Slashdot Mirror
Godfather Of Encryption Explains Why Apple Should Help The FBI (bgr.com)
An anonymous reader writes: Famed cryptographer and Turing Award winner, Adi Shamir, has an interesting if not surprising take on Apple's current legal tussle with the FBI. While speaking on a panel at RSA Conference 2016 earlier this week, the man who helped co-invent the vaunted RSA algorithm (he's the 'S' in RSA) explained why he sides with the FBI as it pertains to the San Bernardino shooter's locked iPhone. It has nothing to do with placing trapdoors on millions of phones around the world," Shamir explained. "This is a case where it's clear those people are guilty. They are dead; their constitutional rights are not involved. This is a major crime where 14 people were killed. The phone is intact. All of this aligns in favor of the FBI." Shamir continued, "even though Apple has helped in countless cases, they decided not to comply this time. My advice is that they comply this time and wait for a better test case to fight where the case is not so clearly in favor of the FBI."
What a crock full of shit.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
someone should take away his Turing award, because he's obviously not smart enough to prove he's human.
Once the tool/method is created, it exists. Even if the tool never leaves Apple, they could be compelled to use the tool in future cases. Tool.
Because he's being paid by the US government, that's why.
needs to be beaten to a bloody pulp.
The case is in front a former AUSA (i.e. lots of experience on the government side), but she went to Williams College for undergrad which means she's probably one of the more intelligent federal judges--making her likely to read and understand the tech industry's briefs. (About half of federal judges are really smart and went to top schools; about half of them may not be as smart but have been successful politically. They all have a good measure of experience.)
Ultimately, of course, the case is likely to get appealed, and if the loser at the 9th Circuit level decides it is a good test case, they will appeal it to Scotus.
For being so smart, he has absolutely no common sense.
If you comply once, then you greatly weaken any objections to complying again.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
This is just fishing for information on other people, and it's pretty naive, since they destroyed 2 other phones. Would you use your company phone to plan a terrorist act?
Also, the phone isn't Apple's property. Let them go after the entity that owns the phone.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Is the significance to be secure.
once the FBI gets their hands on this a copy will secretly be made under secret court order and kept from public eyes indefinitely. It will bolster further secret court work against other tech companies.
Even if this were not to happen, you can bet your ass a copy will be made anyway. Somewhere, somehow.
Our freedoms and expectations of privacy will be reduced even further from the little we think we have to an expectancy of good guys have nothing to hide is 100% the norm.
An invasion of privacy is existentially invasive and terribly creepy.
Didn't NSA pay 10 mil to get RSA backdoored? Is anyone involved in RSA really worth listening to anymore?
Adi:
no one has argued the case isnt firmly in the hands of the FBI, or that they arent entitled to prosecute it. What we're highlighting and opposing is the biblical retribution with which the government seems intent upon pursuing this cases. the entire purpose of unlocking the phone at this opportune time is to create a precedent so that, in future endeavours and cases there is no point at which "favour" is ever questioned. the purpose of forcing apple to unlock this phone, or any device for that matter, is to create a legal standing by which any other device the government sees fit can be unlocked for any reason, however remote.
the facts stand: both killers are dead. their motives were known. their accomplices were known. their method is known. this is more than enough to convict a corpse.
Good people go to bed earlier.
Yes, actually it does. And here's why:
If Apple goes ahead and does this, what happens to the code after the FBI has used it? What guarantees can possibly be made that the code will not get leaked? (if recent events have taught us anything, it is that secrets eventually get discovered) If Apple develops this code, and this code should *EVER* make its way outside of Apple, where some particularly tenacious individual might figure out how to modify it to attack any phone and not just a single one....even if the guilty party is caught and all appropriate punishments are given, the damage will have already been done, and be completely irreparable, not only for Apple, but also for every single iPhone owner in the world
So yes, the FBI is asking Apple to put backdoors into every iPhone by writing this software.
File under 'M' for 'Manic ranting'
Who said your constitutional rights go away when you're dead?
His contributions to encryption and privacy can not be underestimated, but it seems everyone has their faux pas moments. The implications with this approach are a bit similar to those of torture; it may be used "just this once", but then again, you can only sell once the core values of a democratic society.
