Thoughts on Apple’s iOS8 Encryption and the FBI’s Reaction
For my thoughts on the FBI’s aggressive reaction to Apple encrypting all iPhone device data by default to be beyond the reach of even government court orders, look no further than this Toronto Star article, in which I was extensively quoted (along with Matt Blaze, cool!)
But encryption expert Nadim Kobeissi said law enforcement critics are exaggerating the potential impact on their work and will still have access to the same data.
“They’re making much ado about nothing because they’re scared of the general trend, where companies are starting to stand up for consumer privacy,” Kobeissi said on Friday.
Kobeissi, a Montreal-based programmer, designed open-source encrypted chat program Cryptocat and works with the World Wide Web Consortium — the organization that sets global Internet standards — on online cryptography.
“We shouldn’t be operating in a mentality where increasing consumer safety is a bad thing for law enforcement. This is the mentality with which the FBI is approaching this, and it’s not a democratic mentality,” he added.
Even with the new encryption standards, law enforcement will still be able to access most — and in many cases, all — information stored on cellphones by requesting it from wireless carriers or companies such as Apple.
Kobeissi noted that, as the recent iCloud hack of nude celebrity photos demonstrated, many iPhone users also allow their phones to automatically upload photos and other data to Apple’s backup cloud service, which police can still access.
Police can also still tap a suspect’s phone, track their calls and text messages or track their phone with GPS or cell tower triangulation. “Your own refusal to unlock your phone is now guaranteed, but that doesn’t mean they don’t have this immense set of tools,” Kobeissi said. Kobeissi added that the new encryption standards are among several introduced since media reports revealed large-scale surveillance of phone and Internet data by American intelligence agencies.
“The three-letter agencies know that it’s their responsibility that this has happened in the first place,” said Kobeissi, referring to organizations such as the FBI, the Central Intelligence Agency (CIA) and the National Security Administration (NSA). “If they weren’t so overly aggressive in using their surveillance tools and exploiting surveillance laws, people wouldn’t have been so panicked.
“A lot of people in the security community are saying, ‘Cry me a river, FBI — you are responsible for this.”