US Secretary of Defense Ash Carter speaks out for strong encryption

Posted:
in iPhone
The Pentagon wholeheartedly supports strong encryption and opposes efforts to add back doors to secure software, Defense Secretary Ash Carter said at a cybersecurity conference on Thursday.




While Carter refused to comment on the Apple case specifically -- calling it a "law enforcement matter" when asked -- he did say that for departments within his purview, "data security is an absolute necessity. We're foursquare behind strong data security and encryption."

He later added that he is "not a believer in back doors or a single technical approach to what is a complex problem," according to the AP.

Carter also noted that addressing the current divide between Washington and Silicon Valley will require cooperation from both sides.

If the parties refuse to come together, it could result in legislation "written by people who won't have technical knowledge, maybe written in an atmosphere of anger or grief," he said. The net effect of such legislative reaction could cause more harm than good.

Comments

  • Reply 1 of 19
    ceek74ceek74 Posts: 324member
    So, I started a list of intelligent people in the US Gov't.  So far I'm at 1.
    fotoformatfreerangejony0manfred zornmoreckfirelockbrakkendementuschikanbadmonk
  • Reply 2 of 19
    Yep. Finally someone with some sense...

    Although, his non-comment on Apple's position, calling it a "law enforcement matter" seems to undo any of his other rhetoric about "Washington and Silicon Valley" cooperation. :/
    edited March 2016 badmonk
  • Reply 3 of 19
    volcanvolcan Posts: 1,791member

    He did say that for departments within his purview the military, "data security is an absolute necessity. We're foursquare behind strong data security and encryption."


    Sure everyone wants data security for themselves, but as soon as they recover an enemy iPhone they'll want it cracked just like the FBI. I don't believe anything these government officials say.
    edited March 2016 Blasterjony0moreckjbdragon
  • Reply 4 of 19
    irelandireland Posts: 17,684member
    sog35 said:
    This whole issue is pure stupidity.

    You can go online right now and buy a device that can unlock iPhones running iOS 8 with a $200 device

    http://qz.com/629753/there-are-millions-of-iphones-that-can-be-unlocked-without-anyones-permission/?utm_source=YPL

    The FBI has a budget in the hundreds of millions.  Why the hell can't they build a similiar device?
    Because that's not their goal. Their main goal is to get access to all information by setting a count precedent because they feel it's their right. They are arrogant and feel they are above the law. In the hearing Conyers read aloud an email uncovered by a Washing Post investigation that revealed government agencies were waiting for a case such as the San Bernadino one to move the ratchet further to push through new legislation or action that wouldn't otherwise be possible.
    edited March 2016 jony0moreckjbdragon
  • Reply 5 of 19
    msanttimsantti Posts: 1,377member
    Obama controls the Secretaary of Defense.
  • Reply 6 of 19
    farmboyfarmboy Posts: 152member
    If such a device worked--big IF--it doesn't help with an iOS 9 phone, or the same outfit would have updated that device and become internet heroes. But by all means do your patriotic duty and buy one and send it to Director Comey, FBI, Washington DC. Should be good for a laugh and a visit to your front door by a couple of dark suits.
    SpamSandwichjbdragon
  • Reply 7 of 19
    msantti said:
    Obama controls the Secretaary of Defense.
    Not really. The last SecDef has complained he was basically ignored while Obama did what he wanted. 
    jbdragon
  • Reply 8 of 19
    snovasnova Posts: 1,281member
    ceek74 said:
    So, I started a list of intelligent people in the US Gov't.  So far I'm at 1.
    The actual article ends with statement. "Separately, Carter said a new Defense Department tech advisory panel will be led by Eric Schmidt, executive chairman of Google parent Alphabet Inc."
  • Reply 9 of 19
    Meanwhile, DOJ stooge Amazon REMOVES encryption from latest Fire OS. 

    No joke. 


    jbdragon
  • Reply 10 of 19
    sog35 said:
    Would this be a good 'compromise' by Apple and the FBI?

    The government commissions Apple to build a physical machine that can unlock iPhones that they physically possess.  The machine would probably cost millions of dollars and the government needs to pay for it.  In order to run the machine it will require passcode/biometric authentication by the President of the United States, the Attorney General of the US, the CEO of Apple, and the Chairman of the BOD of Apple. Once those 4 authorizations are made the phone can be hooked up to the machine and it will unlock the phone in 12 hours. The machine will then make a full digital copy of the phones contents.  The machine cannot remotely unlock iPhones.  The actual phone has to be physically in the room connected to the machine for 12 hours for it to unlock the phone.

    The government will also have to pay to update the machine after each iOS update. They will need to pay for maintenance and operation time.  They will need to pay for extra security.

    The machine will only be used in very specific and narrow circumstances:

    1. National Security threat
    2. Case where a death has occurred (Murder) or the threat of death (kidnapping or hostage)
    3. It can only be the phone of the direct suspect in the case

    IMO, this is a fair compromise.  There is no software envolved so it would be very hard for criminals to duplicate the machine and how it works.  You would also need the 4 authorizations from the President, AG, CEO, and Chairman.  It will also stop the possibility of the backdoor software from going out in the wild because this is a hardware backdoor.


    Hardware runs software. 

    If if a machine can be built in the USA to do so, it can be replicated in other countries by less than trustworthy regimes. 

    Mmand you really think the hacker coalitions don't have that kind of cash easy?

    lol
  • Reply 11 of 19
    MisterKitMisterKit Posts: 292member
    Apple would have the FBI and all government department members shaking in their boots if they simply pointed out that if a back door got out into the wild, all government personel would be vulnerable to having their iPhone information made public. Plain and simple.
    jbdragon
  • Reply 12 of 19
    volcanvolcan Posts: 1,791member
    MisterKit said:
    Apple would have the FBI and all government department members shaking in their boots if they simply pointed out that if a back door got out into the wild, all government personel would be vulnerable to having their iPhone information made public. Plain and simple.
    Could happen but Apple could also write as many patches as necessary to keep plugging the hole. Sounds like an infinite loop though. Patch backdoor, create new backdoor, rinse and repeat. Why even go down that road?
  • Reply 13 of 19
    farmboyfarmboy Posts: 152member
    sog35 said:
    farmboy said:
    If such a device worked--big IF--it doesn't help with an iOS 9 phone, or the same outfit would have updated that device and become internet heroes. But by all means do your patriotic duty and buy one and send it to Director Comey, FBI, Washington DC. Should be good for a laugh and a visit to your front door by a couple of dark suits.
    It does work with iOS8 devices. It has been confirmed.

    The FBI would have to build another device to work on iOS9.  That's THEIR JOB.  Their budget is hundreds of millions of dollars. Build the device to crack iPhones in possession.  Instead of wasting time and money fighting Apple in court the last 12 months they should have built the device by now.

    I'm pretty sure Apple would be 100% okay with helping the FBI build a PHYSICAL HARDWARE device to unlock iPhones. But Apple will NOT help build a software device that can easily be duplicated billions of times.

    Its so friken ridiculous that the FBI director did not even ask Apple for the source code. People should be pissed at the FBI for not doing their job.

    But that is NOT what they want. They want a software backdoor so they can access any phone, even remotely.  That's why they are ignoring hardware solutions (that require physical possession of the phone) and went straight to Apple for a software backdoor.

    This isn't about national security. This is about the FBI having a tool to spy on hundreds of millions of US citizens without cause.
    from that same article: "That [the terrorist's] iPhone is running iOS 9, which is almost certainly immune to a brute-force hack, Chell says." If throwing money at the problem was all it took, I'm pretty sure NSA would have done this a few weeks after iOS9 was released, using their lunch money. The size and power of their computer facilities is said to be beyond comprehension.
  • Reply 14 of 19
    macseekermacseeker Posts: 456member
    snova said:
    ceek74 said:
    So, I started a list of intelligent people in the US Gov't.  So far I'm at 1.
    The actual article ends with statement. "Separately, Carter said a new Defense Department tech advisory panel will be led by Eric Schmidt, executive chairman of Google parent Alphabet Inc."
    Yeah, makes me wonder.
  • Reply 15 of 19
    dmdevdmdev Posts: 31member
    sog35 said:
    farmboy said:
    from that same article: "That [the terrorist's] iPhone is running iOS 9, which is almost certainly immune to a brute-force hack, Chell says." If throwing money at the problem was all it took, I'm pretty sure NSA would have done this a few weeks after iOS9 was released, using their lunch money. The size and power of their computer facilities is said to be beyond comprehension.
    There are always ways around it. There has never been an unhackable device. ever.

    My suggestion is that Apple build a physical machine that can unlock iPhones. The machine's existance will be top secret and be built by Apple without any government oversight. The government will pay for the costs. The machine would be kept in a super secure facility, in a massive vault. The only way to open the vault is with codes/biometric from the President of the USA, AG, Apple CEO, and Apple Chairman. All 4 need to approve.  The machine will only be used on threats to national security and cases of death or potential death.  Once the approvals are made the vault opens.

    The phone is then placed into the machine. The machine will unlock the phone in a delayed fashion taking 12 hours. After 12 hours the contents of the phone will be copied onto a flash drive.  The machine will only unlock a single phone for each authorization matching the exact serial number.
    The plans for such a machine would become one of the most sought-after espionage targets in the world, with Apple employees and their families subject to possible kidnapping and ransom demands. Tim Cook is right when he says the mere creation of this ability would cause more harm than good.
  • Reply 16 of 19
    jony0jony0 Posts: 270member
    sog35 said:
    farmboy said:
    from that same article: "That [the terrorist's] iPhone is running iOS 9, which is almost certainly immune to a brute-force hack, Chell says." If throwing money at the problem was all it took, I'm pretty sure NSA would have done this a few weeks after iOS9 was released, using their lunch money. The size and power of their computer facilities is said to be beyond comprehension.
    There are always ways around it. There has never been an unhackable device. ever.

    My suggestion is that Apple build a physical machine that can unlock iPhones. The machine's existance will be top secret and be built by Apple without any government oversight. The government will pay for the costs. The machine would be kept in a super secure facility, in a massive vault. The only way to open the vault is with codes/biometric from the President of the USA, AG, Apple CEO, and Apple Chairman. All 4 need to approve.  The machine will only be used on threats to national security and cases of death or potential death.  Once the approvals are made the vault opens.

    The phone is then placed into the machine. The machine will unlock the phone in a delayed fashion taking 12 hours. After 12 hours the contents of the phone will be copied onto a flash drive.  The machine will only unlock a single phone for each authorization matching the exact serial number.

    I had put a lot of thought about some compromise as well which included a lot of the features you’ve mentioned. I was also going to propose that it would take 4 people but I went for the ACLU head rather than Apple Chairman. I had actual personal hardware keys as well as their biometrics using their TouchID with their own iPhone wired in the machine as well, to deter any kidnapping intentions, all in a Faraday cage. There should be full disclosure of the warrant on the DOJ and Apple websites and a video recording of the event.

    However, I stopped refining the whole idea when I realized that even with all these kinds of measures, all of this is still moot. In between drafts of this plan I had posted a reply in some forum about Cyrus Vance quoting a prisoner that iOS was a “gift from God”. This was part of my reply :

    Strong encryption is the gift from God, [not iOS] and is available in 865 different flavours, most of them from outside the US. Bad guys are covered, they [understand] it, they have it. Normal good citizens mostly don’t. Apple did not invent it, they just democratized it and made it the easy baked-in default for everybody. If the government opens up Apple’s encryption to the world, it’s not the end of strong encryption, just more inconvenient for the good citizens to set it up, the bad people already are all set.

    So here’s my point. Even if we had all this great apparatus described here in place, that would all be just for iOS encryption. All the other handful of OSes, hundreds of encryption products and thousands of phone models are still not covered, they are and will remain the choice of bad guys. And if, heaven forbid, the FBI would actually win this, it would be devastating, but only for the convenience of having this robust and easy pre-installed option as the default choice on a brand new pristine iPhone. Don’t get me wrong, I would still be pissed, because like most here I buy Apple products for their ease of use, but it would simply mean we’ll just have to begrudgingly install some 3rd party product to get back to where we were, meaning the same level of protection as the bad guys, perhaps not as good or convenient at first, but I would think Apple would come up with an API akin to the content blocker API that would ease that task for developers as well as users. And if the DOJ or other foreign government would want to render such an API illegal, it will take time, more legal wrangling until another workaround pops up, and round and round we go. At which point I would hope that everyone would come to their senses and put a stop to the futile cat and mouse game that is still pervasive in many other matters of security. I call upon the authorities to save everybody, including themselves, time, money, resources and mostly aggravation, and do it now.

  • Reply 17 of 19
    foggyhillfoggyhill Posts: 4,767member
    jony0 said:
    sog35 said:
    There are always ways around it. There has never been an unhackable device. ever.

    My suggestion is that Apple build a physical machine that can unlock iPhones. The machine's existance will be top secret and be built by Apple without any government oversight. The government will pay for the costs. The machine would be kept in a super secure facility, in a massive vault. The only way to open the vault is with codes/biometric from the President of the USA, AG, Apple CEO, and Apple Chairman. All 4 need to approve.  The machine will only be used on threats to national security and cases of death or potential death.  Once the approvals are made the vault opens.

    The phone is then placed into the machine. The machine will unlock the phone in a delayed fashion taking 12 hours. After 12 hours the contents of the phone will be copied onto a flash drive.  The machine will only unlock a single phone for each authorization matching the exact serial number.

    I had put a lot of thought about some compromise as well which included a lot of the features you’ve mentioned. I was also going to propose that it would take 4 people but I went for the ACLU head rather than Apple Chairman. I had actual personal hardware keys as well as their biometrics using their TouchID with their own iPhone wired in the machine as well, to deter any kidnapping intentions, all in a Faraday cage. There should be full disclosure of the warrant on the DOJ and Apple websites and a video recording of the event.

    However, I stopped refining the whole idea when I realized that even with all these kinds of measures, all of this is still moot. In between drafts of this plan I had posted a reply in some forum about Cyrus Vance quoting a prisoner that iOS was a “gift from God”. This was part of my reply :

    Strong encryption is the gift from God, [not iOS] and is available in 865 different flavours, most of them from outside the US. Bad guys are covered, they [understand] it, they have it. Normal good citizens mostly don’t. Apple did not invent it, they just democratized it and made it the easy baked-in default for everybody. If the government opens up Apple’s encryption to the world, it’s not the end of strong encryption, just more inconvenient for the good citizens to set it up, the bad people already are all set.

    So here’s my point. Even if we had all this great apparatus described here in place, that would all be just for iOS encryption. All the other handful of OSes, hundreds of encryption products and thousands of phone models are still not covered, they are and will remain the choice of bad guys. And if, heaven forbid, the FBI would actually win this, it would be devastating, but only for the convenience of having this robust and easy pre-installed option as the default choice on a brand new pristine iPhone. Don’t get me wrong, I would still be pissed, because like most here I buy Apple products for their ease of use, but it would simply mean we’ll just have to begrudgingly install some 3rd party product to get back to where we were, meaning the same level of protection as the bad guys, perhaps not as good or convenient at first, but I would think Apple would come up with an API akin to the content blocker API that would ease that task for developers as well as users. And if the DOJ or other foreign government would want to render such an API illegal, it will take time, more legal wrangling until another workaround pops up, and round and round we go. At which point I would hope that everyone would come to their senses and put a stop to the futile cat and mouse game that is still pervasive in many other matters of security. I call upon the authorities to save everybody, including themselves, time, money, resources and mostly aggravation, and do it now.

    Considering how integrated encryption is on the Iphone and that third party sandboxed app don't have access to everything, how will they be as secure?
    Will people need to jailbreak their phone for total security? Sound Ironic?
  • Reply 18 of 19
    jony0jony0 Posts: 270member
    foggyhill said:
    jony0 said:

    I had put a lot of thought about some compromise as well which included a lot of the features you’ve mentioned. I was also going to propose that it would take 4 people but I went for the ACLU head rather than Apple Chairman. I had actual personal hardware keys as well as their biometrics using their TouchID with their own iPhone wired in the machine as well, to deter any kidnapping intentions, all in a Faraday cage. There should be full disclosure of the warrant on the DOJ and Apple websites and a video recording of the event.

    However, I stopped refining the whole idea when I realized that even with all these kinds of measures, all of this is still moot. In between drafts of this plan I had posted a reply in some forum about Cyrus Vance quoting a prisoner that iOS was a “gift from God”. This was part of my reply :

    Strong encryption is the gift from God, [not iOS] and is available in 865 different flavours, most of them from outside the US. Bad guys are covered, they [understand] it, they have it. Normal good citizens mostly don’t. Apple did not invent it, they just democratized it and made it the easy baked-in default for everybody. If the government opens up Apple’s encryption to the world, it’s not the end of strong encryption, just more inconvenient for the good citizens to set it up, the bad people already are all set.

    So here’s my point. Even if we had all this great apparatus described here in place, that would all be just for iOS encryption. All the other handful of OSes, hundreds of encryption products and thousands of phone models are still not covered, they are and will remain the choice of bad guys. And if, heaven forbid, the FBI would actually win this, it would be devastating, but only for the convenience of having this robust and easy pre-installed option as the default choice on a brand new pristine iPhone. Don’t get me wrong, I would still be pissed, because like most here I buy Apple products for their ease of use, but it would simply mean we’ll just have to begrudgingly install some 3rd party product to get back to where we were, meaning the same level of protection as the bad guys, perhaps not as good or convenient at first, but I would think Apple would come up with an API akin to the content blocker API that would ease that task for developers as well as users. And if the DOJ or other foreign government would want to render such an API illegal, it will take time, more legal wrangling until another workaround pops up, and round and round we go. At which point I would hope that everyone would come to their senses and put a stop to the futile cat and mouse game that is still pervasive in many other matters of security. I call upon the authorities to save everybody, including themselves, time, money, resources and mostly aggravation, and do it now.

    Considering how integrated encryption is on the Iphone and that third party sandboxed app don't have access to everything, how will they be as secure?
    Will people need to jailbreak their phone for total security? Sound Ironic?
    Ironic indeed, which is why I mentioned that it might only provide the same level of protection as the bad guys, perhaps not as good or convenient at first, but I would think Apple would come up with an API akin to the content blocker API that would ease that task for developers. This assumed that it should include getting around the sandbox, just as the content blocker gets around some other previously unavailable area in iOS, but I agree it should been mentioned explicitly. Thanks for the precision. Let's just hope they don't have to go there.
Sign In or Register to comment.