Hacker News new | past | comments | ask | show | jobs | submit login
The Encryption Meltdown (wsj.com)
156 points by chmaynard on March 28, 2016 | hide | past | favorite | 74 comments



I wrote letters to my Congress critters arguing essentially the same point

It is disqualifying that a "leader" like James Comey would argue that the government can reasonably demand that private companies can protect customer secrets and give the government a secret path to access those secrets, in spite of everyone's failure to properly protect secrets (ala home depot, target, opm, et. Al.).

This is not the argument of a serious, honest man. It advertises his ignorance of reality and utter incompetence of judgement.


So if Apple really did make an unbreakable phone then would (should) they have the right to make Apple break it?

Let's legislate this issue now, and ignore the fact that they might be able to break it some other way. That's a side point and not very relevant.


Not that it matters much, since encryption can be under your own control regardless of whether the government permits a phone manufacturer to sell you a product designed as such or not, but it seems to be already legislated by CALEA [1].

Obama talks like that hasn't been already decided, and outside tech forums I feel like anyone who suggests new legislation for this is gunning for certain parts of CALEA to be changed to restrict freedoms, not grant them.

[1] https://www.techdirt.com/articles/20160315/15505433916/apple...


On the contrary, let's hope off any legislation is pushed off as long as possible.

The concept of an unbreakable container simply does not exist in the public's nor the government's realm of possibilities. Historically if some device was created by a person, it could be undone by a more-powerful a group of persons. Might makes right, in the prescriptive sense.

So until unbreakable encryption becomes widely distributed and appreciated by the majority, the only thing that can come out of any legislation is the same top-down power structure most everybody has been primed to accept. We can only hope that the group drafting any legislation remains unconcerned about preventing truly secure encryption, to avoid the result of preemptively criminalizing various types of code for everybody! This is the threat to worry about - government forcibly restricting the advancement of society, simply so that it may retain better control over us.

What makes this situation so worrying is that Apple has sold the story of unbreakable encryption for a system with a designed-in backdoor! This merely provokes the government's immune response over a capability that the people don't yet widely have.


Legislation does not make me feel safe.


I have a mental tool that I rely on to help avoiding indulgence in silly thoughts. I want to share it, but it sounds kind of harsh, so I want to make sure that I am forcefully communicating the spirit of it's intention. It's a tool that helps me- not a judgement of your comment.

"If" is for children.

The scenario you are describing is a hypothetical which is not based on the state of software development today. We are not likely to be dealing with the ability to build an unbreakable phone any time soon. We are certainly dealing with the condition of failure- companies can't seem to keep data secret, even when they want to.

Your question is built on a flawed premise. Show me a way to reliably constrain a developer so that when they compile, the data you want to keep secret reliably stays secret, and then I'll be happy to indulge in this scenario. For now, we are just too shitty at developing bug free, let alone secure software.


That is a silly notion... 'if' is not for children, 'if' is for conditional statements. As software developers, we use 'if' every single day of our lives. Stating things in the form of conditionals is very important when talking about the future (since the future is full of conditionals).

Also, as far as 'showing you a way' that 'the data you want to keep secret reliably stays secret'... well, that is the definition of encryption, and we are pretty good at encryption. In fact, if we weren't, then this entire case would be a moot point.


If you think we are pretty good at encryption, I'm worried that you're not paying attention.

Matt Green captures the spirit of what a lot of us feel who are on the front lines of infosec defense:

https://twitter.com/matthew_d_green/status/70991989500204236...

"We can barely encrypt."

This problem is not new. Put some time in and read Matt Blaze's paper "Why (Special Agent) Johnny (still) can't encrypt." http://www.crypto.com/papers/p25sec.pdf

>>Also, as far as 'showing you a way' ...

My point is apparently poorly made, so let me try improving. Encryption is a feature- but our ability to properly implement it is woefully inadequate. Many developers think very much like you seem to be- I have a secret, so I need to encrypt. But they forget about (or have no awareness of ) offensive methods for intercepting a secret with a debugger. They think in terms of network transport or file system objects.

So many a developer says "I'll just take out my copy of applied cryptography and go to work." And then security experts get more fuel for yelling about the danger of rolling your own crypto (even if you're just implementing what you see in Applied Crypto).

Finally- I was obviously not talking about conditional statements. Read it again and pay attention. Hypothetical "if only" scenarios are great and amusing way to burn brain cycles with no real application. It is also a tactical error, because it indulges people in considering things that don't exist as potentially real.


In general, there is already a solution to this. It's a search warrant or subpoena and a judge; judges have ordered encryption opened in the past and defendants comply or can get contempt. All this is about the Feds snooping without anyone knowing..

Perhaps another approach to this would be to lobby that all government encryption, including military, be key escrowed so that the populus could review the communication in the future. They won't like that but at least there is a legitimate use case for it.


> Perhaps another approach to this would be to lobby that all government encryption, including military, be key escrowed so that the populus could review the communication in the future

It's not practical. Terrorists would just use the free encryption software that doesn't use escrowed keys. They're the fish we want to fry the most and they will be the first to not use whatever the US government tries to manipulate.


The solution is simple, we simply need to pass a law which makes it illegal for terrorists to use non escrowed key encryption software :)


Does this surprise anyone?

Nevermind that this all an exercise in charging windmills. How woeful it is, too. Billions of tax dollars spent in trying to defeat the inevitable. All with a "constitutional scholar" as a president.

It's like the Prohibition of the 21st century, just tinged with free speech and notes of a surveillance state.


The alternative view is the president is giving FBI enough rope to hang themselves. The president doesn't need to get into every single battle.


> The president doesn't need to get into every single battle.

True. But there's some debate over whether this is about one phone or about all phones. And the President did weigh in on the wider issue, which is, how to keep people safe in a world with strong encryption. He discussed it at SXSW and also in follow up comments by his Press Secretary [1]. He is convinced there is a way to guarantee warranted access to decrypt data. He does not understand that encryption technology is words on paper that anyone could write or make use of through free and open source software and apps.

[1] https://youtu.be/LRR2B5f82e0?t=38m25s


It isn't really clear what the president believes, because all of these statements are glittering generalities. In some sense what the president thinks about how crypto works doesn't really matter, because aside from a full break crypto doesn't care about any of the silly things being opined by Comey et al. Key escrow does not scale. And Exhibits A through G show the government has a lot of problems keeping large amounts of data secure. So escrow won't happen. The user doesn't know the key. And the user thus far can't be compelled to hand over a KEK via their passphrase.

Governments owning exploits is arguably them not protecting the public by withholding important security information. All of this leads to reduced trust.

So I choose to think they know more than they let on. And this is about getting clear buy in from the public for whatever policy emerges. Because established policy is harder to unwind legally, and when the public is screaming for heads to roll this isn't good for our trust model. It's simply better for FBI to air the dirty laundry this way. The general public is a lot more ignorant and complacent than FBI, no matter what comes out of Comeys mouth.


> In some sense what the president thinks about how crypto works doesn't really matter

While the President touts finding middle ground, he leads the DOJ to believe that there must be some concession that can be made by technologists. Law enforcement then believes we technologists are being disobedient and aren't doing our civic duty. That has a cost.

Law enforcement needs to understand that they can't rely on this data so heavily in the future. We pay them to keep us safe and I'd prefer that they figure out how to do their job the right way sooner than later.

> crypto doesn't care about any of the silly things being opined by Comey et al. Key escrow does not scale

No doubt

> So I choose to think they know more than they let on

Feel free. I think their understanding of encryption tech is incomplete. I do think Comey is being less than truthful about his intentions to access "just this one phone". But I also feel it's our job to keep people informed so we don't play this mindless, pointless finger pointing game and get down to doing things the right way. If technologists do not teach the lay person how technology works, and we say everyone must research it themselves, then I believe we will take longer to move forward as a trustful society.

> The general public is a lot more ignorant and complacent than FBI, no matter what comes out of Comeys mouth.

I completely agree it's the public we want to educate here to make sure this is the last crypto war, and that it ends with this case. We're only hurting ourselves by letting these buffoons have the biggest voice.


