I've reached the point where this seems like both sides are being disingenuous. The FBI keeps screaming about how they need these back doors, yet they have tools to get into most any phone they want. Apple says they will not allow back doors, but they MUST be able to get their hands on these devices, examine them, and close the vulnerabilities, yet they haven't.
I see both sides claiming to be the good guys, claiming to be protecting the public. All the while winking at each other.
How is Apple winking at them? They've offered no backdoor, and contrary to your claims, continually are locking down vulnerabilities that have been used in the past by companies making these devices. That's why some of these exploits only work up to iOS version x, or certain hardware models, so on. Wasn't the ability to disallow USB accessories when locked a specific response to these cracking tools?
Question for the author: Apple currently provides the FBI (when appropriate) with iCloud data. If I told you that this capability of Apple means that your (and everyone's) iCloud data inevitably will fall into the wrong hands — would you believe me? If not, why not? And if not, then what would happen if Apple also stored your passcode in iCloud?
I'm not sure what the relevancy is.
Apple provides iCloud data that it has, with a court order. The FBI can't just ask for the data. This iCloud data provision isn't a backdoor that would be created that can be exploited by miscreants.
So if Apple stored your passcode in iCloud, that would also be safe from miscreants?
I have no idea where you're going with this, and I may be missing something, but this doesn't seem relevant at all.
Apple doesn't store passcodes in iCloud. It never will, and hasn't ever done this.
This does not prove what you think it does. Neither your login passcode on your Mac nor your unlock code for your iPhone or iPad are stored in the Keychain.
Edit- others have beaten me to this point.
But what’s the significance of that, if there is an apparent way for FBI to access iCloud content (under rare/undocumented legal conditions) ? Which makes the whole backdoor discussion a side-issue (and a symbolic verbal excercise to defer public attention from the core security dilemma...)
A backup stored in the cloud is not the same thing as access to data on a device itself. I don't backup to iCloud, I use my Mac. So only certain data is available in my iCloud account that Apple can provide the FBI with a warrant. They don't have access to the data on my device, which is secured both on my iPhone itself and on my Mac, both encrypted, and Apple doesn't have the key to either. If they created a backdoor, then they, the FBI, Russian hackers, etc could potentially access my data on those devices.
Question for the author: Apple currently provides the FBI (when appropriate) with iCloud data. If I told you that this capability of Apple means that your (and everyone's) iCloud data inevitably will fall into the wrong hands — would you believe me? If not, why not? And if not, then what would happen if Apple also stored your passcode in iCloud?
I'm not sure what the relevancy is.
Apple provides iCloud data that it has, with a court order. The FBI can't just ask for the data. This iCloud data provision isn't a backdoor that would be created that can be exploited by miscreants.
So if Apple stored your passcode in iCloud, that would also be safe from miscreants?
I have no idea where you're going with this, and I may be missing something, but this doesn't seem relevant at all.
Apple doesn't store passcodes in iCloud. It never will, and hasn't ever done this.
This does not prove what you think it does. Neither your login passcode on your Mac nor your unlock code for your iPhone or iPad are stored in the Keychain.
Edit- others have beaten me to this point.
But what’s the significance of that, if there is an apparent way for FBI to access iCloud content (under rare/undocumented legal conditions) ? Which makes the whole backdoor discussion a side-issue (and a symbolic verbal excercise to defer public attention from the core security dilemma...)
A backup stored in the cloud is not the same thing as access to data on a device itself. I don't backup to iCloud, I use my Mac. So only certain data is available in my iCloud account that Apple can provide the FBI with a warrant. They don't have access to the data on my device, which is secured both on my iPhone itself and on my Mac, both encrypted, and Apple doesn't have the key to either. If they created a backdoor, then they, the FBI, Russian hackers, etc could potentially access my data on those devices.
It’s pretty much guaranteed that the backdoor key would be leaked in the space of a week.
How on Earth could they stop it wouldn’t fall into the wrong hands?
Let me clarify what Apple wouldn't: Barr is a completely corrupt AG and a liar who knows exactly what he is pushing for doesn't stand up to legal scrutiny or even simple logic. He wants a magical key that he thinks Apple has (when it does not), and would magically only work for the "good guys." The level of stupidity or (more likely) just plain evil required to maintain that wholly extra-constitutional belief and expect us to swallow that he genuinely hasn't been told the facts beggars credibility.
America, as a society, makes trade-offs for every single one of its "freedoms." To have free speech, we must sometimes hear hateful speech. To have voting, we must be ever-vigilant against election-rigging. To have a safe common good, we have to accept some limitations on total "freedom" (like obeying traffic signals, as an example). In order to be secure in our persons and papers (as it says in the Constitution -- 4th Amendment), in an age where our "papers" are digital -- we need strong encryption. The trade-off is that is that law enforcement has to continue work other angles or find methods to obtain evidence -- just as they have always done, and continue to do. Barr just wants to be lazy and exploit his power over both legit criminals and imagined enemies with a total lack of oversight.
Law enforcement has never been an easy job. That is the case (as laid out in the Constitution) for a very good reason -- both bad actors and the law-enforcement agencies themselves, given too much power, have a long track record of abusing any privacy-reducing advantages they obtain. Nobody knew that better than the Founding Fathers, who declared independence due to an overreaching King with too much authority.
Giving Barr the delusional power he wants will not help law enforcement -- it will completely destroy public trust, and leave a weakened United States with nothing to stop it turning into the very sort of authoritarian state the US routinely rails against.
it will completely destroy public trust, and leave a weakened United States with nothing to stop it turning into the very sort of authoritarian state the US routinely rails against.
We are already a weak authoritarian power already, thank you very much.
I've reached the point where this seems like both sides are being disingenuous. The FBI keeps screaming about how they need these back doors, yet they have tools to get into most any phone they want. Apple says they will not allow back doors, but they MUST be able to get their hands on these devices, examine them, and close the vulnerabilities, yet they haven't.
I see both sides claiming to be the good guys, claiming to be protecting the public. All the while winking at each other.
How is Apple winking at them? They've offered no backdoor, and contrary to your claims, continually are locking down vulnerabilities that have been used in the past by companies making these devices. That's why some of these exploits only work up to iOS version x, or certain hardware models, so on. Wasn't the ability to disallow USB accessories when locked a specific response to these cracking tools?
Somehow the FBI always gets into the phone when it wants.
There’s very little we can do as long as our society, as a reflection of the human condition, is obsessed and overwhelmed by fear - as it always has been. If a threat exists, it must be eliminated, no matter the consequences. Wolves snatching a baby or your neighbor’s chickens - kill ‘em all. Home invasion reported on the news - get yourself a Glock, and maybe a shotgun or two. Someone caught using a cell phone to plot an attack - tap all the damn cell phones and start listening in on everyone, or at least those people who look rather shady, i.e., not like “us.”
It’s a given that most fears are warranted at some level and it’s not wrong to take action to mitigate risks. However, there needs to be balance and a feedback loop that asks the question “What are we giving up when we take a specific action against a specific risk?” The US Constitution was intended to be a vehicle that gets inserted into the feedback loop as a means to make sure we are asking the right questions and weighing the larger consequences of those actions against the things that we most cherish.
Without a feedback loop that establishes thoughtful, difficult, and deliberate evaluation a childish hysteria sets in and a fundamental right and foundational values that serve us are gone forever, never to return. I say “difficult and painful” because oftentimes doing the right thing and accepting that not all risks are going to be fully mitigated, by choice, is very hard to accept. But it’s still the right thing to do and is a fundamental part of being an adult living by a set of standards that we value - and have stated as such in our Constitution.
It’s unfortunate that over the next six months or so we’re going to witness and be subjected to a constant barrage of fear mongering and assertions that we don’t need feedback loops, that we should simply succumb to our childlike fear processing, and that it’s acceptable to respond with open-loop emotionally driven reactions that ignore the long term consequences of our actions, especially if it’s “our side” that wins the argument.
If the FBI can break in with enough effort, then a backdoor isn't exposing anything not already exposed.
You can't have it both ways, and your article dances around this point in order to seem coherent.
You seem to be content with the fact that it is "hard" for the FBI to break in...or that only those with "a lot of money" can break in.
No one said a theoretical backdoor has to be "easy" to use.
So frankly the argument against a backdoor in principle is bunk. What you actually mean is that any backdoor must be at least as difficult to open as the average security hole, and then you're OK with it somehow.
With or without a backdoor, the devices will always be less than 100% secure.
Moral of the story: It is one thing to rail against backdoors, belligerently pretending that it's a simple topic about encryption. It's another thing to do that and then suggest that we don't need it because there are enough security holes to exploit. Yikes.
Whether you like Barr or not or agree with his reasoning or not, what he did was set the stage for the Congress to begin hearings on the subject and start down the path of creating new laws to address this issue. It does not matter what Barr feels or think about what Apple is doing, there is no law that Barr or any court has to force Apple to unlock what someone purposely locked. This why Apple has been able to hold its position with no legal consequence.
If Congress creates new law that says Apple have to create a back door to encrypted devices there is nothing Apple can do at that point.
If you think this might not happen, think again there are lots of people in Congress who agree that law enforcement should have access to people's data. There are precedents on this subject, the government has passed laws which gives law enforcement access to otherwise private stuff with a warrant.
