OT: Apple and Privacy vs. National Security

Submitted by StephenRKass on

I haven't generated any posts lately, but there's a current hot topic I'm interested in. I'm curious for info on the privacy vs. national security questions raised in recent days, between the FBI and Apple. Here's the synopsis, if you've been living under a rock. Apparently, the San Bernardino terrorist's Apple i-phone wasn't destroyed, and the FBI wants Apple to help unlock the encryption so they can presumably see a record of calls and stored information, contacts, etc.. And (edit) Tim (not Robert) Cook of Apple is refusing, suggesting that to do this would be to create a "backdoor" giving the government access to every single i-phone out there, and all the content.

I've googled this topic, and read several articles on it, but still am unsure about what to think. Here's what I don't understand. Why can't Apple unlock the phone for the FBI and assist them in getting the data off of the phone? Can't they do this without giving the FBI software that would allow for the creation of a universal backdoor the FBI could use on everyone's phone? From what I've read, the encryption is so good that even Apple can't get in . . . it would have to write new software to be able to get in. And Cook doesn't even want that kind of software written, even if it is in-house at Apple. Is that correct?

My interest is really in what Apple can do to preserve privacy, and at the same time allow for the government to do everything it can towards national security. Is it possible, or do we really have to choose between either privacy, or national security concerns? I want to have my cake and eat it too!

SalvatoreQuattro

February 18th, 2016 at 9:04 PM ^

are based in part on British common law and the Magna Carta/Charter of Liberties? The US is a child of Britain. Our language, laws, and even our obstinate refusal to surrender our freedom comes from Britain. The  two Barons Rebellions, Peasants Revolt, the English Civil War, and the Glorious Revolution are all examples of the British willingness to challenge authority to change how the country was to be ran.

The Founding Fathers saw themselves as following in this tradition. 

Contrary to what many Americans think the British are not a nation of monarchist toadies. That stubborn refusal to cowtow to the Nazis didn't come from no where. It's a characteristic the British/English have displayed long before they came to the Americas.

 

wile_e8

February 18th, 2016 at 5:19 PM ^

Here's what I've gathered so far, feel free to correct any details I got wrong:

  • Apple intentionally designed the software so that they wouldn't be able to get the data off of it, because encrypted data protection is pointless if there is a backdoor to it.
  • The FBI wants access to the data on that one iPhone, and got a judge to order Apple to create a modified operating system that doesn't lock out users after multiple incorrect unlock attempts. Presumably they will install this OS on the iPhone in question and then brute force unlock it.
  • Apple doesn't want to do this because the government can then use this same operation system to unlock any iPhone, and this is problematic because they made the strong encryption abilties a selling point. Customers that bought an iPhone in part because of the device protections would be understandably pissed, and Apple would prefer to not piss off customers.

wile_e8

February 18th, 2016 at 5:35 PM ^

I don't know, but apparently the FBI think so. I'm guessing if they have an unencrypted system partition and a separate data partition that is encrypted it might be possible, but I'm just spitballing there. I don't know enough about encryption or how it's implemented on the iPhone to really say for sure.

jabberwock

February 18th, 2016 at 5:19 PM ^

you'd know the CEO of Apple is actually Tim Cook.

But, snark aside.

I vote privacy every time.

and more than that, you're mostly correct about having to write special code. it's not like Apple just has the keys and just wont unlock the door.  

I'd be happy if this thread was nuked, because it will likely get political, either way, it's not like you can't find a more informed tech discussion about this somewhere else on the internet.

EGD

February 18th, 2016 at 5:22 PM ^

My concern is that with the USA Patriot Act having removed so many of the checks and balances on federal investigative powers, the software--once created--would be abused in the future.

kb

February 18th, 2016 at 5:25 PM ^

Apple to do it. People in the government can get into the phone. They do this all the time with all kinds of phones and computers.

StephenRKass

February 18th, 2016 at 5:29 PM ^

See, that's what I'm wondering about. I would assume they can get on this one phone without writing a whole new special operating system. I've heard both sides here, and I don't have a clue. I've always assumed Apple could do that. But Tim Cook and others are saying no, that isn't possible.

