Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Iphone Security Apple

Grieving Father is Begging Apple to Unlock His Dead Son's iPhone (mirror.co.uk) 388

"A grieving father is begging Apple to allow him access to the photos stored on his dead son's iPhone," reports Time. In September Leonardo Fabbretti's adopted son died of bone cancer at age 13, and the father believes that two months of photographs are still stored on his son's iPhone. Last fall Apple staff attempted to retrieve the photos from their cloud-storage service, but the iPhone hadn't been synced before the 13-year-old's death. "Don't deny me the memories of my son," the father writes in a letter to Apple CEO Tim Cook. The father's letter tells Apple that "Although I share your philosophy in general, I think Apple should offer solutions for exceptional cases like mine," according to a British newspaper, while 88% of respondents in their online poll believed that Apple should unlock the phone.
This discussion has been archived. No new comments can be posted.

Grieving Father is Begging Apple to Unlock His Dead Son's iPhone

Comments Filter:
  • by danaris ( 525051 ) <danaris@m a c .com> on Saturday April 02, 2016 @10:44AM (#51827941) Homepage

    "Boo hoo, my emotions are more important than the whole world's privacy."

    Sorry, there is literally no way for Apple to build into a phone or an OS a way to unlock it for situations like this that won't also be vulnerable to governments and hackers.

    If you never see your son's photos, that will be sad for you.

    If Apple actually makes the changes required to make it possible for people like you to get in to phones like these regularly, that will be devastating for all iPhone users everywhere.

    Dan Aris

    • Re: (Score:2, Interesting)

      by Jamlad ( 3436419 )
      In other news, 88% of respondents don't understand math and only appeals to emotion.
    • by s.petry ( 762400 ) on Saturday April 02, 2016 @11:06AM (#51828047)

      First, my condolences to the father. My kid is in college now, but I would have taken his phone away if he locked me out of it. Why? Trust is always a two way street. Sadly many people neglect that fact, which results in issues like TFA is appealing and a massive amount of social problems. Your kid giving you the password does not indicate that you have to use it, and in a healthy relationship the parent would not even have to ask. The parent not using the password to snoop is the opposite direction on that two way street. Parents need to learn that lesson, or continue down the same old path of "I can't access my kids phone after something happened to them.", and "I never knew my kid was on drugs.", and "I never knew they were seeing an older person which led to something bad.", etc.. etc.. you get the point.

      The reason I called this a whopper of a fallacy is that it's an appeal to emotion on a massive scale (child, death, personal loss, disease). No matter how many appeals to emotion you stack up, it's still an appeal to emotion and fallacious argument.

      The fact that this massive appeal comes from an adult reeks of propaganda. Adults are often foolish enough to attempt to use an appeal, but media is usually better about not using them when they are so obvious. If it's a legit person and request, I can hope that they learn to rationalize their thoughts and then teach others to do the same.

      • Re: (Score:3, Insightful)

        you will be called names (like I was, in my similar post).

        those who try to get their way (gov shills, mostly, trying to erode the actual discussion, here, with noise and distraction) will keep at it and pick at OUR emotions.

        don't weaken, brothers! we have to stay strong and not allow those who would destroy what little privacy we still have left, for their personal power-grab needs.

        it does not matter WHAT emotional-tug reasons they give. we have to stay strong and ignore any insults they throw at us.

        when

      • by KGIII ( 973947 )

        That trust and behavior thing *might* be slightly modified if you know they're going to live their whole life in a shorter span than normal. I don't really know - I've never been in that situation. But, I might (I really don't know) be more compelled to not worry about things like trust and a phone if my child is going to die in the near-term.

      • by Livius ( 318358 )

        Adults are often foolish enough to attempt to use an appeal, but media is usually better about not using them when they are so obvious.

        I think you have that backwards.

      • by Megol ( 3135005 )

        Hypocrite.

    • by Tim12s ( 209786 ) on Saturday April 02, 2016 @11:12AM (#51828069)

      I would create multiple usernames/passwords that are allowed to unlock the system. E.g. Multi login. They keystore that secures the encryption on the device would then have to be doubly encrypted with two seperate encryption keys on the device using a public key of the 2nd user available on iCloud. The second encrypted store could be uploaded to iCloud and only decoded by that 3rd party who would then have access to decrypt the duplicated information.

