Slashdot Mirror
Godfather Of Encryption Explains Why Apple Should Help The FBI (bgr.com)
An anonymous reader writes: Famed cryptographer and Turing Award winner, Adi Shamir, has an interesting if not surprising take on Apple's current legal tussle with the FBI. While speaking on a panel at RSA Conference 2016 earlier this week, the man who helped co-invent the vaunted RSA algorithm (he's the 'S' in RSA) explained why he sides with the FBI as it pertains to the San Bernardino shooter's locked iPhone. It has nothing to do with placing trapdoors on millions of phones around the world," Shamir explained. "This is a case where it's clear those people are guilty. They are dead; their constitutional rights are not involved. This is a major crime where 14 people were killed. The phone is intact. All of this aligns in favor of the FBI." Shamir continued, "even though Apple has helped in countless cases, they decided not to comply this time. My advice is that they comply this time and wait for a better test case to fight where the case is not so clearly in favor of the FBI."
What a crock full of shit.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
Once the tool/method is created, it exists. Even if the tool never leaves Apple, they could be compelled to use the tool in future cases. Tool.
needs to be beaten to a bloody pulp.
The case is in front a former AUSA (i.e. lots of experience on the government side), but she went to Williams College for undergrad which means she's probably one of the more intelligent federal judges--making her likely to read and understand the tech industry's briefs. (About half of federal judges are really smart and went to top schools; about half of them may not be as smart but have been successful politically. They all have a good measure of experience.)
Ultimately, of course, the case is likely to get appealed, and if the loser at the 9th Circuit level decides it is a good test case, they will appeal it to Scotus.
If you comply once, then you greatly weaken any objections to complying again.
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
This is just fishing for information on other people, and it's pretty naive, since they destroyed 2 other phones. Would you use your company phone to plan a terrorist act?
Also, the phone isn't Apple's property. Let them go after the entity that owns the phone.
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Didn't NSA pay 10 mil to get RSA backdoored? Is anyone involved in RSA really worth listening to anymore?
Adi:
no one has argued the case isnt firmly in the hands of the FBI, or that they arent entitled to prosecute it. What we're highlighting and opposing is the biblical retribution with which the government seems intent upon pursuing this cases. the entire purpose of unlocking the phone at this opportune time is to create a precedent so that, in future endeavours and cases there is no point at which "favour" is ever questioned. the purpose of forcing apple to unlock this phone, or any device for that matter, is to create a legal standing by which any other device the government sees fit can be unlocked for any reason, however remote.
the facts stand: both killers are dead. their motives were known. their accomplices were known. their method is known. this is more than enough to convict a corpse.
Good people go to bed earlier.
Yes, actually it does. And here's why:
If Apple goes ahead and does this, what happens to the code after the FBI has used it? What guarantees can possibly be made that the code will not get leaked? (if recent events have taught us anything, it is that secrets eventually get discovered) If Apple develops this code, and this code should *EVER* make its way outside of Apple, where some particularly tenacious individual might figure out how to modify it to attack any phone and not just a single one....even if the guilty party is caught and all appropriate punishments are given, the damage will have already been done, and be completely irreparable, not only for Apple, but also for every single iPhone owner in the world
So yes, the FBI is asking Apple to put backdoors into every iPhone by writing this software.
File under 'M' for 'Manic ranting'
His contributions to encryption and privacy can not be underestimated, but it seems everyone has their faux pas moments. The implications with this approach are a bit similar to those of torture; it may be used "just this once", but then again, you can only sell once the core values of a democratic society.
-SR
Why does everyone think Apple has to create anything new? They already have the ability to do what the FBI wants. It's not a backdoor, it's not something they have to use on every phone...it's a simple code adjustment to turn off the poison pill and can easily be pushed to this one single phone. In fact, it can be built specifically for this one phone and it will only work on the one phone. Due to the way Apple already does their updates, they do this already as it is. They don't do mass updates to apps and iOS to all phones. each phone is unique and has it's own nonce. that's all Apple needs to match this code up to.
This isn't a technical issue. It's about people's opinion's on whether these douchebags have rights still and whether this actually violates them.
***Spoiler Alert*** They don't.
I've never heard of a dead person pleading the 5th.