Codeman

February 18th, 2016 at 5:41 PM ^

Apple has access to some data about your phone use (obviously).  They have records on their servers about your use of some apps (mainly Apples apps), but the data on the phone itself is encrypted and limited to the device.  The hardware in the newer iPhones simply do not allow remote decryption.

Warning Technical Details: There's a security enclave (hardware) that has a private key unique to the device, which is used to decrypt the phone.  Apple doesn't have that.  Only way to break into the phone is to use the owners thumb print (assuming touchId is used) or brute force the PIN/password.  The brute force won't work in the newest phones though since there's a feature in the hardware to wipe the phone after 10 unauthorized attempts in a row.

Picktown GoBlue

February 18th, 2016 at 10:41 PM ^

phone in question is a 5C which is too old to have the Touch ID, so even if they made a mold of the fingerprint it wouldn't do any good.

And while we're talking about it, if you want your phone more secure, you should turn off Siri access when the phone is locked and minimize the things that show up on your lock screen - see here.

turtleboy

February 18th, 2016 at 5:28 PM ^

Well I understand that roughly 95% of apples profits come from iPhone sales, and they'd understandably be interested in protecting that sole product that supports their company above other concerns. I really think whatever decision is made that their company living or dying by iPhone sales will be the primary determining factor.

Fhshockey112002

February 18th, 2016 at 5:30 PM ^

I'm not as tech savvy as many on this board but my question (which I personally don't have a stance on yet) is does it matter the phone was owned by the local government? This was not a private citizens phone, should someone have an expectation of privacy on a company (in this case city) provided phone?



The local government did not object to the FBI request which is one reason the judge granted the request.

Snowbro

February 18th, 2016 at 5:37 PM ^

I didn't know this facet of the story. It completly changes things; you have a diminished expectation of privacy when you're interfacing with a device you don't own, and particularly so when that device is owned by a government. 



On the other hand, the law generally shies away from requiring action. (e.g. the law doesn't really care if you watch someone drown and you don't try to help (unless you put that person in the situation)). Did Apple require this local government to use iPhones? Did Apple imply it would permit access to the phone by request? Similarly, it'd be a push to require Apple to decrypt in this situation, which is far beyond a normal subpoena or records request.

ESNY

February 18th, 2016 at 6:24 PM ^

My company protected my phone and they require passwords of a certain length and the ability to remote wipe it but that doesn't mean they can access my phone or know my passwords. They can just disable my email and other company apps. All the government can do in this case is to say, sure review the emails.




Sent from MGoBlog HD for iPhone & iPad

4godkingandwol…

February 18th, 2016 at 5:33 PM ^

... but n ot political.  It's not like most issues where one party has a viewpoint and the other has a different viewpoint, and we have to hate each other.  There are members on both sides of the aisle who grapel with this.  It's an interesting topic.

 

 

BoFan

February 18th, 2016 at 5:33 PM ^

If Apple designed it the way they said, you can encrypt your phone and no one can get in. If Apple creates a back door then it can easily be cracked. Can't have it both ways. Im not taking sides here.

1VaBlue1

February 18th, 2016 at 5:34 PM ^

Having worked in the IC for 20 some years, I can tell you that once this precedent is set, the govt will use it pretty much whenever it wants. Even if it has to get a warrant signed by the FISA court, which is essentially a rubber stamp for CIA and NSA. Snowmen revealed a lot - way more than most people realize based on popular media reporting. Nothing to hide? That's great! But we still have Constituional protection for freedom of speech. The govt eroded that through the programs Snowden outed, and you'd have to be quite naive to think it wouldn't do the same again. I'll side with Apple on this one. (Disclaimer: I worked with NGA (imagery), not the signals crap NSA does. And I think Snowden should be imprisoned/executed for his crimes.)

