OT: Apple and Privacy vs. National Security
I haven't generated any posts lately, but there's a current hot topic I'm interested in. I'm curious for info on the privacy vs. national security questions raised in recent days, between the FBI and Apple. Here's the synopsis, if you've been living under a rock. Apparently, the San Bernardino terrorist's Apple i-phone wasn't destroyed, and the FBI wants Apple to help unlock the encryption so they can presumably see a record of calls and stored information, contacts, etc.. And (edit) Tim (not Robert) Cook of Apple is refusing, suggesting that to do this would be to create a "backdoor" giving the government access to every single i-phone out there, and all the content.
I've googled this topic, and read several articles on it, but still am unsure about what to think. Here's what I don't understand. Why can't Apple unlock the phone for the FBI and assist them in getting the data off of the phone? Can't they do this without giving the FBI software that would allow for the creation of a universal backdoor the FBI could use on everyone's phone? From what I've read, the encryption is so good that even Apple can't get in . . . it would have to write new software to be able to get in. And Cook doesn't even want that kind of software written, even if it is in-house at Apple. Is that correct?
My interest is really in what Apple can do to preserve privacy, and at the same time allow for the government to do everything it can towards national security. Is it possible, or do we really have to choose between either privacy, or national security concerns? I want to have my cake and eat it too!
February 18th, 2016 at 5:27 PM ^
And if they had a warrant to do so then I would agree. Now Imagine if your phone and computer had a backdoor coded into it's OS that would allow them to search your devices without asking you, without a warrant, or without you knowing. Would you still be okay with that?
You may be willing to give up any amount of privacy for the smallest illusion of security. For me my privacy is my security.
February 18th, 2016 at 5:30 PM ^
What is on my phone or computer than I am so worried about the NSA seeing? This is the part I never understood about the obsession with privacy.
So an NSA agent that I am never likely to meet to have interaction with knows that I suffer from ED along with 40% of the rest of the men in this country.(Cant remember the stat from the commercial.) Why do I care? What is he going to do with that? Tell my neighbor? Why would they care?
February 18th, 2016 at 5:34 PM ^
February 18th, 2016 at 5:34 PM ^
Then you won't mind if I come over and go through all of your things, phones, and computers? I'll be over in about an hour.
February 18th, 2016 at 5:36 PM ^
February 18th, 2016 at 6:13 PM ^
February 18th, 2016 at 7:10 PM ^
I agree with all of that, but submit that in this case the law is being followed and due process has been served, and Apple is still refusing to comply with the court order.
February 18th, 2016 at 7:46 PM ^
Apple is following the order in the regard that anything stored on its own servers was made available to the FBI. The problem here is that a personal device, not owned by Apple or anyone else, is being pushed at Apple to crack it open.
Now really anyone who wants to lock their stuff down exclusively of the OS in question will install 3rd party apps and it'll never get to the light of day.
February 18th, 2016 at 9:41 PM ^
February 18th, 2016 at 5:56 PM ^
February 18th, 2016 at 5:32 PM ^
As Anonymous so brazenly prove any adept hacker can hack into your personal information. We are more vulnerable than ever.
February 18th, 2016 at 8:35 PM ^
Assume it is public information
February 18th, 2016 at 5:32 PM ^
From what I've read, the iPhone in question was owned by the local government unit (it was a work cell phone). That local government is in support of the phone being searched. So in this particular case, the government (FBI) isn't looking to search a device without asking for permission.
February 18th, 2016 at 5:42 PM ^
Except that A. they want apple to make a modification that turns off the data auto wipe that protects your data being stolen by brute force attacks. Which could be used by theives who physically steal your phone.
And B. They want Apple and other mobile device manufactures to create a backdoor into their devices so they can break into them. Which can allow anyone to easily steal your data remotely without you knowing it even happened.
They are asking Apple to purposely make their devices unsecure.
February 18th, 2016 at 5:28 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 8:44 PM ^
4th amendment says they can get your documents with a warrant. Secondly you have no assumed privacy using your employers equipment. How is this different from a wiretap? A warrant made a landline telephone company, when that was a thing, physically do work to make that happen.
February 18th, 2016 at 5:32 PM ^
Have Apple open the phone and give the govenrment the data that the terrorists (formerly) had. Apple doesn't have to give the government the encryption key, just the data.
However, foreign governments do have encryption keys. They also don't allow the 128 bit encryption that we use in the US.
Slippery slope...
February 18th, 2016 at 5:36 PM ^
...was to assist the FBI. Now I've changed my mind. I understand the FBI approached the judge and received the court order without Apple attorneys even being present. In other words, no due process. I'd fight this, too, if I were Apple.
