|
|
The stuff on a phone should be adequately protected against someone stealing the device ... although (a) it probably isn't a good idea to keep "irreplaceable information" on something that you can accidentally leave on top of an airport urinal ;) ... and (b) to me, it's rather a side-show to be discussing the "secrecy" of a telephone when so damned much other personal information is regularly "spewed" on the Internet and vacuumed-up "for marketing purposes."
The real "unresolved privacy issue," that remains unresolved and conveniently-undiscussed at this day, is the general expectation of privacy that should apply to the Internet. Right now, "every single thing that you send or say" is basically bugged. You're photographed many times a day as you drive. And so on and on and on. And this isn't [just] being done by "the guv'mint." It's being done by companies, and "the laws do not yet exist." |
If you lived on the Mexican border sundialsvcs. You would know 1st hand about
Quote:
http://blog.chron.com/narcoconfident...7/cameras2.jpg |
"Okay, I'll take that ...!"
For many generations past, "the Mexican Border" was no-more interesting to Americans than was the Canadian one. It was an indistinct national border, marked by stones whose historical positions were indistinct. And if you should care to "read more about it," may I kindly refer you to: Border: The U.S. - Mexico Line, by Leon C. Metz. ISBN 0-930208-27-7. (Yeah, I just happen to have a copy right here ...) Right now, the United States of America is in a rather-absurd "juxtaposition of opposites." To me, it rather seems to mostly-consist of "a matter of languages," to wit:
|
|
Found this also: http://mashable.com/2016/03/28/fbi-c...ardino-iphone/
|
Bets if the FBI won't laugh in Apple's face if asked how it was done.
|
At this point since the FBI has successfully gain access to the data, other law enforcement agencies can simply just submit their stock of evidence to the FBI.
Lets be honest here, besides the principle of the thing and the fear of a slippery slope did you really think for a minute that the FBI wouldn't find a way into the phone? From a public face the FBI did the right thing and tried the pure legal route and Apple refused. Things could have gone a lot worse for Apple, since I technically don't see how Apple couldn't be charged for obstruction on the one hand. http://www.bbc.com/news/technology-35916857 |
Quote:
|
I'm quite sure that the FBI used a standard, if perhaps non-published, tool ... the sort of thing you'd use if the phone's screen got smashed by accident and you needed to clone the thing. Duh.
Also ... lest you think that these things are really impregnable, my mom :rolleyes: recently "upgraded" her iPad, which requires setting a passcode that (of course) she didn't remember, and that I never knew. Nevertheless, in a matter of minutes, the folks at the store had magically unlocked the device. |
Quote:
|
Even someone who did have that option set ... might drop his phone onto the pavement. "Oopsie!" So, now that the touch screen is shattered, are you "just scroo'd?" I think not.
(And, even on "the tenth attempt," would they really program their system to really wipe-out the data r-e-a-l-l-y "irretrievably?" I doubt. Computer programmers don't like to do "truly irretrievable" things.) Nope, like I said in another thread, this entire story has never "held water" to me. You can extract data from a phone. And, once you have done that, any "self-destruct mechanism" no longer applies. The FBI can satisfy that search warrant, and, no, Apple does not have to bouncing through ten years' worth of lawyer's fees, all the way to the Supreme Court, to stop them from doing it. FBI can do it with tools available, most likely "at any Apple retail store." They have the unimpeachable right (and duty ...) to do it, and they've followed all of the proscribed legal protocols. |
<deleted>
|
Quote:
Quote:
Quote:
|
Quote:
|
Quote:
|
My point is that you surely do not need "a government-tampered-with OS" in order to do any of this. :)
Let's be realistic: phones get dropped, get dunked, and break very easily. It can easily become impossible to type-in anything. So, what's to do? Well, there's got to be a way to clone that phone, and any Apple service-center would have it. (Maybe, when you take the thing apart, there's even a removable memory-card inside. Although Apple makes it very difficult to dismantle their gear, you can take anything apart.) There's probably also a way to recover or reset a lost password. :jawa: Imagine that ... Once you extract the file data, any "drop-dead" mechanism is no longer applicable because you have the data. Furthermore, since "let's face it, you are the US Federal Government," you have (or can subpoena) technical details about the data that you have. And, there are only 10,000 possible codes, if, in fact, you are forced to try them all. "A very, very small Perl script" would do it. :) In any case, Apple's "loud protestations to the contrary" just don't ring true with me, and they never have. I know that Apple very much wants "Apple Pay" to succeed: to own the successor to the credit card. (At least for those who are willing and prepared to spend $500 and up for phone.) They want to promote the notion that their security is impervious to everything. But that goes directly against all of my instincts as to what a service-center would need to be able to do routinely, merely to service and maintain a consumer product in a real world of consumers. Consumers who ... forget secrets. Consumers who ... "*oopsie!* *oh :cry: !!*" |
So, how does one, in theory, copy the contents of a memory chip in such a way as to allow brute-force password guessing without the presence of the circuitry counting the guesses?
