Re: [Fed-Talk] Should we be concerned about this?
Re: [Fed-Talk] Should we be concerned about this?
- Subject: Re: [Fed-Talk] Should we be concerned about this?
- From: Peter Thoenen - NOAA Federal <email@hidden>
- Date: Fri, 10 May 2013 08:56:02 -1000
The bigger question with this is how does it work with FDE? Many folk are
counting on IOS (not FIPS 140-2 compliant) to protect their organizations
PII and if it can be bypassed simply be "the Chinese government submitting a
legitimate request" we got a big problem.
-Peter
> -----Original Message-----
> From: fed-talk-bounces+peter.thoenen=email@hidden
> [mailto:fed-talk-
> bounces+peter.thoenen=email@hidden] On Behalf Of Villano, Paul
> A CIV USARMY TRADOC (US)
> Sent: Friday, May 10, 2013 08:51
> To: Dave Schroeder; Marcus, Allan B
> Cc: email@hidden Fed-Talk
> Subject: Re: [Fed-Talk] Should we be concerned about this?
>
> Wasn't this bypassing thing all over the news a while back, that you could
> bypass the lock screen because of emergency call setups or
> something? It seems as if a known issue was just reworded to make it seem
> worse. The issue seems to be the legality of having police
> rather than Apple open up the phones, specifically because of the terms of
> service already mentioned. It's just easier, legally, to have
> Apple do what they're already covered to do, legally, than having police
> have to go through all kinds of legal wrangling and paperwork
> to do the same thing.
>
> Thanks.
>
> Paul V
>
> -----Original Message-----
> From: fed-talk-bounces+paul.a.villano.civ=email@hidden
> [mailto:fed-talk-
> bounces+paul.a.villano.civ=email@hidden] On Behalf Of Dave
> Schroeder
> Sent: Friday, May 10, 2013 2:34 PM
> To: Marcus, Allan B
> Cc: email@hidden Fed-Talk
> Subject: Re: [Fed-Talk] Should we be concerned about this?
>
>
> On May 10, 2013, at 12:36 PM, Marcus, Allan B wrote:
>
> > It appears Apple can bypass the password protection for an iOS device! I
> > was not aware of this. Can Blackberry, Samsung, and
> Microsoft do the same? If Apple can bypass the the protection, can others?
> Is there documentation from Apple on how the bypass
> procedures are protected at Apple? Is this an NSA or FCC requirement that
> Apple has to comply with?
> >
> > Bottom line, should we be concerned by this?
> >
> > http://www.macrumors.com/2013/05/10/apple-has-backlog-of-requests-from-police-to-unlock-seized-iphones/
>
> This is known, and it's *definitely* not an NSA requirement. In fact, it's
> probably not a "requirement" at all, other than the
> requirement to comply with a court order with which an entity has the
> capability to comply.
>
> There is no way that Apple would (voluntarily) publicly release the
> policies, procedures, or documentation concerning the handling of
> and response to legitimate requests from law enforcement or other
> government entities.
>
> And no, this isn't just an "Apple" thing.
>
> <http://news.cnet.com/8301-31921_3-57408370-281/how-apple-and-google-help-police-bypass-iphone-android-lock-screens/>
>
> - Dave
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden