February 26, 2016 by David K. Sutton
Rubio: FBI Not Asking Apple For Backdoor To Encryption
During last night’s Republican debate on CNN, Marco Rubio said, “They [FBI] are not asking for Apple to create a backdoor to encryption.” On a very specific parsing of that statement, Rubio might be correct, but what the FBI is asking Apple to do is create code that would be equal to a backdoor, because it would allow the FBI (and anyone else who gets their hands on this code) the ability to try unlimited passcodes using high-speed computers. virtually guaranteeing access to the phone’s data. So sure, on a technicality Rubio might be correct, but make no mistake, Apple is being asked to create code that would make it possible to render the iPhone’s encryption meaningless.
Rubio also said, “Apple doesn’t want to do it [hack the iPhone] because they think it hurts their brand.” Actually, Apple is in a pretty tough place here, and this reasoning put forth by Rubio (and the FBI) is fallacious. It is true if customers do not believe their data is safe on an iPhone, it hurts Apple’s brand. But, since most Americans agree with the FBI in this case, that also hurts Apple’s brand. So, Rubio’s reasoning is not so clean-cut. Rubio also added, “Well, let me tell you their brand is not superior to the United States of America.” I don’t even know what that means. It’s nonsensical, which is what you expect from applause lines during a debate, especially a GOP debate. National security is not the be-all and end-all. We also must consider other security, like the security of our civil liberties and our privacy. Sometimes they line-up, but much of the time they are at odds. We make a mistake if we believe national security always trumps (sorry, I did it [pun] again) civil liberties.
Okay, we’ve established that it is true that the FBI is not requesting Apple give it direct access to the iPhone’s data (something that’s not possible anyway). What they are asking Apple to do is disable the “wipe on 10 failed passcode attempts” security feature, and to give the FBI an electronic method to enter passcodes (instead of manual entry on the screen). The second part of their request is most certainly a backdoor, even if in itself it doesn’t give direct access to the data on the phone. But, even the first part is a backdoor because brute force password cracking is something your next door neighbor’s son is doing right now (possibly on your unsecured WiFi network). If Apple were to allow unlimited passcode attempts, it would be the same as providing the FBI with direct access to the data on the phone (which again, Apple cannot actually do).
Brute force password cracking is not all that sophisticated, it just requires computing power and patience. Since most people do not use strong passwords (or passcodes), it’s likely the FBI would crack it in hours (and so would your next door neighbor’s son). So, what the FBI is requesting is very much a backdoor into this iPhone. If Apple is forced to create code to thwart the security of this iPhone, that code could be applied to any iPhone. But, even more important for privacy and security, is that it would set a dangerous legal precedent.
The U.S. government should not compel Apple to write code that would compromise security of their products and their customers, and you would think the so-called party of “small government” would understand that.