Apple's encryption battle
To get back at Apple, GOP congressman introduces pointless bill
Amazon removed device encryption from Fire OS 5 because no one was using it
Apple’s new ally in unlocking battle: A man whose wife was shot 3 times in attack
FBI is asking courts to legalize crypto backdoors because Congress won’t
Apple prevails in forced iPhone unlock case in New York court
View all…
The San Bernardino District Attorney told a federal judge late Thursday that Apple must assist the authorities in unlocking the iPhone used by Syed Farook, one of the two San Bernardino shooters that killed 14 people in a killing rampage in December.
The phone, which was a county work phone issued to Farook as part of his Health Department duties, may have been the trigger to unleash a "cyber pathogen," county prosecutors said in a brief court filing. "The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network.
The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure," according to a court filing (PDF) by Michael Ramos, the San Bernardino County District Attorney.The development represents the first time any law enforcement official connected to the investigation provided any indication of what the authorities might discover on the phone. The county declined to directly comment.
A spokesman, David Wert, told Ars in an e-mail that "The county didn't have anything to do with this brief.
It was filed by the district attorney." The DA's office, which did not immediately respond for comment, followed up with a statement to Ars, saying that there is a "compelling governmental interest in acquiring any evidence of criminal conduct, additional perpetrators, potential damage to the infrastructure of San Bernardino County, and in protecting the California Constitutionally guaranteed due process rights of the victims, deceased and living, arising from state crimes committed on December 2, 2015." Jonathan Zdziarski, a prominent iPhone forensics expert, said in a telephone interview that the district attorney is suggesting that a "magical unicorn might exist on this phone." "The world has never seen what he is describing coming from an iPhone," Zdziarski said. "I would expect, I would demand, in order to make that statement at all, he should make some kind of proof." It sounds like he’s making up these terms as he goes. We've never used these terms in computer science.
I think what he’s trying to suggest is that Farook was somehow working with someone to install a program on the iPhone that would infect the local network with some kind of virus or worm or something along those lines.
Anything is possible, right? Do they have any evidence whatsoever to show there is any kind of cyber pathogen on the network or any logs or network captures to show that Farook's phone tried to introduce some unauthorized code into the system? In a follow-up e-mail, Zdziarski added: "This reads as an amicus designed to mislead the courts into acting irrationally in an attempt to manipulate a decision in the FB'Is favor.
It offers no evidence whatsoever that the device has, or even might have, malware on it.
It offers no evidence that their network was ever compromised.
They are essentially saying that a magical unicorn might exist on this phone." At issue is the Federal Bureau of Investigation wants Apple to create software to help it bypass the passcode lock to enable the authorities to gain access to the iPhone.
Apple is fighting a Southern California magistrate's order that it do that. Oral arguments are set for March 22 in federal court, in which Apple hopes to change the magistrate's mind. The government claims that a 1789 law, known as the All Writs Act, allows judges to issue orders despite there being no law on the topic.
The phone, which was a county work phone issued to Farook as part of his Health Department duties, may have been the trigger to unleash a "cyber pathogen," county prosecutors said in a brief court filing. "The iPhone is a county owned telephone that may have connected to the San Bernardino County computer network.
The seized iPhone may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure," according to a court filing (PDF) by Michael Ramos, the San Bernardino County District Attorney.The development represents the first time any law enforcement official connected to the investigation provided any indication of what the authorities might discover on the phone. The county declined to directly comment.
A spokesman, David Wert, told Ars in an e-mail that "The county didn't have anything to do with this brief.
It was filed by the district attorney." The DA's office, which did not immediately respond for comment, followed up with a statement to Ars, saying that there is a "compelling governmental interest in acquiring any evidence of criminal conduct, additional perpetrators, potential damage to the infrastructure of San Bernardino County, and in protecting the California Constitutionally guaranteed due process rights of the victims, deceased and living, arising from state crimes committed on December 2, 2015." Jonathan Zdziarski, a prominent iPhone forensics expert, said in a telephone interview that the district attorney is suggesting that a "magical unicorn might exist on this phone." "The world has never seen what he is describing coming from an iPhone," Zdziarski said. "I would expect, I would demand, in order to make that statement at all, he should make some kind of proof." It sounds like he’s making up these terms as he goes. We've never used these terms in computer science.
I think what he’s trying to suggest is that Farook was somehow working with someone to install a program on the iPhone that would infect the local network with some kind of virus or worm or something along those lines.
Anything is possible, right? Do they have any evidence whatsoever to show there is any kind of cyber pathogen on the network or any logs or network captures to show that Farook's phone tried to introduce some unauthorized code into the system? In a follow-up e-mail, Zdziarski added: "This reads as an amicus designed to mislead the courts into acting irrationally in an attempt to manipulate a decision in the FB'Is favor.
It offers no evidence whatsoever that the device has, or even might have, malware on it.
It offers no evidence that their network was ever compromised.
They are essentially saying that a magical unicorn might exist on this phone." At issue is the Federal Bureau of Investigation wants Apple to create software to help it bypass the passcode lock to enable the authorities to gain access to the iPhone.
Apple is fighting a Southern California magistrate's order that it do that. Oral arguments are set for March 22 in federal court, in which Apple hopes to change the magistrate's mind. The government claims that a 1789 law, known as the All Writs Act, allows judges to issue orders despite there being no law on the topic.