Cites ‘undue burden’ as it estimates six to 10 employees working two to four weeks on creating new OS
In a motion filed Friday with a California court, Apple ticked off several constitutional arguments against helping the FBI break into the iPhone used by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., on Dec. 2, 2015, before they died in a shootout with police.
But it also directly addressed the concept of “undue burden.”
Case law has established that the All Writs Act — the 1789 legislation cited by the government for forcing Apple to comply — can be used only when an order does “not adversely affect the basic interests of the third party or impose an undue burden.” Apple seized on that language to describe what it would take to assist the FBI.
“No operating system currently exists that can accomplish what the government wants, and any effort to create one will require that Apple write new code, not just disable existing code functionality,” Apple said in its motion. “Experienced Apple engineers would have to design, create, test, and validate the compromised operating system, using a hyper-secure isolation room within which to do it, and then deploy and supervise its operation by the FBI to brute force crack the phone’s passcode.”
That task — creating a specialized version of iOS that would run only in the target iPhone’s RAM — would be a chore, Apple said as it estimated what it would take to complete.
“I would estimate that the design, creation, validation, and deployment of GovtOS would necessitate between six and ten Apple engineers and employees dedicating a very substantial portion of their time for two weeks at a minimum, and likely as many as four weeks,” said Erik Neuenschwander, Apple’s manager of privacy, in a declaration filed alongside his firm’s motion. Neuenschwander would be the one in charge of planning the project if it were required.
“GovtOS” was the moniker Neuenschwander stuck on the one-of-a-kind modified iOS that would be produced.
“Once GovtOS is created, Apple will need to set up a secure, isolated physical facility where the FBI’s passcode testing can be conducted without interfering with the investigation or disrupting Apple’s operations,” added Neuenschwander.
The government has demanded Apple’s assistance in at least 12 cases since September, but court records show that many more, some of them languishing for over a year, have been submitted.
“If this order is permitted to stand, it will only be a matter of days before some other prosecutor, in some other important case, before some other judge, seeks a similar order using this case as precedent,” Apple’s lawyers wrote in their Friday motion. “Once the floodgates open, they cannot be closed, and the device security that Apple has worked so tirelessly to achieve will be unwound without so much as a congressional vote.”
“Given the complexity of designing, creating, validating, deploying, and eradicating a bespoke operating system such as the government demands, the burden on Apple will increase significantly as the number of requests to Apple increase,” he said. “Each such commissioned operating system will need to be tailored to the specific combination of hardware and operating system running on the relevant device.”
This story, “Apple spells out what it would take to comply with government’s iPhone order ” was originally published by ComputerWorld.
Read complete article at the above ComputerWorld link or at the InfoWorld link below: