Instead of Apple tasking a coder to work on cracking that iPhone...

[Troy Benjegerdes]

On Thu, Feb 25, 2016 at 01:20:55PM -0500, Steve Kinney wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 02/25/2016 10:51 AM, Rayzer wrote:
> > Georgi Guninski wrote:
> >> On Wed, Feb 24, 2016 at 04:06:27PM -0800, Rayzer wrote:
> >>> FWIW I don't see how the feds can force Apple to assign an
> >>> employee to do anything not in their job description
> >>> without violating that employee's contract, or their civil
> >>> rights, and writing code to crack phones isn't in any Apple
> >>> job description, but tightening phone security is...
> >>> 
> >> I am pretty sure this won't stop Apple if they want to unlock
> >> it.
> >> 
> >> Are you familiar with their job descriptions (I am not)?
> > 
> > It might fit in the QA end of the biz. Someone has to test
> > security. Whether your agreement with the company allows them
> > to 'contract' you to a 3rd party's task... I REALLY doubt it
> > judging from my industrial end (drive manufacturing)
> > experience. They're really REALLY concerned about letting any
> > information about the creation of the product out of their 
> > grasp. It probably violates you confidentiality and
> > intellectual property agreement with the company.
> > 
> > Can the government make you violate that agreement? Can they
> > make Apple change it's agreement with you? Can the government
> > force you to change a worker's job description or hire/accept a
> > government contract worker or employee?
> > 
> > Iow, tell you how to run your business...
> > 
> > Dunno. But IF an employee claimed confidentiality and
> > intellectual property agreement as rationale for
> > non-cooperation... Would the government also go after that
> > employee? Force Apple to discipline or fire them?
> 
> Insubordination is always grounds for dismissal, unless an
> employee is ordered to break the law or expose him or herself to
> legally banned workplace hazards.  So Apple could handle
> non-cooperation problems without involving the Feds:  If we was
> Apple, would we want to piss off a client so big that it is a
> lucrative market all its own, just to indulge some ungrateful
> non-team-player's personal snit fit?  What would Apple board
> member Ronald D. Sugar, former chairman and CEO of Northrop
> Grumman, say about that?
> 
> If Apple receives a Court order or lands a contract that requires
> re-purposing staff, they can just hire any skill sets they don't
> already have on hand.  If special NDAs or even Federal security
> clearances are required, no problem:  If it's a contract matter,
> the additional costs are included in the bid; if it's a Court
> order, Apple can ask for and most likely receive "reasonable"
> compensation for following lawful orders.
> 
> >> According to links here from this month, few years ago Apple
> >> unlocked many phones per feds requests.
> >> 
> > Yes, but those phones didn't have the self-destruct code if I
> > remember correctly. Apple claims it can't work around it.
> 
> "Self destruct?"  It is to laugh.  "Can't work around it?"
> Hilarious.
> 
> These propositions only work if we assume Apple does not have an
> in-house capability to analyze, troubleshoot and re-program its
> own hardware, does not have the technical capability to read from
> the storage media in its own devices, and lacks the engineering
> staff and/or data necessary to alter Apple brand software.  In the
> case of any such deficiencies, Apple (or the FBI) can hire any
> required reverse-engineering done, under NDA (or gag order).
> 
> If Apple did not already do whatever was asked of them with regard
> to one iPhone formerly owned by one criminal suspect, the FBI can
> bring in the NSA on the basis of mere "suspicion" that the case
> may have a link to non-U.S. persons.
> 
> Instead we get a legal dispute and minor media sideshow based on a
> pile of false assertions by /both/ parties, apparently in
> collusion, with the apparent intent of creating a legal precedent
> for mandatory back doors in U.S. personal electronics - and/or
> public demand for legislation to that effect.
> 
> The words "Security Theater" come to mind, but with a stronger
> than usual connotation of "Security Propaganda and Disinformation."

Quite. 

This doesn't seem like some 'minor' legal dispute, however. 

We have the makings for a nice constitutional crisis with the
supreme court justice most known for siding with defendants
out of the picture.

This really seems like Clipper Chip 2.0, but instead of the NSA,
which seems to at least understand the fundamentals of crypto and
spycraft, we have the FBI engaged in a *public* battle for legal
precedent, vs what appears to be an ever-expanding number of 
companies who are starting to recognize the potential negative 
impact and risk to their business if a little forum-shopping
can find your competitor a judge that will make you hand over
the keys.

As for public demand... Well, we used to think the public demanded
the defense of marriage. When I see that only 51% support the FBI
in the demand for unlocking, that's a number well worth investing
in a marketing campaign for extending the 4th amendment devices 
and their cryptosystems, if for no other reason than to lower long
term 'compliance' costs of having to hand over keys to every 
lokel yokel sheriff who wants to see what their ex-wife's been up
to.