Thursday, March 17, 2016

The iPhone Encryption Debate - A Personal View

I have read the many opinions and news stories in the ongoing dispute between Apple and law enforcement in the US regarding "that" iPhone. Regardless of the merits of that particular case I think that the implications are much wider than they first appear. But first some background.

Why we need good encryption
I have been working in electronics for 34 years and specifically in IT for 26 years. Hacking has been part of the whole IT environment for as long as I have been working. In the early days it was security through obscurity and we can see how well that worked. Leaked service manuals was all that was needed for the smart and inventive to get into telephone exchanges. That of course made it easy for law enforcement to tap phones of interest, but it also made it equally easy for nefarious organisations to gain access to the same sources of information. Of course this was subject to abuse, just look at Hoover's personal campaign against King for instance.

Fast forward to today and we still have systems that can be hacked. As soon as one hole is discovered and blocked yet another hole is discovered. Just look at the number of major breaches in security in the US alone in the last year. And several very high profile security breaches in the US government. I suspect that these could have been prevented had good security processes been in place. What this highlights is that even the worlds most powerful government cannot protect their data.

Then consider people in countries where they have a corrupt government who are protesting or trying to highlight their government's corruption. There is nothing that they would like more than to spy on the trouble makers.

But what about your personal information such as your credit card details, fingerprint details and other information that could be used to steal your identity or bank details. It may also be important to hide from people such as people who have been in abusive relationships. I heard just this week of an old acquaintance who is hiding from an abuser. Industrial espionage is a huge problem and they use weak encryption to steal the secrets of their competitors.

The list of things that nefarious people would find valuable is endless.

The Solution
What we need is a good way to keep that information safe. What Apple is  doing is implementing in hardware and software a way of keeping your information from people who would misuse that information. To do this they are building in safeguards that would make it impossible for anyone but the owner of the device to get to the data stored on that device. At the present time the best secure access methods are three way. They use something you know, something you have and something you are. Something you know may be a password or pin. Something you have may be an app on a smart phone, a rotating one time code on a secure key or a custom generated key on a USB memory stick. Something you are is your fingerprint, your eye scan, or maybe in the not too distant future your DNA. The current generation of iPhone have two of the three. Something you know, ie pin, then something you are, that is fingerprint. The pair that with the high level of encryption on the phone itself then you have a good system to protect your data.

What about data going to and from your device. The backup can be encrypted so that the device backup to the cloud or your PC can be securely encrypted. On the other hand much of the data that passes externally may not be encrypted. Phone calls, internet data which may include banking details or site logins, SMS, application data including third party messaging apps, location details, personal details from and app. That is why your banking app uses a secure encrypted connection. That is why dissidents use encrypted apps. It is critical that these things be perfectly secure and there be no chance of any of this data falling into the wrong hands.

The Problem
Every time a way into any of these secure devices is created it increases the chance exponentially that the security on the device can be bypassed. So if you give the government a way in (a government who cannot even keep their own information secure) it provides a way in for others that should not be able to get in. So it is with other secure services. Secure web sites, secure file encryption. The US government has been arguing for years for deliberate back doors into all of the se data encryption methods. To the lay person all of this sounds reasonable but for those in the industry this spells disaster for encryption. If the government cannot keep their peoples information secure there is no way these back doors could not be exploited by others. Remember that there are a lot of very talented people trying to find a way around encryption and the more weaknesses there are the more likely they are to succeed.

We must keep our data safe and building in back doors will make it that much easier for criminals, companies and corrupt governments to take advantage of these back doors. Good security is not a privilege it is a necessity in modern life. The world has changed and we must change our attitudes with it. It is no longer good enough to rely on obscurity.

People such as Apple have a duty to their customers to enable good encryption and it is unreasonable for any government to ask them to deliberately break that regardless of the reason.