The reported option is to lock data USB access on iPhones and the cops are pissed.
Leaving kids in the hands of pedophiles? Is this the usual alarmist stuff from law enforcement angered at losing a way to spy on people or is there something to it?
Interesting that official went right for the Nuclear Option of scaremongering up front; I suppose that there are no recent cases in Indiana of “Terrorist Radical” suspects’ iPhones to trot out (Evidently he felt that mere drug dealers would not rile up the masses.)
I don’t doubt that LEOs are frustrated at their job getting harder. But that just is how things go under our constitutional system.
“Backdooring” is making devices and systems insecure. I am repeatedly told about maintaining cyersecurity and not allowing third party access to the devices. My employment phone is an iPhone precisely because of security concerns. Of course, since it is the employer’s phone I agreed that THEY will have the access to the encryption. But that does not mean an outsider, even in a LEA should have access to it and I’d probably be between a rock and a hard place if other authorities wanted a look at it.
I have mixed feelings about this. By law, if law enforcement has the proper authorization (warrant), they have the right to search. This new function seems to override the law. Is it even legal if challenged?
Question: iPhones are automatically backed up to the cloud every night unless you make an effort to stop it. Couldn’t they access your data that way? They wouldn’t actually have to access your physical device.
Why would it be illegal? It’s a security feature that incidentally makes it impossible to use one particular form of access that hasbeen deemed a hazard. Is it illegal for me to eliminate my home’s back door and wall it up with concrete?
I’m sure they are pissed. They invested time and money into a method to hack those phones and now it’s seemingly been superseded. Bummer, man.
Of course this is the usual alarmist stuff…they want to spark outrage to try and put pressure on the vendor to change and put in a backdoor they could use to break in to the devices if they want/need too. The trouble is that when this came up the last time it hurt Apple, even though Apple didn’t cooperate. But the highly publicized ‘we broke in on our own anyway’ schtick just pissed Apple off as well as bringing up questions from their users. So, Apple did the logical thing and worked the problem to close the backdoor.
I suppose we have a choice. Either we become what China is, where the CCP has forced manufacturers to put in not just backdoors but front doors that give them access to all of the data or we don’t. Because if you are going to allow the barn door to open a little bit it’s going to eventually be pushed all the way, IMHO. This IS a slippery slope, and once you force companies to start down this path there will always be something else you need access to in order to protect the children from terrorist pedophiles…
You’d think they’d have the sense to cool it for a while after the dinosaur-sized egg they just got on their faces:
Under certain conditions, they have authorization (governments don’t have “rights”) to search. “Search” means “try to find something”, whether or not anything is actually found or even possible to find.
Nonsense. By this bizarre “logic”, tearing up old receipts and using them to kindle a barbecue “overrides the law” because it makes them inaccessible to future search.
Yes; Apple routinely cooperates with such requests when presented with legitimate authorization via warrant.
Interestingly, this option was foreclosed by the FBI itself in the most notorious recent locked-phone case:
Any exploit law enforcement could use, a hacker (or an overreaching government) could use against an innocent person. For that reason, I say lock the phones up tight. If you could magically guarantee that only criminal’s phones (e.g. pedophiles, terrorists) would be subject to these exploits, I could get behind that. But they can’t, so I won’t.
I’m generally one who is concerned about the impact of not getting evidence to stop terrorist attacks or lock up dangerous criminals because of the security of communications going up over time.
But, several important points:
- Trying to stop this technological change is pointless. It will not work.
- Apple and others are not doing anything wrong by doing this. Yes, it may make it harder to convict some really bad people, but see point number one.
- I generally have a more expansive view that if Apple or someone else is ordered by a court to do something that will help authorities obtain information in accordance with a lawful warrant, they can be compelled to do so.
- Relating to 3, we should not think of security technology as being any more immune from the law and the jurisdiction of courts as any physical security device. If the authorities can legally search your house, they can legally search your phone… if it is physically capable of doing so. Just because a person may have a high degree of expectation of privacy on what’s on their phone, does not mean that a warrant to search it is somehow “bad.” But it could be the case that police just can’t get access to the phone, see points 1 and 2 again.
I was going to touch on the first one, but I’m trying to shorten my posts lately so figured I’d let it go. But it’s a good catch. There is no way to put this genie back in the bottle, and there are a lot of options available today to encrypt your data in ways that would make it impossible for the government to get at it (or make it so expensive and painful that it’s not worth it for the government to devote the resources to do it). As you say, Apple has done nothing wrong in any of this.
That depends. My understanding is that your data in the iCloud is encrypted, but you can also choose to back up your encryption keys, in which case Apple can then decrypt your iCloud info. If you don’t backup your keys, then even Apple can’t read it.
This is what happened to Paul Manafort recently with the charges of witness tampering - the FBI was able to get his phone data from Apple because he backed up his keys.
I trust Apple way more than I trust “the government”. Thanks, Apple!
On a tangent, I’ve noticed that past few years that there have been some news stories out of Europe that sound perplexing to an American, but can be explained by the fact that in America, most of us tend to trust Apple and Google but distrust the government, while in Europe it’s the other way around. They trust their governments with their data but not corporations.
“Illegal” might not be the right term 100% of the time, but depending on one’s jurisdiction, it might be against safety codes.
I see it differently. Apple is actively trying to exploit the data they gain about me, to make money off of me. Yeah, I’m just one blip among many millions of customers, but they (and Facebook, Google, etc) are squeezing this one blip for all it is worth.
To the Government, to the extent that they have data about me, is under various restrictions on how it can be used; but for the most point, I am noise to them. I’m the very definition of the data points they seek to filter out… so why should I care?
YMMV, of course.
Some people (in various positions) seem to be thinking in terms of older, breakable security being replaced by a new unbreakable kind. That’s never true.
Every form of security is breakable, in practice not just in theory. Some take more time or resources, but still.
Sure. One man can build the pyramids. It just takes longer.
In analysing security situations, it’s always useful to flip the good-guy/bad-guy roles about a bit and see what difference that makes to your thinking.
So:
-
Honorable US LEOs in the anti-child-porn squad versus some skeevy people swapping obscene pics of under-twelves … sure we want the law to have all the data it needs to it can put them away quickly.
-
Now lets suppose we’re in Cuba and the people whose phones the cops want access to are democracy advocates planning peaceful demonstrations and leafletting. Do we still want to let the authorities backdoor that information?
And I’m fine with the security taking longer to break. Heck if there is the warrant, go to town looking for how to break through.
But this point I no longer trust that the various safeguards on government action will be respected any more than I trust corporations to deal ethically rather than profitably. Agencies keep looking for ways to not need to wait for the warrant, and instead be able to search just on the spot. Something that enables authorities to search at will makes it possible for the malicious to compromise the device at will.
It confuses me that there are so many people concerned about this and who are at the same time voting for governments that promise the opposite. Not you personally - just if people want a government that protects privacy and enforces the need for warrants, they should try electing one first, instead of electing the opposite and then not liking it.