"While the President touts finding middle ground, he leads the DOJ to believe that there must be some concession that can be made by technologists."

I agree with this 100%. He's one of those people that think every problem can be solved through force of will, intelligence, and civility - so he's constantly making forceful declarations about how we should get all of the smartest people together, put them in a room, and have them calculate exactly how we can have our cake and eat it too.

The problem is that he thinks that you get the smartest people by selecting the most civil members of each belligerent faction. To him, people who understand encryption constitute one faction, because they all have the same opinion, and with that he guarantees that the smartest people are going to be a minority in that room. If Silicon Valley businessmen, the FBI, NSA, DEA, and anti-Islamic hawks are also separate factions, he can set up a situation where 99/100 people in the room are talking about what should be done, and only one has any understanding of how it works or the capability of implementing it. 90% of the remainder are quoted anonymously in the NYT saying "I think the ultimate solution will land somewhere in the middle."


"While the President touts finding middle ground, he leads the DOJ to believe that there must be some concession that can be made by technologists."

This is one of those "correlation isn't causation" cases here... the President isn't leading them to that conclusion, there's an independent belief about that from, well, pretty much everybody other than experts in the field that there must be a middle ground.


For sure! I definitely believe people can make up their own minds, and hopefully most will. All I'm saying is we all don't have time to learn about every scientific advance and the surrounding laws and implications. We entrust a lot of that to others. And sometimes, through lack of knowledge, we can be swung by fear. My fear, since I don't know much about how law enforcement operates, is that law enforcement already feels disrespected by the public, and they will blame technologists for failing to catch terrorists instead of doing the best they can at their jobs.

The rise in portable social media has amplified situations where they make mistakes. They need to quickly improve the quality of their service in order to maintain our trust. On top of that, if Apple builds a more secure device, they may soon find that they no longer have access to as much information as they had for the last 5 years.

Like any boss, the President is supposedly the best suited and most informed. In this case he is the most informed on security issues balanced with civil liberties, and so he holds some convincing power over those who may not be as informed as he is, which includes all levels of the DOJ and the general public. It'd be nice if he knew a few more details about encryption and could either share those facts with the world so we can all understand a little bit more about the future, or at least stop acting like there is something tech companies can do to help the government catch terrorists who use encryption to hide their communications. On an ad hoc basis there may be something tech companies could do with the NSA, like having a special forces tech group, but forcing all encryption software to do key escrow just isn't feasible when you consider open source and free software. Obama's rhetoric sounds like he wants some permanent solution in place via legislation. That isn't possible and he is misleading the public by implying it is.


I think there's a lot of assumptions about the Prez being dumb here that aren't warranted.

From the perspective of the FBI, free encryption tools like PGP have been around a long time, but they only started having investigations blocked by encryption very recently, as Valley tech firms started integrating it and enabling it by default. Even if the Prez knows that encryption tools have been available for decades, and I suspect he does, that isn't the cause of the current problems they're having.

With respect to getting warranted access to encrypted data, key escrow is an old concept, so of course there is. Just because we in the tech community don't like it doesn't mean it doesn't exist.


> With respect to getting warranted access to encrypted data, key escrow is an old concept, so of course there is. Just because we in the tech community don't like it doesn't mean it doesn't exist.

Okay, let's say key escrow is used. There will be a lot of debate and new laws passed by Congress. After this, who in the public do you think will sign up to use the products Apple admits has been weakened by government?

I think the public will just become more informed about encryption and more people will end up using various encryption apps that circumvent whatever measures the government puts in place with Apple. In other words, it'll be a big waste of time, and the main target, terrorists, will be the first ones to figure out the right ways to hide their communications.


> After this, who in the public do you think will sign up to use the products Apple admits has been weakened by government?

Nearly all of the people who would have otherwise bought those products.


While that's undoubtedly true domestically, I have to belive that openly requiring a backdoor is going to hurt Apple and the rest of the US tech sector in the rest of the world.


Why is that? Other countries want their own law enforcement to be able to break the encryption used in their countries just as badly as the US does. That's close to 95% of the reason Blackberry still exists.


Perhaps. Either way my larger concern is the message being sent to law enforcement by the higher ups. I mentioned this in another comment.

Plus the fact that terrorists will be the first to use other encryption tech. So, yeah, it is a waste of time and the reason can only be that our higher ups are misinformed. I don't see any good reason they would know all this and lie about it. So they can catch a few common criminals? So they can fail at catching the smart terrorists? It doesn't add up.


I assure you that most who buy an iPhone (or any product) don't consider security in their purchase decision. Security isn't a visible feature. Brand, design, usability, camera quality and a dozen other things will come before that.


"I think there's a lot of assumptions about the Prez being dumb here that aren't warranted."

The $PRESIDENT is dumb about encryption, though. I don't mean Obama specifically; I mean, we have probably never elected anyone who could really understand this problem, we probably never will, and even if we ever do elect someone who could theoretically do it there's no way they will ever be able to break out enough time to come to a deep, independent understanding of their own in the face of all the other fires they are dealing with on a daily basis.


This is what terrifies me.

We're potentially about to elect (assuming the primaries stay the course) one of (a) a gentleman who thinks that technology can magically just do anything asked of it or (b) a lady whose desire to use a personal Blackberry led to (at best) ignoring basic information security risks.

Despite my political leanings, and as much as I hate to admit it, I'm tempted to choose the pragmatic candidate with a business degree over the ignorant candidate with a law degree.

Btw, what is it with lawyers mistaking laws for truths? They seem to look at the world through some bizarre Borges lens where physics needs follow law instead of the other way around.


> Btw, what is it with lawyers mistaking laws for truths? They seem to look at the world through some bizarre Borges lens where physics needs follow law instead of the other way around.

Haha. I don't think anyone is trying to legislate that gravity lighten up so we can use less fuel to move around. ;-)

I'd venture it's because technology and science moved so quickly that many people still don't understand things that you consider basic. For example, I have a lot of respect for people who are artistic and spiritual. I recently tried out meditation and realized there's a whole world I've been missing. I think the same can be said of science. Some people just don't want to learn it.

That should be alright within our current system. But, in cases like this where the technology (encryption + internet) goes from near zero usage 20 years ago to more than 50% usage today, it's tough to make sure our government gets it. The average age of our representatives is around 58, so none grew up with the internet or computers. And, it's been made so easy that you didn't need to understand it to use it. So we have many people using something that most don't understand. And we have not yet been in many situations where our civil rights depend upon having representatives who understand it.

I'm probably oversimplifying but that's how I make sense of it. The way forward is to educate the public and our representatives. Hopefully over time we have more people in office who either understand such critical security issues themselves, or have a connection to someone who does.


The President is wisely keeping his distance.

He's made some statements seeking compromise, which allows him to avoid tipping his hand with respect to his actual thoughts while supporting a need to support law enforcement's needs and civil liberties.

The FBI guy is the guy at whom rocks will be thrown when something bad happens. All of his actions are biased towards "doing


Yeah I don't think the President will catch much more flak than he has, but I do think it is clear from his comments that he does not understand the technology. That is too bad because he could really help inform and prepare the country for the future if he could stand up and relay some hard truths to the public while suggesting ways we can deal with new threats that are coming. The last thing we want is a leader to throw up his hands and say, "I do not understand this threat, and I have no idea how we're going to deal with it". He almost choked up on words like this at SXSW [1]. He cannot see a way forward because he does not even understand the problem.

[1] https://youtu.be/wfsIZioIpdI?t=46m


For me the interesting thing happening here isn't the encryption debate itself, but the fascinating friction between politicians and engineers. It's the juxtaposition between individuals whose profession relies on using rhetoric to convince others on an agenda regardless of logic versus professionals that rely on sound logic regardless of rhetoric. If logic doesn't prevail, Orwellian statements like "All animals are equal, but some animals are more equal than others" can conceivably be truisms (If it's not already the case now.)


I think you're selling the politicians a little short. The big difference is that political arguments tend to be created conclusion-first, while engineering arguments tend to be created logic-first.

