Apple is using a straw man argument to fight the FBI
Listen to Tim Cook and you’d be forgiven for thinking that Apple was standing up for the little guy, sticking up for the likes of you and I in fighting the FBI. The FBI, Apple would have you believe, wants Apple to break encryption, thereby weakening security for everyone. But that's not really the case at all.
The FBI has not asked for encryption to be broken; it wants access to data on the San Bernardino shooter's iPhone, and it wants to do so by using the (as yet unknown) PIN that has been used to lock it. Get it wrong too many times and the device is wiped. The FBI wants custom firmware to be made available that would allow it to brute force the PIN. It's nothing to do with cracking encryption, but that's not what Apple wants you to believe. It's an exercise in misdirection and a classic straw man argument. The problem is, if the straw man goes up in flames, will Apple too?
Tim Cook went as far as issuing a public letter explaining why Apple was refusing to comply with the court order that has been handed down. The word 'encryption' is used seven times in Tim Cook's letter, the word 'encrypt' once. You'd be forgiven for thinking that the FBI has asked for the magic keys that decrypt data, thereby meaning the same could be done for any iOS device out there -- but that's absolutely not the case.
The judge actually ruled that:
Apple's reasonable technical assistance shall accomplish the following three important functions: (1) it will bypass or disable the auto-erase function whether or not it has been enabled; (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT and (3) it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.
Encryption is not mentioned once. Not once. We could argue, as Tim Cook tries to, that this is merely a matter of semantics, but this is not about encryption... not really.
Let's use an analogy. Suppose the FBI wanted to gain access to a locked house. It could smash the door down, but this might result in damaging whatever is inside, or even hurting people. This is akin to data being wiped after too many incorrect PIN guesses. The FBI could ask Apple to provide a skeleton key that unlocks every door in the world. This is the story that Tim Cook is putting forward, and it is understandably worrying. The idea that someone could unlock your front door -- any of your doors -- would be concerning to anyone.
But what the FBI is actually doing is asking for the spare keys to a specific door so they can open it without any collateral damage. It's more like when you lose your car keys, or want to get a spare cut. You can’t just go to the shop down the road and have a supplicate run off, you need to get in touch with the manufacturer who will produce a custom key paired to your vehicle after having performed the necessary security and verification checks.
Apple is being utterly disingenuous in suggesting that this is a story about encryption. It's not.
That's not to say Apple is completely wrong, of course, but it is certainly being misleading. Tim Cook is right to suggest that it would set a worrying precedent. He says "while the government may argue that its use would be limited to this case, there is no way to guarantee such control", and he's right. There is cause for concern. What the FBI is asking for is concerning, but not for the reasons Apple suggests.
The thing is, putting forward the idea of breaking encryption is a far, far more emotive issue. It's something that everyone -- every company -- cares about. That is why Facebook, Twitter, Google, Microsoft and the EFF have offered their support to Apple. But break things down, and the issue is actually very different. Would there be such support if the court order was reworded to say 'Apple needs to disarm the self-destruct feature of this device'? Probably not.
Apple knows as much, and that's why Tim Cook released his very carefully worded letter as part of a cleverly orchestrated campaign to drum up even more support. I hear you, Tim, but you need to be honest about what's actually going on.
Apple could help the FBI without compromising the security of anyone else. It does not need to supply the FBI with the source code for any tool it creates that allows for PIN bypassing. It's hard to imagine that Apple engineers don’t already have such a tool, even if it's only for personal use. The phone in question could be brought in house, unlocked by Apple, and handed back. The unlocking tool need never be in anyone's hands other than Apple's, greatly minimizing the potential for abuse.
But this is just conjecture, and it would still set a precedent. No company wants to be seen to be siding with the enemy, even if the "enemy" is fighting terrorism. The real enemy here, for Apple, is Apple's image. Apple is terrified of any of its sheen becoming tarnished. Sadly, the company has resorted to poorly thought out arguments based on flawed logic and unsound reasoning to support its position. The damage to image has already been done.
Share your thoughts in the poll we have running: Should Apple help the FBI unlock the San Bernardino iPhone?
Photo credit: Wuttichok Panichiwarapun / Shutterstock