Business Essentials for Professionals


DOJ may demand Apple’s source code and signing keys

The fight between the DOJ and Apple could lead to the DOJ formally demanding that Apple hand over the source code for iOS as well as the signing keys, making it possible for the DOJ to gain unrestricted access to the iPhone.

A study of the latest filings in the ongoing legal war between the Justice Department and Apple is likely to indicate in what direction this confrontation which holds essentially wants to balance the right of the individual against the state’s duty to protect its citizens against terrorists exploiting the freedom given to its citizens.
Observers of the case have called the Justice Department demand to hand over the “source code” of its underlying products so that they can get access to the “signing key”, which authenticates the software as coming from Apple, a key calibrated threat to the Cupertino.
Once the Justice Department gets its hands over the source code and the signing keys, it will be in a position to create its own spy software that can be loaded into any iPhone. Significantly, this will mean, the end user will be unable to know whether the source of the software that they depend on.
Technological and security experts have warned that if Apple were to hands over its source code to the U.S. Government with a conventional court order, other governments will follow suit.
"We think that would be pretty terrible," said Joseph Lorenzo Hall, chief technologist at Democracy & Technology a non-profit organization.
The battle between the two giants started when terrorists struck in San Bernardino, California, killing 14 people. The FBI got hold of the shooters iPhone and has been trying to unlock it to unravel other potential terror links.
Apple has taken the stand the stand that complying with the FBI’s demand would set an open-ended precedent exploitable by other governments as well.
The Justice Department’s view on the signing keys and the source code came in a footnote and relates to its previous week filing which essentially amounted to a rejection of Apple’s arguments. Apple is set to response to the DOJ today.
Laying the grounds for their requests for the iOS source code and the signing keys, lawyers from the DOJ said “such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple.”
Lawyers familiar with the case have said the footnote corresponds to what they term as a "nuclear option," which seeks the most prized assets of lucrative technology companies.
People who are closely monitoring the case expect it to travel to the U.S. Supreme Court and have very little expectation on how the government’s demand for source code and signing keys will finally end up.
The closest precedence to this case was a case against Lavabit LLC,when federal prosecutors targeted Edward Snowden. In that case, the DOJ being unable to retrieve Snowden’s unencrypted mail from Lavabit, got a court order which forced the company to hand over another set of keys, which allowed the DOJ to impersonate themselves as Lavabit and thus intercept all communications.
At that point of time, the lower court had ruled, “Lavabit must provide any and all information necessary to decrypt the content, including, but not limited to public and private keys and algorithms,” Rather than comply Lavabit shut down shop.
Jesse Binnall, a lawyer for Lavabit said, the Fourth Circuit Court of Appeals, which upheld the ruling of the lower court, did so only on procedural grounds, so that the Justice Department’s win would not have wide repercussions.
Binnall went on to say, getting access to the source code would be even more valuable than getting traffic data, as it did in the Lavabit case, and she expects the industry to go to extreme lengths to fight its case.
“That really is the keys to the kingdom,” said Binnall.
Although source code is extremely precious, it is however provided during lawsuit involving intellectual property. In fact Apple won permission to revie some of Samsung’s code, in one such case. Naturally the when the source code is produced there are strict rules which prevent it from being copied.
As yet no case has been brought about by the U.S government that led to an inspection of source code, or at least none have come to light, so far.

Debashish Mukherjee

Markets | Companies | M&A | Innovation | People | Management | Lifestyle | World | Misc