Any security vulnerabilities will be exploited, allowing more bad activities that the back doors are designed to prevent.
Imagine that all your tax documentation could be examined by officials of any government, simply with suspicion. This is the future that some governments are pushing for when they demand that Apple put security doors on their products.
It doesn’t make anyone safe
Think about the nature of the back doors:
- They represent deliberate security flaws in centrally operating systems and devices designed to crack encryption on these devices.
- These defects may require some sort of «key» to access.
- Once you have a vulnerability, it’s only a matter of time before people find out where they are – hackers are smart.
- Once you’ve built the lock, it’s only a matter of time before someone manages to open it. Does anyone remember the Enigma Code?
«But the keys will be kept in secure government agencies,» some say.
It only takes a dissatisfied government employee, a deep government spy or a technology company or a sophisticated forensic attack to successfully extract this key.
The locks open easily
After that, it is only a matter of time before those keys fall into the hands of the security agencies of all governments, including those that cannot be trusted. Because these keys are deliberately designed, the operating system vendor will not be able to correct them.
These keys will not only reach other governments; They will also fall into the hands of various criminal entities who will see a huge opportunity for theft, profit and blackmail that comes with access to digital life for all smartphone owners.
Things are leaking.
Think back to a year ago, when iPhone hacking tools from the police suddenly appeared for sale on eBay, for example. Or meditate on the fate of the GrayKey tape. That’s right before you consider how such access threatens connected systems of all kinds, from business relationship management software to allowing strangers access to your local exchange’s connection codes.
Watch the money
In fact, it seems to me that criminals and hostile governments will gain the most from any action to make mobile devices less secure. I imagine they are already thinking about the money they will earn and the chaos they can create if mobile security is deliberately violated.
That’s right before we discuss how this undermines confidentiality.
These are just a few of the many reasons why Apple’s statement in response to the renaissance movement to force you to breach the security of your devices should be accepted. It’s not that Apple isn’t ready to help law enforcement, it says it has provided a lot of information, including iCloud backups and more. It is also true that other entities (including carriers) provide evidence.
Not just for good guys
In a statement on the current outrage, Apple said:
«I have always said that there is no back door just for good guys. Rear doors can also be exploited by those who threaten our national security and the security of our customers’ data. Today, law enforcement agencies have access to more data than ever before in history, so Americans do not have to choose between weakening encryption and resolving investigations. We believe that encryption is vital to protecting the data of our country and our users. «
Apple has made similar arguments before.
In a letter to his clients following the San Bernardino case, he said:
«For years, cryptologists and national security experts have been warning against weakening encryption. This would only affect well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and criminals will continue to encrypt, using tools at their disposal. «
A ring to destroy them all
There is another problem. After all, if a government demands such security doors, all governments will do the same. This can have a terrible effect on religious minorities, for example.
There is no technology company that can realistically deny some governments and not others. If Apple weakens encryption in one nation, it will be forced to do so in others. And the security of mobile devices will weaken a single encryption door at a time.
We will all be poorer and less secure. These security keys will inevitably fall into the hands of criminals and hostile actors. Bank accounts will be stolen, data will be stolen and digital terrorism (including attacks on critical infrastructure) will be activated internationally.
The end result will not be more security, but much less. Or, how could I set it to 130 characters or less:
«Security backdoors and faulty encryption will allow more criminal and terrorist activities than they prevent.»
Consider the consequences instead of being seduced by the sound bite.