April 2016 Bar Bulletin
Skip Navigation Links
CLE / Education
For Lawyers
Legal Help
Special Programs
MyKCBA Login

April 2016 Bar Bulletin

Why Apple Shouldn’t Back-door iPhones for the U.S. Government

By Gary Milifesky


Apple has claimed to make the most secure smartphones and tablets, and for years that has remained the case. There have been very small malware outbreaks and a few, rare vulnerabilities discovered.

During the RSA Conference 2016 in San Francisco, I will be showing some of the latest exploits against the Apple iPhone and iPad operating system, iOS. There’s not much to show, but it is very innovative because Apple has taken the time to lock down the operating system as best as it is able to do, without taking away from the consumer experience.

Now, like the NSA, the FBI is asking Apple to “break into” one of its devices. If it can do so, it proves Apple has a secret, hidden back door that no one else knows about. Once that’s in the news, every top hacker, cyber criminal and cyber terrorist, as well as nation state cyber actors, are going to want access and will find a way to take advantage of this back door.

If Apple doesn’t already have a “master key” or back door, now it has to make one? That’s a crazy idea. To decrease the security of their smartphones by sending out a patch that creates a new vulnerability? That’s the only way to do it and it would open these 400 million iPhones for hackers, cyber criminals, cyber terrorists and enemy nation states. This truly is a bad idea — as bad as it gets.

The FBI should also be thinking about how bad this will be for our economy and job creation. Folks will sell less and lose their jobs because of this. If you don’t believe me, well, let’s just look back very recently to the elaborate installation of back doors into Cisco equipment, allegedly by the NSA, as leaked by Edward Snowden.

Not only are these back doors accessible by the NSA, but also by hackers, such as the recent Juniper firewall attack, as it also had a new back door appear in its equipment, labeled an accidental “vulnerability” that it took to fixing quickly. Hackers immediately attempted to exploit any Juniper firewall they could find on the Internet to attempt to gain access to remote networks by using the firewall itself as the back door into corporate networks.

What do these back doors actually cost us as a society? Not just the privacy costs, but how about the financial losses on the global markets?

These back doors have cost U.S. INFOSEC companies like Cisco, Juniper and others at least $10 billion in revenues this past year alone. John Chambers, CEO of Cisco, asked President Obama to make this problem go away and, according to leaks by Snowden, this problem has only grown worse.

In reaction, other nations don’t trust our telephone equipment, cellular equipment, network equipment, laptops, PCs, routers, switches, hubs, firewalls, wireless routers and so much more that it’s killing this industry. The NSA will have to find alternative and legal means of collecting data without tarnishing the Made in America brand any longer or causing more GDP hemorrhage, where other non-USA INFOSEC companies like Huawei are going to take away lost revenues because of the back doors and damaged/tarnished brand reputations.

Finally, when it comes to “Is encryption a privacy right,” the answer is yes. Just as the right to bear arms — the Second Amendment — speaks to the sovereignty of all Americans, having the right to defend themselves, the U.S. government needs to support their rights to privacy and Internet safety and security by supporting their use of new and advanced encryption technologies.

Our civilian and military personnel need to agree on standardization across agencies of all-time-encryption technology, using a layered approach based upon the level of classification of the information being used or transmitted, which will defeat all enemy nation state eavesdropping. As to terrorists with smartphones, planting a back door will become obvious to them and they will seek alternative channels, as they’ve done in the past, communicating over Skype, online chat rooms and even inside video game sessions, none of which has yet to be eavesdropped or tapped en masse.

Therefore, it’s best to put our energies into a stronger open society where freedoms and privacy rights are not violated. Finding a needle in a haystack and collecting this kind of information might seem more difficult with encrypted smartphones, but it also is a double-edged sword where it makes it harder for criminals, terrorists or enemy nation states to eavesdrop on America.

In summary, Apple should keep saying “No” because:

• Encryption is a good thing. It powers the e-tail/retail economy and online banking.

• Back-dooring encryption is a bad thing. It empowers not just “trusted” agencies like the NSA and FBI, but also any cyber criminal who can find the back door, and they look for them daily.

• Once criminals know of back doors, they move on to other platforms like Silent Circle or video game chat networks or Tor — they will always find a way to have a covert conversation.

...login to read the rest of this article.

Return to Bar Bulletin Home Page

KCBA Twitter Logo KCBA Facebook Logo KCBA LinkedIn Logo KCBA Email Logo

King County Bar Association
1200 5th Ave, Suite 700
Seattle, WA 98101
Main (206) 267-7100
Fax (206) 267-7099

King County Bar Foundation Home Page

Charitable Arm of the Bar

Jewels Page

Pillars of the Bar Page

All rights reserved. All the content of this web site is copyrighted and may be reproduced in any form including digital and print
for any non-commercial purpose so long as this notice remains visible and attached hereto. View full Disclaimer.