FBI Unlocking Method Won’t Work on Newer Phones

The Apple logo is pictured at its flagship retail store in San Francisco

Reuters) – The Federal Bureau of Investigation’s secret method for unlocking the iPhone 5c used by one of the San Bernardino shooters will not work on newer models, FBI Director James Comey said.

“We have a tool that works on a narrow slice of phones,” Comey said at a conference on encryption and surveillance at Kenyon University in Ohio late on Wednesday.

Apple’s shares were down 1.3 percent at midday.

Comey added that the technique would not work on the iPhone 5s and the later models iPhone 6 and 6s. The iPhone 5c model was introduced in 2013 and has since been discontinued by Apple as newer models have become available.

The Justice Department said in March it had unlocked the San Bernardino shooter’s iPhone with the help of an unidentified third party and dropped its case against Apple Inc, ending a high-stakes legal clash but leaving the broader fight over encryption unresolved.

As the technique cannot be used to break into newer models, law enforcement authorities will likely have to lean on Apple to help them access the devices involved in other cases.

The Justice Department has asked a New York court to force Apple to unlock an iPhone 5s related to a drug investigation. Prosecutors in that case said they would update the court by April 11 on whether it would “modify” its request for Apple’s assistance.

If the government continues to pursue that case, the technology company could potentially use legal discovery to force the FBI to reveal what technique it used, a source familiar with the situation told Reuters.

Apple and the FBI were not immediately available for comment.

The FBI began briefing select U.S. senators this week about the method used to unlock the San Bernardino iPhone.

Up to Wednesday’s close of $110.96, Apple’s shares had risen more than 5 percent this year.

(Reporting by Narottam Medhora in Bengaluru and Dustin Volz in Washington; Editing by Saumyadeb Chakrabarty)

FAA to Allow Drones to Fly over Public

Airplane flies over a drone during the Polar Bear Plunge on Coney Island in the Brooklyn borough of New York

WASHINGTON (Reuters) – A Federal Aviation Administration advisory panel on Wednesday recommended that regulators set new rules allowing drones to fly over members of the public if the aircraft meet new standards to minimize the danger of physical injuries from collisions.

A report issued by the 27-member panel, which included representatives from the drone, aviation and technology industries, recommended that the FAA limit the risk of serious injury to less than 1 percent but allow drone makers to determine whether their products meet the standard.

An FAA official said the agency will consider the panel’s recommendations as it crafts new regulations that could eventually allow commercial drone flights over people, an option that is vital to plans for package delivery services being pursued by online commerce companies Amazon.com and Alphabet Inc’s Google.

Commercial drone flights are largely banned in the United States. But the FAA is expected to issue final regulations later this year that would allow limited commercial drone operations. The first proposed rules allowing flights over people would emerge much later, said the FAA official, who declined to provide a timeline.

(Reporting by David Morgan; Editing by Jonathan Oatis)

Apple, Google Products Target of Court Order

Apple Logo inside Corporate offices

SAN FRANCISCO (Reuters) – The American Civil Liberties Union on Wednesday said it had identified 63 cases across the U.S. in which the federal government asked for a court order compelling Apple Inc or Google to help access devices seized during investigations.

The cases predominantly arise out of investigations into drug crimes, the ACLU said, adding that the data indicate such government requests have become “quite ordinary.”

Representatives for the Justice Department and Apple declined to comment.

A spokesman for Google, a unit of Alphabet Inc, declined to say how frequently it has cooperated with All Writs Act requests or orders, and how often it has contested them.

The Justice Department previously disclosed that Apple has received 70 court orders requiring it to provide assistance since 2008, which it obeyed without objection.

However, last October Apple contested a Justice Department demand for assistance in a Brooklyn drug case. Since then, Apple has objected to several other government requests for help accessing devices across the country, the company said in a court filing last month.

A U.S. judge in Brooklyn agreed with Apple and ruled that Congress has not authorized the government to ask for the help it demanded of the company. The Justice Department has appealed that ruling.

The ACLU report comes after the Justice Department withdrew a request for Apple’s assistance in California, saying on Monday it had succeeded in unlocking an iPhone used by one of the shooters involved in a rampage in San Bernardino in December without Apple’s help.

Other cases involving government requests for Apple’s help are still pending.

A variety of Apple and Google products have been targeted by court orders, according to the ACLU report. In one, an Apple iPhone 5 was seized by a man arrested in 2013 for importing methamphetamine from Mexico.

A California court ordered Apple to help the Justice Department bypass the passcode and copy data onto an external hard drive. The order does not specify which operating system was running on the phone.

(Reporting by Dan Levine)

U.S. says it may not need Apple to open San Bernardino iPhone

(Reuters) – U.S. prosecutors said Monday that a “third party” had presented a possible method for opening an encrypted iPhone used by one of the San Bernardino shooters, a development that could bring an abrupt end to the high-stakes legal showdown between the government and Apple Inc.

A federal judge in Riverside, California, late Monday agreed to the government’s request to postpone a hearing scheduled for Tuesday so that the FBI could try the newly discovered technique. The Justice Department said it would update the court on April 5.

The government had insisted until Monday that it had no way to access the phone used by Rizwan Farook, one of the two killers in the December massacre in San Bernardino, California, except to force Apple to write new software that would disable the password protection.

The Justice Department last month obtained a court order directing Apple to create that software, but Apple has fought back, arguing that the order is an overreach by the government and would undermine computer security for everyone.

The announcement on Monday that an unnamed third party had presented a way of breaking into the phone on Sunday – just two days before the hearing and after weeks of heated back-and-forth in court filings – drew skepticism from many in the tech community who have insisted that there were other ways to get into the phone.

“From a purely technical perspective, one of the most fragile parts of the government’s case is the claim that Apple’s help is required to unlock the phone,” said Matt Blaze, a professor and computer security expert at the University of Pennsylvania. “Many in the technical community have been skeptical that this is true, especially given the government’s considerable resources.”

Former prosecutors and lawyers supporting Apple said the move suggested that the Justice Department feared it would lose the legal battle, or at minimum would be forced to admit that it had not tried every other way to get into the phone.

In a statement, the Justice Department said its only interest has always been gaining access to the information on the phone and that it had continued to explore alternatives even as litigation began. It offered no details on the new technique except that it came from a non-governmental third party, but said it was “cautiously optimistic” it would work.

“That is why we asked the court to give us some time to explore this option,” a spokeswoman for the Justice Department, Melanie R. Newman, said. “If this solution works, it will allow us to search the phone and continue our investigation into the terrorist attack that killed 14 people and wounded 22 people.”

It would also likely end the case without a legal showdown that many had expected to reach the U.S. Supreme Court.

An Apple executive told reporters on a press call that the company knew nothing about the Justice Department’s possible method for getting into the phone, and that the government never gave any indication that it was continuing to search for such solutions.

The executive characterized the Justice Department’s admission Monday that it never stopped pursuing ways to open the phone as a sharp contrast with its insistence in court filings that only Apple possessed the means to do so.

Nate Cardozo, staff attorney at the Electronic Frontier Foundation, a civil liberties group backing Apple, said the San Bernardino case was the “hand-chosen test case” for the government to establish its authority to access electronic information by whatever means necessary.

In that context, he said, the last-minute discovery of a possible solution and the cancellation of the hearing is “suspicious,” and suggests the government might be worried about losing and setting a bad precedent.

But George Washington University law professor Orin Kerr, a former Justice Department computer crime prosecutor, said the government was likely only postponing the fight.

“The problem is not going away, it’s just been delayed for a year or two,” he said.

Apple said that if the government was successful in getting into the phone, which might involve taking advantage of previously undiscovered vulnerabilities, it hoped officials would share information on how they did so. But if the government drops the case it would be under no obligation to provide information to Apple.

In opposing the court order, Apple’s chief executive, Tim Cook, and his allies have argued that it would be unprecedented to force a company to develop a new product to assist a government investigation, and that other law enforcement agencies around the world would rapidly demand similar services.

Law enforcement officials, led by Federal Bureau of Investigation Director James Comey, have countered that access to phones and other devices is crucial for intelligence work and criminal investigations.

The government and the tech industry have clashed for years over similar issues, and Congress has been unable to pass legislation to address the impasse.

(Reporting by Joseph Menn, additional reporting by Mari Saito; Editing by Leslie Adler and Andrew Hay)

Facebook Privacy Concern for EU Citizen Continues

Like us on Facebook

The European Union’s (EU) highest court gave their opinion on a security matter concerning Facebook handing over user data of EU citizens to United States officials. The opinion of the European Court of Justice ruled that the data sharing rules between Europe and the U.S. were “invalid.”

An agreement was reached in 2000 between Europe and the U.S. allowing tech firms to transfer user data in huge quantities to U.S. servers. However, the court believes the deal is no longer valid due to recent allegations of mass spying by U.S. intelligence agencies.

The case was brought forward by activist and Austrian law student Max Schrems. Schrems was concerned with how his personal data could be transferred to the U.S. through Facebook. To illustrate the problem, he used documents leaked by Edward Snowden.

“This finding, if confirmed by the court, would be a major step in limiting the legal options for U.S. authorities to conduct mass surveillance on data held by EU companies, including EU subsidiaries of U.S. companies,” Schrems said in a statement.

A final ruling is expected later this year. If ruled in favor of Schrems, Facebook’s European branch in Ireland “would be barred from processing its data in the U.S., but would have to process its data in a place where those data are not subject to NSA mass-surveillance,” Herwig Hofmann, a lawyer representing Schrems, told reporters.

Facebook continues to state that have broken no laws and are in complete compliance with the EU Data Protection Law.

“We have repeatedly said that we do not provide ‘backdoor’ access to Facebook servers and data to intelligence agencies or governments,” said Facebook spokeswoman Sally Aldous.

The case is: C-362/14, Maximillian Schrems v. Data Protection Commissioner.

Homeland Security Admits Cybersecurity Bill Could “Sweep Away Important Privacy Protections”

The Department of Homeland Security has given some powerful ammunition to opponents of a new cybersecurity bill, admitting that the bill could trample some privacy protections for citizens.

Answering a query from Minnesota Senator Al Franken, the deputy secretary of Homeland Security admitted the bill “could sweep away important privacy protections” and that the proposed legislation “raises privacy and civil liberties concerns”.

The bill in question, the Cybersecurity Information Sharing Act, could reach the Senate floor as early as Wednesday.

The bill would allow private companies such as Experian, which tracks information from loyalty cards at businesses to track customer movements, to expand their reach.

Section 4 of CISA states: “[a] private entity may, for cybersecurity purposes, monitor A) the information systems of such a private entity; B) the information systems of another entity, upon written consent of such other entity […] and D) information that is stored on, processed by, or transiting the information systems monitored by the private entity under this paragraph.”

The bill was introduced by California Democratic Senator Dianne Feinstein who says the bill “incentivizes” the sharing of cybersecurity information.

“It responds to the massive and growing threat to national and economic security from cyber intrusion and attack, and seeks to improve the security of public and private computer networks by increasing awareness of threats and defenses,” Ms. Feinstein has stated about CISA.

Groups such as the American Civil Liberties Union and the Electronic Frontier Foundation are calling on members to contact their Senators to vote against the bill, saying it is a violation of citizen’s rights.

One of the bill’s biggest opponents in the Senate is Oregon Senator Ron Wyden, who says the bill doesn’t promote cybersecurity but rather erases protections for many citizens.

“Right now, we are seeing the government is having trouble keeping its own data security,” Wyden told the Huffington Post. “But now Congress is setting up an arrangement where companies are going to hand over enormous amounts of additional private and personal information. That just doesn’t add up.”

Canada Moves To Expand Spy Power

On the heels of France approving dramatic expansion of their spy powers which would allow the government to collect the metadata of all citizens without a warrant, now Canada is moving toward expanding their spy powers.

The Anti-Terror Act was spurred by last year’s attack on the Parliament.  The bill flew through House of Commons and Prime Minister Stephen Harper has been a strong supporter of the bill.  The Senate is expected to approve the act before June.

The act gives the spy agency permission to work overseas along with making preventative arrests of terrorism suspects.  The police would also be allowed to make arrests and detain individuals without a charge.  Promotion of terrorism by any means including the internet would become a crime.

“There is a high probability of jihadist attacks from within,” Canadian Defence Minister Jason Kenney said. “The threat of terrorism has never been greater.”

Critics say the bill is too sweeping.  The opposition includes four former Prime Ministers and five justices of the Canadian Supreme Court.

“This bill will almost certainly lead to a chill on freedom of speech,” said Allan Weiss, professor of humanities at York University. “It is filled with vague wording that would make it possible for the government to label virtually anything it disagreed with as harmful to Canada’s national interests.”