Slashdot Mirror
New York's District Attorney: Roll Back Apple's iPhone Encryption (mashable.com)
An anonymous reader quotes Mashable:
Manhattan District Attorney Cyrus Vance said Thursday that he wants Apple's encryption to go back to how it was in early 2014. Back then, police could basically extract any information they wanted after getting a warrant. "Doing nothing about this problem will perpetuate an untenable arms race between private industry and law enforcement," Vance said on Thursday. "Federal legislation is our only chance to lay these arms aside."
Vance said he's got 423 "lawfully-seized Apple devices" that his employees can't do anything with. Forty-two of those devices "pertain to homicide or attempted murder cases" according to the district attorney's office, and a similar number "relate to sex crimes." The argument, of course, is that the district attorney's office would have an easier time solving crimes if they had access to these phones... Apple believes being forced to hack into phones at the government's will is an unreasonable burden.
ZDNet adds that "the call for federal legislation could be given a popular boost by president elect Donald Trump, who previously called for a boycott on Apple products when it refused to help the FBI."
Vance said he's got 423 "lawfully-seized Apple devices" that his employees can't do anything with. Forty-two of those devices "pertain to homicide or attempted murder cases" according to the district attorney's office, and a similar number "relate to sex crimes." The argument, of course, is that the district attorney's office would have an easier time solving crimes if they had access to these phones... Apple believes being forced to hack into phones at the government's will is an unreasonable burden.
ZDNet adds that "the call for federal legislation could be given a popular boost by president elect Donald Trump, who previously called for a boycott on Apple products when it refused to help the FBI."
The Victory Gin is kinda gross but whatever
Forty-two of those devices "pertain to homicide or attempted murder cases" according to the district attorney's office, and a similar number "relate to sex crimes.
So 80% of the phones they want to decrypt aren't related to crimes serious enough to mention.
It's the abuse of rubber-stamping courts that brought the need to do encryption that's inaccessible to the 5-0. Y'alls made your bed, now kip in it.
That way, when the Russians or the Chinese -- or the hacker down the street -- want to steal data and influence elections, they will have to get a warrant!
Oh, wait, I meant that other word. Stupid. Stupid idea. Hasn't anyone learned ANYTHING this past year?
I don't trust Apple no more than I trust government agencies, because despite their pro-privacy posturing, they really work for the man - just like Google and all the others. Therefore, when I want to commit a crime and store files about it on my cellphone, PC or transmit said files to my fellow criminals, I encrypt them *before* saving them. Savvy criminals do the same.
I'm a smart criminal, so you ain't gonna find no clear-text file on none of my computer devices, regardless of the brand.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
And then go fuck yourself, Mr. Vance.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
is very likely to give him that law. IIRC Rudy Giuliani wasn't exactly a big fan of encryption.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Fuck off.
To a large degree, data storage is an extension of what a person knows. Why bother memorizing a phone number when you have hardware to do it? Why bother memorizing a hundred passwords when you have hardware to do it? Even our music collection is on hardware purely because our ability to memorize it is imperfect.
The moment a law is passed that mandates law-enforcement access to our electronic devices, we are giving them access to what we know. Today that may or may not be reasonable. But tomorrow, the day after, or a hundred years from now we will have these devices integral to ourselves. Implants within us, most likely, that augment our memories. It's not unreasonable to predict a (likely distant) future where a device taps our optic nerve and provides us "augmented reality". Can't remember the name of the person you're looking at? The device will do that for you. But it will also be able to record what you see, or hear, for future perfect recall.
So what happens when the iPhone law is applied to internal storage? It's mind-reading. This legislation is one step shy of "police must be allowed to read your mind if it is possible". That disturbs me.
"Oh no... he found the
You're very wrong. By several decades. There was a Republican House, Senate, and President only 13 years ago, from 2003 to 2007.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Both of these suggestions suffer from the same issue: you can't put the shit back in the horse. Encryption is out there, and a reality. If the phone manufacturer compromises their full-disk encryption, then app makers start writing un-compromised encryption into their apps.
Similarly, the surveillance state is our new reality, and it won't be stopped without some pretty major changes happening.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Call records being stored only if you are logged into iCloud, so if that bothers you do not log into an iCloud account when using the phone.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
The FBI usually likes to avoid high profile jailings of people standing up for the rights of the public, because it's the best way to end up with your shit in the street, and politicians that like to get re-elected working the shovels. Jailing Tim Cook over refusing to implement encryption back doors would represent an FBI fuck up in a New York Times headline kind of way. And it's exactly how the FBI would end up with the entire Congressional delegation from California all up in their shit, if not the entire US House of Representatives looking to stay there / move to the other side of the Capitol building.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
San Quentin? That spelling should be a crime....
"I do not agree with what you say, but I will defend to the death your right to say it"
Nowhere does it say I have to rely on a governmental promise not to do an unreasonable search, it says I have a right to secure myself against such a search.
The proposal goes against the plain meaning of the fourth.
The irony is that years ago the USA has laws against exporting strong encryption, now the move is that domestically you can't have strong encryption but people outside the country can..... One also wonders what the police did before crooks had cell phones they could search? Real detective work perhaps?
Can we please stop calling these gadgets "telephones" --? Telephones are devices with embedded systems that can handle Telephony and not much else. These so-called "smart" so-called "telephones" are actually locked-down computers for the brainless masses: computers controlled by someone else and not you.
From that perspective, since the user already has no actual control of what their device is actually doing, why would anyone not expect the treachery be relentlessly notched up beyond its already intolerable levels?
What would happen if there was suspected related papers to a case in a safe? Would the safe company have to open it, or was it left to the police to deal with? Or a safety deposit box - do banks have to comply? There's probably some precedent for this out there, would be interesting to see what it is..
All you LEOs, all you DAs, all you politicians, all the way up to POTUS? You can go fuck yourselves. We don't want to live in a world where only the rich, powerful, and the government are the only ones entitled to keep their data safe. We don't give a flying fuck about your obsessive-compulsive need to see everything, know everything, and control everything; go take your meds, go call your therapist, go take a time-out somewhere cool dark and quiet, but get the hell out of our phones, out of our computers, out of our lives! You are not making us 'safe', all you're doing is feeding your own hunger for power, and we're sick and tired of it. STOP!!!
... because Apple knows the market wants secure phones.
That market includes EVERYBODY: The consumers, businesses, government, and LEO as well.
If Apple doesn't provide phones that are locked down, someone else will and EVERYBODY will drop iPhone for the new secure kid on the block.
Why aren't Androids in the news?
I'm sure Apple appreciates the publicity.
It little behooves the best of us to comment on the rest of us.
Also, the FBI are not going to lock anyone up in San Quentin, since it is a state prison, not Federal.
The real "Libtards" are the Libertarians!
Yet you fail to acknowledge that it only came about when compromising photos of celebrities started appearing on the Internet as a whole.
It wasn't designed for the people at large, but for a small subset of their deep-pocketed customers.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
Seriously, watch all five seasons of HBO's 'The Wire'. Make of it what you will, but I'm pretty sure it's critically relevant to this topic.
I wonder how many of them are people stupidly giving themselves on social media.
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
They were comfortable with something they never should've had.
I'm not even arguing that on ethical grounds, or The 4th - they were simply lucky to enjoy a window where they were blessed with the brute force power to override the efforts of citizens to have private documents.
Honeymoon's over, deal with it. Pay some gray hats if you want to keep getting access you're not supposed to have.
You must be unaware that the current administration is pushing for the these backdoors as well, and the current president is a Democrat. In addition, District Attorney Cyrus Vance is a Democrat, whose father served as Secretary of State for President Carter, and lower offices under Kennedy and Johnson.
You should realize these issues are just from the political party you love to hate.
If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
Mr. Vance doesn't need a change in the encryption,
he needs a change in employees....
But seriously folks,
I'm sure there are ways into these phones...too bad those methods aren't usable in court, and I bet they have already been into these phones,collected what they wanted, but haven't been able to use that info without exposing how they got it, illegally.
This is their ploy to get encryption changed.
(just cuz i'm paranoid doesn't mean they aren't out to get me)
With Trump as president and a republican majority in congress, how much - realistically speaking - do you think privacy will last in the US?
My guess is: not too long.
Here's a prediction: forget Apple, this has all to do with public service and government's power. With all the stuff Trump promised, he'll just lean on the side - as several republican politicians do, and some liberals too - of ignorance, pushing for laws and forcefully having their way regarding encryption, fundamentally weakening security and privacy for all. These people cannot understand the importance of privacy and strong encryption, they'll always dismiss the importance of it by seeing only how criminals can potentially use it, because they are essencially blind on how much their own lives depend on it.
Companies' stances on those will weaken and collapse overtime, cases of abuse of power will rise, and hacker activity will gain new grounds.
Police and government will innevitably end up leaking or being hacked for very sensitive information, information from innocent people that was never meant to go public will, press will come after the government harder than ever, and it'll start an information/cyber civil war as Trump's government already doesn't like the press a whole lot.
Of course, crime and criminal activity won't go down because of that. Even if the US weakens their own stance on privacy and security, that does not mean other countries will follow suit. But businesses and people dependant on services located in the US will be forced to conform.
Banks and other types of secure services will suffer from this because every device now has some sort of backdoor or weakened encryption, private data from people inside the government that was favorable for weakening encryption will leak, but now it's too late to go back - the damage is done.
Private companies that feel threatened by all the measures being taken by the FBI and sanctioned by the government will, with enough pressure, move to countries that understands the importance of privacy and encryption. It'll take a while because it has to reach a point of making economical sense, but it will.
All the morons who were favorable on weakening iPhone and other devices encryption will come crying talking how they didn't know that making security weak for criminals also meant making security weak for everyone else, which in turn just made criminals' lives easier.
But of course, this will only help the fear and paranoia agenda of the current office anyways, so in the next election the candidate who shouts louder will continue winning the races.
It's extremely enticing for law enforcement with such a miopic, poor understanding and complete ignorance of how encryption came to be to dismiss it just so that they can catch more criminals, "terrorists" and whatnot. Short term wins, they are one step ahead, and blahblah. But if we can't have law enforcement thinking on the mid to long term, it can be as damaging as letting vigilante forces control crime in your country.
Power corrupts, and eventually all the data the FBI, NSA and police forces are collecting on innocent civilians will be used for bad - it's probably already happening, we just don't have all the cases in hand to show.
He's technically wrong but spiritually correct. The Republicans under Bush 43 were neocons who would be dismissed as RINOs today. They were more like the current Democrats in many ways. Their line is extinct. The people Trump is surrounding himself with are power-mad Jesus freaks and Tea Party fellow travellers.
The Republican party as we knew it before, for better or worse, is as dead as the Whigs. There has never been a time when people of this particular caliber have controlled the executive branch and held sway over the legislative (and soon enough judicial) branches.
Things are about to get extremely stupid.
Wow! Is this why they couldn't "find" Jack the Ripper – they couldn't unlock his cell phone and get the incriminating evidence? Oh wait, Jack the Ripper didn't have a cell phone. Then how did the LEOs solve any murder before the use of cell phones?!
if it isn't flatfoots exceeding their warrant authority, it's thieves and hackers. out in user land, we can't tell the difference. so encryption is getting better, and the world is better off for it.
if this is supposed to be a new economy, how come they still want my old fashioned money?
If it were only so simple! If the underlying OS is compromised and can't be trusted, what's the value of any encryption on top of that?
Let's say Gov't passes an anti-encryption law for smartphones. First thing Apple and Google will (have to) do, is to purge their App Stores from all apps that implement un-snoopable encryption. That's the first step. So no un-compromised encryption in apps for the plebs.
Then, next step, Apple and Google will (have to) remove all encryption libraries and support in the OS (libraries etc.), or cripple them with backdoors, so the Government(s) and other evil-doers can snoop right back in, even if Apps are still allowed to call encryption APIs.
Finally, every I/O in and out of an App has to go through some layer of the OS; and if the OS can't be trusted, what good is solid encryption? You as a user can't listen to encrypted voice, you can't read encrypted messages, you can't watch encrypted photos and videos: you're the analog counterpart that requires decryption, and this is the point where device makers will be compelled by the Gov't to let the snooping start.
Of course, there's still the option of alternative ROMs that you compile yourself out of reliable source code (CyanogenMod et al. come to mind); but here, there are still some binary blobs that are required to drive the modems etc.: same problem as with a regular Linux: do you trust these, if Government were to mandate snooping on a hardware low-level from manufacturers?
cpghost at Cordula's Web.
If Mr. Vance has evidence that a phone contains information related to a case, Mr. Vance knows he can get a warrant requiring the owner of the phone to unlock it. If the owner of the phone refuses to comply, Mr. Vance can have that person jailed indefinitely until he does comply.
That's with current law.
But what Mr. Vance really wants is a precedent allowing him to demand access to a phone for which he has no idea whether it contains anything relevant at all. Basically this is the equivalent to allowing police to randomly walk into any house they choose and look around for evidence.
