Posts

Apple vs FBI: Why the iPhone Backdoor is a Necessary Fight

Apple vs FBI: Building a backdoor into the iPhone is like burning the haystack… 

I’ve been asked almost 100 times since Apple rejected the FBI’s request to break into the iPhone of the San Bernadino killers which side I support. I am a firm believer that the most complex problems (this is one of them) deserve the simplest explanations. Here is the simplest way that I can walk you through the argument:

  • If your immediate response, like many, is to side with Apple – “Don’t hack into your own operating system, it set’s a bad precedent” – then you have a good strong natural reflex when it comes to privacy. But don’t stop your thinking after your first reaction or thought, as it might be incomplete, because…
  • This is an intricate and nuanced balance between 1) personal privacy (don’t allow Apple or the FBI access into this particular phone), 2) public privacy (once Apple makes an exception for this case, the FBI (or Apple) could potentially open the iPhone in all cases), 3) security (by building in a backdoor for legitimate purposes, you will be opening it for hackers as well) and 4) national security (without access to this info, other terrorists might go undetected).
  • If it were your family member that had been murdered, you would probably agree that law enforcement should have every tool at their disposal to track down the murderers or criminals, and privacy be damned. You would also note that…
  • There are thousands of precedents for the FBI to obtain search warrants into suspects homes, emails, phone calls and the like. Ask yourself why this request is any different.
  • It’s a slippery slope. First the iPhone, then your encrypted password protection software, private Facebook history – you name it. The FBI’s solution is roughly the equivalent of giving the government a key to every home in America and letting them decide when to use it. By applying a broad brush stroke (build a backdoor into the security of every iPhone) when a fine-tipped pencil would be more than adequate (learning more about a single case – the San Bernardino killers and their connections), you forever  lose control of the master key. As was put so eloquently in an article by Wired (I cite this particular article because I agree with it), “Apple is not being asked to unlock an iPhone; it’s being asked to create software that would help the FBI unlock it.” To me, those are two completely different requests.
  • A backdoor would give law enforcement an additional tool to solve tens or hundreds of crimes, but in the meantime endangering the data of nearly a billion users. If Apple complies, what happens when China asks Apple to unlock a phone based on the earlier precedent – does Apple hand over information that could lead to political persecution? In other words…

Building a backdoor into the iPhone is the equivalent of burning the haystack to find a needle. You simply have to ask yourself honestly if the needle is worth the ashes. 

5 Possible Solutions in the Apple vs. FBI iPhone Backdoor Case

  1. Let it go. Sometimes you don’t have all of the evidence in a criminal case. Whether the murder weapon cannot be found or the iPhone data cannot be obtained, the case is resolved in other ways. The NSA (as exposed by Edward Snowden) has done nothing to engender our trust in government organizations collecting and using data on American citizens. They abused their powers of data collection in that case, so we all wonder why it would be any different in this case.
  2. Stop pretending that Apple can build a one-time backdoor. Encryption doesn’t work that way. Security doesn’t work that way. The minute you tinker, the entire house of cards falls and exposure becomes the rule, not the exception. If the information on the phone is important enough, at least admit you are willing to put the data of a billion people at risk.
  3. Upgrade your hackers at the FBI. I’ve had several white-hats hackers suggest that the iPhone can be cracked. Hackers are sometimes a cocky bunch (that’s what makes them good, by the way), but I’ve seen them hack almost every device possible with a creativity that would make Picasso proud, so I wouldn’t put it past them.
  4. Take this conversation off line. Ultimately, I think this question will be decided in back rooms where the public doesn’t get to see the answer (we are, in fact, a representative democracy where much of what happens does so behind closed doors). And frankly, I think it should be. There is too little awareness of the complexities we are dealing with here, and the emotional responses that we all have are only getting in the way.
  5. Do something, Congress! There are thousands of similar cases to be decided in the future and very little in the way of legislation to guide the way. Most of the laws being quoted in this case go back a half a century. Congress should catch up with technology and set some guidelines and oversight on the privacy vs. security question. We are a smart enough society to allow for gray areas in between a media that immortalizes black and white.

I believe that Apple is doing the right thing in standing their ground an not creating a system-wide backdoor into the iPhone. I also believe that the FBI is doing the right thing in trying to obtain every piece of information they can to resolve a past or future crime. This should not include a systemic hack of the iPhone or any computer system. The strength of our democracy is in the tension that exists between those two stances and the system of checks and balances that keep either position from being extreme.

I guarantee you that there is a way to set down the paint brush and pick up the pencil – to create a solution that impacts one phone, not millions – and that it is possible to balance public privacy with national security. It may not pertain to this particular case, but it will to all of those future cases waiting to happen. In the end, isn’t that what we all want? If you agree, write your Congressperson and ask them create laws that address the current privacy/security confusion.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Is Your Privacy Being Threatened by Drone Use?

,

usa dronesAnd in the latest installment of “breaking news” that shouldn’t surprise you at all…

…FBI Director Robert S. Mueller III admitted that the United States has used drones over US airspace.  It was the first time an FBI official publicly admitted such a program exists, but if you want to believe pop culture (the latest Bourne installment, a recent Castle episode, the Call of Duty video game), drone use is more common than we think.

What we know:

  • Drones (or unmanned, remotely piloted aircraft) have been used since the early 1900s, for various purposes, primarily military and law enforcement, though there are increasing demands for public use.
  • The Drug Enforcement Agency and the Bureau of Alcohol, Tobacco, Firearms and Explosives have both tested drones for use in investigations.
  • The Federal Aviation Administration has to approve all drone use in US airspace.
  • The FBI has requested this permission at least four times since 2010.

Mueller testified that the drone program “has been a contributing factor, one dot among many dots” to help track terrorist plots.  The other “dots” he was referring to include telephone logs and Internet records.  He continued, “You never know which dot is going to be the key…but you want as many dots as you can. And if you close down a program like this, there will be … fewer dots to connect.”

Members of Congress immediately began clamoring for “transparency” from Mueller as to how specifically drones have been used, which he declined to provide, stating, 
“There is a price to be paid for that transparency…I certainly think it would be educating our adversaries as to what our capabilities are.” He also noted that drone use is “very narrowly focused on particularized cases and particularized needs”.

Does it affect our privacy?

Senators sure seem to think so.  Sen. Dianne Feinstein, D-CA, inquired what kinds of protections the FBI has put in place in regards to how information is used by federal investigators.  She called drones “the greatest threat to the privacy of Americans.”

Another area of concern involves the policies about drone use.  The problem?  There really aren’t any firm policies yet.  Mueller said the FBI was in the “initial stages” of writing policies.  “We’re exploring not only the use but also the necessary guidelines for that use,” he added.

Sen. Mark Udall, D-CO supports the notion that drones can be helpful with law enforcement agencies, but stressed that Constitutional rights must be protected first.  Udall said, “I am concerned the FBI is deploying drone technology while only being in the ‘initial stages’ of developing guidelines to protect Americans’ privacy rights.”

Is the FBI putting the proverbial cart before the horse by implementing drone use before policies are in place?  Do we need to honor the need for “non-transparency” for our own safety?  Should we be afraid of drones and their threat to our privacy?  Ryan Calo, a law professor at the University of Washington, wrote in the Huffington Post that drones “could be just the visceral jolt society needs to drag privacy law into the 21st century.”  Maybe it will take the notion of truly being watched without our knowledge anywhere, anytime, to lead to real change.