Security of data

Hmack posted:

Winkyincanada posted:

"Terrorism is an absolutely trivial risk in the hierarchy of stuff we should worry about." 

Winky,

This may well be the case in Canada, but in mainland Europe (in particular) the threat is very real indeed. I agree with George and others that the fight against terrorism should over-ride our concerns about everyone's rights to privacy.  

Nope. Even in the worst year ever, 191 fatalities (Madrid bombings) attributed to terrorism in Europe. Obviously not trivial to those directly affected, but rounding errors when considering the overall causes of death (disease, suicides and motor vehicle accidents). The risk of terrorism is that we will be terrorised, not that we will be killed. To deflect such a risk we simply need to carry on as normal. Giving up privacy and freedoms is not the right response.

I would remind our correspondent from Canada of the terrorist bombings of the 7th July 2005 in London, which have not been followed up with similar since because of the stupendous success of the security services in being one step ahead. 

Fancy if something of the sort had been managed during the London Olympic Games?

As no normal person would take part in such an action, then it hardly matters that we as individuals are already being scanned - at the discretion of the security services - to prevent the likelihood of a repetition.

If more sophisticated channels of surveillance are required to combat terrorism with advancing technologies this will be nothing more than the security services being given the means they require to maintain the correct guard against criminals. And not some creeping menace ...

ATB from George

George Fredrik Fiske posted:

I would remind our correspondent from Canada of the terrorist bombings of the 7th July 2005 in London, which have not been followed up with similar since because of the stupendous success of the security services in being one step ahead. 

Fancy if something of the sort had been managed during the London Olympic Games?

As no normal person would take part in such an action, then it hardly matters that we as individuals are already being scanned - at the discretion of the security services - to prevent the likelihood of a repetition.

If more sophisticated channels of surveillance are required to combat terrorism with advancing technologies this will be nothing more than the security services being given the means they require to maintain the correct guard against criminals. And not some creeping menace ...

ATB from George

Still nope. The main reason there are not more terrorist attacks is the lack of people who actually are prepared to carry out such attacks. But even if attacks were 10 times more frequent, they would still be statistically trivial compared to other causes of death, injury and disability, and would still not warrant government snooping into individuals' private affairs.

It matters very much to me if I am being "scanned", although nothing much of consequence would likely be found. Even more concerning is the weakening of encryption protocols (in the name of "security") that makes my personal details, banking access, titles to property etc increasingly vulnerable to criminal activity. Those brave enough to engage in genuine and worthwhile dissent against odious and cruel regimes are also placed at risk by these efforts by governments to weaken the privacy of encryption.

Nope!

Whilst I do have a lot of sympathy for your argument, Apple is still not justified in refusing to provide access to a phone belonging to a proven terrorist. Of course, if they are only able to do so by opening up all phones, the counter argument has some sway. However, if they have the ability to gain access to a single phone without totally generically compromising security, then they have no valid case.  

I really think this is a side story... The real reason I suspect is the FBI or whoever it is in the US want to pressure Apple (and others) into providing back doors. Governments hate being told no...

i think the terrorism  angle is a bit of political spin to gain some emotional support...  which if the case is as vile as terrorism itself. So often there is subterfuge with news management and spin around security issues.. 

From what I understand McAfee have offered to hack the phone for free to get the data, and apparently the US authorities are not interested as perhaps it doesn't address the back doors issue that they would prefer... However I'd be suprised if  McAfee are successful, but you never know.. and thier method of hacking that phone doesn't apparently start with that physical phone...

I suspect you've nailed the US security services' motivation here, Simon 

You may well be right, and I find myself arguing here against my normal position on these matters.

Winky, could I ask you to go back a generation or two and answer this question.

If a proven terrorist (40 or 50 years ago) had posted 12 items of (old fashioned) mail just before committing an act of terrorism, and the FBI or local equivalent had asked the Post Office to hand over these documents for inspection, what then would your position be?

1. Should the Post Office hand the items over to the FBI?

2. Should they refuse to do so and destroy them so that they could not end up in the hands of the FBI?

3. Should they refuse to do so and forward on the letters the items to their intended destination and refuse to provide the addresses to the FBI? 

It may well be that the aim of the FBI is to introduce dangerous loopholes in our security safeguards, but on this occasion they were simply asking (as I understand things), that Apple unlock this one device for inspection.

But to the point that I keep making, if there is a backdoor possible for Apple for this one device - by definition the device will be inherently insecure - the vulnerability will exist for any suitably equipped criminal for all Apple devices of this type... with security and encryption you need a different mind set if you want things to remain secure... terrorists, court orders, governments, cyber warfare - these are all distractions. Technology knows no boundaries - it is  people that know how to exploit technology weaknesses if they should exist.

Working with distributed networks, it never ceases to amaze me who and what appear to exploit the slightest vulnerability or weaknesses. The guys I work with have some very smart tools for global analysis of this - and you can guess who has been interested in these tools.....

Ok Simon,

In which case Apple should simply have responded that the request is one that they are simply not capable of fulfilling.

I wouldn't trust anything that McAfee says, but he seems to think that he (and presumably any similarly capable group of individuals) are already able to do what the authorities have requested.

I don't really disagree - but there is also a possible case of 'known knowns and known and unknowns' - i.e. it is sometimes better to neither confirm nor deny - but I don't know - or do any of us - know what the actual communications have  between the authorities and Apple?

The McAfee thing is a bit of baiting no doubt - i understand there is a political perspective to the offer.. but if you were really desperate for the info would you not accept it?? - what have you to loose either way?  But quite, if his company can do it - then almost certainly so can the IT spooks working for the US government.. which supports my theory this really is a side story...

I take the points you make as well, Simon. This is a very difficult issue, and I find myself at different points of time on different sides of the argument.

This particular individual (and his wife) may well have been incredibly misguided individuals acting on their own, and so denying the request may not cause much harm.

However, if the phone was linked to an individual involved in the recent Paris attack, and there was a possibility that by accessing information on the phone could potentially help prevent another equally bad or even worse follow up attack, then I would come down fully on the side of the authorities. Indeed, if the concept of 'known knowns and unknown knowns" applies, then if I were an Apple executive I would volunteer to provide the authorities with access to this particular phone and simply not publicise the fact.     

Not sure I fully understand the technicalities of this situation. Based on what Simon said, it is all down to technicalities.

Can Apple actually access the content and de-code this dead persons i-phone content ? If so, they should. Ifthey can, so can others - with effort.

If Apple can't de-code it, then neither can others.

For the future, does society want encryption that simply cannot be broken (not even by Apple). Or does it want encryption that can be broken, albeit easily by the "Authorities" but inevitably and hence unfortunately (with some difficulty) by "Criminals"

Hmack posted:

You may well be right, and I find myself arguing here against my normal position on these matters.

Winky, could I ask you to go back a generation or two and answer this question.

If a proven terrorist (40 or 50 years ago) had posted 12 items of (old fashioned) mail just before committing an act of terrorism, and the FBI or local equivalent had asked the Post Office to hand over these documents for inspection, what then would your position be?

1. Should the Post Office hand the items over to the FBI?

2. Should they refuse to do so and destroy them so that they could not end up in the hands of the FBI?

3. Should they refuse to do so and forward on the letters the items to their intended destination and refuse to provide the addresses to the FBI? 

It may well be that the aim of the FBI is to introduce dangerous loopholes in our security safeguards, but on this occasion they were simply asking (as I understand things), that Apple unlock this one device for inspection.

 

1) No. But even if they did, the flow-on effects are not the same as weakening encryption in the modern world. Allowing the FBI access to some letters does not have the same risk. It doesn't make the mail service any more vulnerable to criminals who would wish to steal letters in the future. In insisting on weakened encryption the FBI is effectively asking the mail service to leave the doors to the post office unlocked when they go home.

