:5, Informative)

    by nehumanuscrede ( 624750 ) on Monday May 18, 2020 @08:44PM (#60076156)

    The rest of us non-criminal types would like to keep our phones and private lives contained therein out of the hands of those who would abuse such power in the name of " keeping us safe ". ( Eg. You and the Government you work for. ) I would kindly refer you to the Fourth Amendment which seems to be pretty clear about this matter. ( I don't see any exceptions written in here do you ? I'm betting the Supreme Court won't either if you foolishly decide to push it that far. )

    "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

    I think Apple and the rest of the tech world would be more than happy to help you out assuming you followed proper protocols in obtaining warrants for very specific devices under very specific circumstances. The fact they make it as difficult as they can for you tells me all I need to know about where they stand on the debate about helping you obtain the carte blanche access you all so desperately fawn over.

    Basically, they don't believe you'll behave with such power any more than the rest of us do.

    • Re:Dear Mr. Barr (Score:4, Insightful)

      by Cardcaptor_RLH85 ( 891550 ) on Monday May 18, 2020 @10:56PM (#60076694) Homepage
      Let me start by saying that I completely agree with what you've said here. However, the current issue between the FBI and Apple isn't warrant related since they had applicable warrants for this device. The issue is that iOS (and Android) devices have full device encryption on by default that the OEM can't crack even with a valid warrant. The FBI's current position is that they want companies to either remove encryption altogether or have encryption that can be bypassed with a key held by the OEM if they are served with a warrant (in other words, a backdoor). Thus far everyone who understands how encryption actually works (including Apple, Google, etc) has been trying to tell the FBI that this isn't viable but, they still persist.
      • They love that “warrant” stuff. It’s supposed to make us feel like someone is protecting us from abuse, while the reality is that warrants are easier to get than the clap in a Thai brothel.

        Some guy told me that was real easy to get.

        • They love that “warrant” stuff. It’s supposed to make us feel like someone is protecting us from abuse, while the reality is that warrants are easier to get than the clap in a Thai brothel.

          Some guy told me that was real easy to get.

          Where I cannot argue with you that warrants are too easy to get, the problem is NOT law enforcement but the courts. It takes a judge to sign off a warrant and if they sign anything put in front of them without questions being asked then the problem is in the process.

          So, we need to make it harder to get a warrant. I got to ask you, what do you think it should take? Right now it's supposed to be "probable cause" which the Supreme court defines as: "where the facts and circumstances within the officers' kn

          • by sconeu ( 64226 )

            That's Rule 41 of the FRCP. Basically, it says that the just MUST issue the warrant if there's even a remote amount of probable cause.

          • No. There is definitely some fault with the judge. But a cop who asks for a warrant that is... well... unwarranted; is most definitely "the problem"; at least as much, and usually moreso, than any judge. At least with the judge there is the possibility that they were lied to by the cop, reviewed the "facts", and issued the warrant based on his best understanding. And a lazy, rubber-stamp judge who signs any warrant put in from of him is still merely an incompetent slacker... a professional failure, but

            • I got to disagree here.

              The process is the problem. Try and follow this logic, OK? There are multiple checks and balances here to consider...

              The process is supposed to have checks and balances, where there is a check on the police and their ability to search, making them get a warrant if the suspect refuses to consent to a search. The courts are supposed to be that check and make sure law enforcement is not infringing on your 4th amendment rights. IF the courts are not checking the police on this, then

      • Where are my mod points! Short sweet and accurate.
      • It's not just Apple trying to tell them. Former head of the NSA is on the record saying that backdoors are _bad_ for national security. That's not taking into account privacy concerns and fear of scammers. Just national security.
    • good grief, there was a search warrant for this phone, as allowed by the amendment you are quoting.

      you can argue in favor of no searches, but not by quoting the text that supports Barr's position

      • good grief, there was a search warrant for this phone, as allowed by the amendment you are quoting.

        Ooooh, did you hear that, a search warrant? You know, those things with near-100% approval rates.

