Imagine that all your tax documentation could be examined by officials of any government simply on suspicion. That is the future that some governments are pressing when they demand that Apple put security backdoors on their products.
Do not make anyone safe
Think about the nature of the rear security doors:
- They represent deliberate security flaws in operating systems and devices at the central level, designed to break the encryption on these devices.
- These failures may require some form of “password” to access.
- Once you have a vulnerability, it’s only a matter of time before people discover where you are: hackers are smart.
- Once you build the lock, it’s only a matter of time until someone manages to lift it. Does anyone else remember the Enigma Code?
“But the keys will remain with secure government agencies,” some say.
It only takes a disgruntled government employee, a spy deeply inserted in the government or a technology company, or a sophisticated criminal attack to successfully extract that key.
Locks are easily collected
After that, it is only a matter of time before such keys end up in the hands of the security agencies of all governments, including those that cannot be trusted. As these keys are deliberately designed, the operating system provider will not be in a position to patch them.
Those keys will not only reach other governments; They will also reach the hands of several criminal entities that will see a great opportunity for theft, profits and blackmail that comes with access to the digital life of each smartphone owner.
Think again a year ago when police-grade iPhone hacking tools suddenly appeared on sale on eBay, for example. Or reflect on the fate of the GrayKey box. That is even before considering how such access threatens connected systems of all kinds, from business relationship management software to letting unknowns access the login codes of your local power plant.
Follow the money
In fact, it seems to me that criminals and hostile governments have more to gain from any movement to make mobile devices less secure. I imagine they are already thinking about the money they will earn and the chaos they can create, since mobile security is deliberately broken.
That is even before discussing how this undermines privacy.
These are just some of the many reasons why Apple’s statement must be admitted in response to the measure born again to force it to break the security of its devices. It is not as if Apple was not prepared to help law enforcement; He says he has provided a wealth of information, including iCloud backups and more. It is also true that other entities (including carriers) are providing evidence.
Not only for the good
In a statement about the current rage, Apple said:
“We have always maintained that there is no back door just for the good guys. The back doors can also be exploited by those who threaten our national security and the security of our customers’ data. Today, the police have access to more data than ever in history, so Americans do not have to choose between weakening encryption and resolving investigations. We believe that encryption is vital to protect our country and the data of our users. “
Apple has made similar arguments before.
In a letter to his clients after the case of San Bernardino, he said:
“For years, cryptoologists and national security experts have been warning against weakening encryption. Doing so would harm only well-intentioned and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will remain encrypted, using tools that are readily available to them. “
A ring to ruin them all
There is another problem. After all, if a government demands such security backdoors, then each government will do the same. This can have a chilling effect on religious minorities, for example.
There is no technology company that can realistically deny some governments and not others. If Apple weakens encryption for one nation, it will be forced to do so in others. And mobile device security will weaken one encryption backdoor at a time.
We will all be poorer and less safe. Those security keys will inevitably end up in the hands of criminals and hostile actors. Bank accounts will be stolen, data will be stolen and digital terrorism (including attacks on critical infrastructure) will be enabled internationally.
The end result will not be more security, but much less. Or, how could I put it in 130 characters or less:
“Security backdoors and broken encryption will allow more criminal and terrorist activities than they prevent.”
Consider the consequences instead of being seduced by the sound.
Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.
Copyright © 2020 IDG Communications, Inc.