Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Microsoft offers weak support to Apple in backdoor tool fight

Microsoft offers weak support to Apple in backdoor tool fight
Thread Tools
NewsPoster
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Feb 18, 2016, 09:57 AM
 
Microsoft has stepped into the debate over Apple's resisting co-operating with the FBI, following the iPhone maker being ordered by a judge to create a tool to bypass iOS security measures -- though in a relatively muted fashion. Unlike comments made by Apple itself, Google CEO Sundar Pichai, and other entities, Microsoft has instead used the Reform Government Surveillance (RGS) group to issue a statement, a group that the software giant counts itself as a founding member of.

RGS is made up of a number of tech giants, including Apple, Facebook, Google, Twitter, and others, as well as Microsoft. While the statement from the group does offer the message that tech companies should be able to help governments with regards to keeping citizens safe without resorting to measures involving backdoors, the message itself is generalized for all tech companies, not naming Apple directly. Aside from the timing of the statement, it could easily apply to any situation where governments attempt to interfere with device security.

"RGS companies believe it is extremely important to deter terrorists and criminals, and to help law enforcement by processing legal orders for information in order to keep us all safe," the statement starts. "But technology companies should not be required to build in backdoors to the technologies that keep their users' information secure. RGS companies remain committed to providing law enforcement with the help it needs, while protecting the security of their customers and their customers' information."

Microsoft has not officially commented on the situation, nor offered Apple any support in its fight with the FBI. On Twitter, CEO Satya Nadella has simply retweeted Brad Smith, Microsoft's chief legal officer, who links to the statement while adding that it is "essential to have broad public discussion on these important issues."
( Last edited by NewsPoster; Feb 18, 2016 at 12:33 PM. )
     
prl99
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status: Offline
Reply With Quote
Feb 18, 2016, 10:18 AM
 
There's no way Microsoft is going to directly support Apple, especially after we read that the DoD is forcing all 4M of its Windows systems to be upgraded to Windows 10 by 2017. Microsoft has been in the government's hip pocket for years and there's nothing they wouldn't do to keep this honey pot. Since Windows 10 supposedly runs on all their platforms, you can bet the US government has already added enough backdoors to get to whatever data they want to. Maybe this is why most people (who don't have to) use other platforms outside work. Microsoft keeps saying Windows 10 is their most secure product ever but we also know it also sends the most information about the user back to Microsoft or any of their OSes. When I was working for a large government contractor, we started encrypting laptops. This feature was built into OSX (FileVault) while we had to purchase an application to get it to work with Windows. Initially, our Windows-centric IT department refused to acknowledge FileVault but ultimately we were able to get FileVault approved for some users. This is how entrenched Microsoft is within the government so there's no way they will do anything to compromise this situation, including sacrificing the security of all their users to comply with anything the government wants.
     
Chongo
Addicted to MacNN
Join Date: Aug 2007
Location: Phoenix, Arizona
Status: Offline
Reply With Quote
Feb 18, 2016, 10:44 AM
 
     
SierraDragon
Mac Elite
Join Date: Mar 2004
Location: Truckee, CA
Status: Offline
Reply With Quote
Feb 18, 2016, 11:37 AM
 
MacNN please add explanation regarding your entry statement "...by creating a tool to bypass iOS security measures." That sounds like quite a bad thing for MS to do and clearly needs further explanation.
     
iphonerulez
Dedicated MacNNer
Join Date: Nov 2008
Status: Offline
Reply With Quote
Feb 18, 2016, 11:51 AM
 
Any company would be foolish to back Apple at this point. They would certainly want Apple to stay in the limelight and get crapped all over by themselves. Never join in a fight unless you have something to gain from it. Everyone is going after Apple and Tim Cook and Apple are going to have to go it alone. It's just Apple shareholders rotten luck that of all the smartphones some killer had to use it had to end up being an iPhone. The news media probably wouldn't have made such a big deal out of it if it wasn't an Apple product. I'm curious to find out if this is the first time this sort of request has been made of a smartphone manufacturer. Apple is trying to protect all the consumers who use their products, but Apple is going to end up looking like the bad guy shielding some killer. So many people have an axe to grind with Apple so they're going to keep this anti-Apple story running as long as possible.
     
prl99
Senior User
Join Date: Mar 2009
Location: pacific northwest
Status: Offline
Reply With Quote
Feb 18, 2016, 12:23 PM
 
@SierraDragon That sentence could have been written more clearly but after reading it several times I came to the conclusion that they meant Apple being told to write an iOS tool to bypass its own security. It would have been better if they broke that sentence into two parts because it was confusing. Microsoft is not going to help Apple do anything at all.
     
Charles Martin
Mac Elite
Join Date: Aug 2001
Location: Maitland, FL
Status: Offline
Reply With Quote
Feb 18, 2016, 12:28 PM
 
SierraDragon, prl99: maybe read around the site a little, like the banner editorial at the top of the main page. I'll fiddle with the wording and add a link, but the controversy that sentence refers to has been a huge national top story for the last 48 hours across most media, not just here.
Charles Martin
MacNN Editor
     
Inkling
Grizzled Veteran
Join Date: Jul 2006
Location: Seattle
Status: Offline
Reply With Quote
Feb 18, 2016, 01:16 PM
 
I sense a growing respect for Microsoft. They're not the amoral bully they were a couple of decades back. / / / I've wrestled with why Apple is making this odd stand, trying to make sense of it. It's certainly not that Apple cares deeply about the privacy of its customers. None of the high-tech companies do. Since the late 1990s, it'd have been easy to add public key encryption to Apple's mail app. Monitoring everyone's email is where the NSA has been really out of line. But neither Apple nor anyone else has done that. / / / My hunch is that for all Apple's claims about protecting users, the real concern of its executives is corporate and internal. When prosecuted, much corporate wrong-doing gets revealed in their internal communications. Apple wants to lock that communication away from the eyes of prosecutors or those suing Apple. From it's perspective, helping terrorists, organized crime, and child molesters is merely collateral damage. It is not nearly as important as protecting their private scheming from legal scrutiny.
Author of Untangling Tolkien and Chesterton on War and Peace
     
DiabloConQueso
Grizzled Veteran
Join Date: Jun 2008
Status: Offline
Reply With Quote
Feb 18, 2016, 01:50 PM
 
"Since the late 1990s, it'd have been easy to add public key encryption to Apple's mail app."

What are you on about? iCloud email is most definitely encrypted in-transit: https://support.apple.com/en-us/HT202303

Are you upset that Apple hasn't developed yet another competing standard for email transmission outside of POP, IMAP, and Exchange? Or do you expect Apple to fundamentally change the way those services work?

Mail is a front-end client for existing and industry-standard mail transmission technologies. If your email isn't encrypted, that's your fault for using a particular service or provider (outside of iCloud) for your email, or your fault for not properly configuring Mail to use S/MIME or SSL with your email account(s) (which it does by default when setting up a new email account if the email account provider supports those technologies).

You may think it's Apple fault that your email isn't encrypted, but I assure you it's most definitely not, for three reasons:

1) iCloud email is encrypted

2) Apple isn't going to rewrite the IMAP protocol

3) The IMAP protocol already supports a couple of methods of encryption

What's next, blaming Adobe because you opened an offensive JPEG in Photoshop?
     
Grendelmon
Senior User
Join Date: Dec 2007
Location: Too F'ing Cold, USA
Status: Offline
Reply With Quote
Feb 18, 2016, 03:22 PM
 
"All traffic between your devices and iCloud Mail is encrypted with SSL."
Email encryption must work end-to-end to be effective. Apple cannot claim that your email messages are secure because *they* encrypt it (via TLS, etc). From iDevice --> iCloud --> iDevice, sure. But once your messages get sent to imap.bubbasinternetservice.net (your uncle's service provider in Podumptown, U.S.A.), you're out of luck, yes?
     
DiabloConQueso
Grizzled Veteran
Join Date: Jun 2008
Status: Offline
Reply With Quote
Feb 18, 2016, 04:13 PM
 
With TLS specifically (STARTTLS), the encryption is between SMTP servers, not end-users.

PGP/GPG seems to be the only viable way to get end-to-end encryption of the email *contents* for now, but it's definitely not a solution that is viable for all users, which would include grandma and grandpa.

Again, Apple's Mail is simply a front-end for various email protocols. It is silly to blame Apple, unless we're petitioning for a brand-new, Apple-developed, end-to-end email encryption protocol, and then we'd be dealing with how quickly it could get adopted across the board so that we can be relatively secure in our assertions that our email is encrypted from sender all the way through recipient.

My point that I've been making is that it's silly to lambast Apple for the shortcomings of POP, IMAP, and Exchange, as they have no hand in those protocols, and re-writing those protocols to work in a different fashion isn't feasible.

Our gripes are with email in general, not Apple. Apple's done a ton to ensure that people use the most secure method of email transmission, but if the most secure method of email transmission isn't encrypted end-to-end, Apple can do little about it (except introduce a whole new protocol, and I'm sure that would go over well with the industry-standard-ists and anti-Apple groups).
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 04:40 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,