2) I don't have a view as to whether they should destroy the letters, other than to say it wouldn't matter much.

3) It wouldn't matter one way or the other.

Winky,

Now, I fundamentally disagree with you.

In my opinion, option 3 would not only not 'not matter', but it would be criminal, and complicit in potentially helping to enact another atrocity.

As I understand the situation, the authorities were not asking for Apple to implement weakened encryption in all of their devices (even if they would secretly or otherwise desire this). They simply asked Apple to help them gain access to data on this particular device. If there already is a 'backdoor' entry to the device put there by Apple, then Apple had the option of complying with the request. If not, they had the option of stating that they simply were not capable of complying. Again, as I understand the situation, they did not claim that they could not comply, but rather that they choose not to do so. 

Simon-in-Suffolk posted:

I really think this is a side story... The real reason I suspect is the FBI or whoever it is in the US want to pressure Apple (and others) into providing back doors. Governments hate being told no...

i think the terrorism  angle is a bit of political spin to gain some emotional support...  which if the case is as vile as terrorism itself. So often there is subterfuge with news management and spin around security issues.. 

From what I understand McAfee have offered to hack the phone for free to get the data, and apparently the US authorities are not interested as perhaps it doesn't address the back doors issue that they would prefer... However I'd be suprised if  McAfee are successful, but you never know.. and thier method of hacking that phone doesn't apparently start with that physical phone...

No.

Do not confuse the bizarre ramblings of John McAfee (who hasn't worked for McAfee the company since 1989) with what McAfee (actually now Intel Security) say and do.  Intel Security hasn't offered to decrypt the phone, that's John McAfee and he's just doing it to gain air time.

In an earlier post you said that either we allow encryption or we outlaw it.  The middle ground would be to allow it but not allow particularly strong encryption, so that an organisation with a decent amount of processing power available to it could crack the crypto.  This is essentially what France has done through legal means.

The latest iPhones are apparently very secure.  Part of the private key is kept in a secure enclave; essentially a separate processor that executes outside of iOS.  The key is stored in NVRAM, wiping that would make it next to impossible to recover.  However this particular terrorist was using a 5C which doesn't feature the secure enclave.

Graham

(A McAfee/Intel Security employee, although these are my own thought's not my company's).

Hmack posted:

As I understand the situation, the authorities were not asking for Apple to implement weakened encryption in all of their devices (even if they would secretly or otherwise desire this). They simply asked Apple to help them gain access to data on this particular device. If there already is a 'backdoor' entry to the device put there by Apple, then Apple had the option of complying with the request. If not, they had the option of stating that they simply were not capable of complying. Again, as I understand the situation, they did not claim that they could not comply, but rather that they choose not to do so. 

Correct, the FBI stated that Apple could be given physical access to the phone in question.  Apple could in theory create a new build of the iOS operating system to remove some of the controls (for instance removing the enforced delay between attempted incorrect passkey attempts).  This could be installed on the phone meaning that Apple wouldn't have to give the compromised software to the FBI and again in theory could retain control of it.

Hmack posted:

Winky,

Now, I fundamentally disagree with you.

In my opinion, option 3 would not only not 'not matter', but it would be criminal, and complicit in potentially helping to enact another atrocity.

As I understand the situation, the authorities were not asking for Apple to implement weakened encryption in all of their devices (even if they would secretly or otherwise desire this). They simply asked Apple to help them gain access to data on this particular device. If there already is a 'backdoor' entry to the device put there by Apple, then Apple had the option of complying with the request. If not, they had the option of stating that they simply were not capable of complying. Again, as I understand the situation, they did not claim that they could not comply, but rather that they choose not to do so. 

When I say wouldn't matter, I mean in  a generic sense, not that access to this information, in this case, might help catch a criminal. A disadvantage to the prosecution of related individuals may be a result of Apple's stance, but as I said previously, these sort of terrorist attacks are actually trivial when compared to what we really should be worrying about. Would we be at a greater risk had the phone never been recovered? Maybe, but it is a bit of a stretch. The phone is just one piece of evidence.

The risk is that code or modifications engineered to de-crypt this phone (actually they want to hack the password) become public, or otherwise leak out, weakening information security generally. OK, that might not even be a real risk in this case, but the legislative and procedural precedent carries risk that future information security is globally compromised for the foreseeable future.

http://www.smh.com.au/comment/...20160221-gmzh5t.html

Hmack... The problem is (as I've seen reported elsewhere) the inevitable creep...

if Apple give in on this, the next time there is a similar but perhaps slightly less "serious" situation the courts will go ... "Yes but you did it before you you can do it in this specific case too..."

Before long the FBI will be saying, well why don't you just give us the code to enable use to do this, will be a lot easier for us all ... Of course we'll only use it with a court order so it doesn't matter.

Once the FBI have that ability, everyone else in investigative services in USA will be wanting that ability.  Courts all over will be saying they should unlock other phones.  And the "friendly" nations will also want it ... MI5 ... Scotland Yard ... DGSI/DGSE (French secret service).

Now that "ability" is widespread will inevitably lead to several conclusions (IMO) first there is inevitably someone who will become tempted to use that ability without court order / proper checks and balances; second as the ability becomes more widespread it becomes almost inevitable that someone with a secret gets access to the technique so that technique gets sold to the criminals / terrorists and thirdly the terrorists learn that this ability is available and move to third party encryption which the FBI can't crack so therefore the whole process is pointless.

It's the same discussion that surrounded the Clipper chip back in the 90s and while the technology may have moved on, the philosophy behind it is still the same.

Bin Laden was a successful terrorist and he positively avoided any form of technology.

Politcal propaganda is fuelling this right now in the US, in a smilar to blaming refugees for crime, etc. in Europe.

We've become so dumb in America that the FBI thinks it can convince us that a terrorist keeps his plans and contacts on a cell phone and that is what they want this for. They've convinced Mr. Trump, need I say more?

So Apple can gain access to the content of this specific phone.

Thy don't want to and we are all suggesting reasons why they won't provide access.

Society accepts the need for confidential information, held in all sorts of format, to be revealed in certain circumstance subject to certain protocols. Generally access is painless. But access can be enforced if required. Access can be gained by the "Good" guys and the "Bad" guys.

"Bullet-proof" encryption of computers and phones is a reality. Does society want this. It is the equivalent of the perfect vault where the access combination evaporates on the death of the owner and further entry is impossible. Where the owner is alive (and kicking) a little bit of persuasion might be needed by the "Authorities" or the "Criminals" to gain access.

I prefer the option of strong, but not absolute encryption. With the usual safeguards for "Authorised" access and punishment for "unauthorised" access.

Don Atkinson posted:

So Apple can gain access to the content of this specific phone.

Actually that's not quite what is being asked...

The FBI want Apple to develop a "hacked" version of iOS to enable them to try all 10,000 combinations of 4 digit PIN without (a) the phone wiping itself after 10 incorrect attempts and (b) without it requiring a 5 minute (not sure the exact delay implemented) wait after the 3rd, 4th, 5th, attempts.

Graham Clarke posted:

No.

Do not confuse the bizarre ramblings of John McAfee (who hasn't worked for McAfee the company since 1989) with what McAfee (actually now Intel Security) say and do.  Intel Security hasn't offered to decrypt the phone, that's John McAfee and he's just doing it to gain air time.

 

No - you missed the later post - this is political baiting from John McAfee and his current organization. I have no knowledge if there is any connection with Intel Security - I doubt it and I think you have confirmed it - but it is an offer from J McAfee's current organisation none the less irrespective of what you think of him.

Don Atkinson posted:

Not sure I fully understand the technicalities of this situation. Based on what Simon said, it is all down to technicalities.

Can Apple actually access the content and de-code this dead persons i-phone content ? If so, they should. Ifthey can, so can others - with effort.

If Apple can't de-code it, then neither can others.

Spot on - you understand it perfectly