Folks. This isn't about a single iPhone in one single case. It isn't even about FBI or US security or not.
IT IS ABOUT MILJONS AND MILJONS OF IPHONE USERS SECURITY ALL OVER THE WORLD.
The voice of all these daily users must be voiced and weighd in. Apple protect us all.
" ...does not strike the kind of balance we have lived with for 200, 300 years."
Organised Law Enforcement of any shape or form is barely 150 years old, I would remind everyone, and even that started first in the very ancient cities like London and Paris, which for the previous 2000 years or more had existed under absolute totalitarian dictatorship of Empire, be it Roman, French, British, Prussian or Austro-Hungarian...
Criminal investigation in those days must have been the exclusive preserve of the upper echelons of society or in the interests of stability of the kingdom, with networks of spies and informants combing the land and the colonies abroad for threats against the ruling dynasties and little else.
Come to think of it, how much has really changed since those days?
Okay Daniel, I was going to write about this but you have the bigger audience, so here goes.
Apple wanted to allow users to block ads, but they didn't want to bake that capability into the OS itself. So what did they do? They opened up the system and allowed anyone and their kid brother to write ad blockers that users could download from the app store, if they choose to do so.
And many, many people did. Users got the blockers they wanted, and Apple could take a step back and say, "Hey. Wasn't us."
So, let's do it again. Apple should take a page from the "ad blocking" playbook and open the system to third-party encryption engines. Allow app developers to write encryption engines that the system installs and then uses to encrypt the disk. Allow users to install them. And in particular, allow developers outside of the US to create security plugins for the iPhone.
Apple will need to do a thorough job of vetting the code submitted to the store, but they already do that anyway for ad blocker plugins, and they sandbox those plugins to prevent them from transmitting user data and performing other nefarious acts.
Apple can bake in services to help them (Secure Enclave), but, by and large, the security code isn't theirs to break, they don't have access to the encryption keys to give away, and, in the case of developers located outside of the US, they're beyond the reach of the US government.
Or they could not bend over to government demands and NOT compromise the most secure OS in the world.
In reply to post 3(won't let me quote the post)
What for? Should Apple work for the government for free? The FBI doesn't own iOS nor have they ever subsidized it or anything. Why should Apple go through all the trouble only to later respond to thousands maybe millions of requests a year to open iPhones. F*** THAT! Should Tim Cook spend time managing Apple or half his day opening iPhones for the government to snoop through? What would your respect level be if you knew Apple was opening their customers iPhones all day?
That was never an issue. Companies are able to charge for this stuff. I'm glad Apple is doing this, but I suspect it's a combination of PR and concerns about the implications for their platform rather than genuine ethical concerns.
Every minute of every hour, every day of the week foreign governments and criminal organisations probe the infrastructure of the modern internet for weaknesses. Hackers inject script and shell commands into database fields in order to trip database servers up and serve them confidential information. Governments and foreign agencies accumulate zero day exploits in an arsenal they use to breach the security of every electronic device we have. International fibre connectors have been tapped by governments who siphon all the data they can from the Internet and subject it to detection algorithm's that seek out patterns of behaviour or attempt to ascertain your login credentials so that your accounts can be targeted ina potential breach. And we have one single defense against it all. ONE.
This isn't hyperbole, it's the truth. Complex encryption algorithms safeguard you when you login to your bank, that you are the only person interacting with your bank in that session. Sure the data is going to be captured but its useless because it is encrypted in a one way process. What happens if you back door that system? Well I could take the recorded data and see everything you did while you were interacting with the bank. If I was looking at it as you were interacting with the bank I could insert transactions or present you with false account information just for starters. Your security is guaranteed by the encryption mechanisms that protect the connection.
What if you are an employee logging into your company portal from China. Your company is researching a new product and China wants it so that it can manufacture its own version instead of licensing it from you. Try as hard as they like all they can get is the encrypted stream between you and your corporate portal. Until its backdoored.
You're a security consultant with an iPhone someone takes your iPhone away from you at a security checkpoint far a few minutes before returning it to you. That is all the time it takes to do a complete copy of the phones contents encrypted or not. At least if they are encrypted they are about as useful as a choclate kettle. If the phone is backdoored.. Well..
And this is the important point, Encryption IS A COLLECTION OF STANDARDS. Weakening the standard weakens it not justr for the iPhonr, but for Android too; not just for Android but the Web too. The web and the electronic economy function because you and you alone trust that you are interacting with the companies that are selling products and services. Backdooring Encryption eliminates that completely and creates a target for every foreign government, and every criminal organisation to chase. The choice is yours, do you promote security and the free market are do you eliminate trust from the equation and let the chaos in abit?
