Apple vs the Government

[Laika]

Voted "No", but I think this issue will keep coming up as the technology advances and becomes more sophisticated. If this US government was not already engaged in mass survialliance of metadata, I might feel more trusting.

If Apple is telling the truth that they'd need to create a backdoor for every iPhone in the world, then I'm on their side.

Otherwise they have been given a court order to hack into this particular person's phone, if they can do it specifically with this one phone then they should, because there is judicial oversight and accountability.

If this were a "one off" I might go with it, but it isn't. So I agree. its definetely seems better to keep the security in place for everyone, but the "secret" nature of intelligence gathering makes it hard to know for sure.

 

[freethinker44]

Even simple encryptions can be notoriously difficult for anyone alive to crack. That's why we have computers that can do it far quicker and easier.
In the world of computers, there is no such thing as "guaranteed" or "100%" safety.

No, with encryption there really is a guaranteed. Encryption is NP-complete, it cannot be solved in any realistic time-frame by any person or machine, and if you or someone you know can do it then go collect your Millennium Prize and million dollars.

 

[Laika]

No, with encryption there really is a guaranteed. Encryption is NP-complete, it cannot be solved in any realistic time-frame by any person or machine, and if you or someone you know can do it then go collect your Millennium Prize and million dollars.

If I'm not mistaken, the problem was that Apple included a safety feature which deleted all the information on the harddrive after a certain number of bad logins. This is why they have been asked to hack into it and change it, so the government can connect it up to a computer and keep trying until it gets the right login key.

 

[Thanda]

When you have someone who is guilty of murder as well as having established connections with extremists, there is no slippery slope. There is no vagueness in this scenario. He is a murderer with known terrorists connections.

Like I said, it is how it always starts. I suspect, and I think history bears me out, that it is unwise to continue to give government more and more rights and control in the name of "security". A terrorist is completely harmless in comparison to a totalitarian, tyrannical and limitless government. In truth no one can conquer America while it's leaders remain true. The biggest threat to the American people, therefore, is not some suicide bomber or mass shooter - rather it is the corruption of it's own government.

 

[Laika]

Like I said, it is how it always starts. I suspect, and I think history bears me out, that it is unwise to continue to give government more and more rights and control in the name of "security". A terrorist is completely harmless in comparison to a totalitarian, tyrannical and limitless government. In truth no one can conquer America while it's leaders remain true. The biggest threat to the American people, therefore, is not some suicide bomber or mass shooter - rather it is the corruption of it's own government.

Two things I want to add.

i) Nuclear Terrorism is a remote possibility and a stated goal of Al Queada and is definetely not harmless if/when it happens.

ii) Totalitarian governments are not limitless. the reality is a little more disturbing, as the power of a totalitarian system is exercised by the people who compose it. this, one the one hand, does mean that such as system is subject to the same physical limitations of its adherents. But also, that it is necessary to coerce and indoctorinate people into accepting it. The government will kill and torture you, but only after freinds, family, work collegues and neghbours have denounced and informed on you as an enemy of the people. it is the ability of such a system to get inside peoples homes and to blur the distinction between the government and the people which makes it's people complicit in it's actions (even through their inaction).

 

[Thanda]

i) Nuclear Terrorism is a remote possibility and a stated goal of Al Queada and is definetely not harmless if/when it happens.

Very remote. And it would be even more remote if the US ceased to conduct and encourage pointless wars throughout the world in order to "protect its interests" (which I suspect are the interests of the elites rather than the interests of the people).

 

[Shadow Wolf]

No, with encryption there really is a guaranteed.

I can assure you, there is no such thing as this guarantee. It is just as real as the Easter Bunny and Santa Clause. Any computer there is, eve the most advanced, it's only a matter of time before someone lets themself in.

Like I said, it is how it always starts. I suspect, and I think history bears me out, that it is unwise to continue to give government more and more rights and control in the name of "security". A terrorist is completely harmless in comparison to a totalitarian, tyrannical and limitless government. In truth no one can conquer America while it's leaders remain true. The biggest threat to the American people, therefore, is not some suicide bomber or mass shooter - rather it is the corruption of it's own government.

As I said earlier, this isn't a generalized sweeping survielance of something like the Patriot Act, but looking at one specific suspect who has connections with terrorists. This isn't even some random shooter in a mall, movie theater, or school. He is of a group who has declared war on us, who wants to see us dead, and destroy our way of life. This isn't another Ted Bundy, but someone who has declared war on us and fantasizes about killing us. His information, information that could prove vital in uncovering sleeper cells or preventing future attacks, should not be protected. He is our enemy, and information and knowledge is the most powerful weapon against any enemy.

 

[Thanda]

As I said earlier, this isn't a generalized sweeping survielance of something like the Patriot Act, but looking at one specific suspect who has connections with terrorists. This isn't even some random shooter in a mall, movie theater, or school. He is of a group who has declared war on us, who wants to see us dead, and destroy our way of life. This isn't another Ted Bundy, but someone who has declared war on us and fantasizes about killing us. His information, information that could prove vital in uncovering sleeper cells or preventing future attacks, should not be protected. He is our enemy, and information and knowledge is the most powerful weapon against any enemy.

It doesn't matter that he is your enemy - I may as well be worried that an ant thinks itself as my enemy. The point is they cannot do widespread harm to America - but an government with limitless access can. So what you need to look out for is which is the lessor of the two evils. History has taught us that governments are very good at exploiting tragedies to gain more power and that at some point, those governments use that power against the very citizens they were supposed to protect.

So when you look at this, think long-term.

 

[esmith]

I look at it this way. There has been a crime committed, the authorities find a locked box that the suspect owns, the authorities get a warrant to open the box. In this case the "box" is the phone.
As far as I'm concerned this is nothing more that advertisement for Apple's encryption. All the Feds have to do is give Apple the phone, Apple takes the phone into a secure room and bypasses the encryption, gets the data, destroy the software/procedure that bypassed the encryption. No harm, no foul. If Apple can bypass the encryption who is to say that only Apple can do it?

 

[Thanda]

I look at it this way. There has been a crime committed, the authorities find a locked box that the suspect owns, the authorities get a warrant to open the box. In this case the "box" is the phone.
As far as I'm concerned this is nothing more that advertisement for Apple's encryption. All the Feds have to do is give Apple the phone, Apple takes the phone into a secure room and bypasses the encryption, gets the data, destroy the software/procedure that bypassed the encryption. No harm, no foul.

In truth I have no issue with the government bypassing the encryption if they can. I have an issue with Apple being forced to do it for them.

 

[freethinker44]

I can assure you, there is no such thing as this guarantee. It is just as real as the Easter Bunny and Santa Clause. Any computer there is, eve the most advanced, it's only a matter of time before someone lets themself in.

Exactly, only a matter of time. Problem is that the time required is millions of times longer than the age of the known universe. And that's how long it would take supercomputers to crack it. If you don't know the key or something about the key, brute force is the only way to go. You might get lucky and get it fast, but there are so many possible combinations you're more likely to win the lottery everyday for the rest of your life than get a lucky guess. Nothing is guaranteed, but at some point the probability of it happening is so low that it may as well be impossible.

 

[esmith]

Well, I sort of agree that I don't want the government telling business what they can or can not do. However, I would think it "could" benefit Apple in the PR department. All they have to say is that they have decided that in the National interest that they unlocked the phone but the procedure was destroyed to protect their customers. Of course there will always be those that think that Apple gave the government the know-how to do it to any phone.

 

[Kapalika]

What I don't think some people realize is... there is no hack for it. There is no way in.

The government is basically telling Apple to WRITE code for something that DOES NOT exist.

But the issue with software and code is... once it's made... you can't close that Pandora's box.

This is much bigger than one shooter. This is about security for millions of people from a government that has constantly stepped all over the constitution in the name of "security".

I don't know but there probably is another way around unlocking the phone (security stuff for when u accidentally get locked out ect), it just isn't in the way that the government is asking. The precedent it would set would be pretty scary too. If this was just about unlocking one phone where the mechanism existed to do so in the way they asked this would be largely a non issue.

If the government with it's billons of dollars in resources and multiple intelligence agencies can't crack it themselves, I really doubt Apple could do much more. Encryption are randomized on purpose so not even Apple would know the key to any one given encrpytion. They'd have to totally develop in house a way to do it, which is the issue.

Just it existing would give unlawful hackers another tool. Thankfully so far the encryptions have stayed a little ahead of hackers. But if that ever changes our society could get pretty screwed up for a while with how much stuff we have tied into computers now days from banks to schools to hospitals.

 

[Shadow Wolf]

The point is they cannot do widespread harm to America

While that is very likely true (and in another thread I even went on about how we are our own greatest threat), we must not give them even an inch. We are not officially at war, but this is war. It is crucial to know your enemy in war, to extract information, and learn all you can about them. That is the "art of war." It is not infringing on citizens like you or I, but actions taken against someone who is guilty of treason, the only crime defined by the Constitution.

but an government with limitless access can

The Patriot Act is limitless access. Someone who has sworn alegance to a group that wants to see you and me dead is not limitless access, but access against the enemy of not just America, but the Western world as a whole, and though undeclared they have also proven themselves hostile against the East. He had contact with extremists, and this information is vital. It is not, at all, comparable to a generalized sweeping surveilance of anyone in the name of security, but mining information that is held by an enemy of everyone who doesn't follow their venomous interpretation of Islam.

No harm, no foul. If Apple can bypass the encryption who is to say that only Apple can do it?

There are probably plenty of people who can.

Problem is that the time required is millions of times longer than the age of the known universe.

No, it's not. Computers are not "100% full proof safes." Every computer can be hacked into, every computer can be exploited, and if someone is determined, they will find a way to let themselves in. It may take minutes, it may take years, but it is inevitable that even this iPhone will be relegated to a beginners level of hacking and jail breaking. Humans are very much so limited in their abilities to do this, but we have computers that can run several human life times worth of data into searching for exploits in just a mater of minutes.
When you take your computer skill far beyond even "advanced" skills, you find yourself in a never ending struggle of hackers finding new exploits, security companies covering those exploits up, hackers finding new exploits, security companies patching those up, and yet even still new exploits are found. It is not, at all, an issue of making a "secure safe," but more like a game of Clue in which one player has a room and method they done the deed, and another player trying to figure it where and how, and once that is figured out the other player just does the same thing, but in another room with another method. And it's never ending.

The government is basically telling Apple to WRITE code for something that DOES NOT exist.

The code is already written. Really, a much more accurate analogy is that the government is asking someone who built the lock to give unlock the door so they can investigate the "home" of someone who is a terrorist and who has murdered people.

This is about security for millions of people from a government that has constantly stepped all over the constitution in the name of "security".

When someone is suspicious, when there is "probable cause" and "reasonable suspicion," the government can issue a warrant, fully legal since day one, and investigate. We are not talking about "we're gonna watch everyone" like the Patriot Act did, but rather a case of having someone who is guilty of murder and who does have connections with Muslim extremists.
But I can't say I'm surprised by Apple's decision. After all, they hire companies that are so horrible that they had to install safety nets because people were jumping out of the building because they would rather die than live under such horrible exploitation. Apple is now basically saying they don't even care that this terrorists who has killed people and has connections with others who want to kill us. Not only are they facing a legal obligation to assist in opening up their own "safe," they are throwing social responsibility out the window by saying they don't even care if this information could reveal sleeper cells and operatives here in America. They don't care that this information is in the hands of someone who has sworn allegiance to an ideology that wants to see them dead. We aren't talking about invading the information and privacy of you or me, but of people who have declared war against us, and someone who is waving the banner of this ideology.

 

[Kapalika]

The code is already written. Really, a much more accurate analogy is that the government is asking someone who built the lock to give unlock the door so they can investigate the "home" of someone who is a terrorist and who has murdered people.

