Reply
 
Thread Tools Display Modes
  #201  
Old 09-30-2014, 01:47 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Steophan View Post
The point is, Apple is not a third party, it is the party performing the encryption by making it the default on its devices.
Wow, and I thought Smapti was drifting off into the Twilight Zone.

Apple is not performing the encryption. If it were, Apple, not the user, would have set the encryption key. Your bizarre spin on the situation is equivalent to asserting that automobile manufacturers are responsible for speeding because their cars are equipped by default with engines capable of speeds above 55 MPH.

Quote:
Originally Posted by Ravenman View Post
I know you don't like this fact, but Apple routinely collects information from iPhone use
Jeez, the "damn slut has no right to object to a little butt-squeeze" argument again?
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 09-30-2014 at 01:49 PM.
  #202  
Old 09-30-2014, 02:03 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Back to the implication that poor Apple is being raped again?

The numerous assertions in this thread about Apple's role with the iPhone -- comparing them to a homebuilder, for example -- are just factually false.

Perhaps you should examine your poisoning the well debating tactics of implicitly accusing someone who wishes to correct those poor analogies as being a crypto-misogynist.
  #203  
Old 09-30-2014, 02:06 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
The numerous assertions in this thread about Apple's role with the iPhone -- comparing them to a homebuilder, for example -- are just factually false.
Nonsense; the comparison is precisely on point. In both cases, a third party sells you something, which is then your property and your responsbility.

Quote:
Perhaps you should examine your poisoning the well debating tactics of implicitly accusing someone who wishes to correct those poor analogies as being a crypto-misogynist.
Since you haven't posted an answer to the obvious and rather compelling analogy ("He gave up his personal info to Google, so he has no right to complain if the government snoops into it" is essentially equivalent to "She lets guys screw her, so she has no right to complain if I pinch her butt"), I assume that you have none.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 09-30-2014 at 02:07 PM.
  #204  
Old 09-30-2014, 02:16 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Steve MB View Post
Nonsense; the comparison is precisely on point. In both cases, a third party sells you something, which is then your property and your responsbility.
No, that's just factually wrong. There's a whole end user agreement that specifies limits on the use of software that accompanies the iPhone. That agreement states that the owner of the iPhone understands that various applications are LICENSED, not sold, to the iPhone owner. It's right there in the first 10 words of the agreement. I can't think of anything remotely like such licenses being applicable to someone who buys a house.

Quote:
Since you haven't posted an answer to the obvious and rather compelling analogy ("He gave up his personal info to Google, so he has no right to complain if the government snoops into it" is essentially equivalent to "She lets guys screw her, so she has no right to complain if I pinch her butt"), I assume that you have none.
First of all, your use of sexual assault in this debate is positively offensive to me; and as I have discussed before, there is literally no comparison to be made between a sexual assault and a court-ordered warrant for the collection of evidence of a crime in a manner that complies fully with the Fourth and Fifth Amendments. There's no further response on your odious word game required.

Last edited by Ravenman; 09-30-2014 at 02:16 PM.
  #205  
Old 09-30-2014, 02:31 PM
Bone's Avatar
Bone is offline
Extrajudicial
Moderator
 
Join Date: Jul 2003
Posts: 10,856
Quote:
Originally Posted by Ravenman View Post
This is one of those issues where we are clearly talking about the same thing, and yet using slanted terms to describe the exact same actions. What I call a court-authorized search warrant, some people here are insisting on calling "snooping" for some silly reason. What Comey called placing information beyond the law, you're calling closing government backdoors into phones. As long as we acknowledge we're talking about the same issues, I don't have much interest in word games.
But there is more than just searches pursuant to a warrant. Yes those may be thwarted, but also will be thwarted other non-warrant authorized searches. This improves security against those. It is the same issue, but I think I'm focusing on one aspect and you another. I'm willing to accept the risk of a thwarted lawful search for the tradeoff of improved overall security.


Quote:
But it isn't like a home builder, because an iPhone is both personal property and a service. I know you don't like this fact, but Apple routinely collects information from iPhone use, which is totally different than handing over the deed and keys to a house. Most homebuilders don't continue coming around the house to check how much water and electricity you are using. And see my point about technical assistance at the end of this post, because Apple most certainly can be a party to the warrant.
I'm not sure what you would accept as a fair analogy - but consider that the security that is being discussed is already widely available. The only difference here is that it is being enabled and available by default. Do you have a problem with those types of encryption?

I am reminded of old Knight Rider episodes where Kitt could unlock anything remotely - including pad locks. I found that absurd, but essentially we already have ways to encrypt things and there is no way to gain unauthorized access.

Quote:
I suppose the only remedy for that scenario is that companies should never maintain any billing information on their customers, otherwise they can be sued. For example, if a rogue employee in the billing department obtains my address and sends contraband to my house (or whatever), then it is only natural to assume that companies should eliminate their liability by refusing to keep any records of my name, my address, my credit card number, or anything else.
Not quite. But a company can limit the information it retains or has access to to reduce such liability. You've heard of document retention policies, right? They exist pretty much to reduce storage costs, and to limit liability. This is similar.

Quote:
Oh wait -- that's a dumb idea. I think you're totally missing the point that a company can be sued for anything, just like I can sue you for what you've said about me in this thread. However, it is clear that my lawsuit against you would go nowhere, because you haven't done anything wrong. Similarly, you haven't actually identified anything that Apple is doing wrong, you're just dreaming up fanciful scenarios in which someone could file suit and ignoring that such suits have no chance of winning. That's not convincing at all.
Apple is currently being sued for the recent breach. Do you think it will cost them zero dollars to defend and/or settle this suit? Reducing potential liabilities is prudent.


Quote:
As for the first part of the statement, are you aware that warrants may compel technical assistance to obtain the matter being sought? For example, if a court orders a wire tap on a phone line, the order actually directs the phone company to provide the technical assistance to execute that tap. They don't have an option on whether or not to comply, the technical assistance is part of the order.
I wasn't aware. Thanks! I'll need to read about that.
  #206  
Old 09-30-2014, 02:33 PM
Steophan is offline
Guest
 
Join Date: Jul 2010
Location: Nottingham
Posts: 9,092
Quote:
Originally Posted by Steve MB View Post
Wow, and I thought Smapti was drifting off into the Twilight Zone.

Apple is not performing the encryption. If it were, Apple, not the user, would have set the encryption key. Your bizarre spin on the situation is equivalent to asserting that automobile manufacturers are responsible for speeding because their cars are equipped by default with engines capable of speeds above 55 MPH.
If it was one of Google's self driving cars that was set to drive over 55mph by default, then yes, they would be responsible, as it would be doing so without the user having to do anything.

Do you still not understand that? It's not the user encrypting anything, it's Apple. Their software does it automatically, without the user's involvement.
  #207  
Old 09-30-2014, 02:37 PM
Marley23 is offline
I Am the One Who Bans
 
Join Date: Apr 2002
Location: Brooklyn
Posts: 78,234
Quote:
Originally Posted by Ravenman View Post
Back to the implication that poor Apple is being raped again?
This again? Come on. This is your second day of grappling with this analogy, and I think Steve MB explained it to you twice now.
  #208  
Old 09-30-2014, 02:43 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Ravenman View Post
So if Apple is indeed correct that other companies maintain a way to bypass the passcode, what you are calling "a dangerously insecure service" can also be called "well-accepted practices within the industry."
It would be more accurate to say that there are many services that people don't bother to secure. This hullabaloo is just about Apple and Google encrypting smartphone contents by default. Encryption is already standard practice for information whose privacy people care about, and recently it turns out that many consumers care about the privacy of the data on their smartphones.
  #209  
Old 09-30-2014, 02:51 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Steophan View Post
Do you still not understand that? It's not the user encrypting anything, it's Apple. Their software does it automatically, without the user's involvement.
The data is encrypted on the user's phone. By the user's phone. It does not matter who wrote the software. If I open up Photoshop and save a RAW format photo from my camera as JPEG, I did the conversion, even though I did not write the software to do it and don't even know much offhand about JPEG compression. Additionally, Adobe cannot see and never receives the photo that I converted. The same is true of a user's private data encrypted on the user's device.
  #210  
Old 09-30-2014, 03:04 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Marley23 View Post
This again? Come on. This is your second day of grappling with this analogy, and I think Steve MB explained it to you twice now.
Yeah, and I've given it more of a response than it has deserved twice now.
  #211  
Old 09-30-2014, 03:26 PM
Marley23 is offline
I Am the One Who Bans
 
Join Date: Apr 2002
Location: Brooklyn
Posts: 78,234
Quote:
Originally Posted by Ravenman View Post
Yeah, and I've given it more of a response than it has deserved twice now.
You've never actually addressed the point that was being made. You've expressed a bunch of outrage about the comparison without commenting on the substance, which was that letting a private company access your data is not the same as letting the government access it.

