But in reality there are two groups of people, "Americans" and "non-Americans"
I think you're missing the point. If the US government can divide the world into those two groups, Canada can do the same for "Canadians" and "non-Canadians", and the UK can do the same, and Australia and Russia and China and the EU and so on... But governments share data freely. The NSA can't spy on Americans, but Australia can--and they share with the NSA. In the end, everything is open to interception and no privacy remains.
Got any evidence for your paranoia? And even if you were right, how does that affect my claim that allowing Americans to have higher grade cryptography not stand as a valid and desirable thing? Oh, I'll bet you were thinking that Apple would allow multiple countries to privately escrow keys for Apple's phones. Hahahahahaha.
China's approach is to have all that data reside in the central government, in a vast databank of personally identifying information about its citizens, from iris and facial recognition to DNA data."
The very next sentence is "That is antithetical to our values." The NSA here is positioning themselves as the good guys. They want this in your mind, if you're a tech firm who's thinking of resisting them.
Well put... ie. "we're not that bad, (at least not yet)." Don't worry though, I'm sure they will keep us all nice and safe, at least so long as we have our libellus in hand to prove we've offered our pinch of incense to 'Caesar.'
chabig said: The NSA can't spy on Americans, but Australia can--and they share with the NSA. In the end, everything is open to interception and no privacy remains.
Bingo... you know how the game works.
vmarks said: Also: if the NSA is your threat model, you're going to have a bad time.
Not their threat model specifically, but they are, unfortunately, the threat model of us all.
For those who don't understand, I will explain it this way. Apple could either sell two physically different iPhones with internally different encryption algorithms, to US vs non-US citizens, or with a little cryptographic wizardry (that I won't explain because nobody understands cryptography) it could be the same iPhone sold everywhere with an internal nationality setting that only Apple can change within its secure facilities upon credentials (indicating nationality) being shown by the owner. And the nice thing is, Apple doesn't even have to know or record the name of the user, just the nationality. That's because when the user shows his nationality, he immediately has to enter his Touch ID or Face ID credentials to lock the phone to himself. At no point does Apple need to record the name of the person whose getting it set up! This is so fantastic. It's just a little inconvenient to users in this way: to get the phone configured in its un-escrowed configuration, the user has to walk into an Apple Store to set up his Touch ID by showing his passport (or equivalent proof of citizenship) to the Apple techie who is enabling the phone to use un-escrowed cryptography. An interesting point is that probably 50% of all Americans probably aren't worried about the US government having judicial access to their iPhone's data. This idea is so good it is inevitable. It will make all paranoid Americans happy that they have secure encryption. And NSA will be happy that they have access to foreign users' data. Apple will be slightly unhappy because they will argue that Samsung has no restrictions selling high grade encryption to China, but the US government could placate Apple by making it illegal for Samsung to sell any phones in America if Samsung sells high grade encryption to foreigners without escrow.
What's the process for second-hand phones? Because I can see a scenario where BadForeigner hires CluelessCitizen to buy a phone from legitimate sources and then on-sell it to get around the system you propose. Or deep-cover operatives who are US citizens are involved in whatever shenanigans are being planned.
One more thing: the NSA is a publicly-funded institution. Making them work harder increases the likelihood of their requesting and being granted more funding. This has flow-on effects in the national budget.
After reports that Google discovered a vulnerability in iOS recently, Apple responded to it and explained that the Chinese government were using an exploit to target certain individuals.
If the Chinese are able to snoop on iOS devices, than why can’t the NSA do it without complaining that tech companies are making it too hard?
I think the NSA should just give us a break on this one; I'm not comfortable with the NSA having permanent access to an iOS backdoor. They'll use it or abuse it, and everything will eventually get messed up
Comments
Bingo... you know how the game works.
Not their threat model specifically, but they are, unfortunately, the threat model of us all.
Also: https://www.xkcd.com/538/
One more thing: the NSA is a publicly-funded institution. Making them work harder increases the likelihood of their requesting and being granted more funding. This has flow-on effects in the national budget.