Friday, 26 February 2016

Should the authorities have access to our iPhone contents?

Terrorists generally communicate with one another via cell phones rather that land phones. One of the reasons for this is that it has been much harder to for the governments to get access to the information that is stored in cell phones and the terrorists know this. 

On December 2, 2015, as many as 14 people were killed and 22 were seriously injured in a terrorist attack at the Inland Regional Center in San Bernardino, California, which consisted of a mass shooting and an attempted bombing. The perpetrators, Syed Rizwan Farook and Tashfeen Malik, a married couple living in the city of Redlands were the shooters. Four hours later, police pursued their vehicle and killed them in a shootout. 

On February 9, 2016, the FBI announced that it was unable to unlock one of the mobile phones they recovered that was a county-owned iPhone 5C used by one of the shooters, due to its advanced security features, including encryption of user data. Because the accessible iCloud backup data from the phone does not include the shooter's recent online activities, the FBI asked Apple Inc. to create a new version of the phone's iOS operating system that could be installed and run in the iphone's random access memory to disable certain security features. Apple declined due to its policy to never undermine the security features of its products. The San Bernardino shooter had an iPhone 5C, which doesn't have the secure enclave, so it's technically possible for Apple to give the FBI access.

Here's how true end-to-end encryption works: You unlock your phone and send a text message, which gets jumbled up into unrecognizable characters, sent through Apple's servers, then onto the recipient, whose iPhone unscrambles it and reads it. Only the two ends of the conversation should see anything which is basically how Apple's iMessage works these days. Further, even with a warrant, FBI can't simply raid Apple's data centers and read your text messages. If they did, they'd be reading a whole lot of gibberish because your phone is encrypted. All iPhones built since the 5S have a special chip, a—secure enclave that theoretically can't be cracked into even if Apple wanted to get access to the information from your cell phone. They have to create a new version of the phone's iOS operating system which may cause havoc for all current owners of the Apple’s iPhones unless they can email the new version into the iPhones.

This raised a rather contentious problem. Privacy is a predominant aspect in our lives and as such, we cherish our right to enjoy our privacy without government officials snooping into our cell phones.

Apple and Google have both won praise as privacy proponents for their efforts to encrypt their latest smartphones in a way that would prevent law enforcement agencies from accessing certain private data in their phones. The heads of many tech companies like Facebook, Twitter and Google have sided with Apple.

But the flip side of the issue is just as equally important when you consider that terrorists can hide their secrets in their cell phones if the authorities cannot encrypt their phones and get access to what is hidden in the terrorist’s phones

The FBI's seemingly straightforward request for Apple to unlock an iPhone that belonged to a gunman in the San Bernardino mass shooting last year has had massive repercussions for the future of privacy. The fear is that the FBI and other law enforcement agencies will abuse the right to have access to private information in the public’s cell phones and search the phones for just about anything that they are interested in no matter how mundane that information is. 

Apple Chief Executive Tim Cook published a letter to customers saying that the company would fight a court order to help the FBI access an iPhone that belonged to Syed Rizwan Farook. The phone technically belonged to Farook's employer, the San Bernardino County Department of Public Health. The agency consented to the search and the FBI obtained a warrant, but, according to court documents, the feds claim they don't know the phone's passcode. They knew that if they input the wrong code more than 10 times, the phone could make its data permanently inaccessible. Hacking into it without using Apple-certified technology would theoretically also result in the phone wiping its data.

So the FBI asked a federal court in Los Angeles to compel Apple to help. The court in Riverside, California granted the FBI's request. Now Tim Cook is balking. He said, “We have great respect for the professionals at the FBI, and we believe their intentions are good. But now the US government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.”

When he says that the request is for something that Apple doesn’t have, is he speaking of the technology to build a backdoor to their iPhones or is he speaking of the obligation on the part of Apple to let the FBI snoop in Apple iPhones?  I think that is what he is saying because he then added that it was too dangerous to create. I think what he was saying that the danger is the loss of the right to privacy.

Admittedly, the loss of privacy is dangerous but there are times when society has to accept that there are situations that justify law enforcement getting access to private material be it letters, computer data and data in cell phones.

Eileen Decker, the US Attorney for the Central District of California whose office argued the case, said the court order reflects the government's zeal in fighting terrorism. She said, “We have made a solemn commitment to the victims and their families that we will leave no stone unturned as we gather as much information and evidence as possible. These victims and families deserve nothing less.” She was speaking of the victims of the terrorist shooting in San Bernardino.

But experts believed the fight is bigger than either Apple or this specific terror investigation. But that may not be the case with the iPhone 5S and better. Although there's still some debate on that, Apple is silent re its lack of clarification.

Apple would have been better off complying with the FBI's wishes and avoid showing its moral high ground by fighting the FBI’s request for assistance to getting access to the iPhone of the deceased terrorist.

Plenty of tech companies make it impossible for anyone — including themselves to access their own encrypted user data. But that's not the case here with Apple. The company is learning the hard way that the only way to keep its phones secure is to make sure a master key doesn't exist.

In an interview with the Financial Times, Microsoft founder Gates said, “This is a specific case where the government is asking for access to information.” He likened it to the police getting records from a phone company. Since the latter is legal, so should the former be legal. But in both cases, a judge must approve of each warrant to search for the data.

Apple has resisted providing a piece of programming that would help the FBI access the phone. Apple argues that governments, both in the U.S. and overseas, are likely to use the program in other cases, undermining data privacy.

Facebook CEO Mark Zuckerberg publicly voiced support for Apple rejecting the idea that technology companies should create “backdoors” for intelligence agencies and law enforcement. He said on stage at Mobile World Congress in Barcelona, “We’re sympathetic with Apple. We believe in encryption; we think that that’s an important tool,” Zuckerberg also said “I don’t think requiring backdoors with encryption is either going to be an effective way to increase security or is really the right thing to do for just the direction that the world is going to.”
Zuckerberg also spoke of the “pretty big responsibility when he said in an interview with journalist Jessi Hempel. Facebook has to “help prevent terrorism and different kinds of attacks. If there is any content that is promoting terrorism or sympathizing with ISIS we’ll take that off the service.” “We don’t want people doing that kind of stuff on Facebook. If we have opportunities to basically work with governments and folks to make sure that there aren’t terrorist attacks then we’re going to take those opportunities and we feel a pretty strong responsibility to help make sure that society is safe. We care about that. That’s a big deal. We take that seriously.”

A federal judge ordered Apple to bypass security functions on the iPhone used by the terrorist Syed Rizwan Farook, igniting a public fight between the Barack Obama administration and Apple, with the world’s most valuable company declaring it would not comply with the order to hack into the phone.

Gates’s comments come as the war between Apple and the FBI over the iPhone -- used by Syed Farook, who killed 14 people in San Bernardino in December with his wife, Tashfeen Malik, before the couple was killed by police — grows ever hotter. FBI Director James Comey made an unusual public plea for help. He said, “We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly,” Comey wrote on the website Lawfare, a prominent national security law blog. “That’s it. We don’t want to break anyone’s encryption or set a master key loose on the land.”

Not long after Comey’s request, Cook emailed Apple employees to explain why Apple is opposing the government’s request for help, which is now being mulled by a federal court. He wrote, “This case is about much more than a single phone or a single investigation, so when we received the government’s order we knew we had to speak out,” Cook also wrote, as TechCrunch reported. “At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone’s civil liberties.”

Building what’s been called a “backdoor” into the iPhone, Cook’s also said, “It would be really, really bad. Yes, it is certainly possible to create an entirely new operating system to undermine our security features as the government wants,” an online message called “Answers to your questions about Apple and security.” he wrote, “ But it’s something we believe is too dangerous to do. The only way to guarantee that such a powerful tool isn’t abused and doesn’t fall into the wrong hands is to never create it.”

Mark Weatherford, former deputy undersecretary at the Department of Homeland Security and current Chief Cyber Strategist at the data security center company, vArmour, told BuzzFeed News in an email that he believed the FBI’s request would establish a terrible precedent.

He wrote, “Without casting aspersions about how well or poorly the government protects sensitive information  such as what is in the United States Office of Personnel Management and the Internal Revenue Service thereby enabling the government to enter via a backdoor is truly a Pandora's Box issue. Once any such hack is created, it will physically live somewhere that is now forever susceptible to being compromised. This also begs the question—what would be the reaction of the US Government if this was China, Russia, or Iran trying to force Apple to hack a citizen phone for their own reasons?” 

In my opinion, I don’t believe that Apple would acquiesce to their requests since both of those two nations have poor records with respect to human rights.

Former National Security Agency (NSA) intelligence officers who spoke to BuzzFeed News said they could not comment on the use of zero-day exploits, though one, who left the NSA last year, said,  “They were the “most expensive but effective tools in their arsenal. They are not the sort of thing you break out for a single case, a single phone. Without saying whether or not we use zero-days, I’ll just say that if we did, they would only be in situations where we needed to use our most expensive but effective tool”

In this current era, the tentacles of terrorism are reaching out beyond the Middle East and are extending right into our communities. Our law enforcement agencies and federal agencies that are looking out for all of us should have access to the best equipment available and require the cooperation of companies like Apple to make it possible for those agencies to reach the terrorists throats and drag them into our justice and penal systems.

Are we as a community prepared to live in safety and harmony without at least giving up some of our rights?   

No comments: