+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Ex military intelligence analyst: The FBI 'cannot be trusted' with the power it wants from Apple

Feb 23, 2016, 20:34 IST

U.S. Deputy Attorney General Sally Quillian Yates (L) and FBI Director James Comey testify during a Senate Judiciary Committee hearing on &quotGoing Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy" in Washington July 8, 2015.Kevin Lamarque/Reuters

The FBI "cannot be trusted" with the kind of power it is asking for from Apple.

Advertisement

And it could "destroy the entire security industry" if it succeeds in getting the company to decrypt an iPhone used by one of the shooters involved in the San Bernardino terrorist attack.

That is according to David Kennedy, a former Marine Corps intelligence analyst and professional hacker.

In an interview with Business Insider, Kennedy conceded that enhanced encryption on private devices has made it more difficult for the FBI to get the kind of information it needs for certain cases.

But, he said, the FBI "doesn't understand the long-term implications of its request, and its sheer inability to handle the type of power that would come with it."

Advertisement

Kevin Bankston, director of the nonprofit New America's Open Technology Institute, previously explained to Business Insider what he saw as the potential implications of the case, after a US judge ordered Apple to assist the FBI in unlocking the phone.

"What the court is essentially ordering Apple to do is custom-build malware to undermine its own product's security features and then cryptographically sign that software so the iPhone will trust it as coming from Apple," he said.

That has experts worried that, if the FBI ultimately prevails in the case, the government could force all companies trying to build secure devices for their customers to do the same thing it is asking of Apple.

"If a court can legally compel Apple" to comply with its demands, Bankston said, "then it likely could also legally compel any other software provider to do the same."

pple CEO Timothy Cook returns from a break in his testimony before the Senate Homeland Security and Governmental Affairs Committee's Investigations Subcommittee about the company's offshore profit shifting and tax avoidanceChip Somodevilla/Getty Images

Kennedy was tasked with analyzing military intelligence while stationed in Iraq before he founded his own information-security company, TrustedSec. He largely echoed Bankston's concerns.

Advertisement

Were Apple to comply, he said, "the company would have to introduce exposures into all future phones, and anyone trying to develop secure devices in the future would have to figure out a way to introduce a similar mechanism" to what the FBI wants now. That would essentially be a code that would override the iPhone feature that only allows you to enter a certain number of passwords before the device's data is wiped.

In theory, such a mechanism would allow the FBI to use as many attempts as it takes to get into the San Bernardino shooter's iPhone. It would also, Kennedy said, have "worldwide implications that threaten to destroy the entire security industry."

"They cannot be trusted with this type of power," Kennedy said. "The government's stance has changed - the National Security Agency [NSA] used to be leaders at cracking cryptography. Now they're trying to take the easy way out so that they have a guarantee that, in the future, they'll be able to maintain the type of surveillance they have now."

A reporter takes a mobile phone picture of National Security Agency (NSA) Director U.S. Army General Keith Alexander as he takes his seat to testify before a U.S. House Permanent Select Committee on Intelligence hearing on recently disclosed NSA surveillance programs, at the U.S. Capitol in Washington June 18, 2013.REUTERS/Jonathan Ernst

Current and former government officials have pushed back on this line of thinking.

Advertisement

Michael Hayden, the former director of both the NSA and CIA, said in an interview with USA Today that he doesn't think Apple helping law enforcement would necessarily "lead to a universally available weakness." And FBI Director James Comey noted in a blog post on Sunday that "the San Bernardino litigation isn't about trying to set a precedent or send any kind of message."

"It is about the victims and justice," he added. "Fourteen people were slaughtered and many more had their lives and bodies ruined."

Others have pointed out, rightly, that Apple has complied with law enforcement requests to unlock iPhones before - as many as 70 times. Fred Kaplan wrote in Slate that in doing so, Apple implicitly accepted the government's right to get inside Apple-made phones.

"The technique is different," Kaplan writes, referring to the new method the FBI is asking Apple to employ to get around the password limit. "But the outcome - letting the government into a phone designed by Apple - is the same."

Kennedy, on other hand, argued that the outcome would be very different. Whereas in the past Apple worked with law enforcement to break into the iPhones, giving them "step-by-step guidance" on how to access the singular phone's data, "Apple is now being asked to sit there and write code that weakens the security on all of its phones."

Advertisement

Apple CEO Tim Cook essentially said as much in an open letter to his employees on Sunday.

"Some advocates of the government's order want us to roll back data protections to iOS 7, which we released in September 2013," Cook said. "Starting with iOS 8, we began encrypting data in a way that not even the iPhone itself can read without the user's passcode, so if it is lost or stolen, our personal data, conversations, financial and health information are far more secure."

He added: "We all know that turning back the clock on that progress would be a terrible idea."

NOW WATCH: Meet the three women who married Donald Trump

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article