The United States participates in an emergency notification service called AMBER (America's Missing: Broadcasting Emergency Response). An AMBER alert usually lets citizens know when police are tracking a missing person and there is information that this person may be in your area. Apple has included AMBER alert notifications, as well as other emergency government notifications like Emergency Alerts and Public Safety Alerts, on all iPhones, including yours.

Depending on the nature of the alert, which can include child abductions and impending natural disasters, it's a great feature that can prevent injury and save lives. Many lives. So, by their nature, these alerts don't respect Do Not Disturb settings. They NEED to get through.

That can be shocking, however, especially if they happen when you're sleeping, driving, or otherwise not expecting a loud noise to come from your iPhone 13. That's why, ultimately, AMBER and other alerts work at your discretion. They are all on by default, but you can decide which alerts you want to keep on or turn off. Here's how.

How to control AMBER and government alerts on your iPhone

1. Launch the Settings app on your iPhone
2. Tap on Notifications and scroll all the way to the bottom

3. Under the Government Alerts section, toggle the AMBER Alerts and Public Safety Alerts options on or off to enable or disable them
4. Tap Emergency Alerts and then choose whether you want to receive them or not, and if so, whether you want it to Always Deliver or not. If Always Deliver is off, then emergency alerts will not play a sound when your iPhone is in Silent Mode

Turning off AMBER and other alerts can cost lives, including yours. If a natural disaster is coming your way, and you don't know about it, you have no way to save your life or the life of your family.

That's why they're loud and shocking. They're meant to get your attention, instantly — and big, loud, and noisy is the way to do that.

So, while you can disable them, you shouldn't. Not unless you have some other way to be reliably alerted about emergencies.

If you have an Android device or Windows Phone or know someone who has them, you should make sure that AMBER and other government alerts are also active on those too.

Better safe than sorry!

Keeping your AMBER and other alerts on is important and potentially life-saving. Apple also offers several other easy-to-use safety features on all its devices. Emergency SOS is one of those safety features, and it's been known to save lives on both iPhones and Apple Watches. Triggering it is super simple. All you have to do is follow the steps in our Emergency SOS guide.

If you own an iPhone 14 model, such as the best iPhone at the moment, the iPhone 14 Pro Max, you'll also have access to Crash Detection, a lifesaving feature if you're ever involved in a car crash.

Additionally, depending on which version of iOS you're using, Emergency SOS can also reach out to your emergency contacts via your iPhone and send the device's last known location.

So make sure you've set AMBER alerts up correctly because you never know when you might need them, and it's always better to be safe than sorry.

The CLOUD Act — Clarifying Lawful Overseas Use of Data — is a set of regulations currently in the process of being passed by the U.S. government and signed into law as part of the Omnibus Spending Bill release on March 21, 2018.

It's raised concerns from numerous civil rights organizations, including the ACLU:

Specific objections have been enumerated by the Electronic Frontier Foundation:

• Includes a weak standard for review that does not rise to the protections of the warrant requirement under the 4th Amendment.
• Fails to require foreign law enforcement to seek individualized and prior judicial review.
• Grants real-time access and interception to foreign law enforcement without requiring the heightened warrant standards that U.S. police have to adhere to under the Wiretap Act.
• Fails to place adequate limits on the category and severity of crimes for this type of agreement.
• Fails to require notice on any level – to the person targeted, to the country where the person resides, and to the country where the data is stored. (Under a separate provision regarding U.S. law enforcement extraterritorial orders, the bill allows companies to give notice to the foreign countries where data is stored, but there is no parallel provision for company-to-country notice when foreign police seek data stored in the United States.)
• The CLOUD Act also creates an unfair two-tier system. Foreign nations operating under executive agreements are subject to minimization and sharing rules when handling data belonging to U.S. citizens, lawful permanent residents, and corporations. But these privacy rules do not extend to someone born in another country and living in the United States on a temporary visa or without documentation.

I'm by no means an expert in this area. I'm also not an American. I, like many others around the world, have lived the vast majority of my life with most of our data stored by U.S. companies, on U.S.-based servers, subject to U.S. law enforcement uses and abuses, and under the jurisdiction of U.S. courts.

But I've spent a better part of the day looking into the CLOUD Act and what it may mean for Apple and Apple customers. And, perhaps my perspective from outside looking in, will be of interest.

Why is Apple, which has called privacy a human right, supporting the CLOUD Act?

Apple, along with Microsoft, Google, and Facebook, sent a letter of support to U.S. Senators Hatch, Coons, Graham, and Whitehouse, which said:

Microsoft's president, Brad Smith, has also spoken out directly:

(Microsoft and the U.S. Government are currently arguing the issues covered by CLOUD Act in front of the U.S. Supreme Court.)

If I had to guess about Apple and the other tech companies, my guess would be that they see some even more disturbing writing on the wall:

1. Other countries, outside the U.S. are growing increasingly frustrated over how long it takes to get data on their citizens from U.S. tech companies under existing Mutual Legal Assistance Treaties (MLATs).
2. China has already passed laws forcing companies like Apple to relocate the data of their citizens to data centers located and owned and operated by companies on their soil.
3. There is increased pressure from some nations, including the U.S. and those in the E.U. to restrict the use of encryption or create backdoors to make data more accessible to law enforcement and government agencies.

There are legitimate concerns about CLOUD Act but having to respond to each and every countries laws and demands, when those laws could require the repatriation of data, or the exiting of markets in the face of mandated insecurity, could well be seen as much, much worse by the major tech companies.

How will CLOUD Act affect the data transited or stored by Apple? Will Apple be required to keep more personal data for longer? To unencrypted currently encrypted services?

Far as I can tell, there is nothing in CLOUD Act that changes anything about what personal data Apple has and how its transited or stored.

Your iCloud messages that were encrypted pre-CLOUD Act will still be encrypted post-CLOUD Act. And no data will be stored after CLOUD Act that wasn't stored before CLOUD Act.

Since Apple isn't in the business of data harvesting, hoarding, or exploiting, it could potentially have a smaller footprint or smaller risk to customers than companies whose businesses do depend on persisting customer data.

Will CLOUD Act result in lowest-common-denominator privacy protection, where the laws of the least respectful nation will win out?

The version of the CLOUD Act currently being voted on requires the Secretary of State and the Attorney General of the United States to certify that any country entering into the CLOUD ACT "affords robust substantive and procedural protections for privacy and civil liberties."

That includes:

• Protection from arbitrary and unlawful interference with privacy
• Fair trial rights.
• Freedom of expression, association, and peaceful assembly.
• Prohibitions on arbitrary arrest and detention.
• Prohibitions against torture and cruel, inhuman, or degrading treatment or punishment.

CLOUD Act also prohibits countries from using surveillance orders to chill freedom of speech, and — likely very important to Apple given the San Bernardino case — language that discourages governments from using this process to mandate U.S. companies create backdoors to compromise the security of their operating systems and devices.

Doesn't CLOUD Act take oversight away from the legislative branch and hand even more power to the executive branch?

It certainly seems to, especially in earlier versions. The version of CLOUD Act being voted on now includes new provisions for Congress to:

• Review new bilateral agreements for up to 180 days.
• Review changes to existing agreements for up to 90 days.
• Require written certification and explanation for how countries pass certification.
• Fast-track disapproval of bilateral agreements.

What about judicial oversight? Isn't CLOUD Act just a way to get around the courts?

Yes and no. I sincerely think Americans have gotten used to being the center of the technology world and don't really think about how things work beyond their borders.

For years, those of us outside the U.S. have had our data be subject to U.S. laws and courts. While some inside the U.S. might think that's great, in the post-Snowden, post-San Bernadino era it's simply not anything any fair-minded person can consider ideal. CLOUD Act mandates that any surveillance order issued by any country part of the agreement must be both individualized and "subject to review or oversight by a court, judge, magistrate, or other independent authority," and that this review must be "prior to, or in proceedings regarding, enforcement of the order."

It's totally understandable that some in the U.S. may consider privacy laws outside the U.S. to be problematic. Just understand that those of us outside the U.S. may consider U.S. privacy laws to be just as problematic.

But CLOUD Act just makes it easier for governments to access U.S.-based data?

I think that's part of the point. Again, other countries have grown increasingly frustrated with how long it takes to get data on their citizens from U.S. based companies.

Now, they're considering laws to try and force U.S. companies to hand over data without any regard to privacy, or to repatriate data so they can access it directly.

CLOUD tries to avoid that by establishing a reasonable, agreeable process in a way that's certainly not ideal but may just be workable.

That includes the certification process, the requirement for independent oversight and individualized orders, reasonable justification, and in response to "serious" crimes.

Doesn't CLOUD Act allow non-U.S. countries to wiretap inside the U.S. in a way even U.S.-based law enforcement can't?

Potentially, yes. Here are the restrictions under the CLOUD Act:

• Other governments are explicitly forbidden from surveilling a U.S. person directly or indirectly.
• Surveillance orders have to of fixed and of limited duration.
• Surveillance can only occur when it's reasonably necessary and the information being sought can't be reasonably obtained using less intrusive methods.

That's a lot of "reasonably" wiggle room but my understanding — as not a lawyer or legal scholar! — is that the CLOUD Act parallels the Wiretap Act, swapping the limitation to a list of predicate offenses for a restriction to serious crimes.

What that means in practice we'll likely only find out when it's implemented and challenged.

But won't U.S. data be collected alongside non-U.S. data? Isn't that unavoidable?

It certainly sounds like it. But CLOUD Act has several provisions to protect against that:

• Prohibits directly targeting of U.S. persons' data by non-U.S. governments.
• Prohibits asking a CLOUD Act certified country to target a U.S. persons' data.
• Prohibits targeting a non-U.S. persons' data for the purpose of collecting a U.S. persons' data (for example, their shared communications).
• Prohibits the dissemination of a U.S. persons' data except where there is evidence of a serious crime.

It's the nebulous nature, and potential for abuse of that last one, that's probably the greatest concern, because…

There's nothing to ensure other countries — or any country! — really follow those rules, though, is there?

There's the U.S. government. But, real talk time: There's nothing to ensure any country really follows any rule, as we've seen all too terrifyingly over the last decade.

But that doesn't mean you stop having laws and agreements. It means we all have to do a better job holding all governments accountable.

So why is everyone from the ACLU to the EFF so against CLOUD Act?

Because that's literally their job. Those organizations exist only and completely to protect the civil rights, including the privacy rights, of Americans and people around the world.

That stand in stark and necessary opposition to those in government and law enforcement who believe that the fewer rights we have, the better they can protect the state — and maybe us.

And we need the ACLU, EFF, and others to do this. Desperately.

Is there a way to limit exposure under CLOUD Act?

Potentially. Again, since Apple's business doesn't depend on harvesting, hoarding, and exploiting user data, it doesn't need to persist that data. It can use end-to-end encryption and not store anything longer than it absolutely has to.

If you're especially concerned, you can do things like:

• Disabling iCloud backup, which is safety rather than security focused, and keep encrypted backups locally.
• Disabling sync services that need to keep a copy of your data on the cloud (though this may be incredibly inconvenient).
• Delete old mail messages off the iCloud servers, keeping local, encrypted backups of anything you really need.

So, CLOUD Act?

In an ideal world, countries would be racing to have the best and most complete privacy laws possible and it would be law enforcement that was continually complaining about how much work it had to do and hoops it had to jump through to access anything and everything even remotely personal.

But, I fear we're increasingly looking at a scared world. At a withdrawn world. At a world that's nationalistic and intrusive. And that was ill-prepared for the realities of the internet and pocket-sized, perpetually connected devices.

So, CLOUD Act.

I have grave concerns about it. I'm guessing Apple does as well. But I have grave concerns about how things have been handled up until this point, and even graver concerns about how things may be handled in the future, given data repatriation, the assault on encryption, and the continued cries for backdoors.

Whether CLOUD Act really is the pragmatic compromise tech companies hope it will be, we'll have to wait and see.

Could the Trump White House be pondering a nationalized 5G network? Yes, it's distinctly possible. But it's also highly unlikely to happen and the story is being blown dramatically out of proportion.

The latest Twitterverse kerfuffle was kicked up by an Axios report alleging consideration of "an unprecedented federal takeover of a portion of the nation's mobile network to guard against China". That's an alarming claim, no matter what side of the political aisle you're on. Axios is a relatively new publication, but they've made a name for themselves since their 2016 launch with a number high profile exclusives and well-sourced and researched pieces. This 5G report is well-sourced, but also takes a number of alarmist steps that ignore how the U.S. federal government actually functions.

Here's what Axios is reporting:

Axios goes on to describe two options laid out in the report: that the government builds its own 5G network or that the various competing carriers in the US build their own. It's worth noting that this is a proposal made by a single NSC member. This is how the government is supposed to work. The NSC is just one of many competing interests in the federal government, and its mandate is to advance strategies to maintain and enhance the security of the United States. It would indeed be in the national defense interests of the U.S. military to have a government-controlled high-speed low-latency nation-wide wireless network — rapid and clear communication is vital for successful military operations, and a 5G network would be enormously useful in that.

But... the NSC is still just one of many loud voices in the United States government. The Departments of State and Commerce and Justice would all have competing opinions on the proposal for a federal network, from international trade implications to pushback from the carriers that spend billions on lobbying. Not to mention the cost of such an endeavor.

There is historical precedent for large investments that would support both military operations and civilian needs. The Interstate Highway System was funded by the federal government not just to dramatically improve inter-state travel and commerce — the primary impetus for its creation was the need to be able to quickly deploy military force throughout the United States in the event of a foreign invasion. The constellation of GPS satellites we rely on for navigating the world today is a U.S. Air Force project that was originally built for military purposes (and the government still has a switch to downgrade GPS accuracy for non-U.S. military users if deemed necessary).

Talk of a federally owned communications cellular network has been going on for decades, but it was kicked into high gear after the September 11, 2001 terrorist attacks. The strikes on New York City and the Pentagon didn't just reveal the unpreparedness of the United States for such an unsophisticated attack — it also exposed weaknesses in the civilian-owned and operated cellular networks of the time. On that day the cellular networks in New York and DC were overwhelmed by the sheer number of users trying to access services — and that was well before today's high-speed wireless internet services.

The biggest pushback would come from cellular network operators. Every U.S. carrier has already invested heavily in 5G, from research to live regional tests to making preparatory upgrades to their transmission infrastructure to handle the eventual roll-out of 5G-capable transceivers and consumer devices. Billions of dollars have already been laid out with the expectation that there will be much more invested in the networks and billions more reaped in profit. You can be certain that Verizon, AT&T, T-Mobile, and Sprint have already contacted their lobbying firms to communicate their displeasure.

Specialized equipment has long been a part of the military's inventory. Just this weekend the story of expensive new refrigerators for Air Force One provoked outrage once the context of what the purchase actually consisted of (five bespoke flight-grade walk-in cooling units to store up to 3,000 meals on what is essentially a flying White House). Equipment like tanks and aircraft carriers and grenades is all exclusively manufactured for the military, to its specification. But the military has long also used off-the-shelf civilian hardware when it meets its needs and costs. Walk into the Pentagon and you'll find government-issued HP and Dell laptops and officers walking around with issued iPhones running on Verizon and AT&T.

The United States has long had an interplay between the needs of the federal government and the civilian population. Sometimes there are things that only the government could effectively fund, organize, and operate, like the interstate system or GPS satellites. The costs behind those become easier to justify when they're also available to civilian users. Conversely, there are things the civilian market is far better at — AT&T, Verizon, Sprint, and T-Mobile all have enormous expertise in cellular networks, they've already made huge investments in their network infrastructure that they'll be able to leverage in building their 5G networks, and they're already responsive to the needs of their customers — both civilian and government.

This proposal was dead in the water before it was ever presented. It's almost amusing, following the Trump administration's push against Net Neutrality being framed as unleashing the potential of web services and internet providers, to now see a proposal to create a national 5G network that the government would then lease to the carriers.

It's worth repeating: this is just a proposal from one part of the government. Axios notes that it was already presented to other agencies, where I have no doubt it was met with significant resistance, if not outright derision. After all, the Trump government is supposed to be one that gets out of corporate business (for better or worse), and "we're going to build a 5G network and you'll just rent access from us because we're the federal government" runs 100% counter to that.

There's much the government could do to promote and accelerate the development and deployment of 5G networks in the United States, though it'd have to come with oversight than the billions of government subsidies paid to Verizon for a fiber network it never built. Grants to ensure deployment into rural areas, subsidies for low income access, regulation clean-up to ease the way for new installations, funding of university and corporate research projects in artificial intelligence and domestic development of these technologies — all of this is already within the wheelhouse of what the federal government can do, and sometimes already does.

Proposals like this are just how the government works. The military side of the equation is going to propose everything they can think of to ensure the most efficient and most effective military they can imagine, while the diplomats will propose their own missions and initiatives to promote their goals, and the economists are going to come with an entirely different set of proposals about trade and monetary policy and financial regulations. These will all be simultaneously complementary and contradictory. This is the nature of government — a dozen departments with competing goals in different arenas jockeying for limited resources. Their proposals are just part of what feeds into the decision-making process of the President and Congress, which are supposed to strike a balance between the needs of the military, business, international partners, civilians, and (of course) politics.

I would be utterly shocked if a government-owned 5G network ever comes to fruition. It'd be massively expensive and inefficient, not to mention well outside the government's expertise and capability. It'd also see immediate and costly legal challenges, not to mention stand on legally tricky ground when the carriers have already paid billions to the government for the frequency licenses they need to deploy their own 5G networks.

The government would also have to pay for this somehow, and after a $1.5 trillion-dollar tax cut, there's not a lot of spare cash laying around for GovCell.

Updated 10:33 a.m. 29 January 2018: Here's a statement from FCC Commissioner Ajit Pai, who also says it ain't gonna happen:

Updated 12:29 p.m. 29 January 2018: The White House is also denying the Axios report in comments to Recode:

A group of about a hundred French activists gathered together to occupy the Paris Apple Store near the Paris Opera for several hours this past weekend in an attempt to shame the tech company into paying the billions the European Union (EU) says it owes in back taxes. The activists were from an anti-globalization group called Attac, and they held multiple other peaceful protests across Paris in addition to the Apple Store occupation. According to international news agency Agence France-Presse, Attac spokesperson Aurélie Trouvé said they refused to leave the premises until they were granted a meeting with company higher-ups:

All of this was in response to the EU's August 2016 claim that Apple has accrued a debt of €13 billion ($14.5 billion US) in dodged taxes by taking its earnings and processing them through multiple different nations, including the island of Jersey — an independently administered Crown dependency that often doesn't tax corporate income and is, for the most part, not subject to EU tax regulations. Apple, however, maintains that it has followed the laws of each country in which it operates.

This isn't the first time Attac has attempted to battle Apple's supposed tax-evading practices — the group also held a protest last month after the release of Apple's newest flagship device, the iPhone X. They reportedly dumped a bunch of apples (the fruit, not the tech) in a demonstration in Aix-en-Provence as members held signs demanding Apple pay what it owes to the EU.

As of yet, Apple France hasn't commented on the incident.

Thoughts?

What are your opinions on this issue? Share them with us in the comments.

Heart-monitoring technology company AliveCor announced in a press release today that its Apple Watch accessory — called the KardiaBand — has officially been cleared as a medical device by the FDA, making it the first Apple Watch accessory to be FDA-approved. The band replaces the user's normal Apple Watch band, and uses sensors in tandem with AliveCor's Kardia app to monitor their heart rate and do EKGs on the fly. A mobile accessory that correctly monitors abnormal heart rhythms is a big deal, whether you have a preexisting heart condition or not — Atrial Fibrillation (AFib), the most common heart arrythmia, is a leading cause of stroke, and you may not even know you're experiencing it.

Dr. Ronald P. Karlsberg, board-certified cardiologist and clinical professor of Medicine at Cedars Senai Heart Institute and UCLA's School of Medicine, stressed the importance of technology like the KardiaBand in a statement:

The band itself is very nondescript, and is made of black thermoplastic polyurethane with a stainless steel sensor module that rests just beneath the Apple Watch device. To take an EKG, all you have to do is sit down comfortably, relax, and press your thumb to the sensor for 30 seconds. The results are displayed on the face of the watch within the Kardia app.

In addition to the band, AliveCor also introduced SmartRhythm, a new feature within the Kardia app that uses artificial intelligence and Apple Watch's heart rate and activity sensors to continuously evaluate your heart rate. When it detects that heart rate and activity aren't matching up — i.e., you're sedentary but your heart rate is going crazy — it notifies you to capture an EKG with your KardiaBand ASAP to make sure nothing fishy is going on.

If you'd like to get a KardiaBand to keep an eye on your heart's rate and rhythm, you can grab one for $199 from the AliveCore website. Sure, it's a little pricey, but it's $300 less than that Hermès band you've been thirsting after, and it may save your life.

See at AliveCor

Thoughts?

What do you think of AliveCor's KardiaBand? Do you feel it would be beneficial to you? Share with us in the comments.

In a post published on Twitter's official blog today, the company continued the discussion of their approach to bots and misinformation that they started earlier this summer. This time, though, Twitter's Public Policy team focused more on their findings with respect to Russian attempts to undermine the democratic process.

The company said that it discovered upwards of 200 Twitter accounts affiliated with the Russian government, and three of those, which are connected to news site Russia Today, had purchased a multitude of ads targeted at the U.S. market in 2016:

Twitter also touched on how it responds to any activity that impedes the voting process:

However, Twitter's blog post wasn't all about current political events. In addition, the company wanted to remind its users that its battle against dangerous misinformation isn't singularly focused:

The social media giant also further clarified its methods for dealing with malicious bots, spam-like human-directed accounts, political advertising, and those who attempt to game trending topics.

For more detailed information concerning this issue, visit Twitter's blog.

In a press release today, the Food and Drug Administration announced the list of companies chosen to be a part of its new pilot program that allows said companies to get pre-clearance for the creation of innovative health technology. Outside of Apple, the companies selected were FitBit, Johnson & Johnson, Pear Therapeutics, Phosphorous, Roche, Samsung, Tidepool and Verily. These companies now get to "jump the line" re: formal approval processes as long as they provide the FDA with access to their methods for testing and scrutinizing their software and facilities.

FDA Commissioner Dr. Scott Gottlieb stated that the program was created in order to better and more quickly facilitate advancements in the field of medical technology:

In the case of Apple specifically, this could mean more rapid improvement of the health-based features of the Apple Watch — the heart rate monitor, for instance. According to Apple Insider, there have also been some fairly recent rumors that Apple has hired a team of biomedical engineers to develop a non-invasive method of testing an Apple Watch wearer's glucose levels. That way, individuals with or at risk for diabetes could more efficiently monitor their health without the fuss of strips and extra devices.

Questions?

What do you think about the FDA's new program? If you're someone who frequently uses the health-related features on your device, do you feel that the program is a positive or negative for you? Give us a shout in the comments.

DACA is a vital program that protects individuals who immigrated as children from deportation and authorizes them to work in the United States. If no legislation solution takes DACA's place soon, these individuals will be subject to immediate deportation and gradual termination from work and school.

Check back throughout the day — we'll be adding more tech company responses as we come across them.

Apple

In an email obtained by iMore, Apple CEO Tim Cook said that he pledges to support Apple employees affected by the DACA repeal. Because Trump is phasing out the DACA program over the next six months to give Congress time to replace it, Cook stated that Apple will work with Congress to come up with legislation that still allows for the protection of immigrants and their children. The letter is as follows:

Team,

America promises all its people the opportunity to achieve their dreams through hard work and perseverance. At Apple, we've dedicated ourselves to creating products that empower those dreams. And at our best, we aspire to be part of the promise that defines America.

Earlier today, the Justice Department announced that President Trump will cancel the Deferred Action for Childhood Arrivals (DACA) program in six months if Congress does not act to make the program permanent.

I am deeply dismayed that 800,000 Americans — including more than 250 of our Apple coworkers — may soon find themselves cast out of the only country they've ever called home.

DACA recognizes that people who arrived in the United States as children should not be punished for being here illegally. It lets these Americans, who have successfully completed rigorous background investigations, go to school, earn a living, support their families, pay taxes and work toward achieving their dreams like the rest of us. They are called Dreamers, and regardless of where they were born, they deserve our respect as equals.

I've received several notes over the weekend from Dreamers within Apple. Some told me they came to the U.S. as young as two years old, while others recounted they don't even remember a time they were not in this country.

Dreamers who work at Apple may have been born in Canada or Mexico, Kenya or Mongolia, but America is the only home they've ever known. They grew up in our cities and towns, and hold degrees from colleges across the country. They now work for Apple in 28 states.

They help customers in our retail stores. They engineer the products people love and they're building Apple's future as part of our R&D teams. They contribute to our company, our economy and our communities just as much as you and I do. Their dreams are our dreams.

I want to assure you that Apple will work with members of Congress from both parties to advocate for a legislative solution that provides permanent protections for all the Dreamers in our country.

We are also working closely with each of our co-workers to provide them and their families the support they need, including the advice of immigration experts.

On behalf of the hundreds of employees at Apple whose futures are at stake; on behalf of their colleagues and on behalf of the millions more across America who believe, as we do, in the power of dreams, we issue an urgent plea for our leaders in Washington to protect the Dreamers so their futures can never be put at risk in this way again.

Despite this setback for our nation, I'm confident that American values will prevail and we will continue our tradition of welcoming immigrants from all nations. I'll do whatever I can to assure this outcome.

Tim

Cook also expressed his support for Dreamers and DACA on Twitter.

Google

Sundar Pichai, Google's CEO, showed his support for Dreamers and his desire to protect DACA on Twitter.

Spotify

Spotify is standing against the DACA repeal by releasing a playlist featuring empowering songs and encouraging messages from artists who wish to stand in solidarity with the 800,000 Americans affected. The playlists features musicians such as Logic, DJ Khaled, Demi Lovato, Juanes and Jared Leto.

Facebook

Facebook's Mark Zuckerberg called for the president to keep the DACA program in place with a post on his Facebook page. He emphasized that Dreamers deserve the chance to contribute to their country and community.

Microsoft

Microsoft President Brad Smith also joined the ranks of those supporting Dreamers. In a blog post, he stated that protecting those affected by the DACA repeal is an issue more pressing than tax reform. He also asserted that that Dreamers are an integral part of our nation's fabric and called other tech companies to defend their legal rights as well.

Microsoft CEO Satya Nadella also shared some words on Twitter:

IBM

Tech giant IBM shared their desire to protect those affected by the DACA repeal with a series of tweets and retweets, beginning with this statement showing their support.

Uber

Uber CEO Dara Khosrowshahi shared her thoughts on the DACA repeal in a tweet:

Mozilla

Mozilla, creator of browser Firefox, released a statement on its blog in support of the young Americans who benefit from DACA.

Verizon

Verizon Executive Vice President Craig Silliman posted a statement to the news section of Verizon's website citing the Dreamers as "800,000 reasons why diversity matters."

The statement was also shared to the Twitter account of Verizon's public policy team.

Tech Industry

Several companies, including some of those listed here, also sent a letter to Trump on Aug. 31 to discourage the president from repealing DACA. You can read the full text of the letter here.

Learn more about DACA and the Dreamers movement here.

Ninety-seven U.S. companies, including Apple, Google, Microsoft, Facebook, Twitter, Snap, Netflix, Uber, and non-tech companies including Levi Strauss & Co., have filed an amicus brief in the Ninth Circuit Court of Appeals condemning President Trump's executive order on immigration.

Reuters:

Bloomberg:

Over the weekend, the ninth circuit court of appeals declined to lift a temporary restraining order, put in place by a U.S. district judge at the request of the states of Washington and Minnesota, preventing the continued enforcement of the Trump administration's executive order.

Apple's original response to the order, sent out as internal memo, read in part:

Over the last few years Apple has been increasingly vocal in their support for personal privacy, civil rights, and equal opportunity, so being part of this action comes as no surprise.

The bigger question remains how public and how personal Apple, a company co-founded by the biological son of a Syrian immigrant, chooses to make the issue as they continue to oppose it.