        See, when the constimuhtution was written, it was expected that warrants would not be defacto rubber-stamps.

        Of course, the burrito Supreme Court (the one that said slavery was constitutional) says this stuff is constitutional so, I mean, they must be right. Yeah, they gotta be, come on everyone, let’s hear

      • by flink ( 18449 )

        good grief, there was a search warrant for this phone, as allowed by the amendment you are quoting.

        you can argue in favor of no searches, but not by quoting the text that supports Barr's position

        A warrant isn't a magic wand that changes the laws of mathematics and renders a device for which you have no key easily decryptable. Nor can it compel a company to change the design of its products to make your job easier. If the FBI wants to make secure phones illegal it needs to go to congress, not a judge.

        They got a warrant to search the phone, that they did not have the means to do so is not Apple's problem nor should it be. If Apple had an escrow key, they could get a warrant for that as well, but s

        • If Apple had an escrow key, they could get a warrant for that as well

          Thank you. Too many people ignore the fact that Apple could keep and manage escrow keys. Apple has taken a stand and refused to design software that way. Apple could sign firmware that could be loaded onto an encrypted phone to allow brute force attacks. Apple has taken a stand and refused to create or design such firmware. A judge could compel Apple to provide the signing key so the FBI for the FBI to create firmware to work the way they desire. No judge has made such a ruling to date.

          I wanted to expound o

          • We've already tried OSS on phones. Between locked boot loaders and proprietary device drivers (now standard on all devices) that dream is dead. It was a fun dream while it lasted.
    • secure in their persons, houses, papers, and effects, against unreasonable searches and seizures

      The argument for back doors is that searching the phones of terrorists or criminal suspects doesn't constitute an unreasonable search. And they are right: as long as a judge signs off on a warrant, and access is given on an individual basis rather than the government having a master key for everyone's phone. (in my country we've already lost the rule that ony a judge can issue warrants, by the way. "Too much red tape"). What should weigh very, very, very heavily against this argument is the fact that any

    • Cars are an exception, unfortunately! It's been affirmed by the SCOTUS several times. https://en.wikipedia.org/wiki/... [wikipedia.org]

      Basically, it's not a time to be complacent. It's very easy for governments and the courts to decide something IS an exception. (This is also the problem with any kind of legal literalist. You always end up backed into a corner because not many laws are sufficiently enumerative.)

  • It's supposed to be absurdly difficult if not impossible for them to read encrypted data. Ideally however many resources they have will exactly equal the total number of phones they absolutely need to crack.

    That said, the government already has a back door, as evidenced by the fact they can crack it at all (all the supercomputers in the world can't crack modern crypto algorithms within many trillions of years, meaning they have a back door or a working quantum computer.)
    • No, they don't have a back door. They purchased a hack using an unpublished vulnerability that Apple can correct at any time.

      What they want is a permanent back door written into the encryption algorithm so in the future they can get a warrant to decrypt the information on a suspect's iPhone and force Apple to give them the key.
  • I don't keep anything on my phone that's particularly important or confidential because I don't trust it. Too much stuff goes on there behind my back.

    But if I did have some reason to put something important on there, why wouldn't I just encrypt it using a program that I know works and that I can control myself? GPG being the first one that comes to mind.

    If I'm using Apple's encryption or Samsung's encryption or Joe Shlabotnick's encryption, I get what they want to give me and no more or less than that. N

  • by Todd Knarr ( 15451 ) on Monday May 18, 2020 @08:58PM (#60076222) Homepage

    You can pass all the laws declaring that Pi equals 3 that you want, that still won't make it so. If the encryption is secure then the vendor has no way to enable access, period. That's a mathematical property of the encryption being secure, and no law can change that. The only thing the law might do is require the vendor to design their hardware and software to send a copy of the encryption key to the vendor, which would immediately render the encryption insecure.

    • The only thing the law might do is require the vendor to design their hardware and software to send a copy of the encryption key to the vendor

      Man, wait until this guy finds about that laws were passed forcing parking lot designers to accommodate handicapped spaces.

    • It would be possible to design it so that it sent an encrypted copies parts of a key to a number of trusted third parties.

      Split the key into two parts that can be combined to form the user's private key. Encrypt each part with the FBI's public key.

      Send one part to the vendor. Send another part to a trusted third party, with a contractual obligation to only hand over the key with a search warrant.

      I'm not saying this is a good idea. And there is obviously another attack vector; although the attacker w
    • Of course, if Apple makes a backdoor, Apple will use it for their own purposes as well to “protect the company’s interests” or whatever.

      It will make end-to-end encryption moot

    • You can pass all the laws declaring that Pi equals 3 that you want, that still won't make it so.

      Just because the Drug War "didn't work for the people" doesn't mean it didn't work for somebody entire industries are fueled by us because of it... and of course there are "still drugs."

      Rest assured this "insanity" isn't about "fighting crime" - it's about creating it.

  • Fuck you. That is all.
    • Apart from his appalling lack of technical understanding, what's your problem with Barr? Seems to me he's actually doing his job, unlike his predecessor who basically sat on his hands for 2 years.

      I suppose the political talking heads from the left side of the isle don't like Barr over Sessions because he seems to be driving some investigations that might implicate anit-Trump forces in malfeasance (and possibly for breaking a law or two), but we are not plagued with leaks and "unnamed source" reporting so

  • Apple doesn't have a way to bypass their security and extract the data. If it can be done, then it is a serious bug they need to fix.

    So, sure, US Govt. Go and buy a bunch of exploits, give them to Apple with a warrant, they'll apply them to that phone - and then roll out an urgent update to close those serious vulnerabilities.

    The FBI could unlock those phones because they paid something to come criminals who know something about Apple's phones that Apple doesn't know.

    • Comment removed based on user account deletion
    • It’s also possible that the FBI didn’t crack shit and they’re making up the Al Qaeda stuff up for propaganda purposes and to pressure Apple.

      Just because someone says they did something ...

      • Itâ(TM)s also possible that the FBI didnâ(TM)t crack shit and theyâ(TM)re making up the Al Qaeda stuff up for propaganda purposes and to pressure Apple.

        It may be propaganda. It may be that they can't crack the iPhone, so they need to convince people that they can, so that criminals and terrorists switch to something else that is hopefully less safe and _can_ be cracked.

        But the most logical explanation that I heard is that they have technology that can crack _some_ phones if you're lucky. Not good enough for reliable cracks. So this is all to confuse the enemy.

  • Just another politician who doesn't understand reality -- or just doesn't care and wants to stick his nose into everything and anything without any restrictions. Fuck Barr, and fuck anyone else who thinks wrecking encryption for everyone is in any way shape or form a good idea.
    • He is not a politician. Just a bureaucrat working for the "police side" of the federal government. Of course, AG, from ANY country, will always demand a backdoor into people's phones and other devices.

      • by gtall ( 79522 )

        No, he's a politician. Everyone working in the alleged administration is a politician and an enabler to the alleged president. A pox on all of them.

        • LOL.. Like making political decisions for appointed positions in an administration is a one party deal. Not!

          Elections have consequences, having politically motivated folks in positions of power in the executive branch is one of those consequences.

    • This isn't just a Barr/Trump thing, unfortunately. The FBI has been trying to force Apple to build backdoors into the iPhone for them ever since encrypted iPhones were a thing. Remember that San Bernardino shooting that first brought the issue to the fore? That was the Comey FBI during the Obama administration.

      I think too many geeks still look at the FBI through the rose-colored 1990s filter of The X-Files. In real life, it's not Mulder and Scully fighting the power to uncover the truth. In real life,

  • Well there's your problem, Billy!

    You know, Saudi Arabia has the same laws as the IS, and was the actual origin of the 9/11 terrorists, right?

    Or are you *still* keeping that 'best (puppet) buddy "allies in the region"' story?

