It depends entirely on the circumstances, and it's not just a matter of
copyright. There's licensing, contracts, copying, etc. Analysis doesn't
necessarily involve copying, but...
"It is legally risky to bypass any “technical protection measures” (e.g.,
authentication handshakes, protocol encryption, password authentication,
code obfuscation, code signing) that control access to the code or any
That seems to be more about DRM, though, per
"Section 17 U.S.C. 1201, the anti-circumvention provisions of the DMCA,
prohibits circumvention of “technological protection measures” that
“effectively control access” to copyrighted works. The law also prohibits
trafficking in tools that are primarily designed, valuable or marketed for
"Reverse engineering generally doesn’t violate trade secret law because it
is a fair and independent means of learning information, not a
misappropriation. Once the information is discovered in a fair and honest
way, it also can be reported without violating trade secret law."
There's an exception allowing it for security purposes, though:
"Section 1201 contains an exception for reverse engineering, as well as
security research, encryption research, and the distribution of security
tools, all of which may support reverse engineering. "
"The list is offered just to give you an idea of the kinds of things that
distinguish permissible from impermissible reverse engineering:
You lawfully obtained the right to use a computer program;
You disclosed the information you obtained in a good faith manner that did
not enable or promote copyright infringement or computer fraud;
Your sole purpose in circumventing is identifying and analyzing parts of
the program needed to achieve interoperability;
The reverse engineering will reveal information necessary to achieve
Any interoperable program you created as a result of the reverse
engineering is non-infringing;
You have authorization from the owner or operator of the reverse engineered
software or the protected computer system to do your research;
You are engaged in a legitimate course of study, are employed, or are
appropriately trained or experienced, in the field of encryption technology.
You provide timely notice of your findings to the copyright owner."
Above from Coders’ Rights Project Reverse Engineering FAQ
TL;DR: It's a bit murky, but it's less likely if the FBI needs to copy the
existing iOS code to implement the backdoor they want - as opposed to being
able to modify the existing code with an update that was written entirely
"To our knowledge, no agency of the executive branch has argued, or
advised, that government copying is per se a fair use."
One academic article argues that the reason the software usually isn't
considered part of the fair use exception when seized by law enforcement is
that it's not part of the subject of a legal proceeding - I'm not sure that
applies in this case.
On Sun, Feb 21, 2016 at 6:16 PM, douglas rankine <
Question...can anyone, any group, any organisation reverse engineer
proprietary software, whether they keep it to themselves or not...If
so...can you please refer me to where it says so, in US, UK or
On 21/02/2016 22:19, Michael Best wrote:
I don't think reverse engineering it is a problem unless they try to
distribute that info or profit from it. Plus, reverse engineering is its
own analysis which provides some degree of separation (I think).
On Sun, Feb 21, 2016 at 5:16 PM, Andrew Hornback <achornback@xxxxxxxxx>
Would the FBI be liable in the event that they reverse engineered Apple's
product in order to break it? I'm sure that's part of the problem.
Personally, I've heard that the NSA has the capabilities to handle this
issue without making a big deal out of it, but they don't want to tip their
hand and prove that they do... so, we end up with the smoke and mirrors
show asking Apple to get involved. Of course, it could simply be their way
of asking Apple to validate the NSA's process...
From looking at the court documents, it appears that the FBI is simply
wanting Apple to circumvent the "self-destruct" routine within iOS so they
can brute force the password on the device. That doesn't break or negate
the encryption, it merely prevents the device from pulling a "Mission
Impossible" after they get the code wrong the 10th time.
Now, if Farook's employer had done things properly and implemented an
appropriate MDM solution prior to deploying the phone, we wouldn't be
having this conversation since the MDM client/widget/whatever you want to
call it operates at a low enough level to allow administration of the phone
without it being unlocked.
I also wouldn't be surprised to find some young, enterprising lawyer in
California to be soliciting those beneficiaries of Farook's employer's
services to file suit agains them for failure to properly safeguard their
data on those mobile devices. I figure someone's going to be screaming
about HIPAA and PII security in order to make a few bucks...
On Sun, Feb 21, 2016 at 4:11 PM, Michael Best < <themikebest@xxxxxxxxx>
What does copyright have to do with it? FBI isn't trying to redistribute
the code. Apple's NDAs and IP agreements might apply, but I don't see what
role copyright plays. (I'm asking, not arguing. I haven't exactly following
the case though, and I already got one major detail wrong lol.)
Sent from my iPhone
On Feb 21, 2016, at 3:45 PM, douglas rankine <
see url: <https://twitter.com/cfarivar/status/701430905076731906>
Even if the FBI did screw up...or Farooks Employer screwed up...or they
both screwed up...It wouldn't have made a lot of difference regarding what
is at present on Farooks phone. The back up was done on October 19th
whereas the crime was committed one and a half months later. In that time,
up until the time of the crime, the phone had NOT been backed
up...according to the affadavit from the FBI. From looking at the
affadavit, the FBI is saying that they agreed to trying to change the
password to see if they could get access to the back up, and the phone.
It didn't work, so that makes the FBI stupid because they should have
known. Does this mean that if the FBI/Farooks employer hadn't changed the
password that there would have been an automatic backup made?
Remember, according to the FBI, it is Apple software, it is copyright
and the FBI is not allowed under US Law to breach that copyright. Any
experts out there on Apples end-to-end encryption software, who isn't bound
by Apple's copyright and non-disclosure agreements? Perhaps they could
Whom do I believe? I'll reserve my judgement until the facts come
out!... :-) . Coward that I am...
Veritas aequitas liberabit vos
Veri universum vici
That 1 Archive <http://that1archive.neocities.org/>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.5
Comment: Hostname: pgp.mit.edu
-----END PGP PUBLIC KEY BLOCK-----