
Apple's Tim Cook defends encryption. When will other tech CEOs do so? - wwayer
http://www.theguardian.com/commentisfree/2015/dec/23/apple-tim-cook-defends-encryption-when-will-other-tech-ceos-do-so
======
tptacek
You mean like how Google got ECC forward-secure TLS deployed across the whole
Internet?

I have nothing but respect for Apple's stance with regard to cryptography, but
Google has been more instrumental in getting strong crypto deployed on the
Internet, and, just as importantly, in sweeping the minefield of crappy 90s
crypto that defined most Internet crypto until recently.

~~~
pluckytree
Agreed, but the article is focused on why these companies that _have_ done
significant things to protect users with encryption technologies haven’t been
a lot more vocal like Tim Cook has. This issue is so important to them and to
everyone that they could spare a little time to speak their minds. Otherwise
it just looks like that "kooky Apple" going against the grain. Who cares, they
are going out of business soon, right?

~~~
tptacek
Why are we supposed to play dumb about the subtext behind Cook's comment?

I'm sure Cook believes what he's saying, but the real marketing strategy here
isn't "crypto versus plaintext"; it's "consumer product company" versus
"online service provider".

Seen through this lens, there's an argument that what Cook is doing is
counterproductive. He's making an argument that Google can't sign on to, and
using crypto as a wedge to drive the argument home. "Be a consumer product
company, because then you can protect users with crypto".

Also: the kind of encryption that Apple is really making a stand for? They do
a better job of it than Android, but Android provides the same encryption:
what scares the USG about Apple is that iPhones are locked by default, and
when they're locked, they can't be imaged easily. That's true of Google's
phones as well.

Meanwhile, Google is doing a much better job of securing browser crypto than
Apple is; Apple is almost an obstacle to better browser crypto.

~~~
chaz72
I disagree that what Cook is doing is counterproductive. I think Google could
take a stronger line to secure user data if they wanted to. They don't have to
become a consumer product company to run a messaging system which they cannot
read. If Google can't sign on to that, maybe they should change something so
that they can.

~~~
tptacek
iMessage is better than Google's chat offerings in this regard, but not _that_
much better.

If you want secure messaging, you need to be using OTR or Signal. Apple isn't
really helping you here.

~~~
chaz72
I don't claim that Apple is as good as OTR or Signal, only that Google could
do more, Google should do more, and Google should be out there helping Tim
Cook make a case that back doors are a terrible idea.

edit: Microsoft, Apple, Google, they all need to step up their game _and_ make
their case in public. Apple's not perfect but they're slightly ahead of the
other two major OS vendors here.

~~~
tptacek
But _everyone_ can do more, including Apple. Meanwhile, I think if you build a
scoreboard for this, it's not at all clear that Apple is ahead of Google.

~~~
chaz72
Google's not making a public case. And Google, as far as I know, can read
messages you send on Google services. Those are both Big Deals. I don't
disagree (I don't have the expertise to!) with what you said on Apple and
browser security. There are many parts.

Everybody can step up their game, I absolutely agree there.

------
georgestephanis
Bruce Schneier has one of the best posts I've ever read on why Encryption is
important here:
[https://www.schneier.com/blog/archives/2015/06/why_we_encryp...](https://www.schneier.com/blog/archives/2015/06/why_we_encrypt.html)
\-- great resource to share to people who don't understand it.

~~~
lectrick
And Martin Fowler has one of the best posts I've ever read on why privacy is
important for a democracy: [http://martinfowler.com/articles/bothersome-
privacy.html](http://martinfowler.com/articles/bothersome-privacy.html)

------
robotcookies
The issue I have with Cook's proclaiming support for strong encryption is that
Apple still has control over what can and can't install on the user's device.
So imagine if some strong agency came and said to a company you can't allow
certain apps to install and you can't tell your customers we told you this.
"You can allow these apps that claim to encrypt user's messages [list here],
but not these [list here]". So some state could still strong arm Apple into
compromising privacy and Apple would have their hands clean.

It seems that if you really want to guarantee privacy, you have to give the
individual control over what they can install. Telling people to just "trust
us" is not really good enough. And Cook is saying they are giving the user
ultimate control by not having keys to their encryption but in reality that's
nonsense... they are still requiring people to trust them.

~~~
merpnderp
I use a lot of web apps on my iphone. They don't have access to all the
phone's apis, but they do everything I need, without any hindrance from apple
oversight.

This is probably the most native looking one of the bunch:
[https://forecast.io/](https://forecast.io/)

~~~
tonyarkles
From an encryption point of view though, they're relatively useless. Said
three-letter agency now doesn't need to block the app, they can instead MITM
the traffic to it or compel the organization to inject additional client-side
or server-side code to complete the backdoor.

Certificate pinning helps against the MITM problem, but code integrity for
downloaded client-side code is pretty tricky. Browsers could add some form of
signed code pinning for power users, but it'd be tricky to be able to
distinguish between legitimate updates and nefarious activity.

------
sarciszewski
I recently had this conversation:

    
    
        Me, to CEO: Hey, think we should ever build a backdoor into any of our
                    products that employ encryption to help the US government
                    and law enforcement?
        
        CEO, to me: No, that's a terrible idea.
        
        Me, to CEO: Okay good, just making sure we're on the same page.
    

I don't think there are many _honest_ and _competent_ technology CEOs who
would rally against encryption.

~~~
tennysonmach
That scenario becomes a lot more dire when the CEO says

    
    
      CEO, to me: Yes, because we are compelled by law 
                  backed by jail time or hefty fines.

~~~
sarciszewski
I already discussed that scenario. We'd shut our doors, release all of our
code as CC0+WTFPL, and start a new company fresh.

At the end of the day, we care about our integrity more than we do dollars.

~~~
s73v3r
Easy to say now. Much harder to follow through when you're relying on your
paycheck to pay your rent or buy you food.

~~~
toomuchtodo
One should always ensure their financial situation does not preclude one from
exercising their ethics.

~~~
s73v3r
Should, but unfortunately one can't always forsee things that come up. If your
spouse comes down with cancer, for instance, and you're reliant upon company
insurance to pay for treatment, one might be tempted to put their spouse's
treatment ahead of those ethics.

------
slg
I can't be the only one who thinks it is pessimistic to say "if you put a back
door in, that back doors for everybody, for good guys and bad guys." Very few
people even seem to recognize this as a problem let alone are working to solve
it. Maybe we should stop laughing at Clinton and her "Manhattan Project"
comment; that might be the only way to get enough tech people on the problem
to actually solve it.

~~~
nemothekid
What you think is a problem - is broken cryptography to experts.

There is no shortage of minds working on to create backdoors, or develop
cryptographic methods that have backdoors, just look at Dual_EC_DRBG. It was a
backdoor for the "good guys", but now its backdoor for everyone - eventually
people will study the code and see the backdoor exists.

The crux of the issue is mathematics has no concept of good guys or bad guys,
so as far as mathematics is concerned a back door for anyone is a backdoor for
everyone.

~~~
slg
If we can make encryption that is nearly foolproof, why can't we make a
backdoor that is nearly foolproof? Why is a Manhattan Project of backdoors not
a possible solution?

Also can't the role of the good guy be split up among a group? Similar to the
two man rule to prevent rogue agents from launching missiles, can't we have
some sort of process that requires agreement among a majority of a few parties
including the end user, the company who owns the software, law enforcement,
and the (public) judicial system. If all it takes to break down the door to my
home are a judge and law enforcement to agree, why can't we accept similar
when it comes to data?

~~~
zaphar
You seem to be under the impression that if you just work hard enough you can
violate the fundamental constraints of reality.

I can't comment on the mathematics involved but let us assume it's
mathematically possible. You engineer this mythical nearly foolproof backdoor.
You can decrypt this text with any of two keys. (It's my understanding that
such algorithms actually exist already.) Congratulations you have achieved
your goal. You have a working algorithm.

Now let's examine the results of actually using this algorithm:

You now have _twice_ the opsec problem you had before. You have transmit this
second key to a Government agency securely. You have to trust that Government
agency to securely store, use, and dispose? of this key when they obtain it.

And what is the number one threat to secure systems? Operational Security. In
fact many security professionals will tell you that the hardest part of
security isn't the math behind the encryption. It's the opsec. In one fell
swoop you double the threat in the most fragile part of your security.

~~~
slg
You are correct in that the more keys that exist, the harder it will be to
secure all of them. However, the more keys that are required the less valuable
any one key becomes. Multiple keys means there is no longer a single point a
failure. If you need 3 keys to get data, you can have an entire database of
keys leak and the information is still safe.

I would also love a more detailed description of just "it is impossible
because math" that everyone seems to be giving.

~~~
mwfunk
If you want a more detailed description, go to Wikipedia and read up on the
difference between public and private key cryptography. What politicians are
arguing for isn't just adding another private key to private key
cryptosystems; a backdoor eliminates the biggest advantage of public key
systems by adding a private key that could crack any of them. Once you add
that, it's just a matter of time before someone cracks it.

Really, it's inevitable. Someone doesn't even need to crack it, you just need
a single careless or corrupt government employee to compromise the whole
system for everyone for all time. People are proposing adding a single point
of failure to systems whose usefulness is currently defined by their lack of
such a single point of failure. Put that in there and we may as well all go
back to using DES for everything.

~~~
slg
But you are simply pointing out problems with our current techniques and not
why we can't come up with new and better approaches. That is the problem we
should be working on. Politicians don't understand it, but that is why we need
people from our community to work with them. Our response shouldn't be "no,
you are an idiot, that is impossible, you are a fascist for even suggesting
it". It should be "I know what you are looking to do, here is why it is not
currently possible, lets see if we can work together on a solution."

Nothing anyone posted here has said why there can't be a multikey solution
that allows access to data in a reliable way that would not be susceptible to
a single point of failure or abuse. That sounds like a very hard problem, but
I'm not convinced it is an impossible problem.

~~~
nemothekid
Again, no one is arguing that it isn't impossible. Like I said, in my original
post, look at Dual_EC_DRBG - it was a cryptographic solution used by the NSA,
that purposely had a backdoor - it was discovered by an outdoor party and now
its worthless. (Look at Juniper systems (used by the USG), a very recent
example of how this backdoor has failed).

I'm not a cryptographer, but lets assume a multikey solution is 100% possible.

The very notion that you can trust the government with a global key to all
encryption is the crux of the issue. How do you know that Donald Trump won't
wake up tomorrow and sell that key China? What do you then do if Germany then
demands that key? What if Congress decides that giving Israel he private key
is important to stability in the middle east? Then what do you do is some
nationstate sells this key to a blackhat organization? Welp, all of Google's
encryption is now worthless because this "multikey" that was supposed to be
for the USG ended up in the hands of a blackhat - and now we have another
Fappening 3.0 on our hands.

Great now the whole world has this "multikey" making it virtually worthless
because the entire world can decrypt it. If you as an end user cannot control
who can and cannot decrypt your messages, then its worthless as an encryption
scheme.

Its not a technical issue, and the solution isn't limited because we aren't
smart enough. The fundamental problem is that you cannot trust any third party
with such a multikey.

------
harryf
You might expect Amazon to take a stance to reassure AWS customers. Their AWS
sales people like to tout AWS's encryption capabilities and the fact that they
weren't part of Snowdens leak

------
free2rhyme214
It's ironic Tim Cook is defending encryption when Apple gives backdoors with
iMessage - [http://www.digitaltrends.com/mobile/fbi-imessage-
encryption/](http://www.digitaltrends.com/mobile/fbi-imessage-encryption/)

~~~
gecko
That's not what that document says. iMessage has a design flaw (which is
pretty obvious if you think about how it works) that allows it to
theoretically be backdoored. In other words, they made a trade-off between
usability and security, and (in my opinion, and clearly yours) fucked up.
That's very different from saying that they deliberately built a backdoor into
the system, and I think that some of the things they've done (like explicitly
noting when someone else has been added to your iCloud account, and will be
able to decrypt upcoming iMessage messages) goes to some length to mitigate
those issues, and make clear that the existing design is more incompetence
than malice.

That said, all Apple would have to do to fix this is to allow advanced users
to see all keys listed as authorized for their account. I'm getting
increasingly annoyed Apple hasn't done that.

~~~
vox_mollis
They voluntarily signed up for PRISM. That's all you need to know.

------
mixmastamyk
> …against the constant threat of criminal hackers and foreign governments.

Foreign govts? Rather, "against the constant threat of criminal governments
and hackers."

------
mschuster91
The only reason why Apple is defending encryption is because they're afraid
Android (which is open source and thus can be inspected/hardened) could take
away iPhone sales from security minded folks.

~~~
s73v3r
I doubt security minded folks would be choosing Android, because of the lack
of updates.

------
johansch
Apple has a very weak service portfolio (edit: for a company of their stature.
When compared to e.g. Yahoo they are doing great!). Their strength is in
client UX. Of course they will defend encryption, it's in their financial
interest do so.

~~~
coob
Weak Service Portfolio?

Off the top of my head:

SSO ID Service / Cloud Photo Storage / Cloud Document Sync / Cloud Backup /
Email / Instant Messaging / Music Store / Music Streaming Service / Cloud
Music Service / Movie/TV Store / App Store / Push Notifications / Payments /
Video Conferencing / Game Centre / eBook Store / Shared Calendaring / Notes /
Large File Sharing / Personal Assistant / Maps

Weak?

~~~
tazjin
For many people, everything that doesn't have a flashy Javascript-frontend
does not count as a service.

