Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Iphone Encryption Privacy Security

New York DA Wants Apple, Google To Roll Back Encryption (tomsguide.com) 254

An anonymous reader writes: Manhattan District Attorney Cyrus Vance Jr. called on Apple and Google to weaken their device encryption, arguing that thousands of crimes remained unsolved because no one can crack into the perpetrators' phones. Vance, speaking at the International Conference on Cyber Security here, said that law enforcement officials did not need an encryption "backdoor," sidestepping a concern of computer-security experts and device makers alike. Instead, Vance said, he only wanted the encryption standards rolled back to the point where the companies themselves can decrypt devices, but police cannot. This situation existed until September 2014, when Apple pushed out iOS 8, which Apple itself cannot decrypt. "Tim Cook was absolutely right when he told his shareholders that the iPhone changed the world," Vance said. "It's changed my world. It's letting criminals conduct their business with the knowledge we can't listen to them."
This discussion has been archived. No new comments can be posted.

New York DA Wants Apple, Google To Roll Back Encryption

Comments Filter:
  • by Lord_Rion ( 15642 ) on Wednesday July 27, 2016 @02:24PM (#52592823)

    You shouldn't be able to listen to them... you shouldn't be able to listen to anyone. Try doing your job the old fashioned way... outsmart them.. stop trying to take short cuts at the expensive our our rights and liberties...

    But hey.. that's just my opinion

    • by npslider ( 4555045 ) on Wednesday July 27, 2016 @02:37PM (#52593039)

      The "bad guys" will still find that classic abandoned warehouse across the train tracks and plot their evil in the veil of darkness. Perhaps we should require spotlights and mandatory cameras over every square inch of the planet too?

      • by Anonymous Coward on Wednesday July 27, 2016 @02:45PM (#52593149)

        One problem time and again is that crypto only works for "the good guys" (which may or may not include LEOs, this is not automatic) if it isn't diddled, and therefore it also works for "the bad guys", whoever those might be. This is well-known in "intelligence"-land, but the concepts that are well-known and -understood there, quite certainly aren't in, oh, LEO land. Or the land of the liars, er, politicians. Or much anywhere else, really. Something that will have to change, thanks to information technology and world-wide networks.

        Another problem is that the LEOs are now the tail wagging the dog. Maybe they should re-read the Peelian principles, instead of fancying themselves the militarised "command and control" hub of society.

        • by dinfinity ( 2300094 ) on Wednesday July 27, 2016 @04:36PM (#52594417)

          A security guy (admittedly someone random on the internet) mentioned the relative ease with which criminals can make their own communications and storage apps (or have them made). Apps which due to their custom nature render trying to strongarm the (now sidelined) 'big guys' into weakening their encryption completely useless.

          In fact, the possibilities for any serious criminal network to create their own secure communications channels and data storage are so mindbogglingly vast that the only criminals the current situation is 'letting [...] conduct their business' are pretty obviously small time or just stupid drug dealers. Hardly the type of criminals envisioned when urged to give up the basic human right of privacy.

        • I'm sure we can come to an agreement. If the government rolls back the Patriot Act, for example, then maybe we look at rolling back encryption.

      • by sbrown7792 ( 2027476 ) on Wednesday July 27, 2016 @02:56PM (#52593297)

        Perhaps we should require spotlights and mandatory cameras over every square inch of the planet too?

        Please, for the love of all that is holy: stop giving them ideas!

      • Perhaps we should require spotlights and mandatory cameras over every square inch of the planet too?

        Don't the Brits already do that? CCTV on every corner with car tag readers? You folks don't think MI-5 is not harvesting oll of this stuff in real time and tracking cars and people?

        • Ah... but the difference is that at least the populous knows about those cameras!

          I'd be more worried about the hidden camera in my outhouse, my woodshed, and my dog house (never can trust some breeds).

      • The "bad guys" will still find that classic abandoned warehouse across the train tracks and plot their evil in the veil of darkness. Perhaps we should require spotlights and mandatory cameras over every square inch of the planet too?

        The problem has never been all that hard for the authorities: They have always known that to snag all the bad guys, they only have to monitor the small subset of warehouses that are built on a slanted "Dutch angle".

        • The "bad guys" will still find that classic abandoned warehouse across the train tracks and plot their evil in the veil of darkness. Perhaps we should require spotlights and mandatory cameras over every square inch of the planet too?

          The problem has never been all that hard for the authorities: They have always known that to snag all the bad guys, they only have to monitor the small subset of warehouses that are built on a slanted "Dutch angle".

          Accomplished criminals know to conduct all their dealings via email with a lawyer and label all communication "Attorney Client Privileged".

    • by jellomizer ( 103300 ) on Wednesday July 27, 2016 @02:56PM (#52593287)

      I think it is more to the point. We as a culture should be brave enough to say We are willing to take these security risks in order to protect our privacy.

      The people who work in security are doing their job. And it is their responsibility to ask for things and changes that will make their job more effective, I don't blame them for the request.

      However we seem to lack the fortitude to go to these people and say, no that is asking a bit too much, I know it isn't ideal but we need to keep people's freedom as well, at the expense of ideal security.

       

      • by Hylandr ( 813770 ) on Wednesday July 27, 2016 @03:10PM (#52593491)

        at the expense of ideal security.

        *Having a backdoor into any encryption is not ideal security*, as that back door, or weak encryption is equally, if not more so, vulnerable to the bad guys as well.

        What makes you think only the good guys will use backdoors or exploit weaker encryption? What if it's a bad guy that gets ahold of the cops phone and looks inside? Which agency will be compromised?

        Bad guys often have better equipment than the good guys and by bad guys I am also including foreign nations, mafia, competing corporations, and Militaries of the world in addition to criminals.

        When will people get it through their heads that the same tools are used by both good and bad? Good people with guns stop bad people with guns. But bad people with guns also stop good people with guns. Good encryption can be used to protect bad people, but good encryption can also protect the good people.

        The catch here is the bad people won't care about artificial constructs such as laws. If they need a gun they will steal one or make one. If they want to cover their tracks online they will find a way to do it. The rest is just FUD and ignorance.

      • by Darinbob ( 1142669 ) on Wednesday July 27, 2016 @09:06PM (#52596077)

        There's really not much risk here. They're trying to play the fear card too much. It wasn't long ago when we didn't have smart phones with encryption. It is so recent that even a millenial can remember those days. And was it a world where all criminals were captures, all crimes solved, people were always safe and secure? No! Rates of violent crime were higher. Criminals still figured out how to talk to each other securely without the FBI listening in. We had organized crime operating with impunity for long periods of time, they even figured out how to use encryption.

        There's nothing law enforcement can do to put this genie back in the bottle. One simple app to do a pgp style communication and encryption is back no matter how many back doors the manufacturers put in (or get a warrant to get the phone maker to stick on keyloggers, but everyone's going to avoid those phones like the plague once word is out). Use some third party SOCs from outside America as your key dongle on the PC and you can detect tampering and destroy your keys.. There's just no way they can lock this down.

        We have some phones locked tight that may or may not contain evidence about crimes. So what?? This is not a disaster. We've never had a time when we could gather all possible evidence, search everywhere we liked, and solve all crimes. Claiming that it's wrong that they can't open up the phones and get the data from them is like whining that the parrot at the crime scene isn't talking.

    • by ArmoredDragon ( 3450605 ) on Wednesday July 27, 2016 @03:13PM (#52593531)

      My response would have just been a middle finger followed by "Next subject."

      Really, it no longer deserves any consideration at this point.

      • Your response isn't extreme enough. The guy needs to be fired for incompetence. Unfortunately, he would likely end up on HRC staff

    • by stephanruby ( 542433 ) on Wednesday July 27, 2016 @03:33PM (#52593739)

      This DA seems to be implying that pre-iPhone, his predecessors closed all their cases.

      That kind of track record doesn't bode well for him. Is that really something he should be calling attention to? That his predecessors got results, but that his current office doesn't.

      • This DA seems to be implying that pre-iPhone, his predecessors closed all their cases.

        "Look! A squirrel!"