-SR
I understand how everyone gets fired up over this issue, but I believe the iPhone's current design for securely logging in is flawed. Why? Simply because it's possible for Apple to modify the OS to permit all possible keycode combinations to be tried in a brute force attack. What Apple needs is a design fix where they can honestly demonstrate that they can do absolutely NOTHING to make getting into the phone easier. That's true security. This is why cytologists release their encryption source code for the public to view. For one, it demonstrates that there are no backdoors in the logic, but more importantly it demonstrates that even with full access to the source code you don't gain a significant advantage in decoding an encrypted message. Apple's problem is that they protected the phones very secure encryption password using a flawed password protection scheme (the numeric passcode entry that's totally software driven). Apple needs to change the current design such that new software will not create an easy way to try all possible combinations. In my mind, the iPhone has a security design flaw that Apple will likely fix. This new iPhone will have a killer feature that'll make Apple a fortune as they market it as a phone that even they can't unlock!! That's where we're headed.
Why does everyone think Apple has to create anything new? They already have the ability to do what the FBI wants. It's not a backdoor, it's not something they have to use on every phone...it's a simple code adjustment to turn off the poison pill and can easily be pushed to this one single phone. In fact, it can be built specifically for this one phone and it will only work on the one phone. Due to the way Apple already does their updates, they do this already as it is. They don't do mass updates to apps and iOS to all phones. each phone is unique and has it's own nonce. that's all Apple needs to match this code up to.
This isn't a technical issue. It's about people's opinion's on whether these douchebags have rights still and whether this actually violates them.
***Spoiler Alert*** They don't.
homophobe
Is because you are scared government will come after you for your child porn/ drug dealers phone number.
The actual truth is they could give two shits about you. You are nobodies and being narcissist.
The ability to spy on law-abiding citizens grants an enormous economic advantage to those in power. They can do the financial equivalent of insider trading with impunity, and rake it in. That is just one way of many.
Strong encryption gives the poor some leverage against the rich; a chance to reclaim and protect some of the wealth that they generate through their labor. I guarantee, the rich will never abide this. Even if Apple wins, subsequent political and technological maneuvering will ultimately result in strong encryption available to the rich, but not to the rest of us.
This case is a lot like the presidential election: no matter who wins, we lose.
"Shoot to kill, sir? Are you sure?"
"Orders from on high."
"But then we can't grill em for more info"
"Yeah, but we'd be able to access encrypted iphone inpho"
The plot sickens.
WARNING: Smartphones have side effects--most of them undocumented.
I'll just file this one away in the ""Smart" people can be idiots too" file. He's a math guy, why does his opinion matter?
It's all posturing on the part of Apple and its tech buddies. The FBI nailed it: it's a marketing ploy. If anyone really, really want to crack an iPhone, they'd do it. Apple's not going to stop them.
So, pose this one to your congress critters.
1) Take a field trip to Arlington (it's close by Washington DC and hey, it makes a great photo op).
2) Ponder the fact that many of those white markers out there died defending the Constitution and the Bill of Rights
3) Ponder the fact that your justification of "it may save a life!" in support of privacy reducing legislation ignores the lives already given.
4) Consider your vote can either defend the principles of those who have given up their lives or your vote can leave yellow stains on the markers.
Then what you are saying is that this extra evidence is not even required as it is an open and shut case. I say they should strike now when there is no legal precedent. The absurdity of this case further aids them.
Cool! Now, where is the link to his statement?
"The FBI should be given the method to crack iPhones" - Abraham Lincoln
Self Defense - A Human Right www.a-human-right.com
Has nobody thought to just use the dead guys finger and unlock the phone? My friends girlfriend did that to him in his sleep. Why is this a problem?
There is ample and conspicuous proof that the US government can not hold information securely. Given a method to break into Apple phones, it is quite likely that the information would be exposed to the world and ruin the sales of Apple phones. Further, any defense team would have to be allowed to hire experts to opine on whether a real decoding had taken place and whether the decoding was accurate or to what degree errors occurred. Over time, that means that quite a few people would be exposed to that decryption software.
If Apple wins, they'll set the strongest possible precedent. If they lose, deniability is built in: we lost because the case was so obviously slanted, we'll bring a case to court again if a less slanted case shows up.
This signature is false.
Are we being played? Let's consider motivation behind this controversy:
#1 Apple would like customers around the world to believe they can trust iPhones. This belief is worth billions to them.
#2 The FBI would like citizens to believe they are working within the law and they really want to catch terrorists. Polls show that the majority of Americans are eager to trade privacy for security so this bit of theater makes the FBI look good to them. Additionally, criminals may relax their security measures thinking that they are safe.
