Stanford CIS

We Read All 20 Filings In Support Of Apple Against The FBI; Here Are The Most Interesting Points

on

"However, the most interesting filing of all may be the one filed by a group of iPhone Security and Applied Cryptography Experts, and put together by Jennifer Granick and Riana Pfefferkorn from Stanford's Center for Internet and Society. That brief is super educational in getting down into the weeds of just how dangerous it would be for Apple to create this code. Since so many people -- including the DOJ -- seem to think that Apple can just create this code and then make it disappear, this filing is super useful in debunking that claim. It first notes that the Court did try to put in some "safeguards" against abuse of the code, but then explains why those won't help:

These rules are not meaningful barriers to misuse and abuse of the forensic capabilities this Court is ordering Apple to create. First, the Order assumes that Apple will create the Custom Code without any vulnerabilities in its implementation. Vulnerabilities are common in software code, including Apple’s iOS, and despite Apple’s best efforts. The government dismissively downplays the effort required to develop and update the Custom Code, stating that Apple “writes software code as part of its regular business,” including “routinely patch[ing] security or functionality issues” in iOS and “releas[ing] new versions of [iOS] to address issues.” Application at 15. But creating software (especially secure software) is complex, and software development requires rigorous testing."