1. If Apple only wanted to burnish its reputation as a defender of privacy, it could have done something a lot less risky than challenge the FBI in court. Sure, Tim Cook’s position on being forced to assist in decrypting a phone happens to align with Apple’s marketing, but in this case that’s a reflection of shared incentives. In other words, what’s good for user security is also good for Apple’s image. Unless you’re a conspiracy theorist, this alignment is a positive thing.

  2. Assuming the iPhone device encryption is properly implemented, there is no way for Apple to create a firmware image that will disable brute-force mitigation and device wipe only for the phone in question. Anything that could be used to authenticate the device is, most likely, one of three things: (a) easily spoofed by any party, like the device ID; (b) signed by Apple, meaning that they can be compelled to spoof it if the FBI gets its way and sets a precedent for future cases; or (c) not known to anyone but the device owner, who is now dead, and couldn’t be compelled by the Fifth Amendment to give up the passcode even if he weren’t. The moment Apple creates and signs firmware that disables the security measures that the FBI wants disabled, you have to assume that someone else could get a hold of that image and use it against other iPhones. Definitely with processors up to the A6, possibly newer ones as well.

  3. But the critical point here is not whether what the FBI wants Apple to do is technically feasible — it’s whether it’s a good precedent to set in principle for future cases like this. I fall firmly on the side of no. The idea that a court can compel a third party to assist in an investigation like this should raise alarm, and the fact that a court order can implicitly demand the downgrading of millions of users’ security is just galling. This doesn’t even get into the First Amendment implications — code is speech, per Bernstein v. DOJ. Leave aside the idea that Apple is somehow sympathizing with terrorists. The San Bernadino shooters are dead; we’re the ones who will have to live with any mistakes we make in reacting to them.

This article was first posted to Facebook. It was republished here on .