You know the last time this was allowed in America? Before 1776. Back then, British soldiers could routinely enter any colonist's house and look around for pretty much anything, whether or not they had any reason to expect it to be present - they only needed a vaguely written writ of assistance, which conveniently never expired. That's why, since 1792, we've had a fourth amendment attached to that crusty old document known as the United States Constitution.
It's sad... the more you read American history from the time around the revolution, the more you see parallels with what's happening today.
#DeleteChrome
They are not asking to be able to tap communications with a warrant (something which is legal). They are asking for an ability to extract information contained in encrypted phone storage. This is identical to asking any hardware manufacturer to abstain from using strong encryption in desktop computers so that police could read information stored on desktops. If such a law were passed, it would essentially outlaw all strong encryption. This is not without precedent. The government already passed laws equating encryption to weapons. So, at the very least, they may try the same argument to require anyone in possession of a device capable of strong encryption to have a license. I am not advocating for this. But I have problems seeing how this can be stopped.
Any guest worker system is indistinguishable from indentured servitude.
And that is exactly what they are asking for in this matter: They want to be able to decrypt all "lawfully seized" devices. The problem is that if they are able to do that, then they are wayyyy of mission and are in the process of establishing a police-state. The purpose of the police is not and has never been to solve all crime. In a free society, its only purpose is to keep crime at a level that society still functions reasonably well. Only if they provably cannot do that anymore (and there is no indication that that is the case here) is an increase of their power justified.
What is really at work here is the desire of authoritarians (and these people are drawn to jobs like this) want to remove the feeling of being safe when people store their thoughts and ideas in their phones. They want the chilling-effects historically caused by "god sees everything" transferred to technology. This makes these people a huge threat to free society, much more than the crime they pretend to be fighting ever could.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You cannot have been very good at the basics of your job, because otherwise you would know that stiffer penalties have zero prevention values for most crimes. You would also know that most criminals do not expect to get caught. If they would expect to get caught, far more lenient penalties would already be sufficient to stop all crime permanently, because if you get caught, crime universally does not pay (well, unless it is a large enough crime, like what the banksters do, or the like).
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
My Phone carries a lot of personal information and they just aren't allowed a blanket ability to seize it. Digital devices have become ubiquitous and their storage of personal information must be protected. Really want into that iPhone collection? hire an ethical hacker or worst comes to worst a hardware firm to play with the base encryption hardware and software to allow infinite attempts. With a valid warrant. They seem to have forgotten about this small matter from the Bill of Rights:
- Tjp
I am in wallow with my inner money grubbing capitalistic pig. ... Oink!
"If the underlying OS can't be trusted, what's the value of any encryption on top of that?"
Let me put this file I encrypted with PGP on an anonymous FTP site / dropbox. You can then download it and tell me what's in the file. No wait, you can't, because it's encrypted with an OS-agnostic algorithm and you don't have the key.
The OS doesn't matter if the encryption is implemented in wholesale above the OS. And last I checked, sideloading apps on Android is a thing.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
I'm not sure you get the point. Are the (private) keys located on the Android device? Do you enter the passphrase to unlock the private keys directly on the Android device? If so, your beloved App's security is toast, because key material is hitting the OS before it even reaches the App.
cpghost at Cordula's Web.
Users must be safe from criminals, spies etc. being able to read the contents of their phones. Users need not be safe from the police with a valid search warrant being able to read the contents of the phone. The problem is that you can't have both.
When you consider the safety of a phone, you must consider the worst case, that the phone falls into the hands of a sophisticated hacker. It must be safe in that situation.
Apple is in a similar situation as a very sophisticated hacker, as far as iPhones are concerned. So to be safe from sophisticated hackers who have the physical phone in their hands, an iPhone must also be safe if it is in the hands of Apple. If Apple could decrypt the contents of the phone, then there would be a great risk that hackers could also decrypt it. Therefore the phone must be designed in such a way that Apple can't decrypt it, even if they want to.
He's technically correct. They were Republicans. You can't arbitrarily decide a Republican is not a Republican and expect everyone to buy into such a lackadaisical and ambiguous definition.
Parties change over time, in a process reminiscent of punctuated equilibrium. This is unquestionably one of those tipping points.
Or are you prepared to argue that the Republicans today would find much in common with Lincoln?
No, I'm ready to argue that they associated themselves with the Republican Party as it was at that time.