Keep in mind, the previous complaints came from the FBI, this time is the DOJ and they are making a legal arguments.
^ This is what actually matters at the end of the day. Apple needs to take responsibility before such laws get passed that make things worse for everyone.
In the old days of crime what means did criminals have to communicate privately that couldn't be subverted by law enforcement? Not much. Today as vast criminal enterprise can communicate over iMessage with 100% privacy and no one law enforcement anywhere can read, intercept, or decrypt those messages. That is the reality that Apple has created, and they need to take some responsibility for it.
Regardless of anyone's stance on "backdoors", there are only 2 options here: - Create the means of access on their own terms without oversight ensuring the best possible solution that is still as secure as it can be under the circumstance. - Do nothing, maintain obstinance and refuse to acknowledge their responsibility, and be forced to do it anyway with more rigid and ridiculous requirements that make the end result far less secure for everyone than if they had done it before.
That's it. There is no 3rd option that involves doing nothing and keeping encryption the way it is indefinitely.
Whether you like Barr or not or agree with his reasoning or not, what he did was set the stage for the Congress to begin hearings on the subject and start down the path of creating new laws to address this issue. It does not matter what Barr feels or think about what Apple is doing, there is no law that Barr or any court has to force Apple to unlock what someone purposely locked. This why Apple has been able to hold its position with no legal consequence.
If Congress creates new law that says Apple have to create a back door to encrypted devices there is nothing Apple can do at that point.
If you think this might not happen, think again there are lots of people in Congress who agree that law enforcement should have access to people's data. There are precedents on this subject, the government has passed laws which gives law enforcement access to otherwise private stuff with a warrant.
Keep in mind, the previous complaints came from the FBI, this time is the DOJ and they are making a legal arguments.
^ This is what actually matters at the end of the day. Apple needs to take responsibility before such laws get passed that make things worse for everyone.
In the old days of crime what means did criminals have to communicate privately that couldn't be subverted by law enforcement? Not much. Today as vast criminal enterprise can communicate over iMessage with 100% privacy and no one law enforcement anywhere can read, intercept, or decrypt those messages. That is the reality that Apple has created, and they need to take some responsibility for it.
Regardless of anyone's stance on "backdoors", there are only 2 options here: - Create the means of access on their own terms without oversight ensuring the best possible solution that is still as secure as it can be under the circumstance. - Do nothing, maintain obstinance and refuse to acknowledge their responsibility, and be forced to do it anyway with more rigid and ridiculous requirements that make the end result far less secure for everyone than if they had done it before.
That's it. There is no 3rd option that involves doing nothing and keeping encryption the way it is indefinitely.
You know there is already a law on the book that makes it illegal to decrypt encrypted communications. This is really the issue the law enforcement is dealing with, the police can get a warrant to decrypt but this assume they have the key.
Back in the day when communications were all analogy anyone could listen in to any communications which were transmitted through the air waves, The reason you can not listen to hardwire phone call is because it is not open to everyone like the airwaves. Why, there is the 1936 Communication act that made the airway free for anyone to use. As long as you had the means to receive the signal and listen to it you could not be stop. Come first wireless phones and any good frequency scanner could listen in on those phone calls and it was not illegal even thought people thought it was illegal. This was legal since you were listen to the airwave not the hardwire signal.
Then came encrypted digital wireless phones and police radios with encrypted digital communication and the Telecom Act of 1996 which made it illegal to decrypted communications, this was done not for your home phone but for police communications, since anyone use to be able to listen to any police radio communications with police scanners. The government want it illegal for anyone to decrypt encrypted communications even if they had the means to do it.
The government is going to change this law to force companies to provide a method to decrypt communications and it to be legal..
I've reached the point where this seems like both sides are being disingenuous. The FBI keeps screaming about how they need these back doors, yet they have tools to get into most any phone they want. Apple says they will not allow back doors, but they MUST be able to get their hands on these devices, examine them, and close the vulnerabilities, yet they haven't.
I see both sides claiming to be the good guys, claiming to be protecting the public. All the while winking at each other.
How is Apple winking at them? They've offered no backdoor, and contrary to your claims, continually are locking down vulnerabilities that have been used in the past by companies making these devices. That's why some of these exploits only work up to iOS version x, or certain hardware models, so on. Wasn't the ability to disallow USB accessories when locked a specific response to these cracking tools?
Somehow the FBI always gets into the phone when it wants.
And what does that have anything to do with Apple?
Really uncalled for. Discussions are routinely shut down or prevented due to their political...and then this personal attack in an article is OK?
In his role as United States' Attorney General, he knows full well that the public will be less safe if he gets what he wants. He also obviously just doesn't seem to care.