Slippery slope.
February 18th, 2016 at 8:48 PM ^
Are the police required to have the accused attorney present when they get a warrant? I wonder if the judge actually knew what he ordered.
February 18th, 2016 at 5:37 PM ^
Not locked yet? Ok...
Information is power. It's not just about your personal privacy, or if you "have something to hide". It's about having control... The ability to monitor and manipulate the people as a whole. Even "metadata" (that people love to dismiss because it's not something "important" like a dick-pic) is extremely powerful in the right/wrong hands. If you want to say... Identify and disband some type of "dissenters"? Like a MLK, perhaps?
February 18th, 2016 at 5:49 PM ^
That's the part no-body realizes. May be people should watch 'Enemy of the State' first. Just because one has nothing to hide doesn't mean it is ok for others to see what one has.
February 18th, 2016 at 5:53 PM ^
I don't watch enemy of the state, but does this have anything to do with Obama killing Scalia and then covering it up?
February 18th, 2016 at 5:57 PM ^
Clever.
No conspiracy theories from me. Just the obvious practical implications if looked at critically for more than 10 seconds.
February 18th, 2016 at 7:27 PM ^
ALLEGEDLY
February 18th, 2016 at 8:28 PM ^
February 18th, 2016 at 5:58 PM ^
I am not even going to bother with the political angle on what is wrong with government having unfettered access to your data.
Technically, this is a very, very, very bad idea.
What FBI wants is to disable the feature that deletes the content after so many bad access attempt. The only way to make this happen is to make a change to the OS. You also have to distribute this as a "security" update so that it is mandatory on all phones.
I am not going to bother with how terrible security vulnerability that is. Let's for argument sakes that they can target this specific device for this update.
That still does not change the fact that now a mandatory "security" update can deliver a trojan to your device (government sponsored or not). If I care about security (and many people do), that means that I am going to disable automatic security updates. That will lead to many more devices without proper security update that can be vulnerable to malicious hacks and EVERYONE will be worse off.
The benefit of finding out some nebulous connection to these people are not worth jeopardizing the entire eco-system of security updates. I don't care if they had the private phone number to the top ISIS commander. That is nothing compare to what would happen if significant number of people don't download security updates.
This is very very bad idea that Apple should resist with all their might. This is just going to make our national security worse, not better.
February 18th, 2016 at 6:42 PM ^
Governments across the world have a history of turning on their people, especially as they move to get more power. Sadly, we may think we are different, but this has happened in every country across the world through history and will continue to happen.
February 18th, 2016 at 11:46 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 7:05 PM ^
I just think that maybe we shouldn't set the legal precedent that the government can have unlimited access to our information. While law abiding citizens should have nothing to hide, the government also shouldn't have a reason to peak around through their stuff.
Maybe it's just me but I don't really want the Federal Government up in my business. It's not because I've done anything illegal, it's because it's none of their damn business, or yours.
You may fine with giving up your privacy and freedoms for safety, but I'm not. I don't need a piece of paper or any such entity to tell me what I already know; which is that I am a Human Being and as a result of that deserve to be free, free from you telling me how to live, free from you snooping up in my business, free from you or any government thinking that you need to interfere in my life.
February 18th, 2016 at 7:40 PM ^
The FBI has the phone and the authority to get into it, so they should have at it. However, that doesn't mean the government should have the right to compell a third party, Apple, to do its work for them. Were I Tim Cook I'd tell the FBI that I personally didn't have the skills required and I had no lawful authority to compell an employee to work for the government.
So how does the US Government go about persuading somebody to do their intellectual bidding, take families hostage?
February 18th, 2016 at 8:41 PM ^
bedrooms and restrooms. If the President (any President--non partisan) isn't doing anything wrong, then why not?
Maybe Vegas could set a line on the number of honest dumps taken for the day?
February 18th, 2016 at 8:54 PM ^
Some bald guy that used to fly kites said something to the effect, "When you sacrifice liberty for security you soon find yourself with neither."
February 18th, 2016 at 9:21 PM ^
That's all well and good... until the government decides you're not being honest. Or decides that you're guilty regardless of the facts.
An honest person shouldn't HAVE to give up his privacy to prove he's honest.
February 18th, 2016 at 5:12 PM ^
February 18th, 2016 at 5:16 PM ^
February 18th, 2016 at 5:22 PM ^
It is a political topic, but that's why I framed my question carefully. I am interested in the techie nerdy geeks on the board who actually understand what Apple can and cannot do. I'm curious to better understand why Apple can't unlock the phone without compromising every single i-phone users privacy.