I know that it could, theoretically, be done by shaving the top off the chip and using various probing microscopes but how else? Edit: Sorry, also, how does one recover overwritten storage, assuming the password was enetered too many times and that was the result? I'd be interested in facts rather than a hunch... |
Quote:
|
Quote:
Sorry to be rude but I'm attempting to be very serious about a very serious topic. |
Quote:
[/QUOTE] |
I understand perfectly how keys and encryption works (just to clarify such things ...), but I simply don't believe that Apple actually engineered a system such that they could not "clone" a non-working phone into a replacement device. And this necessarily means extracting the data from the phone. Also, although I've never opened-up the case of such a thing, on many phones the memory is more or less removable.
Presumably, the key-file is still in there: it might well be encrypted by a passcode, but the OS still has to be able to verify the code and use it to decrypt the data. These are things that government engineers would know. Apple certainly can make the data "unrecoverable" to the casual thief, but if this seriously stymies FBI, and/or the other three-letter agencies that FBI can call upon, then I want to know why my tax-dollars are being wasted. :) I'm sure that it doesn't, and that it never did. |
Quote:
Also, I don't buy your original argument of hitting it a little more personally. In general, if there's a way to hand over the government data related to an incident then it should be handed over. However, purposefully weakening future security is not only unethical it puts more people at risk. Here's a summary of what has been argued so far as I see it within this thread and beyond.
Beyond that there's also the recent attack on the iPhone of which the FBI has yet to release any details. They're not likely to either. An attack which is supposedly safe enough that the FBI used it without harming existing data and with limited risk. I stand by my earlier statement that purposefully weakening encryption and security is unethical. However, if there's a known vulnerability which can get law enforcement the data they need... then exploit said vulnerability and do a re-design or patch to make it no longer possible. |
US pushes Apple for access to iPhones in criminal cases
"The US Department of Justice has said it will pursue its request for Apple to help unlock an iPhone that is part of a drugs case in New York."
http://www.bbc.com/news/technology-35996566 |
Reality is that everyone has always known that there was nothing on that phone. Just as everyone knew from the start that there were no WMDs in Iraq. There were people who might have thought or pretended they didn't, but they actually did.
(And if you actually didn't, then that's not something to admit in public). http://www.cbsnews.com/news/source-n...ardino-iphone/ |
Quote:
|
Are you freaking kidding me? In dugan's link, FBI Director actually admitted intentionally not disclosing the vulnerability so Apple doesn't fix it.
Quote:
|
Quote:
|
I expect that everyone, at this point, is looking to save face ... both with the public and with the Federal Court.
