This is my personal blog for issues that I will make comment upon, my own views. Feel free to comment or connect with me.
AQL commissioned Ambassador for the Yorkshire Humberside Cyber security Information Sharing Partnership
To join follow www.ncsc.gov.uk/CISP
Apple and the FBI some thoughts and judgement pre Farook decision
The Apple FBI saga
The disagreement over Apple
and the FBI has become a microcosm of the world of cyber and digital crime.
Warranty can secure access to homes, cars planes and any premise or item.
However the encryption coding on the iPhone, that is loved by many, seems to be
at the limit of the privacy issue, and not just because of encryption.
Cyber investigators have
mixed views ranging from fully supporting Apple’s right to say no, through to a
total distrust of the state to protect its citizens from digital theft. The
role of private organisations and businesses to support and deliver security or
evidence on behalf of the state seems an unreasonable one to many.
Understanding what has
actually happened legally is also a concern as the media is either
misunderstanding the application made by the FBI or is “bigging” up Apple’s
Either way the legal process
will ensue as Apple appeals the FBI bid. Added to that are side issues such as
whether the password for the San Bernardino shooter's iCloud account (Farook) associated
with his iPhone was reset hours after authorities took possession of the
device, was this an error or a deliberate ploy.
Some questions already posed.
1.Is Apple right to
stand its ground, balancing personal security and privacy against national
There is also an issue about product confidence and the concern that
the US is not the only country where iPhones sell. Its approach is to appeal
and use its legal route first. This will take time.The below unrelated case gives support to Apple's view
2.What are the
If the appeal fails then the FBI will secure what it is after, an
ability to keep trying to crack the encryption without the iPhone losing data.
The question is whether this will stop Apple’s encryption and create a back
door for the FBI/Police. If they do, there is considerable fear it will be
copied by other countries or organisations rendering the security of the iPhone
3.Since so much
consumer trust is invested in how we use our phones for the most data sensitive
of operations amongst commerce, mobile money and banking etc will this move
compromise that trust?
If Apple are forced to create a back door it will reduce consumer
confidence in the product on the basis that the techniques are likely to be
copied or replicated elsewhere. Currently the Passcode is part of an encryption
that cannot be broken
4.If the government
is effectively asking for a back door key, how secure would that process be?
Through human carelessness or leaking could the key be compromised?
Industry doesn’t have a strong sense that the state could protect the
“key”. And there are examples to support that view. What if those with access
are compromised or neglectful? Apple has well-reasoned arguments to consider
the ability of any state to hold that access “key”
However A judgement came yesterday in a not related case which doesnt have binding precedence over the Farook case but contains some some really helpful comments within the 50 page report
A good summary is found below, particularly the call for Legislators to deal with the fast changing technological developments
deciding this motion, I offer no opinion as to whether, in the circumstances of
this case or others, the government's legitimate interest in ensuring that no
door is too strong to resist lawful entry should prevail against the equally
legitimate societal interests arrayed against it here. Those
competing values extend beyond the individual's interest in vindicating
reasonable expectations of privacy – which is not directly implicated where, as
here, it must give way to the mandate of a lawful warrant. They include the
commercial interest in conducting a lawful business as its owners deem most
productive, free of potentially harmful government intrusion; and the far more
fundamental and universal interest – important to individuals as a matter of
safety, to businesses as a matter of competitive fairness, and to society as a
whole as a matter of national security – in shielding sensitive electronically
stored data from the myriad harms, great and small, that unauthorized access
and misuse can cause.
best to balance those interests is a matter of critical importance to our
society, and the need for an answer becomes more pressing daily, as the tide of
technological advance flows ever farther past the boundaries of what seemed
possible even a few decades ago. But that debate must happen today, and it must
take place among legislators who are equipped to consider the technological and
cultural realities of a world their predecessors could not begin to conceive.
It would betray our constitutional heritage and our people's claim to democratic
governance for a judge to pretend that our Founders already had that debate,
and ended it, in 1789."
This is the full judgement passed yesterday re the FBI and Apple case in Brooklyn. It will be interesting to see how this is regarded in the main Farook case Judgement Apple and FBI