The poor FBI. Apple is going to make their job impossible by encrypting the contents of the iPhone 6.
The phone encrypts emails, photos and contacts based on a complex mathematical algorithm that uses a code created by, and unique to, the phone’s user — and that Apple says it will not possess.
The result, the company is essentially saying, is that if Apple is sent a court order demanding that the contents of an iPhone 6 be provided to intelligence agencies or law enforcement, it will turn over gibberish, along with a note saying that to decode the phone’s emails, contacts and photos, investigators will have to break the code or get the code from the phone’s owner.
Breaking the code, according to an Apple technical guide, could take “more than 5 1/2 years to try all combinations of a six-character alphanumeric passcode with lowercase letters and numbers.” (Computer security experts question that figure, because Apple does not fully realize how quickly the N.S.A. supercomputers can crack codes.)Since this code is "created by" the phone's user I also question that figure. If these codes are anything like the passwords most people use for their email accounts, it will take about five minutes to decrypt 80% of all the iPhones out there.
And, yet again, the FBI is trotting out the hoary old "kidnapper" fable:
He cited kidnapping cases, in which exploiting the contents of a seized phone could lead to finding a victim, and predicted there would be moments when parents would come to him “with tears in their eyes, look at me and say, ‘What do you mean you can’t’ ” decode the contents of a phone.Huh? If you've got the kidnapper's cell phone, you've probably got the kidnapper. Which means you've pretty much got the case solved 99.9% of the time. Yeah, we've all seen this TV show: the cops have captured the kidnapper, but his victim is buried out in the woods somewhere with only 37 minutes of air, and if they don't get him to confess the victim will suffocate and there won't be any evidence with which to prosecute the bastard.
But does that ever happen in real life? I can't think of an actual case like that. In all the recent high-profile kidnappings around here, the victim disappears, the cops don't find anything for weeks, eventually they find the perp, and it's another six months before they track down the corpse buried in the woods or dumped in a lake. Or the victim has been living with the perp for the last five years as his sex slave. Or the victim is a child in a nasty custody battle.
And all those same TV shows tell us that if you don't find a kidnapping victim alive within 24-48 hours, odds are you never will. And since cops rarely investigate missing persons until they've been gone for 24 hours, what are the odds that being able to decrypt a cellphone will make it easier to find that kidnapping victim?
Does it make any sense have a legal system that makes it trivial for cops to snoop on 300 million Americans in order to make it slightly easier for them to solve a case that happens maybe once every 10 years?
What did the FBI do 20 years ago, before cell phones? Back then, kidnappers just remembered everything, or wrote it down on pieces of paper they could eat when they were gonna get caught. Law enforcement couldn't track everyone's whereabouts through cell phone towers, or read your email off the backups on your ISP's server without ever setting foot in your house. Kidnappers used paper maps instead of GPS units, which left absolutely no electronic trace whatsoever.
Back then, the FBI had to rely on old-fashioned police work and deductive reasoning. If you watch those same TV shows, you learn that other forensic techniques (pollen, trace evidence, telephone logs, cell phone tracking, lists of known associates from police files) lead them to the victims just as easily as text messages, contact lists and cell phone photos.
Is the FBI just getting lazy? Cell tower tracking data and call logs from the phone company will also lead them to co-conspirators, and kidnappers can't delete that data from their phones. And if the kidnappers are smart enough to turn their phones off so they aren't tracked and not call their partners in crime, odds are they're smart enough not to put anything useful in their phones in the first place: if you want to keep a secret, don't tell anyone and don't write it down. Anywhere. It didn't take Edward Snowden to tell us that: anyone watching any cop show for the last 20 years knows it inside and out.
The public should have the right to protect themselves against the theft of their data by criminals. If we should have the right to protect ourselves with guns that can just as easily be used to murder dozens of innocent victims at a time, shouldn't we have the right to use encryption to protect ourselves from blackmail and theft of intellectual property? If a business competitor steals your phone, you should be able to encrypt the data so they can't profit. If Kate Upton loses her cell phone, she should have the expectation that her nude selfies will not be spewed across the Internet.
Speaking of nude selfies, I would say that Apple is not going far enough with its encryption: several celebrities' online accounts were recently hacked and embarrassing photos were released. That should be much harder to do. In any case, everything in the Cloud should be encrypted to prevent poorly paid sysadmins from rummaging through your personal files and selling them to TMZ or your competitors.
The FBI is just whining. To reiterate, if these files are encrypted with a user-supplied code, that code will be relatively easy to guess most of the time. If it's not easy to guess, then it's probably not easy to remember, and that means any would-be kidnappers will have it written down on a piece of paper. Probably in their desk at home, or in their wallet, or on a USB flash drive in their possession.
In other words, easily found by good, old-fashioned detective work.
Kidnapping is a red herring. The FBI really wants contact lists to be unencrypted so they can more easily track down organized crime, drug dealing, terrorism and insider trading. Those are all things worth fighting, but the FBI shouldn't be lying about why they want to be able to spy on us.
No comments:
Post a Comment