There is an interesting conundrum in the works between the FBI and Apple. But interestingly enough, while several other companies (Like Google) have come out in support, the public sector is not raising the same cry as they should.
Perhaps they don’t understand the issue.
When the smartphone hit the scene, it took the world by storm. The smartphone did to the cell phone what the cell phone did to the landline phone, it wiped it out. Today we are so integrated with our smartphones that we are virtually and physically inseparable. That issue alone makes the information on our phones more involved than in the past.
We have our banking, emails, credit actions, purchases, illicit browser history, and more all locked away on our phones. And the FBI wants easy access, but not just easy access, they want the manufacturer to give them access because apparently, while the phone was in their possession, someone changed the passcode remotely from the San Bernardino Public Health Dept. This makes this court battle even further from necessity and moves it into ludicrous.
Imagine if you purchase a home and the lock manufacturer has to give a copy of your key to law enforcement on demand. Okay, that is not so bad. If they have a warrant, no harm no foul, after all, a landlord could be made to comply in opening the door. However, change one thing, the law enforcement gets one key that will open ANY door in the neighborhood. Now, are you more concerned?
The problem with this “backdoor” is that it does not just work for this phone; it will work for any phone. The FBI has a legal right to be cracking into the phone in their possession. But the legality of forcing a manufacturer to alter its business practices to make it easier has some implications against us all.
The government has been waging a battle against private key encryption for some time. The idea is that they will be benevolent and not use the access they have unless the warrant specifically grants them the right to do so. But how can you or I trust that? My personal data has been breached by OPM and the VA in just the last two years. The FBI had a data breach as well. So putting the metaphoric keys to your data under the doormat is not a great security idea.
You and I have a right to be secure in our information. We face three major issues.
- People want to steal our information for personal gain.
- We don’t want our private selves exposed.
- The government doesn’t like citizens who can keep secrets from them.
First of all, if you don’t have a password on your smartphone, you are an idiot. Every smartphone needs anti-virus software, a digital condom if you will, and password protection. Here is the key with passwords vs. pins, thumbprints, facial recognition, or voice recognition. Passwords are longer than pins and have more variation. A pin is a number from 0-9 per spot and there are a finite number of combinations.
A password uses the entire keyboard and special characters, numbers, lower and upper case. One security group that weighed in on this situation says that he can crack a 4 digit pin in an hour and a six-digit in a day. If you use a password, that changes dramatically. A single character has as many as 72 or more distinct variables just for one space in the password. Adding another character for a two-space password and you exponentially increase the size of the hacker’s problem. There is no password that cannot eventually be hacked. But the longer the password, you change how long “eventually” is.
That is the exact problem here and what the FBI wants to be changed. The phone will only allow so many attempts to hack the passcode before you are locked out permanently. The FBI wants the software to remove that security feature. They want as much time as necessary to open the phone. And if that software exists for them, guess what, it will also exist for anyone who steals your phone.
Since over 3.1 million smartphones were stolen, this is not a minor problem. Right now a stolen phone can be wiped and reused. But if they also make it possible to get the data off the phone, now they can steal everything you have including your phone.
Weakening the security is not a good idea. If the FBI cannot break into the phone, then we must accept the risk that there is data on the phone that might prove dangerous in the future and we are just going to have to take it.
There are two issues. Do we allow a government organization to get easy access to all our private data, and we have to trust that they will not lose it or use it inappropriately or do we accept that there might be data that we could use, even save lives with, but the price of personal security is to accept that someone might die because we did not allow government easy access.
“Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.”Benjamin Franklin, Historical Review of Pennsylvania, 1759, US author, diplomat, inventor, physicist, politician, & printer (1706 – 1790)
As a citizen, I am under no obligation to make my private life transparent to my government. My private life is exactly that and while technology might change how easy it is for me to retain my privacy, ease of government access is not my problem. Nor should my government pressure a private company to provide them with an easy way to gain my information.
I am not fond of Apple and Steve Jobs was a dick. But this is not about Apple, Tom Cook is not Steve Jobs, and no manufacture should be made to give up access. We need to get loud about this. Data encryption may not specifically be mentioned in the Constitution but,
Amendment IV “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
Data is covered as part of my effects. Now, the FBI can open that phone and suck it dry because the criminal who used the phone is not protected. However, forcing Apple to open up the encryption for everyone is not part of the deal. This is no different than President Obama’s executive order pushing States to violate the HIPPA protection of mental health records.
Now the government is playing the emotional blackmail game. “Rather than assist the effort to fully investigate a deadly terrorist attack … Apple has responded by publicly repudiating that order,” prosecutors wrote in the Friday order.
What is next, a kill switch for automobiles that is mandated for installation? The police can zero in on the particular vehicle, hit the button and the car chase is over. Sounds logical and efficient right? Except what prevents them from disabling every vehicle just for fun? Or what prevents someone else from getting access to the same frequency and disabling cars in specific locations for robbery? The fact that it does not exist is the only thing preventing it from being misused.
Fear of terror attacks is both real and significantly overstated. It is overstated because fear gives the government power because they can use that fear to get away with actions that no right-minded person would accept.
The Nation will not fall to a few terrorists. The Constitution would fall to a government with more control than it should have. Fear works both ways. Which do you fear more? Do you fear a random terror attack that statistically you will NEVER experience? Do you fear a government creating more power that they promise not to use against you but claim to need it for your own good?
This is not about the phone. This is not about unlocking the phone. This is about the government forcing a manufacturer to allow the government access which they would otherwise not have and do not need.
Do we have no privacy that our government cannot access? Or must we ensure that our government can read all our private mail, communications, and data because we might be guilty of a crime in the future?
That is something to fear.
This first appeared in The Havok Journal February 24, 2019.
Leonard O. Benton is retired from active duty military service with 24 years and two combat deployments to Iraq. He left the Regular Army after 10 years and became a National Guard Recruiter for his first tour in the AGR program followed by over 10 years in Operations as Force Protection, CBRN, and three years as C-IED. He has an Associates’s degree and is currently working on his Bachelor’s. He is an amateur metalsmith and when he is not working or writing he can often be found in his shop pounding away in the attempt to transform a lump of metal into an icon of beauty or function. His years of operational planning, threat analysis, and a deeply cynical view of our imperfect world leads him to focus on world events and cultural beliefs that tend to cause the most friction and chaos in the world around us. He is a libertarian and he believes in personal freedoms and accountability. The Havok Journal gave him an outlet to express the things he sees wrong in the world and the opportunity to once again provide advice on how to fix it. Leonard can be contacted a firstname.lastname@example.org.