Mater Dei High School

GovtOS: The Controversy

Hot off the heels of the privacy controversies with the NSA and the supposed privatization of the internet, a new and highly contested issue pertaining to cybersecurity and privacy arose with the terrorist attacks in San Bernardino, Calif. As a crucial piece of their ongoing investigation, the Federal Bureau of Investigation (FBI), requested for Apple to de-encrypt, or at least build a security “backdoor” to bypass the lockscreen of an iPhone 5C that belonged to one of the assailants.

Unlike newer iPhone models such as the 5S, 6/+, and the 6S/+, the 5C lacks Touch ID (a fingerprint scanner) and Apple’s unique security module, Secure Enclave, a component of Apple’s A-line of processors that operates independently from the rest of the OS. Secure Enclave can maintain the integrity of the system, as well guarantee secure interactions with Touch ID and Apple Pay. Put into simplest terms, any iPhone (or iPad) equipped with Secure Enclave has a tiny computer within an already tiny computer that is specifically built to protect both the phone’s operation and the owner’s private information.

Without Secure Enclave, the 5C in question is only protected by a four number passcode, which punishes wrong attempts by increasing timeouts (30 seconds, one minute, five minutes, etc.). If the owner had enabled this feature, the phone will automatically perform a system wipe after ten incorrect tries, effectively destroying this piece of evidence in the investigation.

The FBI, knowing these limitations, approached Apple with the request for a backdoor that, after well-publicized protests from the latter (such as a personal memo from Tim Cook to consumers), was narrowed into this: a tool that would allow the FBI to input millions of combinations in a matter of milliseconds without any of the restrictions, theoretically unlocking the phone within minutes or even seconds. Apple has to sign any automatic firmware updates before a given iPhone will accept them, and the FBI’s proposed update would be coded to an individual phone. Unless the phone’s serial number matches the number in the code, the software won’t install (effectively meaning this piece of software is a specific, not a generic, variant).

Apple argues that this demand sets “a dangerous precedent that threatens everyone’s civil liberties,” that it isn’t merely centered upon the request of this single phone, but sets a frightening standard in which government has the power to force the private sector to enable privacy reduction through their own products.

If this one request is fulfilled, it is not implausible to think other entities will pressure Apple to create similar tools for their investigations. Interestingly enough, according to internal reports in the Justice Department, the United States alone has nearly a dozen more iPhones in line to be unlocked by Apple in similar legal requests. Although Apple has already dissuaded the FBI from demanding a “generic” backdoor that can be used on any iPhone, they fear that after enough specific demands, the generic version may eventually be requested. It is not unrealistic, even, if governments of other countries, such as China, Russia, Great Britain will approach Apple with similar wants if the United States succeeds in procuring their demand(s).

The real danger does not necessarily lie in the hands of government (even though the existence of the NSA and this tool should not bode well with any consumer), but in the possession of the more malicious: hackers, criminals and the like. Historically speaking, the security apparatus of the United States is worryingly unsubstantial; it has been attacked and accessed on more than one occasion by hackers based in China (among other groups, some even in the United States), resulting in massive data breaches and affecting millions of civilians. This tool in the hands of the unsavory could be disastrous for the consumer: by losing your iPhone, you risk losing your identity and/or savings, and at the least, extortion and blackmail. This outcome is only made certain if your phone is suddenly unlockable no matter the circumstance or preventative measures.

A multitude of high-profile technology behemoths have publicly announced their support for Apple, including Google, Facebook, Twitter and Microsoft. Facebook’s public announcement was conciliatory in tone but still firm and resolute in their stance for the continuance of encryption: “We condemn terrorism and have total solidarity with victims of terror. Those who seek to praise, promote, or plan terrorist acts have no place on our services. We also appreciate the difficult and essential work of law enforcement to keep people safe. When we receive lawful requests from these authorities we comply. However, we will continue to fight aggressively against requirements for companies to weaken the security of their systems. These demands would create a chilling precedent and obstruct companies’ efforts to secure their products.”

However, Apple’s critics have been just as passionate and many times, much more visible. Donald Trump, the frontrunner for the Republican presidential nomination, offered rhetoric of scorn towards Tim Cook and Cupertino as a whole: “Who do they think they are?” He added that the American public should boycott Apple’s goods until they complied.

Public opinion as a whole, unlike the tech and political spheres, has remained murky. A recent Pew survey said that nearly 51 percent of Americans supported Apple’s compliance with the FBI, while only 38 percent supported Apple’s resistance against compliance. Meanwhile, an Ipsos poll conducted for Reuters saw 46 percent of citizens in support of Apple, 35 percent not, and 20 percent with no solid opinion on the matter. 

The most important question that remains after the political ruckus is by no means an easy one to answer: as technology grows exponentially, does it make any sense that the civil liberties of citizens are punished correspondingly? Should the FBI be granted precedent over a corporation as large as Apple in their investigation that has even the slightest chance at devaluing a decade’s worth of security efforts?

When only in the context of the investigation and not the resulting precedent, the FBI’s request is already somewhat perplexing and seemingly fruitless. The iPhone 5C in question was the work phone of Syed Farook, which makes it unlikely to hold any valuable information in terms of communications with other possible terrorist cells/contacts. San Bernardino Police Chief Jarrod Burguan agrees, saying that there’s a disappointingly low possibility for any useful information to actually be discovered, exacerbating the general pointlessness of this request.

It makes even less sense when considering the legal and social repercussions. Citizens of several countries worldwide are already subjected to metadata collection and wiretapping by the National Security Agency (NSA), while the increasing political tilt in favor of additional privacy reduction in the United States is more than a little disturbing. It’s understandable to want to protect the interests of a country and its citizens, but it’s simply ridiculous to continue to perpetuate such an invasive surveillance state, one that is teetering ever closer to the “fictitious” society of George Orwell’s “1984.”

Arguments such as “I have nothing to hide!” make for patriotic sentiment but are unsubstantiated and shallow at best; in the context of surveillance, the government is free to monitor and collect any given amount of information about you, information that could be used against you, but also never revealed in full to you (effectively removing your power in legal situations). Furthermore, history has proven that having something to hide is vital to maintaining a free and healthy society founded on democracy with the ability to improve; the movements of Women’s Suffrage, Civil Rights and Marriage Equality all were possible because participants were allowed to hide from prosecution and gradually fight for their causes. Apple is correct; this request is not merely about a phone, but also the exposition of a dissonant security debate that will inevitably expand as technology advances.

No Comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s