There were plenty of guard dogs at the House Judiciary Committee hearing earlier this week. Not actual guard dogs, nor even oversight groups. No, it was a metaphor for phone security features from FBI Director James Comey that carried the day, in his fight against Apple over access to a locked iPhone.
“We’re asking Apple to take the vicious guard dog away and let us pick the lock,” Comey said, and House members adopted his language and metaphor throughout the hearing.
Much of the hearing went poorly for Comey. The case itself involved access to a locked, county-owned iPhone used by Syed Farook, one of the San Bernardino shooters. It was, as Reps. Steve Chabot, R-Ohio, and Zoe Lofgren, D-Calif., pointed out, tailor-made for bad precedent.
What the FBI wants, as Comey explained in an “aw-shucks” sort of way, is to just guess passwords on Farook’s locked iPhone 5C until they guess the right one. Two things prevent that: A possibly-on security feature which wipes the phone’s memory after 10 wrong password attempts. And even if that were turned off, the built-in delays between wrong guesses mean, in Comey’s own estimation, it’d take 10 years to guess all possible passwords.
FBI Director James Comey’s metaphors makes the task seem much simpler than it is. There are no guard dogs, and there shouldn’t be any back doors.
Those are the “guard dogs” Comey referred to, the ones preventing his team from “picking the lock,” as his other metaphor put it. Without those security features, Comey said it would take the FBI 26 minutes to unlock the phone. Comey simply wants the guard dogs out of the way.
Except there are no guard dogs. There’s encryption and security settings built into a phone. The court order the FBI sent to Apple isn’t for a tasty steak full of ether; it requires the development and signature of specific software that the phone would receive as an update, bypassing the user-selected security features.
Doing so would create what’s known as a “back door” around cryptography. The limits of this metaphor are obvious, and best demonstrated in this inept tweet from British journalist Piers Morgan:
Let Apple open the damn back door, let the FBI know what's on the phone, then close it again.
This isn't difficult. https://t.co/RFebTmBtgc
— Piers Morgan (@piersmorgan) February 26, 2016
Except that none of this works as well as Morgan thinks. Back doors around encryption aren’t secure except for special government keys, they’re brand-new ways in. They are mandated weak spots, whose existence can be exploited by not just the FBI with a warrant, but foreign governments, pranksters, criminals, and all sorts of unsavory actors, who would otherwise be deterred or stopped by the guard dogs and the locks on the front door.
Many representatives grilled Comey on the other details of the request, like the technical mechanics of brute-force guessing a password, or other information from Farook that the FBI was able to obtain through other means. There were lots of questions about the impact of this case, with as unsympathetic a perpetrator’s privacy as possible, as a template to develop a tool for future FBI cases. Many of the representatives demonstrated more technological knowledge than the director himself, with Rep. Lofgren even saying that this hearing motivated her to turn on some of the security features that Comey is trying to get around.
Yet despite the weakness of his answers, Comey’s guard dog metaphor stuck. Rep. Ted Deutch, D-Fla., noted that “we want our own guard dogs to keep our information safe.” If Comey couldn’t win the case on the merits, he certainly won it on the metaphor. And that’s a bad thing, for anyone who values strong encryption. Which is to say, anyone who is ever online.
Comey’s metaphors makes the task seem much simpler than it is. There are no guard dogs, and there shouldn’t be any back doors. There’s just a front door, covered in fur and fangs, with a lock made of code, on a house whose secrets disappear after a wrong guess.
Kelsey D. Atherton is a Washington, D.C.-based technology journalist. His work appears regularly in Popular Science, and has appeared in Popular Mechanics and War Is Boring. Follow him on Twitter @AthertonKD.
Illustration via Max Fleishman