Last edited by Marley23; 09-30-2014 at 03:28 PM.
  #212  
Old 09-30-2014, 03:29 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Marley23 View Post
You've never actually addressed the point that was being made.
The logic he's using is that if Party A does something totally legitimate, they do not subject themselves to doing something illegitimate. That is logically and ethically air-tight.

Court orders to do something are not illegitimate.
  #213  
Old 09-30-2014, 04:10 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Ravenman View Post
The logic he's using is that if Party A does something totally legitimate, they do not subject themselves to doing something illegitimate. That is logically and ethically air-tight.

Court orders to do something are not illegitimate.
It is also not illegitimate, in response to a court order, to say: "I'm sorry, what you are ordering is physically impossible. I cannot comply." Easy peasy.
  #214  
Old 09-30-2014, 04:15 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Where I have a problem with it is that they are changing their product with the specific intent to avoid lawful court orders. See their marketing materials, as I've quoted them earlier.
  #215  
Old 09-30-2014, 04:45 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Ravenman View Post
Where I have a problem with it is that they are changing their product with the specific intent to avoid lawful court orders. See their marketing materials, as I've quoted them earlier.
The mere fact that they mentioned that enabling encryption would make it impossible to unilaterally divulge customer data to the government does not mean that was their "specific intent." Their intent could simply be to better safeguard their customers' data, in response to market pressure, which has as a necessary consequence their inability to render that data to the authorities. That's just how security works. There are many possible actors from whom a person may wish to safeguard their data for purposes that have nothing to do with concealing crimes. Identity thieves, the Russian mafia, your next door neighbors, script kiddies looking for a thrill at some random schmuck's expense, corporate spies, blackmailers, foreign governments. That last aspect is important and can be a matter of national security as well. It's in all our best interests to foster a technological ecosystem in which security means security. That means no backdoors.

But that's all beside the point. Even if it was their specific intent to make it impossible for them to comply with future warrants, there's nothing wrong with that. It's perfectly legal to refrain from holding information that may, under unforeseeable circumstances, someday be requested by law enforcement. To suggest otherwise is to make a mockery of due process.
  #216  
Old 09-30-2014, 04:53 PM
CurtC is offline
Guest
 
Join Date: Dec 1999
Location: Texas
Posts: 6,828
Quote:
Originally Posted by Steophan View Post
The point is, Apple is not a third party, it is the party performing the encryption by making it the default on its devices.
Does it really matter whether it's the default, or whether a user has access to it by doing a little work?

Because I keep saying it: there is nothing here new except that it gets set up to be secure by default. I don't see how that matters as to its legality or ethicality.


Quote:
Originally Posted by Ravenman View Post
Where I have a problem with it is that they are changing their product with the specific intent to avoid lawful court orders.
But not to avoid complying with lawful court orders - they are avoiding getting the court orders in the first place. Key difference.

Look, my PCs are already securely encrypted and no one can get the data without me giving them a password. Although I don't have anything illegal, I still strongly prefer it this way over a scheme where a corporation has a back door that they can use to retrieve my data. Is that so hard to understand? Therefore I use these technologies, and I'll prefer to buy products that do this by default. Apple can legally create these products, and seeing as how many of their customers, like me, have these preferences, will offer these features so they can sell more of their product. There is nothing unethical about any of this.

I will agree with you that the rape analogy is strained and even if there is a point (which I don't see), it's too inflammatory to be useful here.

Last edited by CurtC; 09-30-2014 at 04:54 PM.
  #217  
Old 10-01-2014, 09:07 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Eric Holder sets his hair on fire

One insightful article comment:

Quote:
In all these comments, everyone seems to keep forgetting that if the NSA and/or the FBI has a back door key, they will be unable to keep it secure. The Russian FSB will have it, and so will the Russian Mafia. The Chinese PLA will have it and all their friends too. It will be a long list and the key will be available for sale to anyone with $$$ soon after.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 09:08 AM.
  #218  
Old 10-01-2014, 09:33 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
I don't think it is that insightful. Nobody has proposed that the government hold the backdoor keys, and besides -- that comment seems to presuppose that if the US government knows something, then all other governments know exactly what the US government knows. Do you really think that foreign governments have totally penetrated the US government so that we are unable to keep any secrets at all? And even further, do you actually think that the Russian Mafia knows about US government secret communications -- like, can the Russian Mafia crack our nuclear command and control system?

And if so, does that also mean that you think the US government has totally penetrated all foreign governments so that we know all of their secrets?

It's a very silly comment that indicates the depth of paranoia and cluelessness on the Internet.

