Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Encryption Government IOS Privacy Apple Politics

Two Years After FBI vs Apple, Encryption Debate Remains (axios.com) 175

It's been two years since the FBI and Apple got into a giant fight over encryption following the San Bernardino shooting, when the government had the shooter's iPhone, but not the password needed to unlock it, so it asked Apple to create a way inside. What's most surprising is how little has changed since then. From a report: The encryption debate remains unsettled, with tech companies largely opposed and some law enforcement agencies still making the case to have a backdoor. The case for strong encryption: Those partial to the tech companies' arguments will note that cyberattacks and hacking incidents have become even more common, with encryption serving as a valuable way to protect individuals' personal information. The case for backdoors: Criminals are doing bad stuff and when devices are strongly encrypted they can do it in what amounts to the perfect dark alley, completely hidden from public view.
This discussion has been archived. No new comments can be posted.

Two Years After FBI vs Apple, Encryption Debate Remains

Comments Filter:
  • by Travelsonic ( 870859 ) on Friday February 16, 2018 @09:10AM (#56134616) Journal
    ... for the technologically illiterate politicians who, at the same time, are too goddammed unable, for some reason, to LISTEN to the EXPERTS who tell them that "responsible encryption," encryption with backdoors, is vulnerable, and not really secure at all. Christ allmighty, what is with the stream of idiots in U.S, U.K, and Australian politics who speak on the matter, and don't try to understand it?
    • by 605dave ( 722736 ) on Friday February 16, 2018 @10:21AM (#56135030) Homepage

      Believe it or not politicians do listen to people with security knowledge. I have spoken to numerous Senators and members of the House on this issue over the last few years. Yes their knowledge is limited but the ones I have spoken to have grasped the complexity of the issue.

      Two examples. One member of the House who is a former prosecutor explained to me how he evolved on the issue over time and now opposes backdoors. A member of the Senate who you see on the TV almost every night cornered me at a meeting to talk about encryption until his aides pulled him away. He too was originally uncertain why a back door was needed, but now understands the problem. They had mostly already come to these positions, but were seeking out further opinions. Which is exactly what we want them doing, asking questions.

      And as of now there are no government requirements on backdoors. So far our arguments have won out. But this issue is not going away, and I will keep trying to have as many conversations as I can to keep the people in the position to decide informed. Members of Congress mostly know what the people around them tell them (they don't disagree with this assessment), and when it comes to tech that is mostly lobbyists. But there are groups and people working behind the scenes making the case. And they are being heard.

    • by gtall ( 79522 )

      The head of the FBI is not technically a politician. He's a career civil servant, maybe not a particularly bright one, but there we are.

      In any case, to yer average Joe, technology is indistinguishable from magic. There are frequent announcements of new whizzies, frequent enough that people just come to assume that anything is possible, just not quite yet done. In a way, that is understandable, they aren't being paid to learn tech or science, they have other priorities, e.g., kids, health insurance, etc.

      • No, the head of the FBI merely controls politicians via illegal spying, blackmail, and other general thuggery. I think too many of us have let The X-Files go to our heads and think about the FBI as if it were really the sort of warm and fuzzy place that would employ Fox Mulder and Dana Sculley. The reality its that it is the house the J Edgar Hoover built. It still reveres Hoover's memory. And, indeed, it resides in the building constructed as a monument to Hoover and bearing his name.

        In reality, Mulder

    • Christ allmighty, what is with the stream of idiots in U.S .. who speak on .. matter[s], and don't try to understand [them]?

      Those are who we always vote for.

  • by sjbe ( 173966 ) on Friday February 16, 2018 @09:20AM (#56134654)

    The problem is that there is no middle ground here. Putting any sort of back door into encryption effectively renders it useless. The cops can say whatever they want but that is an indisputable fact and isn't negotiable even if we wanted to. You can have good encryption or for all practical purposes no encryption. There is literally no middle ground.

    Even if we trusted the cops (and history tells us we shouldn't) the cops aren't the only party in play here. If the cops have a back door then so do black hats, criminals, foreign nations, and anyone else. So we get lots of whining by politicians and cops who are either clueless or disingenuous or both.

    • I think the lack of middle ground is a big part of the problem.

      Despite the numerous examples of our current political landscape forcing binary "With us or against us" type view points where compromise and middle ground does actually exist (gun control for example), Encryption really is an all or nothing proposition. Not for the usual political posturing reasons, but because that is just how math works. Since they don't understand the reasons (Numeracy, particularly as it pertains to encryption, being larg
    • by clodney ( 778910 )

      The problem is that there is no middle ground here. Putting any sort of back door into encryption effectively renders it useless. The cops can say whatever they want but that is an indisputable fact and isn't negotiable even if we wanted to. You can have good encryption or for all practical purposes no encryption. There is literally no middle ground.

      Even if we trusted the cops (and history tells us we shouldn't) the cops aren't the only party in play here. If the cops have a back door then so do black hats, criminals, foreign nations, and anyone else. So we get lots of whining by politicians and cops who are either clueless or disingenuous or both.

      When you talk about an algorithmic back door I completely agree with you. That is horrifying and we should never do it. But I can imagine a far less threatening scenario that would address the situation that law enforcement mostly talks about, which is the inability to break into a locked phone. Put a hardware access method on the phone that lets the phone be decrypted at the cost of destroying the phone, and while I still think it is not worth doing, it wouldn't be nearly as bad as intentionally weakene

      • Put a hardware access method on the phone that lets the phone be decrypted at the cost of destroying the phone

        Putting a self destruct device next to the backdoor still leaves you with no security, and a backdoor that can be remotely accessed based on bugs in your destruct device.

        It is just magical thinking phrased as science fiction. But it lacks reality either way. Decryption must be based on math, a promise to self destruct is not math.

      • by sjames ( 1099 )

        And then a pick pocket nabs your phone one fine day and sees you'll be on vacation next week, so he tips off his friend Benny the Burglar. About mid-way through your vacation he hoovers your bank account. When you get back home, it's empty.

        Your only consolation is that your phone is (probably) fried so he won't run up your phone bill.

        As others pointed out, if the self-destruct has a flaw, you're even more screwed.

        Strong crypto is a better bet for your safety.

      • ut I can imagine a far less threatening scenario that would address the situation that law enforcement mostly talks about, which is the inability to break into a locked phone.

        I regard that as just too bad for them. I'm not about to give up my rights just because it makes their job harder. I firmly believe that we should allow 1,000 guilty men to go free rather than convict a single innocent man. We have the 5th amendment for a reason and I see no reason why we should allow it to be trampled on just to placate some lazy cops.

        Put a hardware access method on the phone that lets the phone be decrypted at the cost of destroying the phone, and while I still think it is not worth doing, it wouldn't be nearly as bad as intentionally weakened software.

        That is one of the dumbest ideas I've read in a while. Do you have any idea how fast some bored teenager or bad actor would start destroying phones inten

    • by Nidi62 ( 1525137 )

      Even if we trusted the cops (and history tells us we shouldn't) the cops aren't the only party in play here. If the cops have a back door then so do black hats, criminals, foreign nations, and anyone else. So we get lots of whining by politicians and cops who are either clueless or disingenuous or both.

      Think about it this way: while it hard to solve a crime, it is even harder to prevent a crime. On top of that it is much easier to track and measure "crimes solved" versus "crimes prevented"(you can measure year over year changes but attribution is difficult), and more "crimes solved" means promotions, more funding, recognition, etc. So the motivation is there for police to focus more on solving crimes than preventing them (especially crimes that do not involve risk of injury to life and limb). It's no

      • Think about it this way: while it hard to solve a crime, it is even harder to prevent a crime.

        It is almost always easier to prevent a crime than to solve one after the fact. A lot less costly too. If it were not easier to prevent crimes then there would be a lot more crimes committed than there are. Take shoplifting for instance. Companies spend a lot of resources preventing shoplifting because it is FAR more effective, cheaper, and easier than just trying to catch and punish the criminals. A manager of a store I once worked with said that the most effective tactics are really aimed to keep hon

    • by gweihir ( 88907 )

      Also remember that there is a real overlap between "cops" and "criminals". So access to such back-doors by criminals is basically ensured.

  • by Opportunist ( 166417 ) on Friday February 16, 2018 @09:21AM (#56134662)

    If you implement backdoors in your software, you can as well close shop. Nobody, at least no company with at least a hint of self preservation, will buy your product. If I cannot trust my company trade secrets to be secret from espionage because your product is insecure (and yes, a backdoor makes a product insecure BY DEFINITION), I will not use your product.

    No "government only" backdoor is "government only" for long. First of all, the mere existence of such a backdoor gets known at some point in time, as the past history of deliberate leaks or accidental blunders have shown. And no later than this, the company that actively and deliberately puts backdoors in its security software is done for, for the reasons aforementioned. Yes, even if they "fix" this immediately. Why should I trust you that you have no backdoors now? Fool me once and all that.

    Second, a general key into the secrets of every company worldwide is prized. Not by hackers. By governments. And governments have WAY other options at their disposal as any basement dweller or even organized crime. You have seen what North Korea does with people that li'l Kim simply does not like? Now imagine what they do with people that could give them the key to the holy grail. You know the key? Well, you may be in for a decision who you love more, your country or your kids. Almost every person has a weak spot. There are very, very few people who cannot be at least blackmailed if they cannot be bribed. Your life, your freedom, your credit, your family... everyone breaks at some point.

    And state actors, especially when acting for repressive regimes, don't mind cutting your unborn son out of your wife if that's what makes you hand over what you want.

  • by Anonymous Coward on Friday February 16, 2018 @09:23AM (#56134670)

    Basically the argument is it is illegal to keep secrets from the government.

    Enjoy your fascism!

    So much for the 4th and 5th amendments. You no longer have any rights to such things.

    • by gtall ( 79522 )

      That's not fascism. Fascism is like China with government controlled companies.

      • by gweihir ( 88907 )

        Actually, one of the defining characteristics of fascism is disrespect of the individual and its freedoms. So yes, this is fascism. That China wants their own bit of fascism does not invalidate that similar forces are hard at work in the US. Or look at the Germans that now have censorship again by a sneaky legal trick. All the really bad old ideas are being reanimated by exceptionally bad people that are not fit to wield power of any kind, yet somehow (because the general population is deeply asleep) manage

  • "Debate" (Score:2, Insightful)

    by pem ( 1013437 )
    Of course there's a debate.

    The lame MSM, who need the sheeple to believe that there are two actual sides to every story in order for their clickbait model to keep the the business swirling as high as possible around the toilet bowl for just a few more years, cannot possibly classify any fringe viewpoint as anything other than normal, because that would decimate their business.

    Unless, of course, a viewpoint is abnormal enough that the clicks will happen automagically because of morbid curiosity, c.f. fla

  • Given hacking into things and spying on people and companies, most notably giant state and state-sponsored actors like China and Russia has had actual effects on the maintenance of power by thugocracies, I'd say prosaic criminal detection vanishes as an importance.

    Exactly like the Founding Fathers observed always happened, and tried to prevent against with the core principle of the design of the Constitution, and the Bill of Rights.

