Applecyber

Dave Kinnear1-On Leadership, 3-LI

Security Grab:

Previously, I posted my thoughts on Tim Cook and how he is handling the FBI security grab controversy. I refrained from stating how I felt about the issue to stay focused on Mr. Cook’s leadership.

In this post, however, I will wade in on the technology, privacy, and security issue. First, let me make it clear that I, too, am outraged at the actions of these homegrown terrorists. And I also offer my heartfelt condolences to all the families affected. I am well aware that this topic, like so many in our country, is pretty well split between supporters and opponents. Again like

Image

so many issues, the loud rhetoric seems to preclude hearing the other side’s point of view. It’s a shame because we need to be in dialog about this and many other topics regarding where technology is taking us.

Unusual Ally

I find myself siding with Apple and other technology companies. They are warning us that we have gotten way too lazy when it comes to securing our data and ensuring our privacy. And I also am guilty of being lazy. I have a simple swipe lock on my smartphone because it is too time-consuming to have to put in a long password every time I pick up my phone.

But on that phone are many personal pictures, contacts, emails, and text messages. I have nothing to hide. While it would be very inconvenient if I lost this phone, I would not be particularly worried about being embarrassed if someone was able to get into it. I would, of course, be very worried about identity theft or causing business contacts and friends a problem of being spammed by someone who might be inclined to use my connections to do so.

Uneducated

Susan Landau argues that:

“. . . the challenge shouldn’t be to make data on iPhones or other devices easier for law enforcement to access—making it also easier for hackers or other governments to access—but to make devices as secure as possible while funding the FBI’s own development of better digital investigation tools.”
—Susan Landau, Professor of cybersecurity policy at Worcester Polytechnic Institute

Here is my logic. First, I believe that strong security (encryption, strong passwords, bit slicing, etc.) is in our national best interests. Yes, I understand bad guys will have access to such technology, and it will make life difficult for homeland security. The bad guys will have that technology because we aren’t the only ones capable of providing robust security systems. That argument should sound familiar to those adamantly supporting the second amendment of the U.S. Constitution. If we require good guys to have back doors to encryption, then only bad guys will have fully secured encryption.

Second, once the law enforcement folks in this and other countries (yes, this is a global issue) find out that they can force companies to build custom software or hardware to defeat security, the companies will have a never-ending stream of requests for them to do so. What requests should we honor? From which countries? That is a burden no company should have to bear. It is my understanding that there are several entities with a stack of phones that they wish to infiltrate. They are waiting to see what happens next in this case. [Update 04/28/16: As we now know, the FBI found another way into the phone and dropped this case. So far, the other phones stacked up will have to fend for themselves — perhaps more trials!]

Bottom Line

Finally, I choose to believe that the NSA has figured out how to break into our physical phones if they can lay their hands on them. They have spent the time and budget to develop that expertise. The FBI, on the other hand, has chosen to try and force “us” to make it easy for them to break in by advocating for back doors, getting the manufacturers to do the work (as in this Apple case), and by greasing the skids through the courts.

I say, “No.” Let them fight the hard battle to get the budget to build their expertise the same way other agencies have. The NSA and CIA would rather that there be powerful public encryption so that the internet of things and our communications, both corporate and personal, are as secure as possible. They are happy to pit their technology skills against the bad guys and spies, but they want our infrastructure and communications secure.

The FBI is working to make us all less safe and secure. The public needs to educate themselves, as much as possible, on how technology and security work.

[Reformatted 9/2020 for our new website.