SUPPORT APPLE'S IPHONE PRIVACY AGREEMENT DECISION

In order to SUPPORT, one must know what one is asked to SUPPORT. Therefore we have included the following article by Kurt Kapsner which will give a broad yet concise view of what and why we need to support Apple's Decision to protect our privacy rights.

I have been reading posts, blogs, and news articles claiming that a judge recently ruled that Apple must unlock an iPhone for the FBI that was used by one of the suspects in the San Bernardino shooting last December. Most of these stories, probably fueled by Tim Cook's reply to the order, state the Apple must decrypt the device. This is simply not true and we need to look at what is actually being asked for in the court order.

The FBI is asking for three things. First, they are asking that Apple deactivate the data erase feature the iPhone has. This feature wipes the iPhone of all data in the event that the wrong passcode is entered ten times.

Second, they are asking that Apple build a way for the FBI to enter passcodes digitally. This would mean that they would be able to have a computer enter passcodes through the built in lightning port, Wi-Fi, or via bluetooth protocols rather than needing to enter them using the touch screen.

Lastly, they are asking that Apple remove any delays built in to the operating system when an incorrect passcode is entered. This is likely being asked for in order to be able to enter passcodes as quickly as the iPhones hardware will allow in order to speed up the process of "guessing" the passcode.

These are the facts of the case and anyone who says otherwise has not read the actual court order. There is no language in the court order stating that Apple must help the FBI by building a backdoor into the encryption used on the iPhone despite what several news organizations are printing.

All that being said, Apple is still being asked to weaken the security of iOS encryption. Let's examine each item of the three listed above, plus one assertion the US Attorneys and magistrate make in the court order.

1. The first requested item is the disabling of the auto-erase feature. This feature is essential to businesses, and individuals, that need to keep their data both mobile and secure. For example, a developer may have source code files on his/her device as they travel from one company location to another. These are trade secrets that could devastate the company if they fell into the hands of a competitor. If the data isn't erased when the device is brute force attacked, that attack can happen until the data is recovered.

2. The second requested item is the ability to enter passcodes/passwords via means other than the touch screen. This request may seem small, but this limitation currently prevents many of the powerful attack methods currently used today. If we allow the ability to enter passcodes/passwords digitally, we open up the devices to being connected to a laptop and having password entry automated.

3. The last request is the ability to enter passcodes with no delays. This, again, may seem benign in nature, but removing these delays means that devices can be unlocked much faster. When a device is lost/stolen time is everything. If I can remotely wipe a device or locate the device before it has been unlocked, I may be able to prevent valuable data from getting in to the wrong hands. So these delays keep my device from being "hacked" while I get to another device or computer to log in the "Find my iPhone."

The other thing to consider is that if these last two items are added together, a device can be hacked as fast as CPUs will allow processing of passcodes. This could reduce the time it takes to get into a phone to mere minutes/seconds.

Now there is language in the court order that some will point to that would "lock" this code to a single use, on this one device. However, anyone who knows anything about the fundamentals of coding can tell you that it isn't possible to do that. Even if you code it to only work on this specific device, that code can be altered in the future and the device ID can be changed. Now that code works on another device, and another, and another, until it is capable of disabling these features on all iPhones. So putting that language in the court order is like telling someone who stole a universal remote that they aren't allowed to change what devices it works with after they steal it.

So while it is incorrect to state that Apple has been ordered to crack its encryption, it would be correct to state that they have been asked to weaken it in significant ways. When we weaken the encryption for one device, we weaken the encryption for all devices. And while that may not seem like a big deal to some, we all use encryption and would be very upset if our privacy and/or data was compromised because that same encryption wasn't strong enough.

Now you have read this information and how and why Apple feel that it is important to keep our phone privacy,

For more articles go to Globalreliefefforts.comand click on "Off The Beaten Path"

PLEASE SIGN AND PASS ON TO OTHERS ON LINKEDIN, BLACK PLANET, TWITTER, MYSPACE, FACEBOOK, AND ALL AS A MEANS OF RALLYING WITH APPLE AND THEIR DECISION TO PROTECT ALL USERS.

REMEMBER

IT IS HAPPENING AGAIN.
IN FACT, IT NEVER STOPPED.

v.2000
First they came for the hackers.
But I never did anything illegal with my computer,
so I didn't speak up.

Then they came for the pornographers.
But I thought there was too much smut on the Internet anyway,
so I didn't speak up

Then they came for the anonymous remailers.
But a lot of nasty stuff gets sent from anon.penet.fi,
so I didn't speak up.

Then they came for the encryption users.
But I could never figure out how to work PGP anyway,
so I didn't speak up.

Then they came for me.

And by that time there was no one left to speak up.

- Alara Rogers www.alara.net