I'm an ex-sheriff, and I've
been in and out of security jobs for much of my life, so I've got some
familiarity with the issues underlying the drama between the FBI and
Apple. FBI officials -- and likely those in every other three-letter
agency and their counterparts all over the world -- would like an easier
way to do their jobs. Wouldn't we all?If they could put cameras in every home and business on the planet,
they'd find a way to do it. That would solve a lot of the tactical
challenges of being able to catch people who
commit crimes. What gets missed is that strategically, it also would open the door to far more crimes.
Since law enforcement is understaffed already, the net end result
would be a combination of a lot more people hurt and fewer people
caught. Personally, I think more focus should be placed on prevention.commit crimes. What gets missed is that strategically, it also would open the door to far more crimes.
Would you agree to a process that would make it easier to catch a criminal if that same process made it far more likely you'd be a victim of a crime? What if I added the fact that the smart criminals likely would figure out how to game the new process, and the dumb criminals likely would get caught anyway (because they are dumb).
I'll focus on that this week and close with my product of the week, which once again is the BlackBerry Priv, because it may show Apple a path out of this madness.
The comparable concept in technology is a "backdoor," or master password. They have been known to exist in the past, but they generally existed despite security protocols, not because of them.
Some programmer would slip a backdoor into a product either to make it easier to do something to the product, or to play a prank, or for a more nefarious reason. Backdoors typically were discovered as a result of the programmer telling someone about it, as a result of some kind of code review or audit, or as a result of an effort to correct a problem or update the product.
Like a master key, a backdoor is really hard to keep secret indefinitely; it can be passed down version to version until it's eventually discovered. The only reason a backdoor stays secret for a short time is that at the start, it's typically only the person who put the backdoor in who knows about it.
However, for something that is to be used legitimately, a lot of folks have to know about it -- which effectively bypasses whatever security is in the product. In a world where a foreign government could resource either buying or backward-engineering a secret backdoor, creating one would be brain-dead stupid, and Tim Cook apparently isn't.
The value of information on a backdoor into all iPhones -- essentially a master key -- could be worth millions of dollars, making it nearly impossible to protect.
This is an ongoing problem -- not only with law enforcement, but with management in general. There is a tendency to create a strategic problem by thinking tactically. In this case, FBI officials need to get into one phone. It is very important to them. However, creating a backdoor would compromise some -- or possibly all iPhone users.
The investigators can't protect the iPhone users who then would be open to attack, but they don't see that as a problem, because they would not be held accountable for it, and they are missioned to gain access to one particular phone.
If we went down a list of the folks who were most likely to be compromised, it would include the First Family, many in Congress, and likely not an insignificant number of FBI families. Yet this path still appears reasonable to the FBI, because the folks who would benefit would not be held accountable for the resulting problems.
Apple is on the other side. It won't sell more phones if that one iPhone is compromised, but if all iPhones are made insecure as a result, its sales will crater. Even if Apple destroyed the backdoor after it was used and updated the phones so a similar process couldn't work, it would have demonstrated it could do it, and that would open it to similar requests from agencies all over the world.
That could cost the company millions in additional overhead. Further, implementing a patching process just for law enforcement likely would not only make the iPhone less reliable, but also pull critical resources from competitive activities. Apple already is struggling to maintain revenue and profit, and this controversty has the potential to make that struggle impossible.
From the micro point of view, this makes sense to the FBI. However, from the macro point of view, there is nothing potentially valuable enough in that phone to justify putting so many families -- and Apple itself -- at risk. Just like what happened after 9/11, the FBI's investigation could end up doing more damage to the foundation of the U.S. than the terrorists could hope to have done through their attack.
In effect, the U.S. law enforcement effort has become a force multiplier for the terrorists, due to a persistent failure to think strategically. Investigators don't balance the cost of the collateral damage they could cause with the value of the information they are likely to get.
I mentioned 9/11 above. One of the most painful things to watch was the response to 9/11. The reports indicated that three things needed to be done. The policy of turning airplanes over to hijackers needed to be rescinded (and was). Cockpit doors needed to be hardened (and they were). Agencies that weren't communicating needed to communicate (that has not been completed).
We so overreacted that we nearly put the airlines out of business. We put in place X-ray machines, increasing cancer risk globally, and we made air travel substantially more painful and costly. The cost of the fix exceeded by a significant magnitude the exposure we were trying to correct. In effect, the vast majority of the damage from 9/11 was done by us to us because we couldn't balance cost and benefits.
That is also what is happening with Apple and the FBI. When law enforcement starts to become the problem to be fixed, then another path needs to be found. I should add that in this specific case, given most think their business phones are monitored and the personal phones of the terrorists were destroyed by them, there is a better than .8 probability that there is nothing of value in the San Bernardino terrorists' iPhone anyway.
So, we are putting the most valuable company in the world at risk for what likely would produce no benefit. Only a politician could work out a rationale for doing that.
I know I already made the BlackBerry Priv my product of the week last fall (and I also made it my product of the year). However, I still carry it as my primary phone, and with all this talk of backdoors in phones made in the U.S., I'm thinking a phone that leads with security from Canada makes a ton more sense.
This phone has continued to impress me, and it has become better with age. I'm becoming more proficient at using the keyboard again, and it is still rare enough that when I drop the keyboard, folks take notice.
Priv Secure Smartphone
However, the main reason I'm making the Priv my product of the week again is to suggest that Apple might want to consider moving its headquarters to Canada. It is a pretty decent country, and while it too may have crazy politicians, they don't seem to be so crazy as to compromise their own security to access a phone that likely has nothing of value on it.
So the BlackBerry Priv, once again, is my product of the week. Go Canada!
No comments:
Post a Comment