We wouldn't be having this conversation if a) such encryption had existed on 9/11 and b) on 9/12 the FBI had asked Apple to let it into any suspect phones. Steve Jobs or Tim Cook would have opened them up with their tongues, because the enormity of the crime demanded it. They would have looked like co-conspirators with mass murderers in the eyes of the whole world if they had made then the same argument Cook et al. are making now.
Such noble half-baked and immature statements as the ones made above are only possible because merely 16 persons were murdered in San Bernardino. Yes, the hard truth about abstract moral principles is that they have to be put into action in the real world in the context of real human lives, and that changes the weight and heft of the arguments. If it had been 3,000 people who had been murdered in California rather than a *mere* 16, we wouldn't be hearing these arguments.
So that begs the question: Just how many mass murder victims is Apple willing to tolerate? How many are we the public willing to tolerate before we insist that Apple co-operate in keeping us safe? Or is the difference in the nature of the weapons used? Are assault rifle murders acceptable, while murders caused by airplanes are not? How about a poison gas attack, or a dirty bomb? Where is the line between an acceptable number of murders and an intolerable number?
Welcome to the world of hard choices. Life is hard. Do you honor the lives of those lost at San Bernardino by weakening the protection for the data of half-a-billion others? If so, is that a worthy trade? You ask "How many [murders] are we the public willing to tolerate before we insist that Apple co-operate in keeping us safe?"
Well, first ask yourself and then define "safe" for us. If it's "freedom from murder" then you're looking in the wrong place. It is an established fact that in 2015 more Americans were killed by toddlers than by terrorists ("Broad counts indicate that 21 toddlers shot and killed themselves or
others in 2015; 19 Americans died at the hands of potential or suspected
Islamic terrorists").
For many, "freedom" has a different sense while not excluding freedom-from-murder. It's freedom to communicate, freedom to dissent, freedom to protest, freedom from cyber-criminals. Even freedom to do your daily commercial transactions without having your money and identity stolen.
Are these part of your "safe"? If not then tell us why not.
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
In this analogy, Apple is not the bank but the maker of the safe. Once Apple sells the iPhone, they no longer own the phone whereas the bank still owns the safe where the safety deposit box is located.
In this analogy, the safe maker would be required to add a master code that can open all safes they make without the bank or the customer handing over the key. Once burglars would get a hold of that master code, they would be able to open all safety deposit boxes at all banks.
Even if you are not a criminal, you could be harmed if you store valuable items in a safety deposit box. If your business is to make safety deploys it boxes you would be out of business very soon after criminals get the master code as no one would want to store their valuable items in a safety deposit box made by your company.
Your understanding of software architecture vs software management is confused and superficial.
Please explain
I figured that hmlongco's proposal was a good idea, but my understanding of software architecture is limited. I imagine this would work similar to Bitlocker. Microsoft does not own the decryption key if you encrypt your Windows laptop with bitlocker.
Given where governments around the world are heading, having third party encryption may be the only option to secure devices and apps. With the UK, Brazil, New York, and California demanding back doors already, some laws are bound to get passed somewhere requiring Apple, What's App and others to build back doors.
Apple and Goolgle can not afford to stop selling devices in large markets as a third platform may gain the critical mass to become a viable alternative. I see only two ways around that. 1) Sell devices without encryption and allow users to add encryption through third party software. 2) Create two versions hardware and OS, one with encryption and one without. Both would be compatible with the same apps, but the secure version would only be sold in jurisdictions that allow the sale of encrypted devices without back doors. I'd be curious to see which version government officials would use. I am pretty sure they would by the secure version.
If option 1 is not technically feasible, then that would only leave option 2.
Or don't create backdoor. Period. Encryption for All.
"There is nothing new in the realization that the Constitution sometimes insulates the criminality of a few to protect the privacy of us all." -- Antonin Scalia Arizona v. Hicks (1987)
Here is a good blog article by a specialist in forensic technology It is really much more complicated than the FBI makes it appear to be. One of Apples claims is that it would be an "undue burden" on them and after reading this blog post I would have to agree.