      You could do PK key exchange via bluetooth or something more personal to prevent against MITM attacks.

      The device would then need a time delay to prevent that designated user from logging onto your phone through casual day to day usage. The device should only be accessable 30 days after not being used and would require the user to access iCloud to fetch and decrypt the store. The device would still be protected by encryption but may be decrypted by a designated person(s) so long as the designated person is nominated upfront.

      • by Pieroxy ( 222434 ) on Saturday April 02, 2016 @12:42PM (#51828501) Homepage

        You could also give your Dad the code to your iPhone, specially when you're fighting cancer and could die literally any minute.

        If he didn't do it, it *might* be because he wouldn't have wanted his dad anywhere near his phone. But we'll never know now, will we ?

      • More recent iPhones and iPads with fingerprint recognition effectively offer multiple passwords. Such devices can be configured to accept multiple fingerprints. You can teach the device the child's prints and the parent's.
        • by dgatwood ( 11270 )

          More recent iPhones and iPads with fingerprint recognition effectively offer multiple passwords. Such devices can be configured to accept multiple fingerprints. You can teach the device the child's prints and the parent's.

          In the actual story, it is revealed that in fact, they did precisely this. Unfortunately, Apple's half-assed fingerprint reader configuration refuses to let you unlock it with a fingerprint after 48 hours. When someone dies, chances are, you're dealing with funeral arrangements for way l

      • by KitFox ( 712780 )

        I would create multiple usernames/passwords that are allowed to unlock the system. E.g. Multi login. They keystore that secures the encryption on the device would then have to be doubly encrypted with two seperate encryption keys on the device using a public key of the 2nd user available on iCloud. The second encrypted store could be uploaded to iCloud and only decoded by that 3rd party who would then have access to decrypt the duplicated information.

        You could do PK key exchange via bluetooth or something more personal to prevent against MITM attacks.

        The device would then need a time delay to prevent that designated user from logging onto your phone through casual day to day usage. The device should only be accessable 30 days after not being used and would require the user to access iCloud to fetch and decrypt the store. The device would still be protected by encryption but may be decrypted by a designated person(s) so long as the designated person is nominated upfront.

        I feel that there are a lot of holes in this plan...

      • by KGIII ( 973947 )

        I want to know why phones aren't configured as multiuser systems with the ability to encrypt on top of that *and* the ability to have multiple profiles. I don't even believe the Ubuntu phone is configured to do that - well. I believe it is configured so that you can. The same thing with tablets.

        Why can't I have a full guest system available and an administrator account?

        Then, if they'd not explicitly encrypted the files - root would be able to access them. Or, well, any account with admin rights would be abl

    • by plover ( 150551 ) on Saturday April 02, 2016 @11:16AM (#51828099) Homepage Journal

      Sure there's a way. The owner of the phone could voluntarily use an Apple-provided key escrow service. If you buy an iPhone for your son, register a recovery key with Apple. If you buy iPhones for your employees, keep a recovery key for your company. If you buy an iPhone for yourself, and don't want a recovery key, don't register one; but don't cry to Apple if you lose your passcode.

      If the police have a warrant, they can demand the escrowed password, if one exists, because it's no longer 'personal' once it's shared. That's part of the conditions of using an escrow service.

      Does that make the escrow service a giant target for hackers and the NSA? Sure. Want to avoid that risk? Don't escrow your password. Your choice.

      • by dgatwood ( 11270 )

        Sure there's a way.

        In fact, there are probably dozens of possible ways. The first several that come to mind are:

        • A key escrow service like the one you mention (though this has significant security implications, as you mentioned, and Apple stopped doing that for precisely those reasons)
        • Remove the requirement that the phone be unlocked with a passcode instead of a fingerprint after 24 hours (remember, the parent's finger will unlock the device in this case)
        • An option to email an emergency unlock key (barcod
      • You can teach more recent iPhone and iPads the fingerprints of both the child and parents.
    • by Anonymous Coward on Saturday April 02, 2016 @11:33AM (#51828191)

      I'm curious why it didn't occur to him to have the phone unlocked before the sons death. It sounds like the child was terminally ill for all of that time.

      I can feel for him, but why should the rest of the iPhone users suffer because the teen didn't have the files backed up to the cloud and left the phone locked. AFAIK, the iPhone just defaults to encryption, it doesn't require it and it certainly doesn't prevent you from writing the password down.

      Part of estate planning in the 21st century is making sure that things like that are available to those that need them.

      • Apparently they did.

        They had it set so either his handprint or the kid's could open up the phone.

        But the battery died, so it actually turned off, and to get through the booting-after-turning-on process they apparently need a passcode.

    • Sorry, there is literally no way for Apple to build into a phone or an OS a way to unlock it for situations like this that won't also be vulnerable to governments and hackers.

      Nope. Apple already has a way to unlock the phone. That is why the father is asking. And, the government already has a way to unlock phones.

      • I suspect Apple technically currently has no way to unlock the phone. They almost certainly could build the tool that would allow them to unlock the phone fairly quickly/cheaply, but you don't fight the FBI quote that hard over a terrorist's phone if your chief engineer could just fire up the ol' hacking program and do the deed.

        The US Government clearly has a tool that will work on the iPhone 5c, but a) this guys is Italian not American, and b) there doesn't seem to be any info on what precise model his kid

    • by NicBenjamin ( 2124018 ) on Saturday April 02, 2016 @12:57PM (#51828571)

      The FBI hacked the San Bernardino phone already. That means the FBI/NSA/etc. have the ability to hack pretty much any 5c, themselves, with a rubber-stamp warrant (if they plan on using the evidence in Court), or no oversight whatsoever (if they're only planning on droning their poor victim) on any 5c (and from Apple's court filings, a hack that worked on the 5c was uncomfortably likely to work on more recent models as well).

      What are the odds the guy who sold the hack to the FBI isn't in negotiations with the Chinese, the Russians, the Angolans, the Emiratis, etc.?

      Apple won the battle they actually chose to fight (they weren't forced to hack their own tech), but they lost the battle for iPhone 5c privacy completely. By saying no to this guy they protect nothing because there is nothing left to protect.

    • Sorry, there is literally no way for Apple to build into a phone or an OS a way to unlock it for situations like this that won't also be vulnerable to governments and hackers.

      Apple already has a solution for this situation on iPhones and iPads with fingerprint recognition. Teach it the fingerprints of both the child and a parent.

      • They did that. But the phone ran out of battery and had to be restarted, and when restarted it needs the passcode.

    • And once they get the photos maybe they will realize that photos are nearly valueless when compared to memories of shared times together.
    • by KGIII ( 973947 )

      Pretty much my sentiments exactly. I sympathize but no... Well, Apple can if they want but "no" with regards to his position.

      The father's letter tells Apple that "Although I share your philosophy in general, I think Apple should offer solutions for exceptional cases like mine,"

      I have said this many times and this is a fine time to repeat it. If you're unwilling to accept the consequences of your beliefs, they're no beliefs so much as they're conveniences.

      Yes, consequences includes persecution, prosecution, death, torture, and getting a free cake on Sunday.

    • "No exceptions to mathematics."

      This is not mathematics, this is a policy decision, an engineering decision by Apple, and change is never more distant than the next firmware upgrade of the phone.

      Rules without exceptions tend to fracture under stress. It happens all the time --- and the geek should know better than to bet that the dam will hold no matter what.

  • No (Score:5, Insightful)

    by AnotherBlackHat ( 265897 ) on Saturday April 02, 2016 @10:48AM (#51827965) Homepage

    The right to privacy doesn't end at death.

    • Say that to Tutankhamun.
    • While I certainly disagree with even your premise, it definitely does not hold for a child keeping secrets from their parents.

      • I disagree with your premise that children do not have any rights to privacy, but even if you think that, it's not like this was a secret phone that the parents didn't know about.
        They didn't snoop his phone when he was alive. That sets an expectation that they won't after death either.

        If you wouldn't do it while they're in the room, you shouldn't do it when they're not.

        • I might not snoop on my kids, but I reserve the right to if they seem like they start doing something suspicious. Or, you know, if they die and can't care anymore. There is absolutely no harm that can be done to a person after their death. They are dead.

      • Gee, you would have a sh*t hemorrhage here. At 14 kids have the legal right to consult doctors and receive hospital care, and as long as the hospitalization is for 12 hours or less, can demand the parents never be informed. Makes it a lot easier for teens to get a free abortion. Also makes it easier to get treatment for STDs and contraceptives ( helps to have universal health and drug plans so the parents never see a bill ).
      • While I certainly disagree with even your premise, it definitely does not hold for a child keeping secrets from their parents.

        Sure it does. On a social basis the thought that you own your children's privacy is no different to the government owning yours. Privacy is a fundamental human right recognised by the UN. Human rights don't begin at age 18.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      in some situations, privacy rights of the deceased are gone... HOWEVER... OUR right to privacy doesn't end with someone ELSE'S death.

      apple has policy in place for these circumstances. if they couldn't provide the desired data because said data didn't exist in 'the cloud' then it's NOT apple's fault, nor the fault of the device protections. perhaps the should have communicated with his dying son -- he had cancer, they both KNEW his health was in danger -- and made sure parents could access all of the son's o

    • Re:No (Score:4, Interesting)

      by Sir Holo ( 531007 ) on Saturday April 02, 2016 @01:10PM (#51828641)

      The right to privacy doesn't end at death.

      By law, it does. Once dead, you are no longer a person.

      So, leave a will or similar. Cache all of your passwords in a two-factor form (two people who don't know who the other is, nor what the other's instructions are RE password determination). Your will can disclose this little dance they have to do. IANAL, but believe that a will is A/C privileged and/or private, so reduced risk there.

    • Umm... at death, nothing really needs to be private... I've seen plenty of dead folks, and not one of 'em was embarrassed...

      On top of that, a 13 year old can't sign a contract, etc. So in theory, the father (or kid's mom) is the "owner" of the phone...

      • by RLaager ( 200280 )

        If someone living knows that their private data could become public after their death, it may affect what they store while they are alive. Thus, providing some level of privacy protection to dead people may be beneficial to living people.

    • The right to privacy doesn't end at death.

      Then why does Apple grant you access to a deceased relative's iCloud account when shown the death certificate?

  • by Anonymous Coward on Saturday April 02, 2016 @10:50AM (#51827981)

    Where is Spock when you need him?

    This elevation of blubbering hysteria to a right that defeats all laws and principles is pathetic. The same thing happened with Google's Mic Drop Send feature, screamy proles demanding apologies.

    Do people not play board games any more? You're supposed to look one or two moves ahead, even if it's just checkers.

    Finally, "exceptional cases like mine," except that it isn't an exceptional case. It's an emotional case. It's a _less_ exceptional case than the last one where they refused.

  • minor? (Score:2, Interesting)

    by Anonymous Coward

    As a minor, they are unable to enter into contract. Therefor the phone belongs to the father in the first place.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      Then he should have known the password and made sure it was synced properly.

      It also doesn't matter who legally owns the phone, since Apple is UNABLE to unlock it.

      I used to work for a carrier, we'd have to tell people to wipe their phone all the time when they didn't know the password.

      • Obviously you don't have any children nor teens to say he should know the password. Next, if Apple is unable to unlock it, there is an israeli firm who is able to unlock it. Too bad Apple is less proficient in security for its own products than external firms.
        • by Lumpy ( 12016 )

          "Next, if Apple is unable to unlock it, there is an israeli firm the FBI made claims but submitted zero proof of their ability to unlock it."

          FTFY. The FBI made a claim with zero proof they did what they claimed. and the FBI is as trustworthy as the CIA,NSA, and Congress.

        • I apple acknowledges it can decode that phone (I am assuming it is an older phone with software Secure Enclave) then it is subject to court order to decode everyone's phone.
      • It also doesn't matter who legally owns the phone, since Apple is UNABLE to unlock it.

        Well, no. Since the kid probably didn't use a 20-digit PIN, Apple could write special software to brute force it.

  • by ModernGeek ( 601932 ) on Saturday April 02, 2016 @10:52AM (#51827993)

    This is obviously the government trying to sway public support, the entire story being a red herring.

    • by TheGratefulNet ( 143330 ) on Saturday April 02, 2016 @10:57AM (#51828011)

      they will try ANY and EVERYTHING to pull at our heart-strings.

      "PLEASE!!! we have a REAL reason this time! oh, pretty please with sugar on top??"

      my god, this is pathetic. while its understandable that the 'issue' here is upsetting, it may not be real - and even if its real, its still a privacy attach by you-know-who against the rest of us.

      the governments are showing their true colors right now. some level of evil that we have not even seen on villian/superhero style movies.

      they will keep at it, trying to emotion-us into giving them total panopticon powers. we have to stay vigilent and refuse every attempt to destoy privacy via 'emotional cases' like this.

    • by amxcoder ( 1466081 ) on Saturday April 02, 2016 @11:45AM (#51828245)
      This was my first knee-jerk reaction as well. Right after they couldn't win a court case involving the same thing, it's convienient that now a personal more heart touching request is being made by a non-government agency. This raised red-flags immediately when I read.

      While I feel for the guy, and understand the reason behind his request, my next logical reaction was "why didn't you get the password from your son before he passed away?". If it was a sudden, unexpected death, like a car accident or something then I understand not having plans for that, but this was cancer... he had time (maybe little, maybe a lot (while for the family, not enough time in general), but there WAS time to get that info from him while he was alive. Or to have the son take his password off the phone so it was unlocked and not protected at all.

      I understand when a family is going through something like this, they don't want to think of all the things that need to be done on a rational level, but this proves that you still have to think of and deal with issues while you can if you are going to consider them important after the fact.
  • by ihtoit ( 3393327 ) on Saturday April 02, 2016 @11:12AM (#51828067)

    They unlocked my late mum's iPhone last October after they were shown the death certificate. No problem.

  • by Dunbal ( 464142 ) * on Saturday April 02, 2016 @11:17AM (#51828103)

    "Don't deny me the memories of my son,"

    What the actual fuck?

  • by ArchieBunker ( 132337 ) on Saturday April 02, 2016 @11:23AM (#51828147)

    We have this pedophile who could strike in YOUR neighborhood next! We need to decrypt his phone before he gets to your children.

  • He can spend $290,000 to that company in israel to get the photos for him.... If the photos are that important than money is absolutely no object.

  • There are two people in my life who know the lock code to my phone. I have given them my lock code in the event it needs unlocked and I am incapacitated or flat out dead. While this is truly tragic, the kid was already dying of bone cancer. It should not even have been a matter of thinking ahead, as his impending death was already likely.

    This is all so heart rending, I hate to throw in the bad parenting card but it needs to be played. It is fine for a 13 year old to have a lock code on their phone. It is n
    • Good way to model how trust is supposed to work - NOT IN A MILLION YEARS. What else do you do - spy on them in the bathroom or stick an IR camera in their bedroom to catch them masturbating? Send drones to follow them wherever they go? Throw a fit when they don't want to friend you on Facebook because they don't want you to embarrass them?
      • by wjcofkc ( 964165 )
        Trust and parental responsibility do not have to be mutually exclusive. We are talking about the 13 year old range. We are talking about an age of naivete and vulnerability in conjunction with a powerful device that can create powerful trouble. The article is talking about wanting to get at the phone of his dead son. But, he did not know the lock code to his 13 year olds device. I am also talking about knowing the lock code should something seem off. I never said a word about going through the device. I
  • What did the FBI say when he asked them for help?

  • There is no way that any apple owner would be OK with the idea that if they ever forget their password, their phone is bricked. So what do they do when the owner contacts them asking for a password reset?

    • by KitFox ( 712780 )

      There is no way that any apple owner would be OK with the idea that if they ever forget their password, their phone is bricked. So what do they do when the owner contacts them asking for a password reset?

      If they forget their password, all the data on it is (theoretically securely) erased and the phone is factory reset.

      But what if the phone was the only source of that information?
      Then what if the phone got sat on wrong and broken? Much worse than losing the password, but the same loss of data.

      And to the original observation...
      There is no way that any apple owner would be OK with the idea that their phone would not be usable if they forgot to charge it for a whole week.
      There is no way that any apple owne

  • More sleds for the top of the slippery slope.

  • I'm sorry but if something happened to my son or my daughter I would just do a password reset on the device. Why can't he? Did he not know the iTunes account it was linked to. Did he never do that. I know he is grieving but its still his responsibility not apples to properly set up a child's device.

  • I don't know why no one has suggested yet that this is obviously the FBI trying another route to get Apple to create a backdoor into iOS for them by playing the emotion card.

  • As next of kin/legal guardian he should actually be legally entitled to have access to his accounts, claiming them on the same premise as bank account or other posessions.
    Then again IANAL.

Every nonzero finite dimensional inner product space has an orthonormal basis. It makes sense, when you don't think about it.

Working...