Here's the full list of 97 companies, via TechCrunch:

• AdRoll
• Aeris Communications
• Airbnb
• AltSchool
• Ancestry.com
• Appboy
• Apple
• AppNexus
• Asana
• Atlassian
• Autodesk
• Automattic
• Box
• Brightcove
• Brit + Co
• CareZone
• Castlight Health
• Checkr
• Chobani
• Citrix Systems
• Cloudera
• Cloudflare
• Copia Institute
• DocuSign
• DoorDash
• Dropbox
• Dynatrace
• eBay
• Engine Advocacy
• Etsy
• Facebook
• Fastly
• Flipboard
• Foursquare
• Fuze
• General Assembly
• GitHub
• Glassdoor
• Google
• GoPro
• Harmonic
• Hipmunk
• Indigogo
• Intel
• JAND d/b/a Warby Parker
• Kargo
• Kickstarter
• KIND
• Knotel
• Levi Strauss & Co.
• LinkedIn
• Lithium Technologies
• Lyft
• Mapbox
• Maplebear d/b/a Instacart
• Marin Software
• Medallia
• Medium
• Meetup
• Microsoft
• Motivate International
• Mozilla
• Netflix
• Netgear
• NewsCred
• Patreon
• PayPal
• Pinterest
• Quora
• Reddit
• Rocket Fuel
• SaaStr
• Salesforce
• Scopely
• Shutterstock
• Snap
• Spokeo
• Spotify
• Square
• Squarespace
• Strava
• Stripe
• SurveyMonkey
• TaskRabbit
• Tech:NYC
• Thumbtack
• Turn
• Twilio
• Twitter
• Turn
• Uber
• Via
• Wikimedia Foundation
• Workday
• Y Combinator
• Yelp
• Zynga

On Friday, January 28, U.S. President Donald Trump issued an executive order on immigration that could profoundly affect the employees of Apple and other major U.S. tech companies, especially those born in Iran, Iraq, Libya, Somalia, Sudan, Syria and Yemen, including people with valid green cards and H-1B visas who have already gone through the vetting process.

Tim Cook sent out an internal memo to Apple employees, originally obtained by MacRumors. It includes the following:

Cook also tweeted the following:

Apple and Cook have been front-and-center on the issues of privacy and equal opportunity over the last several years, so it's great to see them continuing to share their vision on social and legal issues. And, as Wikipedia reminds:

Google's Sundar Pichai also sent out a memo to employees, obtained by Bloomberg:

Android Central adds:

Microsoft's Brad Smith, as quoted by Windows Central:

CEO Satya Nadella added on LinkedIn:

Facebook's Mark Zuckerbook posted:

Buzzfeed is keeping a rolling record of other reactions from Silicon Valley and the leaders of major technology companies.

Update: Switching off comments since they've sadly turned petty and personal again. iMore covered Apple's reactions to social issues in the past, including with NSA, FBI, and equal opportunity. We'll continue to do so in the future. This isn't "politics", it's person people and it's international.

App Store prices will soon rise by 25% for Brits, following the latest dip in value of the British pound. Sterling has been steadily declining since the UK voted to leave the European Union last June, and as The Guardian reports, citing an email sent to developers, Apple will raise app prices over the next seven days to reflect the weakening of the pound.

It's likely Apple's other content platforms will see similar price rises in the days ahead, putting them in line with U.S. prices in numerical terms.

In recent days the pound has dipped below U.S. $1.20 — the latest historic low for the currency, which stood at around $1.47 immediately before the Brexit vote. The latest depreciation came ahead of a major speech from prime minister Theresa May, in which she outlined plans to leave the European single market. Shortly after, the pound recovered slightly to $1.24.

A one-to-one conversion between pound and dollar prices on the App Store is significant, underscoring the diminished pound relative to the strong U.S. dollar. In its statement to The Guardian, Apple notes that "business practices, taxes and the cost of doing business" also affect its local prices, as well as currency fluctuations.

It's just the latest tech-related price rise to come following the Brexit vote. In October Mac prices were raised by around 20% as the pound continued its post-referendum slide. Elsewhere, PC makers like Dell, HP and Microsoft hiked prices shortly after the vote, as did Android phone maker OnePlus.

So these latest price rises should come as no surprise. Though it's likely a sign that Apple, like many other international firms doing business in the UK, wishes to insulate itself against any further drop in the pound — and that it doesn't see the currency returning to its pre-Brexit level anytime soon.

The biggest story of last year was the FBI trying to force Apple to compromise iOS security by creating a "back door" into iPhone and iPad. Less than technically savvy people insisted that, if they and only they had the "key" there'd be no risk of hackers, criminals, or other, less-than-friendly governments getting it. Apple CEO, Tim Cook, and just about everyone else knew there'd be no stopping it.

Maya Kosoph, writing for Vanity Fair:

Joseph Cox, writing for Motherboard, has the details:

It's not a question of whether or not a government "backdoor" would be similarly compromised. It's simply a question of how fast.

2016 is where we saw the right to digital privacy begin to play out on the legal stage. That's only going to continue in 2017. Nothing has been settled and no political party in any major region, regardless of its social or fiscal policy, has shown anything other than a desire to collect even more of our data, legally and otherwise.

Britain has just passed its Snooper Charter and the U.S. has just increased surveillance powers.

It's very likely the only people we'll be able to count on to protect our privacy going forward is us.

In just a couple of hours, Americans will make history by officially electing their very first woman for president, or a living, breathing tangerine man (kidding, that was a joke. Good luck, Donald!).

If you don't have cable, don't fret! There are plenty of options online to consider. Here's a list of the best places to catch the play-by-play of this monumental event.

• Live Right Now
• Youtube Streams
• Stream with Apple TV
• Best Apps for Streaming
• Interactive Election Maps
• Clinton-specific Streams
• Trump-specific Streams

Live Right Now

Jump into the #electionaction right away with news sources like Reuters TV, CBS, and Politico. These live feeds will keep you up to date on all the latest information and should be continuously streaming content throughout the day.

• Reuters TV
• CBS
• Politico

YouTube Streams

Most of these YouTube streams won't start until a bit later, so we let you know the specific times for each one. YouTube streams are great because you can play them on your iPhone, iPad, MacBook — wherever! Here are a couple of streams starting later from NBC, ABC, Bloomberg Politics, PBS, and even MTV.

Stream with Apple TV

CBS, ABC, CNBC, PBS, and CNNgo all have streaming options available for your Apple TV, but by using the Twitter livestream, you can easily watch the election with your Apple TV, too!

Best Apps for Streaming

It even keeps streaming when you lock your iPhone so you never miss a moment!

Interactive Election Maps

Interactive election maps are really great tools to keep yourself up-to-date with voting and information as it comes in in real-time. Check out CNN, Politico, and 260 To Win's maps for a little more hands-on election coverage!

• CNN
• 260 To Win
• Politico

Clinton-specific Streams

Hoping Hillary Clinton makes history as the first female president ever? Then watch her specific watch party here!

Trump-specific Streams

Rooting for Donald Trump to make America great again? Then check out his watch party from Fox News here!

What's your pick?

Is there a way you've been watching the election that we haven't mentioned? Let us know in the comments below!

A number of Australian banks are said to be renegotiating with Apple over terms for bringing Apple Pay to those institutions, following the success ANZ Bank has seen thanks to the program. ANZ, which signed on with Apple Pay at the end of last month, has seen a surge in the number of credit and debit card applications, which it credits to its deal with Apple.

The Sydney Morning Herald reports:

Australian banks have been historically reticent regarding Apple Pay, with the primary sticking point being the transaction fee split between Apple and the banks. They have also been concerned about Apple coming between them and their customers.

When it's time to buy a new iPhone, most of us turn to the four major UK network operators, or one of the many smaller networks that piggyback on them. But with the arrival of more affordable models like iPhone SE — as well as the continuing urge to upgrade to the latest and greatest — you may have been considering the alternative: simply buying an unlocked iPhone and popping in your current SIM card.

Unlike many other parts of the world, buying a new, unlocked smartphone isn't a new concept for British consumers. But if you're thinking of taking the plunge, there are a few factors worth considering: Here's a quick primer on buying an unlocked iPhone in the UK.

Why go unlocked?

First, a few obvious advantages. If you buy an unlocked phone outright, you'll trade a higher up-front cost for lower monthly fees from your network provider. The big players like EE, O2, Vodafone and Three have cheaper SIM-only plans that let you bring your own iPhone to their network as opposed to picking up a subsidized handset on contract. And so with a few exceptions, you're generally better off in the long run.

Buying unlocked also lets you avoid getting roped into any credit agreements involved with taking out a contract; instead, you can take advantage of the many great Pay As You Go deals out there.

In addition, because you're not paying towards the cost of your iPhone across the life of your contract, you'll pay less each month. In many cases, you'll also be able to opt for a shorter contract: Many providers offer 12-month SIM-only deals. Some, including Three, even have rolling one-month contracts that let you cancel at any time.

UK providers use (for the most part) the same standards and cellular frequencies, and as such, compatible unlocked iPhones should work across any of the country's mobile networks — from the big four to smaller players like GiffGaff and Virgin Media.

An unlocked iPhone isn't tied to any particular network, and for that reason it often has greater resale value after you're done with it. That's alongside the freedom you'll gain from being able to switch providers without changing your handset.

And if you're traveling abroad, it's easy to pop in a local SIM, avoiding potentially expensive roaming charges.

Finally, with the arrival of iPhone SE as a less expensive option — from £359 unlocked — it might not be worth getting caught up in a multi-year contract when you can pay for the phone upfront and be done with it. The cheaper the model of iPhone you're buying, the more incentive you have to go unlocked.

How to make sure you're buying unlocked (and not just SIM-free)

There's a really important distinction to understand before paying full retail price for an iPhone in the UK: Is it unlocked or just SIM-free?

Truly unlocked iPhones will work with any compatible network, and won't lock to the network of the first SIM that's inserted. Purchasing from an Apple Store — including Apple's online store — is the easiest way to guarantee that you're getting a truly unlocked iPhone with no additional fuss.

If that's not an option, all phones sold by Three, including iPhones, are unlocked — though you'll need to buy a Three SIM with the phone and activate it as usual.

In contrast, SIM-free iPhones, sold by retailers like Carphone Warehouse and Currys/PC World, aren't truly unlocked. Like an iPhone purchased on contract, these lock to the first network they're used with, and may not be usable with non-UK SIMs even after being unlocked. Basically, when you first buy and open your phone, it's unlocked to all UK networks, but once you start using it, it automatically locks to your operator.

From Three's unlocking FAQ:

From Carphone Warehouse:

That's why it's always worth double-checking where an iPhone was originally purchased if you're buying second-hand from the likes of eBay.

Are there any trade-offs? Things to watch out for?

Aside from the fact that you're paying more up front — and making sure you're really getting an unlocked device — there are a few potential caveats to be aware of.

Depending on the model of iPhone you want and the vagaries of your carrier's contract deals, there are times when it may be cheaper in the medium or long-term to pick up a subsidized phone (iPhone or otherwise) on contract, sell that phone, and purchase your own unlocked iPhone to use instead. For example, if a carrier wants to get rid of stock of a certain model, it might offer it with a tiny upfront price and a monthly fee not far off its SIM-only prices. In this case, if you're happy being locked into a contract for the standard 24 months, it might be worth taking the plunge.

It's also worth remembering that because of the way iPhone's software works, you won't need to worry about not having support for emerging technologies like VoLTE or Wi-Fi calling if you're using an unlocked iPhone. Most Android and Windows phones still require you to have a carrier-locked, carrier-branded version of your phone to use these features. With an unlocked iPhone — and up-to-date carrier settings — assuming your carrier has support for things like this, it'll just work.

UK readers, did you buy your iPhone unlocked, or are you using a carrier-locked model? Do you plan to change the way you buy next time around? Hit the comments and let us know

The FBI has now agreed to help unlock an iPhone and an iPod involved in an Arkansas homicide case, mere days after the Bureau was successful in circumventing security measures on an iPhone 5c used by one of the San Bernardino shooters. From The Associated Press:

Details surrounding how the FBI plans to gain access to the iPhone and iPod in the case are unclear, but the timing is certainly suspect. And since the unlock method used by the FBI in the high-profile San Bernardino case is still unknown, it's also not clear whether it may be similarly applicable to the iPhone and iPod in the Arkansas case.

In any event, the fact that the FBI has now indicated it can act without Apple's help in two separate instances should be concerning to both the tech giant and those who use its products.

A report published by Bloomberg offers additional details into Apple's ongoing battle with the FBI, including how the company has worked in private with government agencies in the past to provide access to court-ordered data.

The encryption issue started gaining traction following the launch of iOS 8, which altered the way data was encrypted, making it impossible for external agencies — and even Apple — to gain access to the device once a passcode was set. From Bloomberg:

According to the publication, the FBI was close to getting legislation passed that would've made it easier for the agency to access encrypted data on locked phones through court orders. However, Snowden's revelations in 2013 put a dent in its plans:

Even though new legislation did not come into effect regarding privacy, Apple continued to work with the FBI in private, including providing iCloud backups and sending engineers to assist in data recovery in the San Bernardino case:

With Apple vehemently denying to create a software utility to unlock the iPhone 5c in question, the FBI decided to take things public:

Apple officials will testify as part of an evidentiary hearing at 1 p.m. PT on March 22.

On this episode Rene talks Apple 'Let us loop you in' event invitations, Michael talks Samsung Galaxy S7 competition, and Georgia talks FBI vs. Apple turning acrimonious. Also: the tech we use for traveling!

Our sensational sponsors

• Casper: Get $50 toward any mattress purchase by going to casper.com/imore and using code imore.
• MailRoute: Stop spam today with a free 30-day trial of MailRoute: go to mailroute.net/imore.
• Wealthfront: Sign up and Wealthfront will manage your first $15,000 entirely free of charge— for life. Claim your offer today at wealthfront.com/imore.

Interesting in sponsoring the iMore show? Get in touch!

Listen now

• Subscribe in iTunes: Audio
• Subscribe in RSS: Audio
• Download directly: Audio

Headlines

• Apple announces March 31 'Loop in' event
• Samsung ships Galaxy S7

Apple Talk

• Galaxy S7 vs. iPhone 6s photo comparison
• FBI vs. Apple
• Apple Pencil review drawn with Apple Pencil

Select All

What we're traveling with:

• Michael: iPad Pro, iPod touch, Jaybird Bluetooth headphones
• Georgia: MacBook Air, Bose QuietComfort noise cancelling headphones
• Rene: 13-inch MacBook Pro, iPad Pro, Bose QuietComfort noise cancelling headphones

Hosts

• Michael Gartenberg
• Georgia Dow
• Rene Ritchie

Be part of the show!

Send in your comments, questions, feedback, or follow-up to:

• Email: podcast@imore.com
• Twitter: @iMore with hashtag #askimore
• Web: Leave a comment below!

Former CIA Director James Woolsey, who served in the office from 1993 to 1995, has weighed in on the ongoing iPhone encryption case between the FBI and Apple, just the latest in a series of former intelligence officials to do so. In an interview with CNBC's Squawk Box Woolsey didn't explicitly state that he was siding with Apple, though he said that the company was on the right side of this issue in general. He also accused the FBI of attempting to dictate the kind of operating system that Apple should create.

You can see CNBC's interview below:

Woolsey is the latest former U.S. intelligence chief to speak out on the matter. Michael Hayden, previously the director of the NSA, spoke on the matter last month, saying that software back doors would harm American security. Both men seem to feel that if the FBI is successful in its efforts to get Apple to help unlock the phone of the San Bernardino shooter, then it would set a precedent in which Apple would be compelled to provide such aid again and again.

AT&T has officially put itself on the side of Apple in its current court fight with the FBI. AT&T stated today that it has filed an amicus brief, or "friend of the court" statement, supporting Apple's position in this case, which involves the FBI asking Apple to unlock an iPhone used by one of the San Bernardino shooting suspects. Apple has refused, stating that such a move could cause others to gain access to the phone via a "backdoor".

AT&T's statement says that the courts are not the place to settle this dispuit, and called on the U.S. Congress to approve new laws on this matter. AT&T's full statement is below:

Today, AT&T filed a "friend of the court" brief with the magistrate judge for the U.S. District Court for the Central District of California, urging the court to vacate its order requiring Apple to take some fairly extraordinary steps to assist the FBI in unlocking the iPhone used by one of the perpetrators of the San Bernardino shootings.

This case involves two interests that all Americans share: keeping our citizens safe and protecting our personal privacy. As a company committed to both, the critical issue to AT&T is whether those interests will be balanced on an ad hoc basis by judges presiding over individual cases or by Congress providing a clear, uniform legal framework for all participants in the new digital economy. We felt it important to add our voice to this conversation because we believe that, as a matter of law and policy, Congress is the right body to decide this balance.

Technology has changed dramatically since Congress last addressed these issues in 1994. Then, Congress focused on what telecommunications carriers like AT&T may be required to do to assist law enforcement and national security officials. Now, the government seeks data stored by many other types of companies, from device manufacturers to social media, search, and applications companies, among others. But our laws have not kept pace with technology.

Only Congress can address these issues in a sufficiently comprehensive, uniform, and fair manner. All of us—the government, the courts, consumers and companies—need clear and uniform rules that can be produced only through a broadly-informed, transparent and accountable legislative process. In the meantime, we should not consider the All Writs Act, which merely authorizes the judiciary to enforce existing law, as a substitute for that process.

Like all Americans, we were deeply saddened by the tragic events of San Bernardino. Without question, the government should use every lawful means to investigate those crimes, and that includes compelling Apple's cooperation to the full extent permitted by law. In this case, however, the government seeks more than what can be supported under the law as it is written today. The solution is for Congress to pass new legislation that provides real clarity for citizens and companies alike.

Source: AT&T

The current faceoff between Apple and the FBI has placed the topic of Apple's security into the public eye. Apple has placed an emphasis on security and privacy in their products for some time now, but this is likely to be the most attention the topic has ever received.

Of course there's a question of whether or not Apple will be forced to help the FBI bypass current security features of the iPhone, but looking forward there's also a question of how iOS security will continue to advance.

What the FBI is requesting

For those unfamiliar or unclear about the current case, let's do a quick recap of what the FBI is requesting of Apple. The work-issued phone used by one of the shooters in the San Bernadino attack was recovered by the FBI.

The device (an iPhone 5c) is locked with a passcode, and may have the security feature enabled which erases the device's encryption keys after 10 failed passcode attempts. The FBI has requested that Apple create a special version of iOS that removes 3 security features.

1. The OS will bypass or disable the mechanisms to erase data after 10 failed attempts.
2. The OS will allow for electronic passcode attempts (as opposed to manual entries performed physically on the device's screen). The phrasing of the FBI's request could also be read to mean that Apple will be responsible for providing the means to electronically submit passcode attempts.
3. The OS will not introduce delays between failed passcode attempts.

In other words, the FBI would like to be able to brute force the device's passcode in a timely manner without the risk of losing the data that is on the device.

Why Apple can comply with the FBI's request

At the core of what the FBI is requesting is the ability to update the software of the iPhone without the user's passcode, and without losing data on the device. Currently, iOS can be updated on a locked device without ever entering the passcode.

This means that Apple could create an iOS update which removes or disables security features, sign it using keys that only they possess, and load it onto the locked device. Once the update were installed, the FBI (or any other party in possession of the device) could attempt to brute force the device's passcode without risk of being slowed down by backoff delays or losing data.

How Apple can change this

If the current legal battle ends with Apple being legally required to comply with the FBI's request, there is no technical limitation that would prevent Apple from complying on this device. However, a future version of iOS could remove their ability to do this.

A future update could (and in my personal opinion, probably will) require the device passcode to be entered prior to loading a recovery image (read: OS update). If the passcode cannot be entered, the user would have the ability to load the recovery image anyway, but the device would wipe its current encryption keys first, rendering existing data on the device practically irretrievable.

iCloud backups

Apple's current case with the FBI focuses entirely on the security of a physical device. However, many people utilize Apple's iCloud service for storage and backups. While data on iCloud servers is encrypted, this encryption is done with keys that Apple possesses, rather than keys possessed only by each user.

This means that Apple can comply with any legal requests for a user's iCloud data. For people who use iCloud for backups, this means that just about all of the information stored on your devices is retrievable by Apple. Even with backups disabled, a large amount of information may still be stored on iCloud including photos, documents, contacts, calendars, bookmarks, mail and app-specific data.

To change this, Apple would need to change iCloud to have it encrypt a user's data using a key that only they possess, rather than one that Apple controls. It is now rumored that Apple intends to make this very change at some point in the future.

While such a change would be a clear improvement for user security and privacy, it remains unclear how this may impact a user's ability to retrieve their data should they ever forget their password (or whatever other user-controlled piece of information may be used to encrypt their data).

The fight for the future

It's impossible to know what changes Apple may implement to further increase the security of their devices down the road, but it's a safe bet they'll be doing something. Each year, in addition to number other features and enhancements, we see Apple continue to make improvement to security, and put increasing amounts of user data out of their reach. In fact, it seems likely that the changes to iCloud encryption were on their product roadmap well before this legal case caught the public's attention.

Security researcher Jonathan Zdziarski published a list of requested iOS security improvements, which doubles as an interesting list of weaknesses in Apple's current security model.

It's also important to be mindful that everything Apple has done for security up to this point has been in full compliance with applicable laws. Apple's current fight with the FBI isn't an act of civil disobedience or defiance of the law, but rather Apple challenging that the FBI's request is unlawful.

If applicable laws change, it's very possible that Apple's actions will change accordingly. While Apple is not currently required to implement backdoors to facilitate investigations by law enforcement, such laws do exist for telecommunications companies, and similar laws could be passed in the future that apply to smartphone manufacturers.

The bottom line

While we will have to wait to see the outcome of Apple's current battle with the FBI, the world of mobile security will likely never be the same. For years law enforcement has made legal requests for user information and data. And for years Apple has complied with legal requests, while distancing themselves from that user data.

With Apple continuing down this path, the next major version of iOS and next iPhone update may contain the most public and controversial security enhancements yet.

This is not an Android vs. Apple thing. It's not an FBI vs. Apple thing either. It's bigger than that, and will have lingering effects on each and every person using technology for the foreseeable future. I stand with Apple, but more importantly I stand for privacy — mine, yours, everybody's.

I'm here, writing on iMore, because I care as much about the recent iPhone encryption lawsuit — and it's outcome — at least as much as everyone else here.

And I'm here to ask something of you. A pdf file of Apple's motion to vacate in the USG v Apple case in full has been posted online. Read it. I'm not a lawyer, but I see a lot of very important issues here that need addressed. Apple says it better than I ever could:

We're part of the hundreds of millions of individuals around the globe. I'm glad Apple is standing up for us all.

Read the Apple motion to vacate (.pdf file)

In a strong, clear language, Apple today has filed in opposition of a government order the company feels would weaken iPhone and iPad security and ultimately threaten public safety. Apple believes the company has already worked swiftly and tirelessly with law enforcement on both the San Bernardino and other cases, and that the surprise request using the All Writs Act is beyond the scope of both current laws and the public good.

In essence, Apple feels like they're being forced to create a "GovernmentOS" — or GovOS — that would bypass security mechanisms and make brute force attacks against the iOS passcode faster and easier. Moreover, that it would require Apple to set up what's effectively an FBI lab on Apple property, endlessly tasked to hack iPhones on the behalf of law enforcement.

Apple believes the demands are in conflict with existing laws and in violation of the First and Fifth Amendment of the United States Constitution.

It looks like the FBI demand came out of nowhere, with the use of the All Writs Act — a two hundred year old piece of legislation arguably never intended to be used in this manner — granted the same day it was requested, and without any notice to Apple.

Since iPhones contain not only personal messages and pictures but health data, financial information, and even location data on the owner and the owner's family and friends, creating a "GovOS" could leave hundreds of millions of customers vulnerable to espionage, hacking, identity theft, blackmail, and unlawful surveillance.

Further, that request is not only unprecedented, and not only conflicts with current law, but flies in the face of recent executive branch policy on these matters.

In that light, it sounds like the use of All Writs Act is as an end-run around the legislative branch and the legal process, and is counter to both precedent and Apple's rights under the First and Fifth Amendment: Specifically, it would force Apple to express the FBI administration's views on security and privacy rather than the company's own, and deprive the company of its liberties by compelling it to write what Tim Cook called "the software equivalent of cancer".

Again, Apple is using strong language but also plain language. The company wants its position to be clear and accessible to everyone. That's good, because it's not only a complex issue, but one of the most important ones to be argued in our generation.

U.S. representative Ted Lieu has asked FBI director James Comey to withdraw the agency's requests for Apple to unlock and provide access to an iPhone used by one of the San Bernardino shooters. Apple has since opted to make a stand and is currently facing off both the FBI and Department of Justice with consumers and fans of the company looking to rally to show their support.

Lieu warned Comey in a letter that should Apple support the FBI in this case, the move could have the potential to pave the way for more prosecutors to make similar demands to bypass encryption and security.

It's argued that Congress should decide whether or not America-based technology companies must provide authorities with access to products. This is the latest in the locked battle between the FBI and Apple, with yet another name added to the list of support for the tech giant. See Lieu's letter to Comey in full below.

Dear Director Comey,

Thank you for your public service and excellent leadership of the Federal Bureau of Investigation (FBI). As a military veteran and former prosecutor, I commend you and the dedicated FBI employees for keeping us safe. I am writing to you in my capacity as a Member of the House Oversight and Government Reform Committee, and its Information Technology Subcommittee, regarding the government's Motion to Compel that would require Apple Inc. to create software it does not have in order to weaken its smartphone encryption system.

The FBI's demand that Apple write new code to weaken encryption defenses has generated passionate responses from many Americans. I read your recent open letter in which you urge folks to "take a deep breath" and "use that breath to talk to each other." I You also argue that the two values of privacy and safety should be "resolved by the American people." I completely agree with you. That is why I request the FBI's demand of Apple and the Motion to Compel be withdrawn. We should all take a deep breath and talk to each other, rather than use a lawsuit to circumvent the critical and necessary policy discussions.

The San Bernardino terrorist attacks were horrific and the significant loss of innocent lives demands a strong response. We share the same goal that we must do all we can to bring justice to the victims and prevent future terrorist attacks. I also agree with you that the profound issues raised in the San Bernardino investigation will reverberate not just for this single investigation, but will affect "how we want to govern ourselves in a world we have never seen before" and "will matter to every American for a very long time."

The profound issues at stake should not be decided, as you state, by either corporations or the FBI. Neither, however, should these critical issues be decided by an unelected magistrate judge's or Department of Justice's interpretation of the All Writs Act, a law first passed in 1789, nearly 90 years before the light bulb was invented. As a computer science major, I have seen far-reaching unintended consequences when government applies outmoded concepts to our fastchanging technological world. Trying to apply an 18th century law to a 21 century technology company should not give anyone any confidence in the result.

Using the court process and an antiquated law to coerce a private sector technology company is especially inappropriate in this situation because Congress has been actively debating the very issue of the appropriateness of mandating "back doors" and other ways to weaken encryption. Numerous Congressional committees, including the Oversight Committee, have held hearings on privacy and encryption issues. Legislation has been introduced, or soon will be introduced, on these exact issues.

For example, earlier this month Representatives Blake Farenthold, Suzan DelBene, Mike Bishop and I introduced the ENCRYPT Act, which would prevent states from mandating that companies weaken their encryption systems. 5 House Homeland Security Committee Chairman Michael McCaul and Senator Mark Warner are working on legislation to create an expert panel to study and make recommendations on privacy and encryption issues. Senate Intelligence Chairman Richard Burr and Senator Dianne Feinstein are working on legislation to require companies to decrypt data under court order.

The framers of the Constitution vested the 535 elected Members of Congress with the responsibility to represent the American people and strike the appropriate balance on the important issues facing our country. The difficult and challenging issues of balancing privacy, liberty, safety, and national security should not be decided by unelected entities, such as private sector companies, governmental investigatory bodies, or magistrate judges.

If the magistrate judge's strained interpretation of the All Writs Act were upheld to give the FBI the right to force a private sector company to weaken its encryption defenses in this case, the precedent would open the floodgates for all future prosecutors to make the exact same demands in any case involving a smartphone that government cannot decrypt. The precedent set in this case would essentially enact a policy proposal to weaken encryption that has not yet gained traction in Congress and was previously rejected by the White House.

You appear to understand fully that decisions on how to strike the complex and difficult balance between privacy and safety, and civil liberties and security, require buy-in from the American people. Your open letter was not directed towards the judge. Rather, the open letter was designed to influence public opinion; and that is exactly where these issues should be resolved.

I ask that you follow the arguments you made in your letter and withdraw the FBI's demand of Apple, along with the corresponding Motion to Compel. Let's all take a deep breath and start talking to each other instead of fighting in court. Let Congress, stakeholders, and the American people debate and resolve these difficult issues, not unelected judges based on conflicting interpretations of a law passed 87 years before Alexander Graham Bell invented the telephone.

Via: FWC

Apple has posted a new Q&A on apple.com in order to provide more details on the company's ongoing dispute with the Federal Bureau of Investigations over the creation of a tool to enable faster and easier brute-force attacks on iPhone and iPad passcodes.

This new Q&A includes information that contradicts previously published assumptions about the company's interactions with law enforcements in the past, specifically charges Apple has already unlocked devices for the government.

Why is Apple objecting to the government's order?

The government asked a court to order Apple to create a unique version of iOS which would bypass security protections on the iPhone's lock screen. It would also add a completely new capability so passcode tries could be entered electronically.

This has two important and dangerous implications:

First, the government would have us write an entirely new operating system for their use. They are asking Apple to remove security features and add a new ability to the operating system to attack iPhone encryption, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by "brute force," trying thousands or millions of combinations with the speed of a modern computer.

We built strong security into the iPhone because people carry so much personal information on our phones today, and there are new data breaches every week affecting individuals, companies and governments. The passcode lock and requirement for manual entry of passcode are at the heart of the safeguards we have built in to iOS. It would be wrong to intentionally weaken our products with a government-ordered backdoor. If we lose control of our data, we put both our privacy and our safety at risk.

Second, the order would set a legal precedent which expands the powers of the government and we simply don't know where that would lead us. Should the government be allowed to order us to create other capabilities for surveillance purposes, such as recording conversations or location tracking? This would set a very dangerous precedent.

Is it technically possible to do what the government has ordered?

Yes, it is certainly possible to create an entirely new operating system to undermine our security features as the government wants. But it's something we believe is too dangerous to do. The only way to guarantee such a powerful tool isn't abused and doesn't fall into the wrong hands is to never create it.

Could Apple build this operating system just once, for this iPhone, and never use it again?

The digital world is very different than the physical world. In the physical world you can destroy something and it's gone. But in the digital world, once created the technique could be used over and over again, on any number of devices.

Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks. Of course Apple would do our best to protect that key, but in a world where all of our data is under constant threat, it would be relentlessly attacked by hackers and cybercriminals. As recent attacks on the IRS systems and countless other data breaches have shown, no one is immune to cyber attacks.

Again, we strongly believe the only way to guarantee such a powerful tool isn't abused and doesn't fall into the wrong hands is to never create it.

Has Apple unlocked iPhones for law enforcement in the past?

No.

We regularly receive law enforcement requests for information about our customers and their Apple devices. In fact, we have a dedicated team that responds to these requests 24/7. We also provide guidelines on our website for law enforcement agencies so they know exactly what we are able to access and what legal authority we need to see before we can help them.

For devices running the iPhone operating systems prior to iOS 8, and under a lawful court order, we have extracted data from an iPhone.

We've built progressively stronger protections into our products with each new software release, including passcode-based data encryption, because cyberattacks have only become more frequent and more sophisticated. As a result of these stronger protections which requires data encryption, we are no longer able to use the data extraction process on iPhones running iOS 8 or later.

Hackers and cybercriminals are always looking for new ways to defeat our security, which is why we keep making it stronger.

The government says your objection appears to be based on concern for your business model and marketing strategy. Is that true?

Absolutely not. Nothing could be further from the truth. This is and always has been about our customers. We feel strongly that if we were to do what the government has asked of us — to create a backdoor to our products — not only is it unlawful, but it puts the vast majority of good and law abiding citizens, who rely on iPhone to protect their most personal and important data, at risk.

Is there any other way you can help the FBI?

We have done everything that's both within our power and within the law to help in this case. As we've said, we have no sympathy for terrorists.

We provided all of the information about the phone that we possessed. In addition, we proactively offered advice on obtaining additional information. Even since the government's order was issued, we are providing additional suggestions after learning new information from the Justice Department's filings.

One of the strongest suggestions we offered was that they pair the phone to a previously joined network which would allow them to back-up the phone and get the data they are now asking for. Unfortunately, we learned that while the attacker's iPhone was in FBI custody the Apple ID password associated with the phone was changed. Changing this password meant the phone could no longer access iCloud services.

As the government has confirmed, we've handed over all the data we have, including a backup of the iPhone in question. But now they have asked us for information we simply do not have.

What should happen from here?

Our country has always been strongest when we come together. We feel the best way forward would be for the government to withdraw its demands under the All Writs Act and, as some in Congress have proposed, form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort.

It's getting tougher and tougher to understand the motivation behind this request in general and the use of this case to drive it in particular.

Following up on his public letter to customers, Apple CEO Tim Cook has emailed employees to thank them for their support, and to share some of the support the company has received, in its ongoing dispute with the Federal Bureau of Investigations over creating a tool to more easily and quickly brute-force iPhone and iPad passcodes.

Tim Cook's letter to employees read as follows:

Email to Apple employees from Apple CEO Tim Cook

Subject: Thank you for your support

Team,

Last week we asked our customers and people across the United States to join a public dialogue about important issues facing our country. In the week since that letter, I've been grateful for the thought and discussion we've heard and read, as well as the outpouring of support we've received from across America.

As individuals and as a company, we have no tolerance or sympathy for terrorists. When they commit unspeakable acts like the tragic attacks in San Bernardino, we work to help the authorities pursue justice for the victims. And that's exactly what we did.

This case is about much more than a single phone or a single investigation, so when we received the government's order we knew we had to speak out. At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone's civil liberties.

As you know, we use encryption to protect our customers — whose data is under siege. We work hard to improve security with every software release because the threats are becoming more frequent and more sophisticated all the time.

Some advocates of the government's order want us to roll back data protections to iOS 7, which we released in September 2013. Starting with iOS 8, we began encrypting data in a way that not even the iPhone itself can read without the user's passcode, so if it is lost or stolen, our personal data, conversations, financial and health information are far more secure. We all know that turning back the clock on that progress would be a terrible idea.

Our fellow citizens know it, too. Over the past week I've received messages from thousands of people in all 50 states, and the overwhelming majority are writing to voice their strong support. One email was from a 13-year-old app developer who thanked us for standing up for "all future generations." And a 30-year Army veteran told me, "Like my freedom, I will always consider my privacy as a treasure."

I've also heard from many of you and I am especially grateful for your support.

Many people still have questions about the case and we want to make sure they understand the facts. So today we are posting answers on apple.com/customer-letter/answers/ to provide more information on this issue. I encourage you to read them.

Apple is a uniquely American company. It does not feel right to be on the opposite side of the government in a case centering on the freedoms and liberties that government is meant to protect.

Our country has always been strongest when we come together. We feel the best way forward would be for the government to withdraw its demands under the All Writs Act and, as some in Congress have proposed, form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort.

People trust Apple to keep their data safe, and that data is an increasingly important part of everyone's lives. You do an incredible job protecting them with the features we design into our products. Thank you.

Tim

When news first broke about Apple declining to create a back door in iOS that would allow far easier brute force passcodes, it was spun as Apple being unwilling to help the government fight terrorism and otherwise being against everything eagles and pie. The deeper narrative, though, has been one of Apple standing up for the privacy rights of not just Americans but everyone, everywhere. As the story develops, the first spin is showing increasing signs of strain.

Buzzfeed News:

Court filings seemed to lay blame on the San Bernardino Health Department, stating:

San Benadino, however, took to Twitter to say it wasn't exactly so:

FBI Press Relations tried to clear things up:

What does this mean? iPhone forensics expert Jonathan Zdziarsk:

To further expand on why this level of government intrusion affects more than just one case and one country, The New York Times dove into how China might well be next.

Emotional arguments, especially those that try to cloak themselves in patriotism, seldom lose out to rational and even legal ones. Except when those emotional arguments are so manufactured that the seams begin to show... and to crack.

It's unclear exactly what's going on with this one iPhone 5c that belonged to terrorists and murderers — why was the password reset?; what information do they want that's not available using that password; and why are factions of law enforcement focused not on getting the data but getting a tool to get data?

Hopefully more will become clear soon. In the meantime, if you're concerned about your rights to privacy, you can sign the petition to the White House asking that efforts that compel Apple and other device makers to create a "backdoor" for the Government to access citizens data be halted, or join one of the rallies planned for Tuesday.

In an interesting turn of events, it has been revealed that the Apple ID password tied to the iPhone involved in the current tussle between Apple and the FBI was changed after it was in the custody of the U.S. government.

As reported by Buzzfeed News, Apple executives revealed that the company had been in touch with the government and working on a solution to accessing the San Bernardino shooter's iPhone since January. When testing one possible solution, the company discovered that the Apple ID password associated with the iPhone had been changed, making it more difficult to access the information the FBI is after:

Had the password not been changed, Apple says, a backup of the information the government is seeking would be accessible, eliminating the need for the court order that lies at the center of the current dispute.

The news follows a push by the U.S. Department of Justice to compel Apple's cooperation in assisting the FBI with creating a backdoor to the iPhone in question.

Update: According to another report out of TechCrunch, Apple executives have also stated that the tool the FBI is asking the company to create could potentially work as a blueprint for cracking into more devices in the future, even going so far as to render a key security feature of newer iPhones and iPads useless:

Apple also argued that cooperating with the FBI on this matter has the potential to open a pandora's box of requests from foreign governments — and aspect of the dispute that hasn't received much attention thus far.

Update 2: The San Bernardino Twitter account has chimed in to say that the county changed the password at the FBI's request.

No stranger to controversy, Republican presidential candidate Donald Trump has called for a boycott Apple until they help unlock the phone of the San Bernardino shooter. During an event with supporters, Trump, while making a point about bringing jobs back over from China, said that Apple should unlock the phone.

From CNBC on Twitter:

It should be noted that, as of fairly recently, Trump's official Twitter account has been tweeting from an iPhone.

Update: Trump's campaign also seems all-in on iPad.

This isn't the first time that Trump has expressed his opinion about Apple. In a speech last month, the candidate said that he would make Apple manufacture products in the U.S..

The United States Federal Bureau of Investigation (FBI) wants Apple to create a version of iOS that would allow authorities to breach the strong encryption on the iPhone and iPad and access the personal data contained within. The demand comes as part of the investigation into the San Bernardino terrorism case, but the implications and ramifications go far beyond any one case, no matter how heinous.

Earlier today, Apple's CEO Tim Cook wrote a rare letter to the company's customers on Apple.com. Here's the crux:

Make no mistake, what is being asked of Apple should horrify not just those in the U.S. but around the world. Nothing made can be unmade. Nothing used once will only ever be used once. The moment after an easy way to brute-force passcodes exists we, none of us, will be safe. A few criminals may be more easily investigated, but catastrophically more people will be subject to unlawful searches, hacks, theft, blackmail, and other crimes. Everywhere.

Read Cook's letter again, but substitute the FBI for Chinese Intelligence. Imagine China, soon to be a bigger market for Apple than even the U.S., making this demand so they can more easily track and prosecute those they claim to be criminals. Then imagine it being used by governments at war with their own citizens. Now do it again, but this time with Russia's FSB. Or once more with the NSA.

Imagine when it falls into the hands of everyone from organized crime and terrorists to lone hackers and criminals. Imagine falling asleep while the person you just met sneaks into the other room, replaces the software on your phone, and slips out with your every picture, password, message, and location. And if caught, they're just fine — they used the same back door to replace the software with a underground version eliminating the back door.

It's the nature of law enforcement to overreach. To want our every fingerprint on file, all our DNA on record, and one day to want trackers and monitors implanted into all of our bodies. And they have a clear and understandable point-of-view for doing so — their goal isn't your privacy; it's prosecution and safety. But we have to be able and willing to push back against that overreach.

It's the duty of all of us to say, clearly and with unyielding certainty: "No."

Tim Cook, by publicly standing up and voicing his concerns, is doing just that. He's paving another brick on the sunlit path towards justice. We, all of us, need to pave these bricks too, and as quickly as we can.

February 16, 2016

A Message to Our Customers

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.

This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.

The Need for Encryption

Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.

All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.

Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.

For many years, we have used encryption to protect our customers' personal data because we believe it's the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.

The San Bernardino Case

We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government's efforts to solve this horrible crime. We have no sympathy for terrorists.

When the FBI has requested data that's in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we've offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The Threat to Data Security

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today's digital world, the "key" to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that's simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.

We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.

A Dangerous Precedent

Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by "brute force," trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government's demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone's device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone's microphone or camera without your knowledge.

Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.

We are challenging the FBI's demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.

While we believe the FBI's intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.

Tim Cook

Apple CEO Tim Cook has posted a public letter in response to a California judge's order to help the Justice Department unlock an iPhone belonging to one of the San Bernardino shooters. Cook said that Apple would not comply with the order, stating that it was an "unprecedented step which threatens the security of our customers."

The government is asking Apple to bypass the auto-erase function when the passcode is entered more than ten times, giving investigators the ability to submit an unlimited number of passcodes as they try to unlock an iPhone 5c that belonged to Syed Farook.

Cook said that while Apple is willing to assist the FBI in its inquiries by providing "data that's in our possession," it would not participate in creating a backdoor that circumvents the security capabilities of iOS:

Cook said that the FBI's use of the All Writs Act to demand the data sets a "dangerous precedent:"

Cook has been a long-term proponent of privacy and encryption, often stating that customer data should not be exploited for commercial gain. Speaking at last year's Champions of Freedom Awards Dinner, Cook said:

Source: Apple

In a new filing with the Security and Exchange Commission (SEC), Apple revealed that CEO Tim Cook brought in $10.3 million in total compensation for 2015, which is up from $9.2 million in 2014. The bulk of Cook's earnings came in the form incentives and stock awards, with his base salary consisting of $2 million.

Apple's other executives all brought in around 25 million each, including incentives and stock awards. In particular, CFO Maestri and retail head Angela Ahrendts brought earned $25.3 million and $25.7 million, respectively. Meanwhile, SVP of software and services Eddy Cue, SVP of hardware engineering Dan Riccio, and SVP of general counsel and secretary Bruce Sewell all earned just under $25.1 million.

As for Apple as a whole, the SEC filing reveals that Apple generated $233.7 billion in sales over the course of 2015, which is up 28 percent over 2014. It's an impressive number, and one that will be broken down further when Apple reports its Q1 2016 earnings on January 26.

Source: Apple

For the month of June, Apple is honoring the hugely important 1969 Stonewall riots — seen as the start of the modern gay rights movement — with a collection of app, movies, TV shows, books, and music that reflect LGBT pride.

Here's how Apple describes the collection:

The collection features a number of notable entries like The Normal Heart, an incredibly moving film from HBO; albums from Adam Lambert and Against Me!; apps like the recently-released PRIDE Study and EDGE; and books from Neil Patrick Harris and Dan Savage. Of course, the collection is huge, and there is much much more that Apple highlights—all of which you can discover from the iTunes link below.

Check out the LGBT Pride collection on iTunes

There's a story going around that quotes NSA whistleblower Edward Snowden's lawyer as saying Snowden won't use an iPhone because it has "special software" that could gather information about him. Instead, the lawyer says, Snowden has a simple phone". There's no first-hand account from Snowden and no details about what the "special software" might be — a web cookie? who knows! — but that hasn't stopped the quote from making its way across the sensationalism-over-security parts of the internet. So, what's really going?

Here's the full quote, via Sputnik News:

Again, nothing directly from Snowden and no real information on what he's purportedly concerned about. But here's the thing — if you're Edward Snowden, the phone you'd most want to be using right now is the closest thing to a rock you can find.

