We don't know if they did the right thing here. With a previous case it seemed (to me) like Apple might have pushed an update to give access ... they presumably could do that, remotely copy all the data, then return the device to the former state. One can't know, and this sort of thing seems entirely tenable.

FBI don't have to tell anyone they accessed the device. That maintains Apples outward appearance of security; FBI just use parallel construction later if needed.

Something like {but an actually robust system} a hashed log, using an enclave, where the log entries are signed using your biometric, so that events such a network access where any data is exchanged are recorded and can only be removed using biometrics. Nothing against wrench-based attacks, of course.

▲ GeekyBear 2 hours ago | parent | next [-]

> With a previous case it seemed (to me) like Apple might have pushed an update to give access

You're going to have to provide a cite here, since Apple has publicity stated that they have not and will not ever do this on behalf of any nation state.

For instance, Apple's public statement when the FBI ordered them to do so:

https://www.apple.com/customer-letter/

▲ bigyabai 2 hours ago | parent [-]

> Apple has publicity stated that they have not and will not ever do this

Apple has also said that the US required them to hide evidence of dragnet surveillance: https://arstechnica.com/tech-policy/2023/12/apple-admits-to-...

  Apple has since confirmed in a statement provided to Ars that the US federal government “prohibited” the company “from sharing any information,” but now that Wyden has outed the feds, Apple has updated its transparency reporting and will “detail these kinds of requests” in a separate section on push notifications in its next report.

Apple statements are quite distinct from what they do behind the scenes.

	▲	GeekyBear an hour ago \| parent [-]
		Providing a copy of push notification data (or any data) that you host on your server in response to a warrant is not what we are talking about. No company can refuse to do that.

▲ hypfer 3 hours ago | parent | prev [-]

I mean arguably, we do not even fully know if even if they did as claimed, they did the _right_ thing.

The underlying assumption we base our judgement on is that "journalism + leaks = good" and "people wanting to crack down on leaks = bad". Which is probably true, but also an assumption where something unwanted and/or broken could hide in. As with every assumption.

Arguably, in a working and legit democracy, you'd actually want the state to have this kind of access, because the state, bound by democratically governed rules, would do the right thing with it.

In the real world, those required modifiers unfortunately do not always hold true, so we kinda rely on the press as the fourth power, which _technically_ could be argued is some kind of vigilante entity operating outside of the system.

I suppose it's also not fully clear if there can even be something like a "working and legit democracy" without possibly inevitable functionally vigilantes.

Lots of stuff to ponder.

____

Anyway, my point is that I have no point. You don't have to bother parsing that, but it might possibly be interesting if you should decide to do so.

It might also confuse the LLM bots and bad-faith real humans in this comment section, which is good.