The political arguments aren't illogical. They just tend to be created for a purpose, so most of what they tell you about is how much effort and skill is being invested to further that purpose. Conclusion-last logical arguments tell you more about how the world works.


Politicians who are doing a good job are good at ironing out compromises, which are often necessary. People want different things and have different ideas about how to accomplish them. Sometimes there are clear answers, often there are not.

Something we need to be careful of as 'logical' people is that all-or-nothing, we are right attitude:

http://marginalrevolution.com/marginalrevolution/2009/12/mor...


> compromises, which are often necessary

On the other hand, if the only tool you have is compromises, then every problem might seem like it is caused by lack of compromise, when at least sometimes it's rather a lack of honesty, and a want of adults putting their foot down and enforcing honesty.

http://mason.gmu.edu/~rhanson/deceive.pdf

> We review literatures on agreeing to disagree and on the rationality of differing priors, in order to evaluate the honesty of typical disagreements. A robust result is that honest truth-seeking agents with common priors should not knowingly disagree. Typical disagreement seems explainable by a combination of random belief influences and by priors that tell each person that he reasons better than others. When criticizing others, however, people seem to uphold rationality standards that disapprove of such self-favoring priors. This suggests that typical disagreements are dishonest. We conclude by briefly considering how one might try to become more honest when disagreeing.


> professionals that rely on sound logic regardless of rhetoric

There's plenty of rhetoric employed on all sides of this debate.


Their whole world is part of why we don't have the GDP growth we want. People fighting each other over things instead of fighting nature. They don't build and invent anything other than more actionless words and sentences. Their greatest battles result in people being swayed to one view or another but never something being invested in and grown to produce value. And that's why they're just a waste.


>People fighting each other over things instead of fighting nature.

It's easy to criticize the endless debates (and it's often over subject matter that looks silly), but this sort of debate is a big part of the success of a country like the US. It prevents leaders from moving too quickly in a direction which may have negative consequences. The trade-off is that everything takes forever to get done.

>but never something being invested in and grown to produce value.

The US and its underlying political system has possibly created more value than any society in the history of the world. It's hard to argue that the system doesn't work.


> his sort of debate is a big part of the success of a country like the US

The problem with your statements is that the US has a Constitution, which explicitly restricts the actions that the federal government may take. The endless debate witnessed today in the United States is only evidence towards the fact that our government no longer leverages a respect for its own legal documents. This ends up making the battle unwinnable by either side, because while the one side argues with totally true technological facts, the other side argues in the domain of senseless rhetoric. Meanwhile, neither side is making the concrete legal argument that the Constitution forbids the FBI's desires outright - except for Apple themselves. Many of Apple's own defenders have verged into the territory of "but this is math and you have to accept it!" which only distracts from the much more horrifying disregard for common sense these politicians are displaying today.

This is not a battle of mathematics - politicians should not need to leverage any knowledge of encryption to know that coercing a corporation into destroying its product's security apparatus is both unethical and illegal.

> The US and its underlying political system has possibly created more value than any society in the history of the world.

Apple, today, has done a lot more to bring value to the world than any of the politicians in DC have, today. Perhaps you could make such a fallacious argument about some of our better times of politics - but not today. Today's government has bumbling fools like Lindsay Graham and Joe Biden in leadership positions.


It's a good point that solid debate at the federal level prevents them from moving too quickly. But I would counter by saying that if their debate is consuming a large portion of our GDP, the infighting alone holds us back and I'd prefer they just went home and did something else: 3.8T fed budget / 16.8T US GDP ~= 22% being consumed by them. If 10% of that is waste (~2% of GDP) and we're growing at 2% GDP/year, the difference is doubling in 30 years (which might not even show in GDP/person due to population growth) vs a 3.7X increase in 30 years, which is a strong and innovative nation. In short, even just a 10% waste on their part might be holding back the whole nation. I bet the overhead waste of the feds is 10%. I don't even want to think about how much the military waste is holding us back.


Yeah, we should have some kind of central authority figure to just make the right decisions instead of wasting all this time and effort on debate. What could go wrong?


If the central authority figure is an algorithm, I could be persuaded to support that.

It's probably too soon, but I think one day having near real-time information on the state of the economy could enable a central controller that is more efficient than the markets.

In any system, every decision is about trade-offs. I could see elections being created where individuals vote for algorithmic priorities (ie rank education, law enforcement, r&d spending, etc...).


I hear China has one of those, maybe they will share their guy with us. It's all rainbows and unicorns over there.


Vitally important programs like Medicare have an acknowledged ~10% fraudulent payment rate. And that isn't counting inefficiencies, just outright fraud.

So programs with less oversight, and less importance, are likely to have just as much if not more fraud. A lot of it perfectly legal and baked into the system like military contracts.

Not embracing a culture of harsh punishment and strong public shaming of even the hint of corruption has cost this country trillions over the years. Trillions which would have compounded results (like maybe smaller classrooms with better educated teachers).


> Already history has in a sense ceased to exist, ie. there is no such thing as a history of our own times which could be universally accepted, and the exact sciences are endangered as soon as military necessity ceases to keep people up to the mark. Hitler can say that the Jews started the war, and if he survives that will become official history. He can’t say that two and two are five, because for the purposes of, say, ballistics they have to make four. But if the sort of world that I am afraid of arrives, a world of two or three great superstates which are unable to conquer one another, two and two could become five if the fuhrer wished it. That, so far as I can see, is the direction in which we are actually moving, though, of course, the process is reversible.

-- George Orwell, letter to Noel Willmett (1944) [ http://www.thedailybeast.com/articles/2013/08/12/george-orwe... ]

And here's a scary thought: for the purpose of ballistics etc. it's perfectly sufficient that some black box machine can think logically. That is, logically and based on true premises and sanity - because maybe you could say people like Hitler or Charles Manson were thinking logically based on flawed premises they made up on the spot. There is no such thing as "sound logic" in a vacuum, after all, it's always based on premises, and the "super hard" sciences, e.g. measuring how long a piece of rope is, say nothing about whether you should lynch people with that rope or or use it to build a swing set.

The husband of Clara Immerwahr ( https://en.wikipedia.org/wiki/Clara_Immerwahr - I like linking it that way because I simply adore that name (you could translate it as "evertrue"), and because she makes the contrast to Fritz Haber even bigger ) may have been a great scientist/engineer, but that doesn't say anything for or against his opinions about whom to feed and whom to let starve (seeing how the invention he was part if is feeding billions of people now), or whom to use toxic gas on. It's more or less orthogonal, I think.

What I could agree with is "logically sound" being a placeholder for all sorts of things, intellectual honesty, reflection/debugging, honesty/transparency, reproducable facts, and so on, and all of that opposed to sophistry and marketing. But the premises play as big a role as the process IMHO, and crooked premises plus a logical process still equal a crooked outcome.



Their argumentation is ridiculous. The litigation cost Apple money, and could have had devastating effects they are all too aware of if a precedent was set. Their argument is basically "Carpet bombing is good because in the process of wiping out civilians we managed to kill a terrorist". There's a myriad of other ways they could have "stimulated creative people"(for example, by bloody paying them to do it instead of paying lawyers). That is why I continue to think the FBI's litigation was malicious - out of a myriad of approaches, they decided to pick the one with the worst possible outcome for cryptographic security and tech companies like Apple.


Nobody buys the Fed's story. It's clear that it was never about a specific phone and only about setting a precedent.

Which is all well and good, but it begs the question why did they back out now? Public opinion was divided from the start, and it didn't change dramatically from when the story broke to when they dropped the case. They got a lot of mainstream media exposure, but I would have thought that would have been expected at the least (and probably desired).

It's been reported that the other three letter agencies don't share the same view. Did Comey get too much unwanted heat? Is it just a temporary retreat to regroup and fight again another day? Something else? I can't believe that they just expected Apple to roll over.


> why did they back out now?

Because it's a part of an orchestrated campaign to try and restore international trust in the US companies? Their credibility was decimated by Snowden revelations. This includes Apple who jumped into the bed with NSA as soon as Jobs was out of the way.