  • You mean lawful as in USA PATRIOT Act?

    Yeah, by that standard, the Nazis could have claimed the concentration camps were "lawful" too.
    Literally. (See: black sites.)

    You lawfulness means nothing anymore.
    How about legitimacy instead??

    • Got to love that "they are Nazis" rhetorical method.. Way to go!

      You cheapen the meaning of the term when you use it inappropriately like this. Please stop, for the love of history, just stop.

  • From the title, I thought this was about passing legislation to force cell phone companies to unlock your phone after you've fully paid it off, so you can use it on any carrier instead of being forced to remain with them if you don't want to buy a new phone.
  • Fuck you! Leave my phone alone!

  • I know a worse thing than crime and terrorism.

    Imagine a boot stepping on a human face...forever.

    Do not build tools that tyrants drool over in the first place. That's a very American principle in constitutional design.

  • Design the phones so that the manufacturer actually can't unlock it, at least without wiping all data.
  • make the law say they must do the same as they would if the What ever the China FBI is asked for help.

  • We cannot entrust either our rights or our safety to governmental units which exist for one sole purpose. We must, at a higher level, guide these units to work as part of a whole, without sacrificing any one for another.

    The FBI cannot be allowed to undermine our rights because it has a sole purpose of solving crime. Solving crime cannot be the justification for surrendering rights, nor revoking rights, nor criminalizing additional activity.

    We are people, we are citizens. Do not surrender yourself to a large

  • That Apple has a backdoor already, and this whole dog and pony shows exists to make people feel confident enough to put their deepest darkest shit on their iPhones?

    Just food for thought.

    • It's possible, just unlikely.

      I can give you two reasons why... 1. It would take more work on Apple's part to have the back door.. 2. If the backdoor existed, we'd have a different situation in the courts, where Apple couldn't say "We can't do that,' but would be saying "We won't help you" which is a totally different kettle of fish.

      • 2. If the backdoor existed, we'd have a different situation in the courts, where Apple couldn't say "We can't do that,' but would be saying "We won't help you" which is a totally different kettle of fish.

        If the backdoor existed, then Apple would say in court "We can't do that", decrypt the phone, and some terrorists would be in for a bad surprise.

  • It is legal to unlock the phone. Most importantly, the Federal Communications Commission (FCC) states that if consumers want it, all carriers should unlock their phones for free. Royal Assignment Help [royalassig...help.co.uk], you need to know if your phone is eligible for unlocking. The Flintshire County Council did not give the carrier a free ticket.
  • by nospam007 ( 722110 ) * on Tuesday May 19, 2020 @05:27AM (#60077534)

    Make some legislation to stop the glaciers from melting while you're at it.

  • Remember when the government sued Zimmerman over arms trafficking? Good times...

  • Classic use of propaganda by a bad actor:

    "...if not for our FBI's ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered."

    It's not that the information was "discovered", it's that it was exposed. Without work, the information would remain UNEXPOSED. That is how it should be. It should take work to violate protections inherently in place in a free society.

    "The bottom line: our national security cannot remain in the hands of big corporations..."

    N

  • Or a roll your own OS?

    • Or a roll your own OS?

      Great idea. We create fbiOS. And make a law that all terrorists and criminals have to install fbiOS on their phones. It doesn't come with a backdoor, but with a wide open frontdoor to placate all these liberals who want no backdoors.

  • "[I]f not for our FBI's ingenuity, some luck, and hours upon hours of time and resources, this information would have remained undiscovered." Translation: If not for police work, we would not have figured this out. Forcing companies to create a system that they can compromise means that these companies will have to work harder (designing a system to be highly secure for banking, etc., but also easily defeatable is much harder--perhaps impossible).

  • The really good lawyers work in the private sector.

  • Don't buy a phone from a company beholden to the US spy agencies. It's not a difficult deduction. Given a choice between trusting the Chinese and trusting the Septics, I'll trust the Chinese, because they don't lie about respecting privacy.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...