        (Sneaks quietly away from the podium, as all the domesticated grows look around wildly to see past their cones of shame...)

      • I gotta admit, that's what bothers me about his statement:

        [...] thousands of crimes remained unsolved because no one can crack into the perpetrators' phones.

        How do you know they're the perpetrator?

    • Re: (Score:2, Informative)

      at the expensive our

      at the expense of our

      Is this a new bit of illiteracy, or is it derived from the "intensive purposes" illiteracy?

  • by bluelip ( 123578 ) on Wednesday July 27, 2016 @02:24PM (#52592839) Homepage Journal

    Many law enforcement leaders are acting as if no crimes can be solved unless all cell phones are made more vulnerable.

    What a great idea.... weaken everyone for a few rare cases.

    • > What a great idea.... weaken everyone for a few rare cases.

      That's the norm in big gov't.

      Some people use guns to commit crimes? Let's ban them, or at least severely restrict them!
      Some people can't dispose of plastic bags? Ban them for everyone!
      Terrorists took over some planes? Let's enact crazy "security" that can't actually catch anything, treats everyone like a criminal, and make sure we grope kids and grandma so we don't look like we're profiling.

      • by Yvan256 ( 722131 ) on Wednesday July 27, 2016 @02:45PM (#52593157) Homepage Journal

        Terrorists took over some planes? Let's enact crazy "security" that can't actually catch anything, treats everyone like a criminal, and make sure we grope kids and grandma so we don't look like we're profiling.

        Banning planes would have been easier.

    • by Zak3056 ( 69287 ) on Wednesday July 27, 2016 @02:34PM (#52592999) Journal

      That's how Billy the Kid got off... they tried him for shooting Sheriff William Brady, but he was acquitted because his iPhone was encrypted and they couldn't get at the data. They even tried getting Steve Jobs' great grandfather involved, but the sonofabitch insisted that he didn't even know what a cell phone was, much less how to remove the encryption from one.

      Julius Rosenberg also went free because they couldn't decrypt his thumb drive to prove he was spying for the Soviets.

      At least that's the impression I get from listening to these assholes whining that they can't spy on all of us 24/7.

    • I'm sure that if Jesus had simply handed over his GodPhone to the Pharisees, they would have realized he was not a threat to them and let him go in peace. At least then they could have asked the Man upstairs using Facetime.

    • Race to the bottom...

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Devil's advocate: How were crimes committed before cell phones? The old telephone system could be tapped. Letters could be intercepted. If people had to meet physically, they could be followed physically. These channels of communication are decreasing in popularity and are being replaced by a system that isn't as easy to spy on. This is probably a good thing overall, but it's making it more difficult for law enforcement to do that part of their jobs.

      Many law enforcement leaders are acting as if no crimes can be solved unless all cell phones are made more vulnerable.

      Are they? It looks like they're actually complaining that

      • The fact is that encryption exists and it is not going anywhere. Even if Google and everyone else did roll back to previous encryption methods, the criminals would eventually just use alternative encryption solutions. Admittedly, it would probably take a while before it became a common staple of criminal activity but it would happen. As far as the dumb criminals go, I doubt that you need to rollback encryption to catch them. The likely did something else stupid that would get them catch.
    • by mysidia ( 191772 )

      Many law enforcement leaders are acting as if no crimes can be solved unless all cell phones are made more vulnerable.

      Before Telephones; you could tell who someone was communicating with by monitoring their physical movements on foot. Telephones would have made that harder..... Until wiretapping became a thing that was allowed.

      Ubiquitous technology, And "Ease of Snooping" made law enforcers' lives easier at investigating crimes than it ever was before Telephones were invented.

      At this point th

    • a lot of them weren't. the cops would give up after a few days or only concentrate on the big fish at the top. a lot of murders used to go unsolved unless you had a lot of witnesses. or the cops would pick up a few black or hispanic kids and blame it on them. Like the Central Park Five in NYC
    • Many law enforcement leaders are acting as if no crimes can be solved unless all cell phones are made more vulnerable.