Modern smartphones are smart — they're computers. Computers run complex operating systems and apps. If you're Edward Snowden, never mind exploits, you probably don't want to have anything to do with things like web browsers and cookies. If you're Edward Snowden, you probably want to use something as dumb and disposable as possible — probably many burner phones, burned with incredible frequency...

For most everyone else, including almost everyone reading this, there's absolutely nothing to be concerned about here.

No new security exploits were disclosed by Snowden's lawyer in that story, and Apple has been good about responding to previous exploits. UDID tracking, which some have, for some reason, decided to link to the story, was shut-down by Apple years ago. In fact, when it comes to privacy, Apple couldn't have been more clear. (Their stance on end-to-end encryption has even led to FUD being spread by law-enforcement agencies.)

Absent any new exploits or disclosures, it's a non-story. Worse, by once again contributing to the noise, by putting the iPhone in quotes and headlines just to get attention, by making everything sound scary, it makes legitimately scary stories harder to distinguish. And when it comes to things as important as security and privacy, we need to be able to tell the legitimate stories from the noise.

The Federal Trade Commission is suing AT&T Mobility over data throttling on unlimited data plans. The Commission alleges that AT&T's practices regarding unlimited data were deceptive and unfair. The FTC believes that AT&T in some cases reduced unlimited data speeds after certain amounts by up to 90 percent.

The FTC's guiding principle is "unlimited means unlimited". This means that if a carrier offers you unlimited data, they shouldn't be able to throttle you if you exceed a certain amount of usage. The Commission points to AT&T's marketing materials, which heavily emphasize unlimited data.

It is alleged that AT&T began throttling data back in 2011, reducing speeds for customers after they had used 2GB of data in a billing period. The FTC also says that 3.5 million unique customers have been affected by AT&T's practices. AT&T, according to the complaint, received thousands of complaints from customers regarding slow data speeds, with some considering the throttling of unlimited plans a "bait and switch".

Do you think the FTC's case has merit? Leave your thoughts in the comments.

Update: AT&T has reached out to us with a statement responding to the FCC's claims:

Source: FTC

If you're looking for a sweet deal with regards to using data abroad on this year's holiday, O2 may well have the right bundle price at just £2 a day. We've all been in that situation, looking at pricing and being stunned by just how expensive roaming can be, even when travelling within the EU. UK mobile operators are attempting to tackle the issue of high charges (as is the EU, which hopes to have said charges abolished by 2015).

The addon, called O2 Travel, enables customers to enjoy the use of data while abroad, limited by allowances on said contracts. Pre-paid customers can use the addon, but it's restricted to 50MB. If you'd like to learn more about O2's pricing, what it includes and who's eligible, be sure to read more over on the mobile operator's website before heading on your next flight.

As a side note, Vodafone is also offering its Eurotraveller addon for just £2, but this is a limited offer. We're sure you're all eager to get away for the summer, but do ensure you check with your mobile operator regarding roaming while abroad to hopefully avoid a mammoth phone bill when landing back in the UK.

Source: O2, Vodafone

After uniting over issues with net neutrality, tech leaders are once again coming together to protect the consumers. In an open letter penned to the United States government, AOL, Apple, Dropbox, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo are pleading with elected officials to put an end to data collection on the Internet in the age of Edward Snowden and the NSA.

The timely letter is written ahead of a Senate vote. The U.S. Senate will decide if it wants to pass a version of the USA Freedom Act in the next few weeks that would help to keep the Internet safe and secure.

A version of the bill had recently passed in the House, but that version, according to these tech giants, still allows the U.S. government to collect metadata on the Internet. This means that in the case of emails, the government could still obtain information like who is sending the message and who the recipient is. The technology companies that signed the letter are asking for greater protections than the House bill provides.

Asking that the government restricts data collection and allows technology companies to better report what data is being requested under new transparency rules in a bid to restore confidence in the Internet, the companies say that "it is critical to our customers that the bill allow companies to provide even greater detail about the number and type of government requests they receive for customer information."

"We understand that governments have a duty to protect their citizens," the letter signed by Tim Cook, Mark Zuckerberg, Larry Page, Satya Nadella, and other technology leaders reads. "But the balance in many countries has tipped too far in favor of the state and away from the rights of the individual."

Citing that "confidence in the Internet" had been eroded domestically and internationally over the past year, these technology firms are asking that "U.S. surveillance efforts are clearly restricted by law, proportionate to the risks, transparent, and subject to independent oversight."

Source: Reform Government Surveillance

There are reports coming out of Australia about iPhones and iPads somehow getting locked down by Find my iPhone, in some cases with a message claiming the devices will only be unlocked if a AUS$100 ransom is paid. What makes this bizarre is that it appears to only be happening in Australia (and the internet has no borders) and it's unclear how the attackers are accessing Find my iPhone for the devices in question. So, what's going on?

One theory is that some other service was hacked and because people were using the same email and password combinations for that service and their Apple IDs, the attacker could access their iPhones and iPads online via Find my iPhone as well. But why just Find my iPhone, why only some hostage messages, and why AU$100? It feels almost more like the hack equivalent of stealing a car for a joy ride.

Whatever this turns out to be, the story should serve as yet another reminder to everyone to use a strong, unique passwords for Apple ID and for any other critical internet account you have, including Google, Amazon, or anything tied to your communications or credit cards.

Yes, strong, unique passwords are more difficult and tedious to use, and you will almost certainly require a password manager app to use them effectively, but the extra effort is more than worth it based on the protection they provide. It means that if any one service is ever hacked, you'll only have to worry about that service, not every other one that uses to the same email address and password.

Second, set up and use two-step authentication for your Apple ID and for Google and any other critical service you use that supports it. Again, it's a far greater pain in the apps than not using it, but it affords a much higher level of protection because even if someone gets your password, that's only 1 of the 2 steps. It makes taking over your account immeasurably more difficult.

Also, if there are security questions, pick non-guessable answers and store them in your password manager as well. Attackers can find out the name of your first pet, first friend, or street you grew up on. It's immeasurably harder to compromise random characters or words you stuck in as answers.

If you're one of the people already affected, and there's no immediately obvious way for you to unlock the device directly, you can try and put your iPhone or iPad into recovery mode or DFU mode and then restore from the latest iCloud backup, or, if old-school, restore from the most recent iTunes backup.

If it looks like the password has been changed, go to Apple ID password recovery and reset my password — strong and unique! — to regain control of the account. If that doesn't work, go to the Apple Store or call AppleCare support with your proof of purchase.

We're still looking into the story, and we'll report back if and when we find out more. Apple has a phenomenal security team and Apple typically offers tremendous customer service as well. Since this incident has been widely reported it's probably safe to assume Apple has seen it too, though it will no doubt take time to figure out, both in terms of the hack and how to best recover from it. Whether there's anything Apple can do on their end, or whether it's really just a matter of all of us using better, stronger, unique passwords remains to be seen.

If you've experienced this hack, recovered from it, or have any advice or opinions in general to share, please let me know in the comments.

Source: Apple Support Forum via View News. Thanks Greg!

Rich Edmonds contributed to this article

Snapchat has agreed to settle with the FTC over claims that the company deceived consumers over the data it collected and also the security measures taken to prevent unauthorized disclosure. Snapchat's failure to secure its Find Friends feature resulted in a breach that allowed hackers to steal 4.6 million usernames and phone numbers.

In addition, the claims state that Snapchat misrepresented its data collection practices, that they deceptively told their users that the sender would be notified if a recipient took a screenshot of a snap, and that Snapchat stored video snaps unencrypted on the recipient's device.

Under the terms of the settlement, Snapchat "will be prohibited from misrepresenting the extent to which it maintains the privacy, security, or confidentiality of users' information." They will also be required to invoke a privacy program that will be monitored for the next 20 years.

Source: FTC

Press Release

Snapchat Also Transmitted Users' Location and Collected Their Address Books Without Notice Or Consent

Snapchat, the developer of a popular mobile messaging app, has agreed to settle Federal Trade Commission charges that it deceived consumers with promises about the disappearing nature of messages sent through the service. The FTC case also alleged that the company deceived consumers over the amount of personal data it collected and the security measures taken to protect that data from misuse and unauthorized disclosure. In fact, the case alleges, Snapchat's failure to secure its Find Friends feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers.

According to the FTC's complaint, Snapchat made multiple misrepresentations to consumers about its product that stood in stark contrast to how the app actually worked.

"If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises," said FTC Chairwoman Edith Ramirez. "Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action."

Touting the "ephemeral" nature of "snaps," the term used to describe photo and video messages sent via the app, Snapchat marketed the app's central feature as the user's ability to send snaps that would "disappear forever" after the sender-designated time period expired. Despite Snapchat's claims, the complaint describes several simple ways that recipients could save snaps indefinitely.

Consumers can, for example, use third-party apps to log into the Snapchat service, according to the complaint. Because the service's deletion feature only functions in the official Snapchat app, recipients can use these widely available third-party apps to view and save snaps indefinitely. Indeed, such third-party apps have been downloaded millions of times. Despite a security researcher warning the company about this possibility, the complaint alleges, Snapchat continued to misrepresent that the sender controls how long a recipient can view a snap.

In addition, the complaint alleges:

• That Snapchat stored video snaps unencrypted on the recipient's device in a location outside the app's "sandbox," meaning that the videos remained accessible to recipients who simply connected their device to a computer and accessed the video messages through the device's file directory.
• That Snapchat deceptively told its users that the sender would be notified if a recipient took a screenshot of a snap. In fact, any recipient with an Apple device that has an operating system pre-dating iOS 7 can use a simple method to evade the app's screenshot detection, and the app will not notify the sender.
• That the company misrepresented its data collection practices. Snapchat transmitted geolocation information from users of its Android app, despite saying in its privacy policy that it did not track or access such information.

The complaint also alleges that Snapchat collected iOS users' contacts information from their address books without notice or consent. During registration, the app prompted users to, "Enter your mobile number to find your friends on Snapchat!" Snapchat's privacy policy claimed that the app only collected the user's email, phone number, and Facebook ID for the purpose of finding friends. Despite these representations, when iOS users entered their phone number to find friends, Snapchat also collected the names and phone numbers of all the contacts in their mobile device address books. Snapchat continued to collect this information without notifying or obtaining users' consent until Apple modified its operating system to provide such notice with the introduction of iOS 6.

Finally, the FTC alleges that despite the company's claims about taking reasonable security steps, Snapchat failed to secure its "Find Friends" feature.

For example, the complaint alleges that numerous consumers complained that they had sent snaps to someone under the false impression that they were communicating with a friend. In fact, because Snapchat failed to verify users' phone numbers during registration, these consumers were actually sending their personal snaps to complete strangers who had registered with phone numbers that did not belong to them.

Moreover as noted above, the complaint alleges that Snapchat's failure to secure its Find Friends feature resulted in a security breach permitting attackers to compile a database of 4.6 million Snapchat usernames and phone numbers. According to the FTC, the exposure of this information could lead to costly spam, phishing, and other unsolicited communications.

The settlement with Snapchat is part of the FTC's ongoing effort to ensure that companies market their apps truthfully and keep their privacy promises to consumers. Under the terms of its settlement with the FTC, Snapchat will be prohibited from misrepresenting the extent to which it maintains the privacy, security, or confidentiality of users' information. In addition, the company will be required to implement a comprehensive privacy program that will be monitored by an independent privacy professional for the next 20 years.

This case is part of a multi-national enforcement sweep on mobile app privacy by members of the Global Privacy Enforcement Network, a cross-border coalition of privacy enforcement authorities. The case is also coordinated with the Asia Pacific Privacy Priorities forum's Privacy Awareness Week.

The Commission vote to accept the consent order for public comment was 5-0.

The United States Federal Communications Commission has re-released their FCC Speed Test app for iPhone and iPad and iPad. It lets you directly measure upload, download, latency, and packet-loss over both cellular and Wi-Fi. You can also choose to anonymously submit information to the FCC about your results through the Measuring Broadband America program which aims to create transparency about actual network performance.

FCC Speed Test looks at a couple things when measuring network performance — download, upload, latency, and packet loss. Each time you run a test it'll give you some general information about your cellular network. When testing WiFi networks I didn't get the same amount of information so I'm not sure if there was an incompatibility with my provider (Comcast) or if FCC Speed Test simply doesn't monitor ISPs the same way.

You can then break out data from FCC Speed Test in different time lengths such as a week, month, or year. The expanding graphs give you an overview of what kind of data performance you've been getting. You can choose to share this data with the FCC or you can keep it just for your own reference. You can set limits in settings as well for how much data you want the app to be able to transmit so you ensure you aren't hitting any data caps you may have.

I tested FCC Speed Test against the popular Speedtest.net app by Ookla. Overall, they seemed pretty close on both WiFi and over the cellular network. You can see the results in the screenshots below. FCC Speed Test measures a few more statistics than Speedtest.net does but lacks the server options. In my experience server options can make a huge difference in results. Also, FCC Speed Test is U.S. only while Speedtest.net is available internationally.

I'd recommend the FCC Speed Test app if you're in the U.S. and want more detailed information on the quality of your cellular network connection, especially if you want to contribute to the FCC monitoring program. If you give it a try, let me know — how fast and how well does your connection measure up with FCC Speed Test?

• Free - Download Now

The United States Air Force is replacing 5000 legacy BlackBerry smartphones with Apple's iPhone, and eventually all of their BlackBerry users will have to make the changeover. The announcement, reported by Defense News, comes as the future of BlackBerry within the Department of Defense is debated, with the chips seeming to fall on the side of transitioning away from a network supporting a mish-mash of BlackBerry 6 and 7 devices to a mix of modern devices — though apparently without BlackBerry 10 in that mix. The situation has changed dramatically since this time last year, when the Department of Defense was adamant they weren't dropping BlackBerry.

Brigadier General Kevin Wooten, the communications director for Air Force Space Command (which manages the Air Force's IT infrastructure), said that "in order to keep costs down and save on network resources, BlackBerrys will be turned in and shut off once the user is transitioned to an iOS device." Additionally, anybody who hopes to activate a new BlackBerry on the Air Force network will require approval from the Air Force Space Command. The general that's attached to his BlackBerry is going to have to write an awfully compelling memo justifying why he should get a new one.

Both iOS and Samsung's Knox-enabled Android smartphones have been approved for use on Department of Defense networks, though the process of adding those new devices has been slow. Given the nature of government purchasing contracts, that's little surprise. BlackBerry 10 has also received DoD approval. Transitioning the tens of thousands of BlackBerry smartphones onto iOS and maybe Android will take time and money, the latter of which the US government has been more prudent about than in recent years.

