The Devil can quote Scripture to his purpose


Never had much use for Apple, and even less for Steve Jobs, the guy who made jail seem cool, as Richard Stallman said. So it was with some surprise that I found Apple on the side of the angels, resisting an FBI demand — supported, of course, by Obie — that they create a backdoor into the security software on their phones.

The technical details of this wrangle have been poorly explained in the media, so perhaps it’s useful to do so here. This stuff, at this level, really isn’t hard.

Phones like the one the San Bernardino shooter had possess a security feature, which is not enabled by default, as I understand it, but can be enabled by the user. It works like this: A certain number of unsuccessful password attempts, and the phone wipes all its data. The assumption is that after that number, the phone has fallen into hands other than the user’s, and those hands are attempting a brute-force password-guessing attack. Which, of course, will sooner or later succeed, and much more often sooner than later.

Now this is a nice feature. It has what are by computing standards ancient antecedents: Unix systems, since the late Pleistocene, have locked a user account after a certain number of consecutive failed login attempts.

What the Fibbies want Apple to do is write custom software — and give it to them — software which will disable this security feature, and permit J Edgar’s boiz to run a brute-force attack on this phone, and of course on any other phone which falls into their hands, or say the Israelis’ hands, or the Saudis’, or the Brits’, or any of our other disreputable ‘allies’, or for that matter into the hands of any crook who bribes a Fibbie to give him the software.

Physical analogies for data security systems are always problematic, but roughly speaking, this is not like asking Apple to hand over the physical key to a house, a key which happens to be in Apple’s possession, for some reason. Apple — as far as we know — doesn’t know the password (though I wouldn’t put anything past them; but that’s another topic). In the physical-equivalent world, this would be like saying that Apple doesn’t possess the key.

What this is like doing is demanding that the manufacturers of locks build locks which are guaranteed breakable. This is Apple’s claim, and so far, it has a certain plausibility.

However there is a further wrinkle.

The reason why this demand is even possible at all is that Apple phones have a huge, glaring security hole already. The operating system of the device — the software that controls it — can apparently be overwritten and replaced with other software, even without the owner’s password, or for that matter without the owner’s knowledge.

The phone, however, won’t accept such new software unless it is digitally signed with a key that Apple does possess. So in theory, such software couldn’t be written, or rather signed, by just anybody.

So our physical analogy has to change somewhat. What Apple has done is produce a lock which is already compromised — compromised by design. It has a second keyhole, if you like, to which Apple has the key. The cops are demanding that Apple give them that key, a key that they can copy at will, and share with whomever they please, and use on whatever lock they please.

Now I am not a lawyer, but if I understand the matter at all, this state of affairs means that Apple has already forfeited, for these phones, whatever tenuous legal protections privacy still has in the United States, and moreover, has forfeited them on behalf of who knows how many of its customers.

This needn’t have been the case. All they had to to was provide that software upgrades couldn’t be done without the device owner’s password — subject to the usual autodestruct behavior, if enabled. But they didn’t do that. This isn’t a subtle thing, that somebody overlooked. It’s too big for a bug. It must be a feature.

So…. what were they thinking of?

Guesses welcomed. I have a couple of my own, which I will share in due course.

Meanwhile, the usual complicit media treatment of Apple continues to depict them as the guys in the white hats.

I suppose, by comparison with the FBI, they do in fact look pretty good. But that’s setting the bar rather low.

6 thoughts on “The Devil can quote Scripture to his purpose

  1. in case you missed it, much similar:

    what b/n the superbowl, the oscars, the election cycle, etc., i assumed this was self-preening by Apple, like in “priscilla, queen of the desert”. they put a bright tolerant star by their own name the day they took a stance against some state-level fag-bashing (Iowa?) and then a building collapsed on their half-starved slaves chained to their unventilated work stations w/the fire exits bolted shut in Apple City, Chu Chin Chow Province, China. Its all a bright happy fascistic Mickey & Minney Small World After All on the outside, but on the inside…it’s the garbage Wall-E is cleaning up?