-- I have monkeys in my pants.
Well, they lied then. If Apple's prior idea of security was based on trust then it's not truly secure. A new design will allow them to say there was a design flaw in prior iPhones that has now been fixed. They will do this and sell a ton more because of the security.
The ability to spy on law-abiding citizens grants an enormous economic advantage to those in power. They can do the financial equivalent of insider trading with impunity, and rake it in. That is just one way of many.
Strong encryption gives the poor some leverage against the rich; a chance to reclaim and protect some of the wealth that they generate through their labor. I guarantee, the rich will never abide this. Even if Apple wins, subsequent political and technological maneuvering will ultimately result in strong encryption available to the rich, but not to the rest of us.
This case is a lot like the presidential election: no matter who wins, we lose.
ad hominem attack.
The culture at the fbi has become tyrannical. They want to be the next KGB. I'll pass.
"Shoot to kill, sir? Are you sure?"
"Orders from on high."
"But then we can't grill em for more info"
"Yeah, but we'd be able to access encrypted iphone inpho"
The plot sickens.
WARNING: Smartphones have side effects--most of them undocumented.
If anyone really, really want to crack an iPhone, they'd do it.
Like the FBI?
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Cool! Now, where is the link to his statement?
"The FBI should be given the method to crack iPhones" - Abraham Lincoln
Self Defense - A Human Right www.a-human-right.com
Obviously you haven't follow that case very carefully. The iPhone isn't locked using fingerprints, it uses a 4 digit password. And before you ask why they just don't try all the combination, after 10 trials the iPhone may have been setup to delete the data. In addition, there is a delay between each trial which render this method unpractical unless you remove the delay and the 10 trials limit, which is exactly what the FBI is asking Apple to do for this iPhone by flashing a new firmware on it remotely. Yes, this model doesn't require the user to authorize the firmware to be flashed. So, that is totally possible to do. And why do they ask Apple and aren't just do it themselves? Because the firmware must be signed with Apple's private key otherwise the security chip in the iPhone will block the firmware execution.
Achille Talon
Hop!
There is ample and conspicuous proof that the US government can not hold information securely. Given a method to break into Apple phones, it is quite likely that the information would be exposed to the world and ruin the sales of Apple phones. Further, any defense team would have to be allowed to hire experts to opine on whether a real decoding had taken place and whether the decoding was accurate or to what degree errors occurred. Over time, that means that quite a few people would be exposed to that decryption software.
If Apple wins, they'll set the strongest possible precedent. If they lose, deniability is built in: we lost because the case was so obviously slanted, we'll bring a case to court again if a less slanted case shows up.
This signature is false.
Nothing prevents them (or anyone else) from doing exactly that right now. They are more than welcome to bang away on the phone as much as they want and if they get in, nobody will say a peep and all is as it should be.
The problem comes when the FBI compels/orders Apple to build a 2nd operating system. Forcing and compelling people and companies who are not accused of a crime is un-American and that is why this is going to court. Wanna compel Apple? Fine, go to Congress and pass a law like CALEA. But lets be clear.....a law forcing Apple to do what the FBI wants does not currently exist and that's why the FBI is relying on the All Writs Act to force Apple to do it.
Nobody has ever suggested the FBI (or anyone else for that matter) is prohibited from hacking the phone. They aren't. They are more than welcome to use whatever resources they have to hack it. But those resources do not include Apple, the company, or any of it's employees or tools unless allowed by law.
Re 'If anyone really, really want to crack an iPhone, they'd do it" :)
Its always about the next case and getting US brands staff used to been conscripted by the feds. The NSA does not want their skills listed in open state or federal court.
The next 100 or 200 phones on federal or state AG lists might have some individuals with the ability to hire real legal teams. Questions about evidence and finding their own experts to cross examine in open court are never good new for decades of hidden technical methods and big brand support.
The new ability of a gov official to legally say in open court that the big brand was conscripted to unlocked the phone blocks a lot of the more interesting questions.
The neat part is as the gov forced the workers at the private sector brand to break the encryption, methods, skills can stay a gov secret too
What was parallel construction will now be direct to open court with no questions about the origins, methods, fruit of the poisonous tree, color of law or NSA help.
No gov sector expert can talk to the topic as it was a private sector product and service. No private sector staff can ever talk as they are now working for the US gov and that is a secret.
Thats why the demand is for a tool to load onto their (US gov) computers. Its a tool for city, state, county, parish, federal use. Then contractors, other nations, their contractors and anyone who can afford to buy the services of ex staff or former staff.
Domestic spying is now "Benign Information Gathering"
What he said is precisely why the FBI picked this one. I think he was plenty smart in his youth, but now Shamir is just another silly old fool. Does he seriously think that the FBI won't use every wedge issue to outlaw encryption? After all, wanting to have ANY secret from the government PROVES you're up to no good.
When encryption is outlawed, only outlaws will have encryption. By circular definition.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Here I go into this thinking he said that so there be a reason to make better ways to encrypt data and force better security. Although heck John Macafee went and explained how the FBI could and does hack into other phones which does not involve forcing phone security to take a shit. This is not about safety this is about power to spy on people.
And to Adi Shamir...TURN IN YOUR GEEK CARD!! You clearly are a moron who does not care anymore.
The government is not simply asking them to hand over the encryption keys, but to write and deploy code on its behalf. That would make Apple an agent of the government; if it can do that, it can make any company such an agent. What's to stop the government from commanding Apple or Microsoft to deploy code that allows them to listen through a computer's microphone? Or how about vendors of "smart" TVs: can the government command them them to install cameras and microphones in all their new models, which the government can turn on as it sees fit?
This is not a question about encryption at all, it's a question about making a private company a government agent.
Wow. It's as simple and self-contained as that. Glad to have that cleared up. Go about your business folks, there's no ongoing concern of this becoming the widely-available weakest link to anyone hoping to target apple users in the future.
Requiem for the American Dream
One thing I find confusing is that everyone talks of forcing Apple to make a new version. But it isn't Apple but Apple engineers doing this work. Does the court have the power to tell Apple to fire it's operating system developers if they don't comply?
Comment removed based on user account deletion
The shooter destroyed everything with evidence on it. This phone was untouched. Guess why.
Of course news about a fake are Fake News.
The people killed are not guilty, they were killed before the court could adjudicate the matter. In the USA you are incident until proven guilty in a court of law, by a jury of your peers.
> American law works on prescient.
We already knew that.
That's the group that sold-out to the NSA, right?
Aside from physical security breaching (that is, shaving off the chips): if Apple can't do it, they should say so. However, if Apple can do it (and it looks like they can), then they should do it (and then build an even stronger phone).
So millions of people bought phones that were secure only to a certain level - well tough, that's just how it is. Purposeful breaking of security is a must when it comes to designing security. Plus, millions of people don't expect to have an ultimately secure phone either - they want to protect their phones from theft, mostly. If that. Not from prying federal eyes. And the phones were never marketed that way either.
You have a duty to inform yourself as a consumer. Buying an iPhone is not a universal human right and if you want your phone to be secure from prying federal eyes, you should pay for what that takes. Apparently this one can be pried open with certain, simple, measures, and therefore it *should* be pried open.
Religion is what happens when nature strikes and groupthink goes wrong.
Making a big deal about his "rights" while completely missing the bigger picture.
At the risk of a suggestion that may already have been beaten to death and shown impractical: is it possible to expose the logic boards without removing power, and dropping sockets on the SDRAM and NAND memory to enable reading out the contents? Write contents into a suitably configured iOS emulator, and thereby get as many brute force PIN guesses as you need?
Luke, help me take this mask off
Apparently he hasn't actually bothered to educate himself about what Apple did do and what the FBI is asking for in addition. A little education goes a long ways. In S's case there appears to be none applied.
The guy had the gun and killed the people... how much more proof do they need? The phone didn't have anything to do with killing people. Why do they need in?
Obviously you haven't follow that case very carefully. The iPhone isn't locked using fingerprints, it uses a 4 digit password.
So what's the evidence for that?
Of course news about a fake are Fake News.
Isn't it one of the immutable laws of security that physical possession means the device is owned? Apple is trying to make this not so immutable.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
If my phone gets a back door for the police to use to investigate it, then it is perfectly valid for your car to have a remote shut off they can use when they pull you over. Fair is fair right? Oh, and it would be a felony to circumvent it.
