Apple has been called many things in its time but never, as far as anyone can remember, “jerks” by an FBI employee speaking publicly at the International Conference on Cyber Security in Manhattan this month.
The man who made these remarks – senior FBI forensic expert Stephen R. Flatley – reportedly followed this up by describing the company as “pretty good at evil genius stuff.”
We don’t have the full context of these remarks – was Flatley perhaps being humorous? – but the seriousness of the conflict that prompted the barbs is not in doubt.
It began on the day in September 2014 when Apple launched iOS 8, after which the company said it could no longer access data on an encrypted iOS device – even if asked to by a government agency handing it a warrant.
The technical backdoor that had always been there as a last resort for investigators was sealed. As the company explained this new world:
Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.
As far as the FBI was concerned, shutting out investigators was an obstructive decision by Apple, while from Apple’s point of view, it had no choice. It was following the logic of encryption, which is that a security design in which a backdoor exists will end up being equivalent to no security at all.
Flatley also complained that Apple keeps ratcheting up iOS security, recently changing password iterations from 10,000 to 10m. This meant:
Password attempts speed went from 45 passwords a second to one every 18 seconds. […] At what point is it just trying to one up things and at what point is it to thwart law enforcement?
Not coincidentally, Flatley’s boss and FBI director Christopher Wray used the same event last week to argue that encryption backdoors would not compromise wider security, a viewpoint that many in the security industry have vigorously disagreed with for years.
According to Wray, encryption prevented the FBI from accessing 7,775 mobile devices in 2017, without saying how many of these were Apple’s.
It’s the type of statistic that will probably be bandied around more often. Clearly, the FBI thinks – probably correctly – that it plays well with public opinion to keep repeating the argument that unbreakable encryption stymies serious crime investigations.
But it could also be that the simmering conflict between the world’s largest technology company and America’s biggest law enforcement bureau over encryption is becoming increasingly redundant.
Encryption is spreading and improving, regardless of what Apple does. Apple knows this, just as all technology firms do, and wants to be on the right side of technological history should interest in privacy spread, as some believe it will.
Internet users might then face the dilemma of life in two competing universes – one in which they are watched by governments and hemmed in by controls and the other in which private companies offer them a patchwork of partial freedoms out of economic self-interest.