Last edited by Ravenman; 10-01-2014 at 09:35 AM.
  #219  
Old 10-01-2014, 09:56 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
It's a very silly comment that indicates the depth of paranoia and cluelessness on the Internet.
Why, of course -- it's "paranoia and cluelessness" to assume that the US government isn't a reliable keeper of secret information.

How did this whole discussion get started, anyway? There was some guy in the news... Sleetnest or Icelair or Slushlodge or something....
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.
  #220  
Old 10-01-2014, 10:02 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
So you actually believe that that Snowden revealed more secrets to foreign intelligence services than we know about, eh? Like maybe the identities of our secret agents in foreign countries, those were compromised too, in your estimation? So much for him being a "whistleblower." Sounds like he quite simply committed espionage.
  #221  
Old 10-01-2014, 10:18 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
So you actually believe that that Snowden revealed more secrets to foreign intelligence services than we know about, eh?
If Snowden was able to purloin all those documents, then an unknown number of others were able to do the same. We don't know how many others purloined government secrets and exploited them discreetly (e.g. selling secret government backdoors to the Russian Mafia, perhaps) rather than kicking off a public display of whistle-blowing.

In the unlikely case that Snowden was the only one who smuggled secrets out of the files, I guess we're just lucky he had benevolent motives.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 10:20 AM.
  #222  
Old 10-01-2014, 10:27 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Ah - so the news of all our covert agents being rounded up overseas and arrested is probably going to hit the news soon, because the government can't keep a secret from the Russian Mafia, which probably has the nuclear command and control codes, too.
  #223  
Old 10-01-2014, 10:29 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
Ah - so the news of all our covert agents being rounded up overseas and arrested is probably going to hit the news soon, because the government can't keep a secret from the Russian Mafia, which probably has the nuclear command and control codes, too.
Who knows whether the government can keep secrets from the Russian Mafia or anyone else?

Fortunately, Apple and Google have made the question irrelevant as far as future smartphone privacy is concerned.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.
  #224  
Old 10-01-2014, 10:33 AM
Bone's Avatar
Bone is offline
Extrajudicial
Moderator
 
Join Date: Jul 2003
Posts: 10,856
Quote:
Originally Posted by Ravenman View Post
So you actually believe that that Snowden revealed more secrets to foreign intelligence services than we know about, eh? Like maybe the identities of our secret agents in foreign countries, those were compromised too, in your estimation? So much for him being a "whistleblower." Sounds like he quite simply committed espionage.
Snowden revealed that the US engages on monitoring, intercepting, and spying on US citizens in far broader manner than was previously known. This is an indication that the public should not trust the government to reveal the extent to which the government will engage in this type of behavior.
  #225  
Old 10-01-2014, 10:44 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Steve MB View Post
Fortunately, Apple and Google have made the question irrelevant as far as future smartphone privacy is concerned.
Sure, and if they judge that they can sell more phones by telling you that your browsing habits will be protected from the zero people who actually care what you are doing, as opposed to offering rare and judicially-directed assistance to help put murderers, bank robbers, rapists, drug dealers, and other felons in jail -- well, they do have a responsibility to their shareholders, as opposed to society.
  #226  
Old 10-01-2014, 10:58 AM
Bone's Avatar
Bone is offline
Extrajudicial
Moderator
 
Join Date: Jul 2003
Posts: 10,856
Quote:
Originally Posted by Ravenman View Post
Sure, and if they judge that they can sell more phones by telling you that your browsing habits will be protected from the zero people who actually care what you are doing, as opposed to offering rare and judicially-directed assistance to help put murderers, bank robbers, rapists, drug dealers, and other felons in jail -- well, they do have a responsibility to their shareholders, as opposed to society.
I think this is outside the scope of this thread, but you seem to have a lot of faith in the justice system. Warrants are probably mostly issued properly, but there are warrants that are not. Some are defective for whatever reason, or mistaken. FISA warrant requests are rejected less than 0.05% of the time. Getting a warrant seems more like a rubber stamp than anything else.
  #227  
Old 10-01-2014, 11:09 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
I have been telling you for several pages now that my main concern is how this would impact police investigating the types of crimes I mentioned. How much clearer can I possibly be that I am not talking about FISA?

