Anti-Surveillance Coalition That Includes Apple Condemns Proposals for Device Backdoors

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, May 2, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    The Reform Government Surveillance coalition, which includes several major tech companies who have teamed up to lobby for surveillance law reform, this week released a statement condemning recent proposals for backdoor access into electronic devices and reaffirming a commitment to strong encryption.

    The coalition is made up of multiple tech companies who have taken a strong stance against weakening encryption, including Apple, Google, Microsoft, Dropbox, Snap, Evernote, LinkedIn, Oath (owned by Verizon) and Facebook.
    As ZDNet points out, the statement comes following a WIRED article profiling Microsoft chief technical Ray Ozzie and his suggestion for a solution called "Clear" that would supposedly provide law enforcement with access to encrypted data with less security risk.

    Ozzie's proposal uses a public key and a private key (housed and protected by a company like Apple) that are used to encrypt and decrypt a PIN generated on the device. No one is meant to be able to decode and use the PIN to unlock the device aside from the vendor, using the aforementioned private key.
    Ozzie demonstrated his "Clear" solution to representatives from tech companies that included Apple, Google and Facebook, according to WIRED, but unsurprisingly, none of them had "any interest whatsoever" in voluntarily implementing that kind of access into their devices and services.

    The coalition Apple is a part of in April published a core principle pledging to ensure device security through strong encryption and calling on governments to avoid taking actions that would require companies to "create any security vulnerabilities in their produces and services."
    The renewed activity from the Reform Government Surveillance group follows reports that have suggested law enforcement officials are quietly revisiting proposals that would require tech companies to add backdoor access into electronic devices for use by law enforcement officials.

    FBI and DOJ officials have been meeting with security researchers with the aim of developing approaches that would offer "extraordinary access" to encrypted devices like the iPhone, with DOJ officials reportedly "convinced" there is a way to create a backdoor without weakening a device's defense against hacking.

    Apple software engineering chief Craig Federighi recently said that this kind of backdoor access would "inject new and dangerous weaknesses into product security."

    "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," Federighi said.

    Apple vehemently opposes backdoor solutions like the one Ozzie proposed because they have the potential to weaken device encryption and provide new ways for bad actors to access device data.

    Apple's strong stance against weakened device protections for the sake of law enforcement access was highlighted in the 2016 Apple vs. FBI conflict that saw Apple refuse to create a backdoor access solution to allow the FBI to crack the iPhone 5c owned by San Bernardino shooter Syed Farook.

    [​IMG]
    GrayKey iPhone unlocking box via MalwareBytes​

    Without device backdoors, law enforcement officials have still found ways to crack devices like iPhones through other means. At the current time, for example, agencies like the FBI and DOJ have access to an iPhone unlocking box called GrayKey, which is capable of unlocking Apple's most recent iPhones running modern versions of iOS.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Anti-Surveillance Coalition That Includes Apple Condemns Proposals for Device Backdoors
     
  2. PotatoLeekSoup macrumors regular

    Joined:
    May 10, 2015
    Location:
    Texas
  3. camomac macrumors 6502a

    camomac

    Joined:
    Jan 26, 2005
    Location:
    Left Coast
  4. Black Tiger macrumors 6502

    Joined:
    Jul 2, 2007
    #5
    Good for Apple. There is an alarming trend towards sacrificing privacy in the name of “security”. The problem is when organized crime or hackers are able to utilize these back foot methods, and it seems that this is a greater problem.
     
  5. tridley68 macrumors 6502a

    tridley68

    Joined:
    Aug 28, 2014
  6. djlythium macrumors 6502a

    djlythium

    Joined:
    Jun 11, 2014
    #7
    Microsoft chief technical what?

    Anywho, not important. Ozzie is CLEARly on the gov’t’s payroll.

    Thank you, Apple, for steering clear of CLEAR!
     
  7. GermanSuplex macrumors 6502a

    GermanSuplex

    Joined:
    Aug 26, 2009
    #8
    This is simple;
    Government and/or companies should be allowed to hack into a device, if they can.

    They should not be allowed to force a company to build a simple entry point for their convenience.
     
  8. diipii macrumors 6502a

    Joined:
    Dec 6, 2012
    Location:
    UK
    #9
    Explain why not.
     
  9. GermanSuplex macrumors 6502a

    GermanSuplex

    Joined:
    Aug 26, 2009
    #10
    Because it compromises the privacy of everyone, not just lawbreakers.

    You’re only as strong as your weakest link, and the government wants to force a weak link onto a chain.
     
