Hacker News new | past | comments | ask | show | jobs | submit login

This is the key issue in this entire debate:

    [T]he Government has ... violated the trust of the American people [and] broken
    the law themselves by already conducting wholesale surveillance of the citizenry
    Thus, the number one issue, the issue that should preempt all other issues,
    is how the government regains it's credibility and re-establishes trust.
Far too many people - even here on HN - are taking about the government's order to Apple in isolation. The common arguments by the government and its supporters are based on the assumption that any action taken would be limited to the current situation.

Except this isn't an isolated situation. The government has been fighting against the free use of encryption for decades. Saying the order given to Apple is limited to this single case is practically admitting ignorance (willful or not) about:

* The investigation of Phil Zimmermann and the export of PGP as a a "munition"

* Bernstein v. United States

* The Clipper Chip (Skipjack) and other key escrow systems of the fist crypto war

* "Total Information Awareness" (w/ John Poindexter of the Iran–Contra affair)

* The beam splitter in room 641A of AT&T's facility at 611 Folsom St.

* The illegalities brought to light by Daniel Ellsberg, William Binney, Thomas Drake, Edward Snowden, and other patriots that kept their oath to defend the constitution.

* How many public security standards were ruined as part of BULLRUN and related programs.

* The recently-discovered use of "Stingray" devices ("IMSI-catchers") by the FBI.

* (I'll just stop the here - there are many other examples that should be included)

These actions clearly show a pattern of trying to gain backdoor access or other surveillance capabilities. Yet some people suggest - usually without any evidence - that the government should be trusted. What, specifically, has the government been doing in the area of communication security that has justified any amount of trust? Actions are more important than promises.

It would be nice if this wasn't such an adversarial relationship. Unfortunately, this cold civil war we are in where the government treating everyone as a potential criminal by default doesn't leave us with a lot of options. Until we see real actions that regain some amount of the public's trust, the rational approach has to be to not trust the government at all. To do otherwise is either ignorance of history or blind faith that the government never lies.

Don't forget CALEA[1], which is done in plain sight: Telcos don't have the ability to build infrastructure that could frustrate law enforcement's attempts to listen. They were so used to the state of affairs where they could listen to conversations that it was legally mandated that technology cater to their tastes at the expense of privacy and security.

[1]: https://en.wikipedia.org/wiki/Communications_Assistance_for_...

The government absolutely should not be trusted. That's why Apple shouldn't give them a skeleton key to get into any phone, just the legally compelled access for this specific phone. Apple can make that happen trivially. If the government was telling Apple to make an actual backdoor for any phone, this would be different.

Nobody (except the most unreasonable) has any problem with the FBI searching property when they have a legal warrant. That's what is happening here. It's the equivalent of asking a manager to open a storage unit. This specific case is not anything like any of the examples you gave.

One of the many problems with the way the FBI is asking for Apple to get into the phone is they are asking for a tool (an instrument) to be built, not for Apple to just give them the data.

The FBI could have filed for Apple to get them the data by brute forcing the pin code. They didn't ask for that, they asked for Apple to make a tool that could be used by the FBI to brute force the pin code themselves. This is a huge difference when you are talking about the legal system.

Jonathan A. Zdziarski, who has a little bit of experience with forensic tools and expert testimony, has written a post about this specific issue: http://www.zdziarski.com/blog/?p=5645

In the end, forcing Apple to build a tool to be used at trial, it would end up forcing them to release the code to many different people for 3rd party verification that the tool works properly for forensic purposes.

This lawsuit (using a law from the late 1700's, remember we became a country in 1776) is completely political and absolutely has nothing to do with getting into this specific device. It is about forcing a legal precedent and to force Apple into doing something they want without going through Congress.

>The government absolutely should not be trusted. That's why Apple shouldn't give them a skeleton key to get into any phone, just the legally compelled access for this specific phone.

You are still trusting that the legally compelled access is all good and valid, ignoring rubber stamping by courts. Allowing access to this phone due to a court order, when combined with a history of abuse by the courts, is as good as any other skeleton key.

Not at all. If they had a real skeleton key, they wouldn't need to get a warrant.

Rubber stamping is a separate issue. If that's what people were worried about, why would it be this case in particular getting everyones hackles raised? Every warrant to search a house or a car should be questioned, but this case isn't special.

The government does not need a warrant to gain access to your information, easily evidenced by mass surveillance of the world for the past 15 years. If they really want something you have, they will just take it mobster style and tell you to go fuck yourself. They don't have to charge you with a crime, they can charge your property with a crime and force you to deal with a kafkaesque process where your property is guilty until proven innocent by the people who issued the very order to seize it. Information + Encryption is one of the only things regular people have that is resistant to this process.

They do need a warrant for any information to not get laughed out a US court though. This is the main reason they are going after the data this way, because they want what they found and know wouldn't survive discovery to eventually be admissible as legally obtained evidence. That and it will set a nice precedent for them to deputize private persons and corporation into being law enforcement when they just can't be asked to not fuck up one simple thing.

This is also not-coincidently a case likely to polarize people against Apple with the old faithful terrorists are coming to get you rhetoric. A most slippery slope indeed, nearly guaranteeing that everyone who is supposed to be checking the executive branch for overreach will just go along with them wholesale.

To use it as evidence, they will need to obtain it lawfully.

That doesn't prevent them from acting upon information received from Apple outside of the court system.

There is a reason parallel construction is a thing.

> just the legally compelled access for this specific phone.

You're trusting the government to not acquire the signing key from Apple.

Yes, I am trusting that. So are you. If they had the signing key they wouldn't need to ask Apple for anything.

> Yes, I am trusting that.

> The government absolutely should not be trusted.

You're contradicting yourself.

> So are you.

No I'm not. The keys will be acquired when necessary, if they haven't already.

> If they had the signing key they wouldn't need to ask Apple for anything.

That would be true if the goal was to gather forensic data from a single phone. As I stated above, it's foolish to look at this situation in isolation. The FBI's (and other government agencies) history of trying to restrict encryption and gain access to communication technologies says the government has other goals.

You might have noticed that there has been a propaganda campaign going for a while now that has been framing encryption as a "terrorist tool" that is causing law enforcement's investigations to "go dark". The goal isn't the phone; this is about framing Apple (and Silicon Valley in general) as impediments to public safety.

> You're contradicting yourself.

No, you appear to be purposely taking my words out of context.

I said the government should not be trusted with a carte blanch skeleton key to access any phone.

Then you said I'm trusting the government not to get access to Apple's signing keys. Which of course I trust, and which you do too. If the government could get Apple's keys, they could just make their own firmware change, sign it, and install it on any phone they want. They wouldn't need this case.

> No I'm not. The keys will be acquired when necessary, if they haven't already.

Now that is some tin foil hattery. That would be reason for outcry. It's a big leap from where we are now.

If this case sets a precedent in either direction (pro or anti privacy), then the battle is already lost because nobody understands what's going on. This is in no way the same as the government circumventing privacy. If people don't understand that, then they're not going to understand a more principled argument of a company impeding a perfectly legal request to get access to the data on a phone.

Is your problem that you don't like the ability of the government to get and execute a search warrant against a person? You don't think they should be able to? If they can search your property, and they can demand for example that your landlord grant physical access, then I see no problem with this request. The responsibility is Apple's to make it so the phone can't be unlocked by Apple.

> No, you appear to be purposely taking my words out of context.

Purposely? You didn't provide much context. Apparently you include some large exceptions whee you do trust the government.

> you do too.

I've already told you I don't, because the government has a pattern of behavior that suggests otherwise. What is the basis for your trust that they wouldn't go after Apple's signing key? (or any other key)

Did you forget that the government forced Lavabit to turn over their private key?

> they could make their own firmware change

I've already addressed that, but I'll add that they could still take that route in the future.

> Now that is some tin foil hattery

Insults like that do not help your argument.

> It's a big leap from where we are now.

Perhaps. I don't think it's a very big leap at all to suggest that the government might repeat tactics they've used in the past.

> Is your problem that you don't like the ability of the government to get and execute a search warrant against a person?

Of course not, that's stupid. I have no problem with most warrants. I do have a problem with the general warrants being used by the FISA court, which were the reason we have the 4th Amendment.

> they can demand for example that your landlord grant physical access,

That's correct. However, this case isn't about Apple simply granting access to some of the property they own.

> make it so the phone can't be unlocked by Apple.

In the future, that would be a good solution (zero-knowledge techniques are always a good idea.

> Apple can make that happen trivially.

Trivial to whom? Apple certainly does not view the act of complying with this order as trivial.

From a PR perspective, sure. They don't want to look bad. Their reputation should already be damaged though, to anybody paying attention. Because they clearly made a piece of software with a backdoor. I don't put much weight in their letter to customers claiming it's so bad though. It's full of exaggerations and half truths, which to me implies they are trying to save face for something like creating a poorly secured device.

No critique of these programs is fair without taking into account the benefits, like all the terrorits they caught:


And these [explicit] trying to use excuses like it's for our children or if there wasn't encryption this shooting world have never occurred etc to further surveillance makes me furiuos. What makes me even more angry is these [explicit] getting away with lying to congress, courts with absolutely no action against them. Democracy is for the people by the people and of the people. I understand the need for secrecy in some matters of the govt. But the courts not having the ability to oversee them without having to resort to secret court system is govt abusing it's power. They have been using NSLs to keep their BS under the covers. That gotta change. There had to be punishment for those in power lying and misleading public.

They have also tried using Paris attacks to justify backdoors and surveillance telling us they would have been able to stop it if there was no encryption. Now those who hears it will support spying without knowing that Paris attackers didn't actually use encryption to his their communication. And NSA still didn't get a clue and warn them. Paris is not even their responsibility anyway. They have French govt to take care of their affairs. Those massive amount of tax dollars and resources can either be used to make a better world or to make an orwellian world. What's it going to be people? It depends on you.

Great post.

The government doesn't have our trust because the government does not deserve our trust.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact