Social Question

Not_what_you_want_to_hear's avatar

Apple doesn't want to unlock the terrorist's iPhone for the FBI. Is the privacy of iphone users more important than national security?

Asked by Not_what_you_want_to_hear (98points) February 17th, 2016
Observing members: 0 Composing members: 0

32 Answers

Cruiser's avatar

What is most bothersome to me is that the FBI cannot do this on their own. I mean supposedly we possess some the most advanced technology and hackers in the world. So why don’t they just do this themselves? Either way Apple has a court order to help and it will be interesting to see how long Apple stands firm.

elbanditoroso's avatar

Yes. The privacy of 30,000,000 Apple users is more important than the iPhone of a dead terrorist.

janbb's avatar

I think the issue is more nuanced than you are presenting. From what I read, the FBI is asking Apple to create software that will give them access to any iPhone which is a threat to all of our privacy.

Seek's avatar

@Cruiser – I read recently that the FBI is having a hard time hiring hackers because they won’t ease up on the drug test requirement.

I, too, was shocked to hear that most skilled hackers smoke weed. Shocked, I say.

Seek's avatar

It also bears mentioning that it’s not like Apple is refusing to turn over a password. They do not have the technology to do what the FBI is asking. The programs to do so would have to be written from scratch. It’s not simply a matter of “give us access to the thing you already can do”, it’s “create a way for us to spy on your customers, that they didn’t agree to when purchasing your product”.

ragingloli's avatar

“A matter of internal security – the age-old cry of the oppressor”
– Jean Luc Picard

Lightlyseared's avatar

Apple can’t unlock the phone. What the FBI are asking are for Apple to create and provide a custom firmware so that they can have unlimited attempts at the pass code and use brute force to unlock it. Basically they want to force apple to create a back door in an otherwise secure system.

The problem with forcing US companies to install a method to allow the government to bypass the encryption are simple…

The backdoor would put the company in an awkward position with other governments and international customers, weakening its value.
Those who want to hide their conversations from the government for nefarious reasons can get around the backdoor easily. (This has been true of encryption since the dawn of time. Once the system is insecure people move to something else).
The only people who would be easy to surveil would be people who didn’t care about government surveillance in the first place.
There was no guarantee someone else might not exploit the backdoor for their own purposes.

It basically defeats the purpose of doing it.

It’s also worth bearing in mind that the police have been stopping terrorist attacks for

jerv's avatar

You assume that it’s all about one case, and that there would be no repercussions if we had backdoors in everything.

Imagine if all systems had backdoors, and some black-hat used those backdoors to hack into sensitive systems. Congratulations; your desire to convict a few terrorists just gave terrorists the means to shut down our power grid, plumbing, air traffic control, banking, stock market….

@Cruiser If you knew the math, you’d get it. Maybe you should read some Shneier on Security. But anyways, while encryption with the Enigma cipher from WW2 could be done by a small “mechanical computer” then and is available as a smartphone app now, decrypting a message without knowing the key is notably harder even if you know the algorithm, and exponentially harder when you don’t know the algorithm. Even reverse-engineering the Enigma machines to get the an algorithm similar-but-not-identical to what our enemies used didn’t provide quite enough information to avoid filling Blethley Park with supercomputers.

While modern computers are many orders of magnitude more powerful than Colossus, it’s often those computers doing the encrypting and it still takes more power to decrypt than to encrypt by about the same margin as it ever was, so we’re back at using pretty much the entire computational power of the planet. Long story short, when you get to dealing with numbers like 2^90, even the most powerful computers we have take a bit of time to go through all the possibilities.

johnpowell's avatar

Yes, it is more important.

Zaku's avatar

“Apple doesn’t want to unlock the terrorist’s iPhone for the FBI.” What do you actually mean?

You wrote it like there is a specific terrorist you have in mind, but I think you don’t mean that. You probably mean what Lightlyseared is talking about. Which as he wrote is about the government wanting Apple to make their product a compromised piece of shit for their personal use, which is stupid and an awful idea and the FBI should stop.

It’s not about “Is the privacy of iphone users more important than national security?”

jerv's avatar

@si3tech I’m not so sure. I mean, if I learned everything I know about computers and cryptography from movies, I could see it. But I see enough missing there to consider that article spin. Nearsighted people can’t see more than one little detail; in this case, one terrorist’s phone blinds many to the real issues.

Of course, Apple’s paranoia over trade secrets makes it easy to paint them as selfish, as if having ten times the profit margins of their competitors didn’t already do that.

Look up “Chilling effect”.

Also, if Apple loses here, then the rest of the world will have more security than we even could while those who use crypto for nefarious purposes will just get their encryption elsewhere. All downside, no benefit.

We have nothing to gain! All that can be accomplished is disrupting commerce and banking, forfeiting our rights, and handing power to government. And yet those who want smaller, less intrusive government want to hand government the power to intrude while simultaneously making us more vulnerable to other threats.

Things like this make me think IQ tests should be required before one is granted voting rights…

Lightlyseared's avatar

@si3tech up until iOS 8 Apple could unlock iPhones so did so when ordered to by the court. They haven’t denied this. With iOS 8 they removed their ability to bypass the lock code (which if I remember was about the same time they introduced iCloud sync so there was less need to unlock customers phones to allow them to access their data if they screwed up).

jerv's avatar

@Lightlyseared There is that too. I wasn’t sure if they had already “locked themselves out” in order to avoid a situation like this or whether this would cause them (and others) to do so in the near future.

It still blows my mind how so many just cannot grasp that the best case is that terrorists stop using any crytpo product from the US and go with the “no back door” crypto from someplace where the US has no jurisdiction. (There are many to choose from!) That would mean that US iPhone owners would have their data accessible to anyone who knows the way in regardless of whether they are a US government agent acting with just cause while the criminals and terrorists are unaffected. Just as DRM hinders legitimate users without slowing down piracy, it just plain will not work.

Furthermore, if you think that’s a good deal then I see you as a bigger threat to our freedom than any terrorist could aspire to. They don’t need to destroy our nation if you’re willing to do it for them. And anyone who aids them in their quest to destroy America deserves prosecution as an accessory, if not a full-on willing participant. At the very least, you are a pawn in their scheme, helping them carry out their plan.

Zaku's avatar

@jerv I agree. I couldn’t believe it when in the 90’s (IIRC) the US was outlawing export of software that encrypts things with more than some number of bits. As if the rest of the world can’t figure out how to write an 128-bit encryption algorithm?

jerv's avatar

@Zaku 128-bit is so last century.

jerv's avatar

And an interesting development; John McAfee offers to crack iPhone for FBI for free Here is a partial excerpt from that link;

“With all due respect to Tim Cook and Apple, I work with a team of the best hackers on the planet… They are all prodigies, with talents that defy normal human comprehension… I would eat my shoe on the Neil Cavuto show if we could not break the encryption on the San Bernardino phone. This is a pure and simple fact…..And why do the best hackers on the planet not work for the FBI? Because the FBI will not hire anyone with a 24 inch purple mohawk, 10 gauge ear piercings, a tattooed face, who demands to smoke weed while working and won’t work for less than a half million dollars a year. But you bet your ass that the Chinese and Russians are hiring similar people with similar demands and have been for many years. It’s why we are decades behind in the cyber race.”

It’s interesting for a number of reasons, some of which are pointed out in the full article and a few that only a geek (like those who know (without Googling) who McAffee is and what DEFCON is about) would get without a lot of spoon-feeding. Still, there is someone out there who knows what’s involved, what’s at stake, and is willing to do what the ignorant want done without the consequences that would arise from the feds forcing Apple (and others) to make back doors.

si3tech's avatar

@jerv I find your comments fascinating! It has also been postulated that the FBI doesn’t just want the ability to crack just this one phone but all they choose to. What you say makes sense.

Lightlyseared's avatar

@jerv I saw McAffees offer too… In the article he says he will primarily use social engineering to workout the passcode. I’m curious as to how he plans to use social engineering on someone who’s dead?

si3tech's avatar

@Not_what_you_want_to_hear @jerv et al. Why are we surprised when other countries are able to and do hack into our most closely guarded intelligence? And are we REALLY not able to stop that? Literally millions of our people’s private files have been exposed.

jerv's avatar

@Lightlyseared You seem to underestimate the power of psychology. Are you implying that everyone who knew the deceased is likewise dead? Or that the deceased leave no traces of their existence after their passing? I doubt it. Suffice it to say that the weakest link on security is and always will be the human element.

@si3tech Personally, I am not surprised. However, I think enough people are surprised by that that I weep for our future.

Lightlyseared's avatar

@jerv. True. But the only person who actually knew the passcode isn’t talking and given the circumstances I’d imagine that anyone who knew them is probably keeping their head down and will be cautious if people start asking about them which is going to make the thing trickier don’t you think? Best case scenario they were using 4 digit passcodes and left enough finger prints on the screen to work out the digits (so 24 combos or 36 if there’s a digit repeated) however iOS 9 defaults to 6 digits and even if you know the digits there’s 720 possible combinations. Suppose it’s a significant date. Suppose you know the date, there are still 4 common ways of formatting it. Given the FBI have had the phone for, what, a month, I’d be surprised if they haven’t used a few attempts already so you may not be able to try all 4 common combos. Any things possible, I’m just saying it seems unlikely to be a successful approach.

SecondHandStoke's avatar

Does Fluther still believe that big corporations are evil and the Government our advocate?

elbanditoroso's avatar

@SecondHandStoke – it’s hardly as simplistic as you describe.

Some big corporations are good. Some are evil. Some of government does wonderful things. Some of government does things that I consider stupid.

To throw out a phrase, as you did above, reduces a highly nuanced set of opinions into a black and white choice, which is, frankly, silly.

jerv's avatar

@Lightlyseared And someone may know the dates that were important to them while any writing may show how they format a date. If you know that they format it DD/MM/YY then you cut the number of possibilities down by a factor of 6.

Lightlyseared's avatar

It’s probably worth noting that Apple were willing to help the FBI in reasonable ways that didn’t invalidate the security of the underlying system. It’s a little complicated but here goes… It seems the iPhone in question was owned?/supplied by the suspects employers (San Bernardino Health Department) who therefore had the ability to reset the password for iCloud account associated with the device. They did this at the request of the FBI, before the FBI had approached Apple (as far as I can gather). They were therefore able to access a backup of the iCloud dat up until some point in October’ 6 weeks before the attack. However once the password was changed it was no longer possible to force the phone to backup icloud again. If they had waited for Apples advice they could have connected the phone to a trusted network (work/ home etc) and forced a backup by plugging it in and leaving it alone for a bit. At which point they could have easily accessed the backup. Admittedly not every app backs stuff up to iCloud so not actually the same but still…

jerv's avatar

@Lightlyseared ~Are you implying that the reason Apple is being asked to gimp the security of iOS is because the FBI was negligent and/or incompetent and now needs someone to fix their mistake? And before you reach for the tin-foil hat, remember that the FBI would never even think of engineering a situation that would force Apple to hand them the keys to iOS.

elbanditoroso's avatar

@jerv – your devious and paranoid mind is probably 100% correct in this case. Except that the FBI probably didn’t think that anyone would catch on to their incompetence.

Lightlyseared's avatar

@jerv I’m not implying, but others have implied…

jerv's avatar

Oh hey, it looks like the DOJ has at least a dozen iPhones they want cracked. Didn’t the FBI say it was just a one-time deal on that one phone?

elbanditoroso's avatar

@jerv – the FBI lied. I’m sure they had full knowledge of the Justice Department and the NYC Police Department and all of the others who want this capability.

This was never about one phone.

jerv's avatar

@elbanditoroso You know that, and I know that, but lot of people bought that lie.

Answer this question

Login

or

Join

to answer.
Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther