On citation for original design intent, thought I read that in a news article back when they announced iOS8, but can't locate it now, so maybe I'm wrong. Your description of the encryption mechanisms is a bit off regarding Secure Enclave.
Apple’s implementation of security with A7+ processors and the Secure Enclave also uses ARM TrustZone architecture with rather complicated composition of encryption keys. But there is a hardware key specific to the Secure Enclave chip and cannot be accessed or queried outside of it (I’m ignoring expensive physical xray or FIB methods etc) and is unique to each device. A piece of this is generated whenever iOS is reset or reinstalled. The Secure Enclave is a separate chip built into the SoC running its own microkernel. This is different the standard TrustZone architecture. It does indeed have its own firmware and isn’t even based on iOS. It is updated separate from the rest of iOS. However, it does require similar update process and must be appropriately signed. You are right that this is a current weakness, but there is reason to believe Apple could alter the update process such that the Secure Enclave firmware could behave distinctly and require the PIN to be entered correctly or it wipes part of the key.
First, sorry about all the italics before, I was in a hurry and didn't close a tag.
I just disagree. Yes, the basic mechanism of applying an OS/firmware update is the same, but the details are different enough. Apple previously designed the passcode/encryption in a way specifically to allow them to comply with police warrants and requests. It wasn't something new they designed but already had for the purpose of complying with warrants. They changed that in iOS8 such that Apple no longer had access to the decrypted hardware key. They implemented security restrictions on brute forcing in the firmware and later in the Secure Enclave hardware. This request is to implement a backdoor/weakness in their security implementation that did not previously exist. The fact that is would be relatively easy for them to do so is irrelevant.
Although not definitively established yet, there is evidence that the Secure Enclave is firmware updateable without enter the PIN. I expect Apple will udpate this such that future firmware updates cannot be loaded without the PIN unless the hardware key is wiped. That should eliminate the feasibility of these requests.
What "hand it over"? Do you have any belief that there is not effectively an auto-copy escrow feature sitting at Verisign and GoDaddy and all the other SSL key vendors, for precisely this sort of access? And if there wasn't one planned, that there's not one embedded by the NSA and every other security agency that can afford a few bribes and a laptop p0wned inside their firewall?
I don't think SSL/TLS works the way you think it does.
These companies don't by "SSL keys", they buy signatures on their own public keys. No one should be giving their private keys over to a certificate authority in order to get a signed certificate.
Now, if you meant the CAs may have provided some sort of intermediate CA to the government so it could sign their own certs and masquerade as anyone and act as a MITM, than that is more likely.
I'm be more interested to know if they shared their private key for SSL/TLS. Since Apple's Safari (to the best of my knowledge) does not support perfect forward secrecy (PFS), someone recording the encrypted session could later decode the session contents if they ever acquired the private key at any point in the future. The conversation might go like this:
I should point out that IE doesn't support PFS either, so Microsoft could be in the same boat. I think Chromium and Opera support PFS, but I'm not 100% certain.
(This is not my field of study, so if I have this wrong, I'd appreciate a correction.)
PFS is dependent on the cipher suite that is used. Safari and IE both *do* support some PFS suites, but not all PFS capable cipher suites. And for those they do like, they seem to prefer them less than some non PFS cipher suites. Safari seems to be better than IE at this as they support more suites but the non-elliptic-curve ones are used only as a last resort. So, the problem is web servers respecting the browser's preferences will end up selecting a non-PFS cipher suite even if the web server itself does support some PFS cipher suites.
So Safari/IE need to start favoring the PFS ones and/or web servers need to start only accepted the PFS suites.
Netcraft has some good research on the area.
What investigation is the data collection relevant to? The government admits they are collecting the data to search through it in the hopes of finding something to investigate.
Regardless, the constitution is the supreme law of the land. Any law or action that violates the constitution is itself illegal. The government's actions clearly violate the fourth amendment.
I hope the ACLU suit succeeds or that Congress decides to fine tune the law (lol). But from the NSA's perspective, (or so I've heard from a talk by Gen. Alexander) they believe they are authorized to collect the data, but they "have a system in place" to protect access to the data. They require some sort of FISA court approval to actually search and use the data (which as I understand, the FISA court is basically a rubber stamp). He also referenced a specific number of times it had been accessed and how many terrorist events it provided information on (51 or so I think, don't remember the other numbers).
The fourth amendment isn't even being considered seriously because in 1989 the Supreme Court already ruled that a minimal invasion of privacy was justified in the government's need to combat an overriding public danger (the case was about drug testing of railway workers), but it has been interpreted, well.. broadly. The FISA judges have ruled that the NSA's collection and examination of communications data to track potential terrorists doesn't run afoul of the fourth amendment.
I don't see a clear path would put this in front of the Supreme Court to challenge it on constitutional grounds. Nobody can claim they have standing unless they know their information was accessed and no one knows that because the info is classified. catch-22 of sorts.
Ammendment IV of the constitution: "Every subject has a right to be secure from all unreasonable searches, and seizures of his person, his houses, his papers, and all his possessions."
Blanket storage of metadata easily falls under this by any honest interpretation of its meaning. Therefore cannot be authorized by anything, not even an act of congress. These people have betrayed us, along with everyone who follows their illegal commands.
Then it should be challenged in court (the Patriot Act). Another commenter posted that the ACLU is challenging the NSA over its interpretation of the Patriot Act, but no one is challenging the activity on constitutional grounds (largely because of a 1989 Supreme Court "finding that a minimal intrusion on privacy was justified by the government’s need to combat an overriding public danger.")
Devils advocate for the NSA: Actually, this is from Gen. Alexander of the NSA directly when he spoke at an AFCEA conference I was attending: They are only collecting the data. In order to access or search it, they require a FISA court approval. (but which they almost always get)
If all else fails, lower your standards.