Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple spells out what it would take to comply with government's iPhone order

Gregg Keizer | March 1, 2016
Cites 'undue burden' as it estimates 6 to 10 employees working 2 to 4 weeks on creating new OS.

Apple last week argued that assisting the FBI in the agency's attempt to access an iPhone used by one of the San Bernardino killers would be an undue burden that would require a staff of between six and ten people who would have to dedicate two to four weeks of their time to the task.

In a motion filed Friday with a California court, Apple ticked off several constitutional arguments against helping the FBI break into the iPhone used by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., on Dec. 2, 2015, before they died in a shootout with police.

But it also directly addressed the concept of "undue burden."

Case law has established that the All Writs Act -- the 1789 legislation cited by the government for forcing Apple to comply -- can be used only when an order does "not adversely affect the basic interests of the third party or impose an undue burden." Apple seized on that language to describe what it would take to assist the FBI.

"No operating system currently exists that can accomplish what the government wants, and any effort to create one will require that Apple write new code, not just disable existing code functionality," Apple said in its motion. "Experienced Apple engineers would have to design, create, test, and validate the compromised operating system, using a hyper-secure isolation room within which to do it, and then deploy and supervise its operation by the FBI to brute force crack the phone's passcode."

That task -- creating a specialized version of iOS that would run only in the target iPhone's RAM -- would be a chore, Apple said as it estimated what it would take to complete.

"I would estimate that the design, creation, validation, and deployment of GovtOS would necessitate between six and ten Apple engineers and employees dedicating a very substantial portion of their time for two weeks at a minimum, and likely as many as four weeks," said Erik Neuenschwander, Apple's manager of privacy, in a declaration filed alongside his firm's motion. Neuenschwander would be the one in charge of planning the project if it were required.

"GovtOS" was the moniker Neuenschwander stuck on the one-of-a-kind modified iOS that would be produced.

In his declaration, Neuenschwander gave a glimpse of Apple's usual development process, which he said would be followed for GovtOS to ensure it worked properly and didn't disturb any of the data currently on the iPhone. All work would have to be logged, recorded and preserved, he said, in case Apple's methodology was later questioned in court.

"Once GovtOS is created, Apple will need to set up a secure, isolated physical facility where the FBI's passcode testing can be conducted without interfering with the investigation or disrupting Apple's operations," added Neuenschwander.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.