[Cryptography] Thoughts on the Apple iPhone fiasco

RB aoz.syn at gmail.com
Wed Feb 17 20:30:46 EST 2016


On Wed, Feb 17, 2016 at 4:03 PM, Phillip Hallam-Baker
> My concern is that by making a stand in this case, they are going to
> create a bad precedent precisely because they will inevitably fold.

If it is inevitable that they fold, then why worry?  If they had
folded silently, we'd be in a worse position than if they fold with a
fight.  If they fold with a fight, they're at least setting legal
precedent that this isn't a trivial practice or one that they take
lightly.

The crux of the matter is that this isn't about San Bernardino, nor is
it about the 5c, or even about the technical merits of the case.  It
is about setting legal precedent that the US gxovernment is allowed to
request product companies _create_ mechanisms that can bypass security
controls.

The FBI is, frankly, fortunate that this case involves a 5c, a willing
owner, and a politically-charged case.  This gives them the greatest
opportunity to appear completely reasonable while attempting to set a
dangerous precedent.  If they can conscript your workforce to make
something trivial (but nonexistent) today, the US legal system will
encourage (or at least allow) elaborations upon that in the future,
say creating an OTA firmware update for suspected terrorists that
silently disables encryption.  That is the slippery slope of precedent
people are up in arms about.

If the FBI wins (silently or not), there is that much less legal
ground product companies can stand on to create and maintain
actually-secure devices.

My cynical conjecture is that for Apple this isn't really about
securing devices.  Rather, it's about minimizing their legal
obligations and entanglements.  My further conjecture is that the FBI
is attempting to set precedent while they still can, when a trivially
bypassed device like the 5c is on the market and they can make the
case that the cost of entry is not that high.  They see the door
closing as easily as the rest of us, and are trying to get a foot in
before it's too late.


More information about the cryptography mailing list