Fifteen months into the post-Snowden
era, Americans are having some serious trust issues with the companies in
charge of their electronic communications. It seems that in secretly providing
their end users' private information to the NSA, companies like AT&T,
Google, and Apple got caught with their hands in the same cookie jar as the spy
agency they all officially denied helping. Dubious, corporate rebuttals were
issued; the intelligence community scrambled to cover its Constitutional
violations; and the public, understandably, shook their heads in disbelief,
breathed a jaded, heavy sigh and wondered who was listening in as they shared
their most personal thoughts with trusted confidants over the telephone and
internet.
Something had to be done. All this mistrust
was bad for business.
So it came as little surprise last
week when ubiqui-tech leviathan, Apple Computer answered the call with a
resounding "Not our problem."
Wait, what?
OK, that isn't what they said, but it might as
well have been. What Apple actually announced was that they were adding
encryption as the default factory setting on all shipped units of their new
iPhone 6--a change which Apple claims will render the new device impervious to
the NSA and other Nosy Nellies. On its surface, this sounds like progress. In
order for intelligence or law enforcement to gain access to the phone's data,
Apple assures us that the agency in question would need the user's encryption
code or a five-year head start in cracking that same code, even with the most
sophisticated decryption programs. Sounds safe and secure, right?
Well...not so much. The leaps in
logic that Apple is hoping we don't make are numerous. In providing end users
the means to effectively lock Apple's back-door security system out of the
phone, not even a search warrant could compel the iPhone's manufacturer to
comply with law enforcement or intelligence. Apple has no access; they have
preemptively removed themselves from the chain of physical evidence. This is
starting to sound suspiciously more like self-preservation than it is about any
concern for our privacy.
Furthermore the encryption that
Apple has added protects only the data securely locked away in the phone's
memory. Information broadcast over the airwaves is still fair game, as are the
scores of terabytes stored on their iCloud servers. Did they think we would be
so dazzled by big words like encryption that we would forget that they have
already been caught mishandling these two data streams, and have thus far
offered no assurances that the problem has been resolved?
Apple claims that they are unique
amongst the usual suspects of both wired and wireless communications in that
their "core business is to sell devices to people" not airtime , data
or bandwidth. The leap in logic they are
hoping we make is that their phone is trustworthy. What happens outside of this
phone may not be under their control; but trust them, they implore, the phone
itself is impervious to prying eyes. They need,
not just the U.S. but the entire world market to buy into this trustworthiness
so that they can keep themselves in our good graces, and more importantly, for
them at least, to keep us addicted to their product.
The peace of mind that Apple is
selling here isn't real. Among other things, they have grossly underestimated
the NSA's decryption capabilities. Regular law enforcement--maybe even the FBI--
might be stymied by the iPhone's relative robustness, but the NSA would be
elbow-deep into the phones memory banks faster than Apple can think of new colors for
the next model. This isn't security; it's pure marketing, plain and simple. We
shouldn't be surprised at all. That's what Apple has always been best at.
No comments:
Post a Comment