OT: Apple and Privacy vs. National Security
I haven't generated any posts lately, but there's a current hot topic I'm interested in. I'm curious for info on the privacy vs. national security questions raised in recent days, between the FBI and Apple. Here's the synopsis, if you've been living under a rock. Apparently, the San Bernardino terrorist's Apple i-phone wasn't destroyed, and the FBI wants Apple to help unlock the encryption so they can presumably see a record of calls and stored information, contacts, etc.. And (edit) Tim (not Robert) Cook of Apple is refusing, suggesting that to do this would be to create a "backdoor" giving the government access to every single i-phone out there, and all the content.
I've googled this topic, and read several articles on it, but still am unsure about what to think. Here's what I don't understand. Why can't Apple unlock the phone for the FBI and assist them in getting the data off of the phone? Can't they do this without giving the FBI software that would allow for the creation of a universal backdoor the FBI could use on everyone's phone? From what I've read, the encryption is so good that even Apple can't get in . . . it would have to write new software to be able to get in. And Cook doesn't even want that kind of software written, even if it is in-house at Apple. Is that correct?
My interest is really in what Apple can do to preserve privacy, and at the same time allow for the government to do everything it can towards national security. Is it possible, or do we really have to choose between either privacy, or national security concerns? I want to have my cake and eat it too!
February 18th, 2016 at 9:04 PM ^
are based in part on British common law and the Magna Carta/Charter of Liberties? The US is a child of Britain. Our language, laws, and even our obstinate refusal to surrender our freedom comes from Britain. The two Barons Rebellions, Peasants Revolt, the English Civil War, and the Glorious Revolution are all examples of the British willingness to challenge authority to change how the country was to be ran.
The Founding Fathers saw themselves as following in this tradition.
Contrary to what many Americans think the British are not a nation of monarchist toadies. That stubborn refusal to cowtow to the Nazis didn't come from no where. It's a characteristic the British/English have displayed long before they came to the Americas.
February 18th, 2016 at 11:39 PM ^
February 18th, 2016 at 5:18 PM ^
Tim Cook
February 18th, 2016 at 5:18 PM ^
February 18th, 2016 at 5:18 PM ^
February 18th, 2016 at 5:56 PM ^
When Apple did it in the past, it was with an older iOS. The encryptions of the new iOS prohibit Apple from accessing the phone.
February 18th, 2016 at 5:19 PM ^
Here's what I've gathered so far, feel free to correct any details I got wrong:
- Apple intentionally designed the software so that they wouldn't be able to get the data off of it, because encrypted data protection is pointless if there is a backdoor to it.
- The FBI wants access to the data on that one iPhone, and got a judge to order Apple to create a modified operating system that doesn't lock out users after multiple incorrect unlock attempts. Presumably they will install this OS on the iPhone in question and then brute force unlock it.
- Apple doesn't want to do this because the government can then use this same operation system to unlock any iPhone, and this is problematic because they made the strong encryption abilties a selling point. Customers that bought an iPhone in part because of the device protections would be understandably pissed, and Apple would prefer to not piss off customers.
February 18th, 2016 at 5:23 PM ^
Maybe a dumb question, but how do they install an OS on a locked phone?
February 18th, 2016 at 5:35 PM ^
I don't know, but apparently the FBI think so. I'm guessing if they have an unencrypted system partition and a separate data partition that is encrypted it might be possible, but I'm just spitballing there. I don't know enough about encryption or how it's implemented on the iPhone to really say for sure.
February 18th, 2016 at 10:35 PM ^
I swear I've got to punch in the access code of the phone for it to synch to a computer for updates, or to do an update over the wire.
February 18th, 2016 at 5:58 PM ^
To modify your third point, it's not a matter if Apple wants to do it or not. Apple doesn't have the ability to unlock it. The government is attempting to force Apple to create a way to unlock the phone.
February 18th, 2016 at 5:19 PM ^
you'd know the CEO of Apple is actually Tim Cook.
But, snark aside.
I vote privacy every time.
and more than that, you're mostly correct about having to write special code. it's not like Apple just has the keys and just wont unlock the door.
I'd be happy if this thread was nuked, because it will likely get political, either way, it's not like you can't find a more informed tech discussion about this somewhere else on the internet.
February 18th, 2016 at 5:22 PM ^
February 18th, 2016 at 6:37 PM ^
We're fools if we think this is a 1 or 2 time only use by the government. If it's created, it will never ever go away and will basically be permanent government surveillance into our lives.
February 18th, 2016 at 5:25 PM ^
February 18th, 2016 at 5:25 PM ^
Apple could absolutely get into the phone if they wanted. Right now.
February 18th, 2016 at 5:29 PM ^
See, that's what I'm wondering about. I would assume they can get on this one phone without writing a whole new special operating system. I've heard both sides here, and I don't have a clue. I've always assumed Apple could do that. But Tim Cook and others are saying no, that isn't possible.
February 18th, 2016 at 11:19 PM ^
February 18th, 2016 at 5:30 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 5:41 PM ^
Apple has access to some data about your phone use (obviously). They have records on their servers about your use of some apps (mainly Apples apps), but the data on the phone itself is encrypted and limited to the device. The hardware in the newer iPhones simply do not allow remote decryption.
Warning Technical Details: There's a security enclave (hardware) that has a private key unique to the device, which is used to decrypt the phone. Apple doesn't have that. Only way to break into the phone is to use the owners thumb print (assuming touchId is used) or brute force the PIN/password. The brute force won't work in the newest phones though since there's a feature in the hardware to wipe the phone after 10 unauthorized attempts in a row.
February 18th, 2016 at 10:41 PM ^
phone in question is a 5C which is too old to have the Touch ID, so even if they made a mold of the fingerprint it wouldn't do any good.
And while we're talking about it, if you want your phone more secure, you should turn off Siri access when the phone is locked and minimize the things that show up on your lock screen - see here.
February 18th, 2016 at 5:28 PM ^
February 18th, 2016 at 5:29 PM ^
And here's a link to his statement of Apple's position. (I hope it works; I haven't previously tried to link anything in this forum.) http://www.apple.com/customer-letter/
February 18th, 2016 at 5:29 PM ^
February 18th, 2016 at 6:45 PM ^
but what bugs me is that it's so often someone else's liberty that's being traded.
February 18th, 2016 at 5:30 PM ^
The local government did not object to the FBI request which is one reason the judge granted the request.
February 18th, 2016 at 5:37 PM ^
I didn't know this facet of the story. It completly changes things; you have a diminished expectation of privacy when you're interfacing with a device you don't own, and particularly so when that device is owned by a government.
On the other hand, the law generally shies away from requiring action. (e.g. the law doesn't really care if you watch someone drown and you don't try to help (unless you put that person in the situation)). Did Apple require this local government to use iPhones? Did Apple imply it would permit access to the phone by request? Similarly, it'd be a push to require Apple to decrypt in this situation, which is far beyond a normal subpoena or records request.
February 18th, 2016 at 6:24 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 5:33 PM ^
February 18th, 2016 at 5:33 PM ^
... but n ot political. It's not like most issues where one party has a viewpoint and the other has a different viewpoint, and we have to hate each other. There are members on both sides of the aisle who grapel with this. It's an interesting topic.
February 18th, 2016 at 6:43 PM ^
but nevertheless, I'd like to take the opportunity to say that the politician from my party or area is superior to the politician from your party or area.
February 18th, 2016 at 7:35 PM ^
.. flying dog. I am a fat cat. This is clear.
February 18th, 2016 at 5:33 PM ^
February 18th, 2016 at 5:34 PM ^
February 18th, 2016 at 6:45 PM ^
but - being fairly naive on the issue - I don't understand why so many people want him in deep trouble. There's whisteblower protections for a lot of things but not for those revealing our own government is abusing its power? Seems like he did a great deed bringing a lot of things in front of the american public
February 18th, 2016 at 7:37 PM ^
I completely agree with your point! This is a really wierd situation - I like that he outed the info because the NSA went way beyond. My problem with him is that he took a paycheck to keep secrets, and violated the agreements he agreed to. He signed NDA's (Non-Disclosure Agreements) to get access to those programs, NDA's that pre-empt whistleblower laws. To get that level of access, you give up the safety those laws provide when it comes to the programs themselves. (Workplace safety, EEO, harrassment, etc. - those protections still apply.) I know because I've also signed them. Wierd - on one hand I'm happy he outed (some of) what he did; but on the other hand, he disgusts me as a hypocrit of the first order. Maybe the 'execution' part is overplayed... I can really only think of two people that should have been executed - John Walker and Richard Ames. Ames got people killed, and Walker put the entire Navy at risk (literally).
Weird...
February 18th, 2016 at 5:34 PM ^
The phone in this case is the 5C. That's important because it's security mechanism is different than the 5S, 6, 6S. For those phones, Apple has designed the hardware so that even they can't update the OS to bypass the security.
I'm 100% on Apple's side on this one. Creating a backdoor of any kind (and that's exactly what the US govt is asking for, whether they want to word it that way or not) creates security exploits that can be used by criminals and foreign governments as well. Ultimately this will only hurt your average user. Criminals (at least the smart ones) use sophisticated encryption techniques not used by mainstream tech companies, since they're willing to trade ease of use for increased security.
Source: Software Engineer
February 18th, 2016 at 5:51 PM ^
Thank you . . . that is what I was wondering about. (whether or not the government's request would create a key that would unlock all phones). I am still up in the air as to where I stand with regards to privacy and national security. I tend to side with privacy, but have grave concerns about terrorism as well. This is a strange new world we live in.
February 18th, 2016 at 10:19 PM ^
Apple can't update a locked phone. They could roll out a software update which would remove some of the safeguards in place, allowing them to remote decrypt a phone if they so chose in the future, but software updates can only occur when the phone is unlocked.
Problem with that is, if Apple can decrypt the phone remotely, then they've just opened up an avenue for other hackers to try and exploit.
Ignoring the very real possibility of our own government misusing this power to gather private information about US citizens, the threat of criminal organizations and foreign governments doing so is very real.
February 18th, 2016 at 7:43 PM ^
This isn't simply a question of national security vs. privacy. Privacy is not the only thing that is at stake when the backdoor is created.
Purely from a national security standpoint we are weighing 1) maybe losing crucial information on these murderers against 2) potential future national security risks due to security exploits that can be (and will be) used by foreign governments.
Tough choice and it's not as simple as screw-the-govmin-coz-they-cant-be-trusted.
February 18th, 2016 at 5:34 PM ^
February 18th, 2016 at 5:49 PM ^
February 18th, 2016 at 5:56 PM ^
February 18th, 2016 at 6:03 PM ^
Stop citing as fact the paranoid delusions of idiots, cranks, and the mentally ill.
February 18th, 2016 at 8:19 PM ^
February 18th, 2016 at 6:00 PM ^
February 18th, 2016 at 5:35 PM ^
Sent from MGoBlog HD for iPhone & iPad
February 18th, 2016 at 5:37 PM ^
I've actually read one article that suggested the federal government was very careful and crafty in this request. Because of terrorism, and national security concerns, and the phone actually being the property of the city government, it gave them the cover to ask Apple for what they wanted all along. If the federal government asked for a backdoor upfront (for all phones), their request would never be granted. But this particular case gives them the political cover (fear of terrorism) to ask Apple to do something that would unlock all devices. Pretty sneaky and diabolical, if that's what actually happened.
February 18th, 2016 at 6:40 PM ^
it just requires a little patience and being opportunistic. Which is exactly what's happening here. I've heard NPR interviews this morning to that effect from law enforcement officials.
A conspiracy would be if the govt was involved in the San Bernadino shooting just to create this situation. That's the tin hat territory here-- being politically smart and understanding PR is just how government (and business) work.
February 18th, 2016 at 6:40 PM ^