- Ohio KKK rally met with massive counter-protest and witty signs from local businesses Today 5:06 PM
- Guy who said he stole drugs from MS-13 now says viral story is fake Today 4:07 PM
- Financial service company left 885 million private records exposed online Today 3:13 PM
- Sasha Obama went to prom and Twitter is delighted with the photos Today 2:22 PM
- Jon Voight says Trump is the greatest president since Lincoln in Twitter videos Today 1:31 PM
- #DeleteFacebook gains momentum after the platform refused to remove doctored Nancy Pelosi videos Today 11:58 AM
- ‘Game of Thrones’ failed women—and it’s a shame on its legacy Today 7:40 AM
- How to use Tor, the network that lets you browse the web anonymously Today 7:30 AM
- How to live stream Devin Haney vs. Antonio Moran on DAZN Today 7:00 AM
- Trump’s transphobic policies are disgusting—but they aren’t new Today 6:30 AM
- How to watch the Copa del Rey Final online for free Today 5:45 AM
- How to watch the DFB-Pokal final for free Today 5:30 AM
- Curvy Wife Guy drops music video for rap song ‘Chubby Sexy’ Friday 7:33 PM
- A ‘Black Mirror’-inspired miniseries is coming to YouTube via Netflix Latin America Friday 5:56 PM
- Kanye West appears on David Letterman’s Netflix show to talk Trump, TMZ, and Drake Friday 3:27 PM
Do iPhone users deserve data protection?
The U.S. Department of Justice is now reportedly considering asking Congress to outlaw encryption that could potentially lock out police, a federal law official told Bloomberg. This, despite the fact that encryption stymied a record nine—yes, nine—police investigations in the U.S. last year, according to federal records.
While that might sound like a bit of marketing mumbo-jumbo, it has sparked outrage from law enforcement around the country. So, what does the new security actually mean for police—and for you?
For you iPhone users, the goal is to give you more ownership over you own data. Apple has done this by fully encrypting any iPhone running iOS 8. As soon as you turn on a password-lock your device, everything on the phone is protected against all eavesdroppers, whether they be nefarious cybercriminals, eager neighborhood cops, or a pickpocket who nabbed your phone.
The 256-bit AES encryption the iPhone offers is a formidable defense. That’s the same encryption the National Security Agency (NSA) uses for much of its own data. According to Wikipedia, it would take “50 supercomputes” more than 3,000 years to try the “billion billion” decryption keys created by 256-bit AES encryptiong.
A billion billion keys is off the table, however: Ten wrong attempts wipes the device of all data.
The strength of the defense has been slammed by, among other prominent critics, FBI director James B. Comey, who said it would place users “beyond the law.”
Despite Comey’s protests and the media’s insistence on calling the encryption “NSA-proof,” Apple’s newly secured mobile operating system also keeps out hackers and criminals, groups that Apple users have historically had problems with—including a the headline-making Celebgate breach from earlier this month, which resulted in hundreds of nude photos of celebrities landing on the Internet.
If Apple can’t build products that people believe are as secure as their competitors, they’ll lose customers faster than you can say “hacked again.”
“More or less by definition, a backdoor for law enforcement is a deliberately introduced security vulnerability,” Julian Sanchez wrote for the Cato Institute, “a form of architected breach: It requires a system to be designed to permit access to a user’s data against the user’s wishes, and such a system is necessarily less secure than one designed without such a feature.”
“Once you build a back door, you rarely get to decide who walks through it,” Electronic Frontier Foundation activist Eva Galperin explained.
This isn’t simply about locking out the police. It’s about locking out everyone, and giving owners (and no one else) the key to their own data.
And yet this does clearly affect police. Instead of strolling into Apple headquarters with a warrant and getting secret access to the phone, cops will have to take alternate routes. In other words, their jobs just got a bit harder.
First, they’ll have to present a warrant directly to the suspect. Instead of circumventing the alleged criminal, police will take their court order to their front door. If a suspect refuses to allow a warranted search, the police have a plethora of legal options to follow—specifically, holding a suspect in detention for contempt of court. No one can refuse a valid search warrant without suffering a severe penalty, so it’s not as though suspects will walk away with a polite “No thanks.”
Second, police can still legally access the data in transit. While data on the iPhone itself will be encrypted by default, data flowing over the phone’s celluar connection is still readily interceptable, given the proper court order—as was the case with previous versions of iOS.
The second point can’t be emphasized enough. Apple’s cloud storage service, iCloud, remains relatively easily accessible by Apple and police. Many people presumably use the service to store the sort of files and contacts that would be useful in a police investigation.
The iPhone’s new default encryption isn’t altogether unheard of—actually, virtually all your devices, from laptops to phones, have had serious encryption options for years. So Comey’s criticisms seem overwrought—but making it the default option is groundbreaking.
Every step to making encryption easier and more accessible cannot be underestimated. Citizens—criminals and otherwise—will now have significant data protection against thieves and police alike, regardless of how tech-savvy they are.
The question is, do you think citizens deserve to have their data protected by default?
Photo by marco_1186/Flickr (CC BY 2.0)
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.