Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

In Apple vs FBI Case, Compromise Appears Elusive

Apple Store in Hong Kong

Apple Store in Hong Kong

As Apple’s legal battle with the FBI over encryption heads toward a showdown, there appears little hope for a compromise that would placate both sides and avert a divisive court decision.

The FBI is pressing Apple to develop a system that would allow the law enforcement agency to break into a locked iPhone used by one of the San Bernardino attackers, a demand the tech company claims would make all its devices vulnerable.

In an effort to break the deadlock, some US lawmakers are pushing for a panel of experts to study the issue of access to encrypted devices for law enforcement in order to find common ground.

Senator Mark Warner and Representative Mike McCaul on Monday proposed the creation of a 16-member “National Commission on Security and Technology Challenges.”

But digital rights activists warn that the issue provides little middle ground — that once law enforcement gains a “back door,” there would be no way to close it.

“We are concerned that the commission may focus on short-sighted solutions involving mandated or compelled back doors,” said Joseph Hall, chief technologist at the Center for Democracy & Technology.

“Make no mistake, there can be no compromise on back doors. Strong encryption makes anyone who has a cell phone or who uses the Internet far more secure.”

Kevin Bankston of the New America Foundation’s Open Technology Institute expressed similar concerns.

“We’ve already had a wide range of blue ribbon expert panels consider the issue,” he said.

“And all have concluded either that surveillance back doors are a dangerously bad idea, that law enforcement’s concerns about ‘going dark’ are overblown, or both.”

The debate had been simmering for years before the Apple-FBI row.

Last year, a panel led by Massachusetts Institute of Technology scientists warned against “special access” for law enforcement, saying they pose “grave security risks” and “imperil innovation.”

Opening up all data

“I’m not sure there is much room for compromise from a technical perspective,” said Stephen Wicker, a Cornell University professor of computer engineering who specializes in mobile computing security.

Opening the door to the FBI effectively makes any data on any mobile device available to the government, he said.

“This is data that was not available anywhere 10 years ago, it’s a function of the smartphone,” Wicker said.

“We as a country have to ask if we want to say that anything outside our personal human memory should be available to the federal government.”

Apple has indicated it is ready for a “conversation” with law enforcement on the matter.

But FBI Director James Comey told a congressional panel that some answers are needed because “there are times when law enforcement saves our lives, rescues our children.”

Asked about the rights envisioned by the framers of the US constitution, he said, “I also doubt that they imagined there would be any place in American life where law enforcement, with lawful authority, could not go.”

A brief filed on behalf of law enforcement associations argued that because of Apple’s new encryption, criminals “have now switched to the new iPhones as the device of choice for their criminal wrongdoing.”

Ed Black, president of the Computer & Communications Industry Association, which includes major technology firms but not Apple, said that although tech firms and law enforcement have had many battles, “there are many areas where we cooperate and where we find middle ground.”

But Black said the tech sector is largely united in this case because the FBI wants Apple to create weaker software or introduce “malware” to be able to crack the locked iPhone.

“On this narrow specific issue of ‘can companies be compelled to create malware,’ I think there may not be an answer,” he said.

‘Going dark’ fears

Law enforcement fears about “going dark” in the face of new technology have been largely exaggerated, Black said.

While access to encrypted apps and smartphones is difficult and traditional wiretaps don’t work on new technology, “there are a lot of other tools for law enforcement,” he said.

“There is more information available in 2016 than in any year since the founding of the country.”

Although law enforcement has growing expectations about using technology to thwart criminals, that type of power is too broad, Black added.

“If they are seeking a level of total surveillance capability, I don’t see a compromise available,” he said.

Wicker said that to give law enforcement access, Congress could in theory mandate that devices use automatic cloud backups that could not be disabled. But that would constitute a dramatic departure from current views about privacy.

“From an individual rights standpoint,” he said, “that would take away control by the user of their personal information.”

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Cybercrime

A hacker who reportedly posed as the CEO of a financial institution claims to have obtained access to the more than 80,000-member database of...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...