>any system that is designed to allow law enforcement agencies all across the country to expeditiously decrypt devices pursuant to court order will be enormously complex, raising the likelihood of serious flaws in implementation.
Generally I agree with the EFF but I always find this particular argument specious.
If someone were to design such a system but without flaws in its implementation, would EFF be OK with that? I don't think so, because those agencies are rife with bad actors. A perfect system, in the hands of bad actors, is already a problem.
The problem at the outset is with the context of use. Yes there are other problems that would follow on because the system would not be technically perfect, but even before that, the flawed context of giving these tools to bad actors should not be overlooked. Setting up such a system, perfect or not is a bad idea, period. Yes it will be imperfect but even if you buy into the mistaken idea that it can be made perfect, the context of use, in agencies with bad actors, is already broken even before the imperfections allow exploits by agency outsiders.
No, we don't have to assume that the agencies are staffed with only good people. Not even for the sake of argument, and not even for the sake of a polite white paper from the EFF.
IMO the toothpaste is already out of the tube on this one. We already live in a world where strong encryption exists, and is accessible to the common developer. The DOJ does not get to live in the world that it wants to. I understand this will make their lives more difficult, however I do not care. Currently they are in the "anger and bargaining" stage of grief, I hope they realize that "going dark" isn't really that bad.
Somehow the US survived in a world where everyone was dark 100% of the time for over 200 years. Maybe the FBI should just go back to relying on actual criminal research techniques and remember part of their job is protecting constitutional rights such as the right to privacy.
I knew my comment would be unpopular however I'm genuinely curious how you feel about law enforcements ability to wiretap, or perform surveillance suspects given a court order. This capability has existed in the period you referenced, and to me it would seem ... similar(?) to law enforcement being granted permission (by a court) now to surveil a suspect's digital devices. Why does the switch to digital change things? Similarly, If I lock my home/car/object, commit a crime - are you okay with law enforcement breaking into my property to gather evidence?
I'm honestly asking, not trying to snark - please help me work through how encryption differs from other "analog" tools meant to ensure privacy.
Think back even before technology. The police weren’t allowed to sneak on your property and search it, or hide on it to surreptitiously listen to your conversations, without a court order. This was to protect your privacy rights, as well as restrain over-reaching government agents.
Now let’s assume 200 years ago all of your property was exposed so that any potentially dangerous people (robbers, horse thiefs, politicians) approaching your house could be easily seen. But this also means that federal agents coming to serve warrants could be seen with enough warning to allow you to destroy evidence, and anytime they’d try to surveil your house, you’d know they were there.
Should it be illegal for your property to be so exposed? Should the government force property owners to plant shrubbery on approaches to their homes to make them easier to secretly surveil, and so surprise searches can be more successful?
The difference between this and wiretapping is that wiretapping didn’t require you to change your property to allow it. The police merely tapped into existing infrastructure.
I say “didn’t” because that stopped being true years ago. The feds were successful at forcing telecoms to alter their systems and equipment to make survellience easier, especially mass survellience. Now the FBI thinks that since they can force telecoms to put backdoors in their own equipment, they can also force companies to put backdoors in customers equipment.
Let’s go back 200 years again where encryption was a popular way to assure the privacy of important messages and papers. Let’s assume public/private key encryption was discovered, and companies spring up where they create unbreakable private/public combos for citizens to use to encrypt their messages and letters. The companies agree to protect their customers by never recording the private keys they generate for them.
Federal agents are outraged, and demand the companies record citizens private keys and store them permanently so whenever a court ruled federal agents could have them those agents could read any citizens private papers and letters. And that the citizens aren’t allowed to know when their keys have been compromised. Can you imagine the theft, blackmail and other possibilities?
Thanks for your thoughtful response. This thread is getting a little old, but I'm going to read this later, and might respond - however I wanted to thank you, in case I forget and move on - cheers!
We've had this conversation for over 20 years. There is broad consensus that undermining encryption is dangerously bad policy and yet the FBI continues with their magical thinking. Strong encryption has more benefits than costs and therefore should continue unimpeded.
Well, imagine yourself in China right now, under the thumb of that regime. Anything is better than where we are today--teetering on the edge of technological totalitarianism.
> I hope you know that, because I don't know a single person, expert or not who with confidence can claim "going dark" isn't going to be "that bad".
I can claim, with confidence, that "'going dark' isn't going to be 'that bad'" because we had successful police investigations before cell phones or encryption were even invented.
If criminals "go dark" the FBI is just going to have to re-learn old-fashioned police-work to catch them.
Like phone taps, electronic bugs and good old fashion in-person surveillance? How is that "dark" exactly? I expect privacy when I'm in my home, and on the telephone - did/do the FBI consider these off limits? They don't obviously, but how is this different?
> Like phone taps, electronic bugs and good old fashion in-person surveillance? How is that "dark" exactly?
There was a time even before telephones and electronics.
I'm much more comfortable with law enforcement having to go back to using electronic bugs, in-person surveillance, and physical evidence gathering. Those things don't scale and don't have the security implications of their desired backdoors.
> There was a time even before telephones and electronics.
Requiring law enforcement to use "pre electricity" technology only to catch thieves who are using cutting edge technology is incredibly naive.
I can understand the worry about scaling specifically, but talk about "handcuffing" law enforcement! Also, since phone-taps are scalable, they'd have to drop that too - which would leave them with quite a toolset /s
Any system with "exceptional"/whatever they want to call it this week access mechanisms inherently reduces the security of the system, even your hypothetical flawless system. This is because attackers rationally go for the weakest link, which becomes whatever policy mechanisms gate access to the panty-sniffer mechanism.
We've seen a constant stream of stories of folks with access to surveillance mechanisms abusing them. Guards being creepy with cameras, NSA analysts stalking lovers, cops stalking lots of people.
And that's just what leaks out to the press.
Any sensible analysis of this sort of thing has to include the inevitability of abuse. If it doesn't include mechanisms for detecting, punishing and alerting the victim, then the priorities are made quite clear, and are a giant middle finger to the notion of personal autonomy for anyone without special legal status.
Enjoy your freedom responsibly, citizen-unit. Or else.
One diplomatically. The EFF doesn't want to overtly suggest that law enforcement are scumbags and thugs who abuse any system and can't ever be trusted. All sorts of people would rally together to defend poor law enforcement and that fight isn't productive.
Two, there is no perfect system. There can be no perfect system. For starters we wouldn't know what perfection looks like if we saw it. Between the flaws in people, tools, technology, etc a perfect system is impossible. There will always be flaws, even if the flaws are largely people using a pretty good system. hence the argument about flawed systems. It's a pretty safe argument to make because it aligns with what happens in the real world.
>If someone were to design such a system but without flaws in its implementation, would EFF be OK with that?
Call us up when that outcome ever occurs. I'm predicting sometime after the 5th of Never.
You're right, but I'm not sure you read what I said.
>Two, there is no perfect system.
Yeah you are agreeing with me here.
I was debating whether to spell out that what I had in mind was the technical and mathematical parts of the system, but even that is impossible to get perfect. Adding in people, it is still impossible. Not more impossible. Still impossible. But we need to stop talking about how the technical part will be flawed. Yes it will be. But that's not the worst problem. The people part is the worst problem.
Talking about the technical flaws is the wrong argument to make. Naive people will just think "well, let's have our smart nerds work hard on it, and they will figure it out" and therefore the argument makes no headway. And naive people elect congress people. And presidents. Who appoint judges. Etc.
What the EFF needs imho is an argument that even the naive masses will understand. Not one that is vulnerable to bullshit talking points like "well if we can go to the moon, we can do this."
On the being diplomatic point, yes probably that's the case. I just think they could choose more of a realistic stance somewhere between the position of this paper, which is fairy tales pretending everything is OK as long as it's inside the US borders, and the rather extreme opposite position that you articulated with "law enforcement are scumbags and thugs..."
They could easily describe the more nuanced middle ground reality which if seen clearly, should be devastating to the whole idea. Even the US president is not trustworthy, for starters.
Take a moment, lay back, look up at the stars and imagine all the ways it could go wrong if agencies could decrypt everything. The possibilities are endless...
1) External - The NSA so grandly showed that even the most important secrets kept by the most guarded and well-funded agency can be stolen. Imagine if Russian or Chinese hackers gain control of it...
2) Internal - Is there a government agency that hasn't had a bribery scandal?
3) Government overreach - Imagine these tools are in place and a president decides to target adversaries...
4) Petty - You're break up with a police-person goes poorly and they decide to get even...
I agree with the EFF's position regarding backdoors, but this article isn't convincing.
- There really isn't anything nefarious in trying to find a good case to set precedent. That's actually the EFF's (and ACLU, etc.) business model: find the most sympathetic plaintiff for the issue you want to litigate to improve your chances in court (and the court of public opinion).
- A method that is "90% ready" just isn't ready. Not only are such numbers meaningless in such a project. It just doesn't matter, legally, if you gain such capabilities in the future. A good faith interpretation of the FBI's motivation must also accept that if(!) the FBI had any interest in the phone's content, that interest was urgent.
I also consider the EFF's and tech community's technical arguments to be rather weak and transparent attempts to skirt the core issue: we don't want backdoors for governments, period.
By suggesting technical difficulties they are trying to shift the debate from the political sphere to the technology. That's probably good for the cause, but it circumvents the mechanism we have established for policy debates, namely democracy.
The difficulties also seem to be far exaggerated: a 1-of-2 encryption scheme should be possible. There are several such schemes (like 2-of-3) working flawlessly for Bitcoin already.
Safekeeping of master decryption keys also seems to be a solved problem. Certificate Authorities, as just one example, seem to do so mostly without any hitches.
> There really isn't anything nefarious in trying to find a good case to set precedent
Far enough, however the FBI's argument was that they needed a backdoor to get into phones like this, when it turns out that they didn't need the back door at all, and not only did they purchase a "crack" to open the phone, they also had Apple's help and could have gotten the information they needed using the tools they already had at their disposal.
As I read it, this is not about finding a nice court case, it's about misleading the courts with the respect to the necessity of the back door. In other words, they weren't finding a sympathetic case, they were manufacturing it.
> it's about misleading the courts with the respect to the necessity of the back door. In other words, they weren't finding a sympathetic case, they were manufacturing it.
Absolutely. Now they kinda of gave Comey the benefit of the doubt saying "he didn't know" but it turns out ROU team was doing it.
---
The OIG report concluded that Director Comey didn’t know that his testimony was false at the time he gave it. But it was false, and technical staff in FBI’s own ROU knew it was false.
---
Not sure what happened there. I think there are two levels of "truth" one is what is written and recorded, and the real "truth". How did ROU started working on the device to begin with. Did they go to the evidence box and started tinkering with the phone when CEAU wasn't watching? Did they clone the device and handed it to multiple teams "here if anyone of you can figure it out, you get an extra 10 days of vacation" or something like that.
It seems a very likely strategy for Comey (based on past instances of him lying under oath) to have tasked the unit with breaking into the phone, then simultaneously pushing on Apple to unlock it.
In this scenario, all Comey had to do was NOT ACCEPT the final report from the unit working on the phone, and that project would remain at <100% indefinitely. In a military beaurocracy setting, until a work order or transfer order is signed off by the one who issued it, it is not legally binding as being completed. Also, easy for Comey to tell the unit not to contact him with any details so he wouldn't have to purjure himself.
In any case, he really should be in jail, as he is a total sociopath and all of those FBI guys are guilty of watching kiddy porn.
There is something nefarious about trying to set precedent when the precedent is conscripting companies into the surveillance state. They lied about their capabilities in order to force a company to break their product on their behalf.
And yet: As described earlier, our inquiry did not reveal that anyone in OTD had withheld knowledge of an existing FBI capability, as EAD Hess had feared. However, our inquiry suggests that CEAU did not pursue all possible avenues in the search for a solution. The CEAU Chief told the OIG that, after the outside vendor came forward, he became frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU Chief. He acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, “Why did you do that for?” According to the CEAU Chief, his unit did not ask CEAU’s partners to check with their outside vendors. CEAU was only interested in knowing what their partners had in hand – indicating that checking with “everybody” did not include OTD’s trusted vendors, at least in the CEAU Chief’s mind. However, we believe CEAU should have checked with OTD’s trusted vendors for possible solutions before advising OTD management, FBI leadership, or the USAO that there was no other technical alternative and that compelling Apple’s assistance was necessary to search the Farook iPhone.
The guy supposed to be looking for technical solutions, upon finding someone had asked vendors about technical solutions:
> I also consider the EFF's and tech community's technical arguments to be rather weak and transparent attempts to skirt the core issue: we don't want backdoors for governments, period.
We don't really want them. However, by longstanding precedent they're entitled to them whenever the technological system at hand enables it. Telephony, postal service, and so on.
You're absolutely right! Democracy is exactly the method to apply to a political issue. It's so applicable, we applied the democracy mechanism to this issue centuries ago and continue to do so. If we fall back to it here, we're going to lose, and we'll be forced to include backdoors in everything.
I find the article much more convincing than your comment though.
> Nothing nefarious about finding a good case...
There is something nefarious with lying about, or being willfully ignorant about, needing the backdoor in the first place. When you testify to the Court and to Congress there is no other way, it can’t be because you didn’t bother to ask.
> A method that is 90% ready just isn’t ready.
If you look at the timeline the method was ready and demonstrated to the FBI within a month. That’s a lot faster than the courts could even begin to move on the case, and wouldn’t you like to think in a national security case the FBI would be working expoditiously to unlock the device rather than score political points?
> The difficulties [of backdoors] seem to be exaggerated.... working flawlessly for Bitcoin already
That’s a very interesting definition of “flawlessly” you’ve got there. I could cite the long list of grievously damaging government and private sector breaches, and just note that none of them were as enticing as a golden key to unlock global encrypted comms.
Our security sucks enough without intentionally weakening it. But more importantly, only the law abiding citizens would be using the backdoored encryption. Real encryption doesn’t magically go away because you publish a broken algorithm.
> A method that is "90% ready" just isn't ready. Not only are such numbers meaningless in such a project. It just doesn't matter, legally, if you gain such capabilities in the future. A good faith interpretation of the FBI's motivation must also accept that if(!) the FBI had any interest in the phone's content, that interest was urgent.
Any method they would have gotten from Apple was roughly zero percent ready, meaning the 90% one was more feasible than going through Apple.
There really isn't anything nefarious in trying to find a good case to set precedent. That's actually the EFF's (and ACLU, etc.) business model
It's not a 'business model' and there is a fundamental difference between advocates cherry picking their cases and approach and the state and its law enforcement apparatus doing so. The latter demands a great deal more scrutiny.
Safekeeping of master decryption keys also seems to be a solved problem. Certificate Authorities, as just one example, seem to do so mostly without any hitches.
Those secrets are not nearly as valuable or potentially damaging and there are lots of mechanisms in place to externally mitigate and detect their potential loss and abuse.
BUT, IMHO another needed consideration should be about what was (reasonably) expected to be found on the device, and since - one way or the other it was unlocked - what was actually found on the device.
My personal guess is nothing-nothing, some of the often forgotten news about the specific case:
[1] The AppleID was changed after the phone was already in Government custody, thus self-sabotizing some possible recovery ways
[2] The couple went into an extensive and thoroughful destruction of all the other electronic devices, exception made for the (county issued, i.e. "work only") iPhone
[3] An actual statement by an investigator saying that most probably the phone contents (if any) were useless
[4] The DA mentioned a mysterious "lying dormant cyber pathogen" among the reasons why it was vital to obtain access to the iPhone
I completely agree that backdoors are a terrible invasion of privacy, that law enforcement gained absolutely nothing in this case, and that Apple should be lauded for their bold opposition to these requests.
I'm merely attacking the specific line of argumentation the EFF is using. I consider it both intellectually shoddy and bound to be counter-productive.
(Unfortunately, HN doesn't appear to understand such nuances.)
I don't think the question is can we instantly access the data in this phone because trials don't last 10 seconds.
The point is can we expect to be able to access this data in a time frame which is suitable for this evidence to be used at this trial. The answer is that there was no need for apple's assistance and Comey is a liar.
The governments position was that this man and criminals like him would go free without forcing apple to backdoor their phones.
A solution that is 90% ready works but may require significant work to be ready for an agent to plug in a phone push a button and get root. Anything else is pure wishful thinking on the part of law and order fans who don't want the law to be in the wrong on anything. The fact that it was factually ready in 3 weeks proves this beyond a shadow of a doubt.
Neither an apple assisted solution nor the hack they were working on would have been ready to use tomorrow.
The government stated that they needed apple to break ios in order to nail a creep. This was a lie. The actual worst case scenario isn't this scum getting off. The actual worst case scenario would be us buying the line of bs they are selling and giving up more of our privacy.
You are extremely casual with the truth; Your post is choke full of inaccuracies. The major one is:
> The government stated that they needed apple to break ios in order to nail a creep. This was a lie.
It was not. The specific question was:
"[are you] testifying today that you and/or contractors that you employ could not achieve this without demanding an unwilling partner do it”
The answer was affirmative, and correct for that point in time. It wasn't quite the "whole truth", but it was true. And there are any number of reasons you'd not want an unfinished project to become public.
Also: the government's position was never that "this man would go free" or that they intend "to nail a creep". That man/creep was dead.
A lie by omission is still the lie. If you ever have to tell someone that you didn't tell them the complete truth what you really mean is that you lied to/misled them.
Regarding being dead sorry I was thinking of the child porn case not the shooter my mistake.
And if they had had some patience, they could have initiated an automatic WiFi backup from the iPhone to iCloud and probably accessed the information on iCloud through a court order that Apple would've complied with.
Quoting from this Buzzfeed article from February 2016. [1]
> "The Apple ID password linked to the iPhone belonging to one of the San Bernardino terrorists was changed soon after the government took possession of the device, Apple, San Bernardino County, and federal officials have acknowledged over the past 48 hours. If that password change hadn’t happened, senior Apple executives said on Friday afternoon, a backup of the information the government was seeking may have been accessible."
> "The Apple executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident."
> "Apple sent trusted engineers to attempt that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed sometime after the terrorist's death -- within 24 hours of the government taking possession of the phone. By changing the password, the government foreclosed its ability to obtain a fresh copy of the most recent device data via this back-up-to-known-wifi method."
One wonders why the FBI didn't focus on having a standard protocol/office for handling iOS and Android devices to ensure they could maximize the ability to access them. Like someone who could tell the field agents, don't change the password!
> According to the Times, DOJ officials are “convinced that mechanisms allowing access to [encrypted] data can be engineered without intolerably weakening the devices’ security against hacking.”
Why do people believe this? It will only make things more complicated and more complicated usually means easier to break.
It probably takes way more effort, time and money than the FBI likes to invest to break open an iPhone. So this high profile incident was used as a way to influence public opinion that this kind of heavy protection was helping pedophiles and terrorists. I think the main result of their initial declaration was people buying more iPhones if anything at all. And now it backfires.
They write At the same time, according to the OIG report, the chief of the FBI’s Remote Operations Unit (the FBI’s elite hacking team, called ROU) knows “that one of the vendors that he worked closely with was almost 90 percent of the way toward a solution that the vendor had been working on for many months.”
90% finished with no definitive end in sight? That doesnt sound like a solution.. then the EFF concludes:
March 1, 2016: Comey testifies... The OIG report concluded that Director Comey didn’t know that his testimony was false at the time he gave it. But it was false, and technical staff in FBI’s own ROU knew it was false.
No it was not false. It was completely true at the time. 90% is not a solution. Comey does not have a time machine to see when/if the exploit would be completed.
March 16, 2016: An outside vendor for the FBI completes its work on an exploit for the model in question.
Now they have an exploit.. and what does the FBI do? They drop the their alternative approach involving the courts and apple.
Making weak, clearly disingenuous (or worse, technically clueless if they really believe 90% is the same as 100%) arguments do not help the EFF. This will be the first part that their opponents latch on to and attack.
When I was young and impressionable it was done done. My last contracting gig the project manager (who was honestly too good for the customer and noped out after about 14 months and told me countless times “you can’t fix stupid”) started saying done done done.
And still people would say, when asked if they were done done done, “yes, but...”
At some point the developer is done with a task even if the task isn’t done with them. And they will make any rationalization necessary to take partial credit for completion.
"90% complete" can mean a very wide range of things. If it means having bypassed 9 out of 10 security layers, there's no guarantee it'll ever work. If it means that the system works in the lab and they're adding UI and documentation, then it's reasonable to be confident. I've heard situations both worse and better described as "90% complete".
I would guess that coming from a company selling security solutions to law enforcement, it'd be more like the latter (ie, it basically works and needs polishing).
On the other hand, as the immediate goal was to decrypt one specific device and it was regarded as urgent, I would guess that the former is more likely. Your alternative scenario would amount to what would have been possibly the first time ever a software product was completed before it was released.
In the case of developing an exploit, one might reasonably claim that getting 0xdeadbeef in %rip is 90% done. A lot of researchers would stop at that point, because it's sufficient to demonstrate that it's exploitable. Some years ago, before various mitigations, you'd just have to polish up the payload and then you'd be 100%. But today, there might be a fair bit of work turning a demo crasher into a weaponized exploit.
The FBI's chief of its elite hacking unit has a clear conflict of interest in stating what the status of hacking into the phone related to the San Bernadino shooting -- and unless the OIG confirmed the vendor's status at that point forensically, verbal statements to me are meaningless.
Saying that the vendor was "90 percent of the way toward a solution" could mean anything; for example, they had the hack, but were testing it to see if would work for all iPhone models.
The vendor the FBI contracted with to develop the exploit says they demonstrated it on March 20th. The FBI says they demonstrated on March 20th. In fact, they postponed a court hearing to attend the demonstration, and the following day informed the court. This is also 3 weeks after Comey's testimony to congress.
If you're going to throw out a conspiracy theory, you should have something to back it up.
My statements purely state that the FBI is very aware of how to take actions and make statements that are true, but misleading. What is the issue is that the OIG took statements that were clearly meaningless -- but assigned meaning to them.
In fact, if you read the report, which includes these statements, "In the (FBI elite hacking unit) Chief’s view, the fact that he was not asked for help sooner was not a mistake in judgment or communication breakdown on CEAU’s part, but rather the result of a long-standing policy that the ROU Chief understood created a “line in the sand ”against using national security tools in criminal cases." -- which if true, given the events were a known terrorist attack, would have made the events a national security matter.
Imagine you’re the attorney for the other side and you asked the agent under oath if they were tainted by information they were sworn not to reveal.
For some of these agencies I would almost expect them to, let’s say embellish or fabricate, under oath to protect highly classified information. Does that not make them a tainted witness if they have to speak in half truths under oath?
The only way to get an absolutely fair trial would be if all of the information were declassified, or the judge, jury, and lawyers had security clearance. And who without a high clearance could judge what is pertinent to the case?
I think we have always known that justice and secrets clash, which is why we have (had) watchdog groups as a compromise.
so easy to dismiss something by calling it a "conspiracy theory". The only conspiracy is by the FBI on the American people, with their warrantless surveillance. How about the fact they lie around 100 pct of the time about these matters?
I find it impressive that they would even know they are '90% done'. Usually that's a good indication the person speaking has no clue about how long it will take to get it completed but they feel they have done a lot of work already. And then they hit a snag or some unforeseen obstacle and suddenly that 90% is unrealistically optimistic.
It's also unclear whether the ROU chief even was able to tell Comey what he knew. I also agree with the EFF, but I think they should focus on the real problem, which is the FBI's cavalier insistence than creating encryption backdoors can ever be save.
> Making weak, clearly disingenuous (or worse, technically clueless if they really believe 90% is the same as 100%) arguments do not help the EFF.
Sadly, this has been the EFF's Mo in recent years. They have an ongoing series of blog posts where they try to make hay out of some patent or copyright court ruling that they deeply misinterpret.
Lawyers doing what lawyers do. Blame the state of our legal system, or society. Trial in the court of public opinion is accepted by society, consequences be damned.
I imagine that this kind of thing has some consequences for them specifically, though, given that they're funded by donations. I'm certainly less likely to keep donating if I think they're being dishonest and sensationalizing their work.
Lawyers talk to decision makers (judges or juries) who hear both sides of the story. Lawyers are charged with presenting the best possible version of their client's story, because it is the job of the decision maker (not the lawyer) to weigh the facts, judge credibility, and reach a conclusion.
The situation is a bit different where an organization like the EFF is talking directly to the public.
> Making weak, clearly disingenuous (or worse, technically clueless if they really believe 90% is the same as 100%) arguments do not help the EFF. This will be the first part that their opponents latch on to and attack.
Also: consider how likely it is that some engineer in ROU would tell the director of the FBI they were 90% of the way to a solution. The FBI has 33,000 employees, more than Facebook. How many 90% solutions exist at Facebook that Zuckerberg does not know about?
Sorry to veer into whataboutism wrt Apple and regions they operate in, but I'm curious about the hypothetical: What if China demanded Apple create a signed version of the OS w/ the key bypass? Among other reasons for asking, one reason is to highlight that while the FBI were nefarious here, that Apple was able to fight it and publicly post that they disagreed without any repercussions makes me at least a bit happier about the process.
Any access-key/backdoor is either going to be very distributed so it can be used, or it's going to be under a SAP (special access program or similar alphabet soup); either way it will be compromised either for profit, or by conscience by someone another Snowden like person.
People inclined to give the government the benefit of the doubt perhaps because they are of the class of people so unlikely to run afoul of the law seem to be confused about what 90% ready means.
If it was ready 3 weeks later 90% ready means we have 100% broken the security involved and are wrapping this is a reasonable interface and writing documentation. Our developer could plug in your phone and crack it right now but we need to build something with buttons and documentation.
I have a very close friend that works for the clandestine service, Mussolini. He tells me that they have backdoors into all cellphones that exist. I didn't believe him at first but looking at the recent vault 7 leaks[0], now I am not doubting him.
> The Department's [FBI's] blind faith in technologists’ ability to build a secure backdoor on encrypted phones
Hasn't it been show time and again that, on any sort of reasonable timescale, there is no such thing as a secure backdoor? Governments wanting one to exist cannot change the nature of software, especially with the current pentesters out there. If such a backdoor exists, someone will find it.
I don't have a problem with legitimate inquiries into crime, with probable cause, approved by an independent whose role is to safeguard against needless intrusions by the government. I don't believe in legally requiring code to be insecure through backdoors, extrajudicious dragnet "intelligence," or other deeply disturbing secret police BS authoritarian strains of the intelligence communtiy seem to be advocating. If they can open the phone with or without Apple's help is almost irrelevant. What matters is if they have gone through an accountable process to gain legal authorization to open it.
On the other hand, the fact that the FBI used this to gain legal powers in the vein of the burning of the Reichstag is unacceptable.
Confront your cheating spouse with evidence, i was able to spy on my cheating ex phone without finding out.....it really helped me during my divorce ...you can contact (cyberguru1370@GMAIL.COM) for spying and hacking social networks, school servers, icloud and much more,viber chats hack, Facebook messages and yahoo messenger, calls log and spy call recording, monitoring SMS text messages remotely, cell phone GPS location tracking, spy on Whats app Messages, his services are AFFORDABLE.................................... ONLY GOD CAN THANK HIM FOR ME.
87 comments
[ 4.1 ms ] story [ 121 ms ] threadGenerally I agree with the EFF but I always find this particular argument specious.
If someone were to design such a system but without flaws in its implementation, would EFF be OK with that? I don't think so, because those agencies are rife with bad actors. A perfect system, in the hands of bad actors, is already a problem.
The problem at the outset is with the context of use. Yes there are other problems that would follow on because the system would not be technically perfect, but even before that, the flawed context of giving these tools to bad actors should not be overlooked. Setting up such a system, perfect or not is a bad idea, period. Yes it will be imperfect but even if you buy into the mistaken idea that it can be made perfect, the context of use, in agencies with bad actors, is already broken even before the imperfections allow exploits by agency outsiders.
No, we don't have to assume that the agencies are staffed with only good people. Not even for the sake of argument, and not even for the sake of a polite white paper from the EFF.