The mention of "non-American encryption products" is an interesting choice of words. Why does it have to be non-American exactly?
It is well-known that many companies moved out of the US during the early 1990's - the era of the "crypto-wars".
The point is that many encryption products and those employing encryption technology are established in countries that do not have similar to those proposed then, or being suggested now by the FBI. Whatever the FBI might like to believe, the "encryption" genie is out of the bottle. Pandora's Box is open. There is no "putting it back the way it was" except for some totalitarian countries. For all the others, there is only "making it hard".
So the FBI might be able to push FaceBook into having a way into WhatsApp but all that will do - for the terrorists - is to encourage them to move to Telegram which is built and hosted in Europe. So the WhatsApp users are now vulnerable but the terrorists continue.
...imagine how this has improved in nearly five years...and imagine further that this may be getting more refined in secret by our military. I wouldn't rule it out.
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
So which banks require that the records in your safe deposit box are readable plain text? Since when have you not been able to employ your own encryption to keep others out of your affairs? I guess that you will, when presented with a legal search warrant, disclose the secret key.
But then you make this stunner "To me, it's just this simple....Don't do anything illegal and you don't need encryption".
I guess you have never purchased anything online. Or done any banking online. Or - almost anything other than posting here. In case you didn't know it, ALL of those things rely upon encryption. Dude - encryption isn't something that keeps criminals safe - it's what keeps ALL OF US safe. Wake up !
...imagine how this has improved in nearly five years...and imagine further that this may be getting more refined in secret by our military. I wouldn't rule it out.
---
At the beginning of this FBI fiasco, I talked about this concept here in comments on the AI articles. Here's my thoughts:
There's a brain scanning technique that can determine if you've previously seen an image that you are shown a picture of. Future law enforcement might wish to use this to show a suspect a picture of a murder scene, to determine whether the suspect's brain registers recognition and therefore provides evidence the suspect was at the murder scene. Interesting, from a scientific standpoint, but scary from the point of view of privacy.
The notion that data inside our brains might be available for inspection is going to one day be a public policy debate. Better to start that debate now, with our mobile phones and the very personal data they encrypt, acting as a proxy for our minds. I know which side of that debate I fall on; a person should have the right to private thoughts, those he/she chooses not to share with the world.
The fact that some of our thoughts are held in silicon rather than our neurons should make little difference. I say our personal devices should be seen as an extension of our minds, sacrosanct from forced inspection.
When that future comes, the precedents we set today will be used as a proxy for how government will decide their rights to access the information within our minds.
Daniel, please please please don't refer to the incident as terrorism, unless you refer to shooting up an office Christmas party as an act of terror. The only reason the DOJ uses that term is because the morons pee their pants every time someone in authority invokes the boogeyman "TERROR!" or "Muslim". The non-postal workers shooting up their workplace were NOT terrorists - they were wackos who happened to be Muslim. Don't fall into buying the Feeb's nonsense manipulative rhetoric.
Anyone who uses the term terrorist to describe that incident is supporting the Feebs. Don't be that guy.
Dude. They caused terror. Murdered people.
Terrorists is an apt term.
Means in case you didn't know, Islam advocates this.
Also so if you cared to know the facts, the guys wife was the main proponent. And it was due to Islam.
I figured that hmlongco's proposal was a good idea, but my understanding of software architecture is limited. I imagine this would work similar to Bitlocker. Microsoft does not own the decryption key if you encrypt your Windows laptop with bitlocker.
Given where governments around the world are heading, having third party encryption may be the only option to secure devices and apps. With the UK, Brazil, New York, and California demanding back doors already, some laws are bound to get passed somewhere requiring Apple, What's App and others to build back doors.
Apple and Goolgle can not afford to stop selling devices in large markets as a third platform may gain the critical mass to become a viable alternative. I see only two ways around that. 1) Sell devices without encryption and allow users to add encryption through third party software. 2) Create two versions hardware and OS, one with encryption and one without. Both would be compatible with the same apps, but the secure version would only be sold in jurisdictions that allow the sale of encrypted devices without back doors. I'd be curious to see which version government officials would use. I am pretty sure they would by the secure version.
If option 1 is not technically feasible, then that would only leave option 2.
Or don't create backdoor. Period. Encryption for All.
Exactly, both of the options in my post do not include a back door. However, if governments ban the sale of devices with encryption, then device makers will have to find a way to sell devices that can be encrypted without getting banned.
Daniel, please please please don't refer to the incident as terrorism, unless you refer to shooting up an office Christmas party as an act of terror. The only reason the DOJ uses that term is because the morons pee their pants every time someone in authority invokes the boogeyman "TERROR!" or "Muslim". The non-postal workers shooting up their workplace were NOT terrorists - they were wackos who happened to be Muslim. Don't fall into buying the Feeb's nonsense manipulative rhetoric.
Anyone who uses the term terrorist to describe that incident is supporting the Feebs. Don't be that guy.
It was terrorism, Islamic terrorism to be precise. They were ISIS supporters and they were dirty terrorists. I am sorry if you have a problem with reality and facts.
Try this thought experiment. Let's say someone came up with a way to read your mind (or phone) and then someone came up with a way to keep others from reading your mind (or phone). Would the government be justified in telling that 2nd party that they had no right to develop that system that kept the government from reading your mind or that they had to have a back door so they could read what you were thinking in case you were planning an attack?
"GREENE: What do you know about the debate within the Obama administration? It's been reported that there really is a fierce debate over how to handle this.
CLARKE: Well, I don't think it's a fierce debate. I think the Justice Department and the FBI are on their own here. You know, the secretary of defense has said how important encryption is when asked about this case. The National Security Agency director and three past National Security Agency directors, a former CIA director, a former Homeland Security secretary have all said that they're much more sympathetic with Apple in this case. You really have to understand that the FBI director is exaggerating the need for this and is trying to build it up as an emotional case, organizing the families of the victims and all of that. And it's Jim Comey and the attorney general is letting him get away with it.
GREENE: So if you were still inside the government right now as a counterterrorism official, could you have seen yourself being more sympathetic with the FBI in doing everything for you that it can to crack this case?
CLARKE: No, David. If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They're not as interested in solving the problem as they are in getting a legal precedent.'
Richard Clarke was the head of Counterterrorism under both the Clinton Administration and the Bush Administration. He was the sage fellow who was ignored by Condi Rice and the Bush Administration before 9-11.
The fact of the matter is that government has always
required some type of public safety designs of private property. For example,
buildings would be more secure against burglars if there were no windows. But
building codes protect the greater public interest by requiring windows, fire
escapes, etc. Requiring a means to access data by court order is not that much different.
It’s in the public interest and hardly an intrusion for 99.999% of the
population.
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
Sorry dude you are missing the point. Illegal or not is really not the issue. It comes down to trust in the system that you are using and whether or not it can be subjugated. You may be perfectly happy with letting anyone into your thoughts or activities but others may not feel so welcome. Criminal or not. They should have the right to prohibit access. You are only seeing things from the perspective of criminals. Profiling individuals is becoming so pervasive with social media. It would be nice to know there are some places where one can safely express thoughts without fear of being spied on. It's called decency.
It would seem to me that if anyone wants privacy in this electronic world we live in that they would not put their entire lives on a little box they carry in their pockets. I don't and never will. Anyone who steals my phone will be able to send texts and make phone calls until I get it shut off. That's it.
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
---
If the bank doesn't have a key to the safe deposit box (maybe it was lost) law enforcement doesn't demonize the bank and threaten its management. They also don't demand that the bank manager himself break into the box, as that's not his job. They simply hire a locksmith to open the safety deposit box. But that's not what they are doing in this case. They could hire a specialist with an electron microscope to shave down the EPROM on the phone where the hardware encryption key has been written, use the electron microscope to read that key, then copy all the encrypted data off the phone and brute force the password against it and the recovered hardware encryption key. Had they gone this route, they'd have decrypted the data by now, but that's not really their objective. By telling the world the only way to get the data off that phone and decrypt it is with Apple's assistance in taking some very specific steps that results in a reusable backdoor, the FBI has exposed themselves as liers with an agenda.
