Apple and the FBI have been in court to force Apple to disable its ‘brute-force-password-guessing prevention’ feature and create a backdoor for law enforcement.
Using the San Bernadino terrorist as their ‘best case’ to launch their campaign for access to hitherto-inaccessible content, the FBI has initiated a public debate over what Apple must do to comply with legal access. Responding to valid search warrants ? – no problem. Actively provide the government the decrypted contents of a users’ device ? – huge problem. Apple doesn’t know the password and after 10 tries, the data on the device is wiped clean.
Of course, the San Bernadino case is the FBI’s best case, but it is just a ‘show’ case. Facts we know:
- The terrorist had several mobile phones. All of which were destroyed, except this iPhone which belonged to his employer, the County of San Bernadino.
- Once the iPhone had been recovered by the government, the password of the device was changed, preventing it from backing up to a known-to-the-device computer, or to iCloud.
- Apple gave the FBI everything they had requested: the last iCloud backup, the encrypted contents of any iMessage sent to or from the device.
- The FBI has the list of all calls made to or from the device from the phone company.
- The FBI has the transcript of all SMS messages (iMessages to non-Apple devices) made to or from this device from the phone company.
- The whereabouts of this iPhone at any and all times of interest when requested from the phone company.
- Any emails sent to the device or from the device.
- Details on apps, configuration and perhaps even details from the Mobile Device Management service of the terrorist’s employer.
- The FBI doesn’t know the terrorist’s iTunes play list or if he had one on this device.
- The FBI doesn’t have any of the terrorist’s photos not-streamed to iCloud Photos, emailed, texted or posted on Facebook.
- The FBI doesn’t have any of the terrorist’s voice memos not shared outside the device.
- The FBI doesn’t have whatever was said between the terrorist and his Catholic priest-equivalent in a bone fide confession.
This is a show case because the FBI doesn’t really NEED to know what’s on the iPhone. They WANT to know. Big difference. They want to know because they want to teach us and the technology industry who’s the top dog. They really don’t want us to be completely secure from bad guys, or from them. They are using the boogeyman of terrorism to goad the American public into giving them more of what they want.
Some senators have suggested legislation that would require technology companies to enable back doors. This is silly. If regulating the telecom industry for the past thirty years have shown me anything, it is that legislating on the basis of technology is stupid, fruitless and in this case, dangerous. The technology will always find a way around the letter of the law. Right now, there have been no reported cases of compromised iPhone contents. I can safely store my personal identity details, financial details and even, god forbid, use the KeyChain to share my web passwords with all my Apple devices. I have confidence in the security of my content. The FBI proposes to change this equation to allow a method so they (and somebody clever enough to learn or get their hands on the tools to do so) can access iPhone content. Yikes.
Today, I can send email, visit websites and even speak to people without fear of being hacked, or illegally recorded. Keep in mind that as recently as in 1995, in-air theft of telephone numbers was a $700 million/year problem for the US telecom industry.
This is preposterous. Apple has used completely legal technologies to keep itself, good guys and bad guys out of the personally-sensitive content on the iPhone and iPad. Sometimes, it locks out completely legitimate uses and users and there’s nothing the company can do to prevent that.
Perhaps, sadly, the FBI technologists haven’t kept up with the range of hacks possible to counter the methods used by Apple. I argue that if the FBI can’t handle the technology, surely there are a couple of ‘bad boys’ over at the NSA who, with the unlimited resources of our government can figure out a solution.
I went to the Apple Store on Boylston Street in Boston and protested against the FBI’s intrusion. I made several of these points to the reporters asking the questions. Here’s a few snippets of my 15 seconds of fame in the Boston Globe, USAToday and necn.com.