There are ways to allow law enforcement access without compromising personal privacy but the way articles like this tell it, that's beyond the capability of technology (even though everything else is possible).
Please tell us what those ways are, because we in the tech community are unaware of them. We can't understand how any access method or decryption technique that would work for a law enforcement officer would not work for anyone else under any circumstances. Please enlighten us.
(1)There's nothing new or novel about the authorities having access to cell phone information and tech companies have complied without protest. All of a sudden, smart phones are considered sacred devices by encryption absolutists and Snowden lovers. (2)There are ways to allow law enforcement access without compromising personal privacy but the way articles like this tell it, that's beyond the capability of technology (even though everything else is possible). Yes tech companies must do a little work to be in compliance - that's the societal bargain. (3)Or they can simply design future encryption with that in mind but obviously Apple made a business decision to deal with this inevitability when it became a problem instead of baking it in to their initial design. That's simply a business blunder and now they'll hopefully have to pay the price. (4)I'm no Obama lover, and I own Apple products, but I side with law enforcement on this one.
(1) Compliance never meant breaking part of your product that is an essential to EVERY SINGLE ONE of their customer. (2) Really? By all means. Please fill us in. Why are we even having this issue if you know how to do it? (3) This one made me laugh...."simply design future encryption...". What do you think encryption is? It's not a physical thing you can hold in your hands. It's numbers theory, probability theory, set theory, abstract algebra. notation, and the language of abstract mathematics. (4) Good. Because your clear lack of understanding certainly isn't going to help my side.
We wouldn't be having this conversation if a) such encryption had existed on 9/11 and b) on 9/12 the FBI had asked Apple to let it into any suspect phones. Steve Jobs or Tim Cook would have opened them up with their tongues, because the enormity of the crime demanded it. They would have looked like co-conspirators with mass murderers in the eyes of the whole world if they had made then the same argument Cook et al. are making now.
Such noble half-baked and immature statements as the ones made above are only possible because merely 16 persons were murdered in San Bernardino. Yes, the hard truth about abstract moral principles is that they have to be put into action in the real world in the context of real human lives, and that changes the weight and heft of the arguments. If it had been 3,000 people who had been murdered in California rather than a *mere* 16, we wouldn't be hearing these arguments.
So that begs the question: Just how many mass murder victims is Apple willing to tolerate? How many are we the public willing to tolerate before we insist that Apple co-operate in keeping us safe? Or is the difference in the nature of the weapons used? Are assault rifle murders acceptable, while murders caused by airplanes are not? How about a poison gas attack, or a dirty bomb? Where is the line between an acceptable number of murders and an intolerable number?
Fortunately, your scenario didn't occur and frankly, it likely would not have had any effect on the extremely small number of U.S. Citizens killed on U.S. soil from foreign terrorists after 9-11.
More importantly, there were structural reasons why the various agencies failed to stop the 9-11 terrorists, but it wasn't because they didn't couldn't identify and track some of the suspects prior to the attack.
How many foreign countries will us citizens tolerate their military invading and murdering for righteousness? Or even oil? Terrorism is only one side of this story, and encryption certainly isn't the other. Breaking Apple's, and any other encryption, will not stop any 'terrorists', merely push them to other communicative avenues. Now that coney has announced to the world that the fbi cannot break Apple's encryption, could this possibly be a red herring in the making? The plot thickens.
What percentage of data and identity theft cases are solved and prosecuted? Who was prosecuted for the 2014 Anthem data breach that may cost consumers as much as $16 billion? Who was prosecuted for the 2015 Ashley Madison data breach? The 2014 eBay breach? The $1 billion JPMorgan breach in 2014? The $80 million Home Depot breach in 2014? The $35 million Sony breach in 2014? The $252 million Target breach in 2013? The $90 million Global Payments breach in 2012? The $130 million Tricare breach in 2011? The $19 million Citibank breach in 2011? The $2.8 billion Heartland Payments breach in 2009? These are just a few of the most expensive recent data thefts; the tip of the data and identity theft iceberg. How many of these cases were solved? How many of the perpetrators were brought to justice? How does the government ensure that, if data is stolen and used for theft, the perpetrator will be punished?
