
Why the FBI's request to Apple will affect civil rights for a generation - colinprince
http://www.macworld.com/article/3034355/ios/why-the-fbis-request-to-apple-will-affect-civil-rights-for-a-generation.html
======
venomsnake
It will not affect anyone's rights. Why - FBI is not using any form of
prevention of the creation of secure devices.

Apple designed their devices in such way that there is way for them to
circumvent their security. The fact that apple must comply is their own fault.

It is obvious that the security scheme of iOS is weak - it is security trough
obscurity. They tried to make secure encryption with only 18 bits of user
input. If the user provided all of the 128/256 bits the case would have been
moot.

So what is the moral - when you design security solution - make sure that you
can give the FEDS complete control over all of your data and company resources
and they still would not be able to harm your consumer. How? Make sure the
user and only the user can set the keys.

~~~
dawnbreez
The TSA demanded that luggage manufacturers begin making luggage that can
accept a special key that only the TSA is supposed to have. The luggage
companies complied.

Within a week, a TSA officer took a close-up picture of all 7 key variants;
from this image, 3D models of the keys were made, and now you can print all 7
keys and open anyone's TSA-approved luggage.

The FBI is slightly more competent than the TSA. _Slightly_. I doubt trusting
them with _any_ access to my device is a good idea.

~~~
venomsnake
Yes. But that is why you shouldn't use apple products - because they left a
theoretical backdoor in their devices. As long as the US law does not prevent
manufacturers from producing arbitrary level of secured devices - it is
totally OK for the FBI to enlist half of the world in attempts to crack it.

The best security comes from open and auditable security schema and strong
keys.

If I make good implementation of AES and someone encrypts a file with it but
provides its own password - I can give the feds the AES spec, the source code,
I can even consult them on dictionary attacks and so on - and they still won't
be able to decrypt it.

Apple decided to go the other way.

------
pmarreck
I think Germany would have a lot of interesting things to say about government
overreach into private affairs

------
everyone
Apple has a been a member of prism since 2012, so is this not all moot?

~~~
milge
PRISM covered monitoring and tracking of your device and the data it
sends/receives. This order is to unlock the device itself. A pic taken on the
iphone but never uploaded anywhere wouldn't have been caught with PRISM.

