Most people have probably heard that Apple is no long able to bypass a device’s encryption and Google has announced the same feature will appear in the next release of Android. Anybody with a modicum of intelligence is glad to hear this but there are a few dipships who think this is a bad feature. Take this fool for example:
How to resolve this? A police “back door” for all smartphones is undesirable — a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant. Ultimately, Congress could act and force the issue, but we’d rather see it resolved in law enforcement collaboration with the manufacturers and in a way that protects all three of the forces at work: technology, privacy and rule of law.
So a police back door is undesirable but Apple and Google could perhaps implement a police back door. Idiot. Do you know what I think about that idea? This is what I think about that idea:
That’s right, fuck this guy and his idea. There is no magical security mechanism that can allow only legitimate bypasses. If there is a back door then it can, as a matter of fact, be abused. Even if malicious third parties were unable to access the system it would still be ripe for abuse by law enforcement agents, which have a notable history of abusing power.
Here’s my idea for a compromise. Apple and Google should not implement any back door and in return law enforcement agents can deal with the fact that they can’t access our personal data on our devices. How’s that for a compromise?
“That’s right, fuck this guy and his idea.”
You are too kind. However, I strongly suspect that this is all a smoke screen – if Apple / Google implemented technology that actually was immune to government intrusion, I expect we would see every agency, department, bureau, etc. that could possibly gin up even the most tenuous “violation” of even the most obscure law / statute / regulation come down on them like a metric ton of shit, not just the whining shills, like the one you cite, that appear to comprise the response so far.
I am well known for my boundless generosity.
But full device encryption isn’t enough to stop law enforcement agents from obtaining your data. You also need to practice discipline in regards to how you handle your data. Uploading it to iCloud, for example, defeats your device encryption as law enforcement can still get it with a subpoena. Backing up your device to a computer that doesn’t have a fully encrypted hard drive also defeats your device encryption as law enforcers can just seize the computer to get the device’s contents.
I think law enforcers realize that for most people full device encryption isn’t going to protect their data. Until there comes a day where most people’s data is impossible for law enforcers to obtain there won’t be a huge fuss coming from all of them. And even if that day did come rubber hose cryptanalysis is still very effective.