February 16, 2016

A Message to Our Customers

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

The Need for Encryption

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.

For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.

The San Bernardino Case

We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The Threat to Data Security

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

A Dangerous Precedent

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Tim Cook

No to backdoor but I'll never have any sympathy for Apple. Apple is bricking their phones which have been repaired with parts other than Apple's and by people who are not affiliated with Apple. Imagine if you had to take your Toyota to the Toyota dealer for every service including oil changes. If you don't, Toyota shuts your down and it will not function.

No to backdoor but I'll never have any sympathy for Apple. Apple is bricking their phones which have been repaired with parts other than Apple's and by people who are not affiliated with Apple. Imagine if you had to take your Toyota to the Toyota dealer for every service including oil changes. If you don't, Toyota shuts your down and it will not function.

Sorry, but that's not true. I've repaired iPhones, iPods, iMacs and MacBooks with third party parts for years and have yet to have any problem with bricking. Well, other than what I caused by my own clumsiness, anyhow.

I have an iPhone 5S and an iPad mini and I prefer to keep my privacy if it's possible.

Sorry, but that's not true. I've repaired iPhones, iPods, iMacs and MacBooks with third party parts for years and have yet to have any problem with bricking. Well, other than what I caused by my own clumsiness, anyhow.

Yes it is true and they just started this month. I currently repair iPhones, iPads etc and the industry is in an uproar.

Yes it is true and they just started this month. I currently repair iPhones, iPads etc and the industry is in an uproar.

If you're talking about the Error 53 issue, that's only if the fingerprint sensor is tampered with—and for good reason.


One type of potential attack would involve replacing the Touch ID sensor with a compromised version. There is no reason to believe this has happened yet but it is a potential vector and one Apple is aware of. For this reason, when you upgrade your iPhone to a new version of iOS, it checks to make sure that Touch ID hasn’t been tampered with. If it has, then Error 53 triggers and your phone is locked.

http://www.makeuseof.com/tag/error-53-apple-really-bricking-iphones/

No sir. We already tell customers about the finger print issue since only Apple home buttons work. Apple will not allow aftermarket vendors and shuts out that feature if a different brand button is used. SOMETIMES, a hard reset will do the trick but not always.

Apple recently issued a new update that bricks their phones when parts (screens, cameras etc) are detected. Right now it seems to occur randomly but I've had some pissed customers come back in and all I can tell them is Apple did it. Tried swaping out parts, putting the old part back on, firing up the phone and then letting it run through the boot menu. Afterwards we'd put the new parts back on and it would be OK for a while but corporate on my end is fuming and has called Apple out on this practice. It may be going to federal court if Apple continues to stand behind this policy.
Hand to your deity of your choice. It is a very real issue for us.

I hope you understand this is only one tiny spider in the vast web of electronic spies with the willing cooperation of so many corporations I lost count a long time ago. You should know and understand the age old warning "don't put it in writing" is now more important than ever before.


https://www.youtube.com/watch?v=DuABc9ZNtrA

No sir. We already tell customers about the finger print issue since only Apple home buttons work. Apple will not allow aftermarket vendors and shuts out that feature if a different brand button is used. SOMETIMES, a hard reset will do the trick but not always.

Apple recently issued a new update that bricks their phones when parts (screens, cameras etc) are detected. Right now it seems to occur randomly but I've had some pissed customers come back in and all I can tell them is Apple did it. Tried swaping out parts, putting the old part back on, firing up the phone and then letting it run through the boot menu. Afterwards we'd put the new parts back on and it would be OK for a while but corporate on my end is fuming and has called Apple out on this practice. It may be going to federal court if Apple continues to stand behind this policy.
Hand to your deity of your choice. It is a very real issue for us.

You're describing the Error 53 problem. If you mess with the fingerprint sensor—even just by disconnecting the ribbon cable—the update script notices and returns the error. As I mentioned above, it's a security measure to prevent someone from breaking into a phone by swapping out the fingerprint sensor.

You're describing the Error 53 problem. If you mess with the fingerprint sensor—even just by disconnecting the ribbon cable—the update script notices and returns the error. As I mentioned above, it's a security measure to prevent someone from breaking into a phone by swapping out the fingerprint sensor.

Understood. It has been my experience so far that there is no way to get past the fingerprint to open the phone regardless of changing the sensor even if for another Apple sensor. It will continue to work as before. You have to go into the menu, enter your PIN, then add or remove a fingerprint. I'd say the weakest point is the PIN if someone else knows it or can guess it before the phone locks itself for an hour. Of course, any security measure means absolutely zero if they can bypass it through a backdoor. I think Apple sees the backdoor issue as its own problem which once it begins to be used can be exploited if a "hacker" can get the protocols by hacking users like the government, for example. Apple's big selling point is that their phones are so secure compared to Android ... or so they say. Last job I had the company used Apple products exclusively because of their claim of secure platform.

If, IF, Apple didn't want anyone else to service their products then they shouldn't have made them so easy to work on. I'd rather have to change a screen or any other part on an Apple phone (including any 4 model) vs a newer Samsung or LG. The Samsungs and LGs come apart nicely until you get to the screens. Then we're talking about hot plates and heat guns to soften the adhesives. HTC made their phones so difficult to work on that few repair places, if any, want to work on them. No one wants to deal with foils that have ribbon cables attached to them that must be peeled away without tearing the thin, sensitive foils.

Again, this has been my own experience in the short time I've been involved in cellphone repair. Before that I pretty much didn't even know they could be repaired so easily. Now when people find out I do this for a living, the first thing they want to know is how to unlock the phone. That's when I tell them to take it to their carrier for service. Then they ask why. I just tell them that it's unethical and move on to another topic.

Agreed about the backdoor issue. It would be the camel's nose under the tent wall for government agencies and once it's out there, it's only a matter of time before it gets into the hands of the wrong people.

No to backdoor but I'll never have any sympathy for Apple. Apple is bricking their phones which have been repaired with parts other than Apple's and by people who are not affiliated with Apple. Imagine if you had to take your Toyota to the Toyota dealer for every service including oil changes. If you don't, Toyota shuts your down and it will not function.

Same here. What if Honda made their vehicle batteries integral to the vehicle so that when your battery died you had to buy a new Honda. Same with a nav upgrade. How many people would buy a new car because that was the only way to upgrade the nav OS?

Sorry, but that's not true.

actually, it's quite true. especially with any repairs that touch on parts related to the fingerprint scanner.

actually, it's quite true. especially with any repairs that touch on parts related to the fingerprint scanner.

Um, yeah, that's what I said. And I also pointed out that it's for security reasons. A compromised fingerprint scanner is on possible attack vector.

http://assets.amuniversal.com/832cd520bb8001334160005056a9545d

http://www.gocomics.com/robrogers/2016/02/21

Well, Carl ... you were right.

Well, Carl ... you were right.

Hey, there's a first time for everything.