The Supreme Court recently unanimously ruled that police require a warrant before searching a suspect's phone. That's a very good ruling. But as I mentioned before, one of the cases that brought this matter to the Supreme Court was a search of a cell phone that revealed that the suspect -- who had been detained for some inconsequential matter -- was a gang member who had a hand in a murder. The evidence on the phone connected him to the crime. I fully acknowledge that technology is changing in ways to make these searches (even when blessed by a judge) an endangered species, but, like Comey, I lament that so many people can't get over their crush on Edward Snowden, Julian Assange, and the like to simply recognize that (a) it isn't unreasonable to have a well-regulated search of electronic technology, and (b) the products of those lawful searches can be essential to putting really bad people in jail.

I've been thinking recently about how technology is making society communicate so much better, and yet people are becoming so much more self-absorbed. The idea that people are actually out to look at some random schmo's email about their cats is probably more evidence of narcissism and paranoia rather than actual evidence of a police state that needs to be feared.
  #228  
Old 10-01-2014, 11:33 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
I have been telling you for several pages now that my main concern is how this would impact police investigating the types of crimes I mentioned. How much clearer can I possibly be that I am not talking about FISA?
The root of the whole situation is distrust of government as a result of its pattern of behavior (some long known, some recently revealed). To declare that you are not going to talk about FISA makes you look as silly as a naval architect who refuses to talk about water or a biochemist who refuses to talk about carbon.

Quote:
I lament that so many people can't get over their crush on Edward Snowden, Julian Assange, and the like to simply recognize that (a) it isn't unreasonable to have a well-regulated search of electronic technology, and (b) the products of those lawful searches can be essential to putting really bad people in jail.
If we consider the matter within some abstract realm of Platonic ideals, divorced from the messy minutiae of history, it is difficult to avoid the conclusion that we would be better off if people were required to show that they weren't as dumb and ignorant as a bag of rocks before we let them vote. Of course, in the real world, such a policy is outside the realm of serious consideration, because those "messy minutiae of history" include too many abuses dressed up in the veneer of this concept.

The same situation occurs here. Even if you could somehow convince anybody that you're right on the abstract merits of the surveillance issue, you need to recognize that you're carrying too much historical baggage to get very far.

Quote:
The idea that people are actually out to look at some random schmo's email about their cats is probably more evidence of narcissism and paranoia rather than actual evidence of a police state that needs to be feared.
See, this is just what I mean. Anyone with any awareness of the government's record of misusing its powers would know better than to try such an inane attempt at trivialization.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 11:34 AM.
  #229  
Old 10-01-2014, 11:40 AM
Bone's Avatar
Bone is offline
Extrajudicial
Moderator
 
Join Date: Jul 2003
Posts: 10,856
Quote:
Originally Posted by Ravenman View Post
I have been telling you for several pages now that my main concern is how this would impact police investigating the types of crimes I mentioned. How much clearer can I possibly be that I am not talking about FISA?
You may be excluding FISA warrants from your commentary - but this tech will protect against those as well, no? Similarly, while you are focusing on legal searches, this tech will prevent all unauthorized searches as well. It's important to note that yes there is a cost involved in encryption related to thwarted or delayed investigations, but there is a benefit as well. Do you see that?

Quote:
The Supreme Court recently unanimously ruled that police require a warrant before searching a suspect's phone. That's a very good ruling. But as I mentioned before, one of the cases that brought this matter to the Supreme Court was a search of a cell phone that revealed that the suspect -- who had been detained for some inconsequential matter -- was a gang member who had a hand in a murder. The evidence on the phone connected him to the crime.
While it's a good thing that a murderer was able to be captured, identified, etc., I am simultaneously opposed to fishing expeditions and a police state where these searches would be common place. A search incident to arrest is widely accepted - how long before that includes all data that is included in someone's phone? A simple arrest shouldn't be the gateway to rummage through all of your data as well as any other system that is connected to that phone remotely. It's not like there isn't wide spread occurrence of police deleting video that paints them in a bad light from user devices upon arrest.

That's not what we are presented with here - and any possibility of that occurring is nipped in the bud by this type of encryption.
  #230  
Old 10-01-2014, 11:44 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Steve MB View Post
To declare that you are not going to talk about FISA makes you look as silly as a naval architect who refuses to talk about water or a biochemist who refuses to talk about carbon.
Apple has disclosed that it receives literally ten times more requests for assisting police than for anything related to national security. Your fixation on FISA is what is out of proportion here, along with the assumption that anything that says FISA means bad scary government boogeyman out to get innocent Americans. It's rather silly, if one were to stop and think about it.
  #231  
Old 10-01-2014, 03:57 PM
YogSothoth is offline
Guest
 
Join Date: Nov 2008
Posts: 14,000
To me, this seems like it only really matters to people outside of the US government's reach, ie. foreigners. The more I think about it, the more I think that domestically, having the strong encryption is a good thing for the government.

