- Netflix will remove controversial disaster footage from ‘Bird Box’ Sunday 4:04 PM
- J.K. Rowling’s latest ‘Fantastic Beasts’ reveal is bringing the memes Sunday 3:01 PM
- President Trump calls for government agencies to ‘look into’ ‘Saturday Night Live’ Sunday 12:18 PM
- How to stream Michael Conlan vs. Ruben Garcia Hernandez for free Sunday 11:00 AM
- ‘Pet Sematary’ is a bloodless remake of a Stephen King classic Sunday 10:50 AM
- Here’s the Marvel movie order list you didn’t know you needed Sunday 9:59 AM
- Where do 2020 Democratic candidates stand on weed? Sunday 7:00 AM
- How to stream ‘Billions’ season 4 for free Sunday 6:30 AM
- If you’re not using Vudu, you’re missing out Sunday 6:00 AM
- Everything you need to know about WhatsApp Sunday 5:30 AM
- ‘The Inventor: Out for Blood in Silicon Valley’ tries to get a read on Elizabeth Holmes Saturday 1:57 PM
- ‘Band Together with Logic’ shows us the best of the Internet Saturday 1:32 PM
- How to watch Spence vs. Garcia online Saturday 12:00 PM
- Far-right Australian politician gets egged by teen on video Saturday 11:28 AM
- Inside the solar-powered van that’s recording your favorite bands Saturday 10:48 AM
Do iPhone users deserve data protection?
The U.S. Department of Justice is now reportedly considering asking Congress to outlaw encryption that could potentially lock out police, a federal law official told Bloomberg. This, despite the fact that encryption stymied a record nine—yes, nine—police investigations in the U.S. last year, according to federal records.
While that might sound like a bit of marketing mumbo-jumbo, it has sparked outrage from law enforcement around the country. So, what does the new security actually mean for police—and for you?
For you iPhone users, the goal is to give you more ownership over you own data. Apple has done this by fully encrypting any iPhone running iOS 8. As soon as you turn on a password-lock your device, everything on the phone is protected against all eavesdroppers, whether they be nefarious cybercriminals, eager neighborhood cops, or a pickpocket who nabbed your phone.
The 256-bit AES encryption the iPhone offers is a formidable defense. That’s the same encryption the National Security Agency (NSA) uses for much of its own data. According to Wikipedia, it would take “50 supercomputes” more than 3,000 years to try the “billion billion” decryption keys created by 256-bit AES encryptiong.
A billion billion keys is off the table, however: Ten wrong attempts wipes the device of all data.
The strength of the defense has been slammed by, among other prominent critics, FBI director James B. Comey, who said it would place users “beyond the law.”
Despite Comey’s protests and the media’s insistence on calling the encryption “NSA-proof,” Apple’s newly secured mobile operating system also keeps out hackers and criminals, groups that Apple users have historically had problems with—including a the headline-making Celebgate breach from earlier this month, which resulted in hundreds of nude photos of celebrities landing on the Internet.
If Apple can’t build products that people believe are as secure as their competitors, they’ll lose customers faster than you can say “hacked again.”
“More or less by definition, a backdoor for law enforcement is a deliberately introduced security vulnerability,” Julian Sanchez wrote for the Cato Institute, “a form of architected breach: It requires a system to be designed to permit access to a user’s data against the user’s wishes, and such a system is necessarily less secure than one designed without such a feature.”
“Once you build a back door, you rarely get to decide who walks through it,” Electronic Frontier Foundation activist Eva Galperin explained.
This isn’t simply about locking out the police. It’s about locking out everyone, and giving owners (and no one else) the key to their own data.
And yet this does clearly affect police. Instead of strolling into Apple headquarters with a warrant and getting secret access to the phone, cops will have to take alternate routes. In other words, their jobs just got a bit harder.
First, they’ll have to present a warrant directly to the suspect. Instead of circumventing the alleged criminal, police will take their court order to their front door. If a suspect refuses to allow a warranted search, the police have a plethora of legal options to follow—specifically, holding a suspect in detention for contempt of court. No one can refuse a valid search warrant without suffering a severe penalty, so it’s not as though suspects will walk away with a polite “No thanks.”
Second, police can still legally access the data in transit. While data on the iPhone itself will be encrypted by default, data flowing over the phone’s celluar connection is still readily interceptable, given the proper court order—as was the case with previous versions of iOS.
The second point can’t be emphasized enough. Apple’s cloud storage service, iCloud, remains relatively easily accessible by Apple and police. Many people presumably use the service to store the sort of files and contacts that would be useful in a police investigation.
The iPhone’s new default encryption isn’t altogether unheard of—actually, virtually all your devices, from laptops to phones, have had serious encryption options for years. So Comey’s criticisms seem overwrought—but making it the default option is groundbreaking.
Every step to making encryption easier and more accessible cannot be underestimated. Citizens—criminals and otherwise—will now have significant data protection against thieves and police alike, regardless of how tech-savvy they are.
The question is, do you think citizens deserve to have their data protected by default?
Photo by marco_1186/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.