Interestingly, I just re-read "Meet the Bag Man," about recruiting and the SEC. One of the observations made by the bag man intereviewed is that you never say anything on ANY phone that could be recorded, and you buy lots of "burner" phones, that you use briefly and throw away. No record left.
I have an old roommate from Michigan who is an expert on deidentification of data, largely for health research purposes. In the health care field, research would come to a grinding halt without large datasets of individuals with their medical history included. The key is to make sure that each data point (each individual) has been properly "deidentified," so that no one with nefarious intent can "reidentify" a "deidentified" individual. This roommate has made some powerful enemies in Washington and in academe, and is appropriately paranoid about his own privacy. Our discussions have helped me to see that when you absolutize a particular concern, you run into problems.
February 18th, 2016 at 10:19 PM ^
As I understand it the FBI wants Apple to overwrite the firmware for that specific device to unload the software lockouts--delays between PIN attempts-- such that it's susceptible to brute force. The FBI isn't looking to "crack" the encryption but rather circumvent it.
February 19th, 2016 at 9:39 AM ^
A very technical post that explains exactly what the FBI is asking Apple to do, and says it's technically feasible. Summary point:
"I believe it is technically feasible for Apple to comply with all of the FBI’s requests in this case. On the iPhone 5C, the passcode delay and device erasure are implemented in software and Apple can add support for peripheral devices that facilitate PIN code entry. In order to limit the risk of abuse, Apple can lock the customized version of iOS to only work on the specific recovered iPhone and perform all recovery on their own, without sharing the firmware image with the FBI."
http://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-order/
February 18th, 2016 at 5:14 PM ^
The propositoin is simple: if a "back door" is written into the code, then hackers will eventually exploit it no matter how well-written it is.
Have you seen Minority Report? It's a decent thought exercise w.r.t. the loss of privacy.
February 18th, 2016 at 5:14 PM ^
This has been, and I think will be, very interesting to follow. I don't know nearly enough about technology to form an intellegent opinion, but the legal precedent set by the decision could be very influencial in future privacy vs security matters.
February 18th, 2016 at 5:15 PM ^
No chance this gets political
February 18th, 2016 at 5:15 PM ^
The thought is that if Apple were to do it just this one time then the Federal government, and it's agencies would use that as precedent to force Apple to do it again, and again, and again.
From what I understand that this could also compromise the security of all other IPhone 5 devices.
February 18th, 2016 at 5:19 PM ^
I'm with the OP. I don't understand why there isn't a solution that doesn't involve giving the government a hack for everyones iphone. It's like showing a locksmith a search warrant and saying "OK, we have this search warrant for this house here. Now I want you to help us by making a master key for every house in the country."
February 18th, 2016 at 5:25 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 7:51 PM ^
It could be done to any phone, but isn't that the same for any search and seizure? They have a warrant if I'm not mistaken so there is due process at work.
February 18th, 2016 at 5:28 PM ^
Not an IT guy but my understanding is that because anything they do to that phone could theoretically be done to another phone.
For example, if they turned off the "wipe after 10 incorrects" by modifying the operating software then there for that one phone to allow the government to brute force into the phone then there is operating system out there that exists that would function to allow this to be done for other phones. Theoretically it only would be owned for the government for that one instance, but the question is, would that be the case. Never say never - that's a genie you can't put back into the bottle.
To use your locksmith analogy, what Apple is saying the key the locksmith would have to make to open up that one partocular door would, in order to work the way you want, have to open other doors too.
Ironic that this is occuring not longer after the new US-EU "Privacy Shield" was enacted after the previous iteration of it (US-EU Safe Harbor) was invalidated by the European Court of Justice due to the PRISM program.
February 18th, 2016 at 6:20 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 5:19 PM ^
the country remains relatively untouched by foreign terrorism. If the US becomes like Britain during The Troubles then corporations like Apple will feel a lot more pressure to cave in to the government's demands.
Apple's position is based on the correct observation that the American people largely want to limit the government's efforts to use surveillance to catch terrorists.
PS: It's TIM Cook, not Robert. I worked with a Robert Cook. He was a real asshole.
February 18th, 2016 at 6:23 PM ^
February 18th, 2016 at 7:42 PM ^
Not sure you're totally accurate on the privacy issue there. I believe the US Government has much broader snooping powers than most in Europe. For example, I'm pretty sure that recent laws passed in France basically gave them a lot of the powers that the NSA has had for over a decade. I haven't tried to find any articles to support these assertions so I could be wrong, but this is certainly my understanding...