  2. Need more about Tinker Bell. Can’t stop thinking about Tinker Bell.
    Stop me before I Tink er Bell again.
    Oh, and yes, I can quote Scripture.
    Too my purpose, whatever that may be.
    More to come about “Bernie” and “Donald” . Much more. In the old pipeline!

  3. See, it’s like this. Peter Pan refuses to grow up! This is his Power! But Tink er Bell demands that her magnificent Bell be Tinkered with! This provides the drama. What will be the outcome from this?

    Stay tuned.

  4. “I suppose, by comparison with the FBI, they do in fact look pretty good. But that’s setting the bar rather low”

    Apple doesn’t have the power to arrest you. But other than that I suppose the difference is small. Both the FBI and Apple will track you, listen in on you, spy on you, infiltrate your groups, and use your thoughts and actions against you.

    So pick your poison. Or!!! Don’t own a cell phone.

  5. Is it that easy to make OS reinstallation password protected? One would, I gather, have to rely on firmware (the phone’s BIOS equivalent) to enforce this feature. But the firmware itself could simply be replaced. Apple–being a control freak–has measures to prevent firmware tampering. But these measures aren’t flawless, as Jailbreaking shows.

    Saying that, Apple is trying to sell itself as the goto for the security minded all while removing as much end user–and software developer–control over their operating systems as possible. While Apple’s centralized control may not make their devices inherently insecure, it certainly makes them untrustworthy.

  6. (I slid on ice, fell down, broke my left elbow, and injured the tendons severely on New Year’s Eve. So I’ve been taking pain pills that make me loopy. So I’ve been loopier than normal, and I guess it shows. The pain is slowly easing, so I can usually go without the pills now. Now it’s just a matter of dealing with the pain, so I’m going to be sort-of “frail.”)

    I didn’t want to think about the the FBI’s Apple smart phone problem, for some reason, probably going back to an experience long ago working for a Japanese-run (geosynchronous) satellite communications firm. Working for Japanese management was much different than working for Americans; Japanese companies seem to operate in a military fashion, and the bosses are ridiculously obsessed with status. And this translates into their facilities needing to have all the bleeding edge electronics kit, since such important people obviously deserve to have the latest and greatest gear in their shops, which were labs, really. The million dollar equipment made the place look sort of like the Star Trek bridge.

    Word came down one day that we were to use some of the gear to listen to international telephone calls, so we spent a day listening to people’s most intimate private calls. I didn’t really enjoy listening to this, and it made me feel corrupted and besmirched. If people knew that with the right equipment and settings anyone could listen in on these calls! The biggest point was that the average person swims in a vast ocean of ignorance, and probably would never use a phone in the same way otherwise. I truly believe that simple ignorance is the primary glue that holds society together. And once you have seen too many such things you will probably have to become a conspiracy theorist (social chastity skeptic), if only unconsciously.

    Regarding the phone deal; the science and technology world is getting much more complex; probably too complex for the courts to deal with. One thing the computer world and the lawyer world have, in a sense, have in common is the extensive use of metaphors. Computer people compulsively reach for them, and lawyers seem to rely on them. However, there are metaphors that are dangerously misleading. So-called computer languages are not at all similar to so-called natural languages, and this has led to all sorts of theoretical madness. Nonetheless, MJS’ lock and keys metaphor for using passwords seems apt, and a court would likely accept it eagerly. That way, they can pretend to understand the situation (they have giant egos, so of course they understand everything). Except that in this case, if you try ten wrong keys, the house explodes. I have almost no faith in courts, anyway. It looks like they just sugarcoat an ugly ritual to exorcise the stains in all our dirty social laundry (a metaphor). My guess is there already is a back door (metaphor) anyway. So if the courts direct Apple to open it, this could get interesting. There is some chance that Apple would simply pretend to fail.

Leave a Reply