As to those who don't do anything illegal not needing encryption, well, I don't do anything illegal and my Target debit card was part of a huge hack that could have compromised my bank account. Just one of many examples where data security is important to law-abiding citizens. If a hacker can get into your phone, he could read your schedule, which might include reminders about your kid's activities that you take them to. An entire picture of your life could be constructed, resulting in your young daughter being abducted perhaps, or any number of other scenarios. Software to log and transmit your keystrokes could be installed, allowing access to your financial accounts as your usernames and passwords are collected by hackers. Our lives are in our smartphones. Don't be naive thinking that data doesn't warrant absolute security.
You have made some valid points. I don't carry a smartphone for many reasons and you have just touched on a couple of them. Carrying your entire life around on a smartphone in your pocket is just asking for trouble. Fortunately, I'm old enough to remember a time when we didn't have any sort of cellphone at all. I'm still functioning well enough that I can keep my schedule in my head. I started as a mainframe computer programmer in 1969. I could see a day where people would rely far too much on computers to organize and control their lives. I feel fortunate that I was involved in many of the early computer projects. It taught me how to avoid the pitfalls. that are creeping into our electronic society. It's just this simple. If you put it out there SOMEONE will figure out how to get your information sooner or later.
More anti-government propaganda by Apple I see. Timmy Crook and *every other software engineer at Apple* knows that the US Government has not requested a backdoor, a break in encryption, or anything close to that.
What the government has requested in the court order (read it please), is that Apple create a patch that will bypass the "five attempts and lock" feature on the phone, so that the government can then brute force it open. The patch can be keyed to the serial number of the phone and recompiled into the O/S, so that the code is not accessible or readable. No de-encryption, no back door, no problem.
Instead we get all this spin from Apple on how the US Government is crushing our personal liberties. Sort of makes sense, when you consider that Apple off-shores US jobs, clamors for H1B visas to drive down the domestic wage base, and uses tax shelters to avoid its fair share of taxes. Just Another Greedy Corporation.
This isn't about privacy - It is about Timmy Crook satisfying the billionaire investors who own Apple, and don't want something as trivial as people getting killed by terrorists to cut into their profits. Don't fall for this scam by the ultra-rich to give the government the finger once again, and may Timmy and Co choke on their caviar.
Most of what you say I disagree with. This I do agree with: "Apple off-shores US jobs, clamors for H1B visas to drive down the domestic wage base" Contrary to what the high tech corporations say, there is no shortage of highly qualified people with STEM degrees in the U.S.
These are the same people that are screaming for Hillary emails but don't want to give up the phone lock. Freekin low life scum
Hillary says her emails are not classified, so they should be released per freedom of information act since they were written as part of her duty as a government employee. No one is asking for her personal emails. BTW, no need for name calling. Everyone is entitled to their opinion.
Comments
Well, first ask yourself and then define "safe" for us. If it's "freedom from murder" then you're looking in the wrong place. It is an established fact that in 2015 more Americans were killed by toddlers than by terrorists ("Broad counts indicate that 21 toddlers shot and killed themselves or others in 2015; 19 Americans died at the hands of potential or suspected Islamic terrorists").
For many, "freedom" has a different sense while not excluding freedom-from-murder. It's freedom to communicate, freedom to dissent, freedom to protest, freedom from cyber-criminals. Even freedom to do your daily commercial transactions without having your money and identity stolen.
Are these part of your "safe"? If not then tell us why not.
In this analogy, the safe maker would be required to add a master code that can open all safes they make without the bank or the customer handing over the key. Once burglars would get a hold of that master code, they would be able to open all safety deposit boxes at all banks.
Even if you are not a criminal, you could be harmed if you store valuable items in a safety deposit box. If your business is to make safety deploys it boxes you would be out of business very soon after criminals get the master code as no one would want to store their valuable items in a safety deposit box made by your company.
Here is a good blog article by a specialist in forensic technology
It is really much more complicated than the FBI makes it appear to be.
One of Apples claims is that it would be an "undue burden" on them and after reading this blog post I would have to agree.
http://www.zdziarski.com/blog/?p=5645
It is well-known that many companies moved out of the US during the early 1990's - the era of the "crypto-wars".
The point is that many encryption products and those employing encryption technology are established in countries that do not have similar to those proposed then, or being suggested now by the FBI. Whatever the FBI might like to believe, the "encryption" genie is out of the bottle. Pandora's Box is open. There is no "putting it back the way it was" except for some totalitarian countries. For all the others, there is only "making it hard".
So the FBI might be able to push FaceBook into having a way into WhatsApp but all that will do - for the terrorists - is to encourage them to move to Telegram which is built and hosted in Europe. So the WhatsApp users are now vulnerable but the terrorists continue.
...imagine how this has improved in nearly five years...and imagine further that this may be getting more refined in secret by our military. I wouldn't rule it out.
https://petitions.whitehouse.gov/petition/apple-privacy-petition
Hurry, there are currently 23,000 signatures. 100,000 are needed by March 18 to require a Whitehouse response.
The title of the petition is:
Halt efforts that compel Apple and other device makers to create a "backdoor" for the Government to access citizens data
But then you make this stunner "To me, it's just this simple....Don't do anything illegal and you don't need encryption".
I guess you have never purchased anything online. Or done any banking online. Or - almost anything other than posting here. In case you didn't know it, ALL of those things rely upon encryption. Dude - encryption isn't something that keeps criminals safe - it's what keeps ALL OF US safe. Wake up !
Encryption. The FBI can pay hackers to get what they want without hassling Apple.
The FBI must have additional agendas to refute the easier softer way. Some things the FBI may be considering:
Creating a perception among the public "the FBI has power"......or maybe the FBI finds that the best return
on their investment will be to hassle Apple.
At the beginning of this FBI fiasco, I talked about this concept here in comments on the AI articles. Here's my thoughts:
Terrorists is an apt term.
Means in case you didn't know, Islam advocates this.
Also so if you cared to know the facts, the guys wife was the main proponent. And it was due to Islam.
Im sure the people getting shot were terrified.
Lets be real here.
Not politically "correct"
Oh wait. You said that. Nevermind. ;-)
"GREENE: What do you know about the debate within the Obama administration? It's been reported that there really is a fierce debate over how to handle this.
CLARKE: Well, I don't think it's a fierce debate. I think the Justice Department and the FBI are on their own here. You know, the secretary of defense has said how important encryption is when asked about this case. The National Security Agency director and three past National Security Agency directors, a former CIA director, a former Homeland Security secretary have all said that they're much more sympathetic with Apple in this case. You really have to understand that the FBI director is exaggerating the need for this and is trying to build it up as an emotional case, organizing the families of the victims and all of that. And it's Jim Comey and the attorney general is letting him get away with it.
GREENE: So if you were still inside the government right now as a counterterrorism official, could you have seen yourself being more sympathetic with the FBI in doing everything for you that it can to crack this case?
CLARKE: No, David. If I were in the job now, I would have simply told the FBI to call Fort Meade, the headquarters of the National Security Agency, and NSA would have solved this problem for them. They're not as interested in solving the problem as they are in getting a legal precedent.'
The fact of the matter is that government has always required some type of public safety designs of private property. For example, buildings would be more secure against burglars if there were no windows. But building codes protect the greater public interest by requiring windows, fire escapes, etc. Requiring a means to access data by court order is not that much different. It’s in the public interest and hardly an intrusion for 99.999% of the population.
This I do agree with:
"Apple off-shores US jobs, clamors for H1B visas to drive down the domestic wage base"
Contrary to what the high tech corporations say, there is no shortage of highly qualified people with STEM degrees in the U.S.