Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Security experts largely siding with Apple in encryption dispute

Security experts largely siding with Apple in encryption dispute
Thread Tools
NewsPoster
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Mar 15, 2016, 06:12 PM
 
While the politicians and American public remain divided on the difficult question of the balance between individual privacy and national security, an increasing number of security professionals -- including the current secretary of defense, counter-terrorism officials, former CIA and NSA leader, and other experts -- are siding with Apple on the importance of encryption, increasingly painting the FBI and Department of Justice as lone wolves who are inadvertently trying to wreck an important line of security defense.

It is not just officials currently or formerly associated with the US government that have lined up with Apple in protecting the idea of strong encryption, even when it hinders some law enforcement investigations. Both the UN's Special Rapporteur for Freedom of Expression, David Kaye, and the international body's High Commissioner for Human Rights Zeid Ra'ad Al-Hussein have referred to the FBI's effort to force Apple to write code that would weaken the iPhone's security "a Pandora's Box that could have extremely damaging implications for the human rights of many millions of people, including their physical and financial security."

UN High Commissioner for Human Rights Zeid Ra'ad Al-Hussein
UN High Commissioner for Human Rights Zeid Ra'ad Al-Hussein


Al-Hussein encouraged officials to seek information on terrorists and other high-level criminals through traditional police means, including using data-obtaining methods that do not require the compromising of mobile device security, saying that any backdoor -- which innumerable experts have said is exactly what the FBI is asking for, despite the agency's periodic claims to the contrary -- would be "a gift to authoritarian regimes, as well as to criminal hackers. There have already been a number of concerted efforts by authorities in other states to force IT and communications companies, such as Google and Blackberry to expose their customers to mass surveillance."

What has been stopping those countries, such as Iran, Russia, and China, is the fact that the US has allowed for "unbreakable" levels of encryption, meaning it does not have an advantage over anyone else. If the country changes its position, Kaye and others have argued, it cannot deny other countries the same access, and companies such as Google, Facebook, Apple, and others will be compelled to dismantle the security of their devices entirely, which would destroy the industry.

In addition, Al-Hussein said that journalist, whistle-blowers, and dissidents would be the most hurt by a weakening of device security, not to mention business executives with sensitive competitive information, or government employees themselves who have to carry or work with classified data. Without absolute encryption that is seen as unbreakable by anyone, Apple and its proponents argue, it would be impossible to fully trust any device. Kaye, the UN's free speech watchdog, filed an amicus brief with the court supporting Apple's position in the San Bernardino dispute with the FBI.

UN Rapporteur David Kaye
UN Rapporteur David Kaye


"Scure communications are fundamental to the exercise of freedom of opinion and expression in the digital age, permitting the maintenance of opinions without interference and securing the right to seek, receive, and impart information and ideas," Kaye said, adding that the FBI's case rests on "shaky" legal grounds, pointing out that the government has failed to establish that a motion to compel unwilling assistance from innocent parties is necessary "for the protection of national security or of public order."

"This is fundamentally a problem with technology, where compromising security for one and only one time and purpose seems exceedingly difficult if not impossible," he said. Kaye's brief to the court mirrors many of the arguments made by former CIA Director James Woolsey, who likewise expressed concern for the FBI's actions and the international consequences should it manage to succeed. In addition to various unwanted consequences, the case would set new precedent for what the All Writs Act -- the center of both the FBI and DOJ's requests -- could force tech companies and others to do against their will.

Many other present and former government officials have also spoken about the importance of encryption, including -- to a limited extent -- FBI Director James Comey in testimony under oath before a recent Congressional hearing on the matter. Comey presented various reasons and an understanding of the reason why encryption was seen as important and good, but went on to claim that he feared a world in which all private communications were unencryptable "even with a judge's order," saying it would prove a difficult obstacle for law enforcement, particularly in preventing acts of terrorism.

However, the current Secretary of Defense, Ashton Carter, along with the current director of the National Security Agency Admiral Michael S. Rogers, and three previous NSA directors -- along with former CIA Director Woolsey and former White House counter-terrorism head under both the Clinton and Bush administrations, Richard Clarke -- have all endorsed strong encryption as being, on balance, better for the security of the nation and mobile device users than any short-term advantage a backdoor could provide.

