- ‘Isabelle Facts’ was a wholesome queer meme account—until harassers showed up 4 Years Ago
- 2016 election stories the ‘Newsroom’ reboot will cover Today 6:30 AM
- How to stream Brandon Rios vs. Humberto Soto for free Today 6:00 AM
- ‘The Haunting of Hill House’ heads to ‘Bly Manor’ for next installment Today 5:45 AM
- How to stream James DeGale vs. Chris Eubank Jr. for free Today 5:30 AM
- How to stream UFC Fight Night 145 in Prague for free Today 5:00 AM
- R. Kelly charged in Chicago with multiple counts of sex abuse Friday 7:51 PM
- Elon Musk finally hosts PewDiePie’s meme review Friday 6:27 PM
- Netflix throws ‘Umbrella Academy’-themed wedding for fans Friday 4:54 PM
- Report: Facebook collects app data on users’ body weight, menstrual cycles Friday 3:38 PM
- Amy Klobuchar reportedly ate salad with a comb, and Twitter’s got questions Friday 2:47 PM
- Nobody likes Spotify’s new update Friday 2:34 PM
- Student assaulted on campus while tabling for right-wing group Friday 1:56 PM
- Kim Kardashian West sues fashion company for using her likeness to sell clothes Friday 1:12 PM
- The Oscar-nominated movies you’ll actually want to watch again Friday 12:56 PM
Do iPhone users deserve data protection?
The U.S. Department of Justice is now reportedly considering asking Congress to outlaw encryption that could potentially lock out police, a federal law official told Bloomberg. This, despite the fact that encryption stymied a record nine—yes, nine—police investigations in the U.S. last year, according to federal records.
While that might sound like a bit of marketing mumbo-jumbo, it has sparked outrage from law enforcement around the country. So, what does the new security actually mean for police—and for you?
For you iPhone users, the goal is to give you more ownership over you own data. Apple has done this by fully encrypting any iPhone running iOS 8. As soon as you turn on a password-lock your device, everything on the phone is protected against all eavesdroppers, whether they be nefarious cybercriminals, eager neighborhood cops, or a pickpocket who nabbed your phone.
The 256-bit AES encryption the iPhone offers is a formidable defense. That’s the same encryption the National Security Agency (NSA) uses for much of its own data. According to Wikipedia, it would take “50 supercomputes” more than 3,000 years to try the “billion billion” decryption keys created by 256-bit AES encryptiong.
A billion billion keys is off the table, however: Ten wrong attempts wipes the device of all data.
The strength of the defense has been slammed by, among other prominent critics, FBI director James B. Comey, who said it would place users “beyond the law.”
Despite Comey’s protests and the media’s insistence on calling the encryption “NSA-proof,” Apple’s newly secured mobile operating system also keeps out hackers and criminals, groups that Apple users have historically had problems with—including a the headline-making Celebgate breach from earlier this month, which resulted in hundreds of nude photos of celebrities landing on the Internet.
If Apple can’t build products that people believe are as secure as their competitors, they’ll lose customers faster than you can say “hacked again.”
“More or less by definition, a backdoor for law enforcement is a deliberately introduced security vulnerability,” Julian Sanchez wrote for the Cato Institute, “a form of architected breach: It requires a system to be designed to permit access to a user’s data against the user’s wishes, and such a system is necessarily less secure than one designed without such a feature.”
“Once you build a back door, you rarely get to decide who walks through it,” Electronic Frontier Foundation activist Eva Galperin explained.
This isn’t simply about locking out the police. It’s about locking out everyone, and giving owners (and no one else) the key to their own data.
And yet this does clearly affect police. Instead of strolling into Apple headquarters with a warrant and getting secret access to the phone, cops will have to take alternate routes. In other words, their jobs just got a bit harder.
First, they’ll have to present a warrant directly to the suspect. Instead of circumventing the alleged criminal, police will take their court order to their front door. If a suspect refuses to allow a warranted search, the police have a plethora of legal options to follow—specifically, holding a suspect in detention for contempt of court. No one can refuse a valid search warrant without suffering a severe penalty, so it’s not as though suspects will walk away with a polite “No thanks.”
Second, police can still legally access the data in transit. While data on the iPhone itself will be encrypted by default, data flowing over the phone’s celluar connection is still readily interceptable, given the proper court order—as was the case with previous versions of iOS.
The second point can’t be emphasized enough. Apple’s cloud storage service, iCloud, remains relatively easily accessible by Apple and police. Many people presumably use the service to store the sort of files and contacts that would be useful in a police investigation.
The iPhone’s new default encryption isn’t altogether unheard of—actually, virtually all your devices, from laptops to phones, have had serious encryption options for years. So Comey’s criticisms seem overwrought—but making it the default option is groundbreaking.
Every step to making encryption easier and more accessible cannot be underestimated. Citizens—criminals and otherwise—will now have significant data protection against thieves and police alike, regardless of how tech-savvy they are.
The question is, do you think citizens deserve to have their data protected by default?
Photo by marco_1186/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.