  10. bitfactory macrumors 6502

    bitfactory

    Joined:
    Jul 22, 2002
  11. litmag01 macrumors regular

    litmag01

    Joined:
    Jul 16, 2009
    #12
    Silly! Privacy is for chumps. Where there is a will and money the will always be a way. Right now, the US Government is the wealthiest entity on the globe.
     
  12. tzm41 macrumors regular

    tzm41

    Joined:
    Jul 11, 2014
    Location:
    Boston
    #13
    Ironically Facebook is in the coalition, while their WhatsApp head is leaving because Facebooks wants to weaken its encryption.
     
  13. nt5672 macrumors 68000

    Joined:
    Jun 30, 2007
    #14
    Its actually pretty smart if you are a government that want to be in control of everything, think Venezuela, etc. In fact it is so important that history has shown it is one of the very first things done by dictators/rulers/kings when they take over over.

    Reading sealed notes being sent from the castle was important. They did not have smart phones, but the strategy is the same. Dictators cannot exist when the people have secret communications.

    Ever wonder why America is as fixated on this as China and Russia? Government transparency and personal privacy are both anathema to the ruling elite in all countries. If we don't fight for both, then we will have no freedoms. Our American Founding Fathers knew this.
     
  14. madKIR macrumors 6502a

    Joined:
    Feb 2, 2010
    Location:
    NYC
    #15
    1984 much lol
    They’re talking about having these PIN codes stored somewhere, “highly trusted employee” will have access to it. Jeez! It sounds hilarious! It all would be hacked and/or sold by those “highly trusted employees” in a blink of an eye!
     
  15. chucker23n1 macrumors 68020

    chucker23n1

    Joined:
    Dec 7, 2014
    #16
    Still trying to figure out if Ozzie is clueless or has undisclosed skin in the game. Anyone with a basic understanding of cryptography knows Ozzie’s approach isn’t feasible.
     
  16. 78Bandit macrumors 6502a

    78Bandit

    Joined:
    Jun 13, 2009
    #17
    This is the Clipper Chip from back in the 1990's all over again. It didn't work then and it won't work now.

    I'm sure requests to access the backdoor keys will be shrouded in secrecy like FISA requests currently are. Nobody will ever know how often police are allowed to crack open devices and use that information to identify a path to other evidence they will say was independently obtained.

    Any backdoor is bad policy from a privacy or a technical standpoint.
     
  17. now i see it macrumors 68030

    Joined:
    Jan 2, 2002
    #18
    That GrayKey password cracking box is tiny. Looks like a Mac mini. As I recall, it can crack a 6 digit password in a few days. Who needs a back door?
    In case anyone chimes in saying to use a 10 digit passcode with Touch ID or face Id disabled- just try using your phone for a day with an alphanumeric 10 digit passcode. I guarantee you'll want to throw your iPhone in the trash. Too much trouble.
     
  18. chucker23n1 macrumors 68020

    chucker23n1

    Joined:
    Dec 7, 2014
    #19
    Six digits in a few days, but seven digits in about a month. So that’s plenty.

    As for longer passwords: mine is 11 characters. I have to type it a few times a day; other than that, I use Touch ID.
     
  19. WannaGoMac macrumors 68020

    WannaGoMac

    Joined:
    Feb 11, 2007
  20. vladi macrumors 6502

    Joined:
    Jan 30, 2010
    #21
    What a bunch of bollocks. Try running encrypted communication service based in US and you will see it yourself that whole backdoor policy is already very well implemented. Just ask Lavabit guy.
     
  21. krause734 macrumors 6502a

    krause734

    Joined:
    Jul 30, 2010
    #22
    An alphanumeric password of 10+ characters would take long enough for the dead bodies to decompose. Thanks Tim!
     
  22. -BigMac- Suspended

    -BigMac-

    Joined:
    Apr 15, 2011
    Location:
    Melbourne, Australia
    #23
    LOL thats because Facebook doesn't even need a backdoor.
    It willingly sells your information
     
  23. thisisnotmyname macrumors 68000

    thisisnotmyname

    Joined:
    Oct 22, 2014
    Location:
    known but velocity indeterminate
    #24
    I fully support efforts to keep encrypted devices strongly secured.
     
  24. Rhonindk macrumors 68040

    Rhonindk

    #25
    While Ray Ozzie's thoughts may have some merit (may have) overall I fail to see why companies would want to implement this. It places the ownership in the event of a failure or leak of keys on these companies. Then you start thinking about a remote option (NSA / Nation States) or OEM's that reside in foreign countries.

    Backdoors that are absolutely safe and cannot be misused? Don't see that happening anytime soon.
     

Share This Page