So Feds cook up a case to challenge Apple on something crypto, scream their lungs out how they can't get in, but then bail out on technicality. The net effect - everyone now thinks Apple is a bastion of privacy and iPhones are Fort Knoxes of quality encryption.

What will come next is another case with a major telco vendor (cisco, juniper, etc) that will work to the same effect. Just grab your popcorn and see.


There's no evidence for any of that. Our politicians can't even figure out how to secure their emails. If they cooked up such a grand conspiracy, these days, it would get out. Anyway that's CIA level stuff, not politicians. Not even the same ballpark.

The current state of the case suggests Apple's phones aren't 100% secure. The FBI found a way in without Apple. What happens next in your view? The FBI brings another case against a new model of an Apple phone and Apple wins? And then meanwhile, behind the scenes, FBI agents everywhere are unlocking the next iPhone without the public ever finding out? I don't think so. That's too complicated. Occam's razor. There is more truth in what politicians say than you realize. It isn't all true but one rotten idea doesn't spoil the bunch. Individual people are complicated, but collectively we don't work together or maneuver so quickly.


You're probably correct, in my opinion. Don't forget the bit where they (Apple) have been issued an NSL, so while the public is distracted by the smoke and mirrors the G-men get what they want.


Apple even said they’d have complied if the FBI had asked secretly – not publicly – like the last 27 times.


As best as I recall, in that paragraph they did not say they would comply, just that they would make every effort to assist.

I believe the subtlety was lost on those who want to believe Apple is being hypocritical.


The difference is still the same: Apple isn’t resisting out of good faith, but because they don’t want to risk a public precedence case.


Thanks for proving my point.


When did Apple say that?


> why did they back out now?

We'll never know. Doesn't matter anyway. If Comey or Lynch is to be fired or forced to resign, then this situation will never be discussed. They'll never admit that they did not do their own due diligence. Lawyers argue their own side and that's it. Lynch and Comey are professionals at this. They only look dumb in this case because they don't know anything about technology. I firmly believe this is true. There's absolutely no value to the US government to seek to weaken Apple's product. Other free forms of encryption exist. If the lawyers really understood that they would never have bothered with the case. Even if the government got Apple's cooperation, there would be so much news about this that even more people would learn how to use encrypted messaging tools. It wouldn't help us defeat terrorists in the slightest and it'd cripple a major US company's primary product.

The problem is there are only a few people in the White House and Congress with strong enough voices who understand technology. You have to be a maker of technology to understand this stuff. If you haven't tried to do that and have only ever been a user, there's a good chance you'll never understand it. I remember thinking if I set up WordPress or Drupal for my clients and taught them a little then they will learn to manage their own websites. Nope. In many cases, the older crowd still wanted me to make minor edits that could be done through the web interface. I'm sure you all have experienced the same.

So, I think all the time and money was wasted on this because we still have people like Feinstein, who hates everything tech that she can't control, in office. We don't have enough Ted Lieu's. Amazing that CA produced these two opposing characters. Also, the CTO's primary concern is getting more women involved in computer science. She's made no comment on the encryption topic. Obama claims that he understands tech since he created a digital services team, but that's clearly false. Government needs an upgrade and we can only do that with our voices and votes.


> Which is all well and good, but it begs the question why did they back out now?

Tinfoil answer: Because one of your secret courts ruled in their favour in a way that allowed Apple to save face in public?


This is actually huge: when the government has lost the Wall Street Journal then it's truly lost its constituency.

And of course the article is correct: this was all absurd from the get-go.


>The Justice Department and FBI insist the encryption debate is critical to national security, and they’re right. The problem is that—amid another terror attack in the West—they continue to supply more reasons to doubt their credibility and even basic competence.

Which way is this about to go? Does this justify more funding and more legal power?

>Instead, Justice rushed to legal war with dubious theories. As it escalated its rhetoric, it even threatened to confiscate Apple’s source code and electronic signature: “The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labor by Apple programmers.”

>Even Justice concedes that the source code and signature are the “keys to the kingdom,” that, if stolen, would let hackers and spies enter millions of devices world-wide. So the same pros who can’t defend Office of Personnel Management records should get custody of Silicon Valley’s most dangerous intellectual property.

Ideally, the signature is far more dangerous to security than the source code, but anyway it is reassuring to see more writing that fails to see all sides of every debate equally valid regardless of consensus opinion among experts in the relevant fields.


> ...but anyway it is reassuring to see more writing that fails to see all sides of every debate equally valid regardless of consensus opinion among experts in the relevant fields.

What are you trying to say here? Arguing for compromise in the intentionally weakening of cryptographically secured systems is like arguing for compromise in how much rat poison people should be forced to eat.


> reassuring to see more writing that fails to see all sides of every debate equally valid

I'm not passing judgement on this particular case; but that's a complete fallacy. "All sides" of every given debate are _not_ equally valid in all cases, and in certain cases it is disingenuous to imply that they are.

> regardless of consensus opinion among experts in the relevant fields

I can't understand this opinion? Could you clarify what you mean, because from what I'm reading, it seems you're implying that someone who is uneducated in a given topic's "side" in a debate is as equally valid as someone who is? That seems incorrect to me on the face of it, but I'd love some clarification, because it's likely I've missed some nuance here


I wasn't clear. Instead:

>reassuring to see more writing that refuses to see all sides of every debate as equally valid

Treating "balance" like an implicit good is garbage. News organizations should have editors with enough judgement, and courage, to choose which arguments merit airtime. There's a difference between silencing your opponents, and refusing to give airtime to people when you can't even decide whether they are ignorant or pursuing some unstated agenda.

I don't think there are many, if any, industry experts who believe that a policy mandating weaker encryption wouldn't cause far, far more harm than good. And yet, it seems like most of the time we see these trainwrecks proceed, with coverage portraying both sides as equally valid and advocates for both as acting in good faith.


> Treating "balance" like an implicit good is garbage. News organizations should have editors with enough judgement, and courage, to choose which arguments merit airtime. There's a difference between silencing your opponents, and refusing to give airtime to people when you can't even decide whether they are ignorant or pursuing some unstated agenda.

I completely agree, and thanks so much for clarifying; I hope I didn't come across as snarky!


> it seems you're implying that someone who is uneducated in a given topic's "side" in a debate is as equally valid as someone who is? That seems incorrect to me on the face of it

That's a pretty good argument against democracy.


Not really. Democracy is about having the right to an education. It's about free speech and allowing both good and bad ideas to be discussed openly so that we can all decide together which are good and which are bad. Without the power of voice and vote combined together, you don't get the combined strength of a collective conscience. Just because some people who have unpopular ideas have the same value and power (one vote, one voice) as other people does not mean that the bad ideas get implemented. Actually, it is almost by definition that a democracy yields ideas with which most of the country agrees. It's not perfect in practice because we can't all be informed and vote on everything, but I believe in the States it is nearly as close as you can get.


> That's a pretty good argument against democracy.

If you pardon a certain amount of sarcasm, it may seem like one to uneducated people.

But I don't think democracy should be equated to dictatorship of optimality. Likewise, personal freedoms are also not about only being allowed to do those things that have the best outcomes.


"an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone."

do we have any idea who is this outside party and how are they connected to Apple if at all? Could this be a case of having a cake and eating it too?


News articles from a week or so ago reported that Cellbrite was assisting them.

http://www.reuters.com/article/us-apple-encryption-cellebrit...


I think several parties explained how it was trivially possible for the FBI to do this themselves, including the ACLU.

https://www.aclu.org/blog/free-future/one-fbis-major-claims-...


I'm pretty upset about this.


Please don't rewrite titles to editorialize. The HN guidelines ask you to use the original title except when it is misleading or linkbait. (Submitted title was "WSJ: FBI lacks credibility and basic competence".)


I posted this link several days ago and there were no comments. I decided to post it again with a title that attracted more attention. Is there a better way to re-post a link?


Not really, but a small number of reposts are ok if a story hasn't had attention yet: https://news.ycombinator.com/newsfaq.html.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: