Saturday, October 04, 2014

There's No Such Thing as a Secure Back Door

The Washington Post editorial board, rather predictably, follows its tendency to defer to the state on issues of law enforcement and national security,
Law enforcement officials deserve to be heard in their recent warnings about the impact of next-generation encryption technology on smartphones, such as Apple’s new iPhone. This is an important moment in which technology, privacy and the rule of law are colliding.
The issue arises from the fact that Apple's latest version of iOS, and the next version of Google's Android OS, will automatically encrypt many routine communication functions, and will also remove any mechanism through which Apple or Google can decrypt phone content for law enforcement.
The technology firms, while pledging to honor search warrants in other situations, say they simply won’t possess the ability to unlock the smartphones. Only the owner of the phone, who set up the encryption, will be able to do that. Attorney General Eric H. Holder Jr. said this could imperil investigations in kidnapping and other cases; FBI Director James B. Comey said he could not understand why the tech companies would “market something expressly to allow people to place themselves beyond the law.”
While certainly, over enough time and enough cases, situations will arise in which content saved on a smart phone could be useful to law enforcement, and some of the criminals in those cases won't already be using readily available third party encryption apps, I am reminded of the saying, "Bad facts make bad law" -- a comment on the propensity of courts to carve out exceptions to constitutional protections because, in the most common example, a really bad person did something particularly awful and existing law would render key evidence inadmissible. We should not compromise everybody's rights based upon the inevitability that a very small number of people will do bad things.

The Post argues that "This is not about mass surveillance", but really it's not about surveillance at all. It's about accessing the content of a smart phone that has been physically seized by the police. If the police have a warrant that allows them to intercept voice and data transmissions from a smart phone, or to remotely activate the phone and use it as a listening device, the change doesn't affect their ability to do so. The change means that law enforcement cannot take a seized iPhone to Apple and ask them to bypass its pass code to decrypt its content.

The Post argues,
But smartphone users must accept that they cannot be above the law if there is a valid search warrant.
Similarly, owners of safes and vaults must accept that they aren't above the law if there is a valid search warrant -- but that being the case, sometimes the only way into a safe or a vault is through the application of brute force. The idea that law enforcement would be handed a master key that could open any safe, vault or lock box in the nation would be ludicrous to the editorial board, which writes,
A police “back door” for all smartphones is undesirable — a back door can and will be exploited by bad guys, too.
An encrypted smart phone is similar to a safe, with the pass code serving as the key or combination you need to access the contents. It happens to be a particularly good safe, such that if the owner uses a complex pass code or you don't have the patience to work through the 10,000 basic four digit pass codes without locking yourself out of the device, it's really tough to get the content.

When the Post writes,
However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant.
They're engaging in wishful thinking: "We can't have a back door, as that would create an unacceptable security hole, so what we should have instead is... a back door!" A back door that would be the immediate target of criminals and intelligence agencies worldwide. A "golden key" that would have to be stored somewhere, and attempts to gain access to it not only through reverse engineering or brute force, but by bribery, blackmail, theft and extortion, would begin immediately. The editorial board appears to be aware that making everybody's phone vulnerable to bad actors is a bad idea. Unfortunately, once you ungild the "golden key", it's their only idea.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.