      There are a couple glaring problems that come to mind immediately when I read statements like the one the DA made:

      1) They are claiming that having access to the phones would let them solve the crimes. While that may be true in some cases, it's certainly not a given. Look at the San Diego shooter's phone - when they finally got in, there was nothing worthwhile on it.

      2) They are implying this is their only recourse. But if they have enough evidence to get a warrant, they can lock up the suspect if he/she does

  • Bullshit (Score:4, Interesting)

    by Anonymous Coward on Wednesday July 27, 2016 @02:25PM (#52592845)

    So what you can't listen to them? Have these guys never heard of police work? Here's a hint, it's not synonymous with spying. If you can't follow the money, them the crime is probably too petty to worry about.

  • by sentiblue ( 3535839 ) on Wednesday July 27, 2016 @02:25PM (#52592855)
    LOL!!!! Even the FBI Director can't get this after numerous cry-out... What the hell does a DA think he is?

    It's the law enforcement's job to handle the criminals... if they need help, send their people to more technical education. Companies have only one job: To satisfy their customers... and if they can't do that, nobody will buy the stuffs, period!!!
    • Companies have only one job: To satisfy their customers... and if they can't do that, nobody will buy the stuffs, period!!!

      What kind of fairy land do you live in?

      Companies exist to make money.

      If Apple decided to go back to non-encrypted devices I can pretty much guarantee that the masses wouldn't care one bit and iPhone sales would continue on as though nothing had happened. All most people care about is "can it run my pokemon game?"

      Not saying they should do that. I just think your viewpoint is a bit idealistic.

  • by chubs ( 2470996 ) on Wednesday July 27, 2016 @02:29PM (#52592903)
    If anyone other than the intended recipient can decrypt (including Apple), then everyone can. Apple having a back door into your stuff is a back door, even if the police don't have access to it. Unfortunately, the DA is going to sound very reasonable to anyone who doesn't understand encryption.
  • Comment removed based on user account deletion
    • I'd like Cyrus Vance to have all of his personal conversations posted to the Internet.

    • Please be sure to always refer to this person as Cyrus Vance Jr., because his late father, Cyrus Vance, wasn't as big a schmuck.
  • by Dorianny ( 1847922 ) on Wednesday July 27, 2016 @02:32PM (#52592951) Journal
    You can absolutely listen to their conversations and see their text messages. All you need is to convience a Judge to approve a wiretap order and the Carriers will let you spy to your hearts content. Stop asking companies to provide back-doors to my personal devices that I don't not wish to grant you access to
    • by SeaFox ( 739806 )

      You can absolutely listen to their conversations and see their text messages. All you need is to convience a Judge to approve a wiretap order and the Carriers will let you spy to your hearts content.

      If you're using an encrypted VoIP app or email to communicate, the carriers don't have access to the data either.
      Not that I'm siding with this asshat. I'm just saying...

  • by npslider ( 4555045 ) on Wednesday July 27, 2016 @02:34PM (#52592997)

    I do not trust big business with the ability to de-crypt my data any more than the government. Both entities are not interested in protecting you, but their bottom lines and political interests. The right to privacy means privacy from anyone!

  • by nehumanuscrede ( 624750 ) on Wednesday July 27, 2016 @02:35PM (#52593005)

    we could trust that Law Enforcement wouldn't abuse such a thing.

    That sort of abuse is what got us here to begin with.
    So you need to ask yourself: Whose fault is it you can't decrypt these things again ?

    You reap what you sow . . . . . .

  • Comment removed based on user account deletion
  • We'll get right on that.

    -Apple and Google

  • by gurps_npc ( 621217 ) on Wednesday July 27, 2016 @02:39PM (#52593079) Homepage

    Glad to hear he thinks we don't need privacy.

    Now I have a long list of police files and videos I would like to see.

    Wait, you mean you don't want us to see those? But thousands of accusations against police are going unsolved without access to them!

  • by SuperKendall ( 25149 ) on Wednesday July 27, 2016 @02:40PM (#52593095)

    We live in such a complex web of laws now that we are all breaking them every day... so if the government can on demand browse through your phone they WILL find evidence of some crime. Especially Slashdot readers I'd warrant.

