In the Apple versus FBI debate, the political and national security issues are proving to be an issue for the tech world. In this debate: technology, data, and data security are inevitability crossing paths with government investigations and national security. On one hand, we want to keep America secure from outside attacks, but in doing so we would be breaching security from within, which would put our cyber-security at risk.
On December 2nd, 2015, Syed Farook and Tashfeen Malik opened fire in San Bernardino. This attack has re-entered as trending news in the latest Apple versus FBI debate because the FBI has possession of Farook’s phone, but cannot unlock the phone without Apple’s help.
What the FBI wants from Apple
The FBI has received court order of the device in question – Farook’s IPhone 5C – which could give insight to how the attackers were influenced by terrorist organizations and who they were communicating with regarding their plan. However, the IPhone is encrypted so that it cannot be unlocked unless the proper passcode is used. If a wrong passcode is attempted too many times, the IPhone will not allow more passcode entries for a certain time period. The passcode can only be tried so many times until all contents on the phone are erased.
The requests by the FBI are as followed:
[Apple] will bypass or disable the auto-erase function whether or not it has been enabled;
[Apple] will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT DEVICE; and
[Apple] will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware. {Embed the actual court mandate}
The FBI is asking Apple to keep the data on the phone even if the passcodes are repeatedly unsuccessful. This way, the FBI can try every possible passcode combination without the consequences of destroying all evidence. However, because there is not an existing pathway around the security features, Apple would have to change its iOS operating systems so that the passcodes can be electronically entered –essentially creating a backdoor for the FBI.
Why Apple refuses:
Though the FBI ensures Apple this will be a one-time use scenario, Tim Cook, CEO of Apple sees what is at risk with the creation of the backdoor. In Cook’s words, creating a backdoor would create a “master key” that would open locks to restaurants, banks, stores and homes –an unimaginable security frailty. Not only would this mean that hackers could use this backdoor, but this could also lead to future precedents for technological companies to be forced to hand over private information to the government. Though Cook does see the value of the information the cell phone may hold, he also sees the dark side in which people’s liberties would be in peril. He states in the letter to his customer: “At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone’s civil liberties.”
His exact words can be found in his letter to Apple users.
“Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
– Tim Cook (on creating a backdoor)
Moreover, Kevin Bankson, digital rights lawyer argues, “If a court can legally compel Apple to do that, then it likely could also legally compel any other software provider to do the same, including compelling the secret installation of malware via automatic updates to your phone or laptop’s operating system or other software.” Thus, if Apple complies, all of our tech security would be in vulnerability to malware installation, in addition to other downfalls this backdoor creation would impose.
Arguments against encryption backdoors:
- Hackers could use the “master key” as well
- Criminals would switch to “uncompromised encryption tools”
- Precedent to demand backdoor access and possible malware installation