Except it's not written... Unless they caved and wrote a code since I last read about the story, it doesn't exist.

A better analogy would be that the lockmaker made it so that no one knows the shape of key needed, and only the person with the key can unlock it. But the person who knew the key died with it. Problem is, after a certain level, its virtually impossible to crack without the key.

Fact is, most hacking is done by social engineering. Most hacks into the best encryption are not done by cracking it, but by exploiting backdoors and other lesser encryption or even unencrypted routes.

Don't know what Apple uses, but:

https://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Security

the general standard is pretty damn secure.

If it's used properly, literally longer than our lifetimes to crack it. That's why hackers go for weakpoints/backdoors, and that's why I suggested that if the top people in the government can't do it, Apple probably can't either. It would be easier to find an existing backdoor that the user accidentally created by some kind of useage habit than to ask Apple to make a crack or make a back door out of how it would function in design I'd imagine, since the latter would be nearly impossible.

I really don't know a lot about hacking, but I can't imagine it would create such a fuss like this if it wasnt so hard to do, particularly since I know we effectively do have encryption no one can break if used correctly and with good habits. (all those bad habits open up back doors)

 

[Mister Emu]

This isn't a one-off situation. There are other cases with phones that will have the same demand. If they do it for this phone they will have to do it for the others, and then China comes calling with political dissidents' phones.

Secondly, this isn't Apple being asked to crack a phone. This is Apple being asked to provide broken software with intentional vulnerabilities for the government to exploit. What happens with the next iOS when Apple closes up this vulnerability and you need the key to allow a firmware update(something they were already preparing)? What will the government be able to compel them to do? Release an OS only if it has known exploits?

If Apple can bypass the encryption who is to say that only Apple can do it?

Apple can't bypass the encryption. They can cripple the redundant safety feature of key-erasure after 10 failures.

All they have to say is that they have decided that in the National interest that they unlocked the phone but the procedure was destroyed to protect their customers.

Getting through the encryption will take on an average case ~2 years and up to 5+ years. They can't just do it and boom.

When you take your computer skill far beyond even "advanced" skills, you find yourself in a never ending struggle of hackers finding new exploits, security companies covering those exploits up, hackers finding new exploits, security companies patching those up, and yet even still new exploits are found. It is not, at all, an issue of making a "secure safe,

You are confusing network security with data security. Because the making of a "locked box" is exactly what we are talking about here. The data becomes locked in encryption, and AES 256 bit encryption is secure enough to require billions of years of computations for the foreseeable future. The only realistic attacks against current encryption comes from improper implementation, or side-channel attacks.

Don't know what Apple uses, but

They use AES-256.

 

[Shadow Wolf]

You are confusing network security with data security. Because the making of a "locked box" is exactly what we are talking about here. The data becomes locked in encryption, and AES 256 bit encryption is secure enough to require billions of years of computations for the foreseeable future. The only realistic attacks against current encryption comes from improper implementation, or side-channel attacks.

Locked boxes can be picked. And in the case of a "computer locked box," it's not unusual for some exploits to run a "bomb" that is disguised as a regular program (often a save file), that when loaded blows the lid wide open.

 

[Mister Emu]

Locked boxes can be picked.

And we know the worst and average cases mathematically for the picking of these boxes. And the average is in the billions of years currently.

And in the case of a "computer locked box," it's not unusual for some exploits to run a "bomb" that is disguised as a regular program (often a save file), that when loaded blows the lid wide open.

As I said, you are talking about network security not data encryption.

 

[Revoltingest]

Oopsie!
Incompetent government employees dump glass of water on the phone, rendering it junk.
http://www.newyorker.com/humor/boro...hless-after-f-b-i-spills-glass-of-water-on-it

 

[freethinker44]

Oopsie!
Incompetent government employees dump glass of water on the phone, rendering it junk.
http://www.newyorker.com/humor/boro...hless-after-f-b-i-spills-glass-of-water-on-it

You know it's satire though, right?