iPhone Encryption: 7 Reasons Why Feds Want It Cracked - InformationWeek
IoT
IoT
Government
News
3/4/2016
08:06 AM
50%
50%
RELATED EVENTS
4 Keys to Improving Security Threat Detection
Dec 15, 2016
In this webinar, Ixia will show how to combine the four keys to improving security threat detectio ...Read More>>

iPhone Encryption: 7 Reasons Why Feds Want It Cracked

Testimony from the FBI and National District Attorney's Association speak to the range of issues that have them fighting Apple's encryption practices. These seven snippets offer a summary of their positions.

Encryption Debate: 8 Things CIOs Should Know
Encryption Debate: 8 Things CIOs Should Know
(Click image for larger view and slideshow.)

Apple vice president and general counsel Bruce Sewell delivered perhaps the best summary of Apple's position, as it pushes back against an FBI court order, when he told a House Judiciary Committee March 1, "this is not a security vs. privacy issue. This is a security vs. security issue."

Next week, the Judiciary Committee plans to meet again with the long-term goal of finding an agreeable balance between encryption technologies and the ability for law enforcement to enforce the law.

Apple CEO Tim Cook got the country's attention Feb. 16, when he posted an open letter to customers describing Apple's position and what it believes is a matter that should be considered by Congress. Encryption and the daily cyberattacks leading to calls for ever-greater amounts of it make headlines daily.

(Image: jensjunge via Pixabay)

(Image: jensjunge via Pixabay)

Here, we focus on the other side's stated positions, drawing from testimony that FBI Director James Comey and a representative of the National District Attorney's Association (NDAA), Cyrus Vance, submitted before the Committee March 1.

1. Apple proves every day that it already has the capability to bypass iPhone users' passcodes.

"Apple has not addressed the fact that it already can, and frequently does, bypass iPhone users' passcodes. For example, Apple has the ability to access an Apple device remotely, such as when it tracks the location of a device and erases its contents remotely ("Find My iPhone") …" Vance testified.

"Apple has never explained why [mobile device management] -- tools that Apple enables and promotes, and which allow third parties to access a user's iPhone without a passcode -- do not compromise an iPhone user's security, while any software Apple develops in order to comply with a search warrant may fall into 'the wrong hands.'"

2. By switching to default device encryption in 2014, Apple effectively changed law-enforcement -- and it doesn't have the right to.

"Smartphone encryption has real-life consequences for public safety, for crime victims and their families, and for your constituents and mine. In the absence of a uniform policy, our nation will effectively delegate the crafting of national security and law enforcement policy to board rooms in Silicon Valley," Vance testified.

"That is, important responsibilities of our government will be carried out by Apple, Google, and other technology companies, who will advance the best interests of their shareholders, not necessarily the best interests of our nation."

3. The government doesn't want to access data -- Apple should access data for it.

"[We have] proposed a solution that we believe is both technologically and politically feasible: Keep the operating systems of smartphones encrypted, but still answerable to search warrants issued by neutral judges. We do not want a backdoor for the government to access users' information, and we do not want a key held by the government," Vance testified.

"We want Apple, Google, and other technology companies to maintain their ability to access data at rest on phones, pursuant to a neutral judge's court order."

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

 

4. With its encryption policy, Apple is essentially creating its own laws.

"Technology companies should not be able to dictate who can access key evidence in criminal investigations. No device or company … should be able to exempt itself from court obligations unilaterally. And they should not be able to write their own laws," Vance testified. "That authority should rest with the people's elected officials."

5. Apple's stance is motivated by its bottom line.

"Apple is not above the law, and its bottom line is not more important than the safety of Americans," Vance testified.

"In Mr. Cook's February 16, 2016, letter, he argues that the FBI's request for assistance in the San Bernardino case 'threatens the security of our customers.' Mr. Cook and his colleagues at Apple have effectively decided that they know better than our elected representatives and professionals in law enforcement how best to keep Americans safe."

6. Terrorists are advancing their causes through every available technology, while US law enforcement is being stymied by technology.

"Terrorist groups, such as ISIL, use the Internet to great effect. With the widespread horizontal distribution of social media, terrorists can spot, assess, recruit, and radicalize vulnerable individuals of all ages … As a result, foreign terrorist organizations now have direct access into the United States like never before," FBI Director Comey testified.

"Some of these conversations occur in publicly accessed social networking sites, but others take place via private messaging platforms. These encrypted direct messaging platforms are tremendously problematic when used by terrorist plotters. … If we cannot access this evidence, it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders."

7. The country needs to consider whether it's comfortable with the FBI "Going Dark."

The FBI frequently uses the term "Going Dark" to refer its technical inability to access communications and information that it has legal authority to access. Essentially, the organization is left in the dark about a matter.  

Comey testified: "the Going Dark problem is, at base, one of technological choices and capability. We are not asking to expand the government's surveillance authority, but rather we are asking to ensure that we can continue to obtain electronic information and evidence pursuant to the legal authority that Congress has provided to us to keep Americans safe."

He continued, "The core question is this: Once all of the requirements and safeguards of the laws and the Constitution have been met, are we comfortable with technical design decisions that result in barriers to obtaining evidence of a crime?"

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
BrooklynNellie2
50%
50%
BrooklynNellie2,
User Rank: Moderator
3/4/2016 | 11:30:31 AM
Are they...
...truly stupid or just disingenuous?
SeanR124
50%
50%
SeanR124,
User Rank: Apprentice
3/4/2016 | 10:59:42 AM
wow
Do you work for the fbi?
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll