Posted on 05/19/2015 3:27:56 PM PDT by Swordmaker
Do you have a tech license yet? Wife and I got ours a few years ago. I time to be able to do something with it though. Not enough hours in a day, especially with sites like Free Republic to suck all my spare cycles.
“And, as I mentioned, it would seem to me that forcing someone to reveal their password could raise Fifth Amendment issues. “
In England, you can go to jail right now for the above. Of course, they have no Constitution...
Good for you! I'm still trying to find time... speaking of which...
> I time to be able to do something with it though. Not enough hours in a day, especially with sites like Free Republic to suck all my spare cycles.
LOL. Yep.
“How is this any different”
You can open the letter without the testimony of the suspect.
If you needed his testimony to open it, and he knew there was incriminating evidence in it, then the Fifth Amendment would preclude getting that testimony.
These companies position that they will not maintain a code to open the devices upon production of a warrant is going to make a constitutional mess.
Talking out of my ass, how?
All I’m saying is that the Feds under Obama have ways of getting Apple to water down their encryption technology to the point that the Feds can utilize it for nefarious purposes.
Apple created the technology. So it can’t be undone or reversed?
From a capitalist perspective, I like Apple. But they drank the Obama kool-aid so the Hell with them.
There are two major ways encryption can be "watered down". One way is to use an algorithm that is readily broken. If Apple were using a weak algorithm, it would be evident; lots of really good experts know these algorithms inside out, they know what the results look like, and they'd call Apple on it posthaste. The other way is to engineer a back door of some kind. The difficulty there is that the customer's private key is not known to anyone but the customer, by definition of how it's done, and you'd need to know that. Any back door that can get around the use of a good long private key will be so obvious that any of these security researchers would have found it long since.
Private keys are... private, unless the person who has it lets it loose. And in the case of Apple's encryption -- as I understand it -- the private key, encrypted by its passphrase, is only known to the customer who makes it. An encrypted private key, for example a 2048-bit or 4096-bit RSA key, with a passphrase of say 14 characters, is simply unbreakable in our or our children's lifetimes. That's what PGP/GnuPG typically relies on, and in the 20+ years that PGP has been around, nobody has been able to demonstrate a flaw in it. And a lot of people a lot smarter in this stuff than I am have tried mighty hard.
> Apple created the technology. So it can’t be undone or reversed?
To the best of my knowledge, Apple is using technology that's publicly available: 256 bit AES. Their particular implementation details may be unique, but the inner core algorithms are standard. They have to be -- nobody would trust a proprietary "new" encryption algorithm these days. I don't know the exact names/methods of Apple's algorithms; I'm gonna have to research that, or maybe Swordmaker knows :-) But I can virtually guarantee that they didn't invent some new one. Cryptographers all over would be rightly concerned and sounding the alarm over that. Cryptography is hard stuff, and Apple would only be compromising their own trustworthiness if they tried to invent some new crypto scheme.
I'm gonna invite Swordmaker to comment. If I'm full of crap about how Apple is doing this, he'll call me out on it, and I would deserve and appreciate the correction.
“I’m prepared if communications go down.”
We’re not talking about communications going down. We’re talking about the government, and anyone else with enough ingenuity to find the government’s backdoor, having instant access to any of your communications, electronic transactions, etc. Go ahead and think that isn’t your problem though, I guess some people have to learn the hard way.
” and that’s good enough for true believers.”
Well, or anyone who actually understands how encryption systems work...
“no one knows how to unlock 256 bit AES encryption without a key...”
Well, unless they’ve got a secret quantum computer at the NSA that we don’t know about, but that seems unlikely.
“Of course, they have no Constitution...”
Say that to a Brit and they will object strongly that they do have a Constitution... it just isn’t written down. (What good that does them, I have no idea).
If you read Bruce Schneier's writings on cryptography, you'd see that he says the same thing. Anyone can create a crypto algorithm that they cannot break. What's hard is making one that other people can't. Since one of Bruce's algorithms (TwoFish) was among the top 3 finalists when AES was chosen, I'd have to say he might know what he's talking about. From what I've seen of Apple's implementation, it's a pretty good one. The devil is in the details of course. Some implementations have been shown to have weakness in key generation, and their PRNGs. I'd be surprised if Apple fell into those traps. It's the small things that can kill you even if you're using good crypto.
On the other hand, it would be a good thing for Apple to open up the code for their implementation. There would be enough interest to ensure a good, strong look would be directed to it, given how high profile any news of issues would be. Anything found could then be patched by Apple, making their product even stronger.
I trust Schneier, and Phil Zimmerman, as much or more than I trust anyone in the field. They're the good guys, no question about it.
The fact that Snowden praised Zimmerman's PGP as the best encryption available to civilians counts with me too.
Oh, so you’re one of those cowards who didn’t mind what happened to the Jews because he wasn’t a Jew.
Spot On!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.