But couldn't they write a modified iOS software themselves (obviously not easy as cake, but for the sake of the argument) and use a NSL to get Apple's key to sign the update?
It seems like having the update signed is the issue, not writing the update.
Edit: When looking at the scope of the NSL, it seems like only metadata can be requested, not arbitrary stuff. IANAL, but it seems like using an NSL makes no sense.
>it seems like only metadata can be requested, not arbitrary stuff
I think that Ladar Levison would disagree with that comment. According to wikipedia "US government ordered [Ladar] to turn over its Secure Sockets Layer (SSL) private keys" [0] which imho would be no different that forcing apple to turn over a software-signing key.
>In an interesting work-around, Levison complied the next day by turning over the private SSL keys as an 11 page printout in 4-point type. The government, not unreasonably, called the printout “illegible.”
>“To make use of these keys, the FBI would have to manually input all 2,560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data,” prosecutors wrote.
This never made much sense to me. Even the capital letter W at 12 point repeated 2,560 times fills up 1 page plus another 10 lines. Maybe 2,560 bytes printed out as ones and zeros? That still seems like it would only work out to 11 pages at 12 point.
They could try. Apple would no doubt challenge both the NSL and the associated nondisclosure order (if one were issued with the NSL) in the courts, though. NSLs aren't magic.
Who's to say they haven't already tried actually? From what I understand, an NSL could be presented and it's validity argued but it would never be presented in an open court.
> From what I understand, an NSL could be presented and it's validity argued but it would never be presented in an open court.
Both the validity of the NSL and the application of a nondisclosure ("gag") order to an NSL (not all NSLs are inherently gag-ordered) are reviewable by court, and gag orders have been struck down by courts.
So its not at all the case that an NSL would never be discussed in open court. Still, its impossible to say what NSLs have been issued with gag orders that haven't been struck down, since those particular orders would not be publicly disclosed.
However looking at Lavabit example they could do the same with Apple - ask them for the key (in digital form so Apple won't print it with font size 4) and then sign their trojan software themselves using it!
If there were true rule of the law and everyone would have been treated equally in US, then either both Lavabit and Apple should give out signing keys, or none at all.
Lavabit was forced and had no choice. As far as my reading and understanding goes, the Gov created some sort of loophole where Lavabit was denied a hearing and because of lack of hearing he was... found guilty (catch 22). I'm sure others can shed more light...
Lavabit did it to themselves. They initially subpoenaed just the account they were interested in. Lavabit claimed it was not possible to comply, so the next request was for master keys.
At this point, Lavabit could've complied by just handing over the original data, but instead decided to get cute. "Contempt of court" is an aptly named crime.
To be fair, Lavabit was out of compliance with legal government orders (they had access to accounts but was withholding on moral grounds). Forcing Apple to hand over "the keys to the kingdom" so as to forge software on their behalf might still lie outside of established governmental powers.
If Apple isn't allowed to publicize that their private key is compromised, then using their private key to sign something is effectively compelled speech.
I hope I'm not stretching an analogy too broadly, but forcing Apple to rewrite it's OS seems to me like it would equivalent of making a locksmith who had invented a theoretical pick-proof lock uninstall each of the locks, open it up and introduce a mechanism to allow for a skeleton key, then reinstall the lock.
More like making a locksmith create a tool that could alter a pick-proof lock and turn it into a pickable lock, and give that tool to the gov't. But as others here have said, there are some key differences between the physical and digital worlds, so there are complications afterwards.
This modification would require having iOS source to modify, which certainly the FBI does not have.
And even if they did, it would take them months from receiving the source code to be even remotely prepared to do a custom iOS build to present to Apple to be signed. Domain expertise, familiarity with a code base, and just "simple" stuff like build/release engineering and QA aren't things you put together overnight.
>You make this sound hard: there are tons of qualified people who could do this in less than a week, including myself. We already have all of these tools just sitting around from the iPhone 4, and some of us have emulators for more recent devices: the only thing we don't have is Apple's key.
If multiple people have the know-how to make this in a week, I can't see it costing more than $25,000, probably less. (Just taking $1 million a year and dividing by 50 and rounding up, trying to get an upper bound. Presumably at least of those people are willing to sell out for a million a year, or 25k a week.)
But couldn't they write a modified iOS software themselves (obviously not easy as cake, but for the sake of the argument) and use a NSL to get Apple's key to sign the update?
It seems like having the update signed is the issue, not writing the update.
Edit: When looking at the scope of the NSL, it seems like only metadata can be requested, not arbitrary stuff. IANAL, but it seems like using an NSL makes no sense.