FBI vs. Apple escalates and the weekly roundup in tech and retail

News and commentaries

It is getting ugly between US prosecutors and Apple.

[T]he FBI cannot itself modify the software on Farook’s iPhone without access to the source code and Apple’s private electronic signature. The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers.

In the latest reply from the US Department of Justice to Apple’s formal motion to vacate the original order, the prosecutors are basically saying that the other option is to demand access to the source code and Apple’s private electronic signature. In DoJ’s perspective, asking Apple to unlock the San Bernardino iPhone by creating a new iOS is the lesser of two evils.

In the same filing, the DoJ has also called out Apple’s stance as “false” and “corrosive.”

Apple’s rhetoric is not only false, but also corrosive of the very institutions that are best able to safeguard our liberty and our rights: the courts, the Fourth Amendment, long-standing precedent and venerable laws, and the democratically elected branches of government

For most people, it’s probably quite confusing as to why Apple is digging its heels in. What we have to remember, more than the pros/cons of each side, is that Apple at the very core is fighting a precedent. According to Apple (emphasis is mine):

Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case… Again, we strongly believe the only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.

Here are this week’s most relevant news in tech and retail:

In tech:

  1. Malicious hacks: How a hacker’s typo helped stop a billion dollar bank heist; First OS X ransomware detected in the wild, will maliciously encrypt hard drives on infected Macs
  2. Researchers created a flexible ‘skin’ that could give robots a sense of touch
  3. Alphabet: AI scores landmark victory, defeating legendary Go player in historic match; Google’s Robots Are Learning How To Pick Things Up
  4. FBI vs. Apple: Justice Department: Apple obligated to assist FBI; Security Pros React To Apple VP Federighi’s Op-Ed On Dispute With FBI
  5. General Motors acquires self-driving car startup Cruise Automation, reportedly for $1B+

In retail:

  1. Amazon to lease 20 Boeing aircraft for cargo delivery
  2. Yoox Net-a-Porter turns to IBM to propel its luxury e-commerce experience
  3. Urban Outfitters jumps after merchandise sales boost profit
  4. Zara parent Inditex slows store expansion as online sales grow
  5. Avametric raises $10.5M to further develop its virtual fitting room tech

FBI vs. Apple: a summary and the weekly roundup in tech and retail

News and commentaries

On Tuesday, Apple’s CEO Tim Cook published a customer letter in response to a court order. A federal judge is ordering the company to provide technical assistance to the FBI to help unlock an iPhone 5c from one of the gunmen from the San Bernardino, CA  attack. Apple is resisting this order and has been given until February 26 to respond formally in court.

What does the FBI want Apple to do?

Just to clear things up, Apple is not being asked to decrypt the iPhone 5c. The court order is also specific in stating that this concerns only this particular iPhone 5c, called “subject device”. In fact, it also clearly states that the “hack” will happen within Apple to ensure that the software created will stay within Apple.

Here’s the request, verbatim via the court order:

  • [Apple] it will bypass or disable the auto-erase function whether or not it has been enabled;
  • it will enable the FBI to submit passcodes to the subject device for testing electronically via the physical device port, bluetooth, WiFi or other protocol available on the subject device;
  • it will ensure that when the FBI submits passcodes to the subject device, software running on the device will not purposely introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.

Is it technically possible for Apple to comply?

Again, let’s be clear that the order is not for Apple to decrypt data in this particular iPhone. The order is to allow the FBI to use brute force to “guess” the PIN/passcode in order to gain access into the phone. In this case, it is technically possible. Here’s a great post on how this can be done.

Why is Apple resisting?

Apple argues that once created for this one phone, there is no absolute certainty that the same technique will not reused for other iPhones.

In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable. (Tim Cook)

The important word here is “precedence”. If Apple complies or if the FBI wins the court order, it creates a dangerous precedence where compelling tech companies to create access to otherwise inaccessible data will be as simple as having a court order.

So what now?

Apple has until February 26 to formally respond in court. Law experts think that Apple will argue that the court places “unreasonable burden” on Apple. The order states:

To the extent that Apple believes that compliance with this Order would be unreasonably burdensome, it may take an application to this court for relief within five business days of the receipt of this order.

For more in depth view of the laws involved:

Here’s a few more links regarding this:

This issue has yet to play itself out. But as privacy concerns war with curbing acts of terror, it would be interesting to see how public discussions such as this will affect the nomination of the next Supreme Court justice after the unexpected death of Justice Scalia this week. Even more interesting is with the Senate’s plan to block any nomination from Obama until the next President, will this case reach a court of 8 instead of 9?

Here are this week’s most relevant news in tech and retail.

In tech:

  1. Space: China uprooting thousands to build telescope searching for aliens; Virgin Galactic will unveil its new SpaceShipTwo today; Google this: Israeli scientists eye $20M moon race prize
  2. A $7 smartphone is about to change the game in India
  3. Google Translate now supports 103 languages, covering 99% of Internet users
  4. Uber losing $1 billion a year to compete in China
  5. IBM buys Truven Health for $2.6B

In retail:

  1. Wal-Mart, reporting slower e-commerce growth, makes plans to expand number of products available online
  2. China Lunar New Year holiday retail sales up 11.2% year-on-year
  3. Deliveries: Amazon taking on Uber with its on-demand delivery service; Google launches fresh-grocery deliveries
  4. Kering lifted by euro and Gucci sales
  5. Nordstrom tumbles as holiday sales miss analysts’ estimates

Apple’s iCloud hack and the weekly roundup in tech and retail

News and commentaries

Unless you’ve been living under a rock (nothing wrong with that, by the way), you would have read/heard of an iCloud hack that led to exposure of several nude celebrity photos. Somehow, almost every article on this prominently features Hunger Games’ and X-Men actor, Jennifer Lawrence, who is simply one of many victims. 4Chan, the fringe and meme-generating site where the photos were posted, subsequently changed its policy to be more DMCA-compliant and will now remove content after an “infringement notice”. It’s most likely a defensive move against possible lawsuits from the victims involved.

I used to have the iPhone, from the first generation up to the iPhone 4s. When iCloud was launched in 2011, I was quite skeptical of Apple as a cloud storage company and did not even think of turning it on my phone. In 2012, around the time when I upgraded to the 4s, I considered turning iCloud on until I read an article about a writer whose digital life was pretty much erased due to security loopholes in his Amazon and Apple iCloud account. To be clear, the author’s way of daisy-chaining several online accounts were far from ideal but that cemented the idea in my mind that Apple’s iCloud is far from secure.

The recent hack turned out to be a targeted effort to gather the celebrities’ usernames, passwords and security questions and not a breach of iCloud itself. However, it brings us again to the vulnerability of using security questions to recover passwords. In fact, just a few days before the hack, security researchers released a Python script on GitHub that would allow for brute force to guess passwords via Apple’s Find My iPhone service. Apple has since patched the vulnerability but denies security flaws with the iCloud. On that note, whenever available, use multi-factor authentication for your online accounts – the pain is more than worth it.

Read on for this week’s most relevant news in tech and retail.

In Tech:

  1. Celebrity iCloud accounts hacked in a targeted attack leading to nude photo leaks; no security breach on iCloud according to Apple*
  2. United States installs a new Chief Technology Officer: Google(x)’s Megan Smith
  3. Motorola’s Android Wear Moto 360 launched and ready to ship while Apple gears up for possible iWatch and iPhone 6 launch next week
  4. Google rebrands Google Enterprise into Google for Work
  5. Healthcare.gov was breached; no consumer data were taken or viewed

In Retail:

  1. LVMH will relinquish most of 23.2% stake in Hérmes after a four-year battle and will not acquire any shares for the next 5 years; LVMH also ends a 10-year dispute over Google’s search results on counterfeit goods online; the two companies will sign a cooperation agreement to fight sales of counterfeit goods online
  2. Eyewear company, Safilo ends license deal with Gucci two years early after signing a deal with Kering
  3. Permira sells €850M worth of Hugo Boss shares equivalent to 11.2% of share capital; Hugo Boss AG shares fall
  4. Amazon partners with US Mail to deliver groceries in Seattle, Los Angeles and San Francisco
  5. European fashion retailer Zalando, currently valued at $5.3B, announces IPO on the Frankfurt Stock Exchange later this year; IPO offering will sell 10-11% of the company

*For such a large tech company that increasingly handles large amounts of data (iCloud, me.com, mac.com, iTunes), Apple is not transparent about the security features of its services. Worse, the Electronic Frontier Foundation (EFF) has found that Apple does *not* encrypt email transfers in what is known as the STARTTLS protocol. For all its might, Apple is still a hardware company and they better catch up soon especially when it comes to security.