By now, you’ve probably heard something about the ongoing legal battle between Apple and the Department of Justice. “DoJ v. Apple” coverage has been abundant, on blogs and TV news shows alike, but in case you haven’t here’s a quick recap. The FBI obtained the work iPhone of Syed Rizwan Farook, who, along with his wife Tashfeen Malik, murdered 14 people in a shooting rampage at a holiday party in San Bernardino, California. The government suspects that iPhone may hold critical information about the couple’s contacts in the weeks leading up to the attacks – contacts that may uncover future plots. They have a warrant, but they can’t access the data on the phone because it is using the strong encryption that comes with iOS 9 and up. Not even Apple can bypass the encryption, at least directly.
TL;DR? Watch John Oliver (NSFW)
DoJ v. Apple: The order
- Disable the automatic wiping function that can be triggered if too many bad attempts and made when entering the PIN
- Disable the delay that occurs between bad PIN entries
- Have an automated method of brute-force guessing all possible PINs
Such modified software would provide access to the iPhone within minutes.
One and done?
The DoJ contends that the software could be allowed to remain on Apple’s campus, and would only be used for this one phone in this case. However, there are many, many more cases where an encrypted iPhone is suspected to contain information relevant to a violent crime, including 175 devices in NYC alone. If the order were allowed to stand, Apple would surely receive similar orders from law enforcement agencies around the country and beyond, including countries with dismal human rights records. It would set a precedent that would allow courts to compel companies to do anything. As a result, Apple and others would need to keep a weakened copy of their software on hand at all times to be able to comply with such orders, greatly increasing the risk of the software being stolen by an insider, or outside attacker.
Apple appealed the order on grounds that the order:
- Would violate its First and Fith Amendment rights by compelling speech
- Would cause an unreasonable burden
- Would set a dangerous precedent
Judge Orenstein granted the appeal on the grounds that:
- The government’s request fails to satisfy the requirements of the All Writs Act
- The government’s request fails to satisfy the needs of judicial discretion
- Congress has already clearly defined what can be required of telecommunications companies
- Congress considered legislation that would have authorized such a request, but did not pass it, thus neither explicitly allowing or prohibiting such a request
- Accepting the government’s interpretation of the All Writs Act would likely render it unconstitutional, based on the separation of powers in the branches of government
Politicians and Encryption
High profile cases, such as the San Bernardino massacre have prompted uninformed calls from politicians for the tech community to come up with a solution that would allow law enforcement to access to encrypted devices and communications.
“I would hope that, given the extraordinary capacities that the tech community has and the legitimate needs and questions from law enforcement, that there could be a Manhattan-like project, something that would bring the government and the tech communities together…”
– Hillary Clinton, ABC News Democratic Debate – December 19th, 2015
Does a former Secretary of State really not know how quickly Manhattan Project secrets were leaked?
Encryption is global and here to stay
“In extremis, it has been possible to read someone’s letter, to listen to someone’s call, to mobile communications. The question remains: are we going to allow a means of communications where it simply is not possible to do that? My answer to that question is: no, we must not.”
– David Cameron
Strong encryption cannot be outlawed, because math cannot be outlawed. The algorithms have been known around the world for decades.
According to A Worldwide Survey of Encryption Products, Feb 2016, v 1.0 by Schneider et al., encryption projects can be found all over the world:
|Country||Open Source||Proprietary||Unknown||Grand Total|
The following are high-quality, open source end-to-end encryption tools. Many of these have global teams.
|Files at rest||GnuPG/Gpg4win/GPGTools|
|Email frontend for GPG||Thunderbird/Enigmail|
|Instant message (IM)||OTR on Jitsi|
|A/V conferencing||ZRTP on Jitsi|
There’s no magic solution
President Obama has a more detailed proposal that may seem reasonable at first, but it has the same flaws.
“I suspect the answer is going to come down to how do we create a system where the encryption is as strong as possible, the key is as secure as possible, it is accessible by the smallest number of people possible for a subset of issues that we agree are important.”
– President Obama at SXSW 2016
That’s not going to work. Why?
- How valuable would such a key be? Priceless
- Who would want to steal such a key? Every hacker ever. Especially the same kinds of people who stole the HR and security records of every federal employee and job applicant, a breach that many consider to be more damaging than the Snoden leaks, especially when combined with other stolen data.
- Would there be temptation for abuse? Definitely.
Outlawing strong encryption only hurts the good guys
“[Apple CEO] Tim Cook is living in a world of the make believe. I would come down so hard on him—you have no idea—his head would be spinning all of the way back to Silicon Valley.”
– Donald Trump
It can be tempting to try and simplify a complex issue to “You’re either with us or against us”. Encryption is not that simple. It’s true that recent advancements in consumer technology have made it easy for anyone, including criminals, to use unbreakable encryption. However, the underlying technology has been around the world for decades. Trying to force everyone to use weak encryption will make everyone who uses it extremely vulnerable, disrupting trust in the internet and global commerce. It will criminalize anyone who values their privacy and security, and make little difference in the ability to read the communications of real criminals. If a criminal knows (like everyone would, given the press) that the lawful encryption is weak, but that unbreakable encryption can be had with a bit more effort and knowledge, the choice is obvious.
Some are living in a world of make believe, but not Tim Cook. It would be nice if more politicians actually learned about a topic before making broad statements about it.