On February 16th, Apple released a letter to its customers that went pretty viral. In it, Apple outlines their response to the FBI’s request after the San Bernardino shooting in December—they’ve complied with subpoenas and search warrants and have offered up Apple engineers to advise the FBI regarding investigations of the shooters’ phones. And then they get to the meat of it, the why for writing the letter:
We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
This is a massive overreach, and y’all know how much I like government, so when I’m saying overreach, it’s a pretty fucking big deal. Originally I didn’t write about it in Queer Your Tech because, as Apple has a long history of letters to their customers and has gotten really good at it, the corporation does a really good job of explaining why this is bad and shouldn’t happen. So what on earth could we add to it? But as more information became available, I felt like bringing it to your attention in this specific way and breaking it down to what’s going on and what can we do to help was a meaningful undertaking—meaningful in a way it wasn’t when the letter was first released.
What Is The Government Actually Asking Apple To Do?
In the original letter, Apple explains that the FBI wants the option to install an operating system—one that does not yet exist and that Apple would have to build—on one iPhone related to the San Bernardino terrorism. The operating system would break the encryption used to keep phone data private. Encryption is almost like giving the computer a secret language to speak, a cipher like spies use, and only people with the key to that cipher can decipher the information. In this case, they’re talking about the passcode to the iPhone. As of right now, the only way to input a passcode into a phone is manually—you have to put your fingers on it and type numbers or, if your phone is a 5s or later, put your fingerprint on it.
One of the elements of the cracked operating system the FBI is asking for is the ability to input passcodes electronically. That means they could essentially plug an iPhone into some software or hardware that would try thousands or millions of passcode options at the speed of a modern computer (remember that your iPhone is a bigger, badder computer than the one that first got astronauts to the moon, and that in comparison to other modern computers, it is slow). It would also strip the bricked phone feature—currently, if someone enters a passcode incorrectly on a phone ten times, that phone becomes useless. You cannot get the data off that phone, and that is as it should be.
The government says they would use it only for this one phone, but that line of reasoning represents a fundamental misunderstanding of the way the digital world works. Let’s talk about it in the sense of music. If you record a band on one of those old handheld tape recorders, nothing digital about it, and then you destroy the tape, that’s it. That was the only tape. There are no more tapes. You cannot listen to that recording again. The tape cannot be in more than one place at once, either—even if you hadn’t destroyed the tape, your friend cannot also listen to it in a separate room, or you couldn’t listen to it with another device that does not have the tape actively inside it. That’s the way the analog world works.
When it comes to the digital world, we can think of it like a digital recording of the same show. Remember the digital recording of Tig Notaro’s I Have Cancer set? Louis CK put it up on his site and thousands of people downloaded it within hours. If the original recording was destroyed, it wouldn’t matter. Once it exists, if the person recording is using their computer correctly, there’s a backup somewhere. There’s a way to make exact copies, to share it. And those copies are all but instant in a way that making copies of an analog tape would not be.
Moreover, if you possess a copy of that recording, you can stream it, meaning that the actual file can act as though it is in multiple places at once. It’s no wonder the FBI misunderstands the way this works: it’s almost unthinkable; it’s almost magic. Some might say it’s a willful ignorance, especially since in a separate FAQ released by Apple, they reveal that law enforcement from around the country have come forward with hundreds of iPhones to unlock should Apple loose its case. It is very very clear that this operating system would not be in use for this one phone only, and clear that people know such an operating system could be copied and used on multiple devices. But even so—I don’t think law enforcement officials at any of these levels are clearly thinking about the pandora’s box they’d be opening because they are unclear about the differences between the analog and digital space.
They’re not thinking about what happens when (and it is definitely when) criminals get ahold of the operating system that cannot be destroyed once its created. Or hell, if other governments get it. Or if the same government that wrote and approved The Patriot Act got it. Nor are they thinking of the precedent this would set—what other things would Apple be forced to do in the name of security?
This fundamental misunderstanding is reflected also in the way they’re trying to force Apple to code a new, less secure operating system: by exploiting the All The Writs Acts of 1789. I have said it before and I will say it again—the people of 1789 had no concept of what a digital world would look like. The writers of this law would not have foreseen data that can be in two places at once and be copied millions of times next to instantly. That would have been fucking witchcraft in 1789. As such, we can not use a law from 1789 to regulate a digital space in such an overreaching way.
