It’s Fanmail Friday with perspectives on Apple’s encryption fight from SysAdmins law enforcement and more. Plus why one mobile carrier in Europe is putting in network-level ad blocking.Tom Merritt and Darren Kitchen discuss and Len Peralta illustrates.
Using a Screen Reader? Click here
Multiple versions (ogg, video etc.) from Archive.org.
Please SUBSCRIBE HERE.
Follow us on Soundcloud.
A special thanks to all our supporters–without you, none of this would be possible.
If you are willing to support the show or give as little as 5 cents a day on Patreon. Thank you!
Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!
Big thanks to Mustafa A. from thepolarcat.com for the logo!
Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit
Show Notes
To read the show notes in a separate page click here!
I know I’m late to this conversation, but I had a thought that might explain why Apple is taking such a hard line against what seems like a reasonable, limited request.
What if, by reverse-engineering the patch, the FBI (or some other three-letter agency) can find a vulnerability in the iOS software that could be exploited on other iPhones without needing a signed update or a court order?
If Apple is depending to any degree on security-through-obscurity, or is aware of some flaw in the way their security is implemented, that would be a good reason to not want to leak any information about it.
I’d also like to say I’m a little disappointed at the level of FUD being expressed by privacy advocates. If it’s true (and everyone seems to agree that it is) that Apple can create an update that can only be used on one targeted phone, and can’t be altered without rendering it invalid, that’s not a universal back door. That’s more like disabling the alarm on one specific building while the FBI picks the lock on the front door.
I happy for apple to be taking on this fight. I hope they lose and be made to comply. My problem with thus story is the fact that apple gas the ability to create this software. I want them to lose and hope that the next OS will implement security that is secure from apple also. I want real security, not this PR security we currently have on all our phones.
BTW, I agree with Tom on this issue. This is a reasonable request from the FBI.
Why not just have a security feature that unless the user checks in every 12 hours (user defined) the phone and iCloud wipe and brick. Legal “red tape” always takes longer than 12 hours.
As I watch the Apple case, I wonder what the NSA and US DoD have to say on the matter of the “wipe after X failed attempts” setting. A quick search shows the NSA has recommended this in publications, and the DoD seems to be requiring a max failed attempts setting in the iOS 9 STIG (AIOS-01-080005).
If Apple loses in court, what is the downstream impact? It is interesting to hear “the government” assert that these settings are bad in that they violate law, and other parts of “the government” recommend and/or require their use.
Love the show, and happy to be a Patreon supporter!
Quick clarification. The FBI doesn’t assert that the wiper after X attempts violates the law. They’re asking for a tool to help them get around it in this instance.