Read the text of the court order. That is not an option.

Am I reading the wrong court order then? Page 2, Lines 25-27 clearly state that the loading of the software may be done at an Apple facility, and I'm not seeing anything in the text stating that the software to achieve this unlock needs to be made available elsewhere or retained anywhere.

It's back up a few lines, on 14-17: "Providing the FBI with a signed iPhone software file, recovery bundle, or other Software Image File that can be loaded on the SUBJECT DEVICE"

They can load it in either location, but it still says to provide the bundle to the FBI.

Yes, but Paragraph 4 also gives Apple an out to reasonably modify the method as detailed in paragraph 3 as long as it achieves the goals as stated in 2. The FBI itself has no need to ever see or touch any part of the code and signing details, and wouldn't really have any grounds to whine or complain as long as paragraph 2 was fully complied with.

It is dicy and questionable, but the whole "The Sky is falling! and the end is near!" hyperbole is kind of weak.

"The Sky is falling! and the end is near!" hyperbole is kind of weak.

How so? It seems a big issue to me. This is radically different from most traditional court orders.

It is standard that they can be forced to produce documents or records if they have it. They can be compelled to allow eavesdropping or wiretaps. And they can be compensated for implementing features and technologies at the government's request, within reason.

But it absolutely is a "sky is falling" scenario for the three reasons I've mentioned earlier: (1) It is government-compelled speech, which is unconstitutional in the US. (2) It is an order to invent (or assist in attempting to invent) something they do not wish to invent, which is several lawyers have said is unprecedented in US law. (3) And even though the order permits them to attempt to lock it to a specific phone, it is still a bulk act as multiple police agencies have declared their intent to demand large numbers of the same action, unlocking a pile of phones; if they can be compelled once, they can be compelled again and again.

Each of those is a big issue.

I cannot imagine the order surviving the scrutiny of appeals.

Having read that order (hopefully, I found the correct one), I don't see why it's a problem for Apple to comply with it exactly to the letter. Apple got lawyers, yes? First, it speaks of one particular device including serial number, on the Verizon network, and reasonable technical assistance. For a network that you do not control, a reasonable answer would be: OK, unlickily there is nothing we can do, talk to Verizon. A signed OS image or similar is requested. Fine. The order is about exactly one device (explicitly stating the serial number), it does not require the signed OS image to work on any other device. Indeed, in the interest of national security (you don't want the KGB to hack the presiden's iPhone!) it is mandatory that it only works on exactly that single one device, which would be very **reasonable**. Writing per-user customized operating systems is a tedious, time-consuming task. Even more so as due diligence towards the millions of innocent users and the possible catastrophic impact will require very careful testing. As an optimistic estimate, it will take a minimum of around a year to have the software production ready. Which is entirely reasonable. The order requests that the built-in auto-erase functionality, whether enabled or not, does not trigger. It doesn't say that the TPM being erased as a standard procedure during a system image update is forbidden. It doesn't say that future versions of iOS (including any release from today onwards) may not use a different encryption algorithm. Which obviously requires re-encrypting all devices upon updating, prompting the owner for the passcode (not for unlocking the device, but for performing the upgrade). The device may not introduce additional delays upon unlocking, but nothing is being said about delays when re-encrypting, or about using using PBKDF2 with an iteration count in the two-digit millions in future (from today onwards) releases. It also requires that the FBI can submit passwords via bluetooth or WiFi **for testing**. Which doesn't mean it has to work at all outside of testing (note that it says "testing", not "testing passwords", therefore "testing the software" and "testing the device" are legitimate interpretations). So, for the purpose of testing the OS image, or for testing that the phone works properly, the FBI must be able to send passwords via bluetooth or WiFi. Fine. It does not say that any device must, under test conditions or otherwise, accept unlocking the device via bluetooth. It is merely required to accept a password via said means (but might still deny login due to policy forbidding login via bluetooth). The normal, desired behavior for any phone is, for obvious reasons, to not allow unlocking via network. This is reasonable. The FBI may certainly test that the software works properly (i.e. denies access), indeed they're doing you a favour in doing that kind of penetration testing. Of course, you cannot play that game forever, the FBI will go for an order with a better wording, but you can delay it for years and make the process immensely expensive. There is no doubt the FBI will eventually win, but the longer it takes, the more it turns into a pyrrhic victory.

Of course, you cannot play that game forever, the FBI will go for an order with a better wording, but you can delay it for years and make the process immensely expensive. There is no doubt the FBI will eventually win, but the longer it takes, the more it turns into a pyrrhic victory.

And therein lies the problem. Nobody wins in a pyrrhic victory. Apple can waste enormous resources on passive-aggressive shenanigans, or they can draw a line in the sand and take it to court. IANAL, but I suspect doing that after the court case is liable to land you in contempt.

Thinking about "reasonable", I deem it perfectly reasonable that any input such as passcodes that is to be accepted via WiFi is protected by TLS. Anything that goes over the network should always be protected by TLS, let alone passwords over wireless.

Also, to make sure that nobody but the FBI (who is entitled to do so) can abuse the feature, it is reasonable that they authenticate to the phone by providing a kind of master password prior to attempting to provide an unlock key, thereby activating the "special mod" for thei particular TLS connection.

Which means that a hash of the password must be stored in the executable image (sadly, there is no other way), and of course, since we are dealing with very sensitive information -- passwords --, best practice using a slow hash function with many iterations must be used. Otherwise someone could possibly read the hash from a leaked image, and reverse engineer the master password. It must be reasonably impossible to do that.

Best practice also requires that you drop the connection on repeated authentication failure. Which is no real hindrance to the FBI, they only need establish a new TLS connection and supply the master password again, which can happen fully automatically. No biggie. Unluckily, this requires negotiating a new session key and the phone verifying the master password again every 3 or so failures, but this is unavoidable, it is best practice and it is perfectly within the precise wording of the court order. No other delays are deliberately introduced to the evaluation of the 4-digit passcode, and it is perfectly reasonable -- even mandatory -- as it prevents dangerous foreign criminals from stealing vital data in case the tampered image is leaked.

Seeing how a lot of very crucial design decisions must be made, it might take Apple's development team a while, maybe 6 months to only assess and plan everything properly. They probably should write a design document first, too, and the DoD should assess, based on that 200-page design document, whether the planned security precautions are sufficient -- after all, pretty much every congress man owns an iPhone. That will only take a year or two, maybe three, I suggest they have their first orientation meeting in October. If any doubts arise about the planned approach, it is probably in everybody's interest to consider input from an independent group of security experts, that will only take another year or two. You don't want the Russian mafia to steal and crack the iPhone of GM's CEO, do you.

I do deem it perfectly reasonable, too, that software may contain bugs. This is especially true if one is not willing to give the developers enough time to reasonably test the software for correct operation. Let's just hope that a too hasty implementation contains no buffer overrun which accidentially overwrites the complete memory-mapped contents of user data.

And therein lies the problem. Nobody wins in a pyrrhic victory. Apple can waste enormous resources on passive-aggressive shenanigans, or they can draw a line in the sand and take it to court. IANAL, but I suspect doing that after the court case is liable to land you in contempt.

Thing is, Apple will always lose, going to court is not going to change it (but of course it also delays the thing). No judge will rule for Apple and against the FBI, no way.

They will never win, and they will not be able to not comply with the order.

But you can comply one way or the other. They can delay the process, and they can make the victory so bitter for the FBI that it will be hard to swallow. And, they can do the same thing again when the next one (say, City of NY who wants to read some pimp's messages) comes. Yeah, they can just subpoena, whatever. But Apple is not required to keep the source code of the OS image they gave to the FBI. So, unluckily, when the next one comes -- which they couldn't possibly anticipate -- they will need to start over again from scratch. Which will, again, take years. Unluckily.

To begin with, they can appeal because this directly threatens their business (the order even explicitly says that). The appeal will of course be turned down, but following that, they can still comply with the order in the most perverted possible way. Just so much that you can't say they aren't following it.

So, the FBI will win, inevitably, but Apple can delay this for a very, very long time, which is massively bad propaganda for the government every time the subject comes up again. If, against all odds, Trump is not elected, it might even happen that after two years of this shot going on and on, the president says: Oh please guys, just the fuck stop it, I can't hear this any more.

Eventually, the effect on the general public will make a difference, too. Many people probably still kind of agree (or don't care) because after all it's just one phone and the FBI is hunting terrorists. Which is what you want them to do, right.

Give it 3-4 years of shenanigans and repeated mention that it's not just one phone, and that many other people who aren't hunting terrorists would like to read another few thousands of phones already have put on their Stasi badges, and it soon becomes "unaffordable" for a politician. Time totally plays against them.

Having read that order (hopefully, I found the correct one), I don't see why it's a problem for Apple to comply with it exactly to the letter. Apple got lawyers, yes?

Yes, that was intentional.

Apple's lawyers helped draft the agreement, and they intentionally helped craft it into something they could follow if they were compelled, but that they intended to fight.

It was as clean as they could get it. Since they said it would be challenged, they wanted everything about it to be as clear and direct as could be. There should be no technical problems with it, only direct legal challenges that could be answered by findings of law, not debating findings of fact. It is an order they can comply with if forced, but believe to be unlawful.

If they are compelled (against their will) to do it, they wanted to add as many protections as they could to minimize the impact. If all the appeals courts and even the supreme court forces the issue, it is an order they can comply with to the letter with the hopefully least possible ramifications.

Apple's lawyers helped draft the agreement, and they intentionally helped craft it into something they could follow if they were compelled

Ah, that explains, thank you for pointing that out. In that case, you have to congratulate them because they did a really, really good job.

Hence my surprise whence the roar up. After having read the actual document, and thinking this was what the FBI had asked to start with, I had the impression it was mostly about being "upset in general" (a kind of fight-the-establishment-out-of-principle attitude or something) because what is in that document seemed quite "OK" to me (as much OK as any such a demand can be, in any case it contains enough opportunity to follow it to the letter without doing real harm to anyone).