I've said my piece, now this thread should be torched!

gwkrlghl

February 18th, 2016 at 6:45 PM ^

but - being fairly naive on the issue - I don't understand why so many people want him in deep trouble. There's whisteblower protections for a lot of things but not for those revealing our own government is abusing its power? Seems like he did a great deed bringing a lot of things in front of the american public

1VaBlue1

February 18th, 2016 at 7:37 PM ^

I completely agree with your point!  This is a really wierd situation - I like that he outed the info because the NSA went way beyond.  My problem with him is that he took a paycheck to keep secrets, and violated the agreements he agreed to.  He signed NDA's (Non-Disclosure Agreements) to get access to those programs, NDA's that pre-empt whistleblower laws.  To get that level of access, you give up the safety those laws provide when it comes to the programs themselves.  (Workplace safety, EEO, harrassment, etc. - those protections still apply.)  I know because I've also signed them.  Wierd - on one hand I'm happy he outed (some of) what he did; but on the other hand, he disgusts me as a hypocrit of the first order.  Maybe the 'execution' part is overplayed...  I can really only think of two people that should have been executed - John Walker and Richard Ames.  Ames got people killed, and Walker put the entire Navy at risk (literally).

Weird...

Codeman

February 18th, 2016 at 5:34 PM ^

The phone in this case is the 5C.  That's important because it's security mechanism is different than the 5S, 6, 6S.  For those phones, Apple has designed the hardware so that even they can't update the OS to bypass the security.  

I'm 100% on Apple's side on this one.  Creating a backdoor of any kind (and that's exactly what the US govt is asking for, whether they want to word it that way or not) creates security exploits that can be used by criminals and foreign governments as well.  Ultimately this will only hurt your average user.  Criminals (at least the smart ones) use sophisticated encryption techniques not used by mainstream tech companies, since they're willing to trade ease of use for increased security.

Source: Software Engineer

StephenRKass

February 18th, 2016 at 5:51 PM ^

Thank you . . . that is what I was wondering about. (whether or not the government's request would create a key that would unlock all phones). I am still up in the air as to where I stand with regards to privacy and national security. I tend to side with privacy, but have grave concerns about terrorism as well. This is a strange new world we live in.

Codeman

February 18th, 2016 at 10:19 PM ^

Apple can't update a locked phone.  They could roll out a software update which would remove some of the safeguards in place, allowing them to remote decrypt a phone if they so chose in the future, but software updates can only occur when the phone is unlocked. 

Problem with that is, if Apple can decrypt the phone remotely, then they've just opened up an avenue for other hackers to try and exploit.

Ignoring the very real possibility of our own government misusing this power to gather private information about US citizens, the threat of criminal organizations and foreign governments doing so is very real. 

mwolverine

February 18th, 2016 at 7:43 PM ^

This isn't simply a question of national security vs. privacy. Privacy is not the only thing that is at stake when the backdoor is created. 

Purely from a national security standpoint we are weighing 1) maybe losing crucial information on these murderers against 2) potential future national security risks due to security exploits that can be (and will be) used by foreign governments.

Tough choice and it's not as simple as screw-the-govmin-coz-they-cant-be-trusted.

Black Socks

February 18th, 2016 at 5:34 PM ^

By the way. Give me liberty over security any day. Government is way too big. In fact, it's so big it's causing terrorism. More people die from bathtub falls than terrorists every year.

StephenRKass

February 18th, 2016 at 5:37 PM ^

I've actually read one article that suggested the federal government was very careful and crafty in this request. Because of terrorism, and national security concerns, and the phone actually being the property of the city government, it gave them the cover to ask Apple for what they wanted all along. If the federal government asked for a backdoor upfront (for all phones), their request would never be granted. But this particular case gives them the political cover (fear of terrorism) to ask Apple to do something that would unlock all devices. Pretty sneaky and diabolical, if that's what actually happened.

Sopwith

February 18th, 2016 at 6:40 PM ^

it just requires a little patience and being opportunistic. Which is exactly what's happening here. I've heard NPR interviews this morning to that effect from law enforcement officials.

A conspiracy would be if the govt was involved in the San Bernadino shooting just to create this situation. That's the tin hat territory here-- being politically smart and understanding PR is just how government (and business) work.