As I've said before (and most recently in this blog post, I don't see in this "a government conspiracy to drill a hole through all civilian encryption, to require secret (sic ...) back doors, and to impose a duty upon the vendors of electronic products to furnish on-demand a plaintext copy of any encrypted data that the device owner might have stored." I also do not believe that the government is asking, or Constitutionally can ask for, "a way to transform the security of the device into an illusion." The rights of government are set forth in the second half of the Fourth Amendment, but the rights of citizens, as set forth in the first half, remain. The government can't ask you to remove the lock from your front door, and they can't demand that you stop posting letters in envelopes. If the Constitution says that "The right of the people to be secure [...] shall not be violated," then it follows that they are entitled to be "at least as secure as they think they are, and not to be deceived in this." In other words, I don't think that the sky is actually falling. This is a two-way street, and both sides have Constitutional protection. At the same time that citizens have a Constitutionally protected right to privacy, the government also has a Constitutionally protected(!), albeit tightly constrained, right to search and seize. Law-enforcement agencies, and the Court, do(es) have the right to compel the production of evidence. and to conduct limited searches "whether you like it or not," as an intrinsic part of their public duty to solve and punish crimes. Therefore, in my view, it isn't wrong to ask ... or to compel, if need be ... the vendor of a device to provide technical assistance to law enforcement to the full extent that they can do so. This does not mean that "you provide the citizen with a set of 'the Emperor's clothes,' and decline to tell him that his derriere is 'in the air.'" If you are "searching" and/or "seizing," then the party in question has the legal right to know. I think that it's high time that the parties on both sides realize that they cannot accomplish anything by camping-out on one extreme or the other. Instead, they must work together to find what is the middle ground. "Yes, you have a valid, Constitutionally-ordained point. But, so do I." There are computers to be developed and sold, there is a law-abiding public whose privacy must be upheld, and there is a gruesome crime to be solved. The only way to accomplish all three lawful aims is: "somewhere in the middle ground." And, it's up to both of you to find it, so that everyone can stop wasting public time and money, and get on with their work. |
Quote:
Providing readily readable files means one of three things -- back door, collect keys in a central place so the government can demand them, or cripple encryption so that the FBI or local constabulary can break it easily. Next would be to ban the possession of strong encryption tools. |
I wonder when the new Clipper Chip is to be announced? ;)
|
Quote:
|
Quote:
Basically, an encryption device made by the NSA with a built-in backdoor. |
Quote:
Yes, the Government has the right to regulate Interstate commerce, imports and exports. But, people also have a guaranteed right to privacy if they did not murder fifteen people. Also, we have this new thingy called "the Internet," which allows data to be sent anywhere (and which dynamically routes that data). The Internet would be rendered useless if people could not encrypt what passes through it. Personal computers etc. would also be rendered fairly useless if people could not encrypt what is stored on them. We cannot have "commerce," in our modern world, without (strong) encryption. All of this is known. An "extreme" position is similar to this analogy: Quote:
I prefer to adopt a much narrower interpretation of what is being asked-for here, and not to see it as a bellwether of "the end of encryption as we know it." A very violent and gruesome criminal act was committed, and the FBI's public duty is to figure out what happened, so as to prevent it from happening again. It is within their prerogatives to seize and to search evidence. Apple's duty to assist, IMHO, begins and ends with extracting the data from the device and with providing full technical details as to how it was protected, cooperating with the Federal agents (who are law-enforcement officers, not programmers). I do not choose to interpret this mandate so strictly as to say that the vendor must circumvent the key and render it moot: if subsequently there is now a job for government code-breakers, so be it. (it is in fact quite sensible that this would be a next step.) But, a Federal agent does not have to wear-out his fingers, and the Agency does not have to risk the evidence being destroyed by a mechanism meant to stymie a bathroom thief. There is a middle-ground here, upon which the sky is not in danger of falling. Neither party can reasonably say, "the US Constitution trumps 'my' viewpoint over 'yours,'" because it very clearly doesn't. The two-part Fourth Amendment guarantees(!) both at the same time. I also think that it's important for both sides to be publicly saying this, and to be working together with reasonable and expeditious cooperation. There's a murder to be solved here, and it isn't going to be the last one. Criminals will continue to possess and to use our wondrous electronic gadgets, and it is not our public purpose to give them an impregnable hiding-place! So, "given that a middle-ground position exists, what and where should it be, and why? What is the most appropriate compromise?" That is the discussion that we need to be having right now, with both sides represented. The US Congress will act ... is already working on a new Act ... to legally define that "middle ground," and we'd better have our hand in now, guiding what the new legislation says. If we instead are truculent, we're gonna get what we get ... and deserve it. :eek: - - - - - It would be even better if Apple would publicly disclose :hattip: the mechanisms by which data can be extracted from an iPhone, and the details of how the data is protected, to one and all, in the spirit of "no 'security through obscurity.'" (Why not disclose "the source-code" to this?) If their mechanism has been properly designed ... and I presume that it has ... then there really should be no secret of "how it works." Corporately, Apple could publish a policy of exactly how and under what circumstances (law-enforcement and otherwise) it will extract and furnish the data that is on a device made by them. If their system is well-made, this will not compromise a customer's interests, and will further affirm that their interests really are being protected by Apple's technology. All other vendors should follow suit. "No security by obscurity ... no security by obscurity ... the mechanisms are not secret, but your data is, and this statement is available for peer review." |
Quote:
Yes, the Government has the right to regulate Interstate commerce, imports and exports. But, people also have a guaranteed right to privacy if they did not murder fifteen people. Also, we have this new thingy called "the Internet," which allows data to be sent anywhere (and which dynamically routes that data). The Internet would be rendered useless if people could not encrypt what passes through it. Personal computers etc. would also be rendered fairly useless if people could not encrypt what is stored on them. All of this is known. An "extreme" position is similar to this analogy: Quote:
I prefer to adopt a much narrower interpretation of what is being asked-for here, and not to see it as a bellwether of "the end of encryption as we know it." A very violent and gruesome criminal act was committed, and the FBI's public duty is to figure out what happened, so as to prevent it from happening again. It is within their prerogatives to seize and to search evidence. Apple's duty to assist, IMHO, begins and ends with extracting the data from the device and with providing full technical details as to how it was protected, cooperating with the Federal agents (who are law-enforcement officers, not programmers). I do not choose to interpret this mandate so strictly as to say that the vendor must circumvent the key and render it moot: if subsequently there is now a job for government code-breakers, so be it. (it is in fact quite sensible that this would be a next step.) But, a Federal agent does not have to wear-out his fingers, and the Agency does not have to risk the evidence being destroyed by a mechanism meant to stymie a bathroom thief. There is a middle-ground here, upon which the sky is not in danger of falling. Neither party can reasonably say, "the US Constitution trumps 'my' viewpoint over 'yours,'" because it very clearly doesn't. I also think that it's important for both sides to be publicly saying this, and to be working together with reasonable and expeditious cooperation. There's a murder to be solved here, and it isn't going to be the last one. Criminals will continue to possess and to use our wondrous electronic gadgets, and it is not our public purpose to give them an impregnable hiding-place! So, "given that a middle-ground position exists, what and where should it be, and why? What is the most appropriate compromise?" The US Congress will act ... is already working on a new Act ... to legally define that "middle ground," and we'd better have our hand in now, guiding what the new legislation says. If we instead are truculent, we're gonna get what we get ... and deserve it. :eek: - - - - - It would be even better if Apple would publicly disclose :hattip: the mechanisms by which data can be extracted from an iPhone, and the details of how the data is protected, to one and all, in the spirit of "no 'security through obscurity.'" (Why not publish "the source code," for peer review?) If their mechanism has been properly designed ... and I presume that it has ... then there really should be no secret of "how it works." Corporately, Apple could publish a policy of exactly how and under what circumstances (law-enforcement and otherwise) it will extract and furnish the data that is on a device made by them. If their system is well-made, this will not compromise a customer's interests, and will further affirm that (and, exactly how) their interests are being protected by Apple's technology. All other vendors should follow suit. "No security by obscurity ... no security by obscurity ... the mechanisms are not secret, but your data is, and we welcome and facilitate peer-review to prove it." |
Quote:
|
Quote:
(I found Simon Singh's The Code Book a more enjoyable read than Crypto but I must remember to read that again some time also [I can see my copy from where I'm sitting now...].) |
Sundial posted: "I prefer to adopt a much narrower interpretation of what is being asked-for here, and not to see it as a bellwether of "the end of encryption as we know it."
yada yada yada ---------------------------------- Your preferences, and mine, are irrelevant. "Readily readable" requires either a back door, or collected keys in a central place, or crippled encryption. NOWHERE do you deny that those are the alternatives. So I put it to you: How do you plan on providing "readily readable" files -- which is what the proposed law requires -- if not with one of those three options? Perhaps you should start with the basics: What does "readily readable" mean to you? |
Quote:
|
Quote:
Instead, I argue that ... "awright, awright, awright ... the two parties need to sit down together, and talk." Quote:
Therefore ... "we need to change the text of 'the (still-)proposed law," while there is still time to do so. Let us all very-kindly remember that, while we are 'technical experts,' some of our 'dumb users' are ... :eek: legislators! :eek: It is, prima facie, fairly obvious what those Legislators intend to accomplish: "they want to compel Apple to cooperate with the FBI, gjven that right-now it seems that Apple (and Microsoft, et al ...) doesn't seem to think that they must do so." Being non-technical lawmakers, they're availing themselves of "ordinary human terms" to express their legislative intentions. They frankly know nothing of the extreme rigors of computer-science, even though this is precisely what is going to confront subsequent Judges and Justices. "The proposed language, as now proposed, is insufficient and ambiguous," even though the Lawmakers in question might well not understand this. Well, we (geeks ...) "understand this." "Therefore, we need to participate, right now(!) in the framing of alternative wording that can actually survive the light of day ... in the 21st Century. "The crafting of legislation, in the 21st Century," must be a participative process ... and we must, first-and-foremost, be "the participants." If the only thing that Legislators see is that "we" are "being uncooperative," then they will exercise their Powers :eek: accordingly. Clearly, the most diplomatic course that "technical experts such as Apple" could have pursued in this matter would have been: "to show Congress the way." Instead, they've decided to confront Congress (and the Federal Court), in order "to prove a Point," being of-course cock-sure that Congress (and, the Court ...) have any notion whatsoever what "the Point" actually is.
|
Quote:
|
Yes ...
(1) Write an appropriately worded Act of Congress that clearly spells-out what the duties of the suppliers of hardware and software actually are ... and, that they do have one. Get the bill signed into law. The hardware and software communities, recognizing that they do, in fact, have such a duty to the purposes of law-enforcement, should be very active in determining what that law should contain. (And they ought not be "whining" that there's nothing they should be required to do. The Court of Law has both powers and prerogatives.) (2) Apple should completely open-up as to precisely how their privacy system works, including possibly releasing the source-code of that part of their system along with complete technical documentation. It should be available to everyone, because there is no "security through obscurity" in anything crypto. (3) An electronic device is not "a bastion of impregnable 'privacy.'" It's an electronic device, nothing more. It isn't "hacking" to extract data from any such thing, if you have a search warrant and are executing it properly. (Hell, under different circumstances it's called "customer service.") (4) This is not "the end of crypto as we know it," and every new law that is passed should very clearly spell that out. It should be "the sense of Congress" that access to strong encryption (and the means of demonstrating by peer-review that it is strong ...) is both a fundamental right protected by the Fourth Amendment (as is search-and-seizure), and a business necessity. In fact, "strong crypto in the hands of civilians" is a National Security issue ... in a positive sense. (4a) The Act must make it clear that the legal requirement to assist in extracting evidence from a device does not mean -- because it literally cannot mean -- that the data must be made available to law enforcement in unencrypted form. In the 21st Century, law enforcement involves codebreaking (or "people-breaking" :hattip: to obtain the key). A vendor can say, "this is a true, complete, and correct duplicate of what data is on that device ... and here is the complete technical description of the process by which that data was protected ... make of it what you will and what you can." A vendor can say no more. (4b) The Act must also make it clear that "back doors" are neither required nor permitted. Someone who installs a lock on their front door is entitled to know if there is a master key, an override code, or any other "secret" means by which the security of the lock that he has purchased is actually less than what he thinks it is ... or, non-existent. This, too, would be a violation of (the first part of) the Fourth Amendment, which clearly states that citizens are entitled to, in fact, be "secure in their persons, houses, papers, and effects." (Electronic data is our modern-day "papers.") (4c) In the presence of a world-wide electronic data network, strong cryptographic security (and the other benefits of crypto, such as message-signing) is far more important than ever before. It must be made "stronger, yet," not weaker. In the presence of an electronic network that permits hundreds of millions of people to be individually reached, those people must be individually protected. "Strong crypto" is an essential part of doing that. If the technical process is compromised, however slightly ... even with the most laudable of intentions ... it is destroyed. (5) A really good Act of Congress would attempt to define what [electronic] privacy actually means in the 21st Century, as well as what search-and-seizure means in the presence of strong cryptography. The Internet has hit its stride in the last ten years, and we can't expect hoary old laws to apply very effectively to them. We need new ones. Good new ones. - - - - - A Call to Action: If all of us don't get involved right now in working with Congress to develop a good law, then we're all gonna be stuck with a bad one ... because Congress will act. The sleeping dragon has been prodded. There is going to be legislation and court rulings. (That jinii can't be put back into its jar now, anywhere in the world.) We have new laws to write ... we can't be wasting our time, pretending that we have no obligations at all to those who solve crimes and seek justice, nor that they have no rights to seek and gather evidence. Neither can they be suggesting that citizens have none. There is no solution to be found at either extreme; only in the middle, somewhere. And the question is: "where?" |
Quote:
Remember, unless a solution is dictated by the government, one company might comply by using option A, another with B, and a third with C. But the act of choosing would be mandated. If you have an option D, let us hear it. Otherwise everyone in America should oppose this legislation from the jump. Moxieman |
As I have said earlier, I don't think that "readily readable" can mean "the file must be provided 'unencrypted'" (nor, "fatally compromised").
But this brings up a very important point: "what wording should Our August Legislators :rolleyes: put into their legislation?" They're not technical specialists ... some of them probably know less about computers than your grandmother :eek: ... ;) ... but they are the people who can vote "Aye" or "Nay." When we extend the issue to "any computer or electronic device (ever invented)" ... as our Patient Judges ;) must necessarily do as they try once again to figure out what Congress was actually talking about ... we promptly get lost in a fog-bank. The only thread out of that fog-bank is one that Judges sometimes use, but of course hate to use: "What was the 'legislative intent?'" Obviously, the most-general interpretation of this proposed legislation would extend to every possible case of "getting a file," including walking up to a Windows 3.1 machine with an [encrypted] file on it, copying it to a pen-drive and saying, "here you are." Oops... you didn't decrypt the file for the FBI. And, oops again, you can't. "So, the legislative intent probably(?) doesn't extend that far." Our Judge is groping in the dark. It would seem that Congress's intent, as expressed in the discussion document, is: "Apple must help the FBI." Specifically, the data-in-question is hard(er) to retrieve (than it would be in our Windows 3.1 box). But that is not what the document presently says, when interpreted from a very-technical point of view that: (a) Congressmen can't be expected to know; (b) we know but aren't yet telling them; and (c) that a Federal Judge is sooner-or-sooner gonna be confronted with ... and s/he won't appreciate it. The text of the law needs to be discussed, and we need to participate in that discussion. But we need to frame our discussion in a fundamentally different way than the way that Apple, and perhaps the "privacy community at large," is now doing:
|
As I have said earlier, I don't think that "readily readable" can mean "the file must be provided 'unencrypted'" (nor, "fatally compromised").