I hope you know that, because I don't know a single person, expert or not who with confidence can claim "going dark" isn't going to be "that bad".
I'm honestly asking, not trying to snark - please help me work through how encryption differs from other "analog" tools meant to ensure privacy.
Now let’s assume 200 years ago all of your property was exposed so that any potentially dangerous people (robbers, horse thiefs, politicians) approaching your house could be easily seen. But this also means that federal agents coming to serve warrants could be seen with enough warning to allow you to destroy evidence, and anytime they’d try to surveil your house, you’d know they were there.
Should it be illegal for your property to be so exposed? Should the government force property owners to plant shrubbery on approaches to their homes to make them easier to secretly surveil, and so surprise searches can be more successful?
The difference between this and wiretapping is that wiretapping didn’t require you to change your property to allow it. The police merely tapped into existing infrastructure.
I say “didn’t” because that stopped being true years ago. The feds were successful at forcing telecoms to alter their systems and equipment to make survellience easier, especially mass survellience. Now the FBI thinks that since they can force telecoms to put backdoors in their own equipment, they can also force companies to put backdoors in customers equipment.
Let’s go back 200 years again where encryption was a popular way to assure the privacy of important messages and papers. Let’s assume public/private key encryption was discovered, and companies spring up where they create unbreakable private/public combos for citizens to use to encrypt their messages and letters. The companies agree to protect their customers by never recording the private keys they generate for them.
Federal agents are outraged, and demand the companies record citizens private keys and store them permanently so whenever a court ruled federal agents could have them those agents could read any citizens private papers and letters. And that the citizens aren’t allowed to know when their keys have been compromised. Can you imagine the theft, blackmail and other possibilities?
That’s exactly what the FBI wants now.
In law enforcement, or amongst tech providers?
I can claim, with confidence, that "'going dark' isn't going to be 'that bad'" because we had successful police investigations before cell phones or encryption were even invented.
If criminals "go dark" the FBI is just going to have to re-learn old-fashioned police-work to catch them.
There was a time even before telephones and electronics.
I'm much more comfortable with law enforcement having to go back to using electronic bugs, in-person surveillance, and physical evidence gathering. Those things don't scale and don't have the security implications of their desired backdoors.
Requiring law enforcement to use "pre electricity" technology only to catch thieves who are using cutting edge technology is incredibly naive.
I can understand the worry about scaling specifically, but talk about "handcuffing" law enforcement! Also, since phone-taps are scalable, they'd have to drop that too - which would leave them with quite a toolset /s
We've seen a constant stream of stories of folks with access to surveillance mechanisms abusing them. Guards being creepy with cameras, NSA analysts stalking lovers, cops stalking lots of people.
And that's just what leaks out to the press.
Any sensible analysis of this sort of thing has to include the inevitability of abuse. If it doesn't include mechanisms for detecting, punishing and alerting the victim, then the priorities are made quite clear, and are a giant middle finger to the notion of personal autonomy for anyone without special legal status.
Enjoy your freedom responsibly, citizen-unit. Or else.
One diplomatically. The EFF doesn't want to overtly suggest that law enforcement are scumbags and thugs who abuse any system and can't ever be trusted. All sorts of people would rally together to defend poor law enforcement and that fight isn't productive.
Two, there is no perfect system. There can be no perfect system. For starters we wouldn't know what perfection looks like if we saw it. Between the flaws in people, tools, technology, etc a perfect system is impossible. There will always be flaws, even if the flaws are largely people using a pretty good system. hence the argument about flawed systems. It's a pretty safe argument to make because it aligns with what happens in the real world.
>If someone were to design such a system but without flaws in its implementation, would EFF be OK with that?
Call us up when that outcome ever occurs. I'm predicting sometime after the 5th of Never.
>Two, there is no perfect system.
Yeah you are agreeing with me here.
I was debating whether to spell out that what I had in mind was the technical and mathematical parts of the system, but even that is impossible to get perfect. Adding in people, it is still impossible. Not more impossible. Still impossible. But we need to stop talking about how the technical part will be flawed. Yes it will be. But that's not the worst problem. The people part is the worst problem.
Talking about the technical flaws is the wrong argument to make. Naive people will just think "well, let's have our smart nerds work hard on it, and they will figure it out" and therefore the argument makes no headway. And naive people elect congress people. And presidents. Who appoint judges. Etc.
What the EFF needs imho is an argument that even the naive masses will understand. Not one that is vulnerable to bullshit talking points like "well if we can go to the moon, we can do this."
On the being diplomatic point, yes probably that's the case. I just think they could choose more of a realistic stance somewhere between the position of this paper, which is fairy tales pretending everything is OK as long as it's inside the US borders, and the rather extreme opposite position that you articulated with "law enforcement are scumbags and thugs..."
They could easily describe the more nuanced middle ground reality which if seen clearly, should be devastating to the whole idea. Even the US president is not trustworthy, for starters.
1) External - The NSA so grandly showed that even the most important secrets kept by the most guarded and well-funded agency can be stolen. Imagine if Russian or Chinese hackers gain control of it...
2) Internal - Is there a government agency that hasn't had a bribery scandal?
3) Government overreach - Imagine these tools are in place and a president decides to target adversaries...
4) Petty - You're break up with a police-person goes poorly and they decide to get even...
- There really isn't anything nefarious in trying to find a good case to set precedent. That's actually the EFF's (and ACLU, etc.) business model: find the most sympathetic plaintiff for the issue you want to litigate to improve your chances in court (and the court of public opinion).
- A method that is "90% ready" just isn't ready. Not only are such numbers meaningless in such a project. It just doesn't matter, legally, if you gain such capabilities in the future. A good faith interpretation of the FBI's motivation must also accept that if(!) the FBI had any interest in the phone's content, that interest was urgent.