But it seems that either way, BlackBerry hasn't presented a compelling case to the U.S.A.F. The Air Force has long led the advancement of technology in the Department of Defense (they are the ones with stealth planes and satellites, after all), so where the airmen go, so too will the Soldiers, Sailors, and Marines of the United States Armed Forces.

Source: Defense News

Update: Apple has made a statement disavowing any knowledge of the exploit or collusion with the NSA.

Security researcher Jacob Appelbaum claims to have discovered what he describes as "an iPhone backdoor" exploited by the National Security Agency (NSA). Appelbaum discussed the exploit during a speech he gave at this week's Chaos Communication Congress in Hamburg, Germany, according to The Daily Dot.

According to a leaked document, The software, called DROPOUTJEEP, enables users to push and pull files to and from the device, retrieve SMS message, retrieve contact list data, voicemail, geolocation data, captures camera images, and more, as well as enable a "hot mic" - a microphone that will transmit audio without the user's knowledge or consent.

"You think Apple helped them with that?" asked Appelbaum. "I don't know. I hope Apple will clarify that. I think it's really important that Apple doesn't. Here's the problem: I don't really believe that Apple didn't help them. I can't prove it yet, but they [the NSA] literally claim that any time they target an iOS device, that it will succeed for implantation."

"Either they [the NSA] have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves," said Appelbaum.

"Not sure which one it is; I'd like to believe that since Apple didn't join the PRISM program until after Steve Jobs died, that maybe it's just they write...that they write shitty software. We know that's true," he said, to laughter and applause from the audience.

Appelbaum, who goes under the Twitter nickname @ioerror, is a core member of the Tor project - free software designed to enable online anonymity by directing traffic through thousands of Internet relays. Appelbaum has fallen under the Department of Justice's scrutiny and has represented Julian Assange's WikiLeaks organization at past conferences.

Some of Appelbaum's revelations were also posted in an article published by German news magazine Der Spiegel.

Appelbaum discusses the iPhone exploit at around the 44 minute and 30 second mark in the video embedded above.

In June, Apple published its Commitment to Customer Privacy:

Appelbaum's allegations are an entirely different situation, however: this would enable the NSA to eavesdrop on iPhone users without any knowledge or cooperation with Apple. Appelbaum's snide commentary about the quality of Apple's programming notwithstanding, it's a troubling development, if true.

Update: Apple provided a statement disavowing knowledge of any such exploit, and also disavowing any collusion with the NSA. They said in part:

Source: The Daily Dot

RSA has been essential to corporate security for years - developers of trusted cryptography techniques that serve as the lynchpin to corporate data security. Now the company - presently owned by enterprise data company EMC Corp. - is under fire following allegations it was paid by the National Security Agency (NSA) to promote the use of flawed encryption technology.

Last week Reuters reported that RSA entered into a secret $10 million contract with the NSA. RSA has since responded to the report, categorically denying that a secret contract was agreed to.

The revelations come from analysis of documents leaked by NSA whistleblower Edward Snowden, the contractor who fled U.S. jurisdiction and is presently living in Russia. Snowden's explosive claims have revealed that the US has engaged in spying against its allies like German chancellor Angela Merkel, and have led to more scrutiny over a program to collect telephone "metadata" from all US citizens in order to assemble profiles against terrorists.

The NSA developed an algorithm called Dual Elliptic Curve Random Bit Generator (Dual EC DRBG) which RSA adopted and promulgated even prior to its approval by the National Institutes of Standards and Technology (NIST), a federal technology agency whose approval is required for many products sold to the federal government. Dual EC DRBG was also the default in RSA's Bsafe software.

But within a year, by 2007, cryptography experts were openly questioning Dual EC DRBG's efficacy; some openly declared the shortcomings were part of a back door. That allegation was supported when NSA documents were leaked last year by Snowden. In September, NIST issued a statement telling organizations to stop using the algorithm.

"RSA, as a security company, never divulges details of customer engagements, but we also categorically state that we have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use," the post concluded.

So the RSA doesn't deny it took money from the NSA - it just says it's not culpable for any of EC DRBG's shortcomings.

For his part, Joseph Menn, the reporter who wrote the original article, stood by the report's veracity in a tweet.

Dual EC DRBG's shortcomings have been known about for at least the last six years - that it's a lousy way of encrypting data is no secret. What's new here is the implication that RSA, whose public key encryption technology is proven and broadly used on just about every computing platform - accepted money to distribute and promulgate it. If that's true, it could cast a pall on RSA for years to come. Expect to see EMC and RSA go into overdrive to repair their corporate image - assuming there aren't more allegations to come.

U.S. District Judge Richard Leon ruled Monday that the National Security Agency's (NSA's) collection of domestic phone record metadata is unconstitutional. The judge isn't enforcing his order, however, because the government is expected to appeal the ruling, according to Politico.

The NSA's phone record collection activities first came to public light in 2006, but got a new round of public analysis following the revelations of Edward Snowden, a former NSA contractor who disclosed the contents of NSA records to The Guardian reporter Glenn Greenwald. Snowden was granted temporary asylum in Russia in August, where he's been ever since.

While the NSA says that it's not listening to or recording the phone calls of American citizens without probable cause (which it recently told TV news program 60 Minutes it only has the authority to do in the case of "50 or 60 people"), it admits to collecting metadata about American citizens' calls. This metadata includes information on the number dialed, the time and date of the call and the call's frequency. Such data collection enables the agency's analysts to "chain out" connections between suspected terrorists to build a better idea of who is communicating with whom. The NSA is doing so with the implicit permission of judges on the Foreign Intelligence Surveillance Court (FISC), which has, for the past seven years, authorized such data collection activity.

The NSA's collection of metadata is at the heart of the case before Judge Leon, which was filed by attorney Larry Klayman, founder and former chairman of conservative government watchdog group Judicial Watch. Klayman filed suit against the Obama administration on behalf of several plaintiffs earlier this year.

In issuing his ruling, Leon called NSA's collection of metadata "almost Orwellian," an "'indiscriminate' and 'arbitrary invasion'" that likely violates the Fourth Amendment to the United States Constitution - the part of the Bill of Rights which prohibits unreasonable search and seizure and requires a judicial warrant to be supported by probable cause. The Justice Department claims such metadata collection is not covered under the Fourth Amendment, since it's routinely collected by phone companies for billing purposes and shared voluntarily.

Judge Leon waved off an attempt to cite a 1979 Supreme Court case often cited by the Justice Department as a precedent. In that case, the Court ruled that a "pen register," a device phone companies used to record numbers dialed from a particular phone line, did not violate the Fourth Amendment. Judge Leon explained that technology has changed dramatically in the intervening decades, altering both the quantity and quality of information the Government can collect. He also said that the Justice Department had failed to prove that such metadata collection had actually helped to head off any terrorist attacks.

Last month the Supreme Court refused to hear a petition filed by the Electronic Information Privacy Center about the NSA metadata program. Leon's ruling suggests that the issue is going to end up before the Supreme Court eventually, however.

This past July Apple joined Google, Microsoft and several other large technology companies to call for greater transparency by the NSA to help restore public trust in their products and services after it was revealed that the agency's PRISM program tapped into their data directly.

Source: Politico

TVCatchup has been a favorite among UK iPhone owners for many a year, offering a free way to watch domestic television on the go. Sadly, the TV providers haven't all been fans of the service, and following legal proceedings some changes are now to be made to the TVCatchup offering.

As a result, some channels have now been removed completely from the mobile apps, while offering a redirect to the broadcasters own services via the web client. Other channels such as ITV1, Channel 4 and Channel 5 are no longer available to watch via the mobile apps using a cellular connection. It wouldn't be so much of a pain if the providers own apps were better than they are right now.

TVCatchup does say that additional content, including HQ channels will be added going forward, but it's a sad piece of news for those of us – myself included – that make regular use of the service. How does this affect your own usage?

Source: TVCatchup

With iOS 7 Apple has taken their existing support for Enterprise, Education, and Government to the next level, adding even more functionality and better iPhone and iPad device management. This follows years of Apple adding more and more features that allow IT administrators to have more control over iOS devices. iOS obeys all Exchange ActiveSync policies plus it can be further controlled and configured via iOS Configuration Profiles that allow administrators to pre-setup connections to your company's email system for example, or to pre-setup connections to your company's secure Wi-Fi networks, but also restrict the device in many ways including preventing access to the iTunes App Store, or the Safari browser. These are just two examples but the list is quite long.

This has always made iOS devices much more attractive in the enterprise and other platforms like Android have not been adopted because of their lack of support of all ActiveSync policies, but also because there are no ways of restricting apps or pre-setting up things like email or Wi-Fi, amongst other things.

iOS has also provided what are called Mobile Device Management (MDM) Application Programming Interfaces (APIs) that allow MDM vendors like Air-Watch or MobileIron (to name just two) to securely query and control iOS devices.

Lets take a look at the new management features found in iOS 7.

Managing Apps with iOS 7

In iOS 6, through the use of MDM APIs you could:

• Install Apps via MDM. This feature tells the user that they must install an app. The user could ignore this message and the administrator will have to decide how to handle this. They could set the MDM system to automatically lock their device out until they install the app. They could keep calling the user asking them to install the app. Either way, the app cannot be installed for the user by the IT team.
• Delete the app and its data. In much the same way as the app install, the user can only be told they must remove the app. If they don't action can be taken including locking them out of corporate access.
• Prevent app from backing up to the iCloud. This prevents an app you have deployed to a device from backing up its data to iCloud.

With iOS 7 the following has been added:

• Silent app installation. Now via the MDM API, an IT administrator can send an app to the device and have it installed silently in the background. There is no need to ask the user which delays compliance, the app just installs itself. This works both for apps in the iTunes App Store that the company may have purchased a volume license for and apps developed by the company itself for internal use, that are not stored in the iTunes App Store.
• App configurations. This is a very powerful feature that allows an app to receive configuration updates. This could be any configuration information like a URL that the app currently uses for example. The IT administrator can send this configuration update to the app and the app ingests it immediately and from that point onwards has different behavior. Those of you familiar with the old BlackBerry Enterprise Server (BES) may remember that corporate BlackBerry apps can also be configured in a very similar way by adding extra configuration strings to the IT Policy.
• App feedback. Another very powerful feature allows an app to report back, or provide feedback to the MDM system. This could be anything the developer wants to send like errors the app is encountering for example. Allowing the app to provide feedback will certainly cut down on app troubleshooting and even help desk call lengths as companies will now have visibility into the app on a user's iOS device. The MDM system can then make the feedback available in a secondary system to be consumed by that system.
• Managed "Open In". When you choose to open a file (like an attachment) or share a URL or file, you are presented with the Share Sheet that lists all apps that can deal with that file type. With Managed Open In, an IT administrator can, via an MDM system, limit the list of apps that are presented to the user on the Share Sheet. This allows a company to ensure that all data that is stored in corporate apps cannot leak out through an inadvertent sharing to public systems or apps not controlled by the company.Managed Open In can be applied to apps and managed accounts meaning that if you are using your companies email account and want to open an attachment, the list of apps to use is restricted, but if you are using your personal account (like Gmail, Outlook, Yahoo!, etc., the list of apps will be unrestricted).
• Control which apps use cellular data. iOS 7 brings that ability, via an MDM command, to specify which apps can use cellular data. You can imagine how useful this can be for an organization who wants more control over data usage on company provided iOS devices.
• Extra Accessibility Options for Single App Mode. Interestingly for a while now iOS has supported the ability for you to set the device to Single App Mode. This forces the device to only run a certain app no matter if the device is rebooted or the user presses the Home button. iOS 7 brings more control to how this app behaves and more importantly, allows an app to request Single-App Mode, and then later request to exit that mode. Through an MDM setting, you can decide which apps can request Single App Mode. Single App Mode is a good solution for situations like exam taking, kiosks, Point of Sale apps, etc.

Single Sign On (SSO) in iOS 7

In previous version of iOS, apps written by the same vendor could share login information allowing a user to login only once into one of the apps, and then be automatically logged into other apps by the same vendor. In iOS 7, this can now be done for any app. This means that via MDM, an IT administrator can allow one or more apps to share a common set of login credentials. This is not restricted to apps built by the same vendor, but any apps that the IT administrator assigns.



SSO supports a group of apps, and a group of URL prefixes. Supporting URL prefixes allows an enterprise to tell an iOS device that if the user (or an app) browses to a URL that starts with a common phrase (e.g. https://iMore.com/thisisprivate) then the SSO information must be passed to the web server.

Improved Apple Store Volume Purchasing Program (VPP) in iOS 7

Today an enterprise can make volume purchases of an app using a special VPP portal. Once an app is purchased, the enterprise is provided with codes that allow the app to be installed on multiple devices (one code per device). MDM vendors try and make this a bit easier by managing the code assignments and revocations themselves but remember that since an app cannot be uninstalled remotely, revoking the code just means that the app is now not legally allowed to be on a device.

In iOS 7, codes have been replaced by licenses. MDM vendors have been given new APIs to interact with a companies VPP portal and manage the installing and revoking of apps. When an app is revoked, the user is notified that they have 30 days to purchase the app themselves. If they don't, the app will simply stop opening after 30 days making it useless.

IT Administrators can purchase volume licenses for apps and books.

Per-App Virtual Private Network (VPN) in iOS 7

Today on an IOS device, the IT administrator can pre-configure a VPN so that when you start up apps that need access to company data, the VPN provides that secure tunnel into the organization. The problem with this approach is that the VPN is available to any app on the device. This allows personal and private data to be sent via your company's network (which normally means that the apps will break because the company blocks many sites that are considered personal) which could expose your companies data to a rogue app.

 In iOS 7, an IT administrator can specify a VPN per app. This means that only the apps that are provided by your company, and need company data, will start and use the VPN connection. Apps that are personal will simply connect to the Internet as they normally do. Apps managed and installed by your company are pre-configured at installation time to use a specific VPN connection. This approach is by far more desirable than the current iOS 6 approach.

Default Encryption Class for all Installed Apps in iOS 7

On all versions of iOS, including iOS 7, an app developer can choose to use one of three encryption classes for the files their app writes.

• None. This means that no encryption is applied to the file
• Complete With Authorization. This means that after the iOS device is rebooted, the data is encrypted until the user enters their device password the first time. After that the data remains unencrypted, even if the device is locked.
• Complete - This means that a file's data is encryption always until the user types in their device password and then it remains unencrypted until the device locks. The data is then encrypted again until the user enters the device password again. So essentially whenever the device is locked, the data is encrypted.

