By now you have probably heard all about what the US government is asking of Apple and that the company is refusing to comply with their request. You may have an opinion either siding with the government or with Apple in the case. It is important to start with saying that there is no bad guy in this situation as of yet. And though I have my own personal opinions on the issue I thought I should spend a little time talking about the facts before sharing them.
First thing you should know is about the act the US Government has been using for many years now to order companies like Apple to unlock devices. The All Writs Act is its name. The current form of this federal statute dates back to 1911 — though it has been amended several times since. The act was originally from the Judiciary Act of 1789; which was signed by George Washington and was part of the first session of the US Congress. This basically set up the whole federal judicial system for the US. What it does is allows the government to issue a writ to a person or company compelling them to aid. The writ can be issues as long as they meet four conditions. Those conditions are:
- The absence of alternative remedies
- An independent basis for jurisdiction
- Necessary or appropriate in aid of jurisdiction
- Usages and principles of law
Basically, it has to be necessary, not violate the law, not rewrite the law, and be the only option available to the federal judiciary system.
Second, it’s important to know that this is not the first time the government has asked Apple to do this. According to a documents from a 2014 case in Oakland this is something Apple has done in the past. Court files specifically say “courts have ordered the unlocking of an iPhone under this authority” and “Apple has routinely complied with such orders.” How ever it is important to note that it is not said what exactly those other orders that they did comply with included. My thought is these orders involved Apple ID info; not unlock codes as Apple has no access to things like this. Though I don’t know if Apple compiled in the Oakland case, in the recent case involving the San Bernardino attack Apple has taken a “no go” stance. You may be asking why all of a sudden would they decide the government is overstepping if in the past they have complied. It’s because what they are asking means creating something to completely circumvent all the work they’ve done in the last few years to secure their devices.
With iOS 7 Apple took steps to secure iOS further than they have in the past with the addition of Activation Lock. A feature that the government praised. With iOS 8 and the addition of Apple Pay and Touch ID a secured element was introduced to the phone further strengthening it armor. Apple has zero access to any information on this secured enclave and no was to circumvent the encryption on iOS devices. A feature that was added years ago acts as a fail safe that wipes the phone completely after 10 failed password attempts. This it meant to protect you personal info for would-be thieves. Now, this feature is not on by default. Instead, your phone will lock for increasingly longer amounts of times after failed password attempts. It’s this feature is central issue in this case.
The FBI is asking Apple to create a version of iOS that can be loaded on the locked iPhone in question without erasing the device in order to allow them to attempt to unlock the device without the waits(or the phone wiping). Assuming the Erase Data feature is not active the issue the FBI would be facing is the amount of time added to every failed attempt to guess the passcode. When you fail to guess the passcode too many times the device locks any further attempts and only allows emergency calls out for 1 minutes; fail to access it again and it becomes 5 minutes, then 15, and so on. Depending if this phone used a Simple Passcode(4 digits), a custom numeric code, or an alphanumeric code then number of attempts needed to crack the device becomes larger and larger. Loading a version of iOS that eliminated the risk would allow a “brute force” attack on the iPhone. That means the iPhone will be connected to a computer that will keep attempting to crack the passcode using all possible combinations.
But of course, it is also entirely possible that this particular iPhone has Erase Data activated. Meaning any attempt to unlock the iPhone could lead to losing all the potentially important data stored on it. And data from a wiped iPhone is basically impossible to recover.
The FBI argues that the text messages, notes, pictures, and other data potential on this phone could help connect others involved in this act of terrorism. This is important because all those involved should have to face the justice system. They also say that this request is only for this one phone and is a one-time only thing. And Apple concedes that creating such a version of iOS is technically possible. But CEO Tim Cook says they have to weigh the potential good it could do against the potential harm fulfilling such a request would do to them and their customers.
Under the leadership of Tim Cook, Apple has taken a stronger stance on user privacy and security. Not to say Steve Job didn’t care about such things; but the commitment to protect privacy and to make user feel safe storing person info on their devices has been fundamental to many of the features Apple has introduced in the Tim Cook era. Features like Heath, Touch ID, and Apple Pay which Apple pushes to sell devices rely on the idea that you can trust that Apple has no access to your data and that storing it on your phone is safe and secure. If they create a version of iOS that circumvents those security measures and make a “brute force” attack to crack your passcode possible by the government then you eliminate that. You also open up the possibility that this will get in the wrong hands. In a world where the director of the NSA has his email hacked it’s not out of the realm of possibilities that such a version of iOS could be stolen and leaked online. That would completely weaken all of the strides they have made in the last few years.
Because of the concerns over what making a version of iOS that is capable to doing what the FBI is asking Tim Cook and Apple has decided to fight the writ.
So these are the facts. But like I said I also wanted to share my opinion of the whole situation. And share I shall. My first thought as a user of Apple products(I’m actually writing this article on my iPhone) is that I’m happy to see that the company has some integrity. The fight they are in isn’t easy but the fact that they are standing up against this; not for the particular case but the long term ramifications their actions could mean; makes me respect their position.
Reading Tim Cook’s open letter to customers spells out one huge flaw with what the FBI is asking. They keep saying that it will only be used in this one phone. But once it been created it can be used over, and over again. And we would only have the word of FBI that they wouldn’t. Having that would be way too tempting. Also, once created this version will either become a target for hackers or it will be recreated. Meaning doing so will risk everyone’s security. Think about how many exploits has been abused in the past. Remember that text that rebooted the iPhone? Now imagine a key to unlock some of the most stolen devices and the devices with the highest resale value in the US.
The next question for me is if Apple doing this would actually fit the four conditions of the All Writs Act. Remember, one of those conditions are that doing so will not cause violate any laws. But what Apple would be doing could be a violation of the users rights as is means Apple has created a way for them to access data they agreed they would not access or share. So would making this violate this legal agreement? That is a very important question to me.
As citizens of the United States we have the right to privacy. But more and more we have seen these right eroded in the name of protection. Though I am all for stopping people from hurting others, at some point we have to stop and ask ourselves how much of our rights is we willing to give up? Though the FBI says this is a one time request what’s to stop them from asking once again when they decide they need it? Or just using it because they know they have it? What’s to stop them from using the proposed software on other devices already in custody? We turn our noses at other countries when they monitor communications and require access to their peoples devices and email but we don’t bat an eye when our government does the same to “protect our freedoms.” From the NSA’s frighteningly monitoring tactics to the police use of Stingray; at some point we will have to decide when it’s going too far. I’m actually reminded of a George Carlin comedy album(You are all Diseases). In between jokes about Harley-Davidson themed restaurants and terms that we use that he found stupid he touches on the idea that we need to figure out how much of our freedoms we are willing to lose for the illusion of safety. This was the conversion Edward Snowdon was also hoping we would start having when he revealed what the NSA was doing. We have to stop avoiding the tough conversations and face these issues before it’s too late.