I also consider the EFF's and tech community's technical arguments to be rather weak and transparent attempts to skirt the core issue: we don't want backdoors for governments, period.
By suggesting technical difficulties they are trying to shift the debate from the political sphere to the technology. That's probably good for the cause, but it circumvents the mechanism we have established for policy debates, namely democracy.
The difficulties also seem to be far exaggerated: a 1-of-2 encryption scheme should be possible. There are several such schemes (like 2-of-3) working flawlessly for Bitcoin already.
Safekeeping of master decryption keys also seems to be a solved problem. Certificate Authorities, as just one example, seem to do so mostly without any hitches.
As I read it, this is not about finding a nice court case, it's about misleading the courts with the respect to the necessity of the back door. In other words, they weren't finding a sympathetic case, they were manufacturing it.
Absolutely. Now they kinda of gave Comey the benefit of the doubt saying "he didn't know" but it turns out ROU team was doing it.
---
The OIG report concluded that Director Comey didn’t know that his testimony was false at the time he gave it. But it was false, and technical staff in FBI’s own ROU knew it was false.
---
Not sure what happened there. I think there are two levels of "truth" one is what is written and recorded, and the real "truth". How did ROU started working on the device to begin with. Did they go to the evidence box and started tinkering with the phone when CEAU wasn't watching? Did they clone the device and handed it to multiple teams "here if anyone of you can figure it out, you get an extra 10 days of vacation" or something like that.
On the manufacturing part. FBI, likes to manufacture evidence and skirt around entrapment whenever possible. What better way to look important and get more power than making your own reality. Here is their informant infiltrating a mosque in Irvine, CA and radicalizing people. http://www.latimes.com/local/orangecounty/la-me-muslim-fbi-2... he was reported to the, wait for it, ... FBI. There are other cases as well: https://theintercept.com/2015/01/16/latest-fbi-boast-disrupt...
In this scenario, all Comey had to do was NOT ACCEPT the final report from the unit working on the phone, and that project would remain at <100% indefinitely. In a military beaurocracy setting, until a work order or transfer order is signed off by the one who issued it, it is not legally binding as being completed. Also, easy for Comey to tell the unit not to contact him with any details so he wouldn't have to purjure himself.
In any case, he really should be in jail, as he is a total sociopath and all of those FBI guys are guilty of watching kiddy porn.
What? I was with you up until that point. Then you lost me.
There is something nefarious about trying to set precedent when the precedent is conscripting companies into the surveillance state. They lied about their capabilities in order to force a company to break their product on their behalf.
The guy supposed to be looking for technical solutions, upon finding someone had asked vendors about technical solutions:
“Why did you do that for?”
We don't really want them. However, by longstanding precedent they're entitled to them whenever the technological system at hand enables it. Telephony, postal service, and so on.
You're absolutely right! Democracy is exactly the method to apply to a political issue. It's so applicable, we applied the democracy mechanism to this issue centuries ago and continue to do so. If we fall back to it here, we're going to lose, and we'll be forced to include backdoors in everything.
> Nothing nefarious about finding a good case...
There is something nefarious with lying about, or being willfully ignorant about, needing the backdoor in the first place. When you testify to the Court and to Congress there is no other way, it can’t be because you didn’t bother to ask.
> A method that is 90% ready just isn’t ready.
If you look at the timeline the method was ready and demonstrated to the FBI within a month. That’s a lot faster than the courts could even begin to move on the case, and wouldn’t you like to think in a national security case the FBI would be working expoditiously to unlock the device rather than score political points?
> The difficulties [of backdoors] seem to be exaggerated.... working flawlessly for Bitcoin already
That’s a very interesting definition of “flawlessly” you’ve got there. I could cite the long list of grievously damaging government and private sector breaches, and just note that none of them were as enticing as a golden key to unlock global encrypted comms.
Our security sucks enough without intentionally weakening it. But more importantly, only the law abiding citizens would be using the backdoored encryption. Real encryption doesn’t magically go away because you publish a broken algorithm.
Any method they would have gotten from Apple was roughly zero percent ready, meaning the 90% one was more feasible than going through Apple.
It's not a 'business model' and there is a fundamental difference between advocates cherry picking their cases and approach and the state and its law enforcement apparatus doing so. The latter demands a great deal more scrutiny.
Safekeeping of master decryption keys also seems to be a solved problem. Certificate Authorities, as just one example, seem to do so mostly without any hitches.
Those secrets are not nearly as valuable or potentially damaging and there are lots of mechanisms in place to externally mitigate and detect their potential loss and abuse.
https://en.wikipedia.org/wiki/Ninety-ninety_rule
BUT, IMHO another needed consideration should be about what was (reasonably) expected to be found on the device, and since - one way or the other it was unlocked - what was actually found on the device.
My personal guess is nothing-nothing, some of the often forgotten news about the specific case:
[1] The AppleID was changed after the phone was already in Government custody, thus self-sabotizing some possible recovery ways
[2] The couple went into an extensive and thoroughful destruction of all the other electronic devices, exception made for the (county issued, i.e. "work only") iPhone
[3] An actual statement by an investigator saying that most probably the phone contents (if any) were useless
[4] The DA mentioned a mysterious "lying dormant cyber pathogen" among the reasons why it was vital to obtain access to the iPhone
[1] https://www.wired.com/2016/02/apple-says-the-government-bung...?
[2] http://www.cbc.ca/news/business/apple-must-help-hack-san-ber...
[3] https://theintercept.com/2016/02/26/farooks-iphone-is-probab...
[4] https://www.theguardian.com/technology/2016/mar/04/san-berna...
I'm merely attacking the specific line of argumentation the EFF is using. I consider it both intellectually shoddy and bound to be counter-productive.
(Unfortunately, HN doesn't appear to understand such nuances.)
The point is can we expect to be able to access this data in a time frame which is suitable for this evidence to be used at this trial. The answer is that there was no need for apple's assistance and Comey is a liar.
The governments position was that this man and criminals like him would go free without forcing apple to backdoor their phones.
A solution that is 90% ready works but may require significant work to be ready for an agent to plug in a phone push a button and get root. Anything else is pure wishful thinking on the part of law and order fans who don't want the law to be in the wrong on anything. The fact that it was factually ready in 3 weeks proves this beyond a shadow of a doubt.
Neither an apple assisted solution nor the hack they were working on would have been ready to use tomorrow.
The government stated that they needed apple to break ios in order to nail a creep. This was a lie. The actual worst case scenario isn't this scum getting off. The actual worst case scenario would be us buying the line of bs they are selling and giving up more of our privacy.
> The government stated that they needed apple to break ios in order to nail a creep. This was a lie.
It was not. The specific question was:
"[are you] testifying today that you and/or contractors that you employ could not achieve this without demanding an unwilling partner do it”
The answer was affirmative, and correct for that point in time. It wasn't quite the "whole truth", but it was true. And there are any number of reasons you'd not want an unfinished project to become public.
Also: the government's position was never that "this man would go free" or that they intend "to nail a creep". That man/creep was dead.
Regarding being dead sorry I was thinking of the child porn case not the shooter my mistake.
Quoting from this Buzzfeed article from February 2016. [1]
> "The Apple ID password linked to the iPhone belonging to one of the San Bernardino terrorists was changed soon after the government took possession of the device, Apple, San Bernardino County, and federal officials have acknowledged over the past 48 hours. If that password change hadn’t happened, senior Apple executives said on Friday afternoon, a backup of the information the government was seeking may have been accessible."
> "The Apple executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident."
> "Apple sent trusted engineers to attempt that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed sometime after the terrorist's death -- within 24 hours of the government taking possession of the phone. By changing the password, the government foreclosed its ability to obtain a fresh copy of the most recent device data via this back-up-to-known-wifi method."
[1]: https://www.buzzfeed.com/johnpaczkowski/apple-terrorists-app...
Why do people believe this? It will only make things more complicated and more complicated usually means easier to break.
They write At the same time, according to the OIG report, the chief of the FBI’s Remote Operations Unit (the FBI’s elite hacking team, called ROU) knows “that one of the vendors that he worked closely with was almost 90 percent of the way toward a solution that the vendor had been working on for many months.”
90% finished with no definitive end in sight? That doesnt sound like a solution.. then the EFF concludes:
March 1, 2016: Comey testifies... The OIG report concluded that Director Comey didn’t know that his testimony was false at the time he gave it. But it was false, and technical staff in FBI’s own ROU knew it was false.
No it was not false. It was completely true at the time. 90% is not a solution. Comey does not have a time machine to see when/if the exploit would be completed.
March 16, 2016: An outside vendor for the FBI completes its work on an exploit for the model in question.
Now they have an exploit.. and what does the FBI do? They drop the their alternative approach involving the courts and apple.
Making weak, clearly disingenuous (or worse, technically clueless if they really believe 90% is the same as 100%) arguments do not help the EFF. This will be the first part that their opponents latch on to and attack.
The two are very different.
And still people would say, when asked if they were done done done, “yes, but...”
At some point the developer is done with a task even if the task isn’t done with them. And they will make any rationalization necessary to take partial credit for completion.
I would guess that coming from a company selling security solutions to law enforcement, it'd be more like the latter (ie, it basically works and needs polishing).
Saying that the vendor was "90 percent of the way toward a solution" could mean anything; for example, they had the hack, but were testing it to see if would work for all iPhone models.
If you're going to throw out a conspiracy theory, you should have something to back it up.
In fact, if you read the report, which includes these statements, "In the (FBI elite hacking unit) Chief’s view, the fact that he was not asked for help sooner was not a mistake in judgment or communication breakdown on CEAU’s part, but rather the result of a long-standing policy that the ROU Chief understood created a “line in the sand ”against using national security tools in criminal cases." -- which if true, given the events were a known terrorist attack, would have made the events a national security matter.
For some of these agencies I would almost expect them to, let’s say embellish or fabricate, under oath to protect highly classified information. Does that not make them a tainted witness if they have to speak in half truths under oath?
The only way to get an absolutely fair trial would be if all of the information were declassified, or the judge, jury, and lawyers had security clearance. And who without a high clearance could judge what is pertinent to the case?
I think we have always known that justice and secrets clash, which is why we have (had) watchdog groups as a compromise.
Sadly, this has been the EFF's Mo in recent years. They have an ongoing series of blog posts where they try to make hay out of some patent or copyright court ruling that they deeply misinterpret.
It's not a fair fight by nature. Why hold the only defender in the arena to a higher set of standards?
The situation is a bit different where an organization like the EFF is talking directly to the public.
I feel the same way about marijuana supporters.
If it was ready 3 weeks later 90% ready means we have 100% broken the security involved and are wrapping this is a reasonable interface and writing documentation. Our developer could plug in your phone and crack it right now but we need to build something with buttons and documentation.
[0]:https://en.wikipedia.org/wiki/Vault_7
EDIT: Also it's not hacking/breaking in when it's a built in backdoor.
Do you mean the Israeli intelligence agency Mossad? Mussolini was the name of the fascist Italian dictator.
Hasn't it been show time and again that, on any sort of reasonable timescale, there is no such thing as a secure backdoor? Governments wanting one to exist cannot change the nature of software, especially with the current pentesters out there. If such a backdoor exists, someone will find it.
On the other hand, the fact that the FBI used this to gain legal powers in the vein of the burning of the Reichstag is unacceptable.