Apple announced today via an open letter to their customers that they would not be complying with a court order to "assist in the enabling of the search of a cellular telephone". This particular phone was owned by one of the San Bernardino shooters.
Part of Apple's letter states:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
It would be reasonable at this point to ask the question, "What's the big deal, Apple?" Especially when Apple says in the previous paragraph, "We have great respect for the professionals at the FBI, and we believe their intentions are good."
Here's why this is a Big Deal, and why Apple giving in and creating such a piece of software truly is a Nightmare Scenario:
1. Apple can't Just Decrypt This Phone
The FBI has already asked Apple to do this, and they said it's not possible. Since iOS 8 was released, all iOS devices encrypt their contents with a combination of data that's only on the device. Apple doesn't have this data, and they can't retrieve it, even if they wanted to. The only way to decrypt the phone is by entering the passcode.
2. The FBI can't Guess the Passcode
The phone only allows 10 wrong guesses before it will erase its contents, and entering the code requires physically tapping on the screen, a process which takes several seconds per attempt. Even if there was not a 10 try limit, it would take years for the FBI to try every combination.
3. What the FBI Wants from Apple
The court order demands apple do 3 things:
4. How Apple Could Comply
Because the security features are a built-in part of iOS, the only way they could be bypassed would be for Apple to build a custom version of iOS that removed these security measures. Then, this custom version would have to be installed on the phone in question, where it would then allow the FBI to run their own software to attempt to guess the passcode. It is not clear if the FBI would be successful in this endeavor even given the opportunity.
5. Why Compliance Would be a Nightmare Scenario
If Apple were to create a version of iOS that could remove these security features when installed, then you can rest assured that it would only be a matter of months before:
The bottom line is that this is pandora's box. If Apple creates a piece of software to turn off all these features, then the features might as well not exist for anyone, and that software will absolutely be used for evil in short time.
None of this addresses what is arguably a bigger issue: Whether or not government should be able to force companies to create new products with the purpose of rendering old products insecure and/or for the explicit purpose of acquiring their customers' private data.
Who doesn't want to automate their house via
I have a Razberry module hooked up to a RaspberryPi, along with about a dozen or so Z-Wave devices (switches, sensors, etc.) throughout my house. The ZWay server still has an awful scheduling UI (you have to add an app for each schedule rule you want). Even X-10 had a scheduling UI, in the 90s. (Sadly, I couldn't find any good pictures of this old interface; perhaps I'm forgetting the proper name of the device.)
The only problem is that there isn't a basic command line interface to the ZWay server. So, I wrote one.
zway-cli is a simple Ruby gem that gives you basic command line access to your ZWay server. You can query device status, and turn things on and off. It's super basic, and super simple, which is exactly what I wanted for an application like this.
Things like this make me happy:
$ zway kitchen_lights on
If you're running ZWay and want a simple way to control it via the command line you ought to give it a try.