Thus there are great benefits to both in this affair. Both parties have already won the 'dispute'. The possibility that they pre-arranged the 'dispute' is an elementary deduction. It's quite possible that Apple or someone has already hacked the phone and nothing interesting was found. That's irrelevant to furthering the goals of both organizations.
...omphaloskepsis often...
i think apples situation is like that of a person asked to wear a mike in a sting operation. the person doesnt have to do it, but they may be offered an incentive, if they are at risk of prosecution. otherwise, someone has to volunteer to be miked. the code that apple would write is not free speech, its ACTION, as the speech results, if used, in immediate action at the electronic level. thats not speech, thats action. the govt may believe it has a free writ to compel people to act, but if that action is potentially detrimental to the person acting (gangster may shoot him if he finds the mike), the person can reasonably refuse to cooperate. apple writing the code will likely harm the millions of customers apple relies on, and thus also hurt apple. real world harm, economic suffering. no one should be forced to participate in their own suffering or demise.
It is inevittable... FBI would ask Apple for tools to open a Iphone Slip6 Plus. They will spend more time in court proving that they have a right to ask as well that such tools exist in the near future. Somewhere...in a sunny neighborhood highway far away...a Delorean will reach 88 miles per hour.
Dont be afraid of the Green Knight.
>dont sacrifice a Queen to save a pawn.
What he said is precisely why the FBI picked this one. I think he was plenty smart in his youth, but now Shamir is just another silly old fool. Does he seriously think that the FBI won't use every wedge issue to outlaw encryption? After all, wanting to have ANY secret from the government PROVES you're up to no good.
When encryption is outlawed, only outlaws will have encryption. By circular definition.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
The people are dead - they don't CARE about (nor even have) constitutional rights.
Here I go into this thinking he said that so there be a reason to make better ways to encrypt data and force better security. Although heck John Macafee went and explained how the FBI could and does hack into other phones which does not involve forcing phone security to take a shit. This is not about safety this is about power to spy on people.
And to Adi Shamir...TURN IN YOUR GEEK CARD!! You clearly are a moron who does not care anymore.
The government is not simply asking them to hand over the encryption keys, but to write and deploy code on its behalf. That would make Apple an agent of the government; if it can do that, it can make any company such an agent. What's to stop the government from commanding Apple or Microsoft to deploy code that allows them to listen through a computer's microphone? Or how about vendors of "smart" TVs: can the government command them them to install cameras and microphones in all their new models, which the government can turn on as it sees fit?
This is not a question about encryption at all, it's a question about making a private company a government agent.
Wow. It's as simple and self-contained as that. Glad to have that cleared up. Go about your business folks, there's no ongoing concern of this becoming the widely-available weakest link to anyone hoping to target apple users in the future.
Requiem for the American Dream
One thing I find confusing is that everyone talks of forcing Apple to make a new version. But it isn't Apple but Apple engineers doing this work. Does the court have the power to tell Apple to fire it's operating system developers if they don't comply?
Time to change the tone of the message: "Comply this time and wait for a better mugger to fight". I don't mean to dismiss assault victims or glorify Apple, but when the issue is, who is victim (the customers), saying "Comply this time" is the wrong place to start. In particular, when Apple has always helped the FBI before.
Comment removed based on user account deletion
The shooter destroyed everything with evidence on it. This phone was untouched. Guess why.
Of course news about a fake are Fake News.
The people killed are not guilty, they were killed before the court could adjudicate the matter. In the USA you are incident until proven guilty in a court of law, by a jury of your peers.
that this cunt (or at least the people currently heading the RSA group) took money to weaken RSA encryption.
https://www.eff.org/deeplinks/2014/01/after-nsa-backdoors-security-experts-leave-rsa-conference-they-can-trust
The issue is .. American law works on prescient. And if the FBI wins this case to 'unlock' whatever.. for reasons they deem good.. it will blanket to the populace and change future legal proceedings.
That's the group that sold-out to the NSA, right?
And then maybe one day they'll stop! Honest! They'll be nice!
Come ON. Even if there was *no* good use at all, potentially, ever, EVER for this stuff, they'd still at the very minimum fabricate cases full of terrorist pedophile drug traffickers just to make sure they can get the "just this once" and stick their giant armored tank-treads in the door.
