Monday, April 4, 2016

Perspectives on computer security and encryption from Apple, the FBI and I : Apple

Apple's perspective on computer security and encryption

This is the third in a series that started with discussing the FBI and my own use of security and encryption technology.

Apple's most lucrative product line at the moment is their iOS based distributed content delivery platform. This includes the iPhone, iPad, Apple TV, iWatch, and related hardware.  While this hardware is distributed to customers, the platform is similar to the platform I manage for my employer where hardware is distributed geographically but control remains in our hands.   This is the platform which Apple has been marketing to the content industry for decades as a safe secure platform for them to distribute their multimedia where it is Apple and not the end users which control the technology.

These devices are intended to be connected to the network, and the ongoing work to secure them is similar to any other network connected device.  The network and exploits carried out on the network don't differentiate clients and servers as much as the layperson thinks, and any network connected device must be constantly updated to deny unauthorized control.  The question of authorized control doesn't differentiate between types of devices, and it is just as easy for Apple to remotely manage an iOS device as it is for me to remotely manage the computers I do.  The major difference is in the reliability of the network connection, with mobile devices having less stable network connections than servers.  People also don't tend to turn servers off when a specific user isn't using them, but remote management and control doesn't require constant network access.

Hardware assistance for Apple's security

Apple's iPhone 5C which was discussed in the FBI vs Apple lawsuit does not include Touch ID or a Security Enclave, so it is similar to the existing control which Canadiana has of our distributed computers. While Apple remains in control of the platform, they are not as secure from malicious apps or intruders with physical access to the computers as they would like.

Secure Enclave is Apples implementation of the SecureCore and TrustZone technologies from ARM I discussed in the previous article.  This will grant Apple greater control over the technology than they had before, including greater control over the scenario where the attacker has physical access to the hardware.

Some users may find this technology will eventually make what is commonly called jailbreaking much harder, if not impossible.  Apple could opt to use Secure Enclave to disallow the people who possess the hardware from having any ability to bypass any of Apple's control.  It is critical to understand that Apple's use of this technology is not to grant the technology user more control over the hardware or their data, but to transfer any remaining control that the user might have had to Apple.  People who possess this hardware often incorrectly think of themselves as owners, even though acquiring an iOS device has become legally more similar to renting than purchasing due to anti-circumvention legislation.

People who acquire this hardware are not alone in the confusion. When James B. Comey, Director of the FBI, offered testimony in front of the Judiciary Committee he said, "In recent months, however, we have on a new scale seen mainstream products and services designed in a way that gives users sole control over access to their data."  While some people have suggested he might have been talking about Apples adoption of SecureCore and TrustZone, he is incorrectly suggesting it was "users" of these devices who would have sole control over access to data rather than Apple having additional control over the device.  It is possible that he fully understands Apple's use of technology, and wants to offer free advertising to Apple knowing that Apple is specifically not offering the service he is suggesting they are.

This is the same concern I have with the services I provide:  If law enforcement and courts believe it is the entity that possesses the hardware that is in control rather than the entity controlling the software stack with full network access then they will continue to send court orders to the wrong entity.

Law enforcement need to understand the technology better.  In the case of an iOS device, it is Apple who is the responsible entity and should be served with the warrant.  A very different scenario would be someone who is running CyanogenMod where it is the individual user (in this case, legitimately called an owner) of the device that is in control and thus they should be served with the warrant.

Limits to Apple's control

In the specific case before the courts the technology user didn't destroy the device, and there has been nothing to suggest that the user even "jailbroke" the device to bypass any of Apple's control.  The FBI currently possesses the device and will obviously be granting network access and power to the device.  This means that all the potential limits to Apple's control do not apply in this case, and thus they have full access to do anything requested of them.

In this case it appears that the FBI jailbroke the device on their own, no longer having a technical requirement to require assistance from Apple.

The law

While I may believe that lawful access all too often grants excessive access to police without adequate oversight, the law is clearly in the government's favour in this instance with the iPhone.  If we were talking about information stored on Facebook or Twitter, where the physical location and who was in control of the computer in question wasn't confusing people, the debate would not be happening at all.  Clearly Facebook is in control of their network of computers whether or not the devices are stored in locations that Facebook owns, and Apple is similarly in control of their secured platform.

There is no back-door being discussed.  All that Apple was being asked is to use their keys to the front door and access the data.  They are the entity that holds those keys, not the user of the technology who under anti-circumvention laws are denied legal access to the keys.

While Apple has been misdirecting people and stalling, and there are "engineers" who have allegedly threatened to leave Apple if the government is lawfully granted access, the situation is no different than any other of hundreds of technology companies providing services to users on a platform that the vendor rather than the user controls.  If Apple executives or individual employees are destroying evidence they should be found in contempt of court, and handled severely.

If Apple's engineering staff is not sufficient (or no longer after vigilantes resign) to solve any technical problems, then the court should order all source code and technical specifications to be disclosed to a third party who can do the require work.   If Apple refuses to disclose this information, then I would suggest that revoking their corporate charter should be the minimum on the table.

The fact that the FBI jailbroke the device should not have ended the case, and Apple should still be pursued by the government.

Politics

Adi Shamir, an award-winning cryptographer who helped create the RSA encryption algorithm in 1977, suggested that Apple "wait for a better test case to fight where the case is not so clearly in favor of the FBI."

I'm not convinced that Apple had an interest in winning the case. Apple's greatest threat to the market share for their secure vendor controlled content delivery platform comes from technology users switching to devices which they can individually control. Apple has a history of dishonestly trying to misdirect responsibility for their centralized control. While for decades it has been the confused content industry that still has some who mistakenly believe that this vendor control benefits them, a far more powerful scapegoat would be law enforcement and national security agencies.

Apple has the FBI falsely suggesting that next generation iOS devices "gives users sole control over access to their data", providing Apple with marketing for a service they don't provide and driving users to technology which the FBI and other government agencies will have easier access to through the legal system than competing technology. Whenever Apple is requested to disclose information they can claim "the Government made me do it", even though it is Apple who denied users of their services any device control in the first place.

It seems unlikely to me that the FBI didn't already have technology to "jailbreak" the device at hand.  This isn't going to be the simpler third party services available to end users, as governments will have far more resources and techniques available to them to "jailbreak" devices.  I suspect that the case was pursued for political reasons to try to push this issue forward, and likely to prop up Apple's marketing claims that they are providing technology which protects the users rather than Apple's conflicting interests.

Apple also knows that their business model and lobbying in support of anti-circumvention legislation is controversial, and them being the ones to push this case forward would provide less community opposition to the FBI than if a less divisive company were bringing the case forward.  Their involvement complicates what could have been an easy to understand set of sound bites in support of protecting technology owners rights against unreasonable search and seizure into something extremely complex to discuss.  I have been delayed in participating in the discussion as it took me a while to decide how to explain my position, and I fully expect to still get confused "but Apple are the good guys" comments to this article.

Apple's ongoing attack on technology owners interests could cause considerable damage.  If it becomes considered normal to have the vendor rather than the user be in control of communications technologies it may eventually lead (likely with Apple's continuing political lobbying) to governments outlawing citizen controlled technology which competes with Apple's vendor controlled technology.  It could be used to strengthen backwards laws which outlaw alleged device "owners" from removing non-owner locks from their devices, with the justifications moving from odd unproven theories about protecting "copyright" to even further counter-productive arguments about law enforcement and national security.

Conclusion

My answer to the question of whether I was on Apple or the FBI's side is clearly neither, as I consider them to have perspectives dangerously close to each other.  Neither are interested in allowing the wide deployment of technology that "gives users sole control over access to their data", and while their positions appear to be in opposition they are actually greatly helping each other.

Those who recognize the critical importance of secure citizen controlled communications technology should be opposing both of these entities, not siding with one or the other in a battle where the public interest loses no matter which one of those entities wins.

No comments: