Encyption debate isn't going away

Credit: Public Domain

The fight over encryption isn't going away just because the FBI has figured out a way to glean the data off the iPhone used by a San Bernardino attacker.

Indeed, it's only likely to get more heated in the future.

Underneath Apple's battle with the FBI are deep-rooted differences between the tech industry and the government authorities. And neither side is backing down.

The Justice Department said Monday that ensuring that they have access to digitized data remains a "priority," adding pointedly it will "continue to pursue all available options" to get at it.

Meanwhile, Apple reiterated that its stance that the government's efforts were "wrong" and "dangerous" and that the company would only increase the security of its products.

Despite the momentary truce, should another mass terror attack happen in the U.S., and should it be found that the attackers used to cloak their plans, you better believe the calls to break the security or leave open holes for will come back with a vengeance.

But apart from the debates about national security and the ability of law enforcement to get information that they believe will protect us, we actually need encryption and security to get stronger. Encryption isn't just a thorn in the side of law enforcement; it's a crucial tool that protects personal data from thieves, hackers and others with malicious intentions.

Millions of people have had their - health records, Social Security numbers, - compromised, in large part due to lax security. Better protection can save millions of dollars - and it also can save lives because encryption doesn't just cloak the communications of terrorists, it also protects government dissidents and whistle-blowers.

Tech security is something of a binary thing. Either it works or it doesn't. Either something is secure or it isn't. You can't open a hole for only the "good guys." The bad guys can use the same hole if they find it - and sooner or later they will.

Neither Apple in particular nor U.S. companies in general own a monopoly on . Indeed, some of the foundational encryption technologies are open source, freely available to anyone to use.

The divide between the security and law enforcement community in Washington and the and Silicon Valley dates back long before the San Bernardino attacks. As the Edward Snowden revelations and other reports have made clear, efforts since 9/11 to prevent further terrorist attacks often went beyond what was clearly legal, constitutional or even wise.

Those revelations shattered the trust customers had in the tech companies and the trust between those companies and the government, setting the stage for the current escalation of words and threats in the courts - and perhaps soon in Congress with efforts to clarify the law. It's been clear from the beginning - despite the denials on the government's part - that this case has been about more than just this one iPhone. The government wanted to set a precedent that it could force a technology company to undermine its own security.

At the same time, moves by government groups to thwart security protections have encouraged companies, particularly Apple, to ramp up, not weaken, their efforts.

And part of the difference between the two sides stems from a clash of cultures. Painting admittedly with a broad brush, Washington is about laws and the establishment and deferring to traditions and authority. Silicon Valley, by contrast, has a libertarian streak that infuses its technology and startups and its belief in challenging received wisdom and the status quo.

None of those differences are going to just disappear. So prepare for the encryption wars to continue.

Explore further

Explainer: Apple vs. FBI—What Happened?

©2016 San Jose Mercury News
Distributed by Tribune Content Agency, LLC.

Citation: Encyption debate isn't going away (2016, March 31) retrieved 19 June 2019 from https://phys.org/news/2016-03-encyption-debate-isnt.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Feedback to editors

User comments

Mar 31, 2016
The FBI has a conflicting task: it's function is to protect the privacy of the citizens, while securing their safety from external and internal threats. Their defensive and offensive missions are clashing here.

Furthermore, the spying agencies are interested in gaining hardware level access to communications devices not only for internal matters, but to gain tools for easier espionage abroad, because the same devices are used the world over. They can't however request that capability directly without causing diplomatic trouble and distrust against American corporations, which means they have to go around the problem by disguising it as a domestic issue over surveillance.

Mar 31, 2016
I'm surprised that the strongest levels of encryption haven't already been placed under licence:
Such that banks and government departments that need it apply and receive licences; but individuals have to justify "owning or using it" and are registered and pay a license fee.
Individuals using the highest levels without licence would be criminals and those legally using it would be easier to track.
No individual really needs encryption that only a Cray supercomputer could crack and its use should raise suspicion of illegal activities.
Privacy is good but not if its excesses allow killers to go on killing with impunity (as an iPhone almost did.)

Mar 31, 2016
so much for pleading the 5th......

Apr 01, 2016
I'm surprised that the strongest levels of encryption haven't already been placed under licence:

That used to be the case, but you can't really control any of that.

It's trivial to make an unbreakable code. Two pieces of paper with random numbers that are used exactly once. You can send the messages over public non-encrypted lines and the FBI can't do anything about it.

Apr 01, 2016
"the FBI can't do anything about it."
Many similar arguments will be used to promote government inactivity while terrorists remain impregnable.
I agree we cant do anything about activity abroad but on home soil its a different matter:-
code sheets and code words "the chickens are in the henhouse" have always existed, but impregnable messaging across the world in bulk takes it to an unacceptable level.

The Americans 5th amendment lead to the existence of Guantanamo to circumvent it. We Europeans don't have such a guilt protecting constitution.

As for deliberately selling faulty leaky equipment abroad, only America (and Volkswagen) would think that is acceptable international behaviour. It will cost them a fortune.

Apr 01, 2016
Many similar arguments will be used to promote government inactivity while terrorists remain impregnable.

It's not an argument -for- anything. It's simply a reminder that they -can't- do anything if the criminals choose to employ effective means to encrypt their messaging.

but impregnable messaging across the world in bulk takes it to an unacceptable level.

A thumbdrive with 128 gigabytes of random noise allows for long communications to be transmitted efficiently and securely. Even weaker encryption methods are practically unbreakable, and the NSA/FBI have relied on tampering with the encryption tools, such as injecting a broken random number generator into Linux distribution servers. (e.g. Debian a couple years back)

In this case too, they were not actually breaking the phone's encryption but breaking the entry key/password to the encryption, which on an iPhone is weak and relies on the 10 attempts destruction mechanism that they circumvented.

Apr 01, 2016
The point with the Apple/iPhone case was that the PIN code to the phone is a short sequence that can be brute-forced open in a few thousand attempts, which takes a modern computer a split-second. The only real security it had was the fact that the phone erases itself after ten failed attempts.

What they asked Apple was a means to circumvent the self-destruction mechanism without taking the phone apart painstakingly. At no point was there any doubt by any of the experts that they couldn't break the phone open, because there is no security that can't be broken in time if you have the phone in your hand.

The question is simply that the FBI wants a tool - either a software tool, or a legal tool - to allow them to conveniently break the phone security at will without paying a lot and risking loss of data.

Apr 01, 2016
As for deliberately selling faulty leaky equipment abroad, only America (and Volkswagen) would think that is acceptable international behaviour. It will cost them a fortune.

It's not that simple. IF the US demands there to be a backdoor, then foreign manufacturers lose a 300 million customer market area if they don't implement it, which means pretty much every manufacturer in the world will have one made just to please the NSA/FBI. Not just US based companies.

And Europe is no saint in this matter either. Once such tools come available, they'll be happily taken into use by authorities everywhere. Germany for example allows the police to hack and infiltrate suspects' computers with malware to spy on them.

Apr 02, 2016
So perhaps Volkswagen should use your backdoor theory as a defence in court.
If it OK for the USA to pay lip service to law and justice but breaching other nations sovereignty. It must be OK to pollute everyone else's atmosphere as long as they pass the USA's prescribed tests.

OR NOT! The USA needs to learn it cant have it BOTH ways any more, they are already getting weaker on the world stage.

Is the west trying to promote forceful capitalism as a rabid dog on a leash to use against China and Russian as those states threaten to let loose North Korea and Syria every time an issue is raised they don't want to be discussed? ..... Just because a technique is in common use doesn't make it right. Would you only want friends who respect you because of your dog?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more