Apple bites back.
William Fleischman is a professor of computing sciences at Villanova University The confrontation between the FBI and Apple is the latest point of conflict in a war between the government on one side and technology companies, privacy advocates, and cryptography and computer security researchers on the other that goes back to the 1970s.
William Fleischman
is a professor of computing sciences at Villanova University
The confrontation between the FBI and Apple is the latest point of conflict in a war between the government on one side and technology companies, privacy advocates, and cryptography and computer security researchers on the other that goes back to the 1970s.
The conflict intensified significantly in the 1990s with the government's proposal for exceptional access to encrypted data and communications. The struggle intensified further after the terrorist attack in San Bernardino, Calif., in December. The FBI is now demanding that Apple help the investigation into contacts of the two San Bernardino assailants by unlocking the iPhone of one of them recovered after their deaths.
In a paper titled "Keys Under Doormats: Mandating Insecurity by Requiring Government Access to All Data and Communications," published in July, a group of 15 experts in the field responded to FBI Director James Comey's 2014 proposal "that the providers of services that use encryption be compelled by law to provide access to keys or to plaintext in response to duly authorized warrants."
In "Keys Under Doormats," the authors reviewed the well-documented concerns - about the increased exposure to malicious attacks, the troubling question of increasing software complexity (which leads to unanticipated vulnerabilities that multiply the possibilities of successful cyberattack), and the high direct and indirect economic costs - that, in the 1990s, eventually led the government to drop the earlier proposal for implementation of backdoors in encrypted communications systems.
These same considerations - in the context of the current, far more complex global networks of communication and varieties of communications devices - led the authors of "Keys" to reiterate their skepticism about the practicability of Comey's new proposals and to present a series of unanswered questions that should be debated before any system of exceptional access is legislated or otherwise approved.
It seems clear that the FBI and the government have been looking for a case with sufficient emotional and political "pull" to successfully force the issue in the courts. And in the San Bernardino attacks, they may have found one that fulfills their purpose.
The political reaction in some quarters has been comforting to the FBI. Most notably, Sen. Tom Cotton (R., Ark.) released a statement that called Apple the "company of choice for terrorists, drug dealers, and sexual predators of all sorts." But libertarian Rep. Justin Amash (R., Mich.) counters, "Government's demand that Apple undermine safety and privacy of all its customers is unconscionable and unconstitutional."
On the one hand, this case is presented by the government as a request to Apple (under the All Writs Act of 1789) to provide a "software bypass" to enable the FBI to open just this single locked iPhone by "brute force" discovery of the phone's pass code without triggering the security feature that deletes everything stored in the phone in case of such a brute-force attack. (Presumably, in ordinary circumstances, this would mark an attempt to steal sensitive personal information.)
In response, Apple frames this as tantamount to a request to create a backdoor into the iPhone encryption protections, which it says does not currently exist and which, if inadvertently disclosed or maliciously captured, would place the privacy of every iPhone user at risk.
Experts are divided on the question of whether this one single "exploit" or "hack" can actually be accomplished without, for example, inadvertently triggering the iPhone's security erase feature and without creating the sort of template for a backdoor to all iPhones that Tim Cook of Apple fears. Matt Blaze, an associate professor of computer science at the University of Pennsylvania and one of the authors of "Keys," considers that it is "possible, but very risky unless Apple already has a debugged version on the shelf."
What is not in dispute is that this case, if it is decided in favor of the FBI, will create a legal precedent somewhat like the lifting of one small corner of the tent - just barely large enough to admit the tip of the front hoof and perhaps the head, neck, and no more than one hump, of the camel.