Encryption

[Tentacruel]

I kind of want to talk about this topic.  

 

Encryption is simply the obfuscation of data.  It gets scrambled when it leaves the sender and unscrambled when it gets to the receiver. 

 

It's become a political issue because the US Government wants companies to install backdoors in their security systems so they can access user data to "fight terrorism."

 

And more recently, Apple is currently trying to fight back against a request for them to install a federal backdoor in their systems which they feel would compromise the privacy and security of apple device users.

 

 

I am completely against this.  You don't need to make my bank information more easy to intercept to fight ISIS.  

 

I don't really know much about the situation in other countries so feel free to chime in about your local encryption debate. 

 

 

Discuss. 

[Ryusei the Morning Star]

People are overly paranoid in this matter. In the same leu that Obama has more important things to do, the government has more important things to do than steal your bank account try or peek at your lewd texts

 

If you have nothing to hide, you really don't have anything to fear from the government on the encryption matter. Cook brings up a fair point on other's accessing the backdoor, and this is true. But technology companies should be required to modify their backdoor fairly often to make it difficult for this type of break-in

 

This is the god damn United States, we should have Privacy AND Security 

 

Provision 5 from DSEA

 

"Criminalization of the use of encryption to conceal incriminating communications"

[ihop]

I'd like to know how much helpful information used for innocent causes like counter-terrorism is actually gained from this sort of thing. I'd find it very difficult to trust a government not to use the information for bad reasons and I'd really rather avoid it if possible. Sure, if it's actually really helpful I'm all for it but I'm very uncomfortable with the entire idea of it.

[Ryusei the Morning Star]

 find it very difficult to trust a government 

Why? How often has the MI5 blackmailed you based on your texts?

 

This in particular is a case where a known terrorist information is not being shared with the FBI AFTER Court Order...even you must realize how stupid this situation is? Bad precedent my ass. Let the precedent be set that if you align with Daesh and shoot up 14 people that your phone will be cracked

[ihop]

I personally don't give a sheet about my personal information being made available but I wouldn't put it past a government to spy on, say, journalists writing articles that undermine the government in some way. Not saying they would, but I'm uncomfortable with the idea of making it easy.

[Ryusei the Morning Star]

I personally don't give a sheet about my personal information being made available but I wouldn't put it past a government to spy on, say, journalists writing articles that undermine the government in some way. Not saying they would, but I'm uncomfortable with the idea of making it easy.

 

But like with the amended 215, information can/should be obtainable about targeted individuals with permission from a federal court upon proving a threat beyond a reasonable doubt

 

I mean I agree with the changes made to Section 215 as well. Make it so the government has to prove that threat exists in court. It's gonna be pretty hard to prove in open court that a journalist poses a threat to national security, and at that point you wonder, would the gov go through the trouble to keep something down? Court cases are a double edge sword for them because it's publicity in its own regard, so the people will be able to weigh in

 

 

Anyway, Cuban nailed it with his 4 points of justification for decryption 

 

 

• That the incident in question be declared an Act of Terrorism, with casualties
• That there is reason to believe the device was possessed by a participant in the incident
• The device must have been on location for the incident
• The terrorist who owned the device must be deceased

This is less about turning the US into 1984, and more so making sure it doesn't turn into Daesh's dumping ground

[Progenitor]

You guys misunderstand why this is an issue.  It's not political at all.  Not even close.

The problem with a federal backdoor encryption override is that you create a backdoor

 

You essentially replace a math problem that may take years to actually solve with that same math problem, but give them the option of inserting their house key instead.

If you create a backdoor, you literally create a vulnerability in your encryption which will automatically become the focal point for cyber attacks.  You can restrict access all you want.  It doesn't matter.  in the grand scheme of things, it makes your encryption system exponentially less safe.

 

Apple does not want to be hacked simply because the government wants an easy way in.  That's funking stupid.  Why would I waste my time breaking through 60 feet of reinforced steel when I can just shoulder tackle the door on the side a few times and break it down?  The government just needs better decryption methods, or a new policy regarding emergency access to encrypted devices (aka the government can ask for the encryption algorithm in a time of indeterminate levels of crisis).  This essentially gives the decryption specialists that they DO have the answer sheet for the test.  All you have to do is show your work and you're in.  The problem is that they would either have to re-write or re-enforce their own encryption algorithm once such a policy was used, which could be potentially devastating for that company, so the crisis level would actually have to be what people generally assume a "crisis" entails, which the event of which this debate is originating definitely does not fall under.