What we need our government to do is sit down and hammer out what exactly should be regulated, and how to do it in digital space, instead of tacking on rooms to an antiquated house we no longer fit in as a people. But of course, this would mean going through Congress, this would mean asking our current Republican majority House and Senate to actually make government happen instead of grinding it to a halt. Oy.
Why Should We Care?
Actually, there’s been one response that is specifically for us, the queer community. Chelsea Manning has some thoughts on why we, us-the-queers, should be especially concerned about encryption. I recommend reading the whole thing, but here is a highlight:
Additionally, during my time working for the Army, I lived a “double life” under the military’s don’t ask, don’t tell ban as a closeted trans woman in a relationship with a man. Living under the ban, I regularly used encryption to shield my personal information on my laptop and mobile devices from colleagues living in close quarters. However, things could have been even more high stakes for me. If I were a closeted trans woman, while living and working in less open countries—such as Russia, Uganda, and Nigeria—I could face imprisonment, torture, and even death, if exposed. This is why queer and trans people living in such countries now use encrypted devices, such as Apple’s iPhone 5C, to build and maintain its communities while avoiding the dangerous scrutiny of others.
Now, as the U.S. government seeks a novel judicial back door to one phone, all of our encrypted data on most of our mobile devices and personal computers could be compromised by adversaries of queer and trans people who seek to cause us harm. Meanwhile, lawmakers across the country, and the world, are now considering the passage of new laws that would require all technology companies to build such “back doors” into all of our devices.
With the military’s lift of the ban on lesbian, gay, and bisexual service members, the Supreme Court’s ruling guaranteeing marriage equality, and the increasing visibility and acceptance in society, it is very easy to forget that the U.S. government has systematically persecuted our community in the past. Not to long ago, we were targeted as “insider threats,” as being damaging to military “unit cohesion,” as “deviants,” and “sex perverts.” If history is a guide, it may one day do so again, no matter how unlikely this may look today. Fundamentally, we in the queer and trans community should understand the need for privacy far more than most people, given the varying degrees of discrimination and persecution by our society and our government. Tim Cook, the CEO of Apple, lived as a closeted gay man himself for many years. Surely, his experience means he understands the importance of this as well.
So that leads us to the question—
What Can We Do?
The answer is not much right now, as this is being settled in court. This case is being handled by Ted Olson, the Gibson-Dunn lawyer who successfully challenged Proposition 8 in California. He’s been making the rounds, providing some really excellent ways of explaining the situation. On NPR, he’s quoted as saying, “A landlord is required to unlock a door. But a landlord isn’t required to build a door or to build a key or to build a lock.” The same article also concludes with:
Olson’s wife died in the Sept. 11, 2001, terrorist attacks, and Inskeep asked if — given his personal history — Olson found it difficult to dismiss arguments from federal investigators that accessing this particular iPhone could help them prevent future terrorist attacks.
“We care very, very much, and I do personally, about any instance of terrorism or an effort to prevent it or redress it,” Olson said. “But we have to balance our constitutional rights and make sure that we protect what America is all about. So we can’t cross the line of giving up protections that are built into our Constitution — terrorists want to tear that down. We can’t give in to that.”
Yeah, nope. This should not happen. We can provide a public showing of support by signing a We The People petition, which if successful will get the White House’s attention and at least make the executive branch of our federal government craft a response. I signed, and you should too. And we can watch. In the meantime, Apple is working on software that even it can’t break into.
Thanks for your insightful views on this! I had a basic understanding of what was going on, but this gives me a more in-depth knowledge of the case and the issues at stake. Scary stuff!
Thanks for this, Ali. Not much else to say, just wanted you to know I read and appreciated this.
Thank you for this! I signed the petition.
Thank you for this! I’ve been super interested in (and also confused by) this issue, and I really appreciate the clear breakdown.
Chelsea Manning’s position has given me a new perspective on things. Thank you!
oof thank you for explaining all this! i signed.
Thank you so much for the clarification and adding Chelsea Manning’s bit! I just signed the petition.
The problem with this is, of course, that the FBI is using a couple of arguments that always worked just fine with Americans: FEAR and SECURITY. Now it’s terrorism, the same as it was with the Patriot Act; the fear and security that worked with the internment of Japanese Americans, the Red Scare (2 times: in the 20’s and in the 40’s/50’s) and the list keeps going.
What is freaking me out about this is the risk that other agencies (NSA, CIA, etc.) will use illegal actions to crack or hack this freaking phone. And then will be royally fuck up, because it’s clear that you can’t fight that. WikiLeaks was a clear proof of what the US can do to the rest of the world when you justified your actions with arguments like security and fear. Probably, as Americans, you will never see this, but let’s be clear that the rest of the world will, because the US government can be a little concerned about the rights of their citizens but clearly doesn’t give a shit about the rights of the citizens of the world (the US sponsoring Saudi Arabia membership in the UN Human Rights Council?!!!!).
So I don’t think that this FBI vs. Apple is as simply as everybody makes it look: Freedom/Privacy vs. the Government. One thing that I know for sure, as a citizen of the world, is that my individual rights (freedom of speech, property, privacy, etc.) are not absolute and unlimited rights. This may seem like a really bad thing but actually, in the real world, it’s the way it works.
Jesus Fucking Christ, I sound like a far-right motherfucker. Just let me say that, in the case of another Red Scare, everybody will know for sure where I stand.
Sooo, these people are saying that consumer privacy trumps a police investigation? What does ANY citizen need any encryption for in the first place? The only people that want it are drug dealers, criminals and terrorists. If somebody steals your phone, you can shut it off. It doesn’t need encryption. That is a specious, BS argument. If apple can’t keep it from getting out, who can? If they can’t, maybe they shouldn’t even be doing it anyway!
Are you sure you read my comment?
I guess that being a fear-mongering little man can affect reading comprehension.
I don’t think you sound like the far right as they have been giving mixed messages. Sure Trump is publicly against Apple, but I think he is pro NSA, and other government agencies. The only Republican who was running that was implicitly against the NSA and government spying was Rand Paul(not sure if he’s racist but his father is). He actually mentioned that he would shut down the NSA or something to that effect. You sound like concerned person with valid points.
The thing is I don’t like unregulated government but also I don’t like unregulated corporations.
I have the same level of fear for both situations: we have clear historic examples of unregulated government but we also have examples of environmental tragedies in the hand of unregulated corporations.
Sounds like the FBI wants the 2nd biggest software company in the world to create an operating system for them for free. So, bill them like Apple would any other customer.. $1 Billion. I bet it’s not THAT important to the FBI.
No it is NOT an entire OS. It would be an update that turns the 10 try bricking off. The FBI would still have to try to guess the PW.
def main():
passList = []
for i in range(0,10):
for j in range(0,10):
for k in range(0,10):
for l in range(0,10):
password = (i,j,k,l)
passList.append(password)
main()
there’s every possible password. i’m not even GOOD at this shit and I made that in 5 minutes.
Right now there are several cases that hinge on an iphone. Several attorney generals have the phones but the info is encrypted and can not access. Victims’s phones where info on what was said could lead investigators to the real killers. No one talks about those.
I do understand your point, but I believe it is flawed. First, it is very obvious that you are very much liberal and don’t want to see the other side of an argument.
But, unless there is an article I missed, the FBI asked to circumvent the one feature that permanently locks you out after 10 attempts.
They have said that the phone can be kept at an Apple facility, the code would belong to Apple, AND they would provide Apple the passwords to try.
Does that sound like they want to hook it up to a computer?
Sorry you are just like all the other liberals… an alarmist.
Hey Bob! I don’t think you’re aware, I guess you probably stumbled in from Google, but this whole website is pretty liberal. Also the amount of time it takes to generate every possible combination of four digits is um, basically instant. I know because I wrote a program that does it in about 5 minutes. So yeah, this is pretty dangerous stuff. And if you want to get partisan, conservatives are kind of known for being “alarmist” with cries of terrorism, homosexual agendas, people living off your tax dollars, etc.
I can’t believe that people are actually falling for this Apple marketing gimmick. I am a software engineer so I know a little about operating systems and it sounded a little fishy to me that providing the FBI with the data on this phone would usher in Skynet and the Rise of the Machines. I decided to do a little research and sure enough, I found that Apple has unlocked phones and provided data to the government over 70 times since 2008. We should all be wary of the Government and even more wary of large corporations.
Unlocking individual phones is very different from creating a new iOS that allows the government access to any iPhone. Apple (while certainly not perfect) is actually doing something right by denying them access to what is functionally a master key.
Excellent article. I am a straight nerd who just happened across this Web page because of the topic. While I’m far from a security expert (I build things, not break them) this is a better explanation of the issues than most of the articles I’ve read. Well done!
Sorry Patrick you are easily swayed
Dudes…dudes everywhere
welcome to the wonderful world of tech bros
try not to slip on the hair grease
Thank you for another great article, Ali.
Thank you for explaining the nuances of this situation, Ali! Chelsea Manning’s perspective was one that I hadn’t thought of before but makes complete sense.