I think the problem is that the government is unable to provide any significant protection from the technology crime threats facing us. These threats have become very important to people and their importance is growing by the day. Technology has created these threats and the government is unable to effectively combat these threats through traditional means like prosecution, so technology in the form of encryption has been created to counter these threats. The government, seeing itself becoming increasingly irrelevant in the fight against technology crimes, attempts to keep the public focused on traditional crimes for which the government still has solutions. Unfortunately, the encryption solution to technology crime reduces the ability of the government to protect us from the traditional crimes, potentially reducing the government's relevance in crime prevention even further. This creates even more anxiety and opposition in the forces representing the current order who are invested in the traditional crime prevention and justice business.
Major technological changes will upend a social order that cannot cope with the challenges, conflicts and problems created by those changes. The current social order has failed to effectively combat the increasingly important problems of data and identity theft, so the forces representing the traditional crime prevention order are now in a battle with those of a new technology crime prevention order. The traditional order will eventually lose this battle unless it can render the new order unnecessary by halting data and identity theft using traditional means. It is too bad that Obama can't see the battle in these terms. Maybe he isn't really the Marxist his opponents say he is!
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
Not at all like that. Apple has already provided iCloud Backups, the equivalent of opening a safety deposit box at a bank. The bank has the boxes on its premises, Apple has iCloud servers.
What the FBI is asking is over and above the opening of the box, and affects everyone's phone and data. It's like asking the bank to turn off time-locks, re-build the building so that the FBI doesn't have to inconveniently take an elevator down three floors to the boxes; it's asking that the bank build, literally, a back door, so that the standard need for two keys be bypassed; and it's like asking, once the box is open, that the bank provide a translator because some of the records in the box are written in Chinese.
Your analogy is completely over-simplified and doesn't begin to touch the facts of the matter. But that's why there is discussion about the public perception of the debate, and why there will be a lot of examination in the courts and legislature about what to do. It's complicated, and obviously, you don't appreciate that.
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
Who said Apple didn't have to comply with a search warrant? How is appealing a court order constitute refusing to comply with a search warrant? You discredited yourself completely with the statement "Don't do anything illegal and you don't need encryption." Implying that someone who desires privacy is doing so because he/she has done something illegal is the first step to a surveillance state because a populace with this kind of attitude will be very pliable to increasing government intrusion.
To use your safe deposit box as an analogy for the iPhone, suppose the police come to the bank and the bank doesn't have they key to the safe deposit box. What do the police or bank do then?
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
Laughable logic fail of epic proportions yourself. Clue: when posing a question with your post number 1, do try not to let your prejudicial agenda show through... "...illegal activities on an overpriced iPhone" ...it's an insult to everyone's intelligence.
[AI ...FFS what the heck? The site is almost unusable. The app is hopeless and now the mobile site is up the creek. cant copy/paste, random capitals in text but never one after a para <return> ? or ! OR A peRiod! unless a space is entered. auto correct is totally messed up. seriously....have you been hacked?]
So let me see if I can follow Apple logic. If I have a safe deposit box at the bank and keep the record of my illegal activities there, police can get a search warrant and force the bank to open the box. However, if I keep all of my illegal activities on an overpriced iPhone and encrypt it with the help of Apple, I'm in the clear because Apple, unlike banks, doesn't have to comply with any legal search warrants. I see this strictly as a marketing ploy on Apple's part that makes me feel far less secure than I did before. To me, it's just this simple....Don't do anything illegal and you don't need encryption. What did people do in the time BEFORE iPhones? Apple....The criminal's friend and confidant.
Laughable logic fail of epic proportions yourself. Clue: when posing a question with your post number 1, do try not to let your prejudicial agenda show through... "...illegal activities on an overpriced iPhone" ...it's an insult to everyone's intelligence. now 'eff off troll.
[AI ...FFS what the heck? The site is almost unusable. The app is hopeless and now the mobile site is up the creek. cant copy/paste, random capitals in text but never one after a para <return> ? or ! OR A peRiod! unless a space is entered. auto correct is totally messed up. seriously....have you been hacked?]
Your understanding of software architecture vs software management is confused and superficial.
Please explain
I figured that hmlongco's proposal was a good idea, but my understanding of software architecture is limited. I imagine this would work similar to Bitlocker. Microsoft does not own the decryption key if you encrypt your Windows laptop with bitlocker.
Given where governments around the world are heading, having third party encryption may be the only option to secure devices and apps. With the UK, Brazil, New York, and California demanding back doors already, some laws are bound to get passed somewhere requiring Apple, What's App and others to build back doors.
