Apple and Law Enforcement
Apple always seems to refuse law enforcement requests. Let’s understand why this is bad for Apple… and for Silicon Valley as a whole. Let’s see how this can be resolved.
Stubbornness
While Apple and other “Silicon Valley” companies may be stubborn in reducing encryption strength on phones, reduction of encryption strength isn’t strictly necessary for law enforcement to get what they need out of a phone device. In fact, it doesn’t really make sense to reduce encryption across all phone devices simply so law enforcement can gain access to a small number of computer devices in a small set of criminal cases.
That’s like using a sledgehammer to open a pea. Sure, it works, but not very well. Worse, these legal cases might not even be impacted by what’s found on the device. Making all phones vulnerable to potentially even worse crimes, such as identity theft and stealing money in order to prosecute a smaller number of crimes which might not be impacted by unlocking a phone doesn’t make sense.
There Are Solutions
Apple (and other phone manufacturers) should be required to partner with law enforcement to create a one-use unlocking system for law enforcement use. Federal law could even mandate that any non-law enforcement personnel who attempts to access the law enforcement mode of a phone would be in violation of federal law. Though, policing this might be somewhat difficult. It should be relatively easy to build and implement such one-use system. Such a system will be relatively easy to use (with the correct information) and be equally difficult to hack (without the correct information).
How this enforcement system would work is that Apple (or any phone vendor) would be required to build both law enforcement support web site and a law enforcement mode on the phone for law enforcement use only. This LE support server is naturally authentication protected. A verified law enforcement agent logs into Apple’s LE system and enters key information from/about a specific device along with their own Apple issued law enforcement ID number. Apple could even require law enforcement officers to have access to an iPhone themselves to use FaceID to verify their identity before access.
The device information from an evidence phone may include the iPhone’s IMEI (available on the SIMM tray), ICCID (if available), SEID (if available), serial number, phone number (if available) and then finally a valid federally issued warrant number. Apple’s validation system would then log in to a federal system and validate the warrant number. Once the warrant is validated and provided the required input data specific to the phone all match to the device (along with the Apple’s law enforcement ID), Apple will issue a one-time use unlocking code to the law enforcement agent. This code can then be used one time to unlock the device in Law Enforcement Mode (LEM).
To unlock an evidence device, the agent then boots the phone into LEM (needs to be built by Apple) and then manually enters an Apple-generated code into the phone’s interface along with their law enforcement ID. The law enforcement mode then allows setup and connection to a local WiFi network (if no data network is available), but only after entering a valid code. The code will then be verified by Apple’s servers and then the phone will be temporarily unlocked. Valid entry of a law enforcement code unlocks the device for a period of 24 hours for law enforcement use. There is no “lock out” when entering the wrong code when the phone is in “law enforcement mode” because these codes are far too complex to implement such a system. Though, the phone can reboot out of LEM after a number of wrong attempts. You simply can’t randomly guess these codes by trial and error. They are too complex and lengthy for this.
This specific one-use code allows unlocking the device one time only and only for a period of 24 hours. This means that phone will accept that specific code only once and never accept that specific code again. If law enforcement needs to unlock the phone again, they will have to go through the law enforcement process of having Apple generate a new code using the same input data which would then generate a new code, again, valid for only 24 hours.
A successfully used LE code will suspend all phone screen lock security for a period of 24 hours. This means that the only action need to get into a phone for up to 24 hours (even after having been powered off and back on) is by pressing the home key or swiping up. No touch ID or Face ID is needed when the phone is unlocked during this 24 hour period. This allows for use of this phone by multiple people for gathering evidence, downloading information or as needed by law enforcement. This mode also suspends all security around connecting and trusting iTunes. iTunes will also allow downloading data from the phone without going through its “trust” security. After 24 hours, the phone reboots, deletes LE configuration parameters (such as WiFi networks) and reverts back to its original locked and secured state.
The iPhone will also leave a notification for the owner of the phone that the phone has been unlocked and accessed by law enforcement (much the same as the note left in luggage by the TSA after it has been searched). If the phone still has Internet access, it will contact Apple and inform the Apple ID that the phone has been unlocked and accessed by law enforcement. This Internet notification can be suspended for up to 30 days to allow law enforcement time enough to get what they need before the system notifies the Apple ID owner of access to that device. Though, I’d recommend that Apple notify the owner right away of any access by law enforcement.
How to use the code
When a valid generated Apple law enforcement code is entered into the phone in LEM, the phone calculates the validity of the code based on an internal process that runs on the phone continuously. While the phone is validly being used by its owner, this process will periodically sync with Apple’s LE servers to ensure that an iPhone’s LEM process will work properly should the phone fall into the possession of law enforcement. This information will have to be spelled out and agreed to in Apple’s terms and conditions. Apple’s servers and the phone remain synchronized in the same way as RSA one-time keys remain synchronized (within a small calculable margin of error). Thus, it won’t need to synchronize often.
How to use Law Enforcement Mode
This mode can be brought up by anyone, but to unlock this mode fully, a valid Apple issued law enforcement ID and one-use code must be entered into an iPhone for the mode to unlock and allow setup of a WiFi network. Without entry of an Apple issued law enforcement ID number or because of successive incorrect entries, the phone will reboot out of LEM after a short period time.
Law Enforcement ID
A law enforcement ID must be generated by Apple and these IDs will synchronize to all Apple devices prior to falling under law enforcement possession. To keep this list small, it will remain compressed on the device until LEM successfully activates, at which time the file is decompressed for offline validation use. This means that a nefarious someone can’t simply get into this mode and start mucking about easily to gain entry to a random phone. It also means someone can’t request Apple issue a brand new ID on the spot. Even if Apple were to create a new ID, the phone would take up to 24 hours to synchronize… and that assumes that the phone still has data service (which it probably doesn’t). Without data service, the phone cannot synchronize new IDs. This is the importance of creating these IDs in advance.
Apple will also need to go through a validation process to ensure the law enforcement officer requesting an ID is a valid officer working for a legitimate law enforcement organization. This in-advance validation may require a PDF of the officer’s badge and number, an agency issued ID card and any other agency relevant information to ensure the officer is a valid LE officer or an officer of the court. This requires some effort on the part of Apple.
To get an Apple law enforcement ID, the department needing access must apply for such access with Apple under its law enforcement support site (to be created). Once an Apple law enforcement ID has been issued, within 24 hours the ID will sync to phones, thus activating the use of this ID with the phone’s LEM. These IDs should not be shared outside of any law enforcement department. IDs must be renewed periodically through a simple validation process, otherwise they will expire and fall off of the list. Manufacturers shouldn’t have to manage this list manually.
Such a system is relatively simple to build, but may take time to implement. Apple, however, may not be cool with developing such a law enforcement system on its own time and dime. This is where the government may need to step in and mandate such a law enforcement support system be built by phone manufacturers who insist on using overly strong encryption. While government(s) can legislate that companies reduce their encryption strength on their devices to avoid building a law enforcement system as described, instead I’d strongly recommend that companies be required to build a law enforcement support and unlocking system into their devices should they wish to continue using ever stronger encryption. Why compromise the security of all devices simply for a small number of law enforcement cases? Apple must meet law enforcement somewhere in the middle via technological means.
There is also no reason why Apple and other device manufacturers are denying access to law enforcement agents for phone devices when there are software and technical solutions that can see Apple and other manufacturers cooperate with law enforcement, but yet not “give away the farm”.
I don’t even work for Apple and I designed this functional system in under 30 minutes. There may be other considerations of which I am not aware within iOS or Android, but none of these considerations are insurmountable in this design. Every device that Apple has built can support such a mode. Google should also be required to build a similar system for its Android phones and devices.
Apple is simply not trying.
↩︎
Newest Scam: Law enforcement agencies target unsuspecting motorists with bogus citations
I’ve long suspected that this is happening, but now I’ve been a victim of this exact situation. In the state of the economy, especially here in California, local law enforcement agencies are apparently under the budgetary microscope. As a result, it now appears that law enforcement agencies have now joined the ranks of the scam artists… with one exception, they are legally sanctioned entities. In my case, my car was stated to have been located near an expired parking meter and cited for this parking infraction when it was no where near the location on that date. I do drive near that parking structure. Near yes, but almost never closer than 2-3 miles near it. Close enough that a local cop could have written down my plate number, seen the make, model and color and then used that information to create the scam citation. Yes, I could have contested the ticket, but the main issue is that the citation had nearly every bit of information about my vehicle correct except the body style (which was conveniently absent from the notice to pay). On top of that, the citation was issued so late in the contest process, I basically didn’t have time to contest it. However, the license plate number was correct, plate expiration year correct, make correct, color correct. The only thing that wasn’t correct and, of course, wasn’t written on the notice to pay the citation was the body style… how convenient. The other two things that were conveniently missing from their ‘system’.. the VIN and the month of the plate expiration. Two bits of information that would have conclusively proven my vehicle wasn’t there, but this information was conveniently absent.
Worse, law enforcement agencies can dig through the state’s plate database and simply choose license plates at random, write a citation based on some random vehicle incident, throw the ticket away and collect the money. That is assuming you don’t contest. The issue, though, is that if the officer is thorough enough about the make, color and license specifics, then they have you regardless of what the body style says to be or where you claim to have been at the time. Of course, if you happen to have conclusive proof that your vehicle wasn’t where the officer claims it was on the citation.. like a date stamped photograph of your vehicle at that moment in time (and how likely is that to happen) or some other proof your vehicle was locked up, then you’re likely going to end up paying the scam citation. Even contesting it, you may still end up paying. As long as the vehicle is in your name and the citation is tied to your plate, you’re liable period.
Honestly though, would you actually be able to successfully contest this? I mean, you can, yes. But, is it worth the effort? Sure, you could retain a lawyer, but that would cost you much more than the $45-$90 just to pay the citation. You could do it yourself and go to court. Again, they know this is a hassle and they are apparently exploiting this fact. They know you’ll pay because the amount is too small for all that hassle.
Incidents like these are exactly what government and law enforcement don’t need or want right now. Setting up scams to bring in cash isn’t the answer. But yet, it is happening.. likely every day. Note that in my case and because my car actually wasn’t where the officer claimed it was, I never received an initial citation. The only notice I received was from the collection agency. One officer stated to me when I called about this issue. “It might have just blown away”. Uh-huh.. riiiight. Maybe I didn’t receive it because my vehicle wasn’t actually there. But, that doesn’t matter. As long as the officer is thorough enough to go through the license database or write down your vehicle as you drive around town, they can easily set up scam citations to collect between $45 and $90 for the city, county (or the University in this case). And worse, as long as it’s in your name and the majority of the information is correct, even a judge may still find you liable for the fine.
Government problems just beginning
These issues are the beginning of the end of the government as we know it. When cops are now involved in state legalized racketeering, then there’s really no hope that this government can continue to exist. We are about to head back to the old west of lawlessness. If the police can no longer be trusted not to scam individuals out of their hard earned money, the no one can be trusted. This is the era in which the US and local governments will collapse. It will collapse under its own weight and ungainly methodologies. By unscrupulously taking advantage of its own infrastructure for illicit monetary gain, the end of this government draws near. It’s only a matter of time.
Government was initially designed to serve the people. Unfortunately, now it’s just the opposite. It now looks like people are now forced to serve the government. As long as these scams continue unabated, there is no hope for law enforcement agencies to gain any respect or trust from the people, let alone the government. And then they wonder why people no longer trust cops. Hello? Looks like the lights are on but no one’s home.
Our governments were designed to help us (the people). Unfortunately, now government appears to be helping itself more than the people. Of course, this issue is not the beginning. In reality, we can consider sales tax, use taxes, income tax all forms of legalized monetary scams. Ways to part you from your money. Sure, it’s supposed to help us through programs, but the only thing it really does is help government remain in power. If the American people stood up and finally said no to paying government fees, taxes and assessments in mass, it would be all over for government agencies. They simply would not be able to function. But, that’s not going to happen. Too many Americans believe that government is still necessary. But, do we need a government like this? A government that is no better than your average street thug dealing dope?
I’m not saying that government deals in dope, but don’t they? Just look at the FDA. It’s supposed to help protect us. But then, big pharma companies just use the FDA to put their expensive and hazardous drugs onto the market. Some of these drugs make us highly addicted or, worse, the drugs become lethal. Again, it’s another ‘legalized’ form of controlled chaos. I guess it’s all really a point of view at this point. It can only be called protection, though, if people don’t die. When people begin to die because big pharma decides to push the latest pill, then that isn’t any better than the drugs being shipped in from outside the US. So, how is the FDA really any better than a big drug cartel?
Government rethink
I think it’s time to rethink our governmental system. It is now time to realize that what our forefathers put in place is now collapsing under its own weight. Is there a governmental system that could work? Good question. We already know that other governmental forms like socialism and communism don’t really work. A democracy could work, but I think we’ve put so many laws into place that it’s now simply collapsing. I think there’s a point at which there are too many laws and I think we’ve already reached and exceeded that number. Worse, our governments have bastardized the bill of rights to fit the criteria of their point of view instead of what they actually mean. So, for example, you can claim the right to bear arms as long as you’re in a state where it’s legal to do so. Huh? How is that possible? The right to bear arms is a given right and cannot be revoked by any state. Again, as for the fourth amendment, what’s actually considered an ‘unreasonable search and seizure’? Because our forefathers weren’t more specific on this aspect, it is left open to interpretation. Interpretation leads to modification. Modification leads to the law only being valid under specific conditions. These modifications were not sanctioned by the bill of rights. Of course, so when it comes down to whether or not it violates the Bill of Rights, then it has to go in front of the Supreme Court. And, oh yes, this court is appointed by the President. If that is not conflict of interest, I don’t know what is.
Yes, it’s time to consider a new government. One that goes back to our roots. One that doesn’t try to save every business in the US. One that focuses on the people as people, not as a business. Free enterprise and entrepreneurship will survive no matter what. Businesses can fend for themselves. We no longer need businesses putting politicians in their back pockets simply to help keep the revenue flowing. This isn’t a nanny state, yet I believe that’s where we are fast heading, if not already there. Businesses don’t need any government officials ‘on their team’. But, big business will always argue that it does. That’s only because they want laws passed that benefit their ability to continue to make money. Truth is, no one looks out for an individual. Why should any third party look out for a company?
Government has sewn the seeds of its own destruction with situations such as all of the above. It’s now time for us to find another fundamental way to continue our society (and the human species). In the grand scheme of things, the government is probably the least important thing we have today. What’s most important is Earth and ours, the human species. Clearly, where we are today isn’t the answer.
Random Thoughts - Randocity! 
leave a comment