As Apple Works on “Uncrackable” Phones, Senators Seek a Workaround Everyone Can Agree On
U.S. senators have proposed a commission to help end Apple’s fight with the FBI and devise rules for accessing encrypted devices.
Apple is working on hardening the security in its next-generation phones to make them almost impossible for the federal government to crack, upping the ante in the company’s showdown with the FBI.
CEO Tim Cook has vowed that Apple will fight a court order requiring the company to disable functions on a dead terrorist’s iPhone that impose delays if someone tries too many passwords. The FBI wants to use software to try every possible password combination until it finds the right one, thus decrypting the contents of the device left behind after the December attack that killed 14 people in San Bernardino, California, in December. Apple says creating such a tool would set a dangerous precedent.
Even if Apple loses its fight against the court order, it is working on ways to build new phones so that the FBI’s technique no longer works, according to a report in the New York Times. One way that this could be done is by requiring the passcode to be known even before an operating system update—such as the one the FBI is requesting—could be implemented.
There are other ways phones could be made far harder to hack into. For example, algorithms could overwrite encrypted files with random characters to make forensic attempts to recover it far harder, if not impossible.
With such possibilities looming, on Wednesday two U.S. senators said they plan to create a bipartisan panel modeled after the 9/11 Commission that would be tasked with coming up with a rubric for when and how law enforcement can access tech products without needlessly compromising privacy.
Right now “the stakeholders are not able to sit down and have a conversation,” said Senator Michael McCaul, a Texas Republican. The high-level goal is to find a way to break into encrypted products when used by criminals “that doesn’t create a ‘back door’ that criminals and other adversaries can use to compromise data security,” he said.
Earlier this this week Apple also proposed a commission.
McCaul and Senator Mark Warner, a Virginia Democrat, say their proposal would be for a commission with 16 members representing technology companies, cryptologists, law enforcement, privacy advocates, and members of the intelligence community. The commission would aim to come up with preliminary recommendations within six months.
During a panel discussion Wednesday at the Bipartisan Policy Center, a Washington think tank, panelists outlined general goals for the commission. Among them were making sure that people trust American-made IT products, that strong encryption is preserved, and that public safety is guaranteed.
James Lewis, program director at the Center for Strategic and International Studies, said during the talk that absolutist positions make no sense in the real world. Because of this, neither Apple’s argument nor the government’s desire to force Apple to unlock phones is likely to win the day. “You are never going to have perfect security, and you are never going to have perfect crypto, so you need to reframe the debate” in order to find this balance, he said.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today