    So basically what the government wants is an easy way to harass or lock-up anyone it deems a nuisance for any reason,

  • Everybody's devices should be forced to be insecure, so that bad guys are just as unprotected and vulnerable as innocent people.
  • You heard me.

  • Thousands of crimes? THOUSANDS? What crimes are these that you can only solve if you are able to look at people's phones?

  • It's letting criminals conduct their business with the knowledge we can't listen to them."

    Good. That's not something that law enforcement should be able to rely on any way.

    • Now if you citizens would only let us put microphones on you to record everything you say, and a body cam to record everything you do, and make all the data available to police, we'd all be safer!

      Why do you hate safety? What are you doing behind closed doors? If you aren't guilty, you have nothing to worry about!

      Say... your teen daughter might be a terrorist. We need to review her shower footage again.

  • ...thousands of crimes remained unsolved because no one can crack into the perpetrators' phones....

    I have two strong concerns about the proposal in front of us.

    .
    1) vulnerability - reducing the encryption level for the phones affects not just criminals but everyone. Phones can (and are) used for very legitimate purposes and those phones need secure encryption. Once the encryption is weakened for criminals' phones, the encryption is weakened for all our phones.

    2) trust - once the police have the ability to "crack" into criminals' phones, what is to stop them from "cracking" into anyone's phone (in a

  • by gweihir ( 88907 ) on Wednesday July 27, 2016 @02:46PM (#52593171)

    Otherwise you have a full-blown Police State and that is far, far worse than almost any amount of unsolved crime. In a free state, the police must be severely limited in what it can do and must be kept at a level of power that allows them to reliably keep society functioning, but never above.

  • by ehynes ( 617617 ) on Wednesday July 27, 2016 @02:47PM (#52593179) Homepage
    The claim that

    thousands of crimes remained unsolved because no one can crack into the perpetrators' phones

    is exaggerated speculation at best. There may well be thousands of crimes that include locked phones in their set of evidence, but there is no guarantee that data on those locked phones would lead to the crime being solved if it were unlocked. It's also possible that many of those crimes could be / will be solved eventually using other pieces of evidence and investigative avenues.

    • Well thousands of crimes were unsolved before smartphones because no photos or texts existed that would criminals would/could keep.
  • Dear pigs, (Score:4, Insightful)

    by MitchDev ( 2526834 ) on Wednesday July 27, 2016 @02:51PM (#52593229)

    Earn your pay instead of putting innocent citizens in danger.
    People have a right to secure communications.

    Deal with it bullies...

  • In essence, what he's saying is: "We don't want a back door. We just want a back door!" Weakened encryption *is* a back door! And more than even the usual back door, it's a back door available to everyone! (Although that's true to some extent of every back door.)

  • by supernova87a ( 532540 ) <kepler1@NoSpaM.hotmail.com> on Wednesday July 27, 2016 @03:03PM (#52593383)
    The DA provides the best argument for Apple to strengthen encryption, by his own existence and statement. Imagine 10,000 district attorneys across the US, each of which have varying competence / incompetence in handling investigations, requests from Apple certain encryption/decryption keys, and wildly varying levels of knowledge about how to use or judge when to ask for this capability.

    And, for that matter, wildly differing capabilities to securely handle and keep private the information they find on people's phones.

    No thank you, and Apple is right to refuse them.
  • apple can turn off the auto wipe / time out system and let the login take a usb keyboard.

  • My dog would really like a pony, too. Sometimes the world doesn't work the way we want for our own little special interests. The politicians all rant and rave about special interest groups. What's a more special interest than wanting to weaken security of everyone worldwide just so your job is a little easier?

  • Good 'ol Vance Jr has been fucking up the country since Carter.

    And he's doing it wrong too. Hey Cyrus; all need to persuade the bulk of these hapless government worshiping twits that your back door is a great idea is to convince them that you need it to prosecute wealthy tax evaders. Unbreakable iPhones are a tool of Those At The Top(tm) to keep from Paying Their Fair Share(tm).

  • You just have to do a rollback on procedures and get a warrant, then install a wiretap on the phone itself. Of course, with modern smartphones, that would most likely be a secret app.

    Is it just that you don't want to give up the ease and lack of oversight on push button eavesdropping and stingray mass interceptions?

    I doubt it's an issue regarding the cost of developing a police smartphone eavesdropper app, after all, those stingrays aren't cheap and I'm betting you have at least one of those.
  • thousands of crimes remained unsolved

    That will always be the case crimes go unsolved, it is about having a balance between personal rights and solving crimes. Imagine how much easier if there was a video camera everywhere. Rape would no longer be a matter of who you believe, we would have video evidence of the incident. But we need to balance privacy with catching every offender.

  • by s13g3 ( 110658 ) on Wednesday July 27, 2016 @04:17PM (#52594199) Journal

    Vance said. "It's changed my world. It's letting criminals conduct their business with the knowledge we can't listen to them."

    They can do that in an empty theater, a subway car, a taxi, a sewer... or in simple, pre-arranged, spoken code-phrases you'll have EVEN LESS CHANCE OF CRACKING. So it's "changed your world." Ala, forced you to think about hiring cops capable of doing actual investigative police work? You mean, like, when people used codes the police couldn't crack just 15 years ago, except they were written on paper, or ciphered into the actual text? You mean like when they spoke languages few if any other people spoke? You mean like back in the day when cops were expected to solve crimes with actual police-work, instead of relying on broad, warrantless searches of people's private property and communications with no restraint on the part of the police, who would instead prefer to violate the Constitution they swore an oath to uphold with the use of Stingray devices and the like just to nab an easy collar?

    Frankly, if your only avenue for solving crime is bottomed on your ability to read the contents of people's private messages and cellphones, you should quit because you're an awful police officer with no ability or skill to solve crimes the way our nation of laws intended them to be solved: without violating people's equal rights, all because "but... crime!!1 Terrorism!1! 9/11!!!one" Even if I believed that giving you what you wanted wasn't a civil rights violation and was in the best interests of the public, the fact of the matter is that it would change nothing: the criminals would simply find other means and avenues, and frankly I seriously doubt such access is a relevant factor in even 1 out of 100,000 cases anyway, especially since your record of solving crimes has not improved in the least bit during the periods when you had this access, or since you've started illegally using stingray devices, even though overall crime rates have been on a downward tick for the last couple of decades.

  • by tlambert ( 566799 ) on Wednesday July 27, 2016 @04:18PM (#52594217)

    Apple, Google want New York DA to roll back police shootings.

    Guess neither of them gets what they want, right?

  • by nitehawk214 ( 222219 ) on Wednesday July 27, 2016 @04:41PM (#52594455)

    New York DA wants all citizens to be entirely naked at all times. Quote: "It isn't fair, clothes have pockets that people could be concealing weapons in."

  • Next request...

    DA: "We have the decryption keys; but that's not enough."
    Person: "Why not?"
    DA: "It's an asymmetric cypher."
    Person: "So? You can decrypt it, and read what's there; what more do you want?"
    DA: "We also need the encryption keys."
    Person: "Why?"
    DA: "With the decryption keys, we can only find what's there; we can't find what's not there... yet."

  • JThundley wants New York DA to get on knees, swallow hot sticky load.

  • The assertion that "crimes aren't being solved because we can't hack suspects phones" is based on the unproven assumption that the suspects were stupid enough to leave information that could convict them on their phones in the first place. Until you actually access all the data on the phone, you don't know whether or not that is true, do you? For all the DA knows, all these people he wants to crack the phones of are innocent!
  • by mark-t ( 151149 ) <markt AT nerdflat DOT com> on Wednesday July 27, 2016 @05:46PM (#52595009) Journal
    ... it will be before these companies are finally issued the ultimatum of not being permitted to conduct ANY business within the USA until they comply with these demands to weaken their encryption?
  • lazy days (Score:4, Insightful)

    by Revek ( 133289 ) on Wednesday July 27, 2016 @06:33PM (#52595299)

    Its crazy how lazy these people have become. Its way to much trouble for them to actually do their job. They just want to be able to cheat and skip to the end.

You know you've landed gear-up when it takes full power to taxi.

Working...