DZone
Security Zone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
  • Refcardz
  • Trend Reports
  • Webinars
  • Zones
  • |
    • Agile
    • AI
    • Big Data
    • Cloud
    • Database
    • DevOps
    • Integration
    • IoT
    • Java
    • Microservices
    • Open Source
    • Performance
    • Security
    • Web Dev
DZone > Security Zone > The Encryption Wars, Revisited

The Encryption Wars, Revisited

Once again, law enforcement is calling for weakened consumer-grade encryption.

Christopher Lamb user avatar by
Christopher Lamb
CORE ·
Dec. 05, 16 · Security Zone · Opinion
Like (2)
Save
Tweet
2.30K Views

Join the DZone community and get the full member experience.

Join For Free

Once again, law enforcement is calling for weakened consumer-grade encryption.

In this case, the Manhattan District Attorney, Cyrus Vance, is asking Apple to change their device encryption strategy so that Apple holds some kind of master key. Basically, Vance would like to revert iOS security to what we had with iOS 7.x.

Vance claims that, today, he has on the order of 400 Apple devices that they have acquired via various arrests that they can't access. The implication, of course, is that there's data in these devices that will in some way incrimnate the owner. There's no way Vance can know this without accessing the device, of course.

In general, I'm against designing systems that are deliberately less secure than they can be. That said, I understand Vance's perspective, and I don't think anybody wants the kinds of criminals he's prosecuting to be released, if they are in fact guilty. In the United States, after all, your home can be searched with a warrant. I don't see why your phone should be more protected than your home.

From Apple's perspective however, should they deliberately design devices with backdoors? even if the backdoor requires physical access of the device, is this something they should do? after all, they sell their devices all over the world.

Well, I'm sure Apple doesn't want to. What kind of liability would this incur? they do business everywhere - if this is used in another country to break into a device, is Apple liable in some way? And if they use some kind of key-based scheme to secure a bootable ramdisk, or something similar, how are they going to protect it? That particular key is going to be coveted, belive me. And how many different cities, states, and countries will they need to support in this way? I can see this adding up quickly.

Today, iOS devices can use security as a strong selling point. I honestly don't expect apple to sacrifice this without firm legal direction, if then. And if they do, I expect they'll charge quite a bit for the service.

WAR (file format) security Backdoor (computing) Design Law (stochastic processes) Data (computing) Scheme (programming language) master

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • 3 Reasons Why You Should Centralize Developer Tools, Processes, and People
  • Component Testing of Frontends: Karate Netty Project
  • Data Mesh — Graduating Your Data to Next Level
  • Kubernetes Service Types Explained In-Detail

Comments

Security Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • MVB Program
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends:

DZone.com is powered by 

AnswerHub logo