But this brings up a very important point: "what wording should Our August Legislators :rolleyes: put into their legislation?" They're not technical specialists ... some of them probably know less about computers than your grandmother :eek: ... ;) ... but they are the people who can vote "Aye" or "Nay." When we extend the issue to "any computer or electronic device (ever invented)" ... as our Patient Judges ;) must necessarily do as they try once again to figure out what Congress was actually talking about ... we promptly get lost in a fog-bank. The only thread out of that fog-bank is one that Judges sometimes use, but of course hate to use: "What was the 'legislative intent?'" Obviously, the most-general interpretation of this proposed legislation would extend to every possible case of "getting a file," including walking up to a Windows 3.1 machine with an [encrypted] file on it, copying it to a pen-drive and saying, "here you are." Oops... you didn't decrypt the file for the FBI. And, oops again, you can't. "So, the legislative intent probably(?) doesn't extend that far." Our Judge is groping in the dark. It would seem that Congress's intent, as expressed in the discussion document, is: "Apple must help the FBI." Specifically, the data-in-question is hard(er) to retrieve (than it would be in our Windows 3.1 box). But that is not what the document presently says, when interpreted from a very-technical point of view that: (a) Congressmen can't be expected to know; (b) we know but aren't yet telling them; and (c) that a Federal Judge is sooner-or-sooner gonna be confronted with ... and s/he won't appreciate it. The text of the law needs to be discussed, and we need to participate in that discussion. But we need to frame our discussion in a fundamentally different way than the way that Apple, and perhaps the "privacy community at large," is now doing:
|
So, to bring up an earlier point, if the FBI had succeeded in coercing Apple to work for free, we now know the market value of the solution: 1.3 million US dollars. Any legislation as proposed above wouldn't be complete without just compensation IMO.
|
Quote:
Sundial's problem is that he wants to pretend that "readily readable" doesn't mean "readily readable." |
Quote:
American business immediately shuts-down because the ACH network also uses encryption, factories world-wide send and receive invoices and purchase-orders electronically, and so on. Countries around the world won't trade with America because they use publicly-available systems (such as the aforementioned) which don't have known back-doors. - - - In a nutshell, the phrase "readily readable" can't mean what you wish for it to mean. If lawmakers think that they could possibly enact a law like that in the 21st Century ... or that such a law, if passed, could actually be implemented ... "they're wrong." And they need to be told that, during this "discussion" period. - - - We also can't put our heads in the sand and insist that this draconian interpretation of two words is the only possible interpretation (it isn't ...), and/or insist that these two words must be the two words that appear in the final draft (they don't have to be). We also can't insist that, "therefore, Congress should do nothing at all." Congress is going to enact legislation that will compel Apple to cooperate with criminal investigations ... so that FBI doesn't spend over $1 million of our money again. (Can the FBI fine, or sue, Apple to recover the taxpayer's money?) This is a "relatively brand-new" concern, a product of the 21st Century and the proliferation of a world-wide global Internet that connects individuals worldwide with individuals worldwide. Furthermore, it is a consequence of personal electronics that are intimately attached to that same network. When two parties (Apple et al, and FBI) are standing on two sides of the Fourth Amendment, both of them arguing that their viewpoint is protected and both of them correct, a new law must be forthcoming. (Especially when Apple repeatedly pokes the dragon ...) This is among the first of what will be a great many new laws, and new legal precedents. Both the legislatures and the court system (and, law enforcement) are to some extent "groping in the dark," looking for the best ways to handle these new realities ... or, failing that, to simply get their jobs done. The concerns being raised by you and by others in the privacy community are valid! "The wording is ambiguous, and one valid interpretation of the phrase is intolerable for a variety of reasons." But the political reality of the situation is that you likely cannot stop some form of this legislation from being passed and signed into law ... "to the consternation of every Judge in this country," if the wording should remain as it is now. It is therefore necessary to get involved during this "discussion" phase. But not with the hope of "talking Congress out of enacting something." We do, during this time, have the possibility of positively influencing what is passed. We need to be certain that the legislation does accomplish the obvious motivating purpose ("compel Apple to cooperate with the FBI!"), while also becoming a law that can actually be interpreted, enforced, understood by all, and lived-with. The existing draft is a long way from being that! (But that's why they "discuss" it ...) |
Sundial, Congress is thinking with its dick -- doing something in a moment of passion -- not its head. The words mean what the words mean. The consequences are another matter. What you can't do is read the words and then say "Oh, they can't mean that."
|
"San Bernardino phone hack 'cost FBI more than $1m'"
http://www.bbc.com/news/technology-36110236 I guess encryption really does not matter, if the government has to spend money on getting at the data , clearly that is not an issue. |
| All times are GMT -5. The time now is 12:31 AM. |