Apple doesn’t have a stance of not unlocking phones for law enforcement. They give law enforcement whatever they’re asked for by subpoena.
Apple‘s stance is to build strong encryption so that they can’t access customers data. What they have refused to do is weaken that encryption so that they could start complying with future requests or sign tampered with firmware that would allow the decryption without user authorization.
Apple does have this stance. They have been subpoenaed before to assist in unlocking older iPhones that don't have as strong protection of user data as modern iPhones and they refused those orders as well.
Basically older iPhones without the modern secure enclave enforced the password attempt lockout period in software so the FBI obtained a court order to force apple to create and sign a new version of iOS that would not enforce the lockout period, which would allow the FBI to guess the password. Apple refused to create this new version of iOS and the FBI eventually retracted their request.
Modern iPhones enforce the lockout period in the secure enclave hardware so this is no longer something Apple could even possibly assist with.
The case you reference did not involve a subpoena but an order under the All Writs Act. Annorder which compelled certain behaviour unless the order was appealed within a specified time. Apple appealed the order within that time period and thus was in full compliance with the order. The government withdrew the case before the courts could rule whether the order was legal. I assume Apple would have complied with it if it was ruled so. What we do know from this case is that Apple did attempt to assist the FBI with accessing the phone even without a court compelling them to do so.
> …sign tampered with firmware that would allow the decryption without user authorization.
Apple wrote the firmware for everything. I assume they could write firmware to not need authorization, embedded in a copy of iOS, and sign everything so it could be installed on a phone through DFU.
They have been unwilling to do so. I think they’re right not to. But I suspect it is technically possible.
There have been multiple credible sources with internal documents claiming that iPhone with the current firmware (>17) can’t be hacked currently.
It’s in constant flux, obviously, but iOS is very advanced on this aspect. Android phones on the other hand, apart from the Pixels >6, are all hackable with appropriate tooling.
As far as i remember there is a single leaked document about a specific celebrite version that had iOS 17 marked as already supported for some devices up to version 17.0.3, versions 17.1 to 17.3.1 as coming soon and 17.4 as in research..
And that document is from last April, 7 months ago, no one really knows how things progressed after that..
Best assumption to make is that all those versions are supported by now..
support for iOS 18 could be available or not, we do not know.. So again i will assume it is supported until the opposite is proved..
But all the latest iPhones in latest iOS versions were only supported in AFU, that apple is handling with this reset feature, or IPR, that require USB being unlocked and is extremely time sensitive as there are already defenses in place..
I would think that the secure enclave controls the device (un-)locking process and also wouldn't install OTA firmware updates nor accept commands from USB-connected peripherals while the device is locked.
Settings > Passcode > Allow access when locked: [_] Accessories.
Off by default, providing a one hour timeout since last phone unlock; or instantly, upon biometric rejection or after holding power-volume-up to reach the power off menu.
Macs are typically enabling an equivalent to this by default as well now, as of the latest macOS update.
They also refused to make a build (signed by Apple) which would remove any of those protections, though technically possible, but would have tainted their products as backdoored. They were prepared to argue forcing them to do that would be the government compelling speech, a violation of the First Amendment, a precedent the FBI didn’t want, and so turned to a CellBright type service instead. Apple did make public statements at the time against backdooring devices which might be construed as a stance.
Apple‘s stance is to build strong encryption so that they can’t access customers data. What they have refused to do is weaken that encryption so that they could start complying with future requests or sign tampered with firmware that would allow the decryption without user authorization.