They'll always pretend there's a "good" reason for atrocities, whether it's the rape of our privacy "to protect children" or a few hundred thousands dumped into mass graves "for the freedom of our legal person citizens"
Aside from physical security breaching (that is, shaving off the chips): if Apple can't do it, they should say so. However, if Apple can do it (and it looks like they can), then they should do it (and then build an even stronger phone).
So millions of people bought phones that were secure only to a certain level - well tough, that's just how it is. Purposeful breaking of security is a must when it comes to designing security. Plus, millions of people don't expect to have an ultimately secure phone either - they want to protect their phones from theft, mostly. If that. Not from prying federal eyes. And the phones were never marketed that way either.
You have a duty to inform yourself as a consumer. Buying an iPhone is not a universal human right and if you want your phone to be secure from prying federal eyes, you should pay for what that takes. Apparently this one can be pried open with certain, simple, measures, and therefore it *should* be pried open.
Religion is what happens when nature strikes and groupthink goes wrong.
Making a big deal about his "rights" while completely missing the bigger picture.
To convince people their rights are making them potentially insecure. How can people believe this shit after a over a decade using the same fucking excuse, the "terrorists"
At the risk of a suggestion that may already have been beaten to death and shown impractical: is it possible to expose the logic boards without removing power, and dropping sockets on the SDRAM and NAND memory to enable reading out the contents? Write contents into a suitably configured iOS emulator, and thereby get as many brute force PIN guesses as you need?
Luke, help me take this mask off
Apparently he hasn't actually bothered to educate himself about what Apple did do and what the FBI is asking for in addition. A little education goes a long ways. In S's case there appears to be none applied.
The guy had the gun and killed the people... how much more proof do they need? The phone didn't have anything to do with killing people. Why do they need in?
It would seem godfather has the usual connotations in this context. . .
When did innocent until PROVEN guilty become: "This is a case where it's clear those people are guilty. They are dead; their constitutional rights are not involved."
That's the whole point of constitutional rights, to keep people the state thinks are guilty of X real or invented offense protected from abuse of power. This is the sort of stuff that makes me want to leave the country, but where to go. . . this stuff is not being done just here. Those who give up their rights for security will find they have neither.
Isn't it one of the immutable laws of security that physical possession means the device is owned? Apple is trying to make this not so immutable.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
If my phone gets a back door for the police to use to investigate it, then it is perfectly valid for your car to have a remote shut off they can use when they pull you over. Fair is fair right? Oh, and it would be a felony to circumvent it.
This just affirms what I have said all along, this is theater provided by Apple to assuage the fanbois.
The bottom line is all that matters which is why they picked this one to stand against.
"If any question why we died, Tell them because our fathers lied."
Maybe he knows something others are overlooking. Right now the FBI has to get a court order to get Apple to unlock a phone. If Apple disagrees, as they do in this case, they can challenge it. If Apple does create the software, that doesn't change anything other than making it easier for Apple to unlock the phone.
Now, lets say, that the government is thwarted in its efforts and creates its own software to do it. Or maybe, they won't but this pushes Congress to enact legislation banning encryption. Either way, the check and balance of the courts is no longer required and privacy is truly gone.
So, maybe he's right. Maybe in such a high profile case as this, where determining guilt is not truly the issue, nor is the shooters privacy (the phone belonged to their government employer), maybe, the risk of what may be the logical outcome far outweighs the risk that Apple is concerned about.
So good luck unlocking the data in their brains. Or maybe the FBI can get Walter and Olivia to do that.
I'd like to know why a software update could not be coded and pushed to just that one phone using a unique hardware identifier such as an IMEI, etc. to allow that phone, and that phone alone, to be unlocked.
RSA a multi-million dollar bribe to deliberately cripple security (defaulting to Dual_EC_DRBG) for the NSA.
Fuck him.
This is yet another sad example of what passes for journalism these days. The godfather of encryption? What is that supposed to mean? Cryptography existed a very long time before Adi Shamir got involved with it. Computer driven encryption existed before Adi Shamir got involved with it. And even if he had invented it, it wouldn't follow that he was an expert on privacy or legal issues.
Yet another example of a very smart individual speaking out on something he doesn't understand. He knows the hell out of cryptography, but the concept of legal precedent eludes him.
Apple is the victim of the FBI's aggression in this case. They are living people.
In addition, many Apple employees probably use iPhones, so they're being asked to work against their own personal interests. They're not merely being attacked by their own government (bad enough); they're being ordered to participate in the attack against themselves. That's like if I hand you a gun and tell you to shoot yourself or else. If I did that, you damn well know you would say "fuck you" and point the gun at me.
Given that RSA has been known to sacrifice security for greater government cooperation, is this stance in any way surprising?
The FBI was able to force Apple to hand over the keys to the iPhone 1,2,3,4... because they had a valid warrant from the FISA court. The same thing that also happened to LavaBit. Apple responded by creating a security system where even they don't have the keys. So the FBI is using the All Writs Act to force Apple to create a way to force update the phone to a less secure version. Once this software exists the FBI can go back to the FISA court to force Apple to hand this over too.
Calvin:Do you believe in the devil? Hobbes:I'm not sure man needs the help.
This is not a question of the constitutional rights of a dead person, that is oversimplifying the problem. It is a question of precedent. Apple has hacked into older Iphones that didnt contain this type of hardware encryption. If we make them do it for a dead guy, later on the courts and FBI will justify doing to a living person with 4th amendment concerns and the courts will cite apple having done it before and compel them to do it again.
The victims are dead. The perps are dead.
They were loonie fundamentalists who had watched jihad videos aand decide to go out in the same style. What vital information does the FBI think the phone holds, months later?
Here is the thing, the FBI knows it can unencrypt one phone if it has physical access to the device. They want more than this, they want to unlock a phone anywhere at any time for any reason, they want the backdoor for spying on people they suspect might do something. The took the sad events of terrorists and used that to try and sway the public into backing this idea. They figured that most people are scared of ISIS and most people aren't intelligent to know they can already do it to a phone they have in custody... This tragedy led to a great time to try and get public buy-off. It's exactly how the original Patriot Act was passed, a tragedy happened and it was used to pass legislation that in turn lead to the US government spying on US citizens. This request is no different and will lead to the exact same outcome.
I wish more that anything they would just be honest about it.
Someone that's spent their entire life studying and working at government institutions around the world sides with the government agency. Not hugely surprising.
Certainly one can't point at Shamir and say "if only he understood crypto, he'd side with Apple". He understands the technical aspects of the situation better than most. However, his value judgement of the intent of the FBI as well as the likely continuation are just as certainly skewed heavily in favour of statism.
Finally someone who knows has the courage to explain why Apple is doing the wrong thing!
You're one of the few posters who recognize the real problem: government compulsion to work as their agent! That's why the Thirteenth Amendment may bar this action, not amorphous claims about security. Note that the owner of this phone was the county, and they consented to the search. There is no Fourth Amendment issue here as a result. I mean, the FBI is laughing their balls off because everyone's freaking out over encryption and backdoors while no one realizes that Apple is an innocent third party in this case! It's like stealing a wheel barrel by filling it up with sand and walking it by security.
A NYC lawyer blogs. http://www.chuangblog.com/
Everyone seems to treat this as some sort of legal question. If that is all that this is, then Shamir's argument makes sense. No one seems to deal with the issue of encryption and putting a back door into an encryption algorithm. The NSA supposedly did this with the elliptic curve methods, and now they evidently are untrustworthy and unuseable. The RSA method involves picking two large prime numbers and keeping them secret. A back door might involve pretending to pick large primes, but actually picking smaller primes so as to make it easier to decrypt. This would break the alogrithm for everyone. There really isn't any way to put a back door into mathematics. This case seems to be something that the Maker and root your iPhone people should already have solved. Basically, dump the data on your phone to an image file on disk and bang on it until you start seeing intelligible strings. Apple doesn't need to be involved at all.
When you commit an illegal act, nothing protects you. Put simply, being a corporation, or any other construct doesn't protect you from the criminal code. They can look at anything in your house, other people's houses that are connected to the crime, businesses, and so on. Other countries often don't help protect you either. Let's not pretend there are rights or something is violated here. It's not. They did it and they're dead. I bet they'd be surprised that we're even having this question. I'd be surprised if there is anything useful on the phone.
Saying apple is coming up with a so called key is a crock of crap too. They'll be exploiting a bug someplace to do it. As a responsible company I'd fully expect them to patch it the next day and push it out. So what's the concern?
Besides, this is all a big show anyhow. I'm sure it was broken weeks ago. I'm sure Shamir knows that anyone claiming they have unbroken encryption is either a liar or doesn't know any better. If you think your little phone is invincible, well I have a bridge to sell you.