The encryption used by devices running iOS 6 and later have the US government's very stringent FIPS-140-2 certification which not only means that the encryption is excellent, but it means that iOS devices are able to be sold into the US government.

In iOS 7, this remains the same however any new apps that are installed will automatically be assigned to the Complete with Authorization class so that after a device reboot, the data will remain encrypted on the device until the device password is entered.

Prevent Keychain Secrets From Being Restored To A New Device in iOS 7

The encryption classes mentioned above also apply to items in the Keychain and in iOS 7 you are now able to set a new attribute which prevents Keychain secrets from being backed up from one iOS device and restored onto another one. This ensures that the Keychain secrets will only ever be revealed on one iOS device.

Manage Apple TV in iOS 7

Apple TVs are so cheap at $99 that they are ideal for classrooms and conference rooms. Using AirPlay, teachers in classrooms, or presenters in conference rooms can easily do screen mirroring from their iOS or OSX devices, or simply stream PowerPoint presentations or videos from their devices to the Apple TV. In iOS 7 (running on your Apple TV), IT administrators via the use of their MDM system, will now be able to enroll and control Apple TVs.

Using the MDM system, IT administrators will be able to do things like set the language and locale as well as pre-setting up 802.1X payloads for secure network access.

Manage AirPlay Mirroring in iOS 7

In iOS 7, an IT administrator can, via an MDM system, pre-setup iOS devices to start mirroring to a specific Apple TV, and also setup Apple TV whitelists and Apple TV passwords.

Streamlined MDM Device Enrollment for Company Provided iOS 7 Devices

Apple has added a much improved and streamlined method for enrolling company provided iOS devices (that is devices a company purchases and provides to their employees). This new enrollment method is not for Bring Your Own Device (BYOD)

It is a two-step process.

1. The company purchases devices and assigns them to the new Apple Enrollment Service, providing the enrollment settings (which include the URL for your MDM solution, and certain enrollment settings including the ability to skip device setup screens). This enrollment process can be handled via an MDM solution.
2. The employee gets their new iOS device sealed in the box and since the enrollment steps are built right into the device setup screens, simply runs through the normal setup screens. Because enrollment is now built into the device setup, the user will be prompted to login to your organization.

 The architecture of this new enrollment mechanism is as follows.

You'll notice from this architecture diagram that the MDM solution you use will be able to interact with the new Apple Enrollment service and your iOS and Mac devices to provide this automatic enrollment.

AirPrint In The Enterprise in iOS 7

AirPrint is a print protocol that allows for seamless and driverless printing from iOS and OSX devices. AirPrint printers (of which there are a lot – here's the list) are available to iOS and OSX devices via Wi-Fi and Ethernet connections, but in the future also via USB. The Bonjour protocol is used to find them but AirPrint printers can also be added to a company's Domain Name Server (DNS) as static printers and the iOS or OSX device is able to query DNS to find AirPrint printers.

AirPrint also supports IPPS (Secure IPP with TLS) for those worried about someone sniffing the contents of a print job going to an AirPrint printer.

 In iOS 7, via an MDM system, an administrator can pre-define AirPrint printers to iOS devices.

AirPrint has also added a few new classes of printers of interest to the enterprise that include Roll Fed printers, enterprise class laser printers, label printers, and Dye-sub photo printers.

Later this year certain consumer and enterprise print server manufacturers will be adding support for AirPrint which means that using AirPrint, iOS and OSX users will be able to print to any printer (no matter if it support AirPrint or not) attached to one of these print servers.

One anecdote about developing apps that you want to support AirPrint in, XCode includes a printer simulator that makes seeing your app's output very easy, certainly easier and cheaper than printing to a real printer.

Multipeer Connectivity in iOS 7

Multipeer connectivity is a new feature in iOS 7 that allows many iOS 7 and higher devices to communicate with each other over Bluetooth, Infrastructure Wi-Fi, and Peer to Peer Wi-Fi. Once connected devices can send message type data or stream data between devices.

 Since the process of connecting devices has been abstracted from the developer, it makes writing apps to support this technology very easy, in fact down to the point where the framework will use multiple radios to ensure that all device can communicate with one another no matter which radios each one may have enabled.

There is much more to read about Multipeer connectivity but I wanted to point out that this technology supports authentication and data encryption. This makes is possible for enterprises to make use of it since connections can be forced to be authenticated and the data is encrypted.

Multitasking For All Apps in iOS 7

iOS has for a while now, allowed certain apps (like GPS, VoIP, and streaming audio apps) to run in the background, but all other apps go to sleep and are paused once the user switches to another app or the device goes to sleep.

In iOS 7, any app can run in the background but in a manner that is conscious of battery life. You can read more on how iOS 7 handles multitasking but in the enterprise space this allows apps to be more up to date and new content available to the user before they switch to the app.

64-bit in iOS 7 (iPhone 5S and later)

iOS 7 is now a full 64 bit mobile operating system which provides short and long-term gains. In the short term it means a performance boost for the iPhone running on the Apple A7 chipset, as long as all apps running on it are 64 bit. This is because the 64-bit CPU provides twice as many integer and floating-point registers as the previous 32-bit CPUs allowing 64-bit apps to work with more data at once for improved performance.

Core iOS apps will ship as 64-bit apps of course.

Number crunching and working with more data at once will allow companies to create better number-crunching apps like financial dashboards, but also graphics intensive apps.

Biometrics in IOS 7 (iPhone 5S and later)

Touch ID is fingerprint ID sensor on the iPhone 5s that handles biometric authentication and authorization via a reader on the Home button and a secure enclave on the Apple A7 chipset. The Touch ID system is completely secure, and returns a simple yes/no response to iOS 7, which will then unlock or authorize a transaction. One of the biggest corporate hurdle is end-point security. Ask any Risk Management officer at a company what keeps him up at night and he or she will tell you that it is weak passwords.

Sure you can make your users enter 10 character alphanumeric passwords with special characters because it provides greater security, but you will likely be overruled by other company officers who want to make it easier to enter and remember those passwords. This ultimately leads to a compromise that makes the end-points unsafe.

Using your fingerprint to unlock your iPhone in a one-step motion will make Rick Managers happy, and your iPhone more secure.

Additional MDM queries and controls

There are additional MDM features in iOS 7 that don't fit into the above categories

This feature allows an IT administrator to prevent an iOS user from making changes to or removing accounts on the device. This prevents a user from tampering or removing a corporate account, for example to connect to Exchange.

This feature allows an administrator to control which devices an iOS 7 device can pair with. In iOS 6 and below, pairing was uncontrolled.

No information was provided about the restrictions and queries below so I am just listing them for completeness, however many are self-explanatory.

• Wallpaper Changes
• Find My Friends Changes
• Define Service for Text Selections
• Limit Ad Tracking
• iCloud Keychain Sync
• Over-The-Air PKI updates
• Lock screen Wi-Fi and Airplane Mode buttons
• Ability to Set a Custom Lock Screen
• Put a device in Lost Mode
• Disable Personal Hotspot
• Query a device to see if it has the HotSpot enabled
• Query the device to see if has Do Not Disturb enabled
• Query the device to see if it has Find My iPhone enabled
• Query the device to see if it has an iTunes account signed in.

The Bottom Line

Since iOS 4, Apple has been catering to the enterprise, government, and education space through the implementation of hardware file system encryption and the plethora of MDM controls that can be used to tightly control iOS devices.

iOS 7 has made the case for iOS in Enterprise, Education, and Government stronger. Even if Apple's primary audience is the consumer, it has been quietly supporting the enterprise in a big way which is the reason we see much more iOS than Android in the enterprise space.

• Complete iOS 7 review
• More iOS 7 tips and how-tos
• iOS 7 help and discussion forums

So, you were planning to upgrade to the iPhone 5 until last week when Apple said it would be discontinued. While the iPhone 5c is essentially the same phone inside, we get it; colorful plastic isn't for everyone. The iPhone 5 has that same metal clad exterior as the new iPhone 5s, and for some that's the differentiator. The good news for UK buyers; there are still plenty of places you can pick one up. You might not have long, but if you want one, here's where to go!

The carriers

Aside from Vodafone, the other three major carriers all still show availability of the iPhone 5, some on pay-as-you-go as well as on contract. If you head to Three, you can pick up all three sizes of iPhone 5 on contract from £31 per month with up front payments beginning at £29 for the 16GB version. On pay-as-you-go, you'll be looking at £499 through to £699 for the different sizes in both black and white.

EE still offers the iPhone 5 on a range of its 4GEE plans which begin at £26 per month with differing up front payments. The ones to really look at though are the £41 and £46 plans, with £19.99 and £9.99 respectively up front for the phone. £46 gets you 10GB of 4G LTE data should you be in a supported area, and a minimal initial payment. The other advantage to EE is their new 'Swap' promotion, which allows the trade in of certain phones after 6 months or more of your contract for a newer phone. The iPhone 5 is currently one of those phones, so if it is in 6 months you could also have an upgrade path to the iPhone 5s.

O2 is offering the iPhone 5 both on contract and on pay-as-you-go, though price on the latter is £549.99, quite a bit more expensive than on Three. On contract, you're able to pick one up on the O2 refresh plan which splits the cellular cost and phone cost into separate chunks allowing you to upgrade early by paying off the phone. For £47 a month you can get an iPhone 5 for free with 4GB of data, though it will only work on O2's 3G network.

The bottom line; from these three carriers there are still a good range of options to pick up an iPhone 5 at different price points. We don't know how much stock remains, or how long each of them will continue to sell the phone, so if you're set on one you need to act quite swiftly.

• EE iPhone 5 plans
• Three iPhone 5 plans
• O2 iPhone 5 plans

Third-party retailers

The two major high-street retailers, Phones4u and Carphone Warehouse, both still offer the iPhone 5 for sale. Phones4u will only offer it on a contract, and appear to only have the 16GB version in stock. The good news is that they're offering it "from free" and will be able to set you up on a range of deals across the various different carriers.

Carphone Warehouse will sell the iPhone 5 SIM free at a cost of £499.95 for the 16GB model. That's not a reduction from the price of recent months, but it still sits right in the middle of the iPhone 5c and iPhone 5s outright pricing. As with Phones4u, Carphone Warehouse will offer you the phone "from free" on a range of deals across the major carriers, so somewhere there's the right one for you.

The important thing to remember with these two high-street retailers; if you go into a store you stand a better chance of haggling out a better deal for yourself. And with the iPhone 5c and iPhone 5s inbound, you might be able to strike up a winner.

Online, Expansys currently still sell different capacities of the iPhone 5, starting out at £599.99 for the 16GB model. This is a huge increase over somewhere like Carphone Warehouse, or even a pay-as-you-go option on one of the carriers. More specifically, it's also a £50 premium over the iPhone 5s which lands on Friday, so at this point there's no reason to recommend buying one here.

There may also be stock left at other, smaller online retailers. If you find a good deal, drop us a note in the comments and let us know where you found it!

• Carphone Warehouse iPhone 5 deals
• Phones4u iPhone 5 deals

eBay and Gumtree

Don't forget about eBay. If the iPhone 5 is really the one for you, eBay is sure to be seeing an influx of pre-owned phones going up for sale to raise money to buy the iPhone 5s. While the majority may not be new, you could stand to save a healthy chunk of change if you're prepared to get either a pre-owned for refurbished iPhone 5.

Some retailers will also be selling new phones through eBay, and again there might be a great deal lurking within the pages and pages of listings. It's not necessarily the easiest way to get an iPhone 5, but it's likely to be the place you'll find them for longest.

Gumtree is all about pre-owned things, but I've found some great deals on there in the past. It doesn't come without risk, but again, there's going to be a whole lot of people trying to raise funds towards the iPhone 5s right now, so you could find a steal.

Your tips

So, that's just a few places you can still find a good deal on a new, refurbished or pre-owned iPhone 5. If you find a great deal somewhere, hit us up in the comments below and let us know what you got and where!

Lavabit, a private email service currently best known for being NSA whistleblower Edward Snowden's communication medium of choice, has suddenly and unexpectedly announced it's shutting down, hinting it would rather do that than comply with something it claims it's not even allowed to talk about. Ladar Levison, owner and operator, on the Lavabit home page:

And this bit at the end:

Apple, which we use for iCloud mail, has physical ties to the U.S. Google, which we use for Gmail, has physical ties to the U.S. Microsoft for Hotmail/Outlook, Yahoo! and the list goes on. Companies not shutting down and not leaving the U.S. may very well be capitulating to demands that violate the basic tenants of trust and privacy, two of the cornerstones of any consumer relationship.

Then again, which country could any such company go where they wouldn't be subject to the same spying, foreign and domestic? The NSA is by no means the only signal intelligence service in the world, and likely not the agency with the freest reign to surveil both their own citizens and others.

Privacy likely died the day the internet came online. Operating in shadows, however, leads to rot. Hopefully more information comes to light, so everyone can make better informed decisions, either way.

Source: Lavabit, thanks G!

The Department of Justice's settlement proposal for Apple was called punitive and draconian by Apple itself, but now the ebook publishers who previously settled with the government are also objecting to the terms. According to Chad Bray of the Wall Street Journal:

Basically, it sounds like the DOJ wants to stop Apple from making more agency-model deals with publishers, and publishers want to make just exactly those kinds of deals again with Apple. So, it's in the publishers' self interest to object on Apple's behalf. No surprise there. They're businesses, they need to do what they feel is best for their business.

Once again, I think simply striking the most favored pricing clause from Apple's deals and forcing them to compete against Amazon, deep discounts or not, would be a better solution for everyone.

We'll see how this plays out.

Source: Wall Street Journal

What Governments are doing in relation to our phones is a hot topic at the moment, but a new report out of the UK claims that the Border Police can seize your phone and download all the data within it. The procedure can be applied under a domestic anti-terror law, with a blanket power so broad that reasonable suspicion doesn't even need to be established before hand. The report comes by way of UK newspaper The Telegraph:

Affected data can include call history, contacts, photos, and who the person is texting or emailing, but not the content of the messages. All border crossings fall under this, be that airports, seaports, even the international rail crossing between the UK and France. An independent reviewer of terror laws, David Anderson QC, is expected to raise concerns and recommend proper checks to ensure this power isn't being abused.

Given the furore across the water at this time, this latest report is surely not going to sit well with travellers to the UK, and even nationals. Speaking personally as a Brit, I can imagine how I'd feel if I were presented with this upon my return from a trip. What do you guys think? A step too far under the cover of 'anti-terror,' or are you happier that action is being taken at all?

Source: The Telegraph