A very bad precedent

InfoSec is not something I write about very often, mostly because I know where my limits are at any given time, and because it’s not something I write about it’s unfortunately not something I’m able to follow very closely. But today at Lawfare, Nicholas Weaver does an excellent job of explaining why this Apple dust-up over the San Bernardino shooting is so important, even for admitted amateurs like me. I had a hard time understanding why Apple didn’t just give in on this case, that of a known terrorist, but that’s because I had thought the government only wanted access to Syed Rizwan Farook’s phone. That’s simply not true–they want Apple (for starters) to create a way for the government to access virtually anybody’s phone. Here’s Weaver:

When I first read the court order in the San Bernardino case, I thought it was reasonable, as it is both technically plausible and doesn’t substantially impact user security for most people.  Even if Apple’s code escapes it only compromises security for those who have a weak passcode on an older phone which is then captured by an adversary.  As backdoors go, its one that I can (*GASP*) actually live with!

The problem is this is a direct invocation of Benjamin Wittes’s world of government-mandated malicious updates.  The request seems benign but the precedent catastrophic.

The request to Apple is accurately paraphrased as “Create malcode designed to subvert security protections, with additional forensic protections, customized for a particular target’s phone, cryptographically sign that malcode so the target’s phone accepts it as legitimate, and run that customized version through the update mechanism”.  (I speak of malcode in the technical sense of “code designed to subvert a security protection or compromise the device”, not in intent.)

The same logic behind what the FBI seeks could just as easily apply to a mandate forcing Microsoft, Google, Apple, and others to push malicious code to a device through automatic updates when the device isn’t yet in law enforcement’s hand.  So the precedent the FBI seeks doesn’t represent just “create and install malcode for this device in Law Enforcement possession” but rather “create and install malcode for this device”.

It sounds like Weaver started off where I was before I read his piece, wondering what was so bad about a government request to crack into a terrorist’s phone after the fact, when it was already in the FBI’s possession. But the precedent this sets, whether Apple agrees to do it or (worse) the FBI ultimately forces them to comply in court (they’ve already won in federal court but Apple is appealing), is ugly. Does anybody think the government will stop with Farook’s phone? Eventually it’s quite likely that this malcode tool will be used to crack into phones of terrorism suspects, then of suspects in other crimes, and down the line. Foreign governments will undoubtedly make the same request of Apple and other cell phone manufacturers, and even if you trust that the US government won’t use these tools maliciously (which is a leap of faith in itself), you have to think that there are some other governments in the world who will. And speaking of malicious uses, imagine hackers gaining access to these tools.

This is a dangerous case because Apple looks like it’s defending Farook’s right to privacy after Farook perpetrated a terrorist attack on US soil. That means the public and politicians aren’t going to be inclined to sympathize with Apple’s position, even if it is the right one from a civil rights perspective. I have no ability to comment on the technical aspects of this case, but if there’s any way for Apple to give the FBI access to Farook’s phone without creating a tool that could be used against all the rest of us, they should think about doing so.

I need your help to keep this blog going! Please read this and consider contributing something. Also, while you’re out there on the internet tubes, please consider liking this blog’s Facebook page and following me on Twitter! And please share my work with your friends/followers to help me grow the audience around here! Thank you!


One thought on “A very bad precedent

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.