Really uncalled for. Discussions are routinely shut down or prevented due to their political...and then this personal attack in an article is OK?
In his role as United States' Attorney General, he knows full well that the public will be less safe if he gets what he wants. He also obviously just doesn't seem to care.
This isn’t remotely close to a personal attack, nor is it a partisan political statement. As I mentioned on the first page of comments, and illustrated in the timeline in the piece, this view point was shared by the previous administration, and I railed against that too.
If you wish to discuss this further, please feel free to DM me.
Comments
A backup stored in the cloud is not the same thing as access to data on a device itself. I don't backup to iCloud, I use my Mac. So only certain data is available in my iCloud account that Apple can provide the FBI with a warrant. They don't have access to the data on my device, which is secured both on my iPhone itself and on my Mac, both encrypted, and Apple doesn't have the key to either. If they created a backdoor, then they, the FBI, Russian hackers, etc could potentially access my data on those devices.
It’s a given that most fears are warranted at some level and it’s not wrong to take action to mitigate risks. However, there needs to be balance and a feedback loop that asks the question “What are we giving up when we take a specific action against a specific risk?” The US Constitution was intended to be a vehicle that gets inserted into the feedback loop as a means to make sure we are asking the right questions and weighing the larger consequences of those actions against the things that we most cherish.
Without a feedback loop that establishes thoughtful, difficult, and deliberate evaluation a childish hysteria sets in and a fundamental right and foundational values that serve us are gone forever, never to return. I say “difficult and painful” because oftentimes doing the right thing and accepting that not all risks are going to be fully mitigated, by choice, is very hard to accept. But it’s still the right thing to do and is a fundamental part of being an adult living by a set of standards that we value - and have stated as such in our Constitution.
It’s unfortunate that over the next six months or so we’re going to witness and be subjected to a constant barrage of fear mongering and assertions that we don’t need feedback loops, that we should simply succumb to our childlike fear processing, and that it’s acceptable to respond with open-loop emotionally driven reactions that ignore the long term consequences of our actions, especially if it’s “our side” that wins the argument.
If the FBI can break in with enough effort, then a backdoor isn't exposing anything not already exposed.
You can't have it both ways, and your article dances around this point in order to seem coherent.
You seem to be content with the fact that it is "hard" for the FBI to break in...or that only those with "a lot of money" can break in.
No one said a theoretical backdoor has to be "easy" to use.
So frankly the argument against a backdoor in principle is bunk. What you actually mean is that any backdoor must be at least as difficult to open as the average security hole, and then you're OK with it somehow.
With or without a backdoor, the devices will always be less than 100% secure.
Moral of the story: It is one thing to rail against backdoors, belligerently pretending that it's a simple topic about encryption. It's another thing to do that and then suggest that we don't need it because there are enough security holes to exploit. Yikes.
^ This is what actually matters at the end of the day. Apple needs to take responsibility before such laws get passed that make things worse for everyone.
In the old days of crime what means did criminals have to communicate privately that couldn't be subverted by law enforcement? Not much. Today as vast criminal enterprise can communicate over iMessage with 100% privacy and no one law enforcement anywhere can read, intercept, or decrypt those messages. That is the reality that Apple has created, and they need to take some responsibility for it.
Regardless of anyone's stance on "backdoors", there are only 2 options here:
- Create the means of access on their own terms without oversight ensuring the best possible solution that is still as secure as it can be under the circumstance.
- Do nothing, maintain obstinance and refuse to acknowledge their responsibility, and be forced to do it anyway with more rigid and ridiculous requirements that make the end result far less secure for everyone than if they had done it before.
That's it. There is no 3rd option that involves doing nothing and keeping encryption the way it is indefinitely.
Back in the day when communications were all analogy anyone could listen in to any communications which were transmitted through the air waves, The reason you can not listen to hardwire phone call is because it is not open to everyone like the airwaves. Why, there is the 1936 Communication act that made the airway free for anyone to use. As long as you had the means to receive the signal and listen to it you could not be stop. Come first wireless phones and any good frequency scanner could listen in on those phone calls and it was not illegal even thought people thought it was illegal. This was legal since you were listen to the airwave not the hardwire signal.
Then came encrypted digital wireless phones and police radios with encrypted digital communication and the Telecom Act of 1996 which made it illegal to decrypted communications, this was done not for your home phone but for police communications, since anyone use to be able to listen to any police radio communications with police scanners. The government want it illegal for anyone to decrypt encrypted communications even if they had the means to do it.
The government is going to change this law to force companies to provide a method to decrypt communications and it to be legal..
If you wish to discuss this further, please feel free to DM me.