The major difference is that a warrant to access a safety deposit box allows the keys for that specific safety deposit box and no other. What the FBI is asking for is the equivalent of asking for a master key to all the safety deposit boxes to access just the one box. Given what was revealed in the summer of 2013 by Snowden, I think we'd all agree that the FBI and other state agencies (not just American agencies) will use the software as a backdoor to access whichever iPhone they choose. Let's not be naive.

Well the FBI would have to have the iPhone in their possession to unlock it I presume. SO that's one level of security - I don't think the USA has become a place where property can just be confiscated without reason (I hope I am right here). If Apple were custodians of the unlock process then only once due legal process had been followed would an iPhone be unlocked i.e. Apple would own the unlocking mechanism. Maybe in the CEOs safe...

> I don't think the USA has become a place where property can just be confiscated without reason

Civil Forefeiture has been a problem for a long time.

Does Apple really have to create a "master" key though? Couldn't Apple write the backdoor that would only activates on the iPhone in question? Even if it was something as simple as "if (secure_id == terrorist_phone_id) [accept any pin]", it's not like the FBI could remove the condition without invalidating the signature. If they could, they wouldn't need Apple's help to begin with.

This is not the government asking to search a single vehicle or safebox, to take your examples. This is the government asking that every safebox or vehicle in the world be made instantly unlockable by design.

Exactly. I think OP is a bit fast and loose on the definition of area of interest.

It's not that it's bad if it's this case. It's that is bad if it applies as a built-in backdoor for whenever they feel like using it.

Am i missing something but aren't safeboxs and vehicles already made "unlockable by design"?

I am positive banks can open those things, and vehicles are inherently "openable", so I do not quite get the point here.

> With the due legal process the police can search property, safety deposit boxes, bank accounts, vehicles, etc. etc. Why should a smartphone be any different just because Apple says it is ?

Because the "master key" alluded to in the letter is ethereal and can be duplicated (as opposed to handed over). This means:

- Since the key can be duplicated, there is no serious way to ensure that only the police (or any other legally entitled organ) can do the search. Anyone who can get it will have police-level access to anything and will be able to offer police-level access to anyone. The "anyone" in question can be a former policeman who hates life, some script kiddie, the Chinese and so on -- and neither of these people are likely to care much about the "due legal process".

- The police can trivially search it without the owner's knowledge and without leaving evidence. The high costs in time and money are a reasonable deterrent for searching property, vehicles etc. without the due legal process. For an electronic device, that cost is practically zero.

Regarding the first point -- for what it's worth, a while ago, army regulations here required that all doors have a physical lock and key, even if they also had an access code, for precisely this reason. The access code or the card swiping were used to log access (i.e. everyone had their own card, access codes could be logged so that you at least knew when someone was entering etc.) but when a door was supposed to be locked for good (e.g. labs not in use during the night), they were locked with real keys and sealed with old-fashioned wax seals. The rationale was that breaking the lock required quite a little time (and maybe even some door banging), increasing the chances that someone who tried to break in would be discovered, and physical evidence of a break-in was fairly hard to erase, as opposed to a purely electronic break-in which was quick to do (just enter the code). I don't know if this is true anymore, nor how common it was outside this part of the world, but it makes some sense.

"the police can search property, safety deposit boxes, bank accounts, vehicles, etc." - that they can, doesn't mean it is right. If you read the entire letter, you'll see that creating the backdoor means tomorrow the Chinese government can see the nude pics on your phone (with 'due legal process', of course).

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

The issue they're talking about is that by creating a back door it's not limited to a single iPhone. Once there's a way in then anyone with that knowledge can use it on any iPhone to access encrypted data.

That seems a lot different from getting a search warrant and having the right to go through your belongings.

I don't think that the police can compel you to not make a very good safety deposit box, just to compel you to open it if you have the capabilities.

I agree that due process should compel Apple to unlock if they have the capabilities to. But no subpoena can beat math, right?

EDIT: I just realised that what the FBI is talking about is a backdoored version of iOS. To me the compromise seems to be writing the backdoored version but leaving it in Apple's hands (so Apple could send the FBI the data but not send them the OS). The only problem with that, of course, is that such a backdoored version could then be taken by a judge.

Honestly, it seems like the judge could force Apple to hand over the OS update signing keys to the FBI...

> Why should a smartphone be any different just because Apple says it is ?

Because it is possible to create a smartphone that is impossible to break into. The others it is impossible to create one that is impossible to break

Why do you assume that a "due legal process" will be followed every time, in every country?

Or maybe you think it's OK to do it just this once?

Sort of the "just the tip" mentality here?

The problem is that once such a capability is added to the OS, there is no going back. And it can then be used with or without your wonderful US due legal process, potentially by criminals and definitely by governments in countries where human and civil rights are a joke.