Apple and Goolgle can not afford to stop selling devices in large markets as a third platform may gain the critical mass to become a viable alternative. I see only two ways around that. 1) Sell devices without encryption and allow users to add encryption through third party software. 2) Create two versions hardware and OS, one with encryption and one without. Both would be compatible with the same apps, but the secure version would only be sold in jurisdictions that allow the sale of encrypted devices without back doors. I'd be curious to see which version government officials would use. I am pretty sure they would by the secure version.
If option 1 is not technically feasible, then that would only leave option 2.
You've overlooked a third and more viable option. Apple refuses to make their product available in jurisdictions where they are outlawed and let the fallout from consumer demand facilitate the removal of useless politicians refusing to represent the will of their constituents.
Okay Daniel, I was going to write about this but you have the bigger audience, so here goes.
Apple wanted to allow users to block ads, but they didn't want to bake that capability into the OS itself. So what did they do? They opened up the system and allowed anyone and their kid brother to write ad blockers that users could download from the app store, if they choose to do so.
And many, many people did. Users got the blockers they wanted, and Apple could take a step back and say, "Hey. Wasn't us."
So, let's do it again. Apple should take a page from the "ad blocking" playbook and open the system to third-party encryption engines. Allow app developers to write encryption engines that the system installs and then uses to encrypt the disk. Allow users to install them. And in particular, allow developers outside of the US to create security plugins for the iPhone.
Apple will need to do a thorough job of vetting the code submitted to the store, but they already do that anyway for ad blocker plugins, and they sandbox those plugins to prevent them from transmitting user data and performing other nefarious acts.
Apple can bake in services to help them (Secure Enclave), but, by and large, the security code isn't theirs to break, they don't have access to the encryption keys to give away, and, in the case of developers located outside of the US, they're beyond the reach of the US government.
Apple could optionally allow that, but then it would be with the carrier settings we can't manually edit: once the capability is there, governments could mandate that specific modules be preinstalled in phones sold in their jurisdiction.
Also, this would not solve the problem at hand, as the government wants a special version of the OS that facilitates brute force decryption, that sort of thing would work no matter what the encryption module installed would be.
The real way to fix this is to make the core OS open source and to create a boot loader that makes it impossible to update the OS without the correct password such that even if the open source were used to create a custom OS, it simply could not be installed without bricking the phone unless done so by the owner with the proper password.
This brings up also the old debate of jail breaking: the actual process of jail breaking requires the phone to have a bug, but a phone which give the legitimate owner root/admin access isn't less, but more secure: it allows the user to verify what is running on the phone. Right now we don't even know if this entire brouhaha between the FBI and Apple isn't just an elaborate Kabuki Theater where Apple will win the case, thus gaining the confidence of users, while in fact the government long since has worked with Apple on a back door. So you might be all happy that Apple won while the government is sucking out every bit of information from your phone.
Only in an open phone the old "trust but verify" strategy is applicable, and which is why you can't trust your phone regardless of the outcome of the Apple vs. FBI case.
If you truly care about security and consumer rights, then lobby for laws that computer hardware must be open such as to allow the legitimate owners porting and installation of 3rd party operating systems, and access to the installed system at a privilege level that allows for auditing of system activities and extension of software capabilities.
If this isn't happening sooner or later, we'll be progressively more locked out and at the mercy of vendors (and thus governments) we cannot vett in any practical way.
Comments
Shame on Apple.
Because other countries do not enjoy our freedoms.
Organised Law Enforcement of any shape or form is barely 150 years old, I would remind everyone, and even that started first in the very ancient cities like London and Paris, which for the previous 2000 years or more had existed under absolute totalitarian dictatorship of Empire, be it Roman, French, British, Prussian or Austro-Hungarian...
Criminal investigation in those days must have been the exclusive preserve of the upper echelons of society or in the interests of stability of the kingdom, with networks of spies and informants combing the land and the colonies abroad for threats against the ruling dynasties and little else.
Come to think of it, how much has really changed since those days?
(2) Really? By all means. Please fill us in. Why are we even having this issue if you know how to do it?
(3) This one made me laugh...."simply design future encryption...". What do you think encryption is? It's not a physical thing you can hold in your hands. It's numbers theory, probability theory, set theory, abstract algebra. notation, and the language of abstract mathematics.
(4) Good. Because your clear lack of understanding certainly isn't going to help my side.
Or even oil?
Terrorism is only one side of this story, and encryption certainly isn't the other.
Breaking Apple's, and any other encryption, will not stop any 'terrorists', merely push them to other communicative avenues. Now that coney has announced to the world that the fbi cannot break Apple's encryption, could this possibly be a red herring in the making? The plot thickens.
I think the problem is that the government is unable to provide any significant protection from the technology crime threats facing us. These threats have become very important to people and their importance is growing by the day. Technology has created these threats and the government is unable to effectively combat these threats through traditional means like prosecution, so technology in the form of encryption has been created to counter these threats. The government, seeing itself becoming increasingly irrelevant in the fight against technology crimes, attempts to keep the public focused on traditional crimes for which the government still has solutions. Unfortunately, the encryption solution to technology crime reduces the ability of the government to protect us from the traditional crimes, potentially reducing the government's relevance in crime prevention even further. This creates even more anxiety and opposition in the forces representing the current order who are invested in the traditional crime prevention and justice business.
Major technological changes will upend a social order that cannot cope with the challenges, conflicts and problems created by those changes. The current social order has failed to effectively combat the increasingly important problems of data and identity theft, so the forces representing the traditional crime prevention order are now in a battle with those of a new technology crime prevention order. The traditional order will eventually lose this battle unless it can render the new order unnecessary by halting data and identity theft using traditional means. It is too bad that Obama can't see the battle in these terms. Maybe he isn't really the Marxist his opponents say he is!
What the FBI is asking is over and above the opening of the box, and affects everyone's phone and data. It's like asking the bank to turn off time-locks, re-build the building so that the FBI doesn't have to inconveniently take an elevator down three floors to the boxes; it's asking that the bank build, literally, a back door, so that the standard need for two keys be bypassed; and it's like asking, once the box is open, that the bank provide a translator because some of the records in the box are written in Chinese.
Your analogy is completely over-simplified and doesn't begin to touch the facts of the matter. But that's why there is discussion about the public perception of the debate, and why there will be a lot of examination in the courts and legislature about what to do. It's complicated, and obviously, you don't appreciate that.
Along the way we need to get rid of the "Patriot" Act, and especially the Secret Court.
To use your safe deposit box as an analogy for the iPhone, suppose the police come to the bank and the bank doesn't have they key to the safe deposit box. What do the police or bank do then?
Clue: when posing a question with your post number 1, do try not to let your prejudicial agenda show through...
"...illegal activities on an overpriced iPhone"
...it's an insult to everyone's intelligence.
[AI ...FFS what the heck? The site is almost unusable. The app is hopeless and now the mobile site is up the creek.
cant copy/paste, random capitals in text but never one after a para <return> ? or ! OR A peRiod! unless a space is entered.
auto correct is totally messed up.
seriously....have you been hacked?]
Clue: when posing a question with your post number 1, do try not to let your prejudicial agenda show through...
"...illegal activities on an overpriced iPhone"
...it's an insult to everyone's intelligence.
now 'eff off troll.
[AI ...FFS what the heck? The site is almost unusable. The app is hopeless and now the mobile site is up the creek.
cant copy/paste, random capitals in text but never one after a para <return> ? or ! OR A peRiod! unless a space is entered.
auto correct is totally messed up.
seriously....have you been hacked?]
i did not do that!
Also, this would not solve the problem at hand, as the government wants a special version of the OS that facilitates brute force decryption, that sort of thing would work no matter what the encryption module installed would be.
The real way to fix this is to make the core OS open source and to create a boot loader that makes it impossible to update the OS without the correct password such that even if the open source were used to create a custom OS, it simply could not be installed without bricking the phone unless done so by the owner with the proper password.
This brings up also the old debate of jail breaking: the actual process of jail breaking requires the phone to have a bug, but a phone which give the legitimate owner root/admin access isn't less, but more secure: it allows the user to verify what is running on the phone.
Right now we don't even know if this entire brouhaha between the FBI and Apple isn't just an elaborate Kabuki Theater where Apple will win the case, thus gaining the confidence of users, while in fact the government long since has worked with Apple on a back door.
So you might be all happy that Apple won while the government is sucking out every bit of information from your phone.
Only in an open phone the old "trust but verify" strategy is applicable, and which is why you can't trust your phone regardless of the outcome of the Apple vs. FBI case.
If you truly care about security and consumer rights, then lobby for laws that computer hardware must be open such as to allow the legitimate owners porting and installation of 3rd party operating systems, and access to the installed system at a privilege level that allows for auditing of system activities and extension of software capabilities.
If this isn't happening sooner or later, we'll be progressively more locked out and at the mercy of vendors (and thus governments) we cannot vett in any practical way.