It will have been difficult to miss the news that the FBI and Apple are in debate about getting information off iPhones. Don’t worry if you have though, because in this piece I will try and link some of the best stories I have seen with some of my thoughts and give you a fighting chance of understanding what is happening in the debate.
Whether you have heard the news or not you will likely find the timeline produced and update by TechCrunch very useful. An overview of what Apple are being asked to do and Apple’s open customer letter in response will also help bring you up to speed.
The underlying argument stems from the security services being worried that easily available, good encryption products are reducing the amount of data that they will be able to exploit. This inability to see some data is termed “going dark” and there is an interesting paper (“Don’t panic”) jointly penned by a number of key players in the area which discusses how much of a problem that is and what other methods are left open for exploitation.
We are all familiar with encryption of our data “in flight” between our web browsers and the servers which feed them; take for example the padlock or green swatch which appears against the URL of your banking site or even, these days, on your Google email session. However, encryption of data “at rest” is also on the rise, ensuring that accidental loss of a device does not leave you open to a loss of all your data. This is what Apple have enabled on their devices, especially the newer devices, as described in an enlightening article from Greg Leffler.
In fact, if enabled on Apple’s newer devices, and if you incorrectly enter your credentials enough times, the device will delete all data, thereby protecting the data from falling into the wrong hands. In part, it is this feature which the FBI seek to circumvent but which Apple do not wish to. It can be a different story on older Apple devices and conflation of these different stories does not help one’s understanding of the situation.
Apple have been assisting the FBI as best they can and the FBI have caused themselves a problem by resetting the iCloud password (see further down that article) for the phone in question.
There also seem to be a host of different views being touted about whether Apple should comply or not, with broad support for Apple’s stance from key players in the software community such as Google CEO Sundar Pichai and Mark Zuckerberg of Facebook. There is slightly less strong backing from an advocacy group supported by major tech companies such as Google, Facebook, Microsoft and Twitter and a somewhat unclear response from Bill Gates. Of course we can’t ignore some of the other more colourful comments on the issue such as Donald Trump’s “I just thought of it” stance or John McAfee’s supportive stance to Apple, offering to eat his shoe on TV if he and his team could not hack the data for the FBI.
Maybe Apple will eventually lose, as predicted by some, but if they do, it is still not certain that criminals and terrorists will become the casualties of that loss, as pointed out by Bruce Schneier. In that case, it will be the general populous who fall prey to the new rules and not the intended targets.
Considering the bigger picture, this is about your right to privacy against law enforcements’ desire for access. It is right that both sides make their case and ask for everything they can get, but hopefully, an eventual position will be reached which does not subvert the privacy that our predecessors struggled to achieve and protect. Furthermore, I believe that we should not lightly give away rights we in the West have come to take for granted because of perceived threats, however severe, as we may end up simply replacing one threat with another.