Clarke, interviewed recently on National Public Radio, did not mince words on the topic. "For nine years, I was the senior counterterrorism official in the U.S. government. And I went to bed every night worrying about terrorist attacks. Had I done enough to stop a terrorist attack that might be out there that I don't know about? I know what the counterterrorism feels like because I was there. But I also operated within limits."

He went on to give an example, saying that within the US government, "we decided long ago that there are limits on what we're going to do in the war against terrorism. Under the Obama administration, for example, we've said we're not going to torture people. You know, we could, at the far extreme to make the FBI's job easier, put ankle bracelets on everybody, so that we'd know where everybody was all the time. That's a ridiculous example, but my point is encryption and privacy are larger issues than fighting terrorism."

"What this is is a case where the federal government ... is trying to compel speech. And courts have ruled in the past, appropriately, that the government cannot compel speech." When NPR host David Greene asked Clarke to clarify how the argument involves First Amendment rights, Clarke noted that the FBI is asking Apple's programmers to unwillingly write code, "and the courts have ruled in the past that computer code is speech." This mirrors one of several defenses Apple lawyer (and former US Solicitor General) Theodore Olsen has made on behalf of Apple.

"What the FBI and the Justice Department are trying to do is to make code writers at Apple ... write code that they do not want to write, that will make their systems less secure," Clarke said. Responding to charges by some that Apple is acting hypocritically, since it has provided iCloud data to Chinese officials in the past, Clarke noted that that Chinese request went through US legal channels. "Apple helps law enforcement organizations in the United States, and Apple helps law enforcement organizations overseas when they have a duly-authorized request for material that Apple has," such as unencrypted iCloud backup data, or meta-information on calls and messages made (which might include things like times and phone numbers called or times messages were sent, but not the actual content of calls, messages, or emails).

"Apple doesn't have this material [the FBI is seeking]. If it were in the Cloud, if the FBI and the San Bernardino County hadn't made a mistake on the way they treated this phone, this information would be in iCloud, and Apple would allow access to that because Apple has that information," Clarke said. He, like some other former and present agency officials, characterized the dispute in the San Bernardino case as the actions of a lone agency -- the FBI, backed up by the DOJ and to a lesser extent the White House -- acting recklessly on its own, rather than consulting with other agencies concerned with security.

This would appear to be supported by the comments of former NSA and CIA Director General Michael Hayden, who said that although he generally "trends towards the government" in most cases, specifically called out Comey's comments, saying "in general I oppose the government's effort, personified by FBI Director Jim Comey. Jim would like a back door available to American law enforcement in all devices globally. And, frankly, I think on balance that actually harms American safety and security, even though it might make Jim's job a bit easier in some specific circumstances," noting that Director Comey has said repeatedly in the past that tech company encryption of devices was, in his view, "above the law."

In his own words, from the point of view of a long-time government security chief: "Back doors are good. Please, please, Lord, put back doors in, because I and a whole bunch of other talented security services around the world -- even though that back door was not intended for me -- that back door will make it easier for me to do what I want to do, which is to penetrate [criminals' personal data]," Hayden said. However, "when you step back and look at the whole question of American security and safety writ large, we are a safer, more secure nation without back doors," he added.

Clarke went further, dismissing the alleged "fierce debate" within the various branches of the US government as being limited to the FBI and DOJ. "I think the Justice Department and the FBI are on their own here," Clarke told NPR. "You really have to understand that the FBI director is exaggerating the need for this and is trying to build it up as an emotional case, organizing the families of the victims and all of that. And it's Jim Comey and the attorney general is letting him get away with it."

When asked what he would do in Comey's shoes, Clarke said simply he would have turned it over to the NSA to worry about: "Every expert I know believes that NSA could crack this phone ... [the FBI is] not as interested in solving the problem as they are in getting a legal precedent. They want the precedent that the government can compel a computer device manufacturer to allow the government in."
     
Makosuke
Dedicated MacNNer
Join Date: Aug 2001
Location: California
Status: Offline
Reply With Quote
Mar 16, 2016, 04:10 PM
 
I really wonder how often you can get the Secretary of Defense, the head of the NSA, the head of the UN's human rights branch, and Human Rights watch to agree on *anything*.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 07:03 PM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,