miércoles, 23 de marzo de 2016

MercatorNet: The encryption dilemma

MercatorNet: The encryption dilemma

The encryption dilemma

The FBI wants the data on a terrorist’s iPhone, but does it really need Apple’s help?
Jeffrey Pawlick | Mar 15 2016 | comment 1 

“My job is to protect the personal data of over 1.6 billion people,” exclaimed Alex Stamos, Chief Security Officer of Facebook, last Monday. “I need a lot of tools to do that, and one of the most powerful tools we have is encryption.” Stamos’ comment came after Facebook said it would send a letter to the court in support of Apple position its case against the FBI.
Microsoft has also filed a legal brief backing Apple’s appeal, and the brief has been signed by Amazon, Box, Cisco, Dropbox, Evernote, Facebook, Google, Mozilla, Nest Labs, Pinterest, Slack, Snapchat, WhatsApp and Yahoo.
If the decision from a San Bernardino court is upheld, it would force Apple to write software that would undercut the encryption on an iPhone which belonged to one of the deceased San Bernardino shooters. As it stands, both the FBI and Apple lack the encryption key needed to read the data. The FBI wants Apple to find another way into the phone.
Certainly, the killings in San Bernardino provide a dramatic backdrop for this showdown. But make no mistake: the issue at hand is not a question of a single iPhone. More likely, the FBI wants Apple to write technology that would give the bureau easy access to iPhones in general. Moreover, the access would set an important legal and cultural precedent by which governments could mandate back doors that circumvent privacy-enhancing technologies. Mandates such as these upon companies like Apple and Facebook would have a huge impact - not some time in the future - but now.
A Short Slippery Slope
Flash back to Moscow, December 2011. Russians are taking to the streets to protest against a corrupt election process. The protesters organize via Twitter using the hashtag #Triumfalnaya. Twitter users following the hashtag tune into the latest updates and organizational efforts.
Suddenly, a network of thousands of computer bots begins tweeting random or pro-government messages with the same hashtag. Protester’s tweets are lost among the wash of automatically generated content. The massive social network attack succeeds in spades.
While this scenario sounds like a paperback bestseller, the story is real. If it is easy to imagine a United States government abusing the privileges that the FBI wants to elicit from Apple, it is a foregone conclusion to think of other governments wielding them. Consider the ongoing war between Google and the Chinese censorship. On anniversaries of the Tiananmen Square massacre, users have been prohibited from searching for “Tiananmen,” “democracy,” or even “tank man.” In Europe, France is considering a law that would force companies to pay a huge fine for refusing to implement backdoors around encryption on cell phones.
Facebook’s Stamos also suggested on Monday that prosecutors have talked about “hundreds of phones” that they would unlock if the ruling regarding the San Bernardino shooter’s phone were to be upheld. Two weeks ago in New York, a judge ruled in favor of Apple in a case quite similar to the California case - except that the iPhone in question is an older model which Apple actually has the power to unlock.
A better metaphor
In the New York case, investigators are asking Apple to do something within its power. But the San Bernardino case concerns an iPhone which Apple intentionally designed with better security. They built the phone so that no one except its deceased owner could open it. Now Apple is being asked to design proprietary software to break its own security.
This requirement is incongruous with the notion of a search warrant. It seems more parallel to a requirement to quarter soldiers fighting for a cause that one does not support. Apple - and countless other tech companies - have taken a stand on a moral issue that is at least debatable. The FBI wants to force these tech companies to actively oppose their original stand. Who would have thought that we would be defending Apple’s freedom of conscience? Apple’s motives may be largely pragmatic. But it is worth defending the autonomy that at least US companies currently enjoy to shape society ways that are not always aligned with the views of the government.
Why has the NSA not come out in support of the FBI?
Representatives of the intelligence community often denounce the phenomenon of a means of communication “going dark” - that is, becoming difficult for the government to access or surveil. Last September, the directors of the CIA, NSA, and FBI all testified before a House of Representatives committee to discuss the challenges that new technology such as encryption poses to national security. Indeed, John Brennan, the director of the CIA, has sympathized with the position of the FBI against Apple.
Yet Reuters recently reported that several key officials in the Department of Homeland Security and the NSA oppose the FBI’s case. Circumventing encryption on devices made in the US could have the twin penalties of making American communications more vulnerable in general and driving sophisticated consumers, terrorists included, to foreign manufacturers.
Chiming in via video link from Moscow, Edward Snowden himself ridiculed the FBI’s position, claiming that the company already ways of accessing the phone. If so, it follows that in the San Bernardino case, the FBI is trying to expedite access to not one iPhone, but all iPhones. The NSA and CIA probably have also made inroads on the data, and do not really need the device to be cracked.
Moreover, even if these agencies cannot break the encryption on the phone, there are countless other ways to get pieces of the data. Text messages, some emails, and even browser searches are obtainable from communications companies and search engines by warrant. Other information is often available by looking the “physical layer” of the communications; routers that transmit data and servers that store it can reveal evidence of information going in and out, even if the exact content is encrypted. And then there is the “social engineering” course: obtaining information from people who received the suspect’s messages or could simply reveal equivalent information pertinent to the investigation. The NSA and CIA simply may not need the code to be broken.
Finally, it is hard not to consider the political motivation. Do the CIA and FBI want to publicize their positions? True, Americans are almost 50-50 on how the case should be resolved, but privacy advocates have here a captive audience. Perhaps no other showdown has brought privacy and corporate autonomy into the limelight so starkly as this one.
Jeffrey Pawlick is a PhD Candidate in Electrical Engineering at the Tandon School of Engineering, New York University.
- See more at: http://www.mercatornet.com/articles/view/the-encryption-dilemma/17762#sthash.qsgkIWBe.dpuf


Three more suicide bombings in Brussels, 34 dead. The suicide bomber is the most lethal weapon in the Islamic State’s arsenal. He is flexible, intelligent, and, above all, cheap. It is the fact that he values his life so little that makes him terrifying. People who do not respect their own lives have none for others.

There is a sad irony in the fact that the attacks took place in Belgium, one of the few places in the world where physician-assisted suicide is legal. Not that the two phenomena are connected: suicide bombers are culturally alien to Belgium and the Islamic fanatics who recruit them probably regard its euthanasia law as another sign of Western decadence.
Yet both show that a society which no longer believes that human life is sacred becomes capable of heart-stopping cruelty. Islamic fanatics do this dramatically with bombs; Belgium’s euthanasia doctors do it quietly, by expanding ever wider the circle of eligibility for lethal injections. Once suicide is sanctified, it is impossible to stop the killing.
MercatorNet is taking an Easter break. The next newsletter will be sent on Tuesday, March 29.

Michael Cook 



Go figure

Karl D. Stephan | FEATURES | 23 March 2016
Is the defeat of a Korean Go champion by a computer the beginning of the end for humanity?

Ideas that are killing humanity - and the case for life

Richard Weikart | FEATURES | 23 March 2016
A new book defends the sanctity of human life against dead-end secularism.

Immigrants, assimilation, and religion

Luma Simms | FEATURES | 23 March 2016
Many Middle Eastern immigrants reject corrupt aspects of Western culture, but not necessarily its core beliefs.

Further changes for Chinese family planning policy to come?

Marcus Roberts | DEMOGRAPHY IS DESTINY | 23 March 2016
A shifting of the official wording suggests further relaxation.

MERCATORNET | New Media Foundation 

Suite 12A, Level 2, 5 George Street, North Strathfied NSW 2137, Australia 

Designed by elleston

New Media Foundation | Suite 12A, Level 2, 5 George St | North Strathfield NSW 2137 | AUSTRALIA | +61 2 8005 8605 

No hay comentarios: