Backdoors
Thursday, Feb 18, 2016 · 400 words · approx 2 mins to readThe current tech story du jour is Apple’s open letter to its customers, informing them of the US Government’s request that they build a backdoor into iOS to allow the FBI to decrypt and access data on iPhone. As part of the investigation into the San Bernadino terrorist attack, the FBI want to look at one attacker’s iPhone without having to bypass the security themselves via normal methods.
The obvious problem with that is that compromising the security and privacy of a single device, even just once to help an important law enforcement investigation to proceed, then compromises it entirely for every other device they make from that point forwards. There’s no way, after a verified break like that, to ever trust again that the security apparatus built into the hardware and software are working together in tandem to protect my security and privacy from that point forward. Crucially, that’s a trust that’s incredibly hard to earn in the first place, and even harder to regain if broken.
On top of that, iPhone is a global product, so if compelled to backdoor the operating system then Apple also compromises it even in countries that have no call for what the FBI is asking for. There likely wouldn’t be a non-US legal jurisdiction version of the phone hardware and/or software. So I wouldn’t be able to buy one that isn’t able to be compromised by US law enforcement, or anyone else who figures out the eventual bypass or exploit.
So yes, it makes life difficult for law enforcement who’d like to look at phones and other devices owned by suspects, but Apple shouldn’t be asked to compromise everyone’s privacy and personal security to make it easier to investigate criminal acts, even those as bad as the San Bernadino terrorist incident. The act of easily breaking the security for one device breaks it for all others.
I’m not saying anything new or insightful here, but I feel it’s my duty to say it because I feel strongly about it. The right to personal privacy and total data security through functioning encryption, even if it makes it difficult to catch bad people, is absolute, and I support Apple’s position and desire to fight the request 100%.