I, like many people in America, have a safe at my house. There are items in the safe that I wouldn’t really care if everyone knew about and saw and there are some items I would hope no one knows about or sees. Every safe has some key to open it, whether it’s a physical key or a combination. Now, let’s say I was under a criminal investigation. If the government wanted to see what was in my safe, they would have to get a warrant and then they would have to drill or cut open the safe. They wouldn’t call SentrySafe and tell them that they need to open it for them, or that they needed to create a default combination for every safe that the government could open this one with. As a matter of fact, if the government required MasterLock to create a master key for every lock they ever built, the public outrage would be so great that it would never come close to passing.
This is what’s happening in California. A judge in California has ordered that Apple must offer a “master key” solution to get into the San Bernandino shooter’s iPhone. There’s a lot of news coverage on this and Tim Cook has even addressed it in an open letter. This battle could define the future of technology and no one really knows what the issue at hand is. There are two semi-related but distinct issues.
- Encryption of personal devices
- The ability to lock a personal device
Encryption of Personal Devices
The earliest version of computers were designed for data processing and encryption and decryption. The famous Enigma was used to send encrypted messages for German warfare in World War II. As devices have moved from the hands of governments, companies, and research institutions to personal devices there has always been a question of their role. As communication has grown on these devices, it has changed some of what is available to people. As people store more data, government agencies have been concerned with how to get that data. Great encryption is like taking your safe and burying it somewhere in the world and losing the map so that only you know where it is. People can ask to see what’s in your safe, but without your help it is virtually impossible to look in it. This has been a hot topic recently with two states, New York and California, discussing laws to ban encryption of personal devices that the government can not get into. The argument for is that the government may need this information for a criminal investigation. The argument against is that once someone has that map, even if it’s the government, somebody else can get the map and use it for nefarious purposes. This has been a fight for sometime and is often correlated with the current discussion of San Bernardino, because it does apply somewhat. Apple continues to say that they locked all these iPhones before sending them to consumers and threw away all the keys. However, the issue with the San Bernardino shooter is that his phone has a passcode lock.
Ability to Lock a Personal Device
No one would argue against the right to lock a personal device from prying eyes. We have locks on our cars and homes and even lock our luggage up before we put it on a plane. The issue with the current news story is that the San Bernardino shooter locked his iPhone. He also enabled the ability to have it wipe after 10 incorrect passcode attempts. The government is requesting demanding that Apple provide them a tool to bypass the 10 incorrect passcode attempt limit and brute force their way into the phone. This is what a judge has ordered Apple to do and Tim Cook insists that they can not do. This is similar to the above as the government is asking Apple to provide them access to the data within a locked phone because they are the manufacturer. Apple argues that if the government has this ability, it can use that on any device and it’s never “just this one time on this one device”. Using the safe from the first paragraph, if I wired up my safe to incinerate its contents whenever someone tried to open it, the government wouldn’t impose that someone had to help them open it.
The Misunderstanding
The common misunderstanding is that Apple can just get the data off of the phone and hand it to the FBI. That’s not how this works. If the backdoor existed, it would be available to everyone. These backdoors are how people jailbreak phones, but all of them require for the phone to have already been unlocked prior to being able to load any code. As someone who’s jailbroken a phone, there’s also a significant chance that you will lose all of your data on the phone which would render this ineffective to get all of the data off of the phone. If there was a backdoor in the iPhone, and a hacker used it to retrieve the financial data of all people with iPhones, the government would go after Apple and asked why the backdoor existed. It seems unfathomable that there should be different rules for different people. Apple doesn’t have access to the phone for the same reason that people change the locks when they buy a house. If the original owner/builder/manufacturer has a key to the lock, the lock is useless. You wouldn’t want a contractor to not put a lock on your backdoor. You wouldn’t only lock the driver’s door to your car. Why would you expect your phone to have another door wide open to anyone who finds it?
What Does it all Mean?
We all have some information we don’t want people to have access too. Our phones have a plethora of pictures, personal data, financial information, our recent locations, and passwords that we have entrusted to be stored on the phone and safeguarded. This is done with the encryption of the device. Once a back door is opened, it can not be closed easily and it’s accessible to everyone.
I mentioned above that we all lock our luggage when we travel. However, due to “national security” we have to use a very specific lock that is regulated by the TSA. They say that they are secure and only the TSA can open them. However, these locks are not secure and have been “hacked”. Do we really want to allow the government to do the same thing with our phones?
This is a critical moment, and Apple is hoping to be on the right side of history. We all have to support the initiative Apple is taking to protect customer’s data with the highest regard. This is why they compute everything at a device level and doesn’t submit it all to the cloud. They are fighting the government to protect everyone’s data because they fell they have been trusted with that data. It’s important to know that they are fighting for both their right to encrypt their products and our right to lock our phones from prying eyes. The government can not just go around looking for ways around warrants and justice. If this tool to bypass security ever exists, it will be used.
If the government wins this battle, it would be likened to the government making us take all the locks off of our digital houses. Our safes are no longer safe and our cars are wide open. While the White House Press Secretary can get up at a podium and say that Tim Cook is wrong and they can just unlock this one phone this one time, that isn’t how technology works. Because once you take the lock off your door for the government, the lock is gone and anyone can push in your door and invade your private life.