    Every backdoor for government "crime" so an FBI agent can get another notch

  • by necro81 ( 917438 ) on Friday February 16, 2018 @09:42AM (#56134792) Journal
    And after two years, has anything in the debate changed on Slashdot? Perhaps a hardening of positions, but I doubt that anyone's mind here has been changed. Can anyone chime in: has your position on this been modified? What persuaded you?
  • I'll gladly take a back door in all my hardware and software if every politican going forward discloses exactly where every cent of their super PAC and other anonymous funding comes from, disclose every single meeting and conversation they have with all lobbiests and colleagues, all sexual relations, make available 24hr/day audio recordings of thier activities in addition to video of them at all times in public workplaces, the complete finnancial breakdown of everything they own, all business contacts, and
    • I don't even want that much. I just want every congress critter and senator to oprovide all of their login credentials for all their communication services and financial institutions as well as providing their mother's maiden name, full social security number, city of birth, name of second grade teacher, favorite aunt or uncle, and first pet's name. Do that and I will accept that backdoored encryption is good. They are the ones always saying that regular people have no need for strong encryption and if you
  • by omfglearntoplay ( 1163771 ) on Friday February 16, 2018 @10:23AM (#56135044)

    The argument for backdoors is:

    1. We can stop bad guys better.
    2. It doesn't "really" hurt the US public for us to spy on everybody's shit if they don't know.

    The counter argument is:

    1. Are you sure you can stop bad guys?
    2. It DOES HURT untold millions of innocent US citizens.

    The problem is, the cat is out of the bag. Everybody knows spying is the norm, and that screws with people, good people, in a bad way.

    Is it as lethal as getting shot by a criminal? No. Is it as bad as having a mean boss looking over your shoulder questioning everything you do to the point that you are afraid to sneeze? Yes, for some people the resounding answer is yes.

  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Friday February 16, 2018 @10:33AM (#56135102) Homepage

    because bone headed politicians are still arguing about it. By 'bone headed' I do not mean so stupid that they do not understand that you cannot have secret back-doors (although there are undoubtably some that are that stupid), but 'bone headed' in the sense that they continue to want to get their way irrespective of the practical impossibility and regardless of the damage that it will cause.

    I suspect that some of them are playing a more subtle game, they secretly accept that it cannot be done but keep on pushing because they hope that the Tech companies will give way on something else that is more valuable to the politicians as a 'compromise' deal. Whatever this something else turns out to be I can guarantee that it will not be to your or my benefit.

    Posturing like this also makes them sound good to Joe Sixpack who does not understand, but like politicians who talk hard against terrorists, etc - ie good for votes.

  • If you want to live in a country with the 2nd ammendment, where guns are sold liberaly "bicuzz there must be the right to, you know, eventually, maybe, defend ourselves against a tyrant democratic government, who happens to have access to nukes and bioweapons", then you also accept to live in a country where the bad guys that are not government also get that right.

    Now, if you want to live in a country where the government can access most information about your life and your choices and your opinions, becaus

    • by Sloppy ( 14984 )

      Now, if you want to live in a country where the government can access most information about your life and your choices and your opinions, because most of that data is now available digitally, maybe you should, like for guns, not forfeit the the right to make that information private.

      Amusingly, the government itself presented this parallel to the public. What was Phil Zimmermann charged with, for releasing PGP? That's right: exporting munitions. Our own government, trying to remove the limits we centuries-a

      • Yeap. The government always has the advantage of media attention, and this enables them to twist ideas however they want. Trump's twitter account is a study-case of how influential the most stupid, yet popular ideas can be.

        Just today he said the FBI's attention to Russia influence in elections is the root cause of the Florida shootings... I read it in a british newspaper, and the title said "Trump attempts to shift blame of shootings to FBI", and it seemde like a good title. Then I thought about it for a bi

  • Get a court order, and give the iPhone to Apple to unlock. You get the data without exposing Apple's secret sauce. Problem solved.
    • Apple (et al) doesn't want people to think their products are insecure, so they've been making themselves unable to unlock them, as well.
    • Because Apple has said that other than a security flaw, they cannot decrypt the phones if the owner has properly secured it. What they have told law enforcement repeatedly that older versions can be hacked that have unpatched security flaws. If the phone is fully patched, these flaws cannot be exploited.

      In fact when dealing specifically with the San Bernandino phone, Apple said one way to access the phone was to wait for the phone to back up to the cloud which Apple controls and could grant access. Instead

    • by gweihir ( 88907 )

      And you do not seem to have the least clue what you are talking about. Apple is trying very hard to make sure they cannot do that in order to not lose all their business.

  • Criminals are doing bad stuff WITH POINTED STICKS and they can do it in what amounts to the perfect dark alley, completely hidden from public view

    Criminals are doing bad stuff {insert object here} and they can do it in what amounts to the perfect dark alley, completely hidden from public view

    Let's just ban everything, since anything can, potentially, be used to commit a crime. You could use a STICK OF BUTTER to commit a crime, for fuck's sake. So let's ban EVERYTHING, we'll go back to being stark naked 24/7/365, living outdoors, and anyone picking up a stick or a rock is killed because they might be a criminal.

    Think the above sounds stupid? It's not as stupid as LEOs and politicians not listening to the people whose business it is to devise encryption algorithms, who keep telling them over a

    • It's not just experts merely telling them the dangers. The government tried to implement this back in the 1990s with a backdoor on computers. [wikipedia.org] Security experts found flaws almost immediately with the system and showed how easily the backdoor keys could be found.
      • Yes, actually, I remember the Clipper chip debacle. Of course some could argue that Intel's Management Engine serves the same purpose, being capable of remotely accessing and controlling a system even if the OS is shut down. So they've been at this for decades, so what? All the more reason to shout them down at every opportunity with a resounding NO!
      • You might want to read the article you linked.

        The government didn't actually "try to implement" anything. They wrote the algorithm, and then they tried to persuade manufacturers to build it into devices, which nobody was willing to do.

        Some people in government did promote the chip.

        The idea that "the government tried to implement this" is stupid and ignores the history. The government debated if they should try to implement it, and the answer that won that debate was no which means that the government more

        • Do you have a different definition of "tried" than that you used yourself? The government proposed, promoted, and had chips made for the system. Thus they "tried to implement" the system. Manufacturers did not adopt or implement the system and I never said that they did. Unless you want to redefine all the steps that the government did as not "trying".
          • Do you have a different definition of "tried" than that you used yourself?

            No, thanks, I'll stick with dictionaries for word definitions.

            Also, over 50% of your facts are manufactured, and would be corrected just by the wikipedia article linked above.

            • Please put out which facts are manufactured.

              1. The government developed the system. Specifically the NSA. That includes the Skipjack algorithm.
              2. The government namely the Clinton administration proposed and promoted the system.
              3. At the hardware level chips were designed by Mykotronx and fabricated by VLSI.

              But according to you, the government didn't "try". So in other words you want to make up your own definitions.

  • Everyone has the right to protect their information through encryption and no one has the right to a back door, this isn't a two sided argument,.

    If you oppose encryption or data security, place all your sensitive information online, un-encrypted and see what happens, you'll quickly change your mind about encryption and data security.
  • Not protect us - they couldn't do that in the Florida shooting with warning and a real name ahead of time - not exactly encryption that held them back. But man, if anyone serious starts organizing some real dissent, they need to know stat so they can nip it in the bud before people notice what's going on. As long as it goes like "well, Earl was always a little off" when they carry the dissenter away, they keep power.
    These are, after all, the actions of a government that's afraid of its people for all t
  • "they can do it in what amounts to the perfect dark alley"

    And? Are dark alleys illegal? Do you get to peruse every personal document in my home because you saw me in a dark alley? I'm sorry, but there is no sound argument for destroying all encryption because a fraction of a percent of people use it in a bad way. The benefits of encryption far outweigh the drawbacks. For the bad car analogy enthusiasts, that's like banning personal vehicles because they cause more injuries than public transportation.

    As

  • There are just some people that insist on continuing to be stupid. As they are high-level government employees, that is not surprising.

  • Everything must be accessible to the government, nothing can be private. There is a term for people like that: It is "Fascist".

No spitting on the Bus! Thank you, The Mgt.

Working...