02 March 2016

More on the Apple encryption cases



Time has an article by Haley Sweetland Edwards about the on-going Apple situation:
A New York district judge’s ruling that the government can’t force Apple to unlock a drug dealer’s iPhone won’t necessarily affect the outcome of another, highly-publicized case over whether the government can force Apple to crack the San Bernardino, California terrorist’s iPhone.
That’s partly because the cases are proceeding through different Federal judicial districts; what happens in one doesn’t necessarily have a legal impact on the outcome of the other. It’s also because the cases are dealing with different technological issues. But that doesn’t mean the ruling is not significant.
New York Magistrate Judge James Orenstein ruled on the grounds of the 225-year-old All Writs Act, which is the same law in question in the San Bernardino case. The All Writs Act says that the government can order a person or company like Apple to do anything necessary to comply with an existing writ, so long as the government’s request is not “unduly burdensome”. The existing writ in this case is the FBI’s warrant to access the phone in question.
Since the All Writs Act has never been interpreted by a court in this context before, Orenstein’s ruling is instructive. His was a narrow reading of the law. He said that whatever that law was intended to accomplish, “it cannot be a means for the executive branch to achieve a legislative goal that Congress has considered and rejected.”
He then went on to argue that, since Congress has debated whether to pass a new law forcing tech companies to provide access to law enforcement officials under warrant and has repeatedly refused to pass such a law, that counts as a “rejection.” “Because such rejection can take many forms, only one of which (and arguably the least likely in most circumstances) is outright prohibition,” he wrote, “the government’s argument here is manifestly irreconcilable with the statute.”
Apple executives rejoiced, hoping that the judge’s logic will have a ripple effect. Perhaps the judge in the San Bernardino case, which is set to be heard in nearby Riverside, California court next month, will be “persuaded” by the decision, said an Apple executive who spoke on a conference call with reporters on condition of anonymity.
It’s worth noting that the New York and California cases are different on technological grounds.
In the New York case, police seized an iPhone 5S, running an older operating system, iOS 7, which is not very secure. To access the data under that operating system, Apple doesn’t have to hack anything. It can simply use a code, which it owns, to provide police with a copy, a “disk image”, of all the data on the device.
The San Bernardino case is different. In that case, Federal investigators seized an iPhone 5c, running the newer operating system, iOS 9, which has a much more sophisticated security system. To access the data under that operating system, Apple would have to design a whole new operating system.
Roughly ninety percent of Americans with iPhones use the newer, more sophisticated version of the Apple operating system iOS8 or later, which is fully encrypted by default. The company said it upgraded its system in part to bind its own hand, “so it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”
The idea is that such default encryption will keep Apple from becoming complicit in any sort of government spying, whether it’s the Chinese forcing Apple to comply with its laws snooping on dissidents or the US pursuing sweeping surveillance programs.
Apple says that the technological differences in the New York and San Bernardino situations make its case in California even stronger. After all, in the New York case, Apple wasn’t even being asked to create anything new, and Judge Orenstein still thought that it was a violation of the All Writs Act.
In the California case, Apple is being asked to create something new: an operating system, complete with a proprietary code that would trick the San Bernardino shooter’s iPhone into updating and eliminating its security protocols. That, Apple argues, is clearly a violation of the All Writs Act, and complying with that Federal warrant would be, at the least, “unduly burdensome”.
It would also, Apple argues, make everyone’s iPhones less secure. If Apple creates a new operating system that has the power to dismantle even a strongly encrypted iPhone’s security, what’s to stop hackers and criminals and authoritarian regimes from stealing that new operating system and using it for nefarious ends?
Federal law enforcement officials aren’t buying it. In the San Bernardino case, they say, the government is simply asking Apple to create a tool that provides access to one, single iPhone, the one belonging to the terrorist Farook Syed. Asking Apple to provide access to that one phone is the equivalent of getting a warrant to search one man’s house: it doesn’t make everyone else’s house less safe.
Rico says if the FBI is so smart, let them write the code...

No comments:

Post a Comment

No more Anonymous comments, sorry.