This just affirms what I have said all along, this is theater provided by Apple to assuage the fanbois.
The bottom line is all that matters which is why they picked this one to stand against.
"If any question why we died, Tell them because our fathers lied."
Maybe he knows something others are overlooking. Right now the FBI has to get a court order to get Apple to unlock a phone. If Apple disagrees, as they do in this case, they can challenge it. If Apple does create the software, that doesn't change anything other than making it easier for Apple to unlock the phone.
Now, lets say, that the government is thwarted in its efforts and creates its own software to do it. Or maybe, they won't but this pushes Congress to enact legislation banning encryption. Either way, the check and balance of the courts is no longer required and privacy is truly gone.
So, maybe he's right. Maybe in such a high profile case as this, where determining guilt is not truly the issue, nor is the shooters privacy (the phone belonged to their government employer), maybe, the risk of what may be the logical outcome far outweighs the risk that Apple is concerned about.
Yet another example of a very smart individual speaking out on something he doesn't understand. He knows the hell out of cryptography, but the concept of legal precedent eludes him.
Given that RSA has been known to sacrifice security for greater government cooperation, is this stance in any way surprising?
The FBI was able to force Apple to hand over the keys to the iPhone 1,2,3,4... because they had a valid warrant from the FISA court. The same thing that also happened to LavaBit. Apple responded by creating a security system where even they don't have the keys. So the FBI is using the All Writs Act to force Apple to create a way to force update the phone to a less secure version. Once this software exists the FBI can go back to the FISA court to force Apple to hand this over too.
Calvin:Do you believe in the devil? Hobbes:I'm not sure man needs the help.
This is not a question of the constitutional rights of a dead person, that is oversimplifying the problem. It is a question of precedent. Apple has hacked into older Iphones that didnt contain this type of hardware encryption. If we make them do it for a dead guy, later on the courts and FBI will justify doing to a living person with 4th amendment concerns and the courts will cite apple having done it before and compel them to do it again.
The victims are dead. The perps are dead.
They were loonie fundamentalists who had watched jihad videos aand decide to go out in the same style. What vital information does the FBI think the phone holds, months later?
You're one of the few posters who recognize the real problem: government compulsion to work as their agent! That's why the Thirteenth Amendment may bar this action, not amorphous claims about security. Note that the owner of this phone was the county, and they consented to the search. There is no Fourth Amendment issue here as a result. I mean, the FBI is laughing their balls off because everyone's freaking out over encryption and backdoors while no one realizes that Apple is an innocent third party in this case! It's like stealing a wheel barrel by filling it up with sand and walking it by security.
A NYC lawyer blogs. http://www.chuangblog.com/
Everyone seems to treat this as some sort of legal question. If that is all that this is, then Shamir's argument makes sense. No one seems to deal with the issue of encryption and putting a back door into an encryption algorithm. The NSA supposedly did this with the elliptic curve methods, and now they evidently are untrustworthy and unuseable. The RSA method involves picking two large prime numbers and keeping them secret. A back door might involve pretending to pick large primes, but actually picking smaller primes so as to make it easier to decrypt. This would break the alogrithm for everyone. There really isn't any way to put a back door into mathematics. This case seems to be something that the Maker and root your iPhone people should already have solved. Basically, dump the data on your phone to an image file on disk and bang on it until you start seeing intelligible strings. Apple doesn't need to be involved at all.
When you commit an illegal act, nothing protects you. Put simply, being a corporation, or any other construct doesn't protect you from the criminal code. They can look at anything in your house, other people's houses that are connected to the crime, businesses, and so on. Other countries often don't help protect you either. Let's not pretend there are rights or something is violated here. It's not. They did it and they're dead. I bet they'd be surprised that we're even having this question. I'd be surprised if there is anything useful on the phone.
Saying apple is coming up with a so called key is a crock of crap too. They'll be exploiting a bug someplace to do it. As a responsible company I'd fully expect them to patch it the next day and push it out. So what's the concern?
Besides, this is all a big show anyhow. I'm sure it was broken weeks ago. I'm sure Shamir knows that anyone claiming they have unbroken encryption is either a liar or doesn't know any better. If you think your little phone is invincible, well I have a bridge to sell you.