[Tentacruel]

You guys misunderstand why this is an issue.  It's not political at all.  Not even close.

The problem with a federal backdoor encryption override is that you create a backdoor

 

You essentially replace a math problem that may take years to actually solve with that same math problem, but give them the option of inserting their house key instead.

If you create a backdoor, you literally create a vulnerability in your encryption which will automatically become the focal point for cyber attacks.  You can restrict access all you want.  It doesn't matter.  in the grand scheme of things, it makes your encryption system exponentially less safe.

 

Apple does not want to be hacked simply because the government wants an easy way in.  That's funking stupid.  Why would I waste my time breaking through 60 feet of reinforced steel when I can just shoulder tackle the door on the side a few times and break it down?  The government just needs better decryption methods, or a new policy regarding emergency access to encrypted devices (aka the government can ask for the encryption algorithm in a time of indeterminate levels of crisis).  This essentially gives the decryption specialists that they DO have the answer sheet for the test.  All you have to do is show your work and you're in.  The problem is that they would either have to re-write or re-enforce their own encryption algorithm once such a policy was used, which could be potentially devastating for that company, so the crisis level would actually have to be what people generally assume a "crisis" entails, which the event of which this debate is originating definitely does not fall under.

 

This is exactly why it's a problem.  I apologize for not communicating this in the OP.

 

What they're asking is basically to leave a spare key under the doormat for federal use, but someone else is going to find the key at some point.  Even if you trust the government with your information, (And personally I strongly disagree with the notion that you shouldn't care unless you have something to hide), it makes sensitive data and information much less safe from criminals and hackers with malicious intent. 

[Ryusei the Morning Star]

As the White House put it, they're not asking for the power to break into every iphone, JUST this one

[Tentacruel]

As the White House put it, they're not asking for the power to break into every iphone, JUST this one

You're missing the point, they're asking for a key that allows them to break into iPhones.  It's not that the White House is going to systematically look through everyone's nude photos, it's that the back door will compromise the security of every iPhone. 

[Ryusei the Morning Star]

You're missing the point, they're asking for a key that allows them to break into iPhones.  It's not that the White House is going to systematically look through everyone's nude photos, it's that the back door will compromise the security of every iPhone. 

Well it's not like this key will even be available to the gov on a regular basis, you'd have to get a federal judge to approve it. People need to stop thinking we're giving the gov a blank key, cause we're not

[Shalltear Bloodfallen]

Winter, the problem isnt about the goverment having acess. It's that their means of acess makes the device EXPONENTIALLY less secure against those who will use the information stored within for illegal ends.

Criminals arent gonna be focusing on dismanteling the entire security, they will be hammering against the backdoor, because it is faaar more likely to give then the wall of solid steel a regular security represents

 

And since we're talking global effect due to how the request is being presented, I cannot even begin to tell you the reprecussions of presenting such a weakness on a global scale, and in all types of encryption software.

 

Hackers and security companies are already in a constant race of trying to one up another, and we shouldnt be helping the former to ruin us simply because the US is fighting a neverending "War on Terror"

[Lunar Origins]

it's not about giving them a key to this single iphone

 

it's about giving them a key to every iphone

 

the thing, though, is that the key doesn't funking exist yet

 

so they want a key to be made - in specific they want a key made that will allow them to brute-force it

 

remember how iphones wipe their data after 10 attempted tries?

 

they want that gone

 

this is so much bigger than just a single iphone - this is a matter of privacy vs. security for -all- who have these sorts of devices

 

--

 

anyways, the government has the ability to break into the phone anyways lol, but they're too lazy to do it theirselves

 

i mean, come on.  you think they don't?

[Makο]

i mean, come on.  you think they don't?

Hell, I bet I could. They don't need no damn universal breaker.

[epicmemesbro]

Apple shouldn't back down, and people who use their products should support them. If Apple makes the universal backdoor, ALL devices will be vulnerable. And the government doesn't even bother working with Apple, and pretty much changed the Apple ID of a confiscated phone, which meant any assistance Apple could have had to them is useless. Shady for someone who wanted Apple to unlock the phone in the first place.

 

Winter, the problem isnt about the goverment having acess. It's that their means of acess makes the device EXPONENTIALLY less secure against those who will use the information stored within for illegal ends.

Criminals arent gonna be focusing on dismanteling the entire security, they will be hammering against the backdoor, because it is faaar more likely to give then the wall of solid steel a regular security represents

 

And since we're talking global effect due to how the request is being presented, I cannot even begin to tell you the reprecussions of presenting such a weakness on a global scale, and in all types of encryption software.

 

Hackers and security companies are already in a constant race of trying to one up another, and we shouldnt be helping the former to ruin us simply because the US is fighting a neverending "War on Terror"

The rare time I absolutely agree with you. The US Government shows no bounds when it comes to monitoring. A few years ago there was a scandal on the German Chancellors' phone being bugged by a US government agency with out the German government knowing.

[cr47t]

I really don't like that Apple is still refusing even after the court order. It dosen't matter if you're concerned about all your customers (although that is a legitimate concern too that I am also agreed with) or if you;re potentially the biggest business in the US or maybe the world; you're still not above the law.

 

If people are worried about hackers getting the backdoor system or the government abusing the system, then the backdoor system should be designed to work as a physical hacking device rather than just a virtual program. To use it you would need to plug it into the iPhone like you would a charger then boot up the program. This way anyone who wanted to use the device would need to have both the iPhone and the hacking device on them to use it, and it could also be easier to protect the device from theft. Thus, it would be challenging for the government or outside hackers to easily abuse it.

[Progenitor]

I really don't like that Apple is still refusing even after the court order. It dosen't matter if you're concerned about all your customers (although that is a legitimate concern too that I am also agreed with) or if you;re potentially the biggest business in the US or maybe the world; you're still not above the law.

 

If people are worried about hackers getting the backdoor system or the government abusing the system, then the backdoor system should be designed to work as a physical hacking device rather than just a virtual program. To use it you would need to plug it into the iPhone like you would a charger then boot up the program. This way anyone who wanted to use the device would need to have both the iPhone and the hacking device on them to use it, and it could also be easier to protect the device from theft. Thus, it would be challenging for the government or outside hackers to easily abuse it.

 

So what if the government by some miracle managed to pass a law that required all students to go to school with no pants.  Studies show that a lot of these tragic school shootings happen because the gun was smuggled in from the pants (i dunno im making this up as I go), and the most common place is the pants.

 

Do you lose anything really?  No.  And if this information is correct then in actuality everyone is more safe.  But...why?  Why do you have to take it that far?  Why not just a mandatory search or something?  Why put children through that hell just to ensure their safety on something that could be solved at an even better way that doesn't scar them.

 

That's a really stupid example, but it's the exact same principle. The supreme court supported the decision for apple to make their encryption less safe as a whole so that the government could POTENTIALLY save people, even though simply supplying the encryption algorithm in a time of crisis would do LITERALLY the same thing BUT APPLE'S SECURITY WOULD REMAIN SOLID.

 

The government is telling apple to shoot itself in the thigh because then they could look through the hole and see if they have cancer.  Not only is that STUPID, and NOT FAIR, but i'm pretty sure it's UNCONSTITUTIONAL.

 

So they don't think their above the law.  They think the law is completely unfair, and that the court doesn't understand the gravity of the ruling.  They are pleading for a re-evaluation with people who are actually educated on the implications of the subject.

[Shalltear Bloodfallen]

The government is telling apple to shoot itself in the thigh because then they could look through the hole and see if they have cancer.  Not only is that STUPID, and NOT FAIR, but i'm pretty sure it's UNCONSTITUTIONAL.

 

I would take it even further and say if it isnt, it sure as hell should be.

We're talking about something that is in all likelyhood going to make devices all across the globe exponentially less safe.

This is not just american citizens comming into the firing line from hackers. It's people all across the globe, and it's because the US is not only stupid enough to not realise this is a really bad idea, but also bullheaded enough to openly not listen when Apple themself, who actually know the implications this would bring, tell them no this is a dumb idea, please stop.

 

I dont wanna risk sensitive information leaking out to people who would use it to harm me, just because the US goverment has lost all semblance of common f***ing sense when it comes to fighting "them terrorists". (Or considering they would need a judge to approve the usage, they mightaswell own up to it at this point this is their attempt to make it easier for them to keep tabs on people they have no buisness to be conducting surveillance on. Not to fight terrorists)

 

There is not a single way this can be pulled off, withouth presenting a substantial shockwave to encryption security everywhere

[Ryusei the Morning Star]

I would take it even further and say if it isnt, it sure as hell should be.

We're talking about something that is in all likelyhood going to make devices all across the globe exponentially less safe.

This is not just american citizens comming into the firing line from hackers. It's people all across the globe, and it's because the US is not only stupid enough to not realise this is a really bad idea, but also bullheaded enough to openly not listen when Apple themself, who actually know the implications this would bring, tell them no this is a dumb idea, please stop.

 

I dont wanna risk sensitive information leaking out to people who would use it to harm me, just because the US goverment has lost all semblance of common f***ing sense when it comes to fighting "them terrorists". (Or considering they would need a judge to approve the usage, they mightaswell own up to it at this point this is their attempt to make it easier for them to keep tabs on people they have no buisness to be conducting surveillance on. Not to fight terrorists)

 

There is not a single way this can be pulled off, withouth presenting a substantial shockwave to encryption security everywhere

I'm sorry we take our security seriously when we already had the Pride of New York destroyed by these Terrorists and recently had them infiltrate our land AGAIN with Cali right after Paris.

 

There is a suspicious of a third accomplice with the Cali shooters, so no easy way to put it, your privacy be damned, we're gonna find and run this son of a jabroni down if he exists.

 

Apple can either make this easy on themselves or they can make it painful

[Yemachu]

...

 The supreme court supported the decision for apple to make their encryption less safe as a whole so that the government could POTENTIALLY save people, even though simply supplying the encryption algorithm in a time of crisis would do LITERALLY the same thing BUT APPLE'S SECURITY WOULD REMAIN SOLID.

...

Even if you know how something is encrypted it can still be very timeconsuming to decrypt it. As a result the suspect might have already done what (s)he was planning, before the information on a specific device was decrypted (assuming it was on said device in the first place). So I highly doubt letting the government know how the encryption works will solve anything.

 

Take RSA encryption for example (I don't know whether or not Apple uses this form of encryption, but that is besides the point). Eventhough the algorithm is public knowledge, it is still used by big corporations to encrypt certain things. It works by generating a few values from two randomly selected prime numbers (preferably big numbers). One of these generated numbers is kept secret, whereas the other generated values are made public knowledge. Yes, it is possible to determine the value which is kept secret, but there isn't a fast algorithm to do so (yet). If you change the keys within the time it would approxiamtly take to find the data, it becomes almost impossible to crack it. That is where RSA SecureIDs are for. If you want a more detailed description, I'd advice to read the linked page.

 

 

But enough about that, and back to the topic of altering the used encryption methods. As I said before, I don't think the government benefits much from knowing how the encryption works. Now if they really need the data to be easily decrypted, most likely a different algorithm should be used. This could however introduce a severe weakness, making it way easier to decrypt for anyone who knows how. As such it might be easier for people with evil intentions to do what they want; quite the opposite of why these changes 'should' be made. Not to mention the possibility of this having absolutely no added value for the government, because it didn't give the results they were hoping for.

 

The point of only keeping things a secret if you did something wrong doesn't sit quite well with me. I'd rather keep my credentials a sercet (wouldn't be surprised if others feel the same way), as to keep others from using my name for whatever they feel like. Either way, we will have to wait and see how this will pan out.

[Arctic55]

Personally I think that Apple understands what the government wants.  But the bad outweighs and good.  So, like any most logical person(s), they refused.

 

Good:

1. Access to POTENTIAL terrorist's texts (more than text, but meh).  I don't know about you, but what is the percentage of terrorist attacks to total population of American's alone since the first terrorist attack on American soil?  Probably not even close to 1%.  So we want this backdoor to find the less then half a pecent of our entire population that MIGHT be considering a terrorist attack... which everyone considers when they THINK of a SUPERVILLEN (cause, come on, a supervillen is technically a terrorist right?)

 

Bad:

1. Easier to hack across the globe

2. Increased chance of fraud and identity theft across the globe

    - Hell, your phone could be hacked, and then your name used to buy a truckload of child porn.  Guess it's off to jail with you.

 

 

On that note, here is a fun rap I found and was gonna make a new thread for:

[Tinkerer]

Sooooo...

 

Terrorists vs. Hackers?