Calling all engineers!

Electrical Engineering Times makes a sage, if somewhat obvious observation about the FBI/Apple dispute about unlocking the iPhone 5s used by dead terrorist Syed Farook:

The dispute between Apple and the FBI has created an opportunity for security experts in the government and industry to gather around a table. At this stage, all sides need such a group to define the technology and policy issues clearly.

Amen to that. While the issues in this case are fairly simple, the reporting has been confused and the policy response has bordered on incoherent at times. This is because the dispute isn’t about the one particular case as much as it’s about the desire of the FBI (and the rest of the law enforcement establishment) to be saved from the consequences of “going dark” without upping their game.

With the advent of the Internet of Things and the prospect of 20 billion devices capable of communicating with each other across the ‘Net, it’s vital for device manufacturers of all stripes to harden devices to make them harder to penetrate. But that’s not enough; as I said in my last post, breaches and break-ins are inevitable, regardless of how secure and well-designed our devices are. These are increasingly complicated devices, so mistakes will be made and hackers will find and exploit them. When this happens, as it will, our best recourse will be eliminating malware by rolling back the software, firmware, apps, and data in our devices to the state it was in before the attack. Then we patch the vulnerability and re-connect to the Internet.

So while law enforcement complains about “going dark,” the inevitable consequence of upping the security game at the device level is making copies of device data in the cloud. So law enforcement will generally have two bites at the Apple (so to speak) when it comes to penetrating secure devices.

The same issues apply to encrypted device backups in the cloud as to encrypted text messages, emails, and phone call metadata in the device. This suggests a solution of sorts to the dilemma of personal privacy for law-abiding individuals vs. access to bad guy data for law enforcement armed with lawful court orders.

If we wanted to, or if we were motivated, we could create a system in which law enforcement could get access to smart phones and other devices with backups in the cloud by assembling a full access key from partial keys held by the device manufacturer and the cloud provider. You can think about this as forming a password from partial passwords held by the two providers. This would prevent each provider from accessing the data on its own, so the law-abiding user would be safe. The data would also be protected from hackers because the necessary credentials would not be stored in the same place.

I can’t write the code to make a system like this work, but it seems plausible. But there is probably a better solution.

With engineers at the table – mediating this dispute – ideas like these would come to the fore and there’s a chance for a reasonable accommodation.

Wouldn’t that be worthwhile?