Think about it: If the guy's guilty and doesn't give up his data, defying a subpoena, he goes to jail until he does. And if he does, the prosecution gets the data and he goes to jail because the information is damning.

On the other hand, if its an innocent party and they don't give up the data, defying court orders, he goes to jail until he does. If he does give it up, he goes free, as he should be.

Either the person goes to jail, or he gives up the data and is innocent. I suppose the times when this formula might have a bug in it is if the person going to jail is innocent and everyone knows he is, and he goes to jail willingly by keeping the data secured, protecting someone else. How often does that happen?
  #232  
Old 10-01-2014, 05:02 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Also, routine deployment of strong security (including, but not limited to, strong encryption) makes the government's job a lot easier by preventing many crimes from happening in the first place, and complicating the task of laundering the proceeds of crimes that aren't directly impeded by cybersecurity.

That brings us to what I suspect is the real bottom-line motivation -- Apple has invested a great deal of money and brand cred in the Apple Pay rollout, and then they got a big black eye from the Fappening mess. They need to establish the iThingy's credibility as a secure platform. Trolling the Feds (who, post-Snowden, are basically seen as criminal hackers in suits and ties by a large percentage of the population) into setting their hair on fire like this is a straightforward way of doing that. It also comes with the fringe benefit of divesting themselves of the legal meeble of responding to requests (legitimate or otherwise).
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 05:03 PM.
  #233  
Old 10-01-2014, 06:03 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by YogSosoth View Post
Think about it: If the guy's guilty and doesn't give up his data, defying a subpoena, he goes to jail until he does. And if he does, the prosecution gets the data and he goes to jail because the information is damning.

On the other hand, if its an innocent party and they don't give up the data, defying court orders, he goes to jail until he does. If he does give it up, he goes free, as he should be.

Either the person goes to jail, or he gives up the data and is innocent. I suppose the times when this formula might have a bug in it is if the person going to jail is innocent and everyone knows he is, and he goes to jail willingly by keeping the data secured, protecting someone else. How often does that happen?
The formula has a bug because courts tend to rule that not giving out a password is a Fifth Amendment right (though that isn't settled law). Under that interpretation of the Fifth Amendment, neither suspect would be going to jail because they have a right to defy the warrant.
  #234  
Old 10-01-2014, 06:46 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Ravenman View Post
The formula has a bug because courts tend to rule that not giving out a password is a Fifth Amendment right (though that isn't settled law). Under that interpretation of the Fifth Amendment, neither suspect would be going to jail because they have a right to defy the warrant.
That's not a bug, it's a feature. Nobody should be thrown in a hole just for refusing to speak and incriminate themselves -- that's something only tyrants do. You may as well argue that the Eighth Amendment shouldn't be applied too strictly when it comes to applying rubber-hose decryption in cases where it seems the government has a strong interest in peeking at someone's data.
  #235  
Old 10-01-2014, 06:47 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
The formula has a bug because courts tend to rule that not giving out a password is a Fifth Amendment right (though that isn't settled law). Under that interpretation of the Fifth Amendment, neither suspect would be going to jail because they have a right to defy the warrant.
Maybe you should try to keep up with the class before raising your hand next time.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 06:47 PM.
  #236  
Old 10-01-2014, 07:02 PM
Bone's Avatar
Bone is offline
Extrajudicial
Moderator
 
Join Date: Jul 2003
Posts: 10,856
Quote:
Originally Posted by Steve MB View Post
Maybe you should try to keep up with the class before raising your hand next time.
This type of rhetoric isn't helpful. In any case, as to the first example the order to reveal the password was lifted, and in the second example the order to reveal the password was mooted. So Ravenman's statement is largely correct.
  #237  
Old 10-01-2014, 07:22 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Bone View Post
In any case, as to the first example the order to reveal the password was lifted, and in the second example the order to reveal the password was mooted. So Ravenman's statement is largely correct.
The whole point is that there never was an order to reveal the password.

In any case, neither of your links is terribly helpful to Ravenman's case -- the first is about a situation where the police obtained the information just fine, and the second confirms that a warrant can require the production of the specific information sought (but not the password used to encrypt it).
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 07:26 PM.
  #238  
Old 10-01-2014, 07:46 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Quote:
Originally Posted by Steve MB View Post
The whole point is that there never was an order to reveal the password.

In any case, neither of your links is terribly helpful to Ravenman's case -- the first is about a situation where the police obtained the information just fine, and the second confirms that a warrant can require the production of the specific information sought (but not the password used to encrypt it).
Just to be perfectly clear here before I respond with my own cites: is it your position that a defendant can be lawfully compelled to produce all data that is encrypted on their electronic devices?

So if you are arrested and the police obtain a warrant for the contents of your cell phone, absent any unusual circumstances, are you saying that you would not fight that warrant on Fourth and Fifth Amendment grounds?
  #239  
Old 10-01-2014, 08:12 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Quote:
Originally Posted by Ravenman View Post
Just to be perfectly clear here before I respond with my own cites: is it your position that a defendant can be lawfully compelled to produce all data that is encrypted on their electronic devices?

So if you are arrested and the police obtain a warrant for the contents of your cell phone, absent any unusual circumstances, are you saying that you would not fight that warrant on Fourth and Fifth Amendment grounds?
The case law is that the specific data demanded by a warrant must be produced. A hypothetical warrant for "all your stuff" runs into the obvious problem of being precisely the sort of "general warrant" the Fourth Amendment was written to prohibit.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-01-2014 at 08:13 PM.
  #240  
Old 10-01-2014, 08:21 PM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Again, you get arrested. The police get a warrant for things stored on your smart phone. Do you provide what they are asking for, or do you fight the warrant on Fourth and Fifth Amendment grounds? No need to fight the hypothetical here.
  #241  
Old 10-01-2014, 08:56 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by Ravenman View Post
Again, you get arrested. The police get a warrant for things stored on your smart phone. Do you provide what they are asking for, or do you fight the warrant on Fourth and Fifth Amendment grounds? No need to fight the hypothetical here.
This is a silly question. You do what anybody who's not an idiot would do in that situation: you consult your lawyer and if it seems that fighting the warrant will give you a better chance of escaping conviction, you do exactly that. Principles need not apply.
  #242  
Old 10-02-2014, 10:21 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
At this point, it might be useful to reference a lengthy but not necessarily complete list of fundamental flaws in the government's position:
  1. It will create security risks.
  2. It won't stop the bad guys.
  3. It will harm innovation.
  4. It will harm US business.
  5. It will cost consumers.
  6. It will be unconstitutional.
  7. It will be a huge outlay of tax dollars.
  8. The government hasn't shown that encryption is a problem.
  9. Mobile devices are just catching up with laptops and other devices.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.
  #243  
Old 10-02-2014, 10:43 AM
KarlGauss's Avatar
KarlGauss is offline
Entangled
Charter Member
 
Join Date: Mar 2000
Location: Between pole and tropic
Posts: 8,451
Quote:
Originally Posted by Steve MB View Post
Nice link, thanks.
  #244  
Old 10-02-2014, 10:49 AM
Ravenman is offline
Charter Member
 
Join Date: Jan 2003
Location: Washington, DC
Posts: 26,666
Ah, dammit, my long post got eaten.

Here's the gist of it: the one circuit court that has ruled on Fifth Amendment and encryption found that there is a a right not to produce the contents of an encrypted hard drive, because the act of producing it would be testimonial as well as a physical act: link. So, thanks much, SteveMB, for the recitation of the two lower court rulings you provided, but I was specifically referring to the circuit court ruling on this matter. So I'm not sure how you are so convinced that I am totally misinformed on this issue when I'm citing the 11th Circuit's decision?

But to the larger point: you have asserted that the law and the Constitution allows a person to be compelled to produce the contents of their encrypted hard drives and such. Then, in your most recent post, you quote the EFF as stating that production of encrypted papers raises a Fifth Amendment issue. (The ACLU and EFF have both filed amicus briefs opposing on Fifth Amendment grounds any court order that compels the production of encrypted data, not just production of the password -- happy to cite that if you want.)

I'm not following whether you think the ACLU and EFF are right in that the Fifth Amendment should prohibit someone from decrypting and producing electronic data under court order; or if you think that the courts ruled correctly in your cited cases that the Fifth Amendment should not apply to those actions.

It seems like you're talking out of both sides of your mouth -- you cite cases that ruled there is no Fifth Amendment privilege (probably in just a silly, throwaway jab to contradict anything I say because you don't like my views on the matter, rather than a substantive endorsement of those rulings, IMHO), and then go on to quote the EFF which argues that the Fifth Amendment ought to apply to those exact same cases.

So which is it? Do you agree with the EFF and ACLU and disagree with the court rulings you cited? Or do you agree with the court rulings and disagree with the EFF and ACLU's position? You can't have it both ways.
  #245  
Old 10-02-2014, 01:51 PM
YogSothoth is offline
Guest
 
Join Date: Nov 2008
Posts: 14,000
Quote:
Originally Posted by Ravenman View Post
The formula has a bug because courts tend to rule that not giving out a password is a Fifth Amendment right (though that isn't settled law). Under that interpretation of the Fifth Amendment, neither suspect would be going to jail because they have a right to defy the warrant.
Is it? I didn't know that courts do that. I can see why the FBI and others would be against it then

.....and I see from the discussion afterwards its not completely black and white, so failing a definitive answer, I don't know. I'm of the idea that rights should be well-preserved, but can be restricted for good reasons. I don't think the government should be able to snoop in anyone's phones for whatever reason. We've seen abuse from the government on that before, and even NSA and CIA guys were caught snooping on lovers and other people for selfish reasons.

However, I don't think the government is in the business of making a lot of pointless subpoena requests, arguing before a judge, and demanding warrants on a whim. So such requests should be honored, and in cases like that, the government does have a right to your information. If the line is between Apple or Google holding the key, and thus no 5th Amendment violation can occur, or the person under investigation himself, then its harder to say. I'm leaning towards companies holding the key though, but I'm also not upset if they decide its better for business to throw it away
  #246  
Old 10-02-2014, 03:20 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by YogSosoth View Post
I'm leaning towards companies holding the key though, but I'm also not upset if they decide its better for business to throw it away
As I mentioned before, if they're actually pretending to offer a service that includes privacy and security, they will never, ever see their customers' keys. So "holding them or throwing them away" is strictly moot.
  #247  
Old 10-02-2014, 05:02 PM
YogSothoth is offline
Guest
 
Join Date: Nov 2008
Posts: 14,000
There are degrees of privacy and security. To me, Apple is not lying or being misleading if their products offer encryption, but they hold the key in case of court subpoena. That's just me though
  #248  
Old 10-02-2014, 05:42 PM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
With the deployment of Apple Pay (and similar systems on the Android side, no doubt), the company holding the keys, or allowing the government to hold the keys, is simply not a viable option -- it's just too big a hacker target with that kind of money on the table.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.

Last edited by Steve MB; 10-02-2014 at 05:43 PM.
  #249  
Old 10-02-2014, 06:32 PM
Stealth Potato is offline
Guest
 
Join Date: Nov 2004
Location: Seattle, WA
Posts: 2,009
Quote:
Originally Posted by YogSosoth View Post
There are degrees of privacy and security. To me, Apple is not lying or being misleading if their products offer encryption, but they hold the key in case of court subpoena. That's just me though
I guess I don't see it that way -- a third party knowing your private key is not "a lesser degree" of privacy or security, it is throwing the whole concept into the garbage, setting it on fire, and doing a dance on the ashes. Security doesn't compromise: you cannot take a secure system, break one of its fundamental assumptions (like the secrecy of a private key), and then expect the formal models describing its security to hold in some approximate capacity. Many very bad security vulnerabilities are the product of exactly this kind of thinking.

And especially in a case like this, it's so easy to do it the "right" way, compared to building an entire infrastructure for Apple to store copies of private keys -- which must be updated whenever a user changes their credentials -- which must be secured against outside intrusion -- which must become the focus of an entire set of policies for internal access in a gigantic and porous organization, with who knows how many individuals needing access... The list of challenges mounts up without end, and you're still guaranteed to end up with a system far more vulnerable than if you'd simply never let the keys leave the client device.
  #250  
Old 10-03-2014, 09:42 AM
Steve MB is offline
Charter Member
 
Join Date: Mar 2002
Location: Northern VA
Posts: 13,419
Same as it ever was:

Quote:
The automobile is a swift and powerful vehicle of recent development, which has multiplied by quantity production and taken possession of our highways in battalions, until the slower, animal-drawn vehicles, with their easily noted individuality, are rare. Constructed as covered vehicles to standard form in immense quantities, and with a capacity for speed rivaling express trains, they furnish for successful commission of crime a disguising means of silent approach and swift escape unknown in the history of the world before their advent. The question of their police control and reasonable search on highways or other public places is a serious question.

The baffling extent to which they are successfully utilised to facilitate commission of crime of all degrees, from those against morality, chastity, and decency to robbery, rape, burglary, and murder, is a matter of common knowledge. Upon that problem a condition and not a theory confronts proper administration of our criminal laws.
__________________
The Internet: Nobody knows if you're a dog. Everybody knows if you're a jackass.
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 01:28 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@straightdope.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Copyright 2019 STM Reader, LLC.

 
Copyright © 2017