in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

iPhone Encryption And Management: Is The FBI Right To Freak Out Over Encryption?

Various media outlets reported last week that the FBI was "freaking out" over Apple's decision to make changes to how it approaches encryption on customers' devices.  In testament to the strength and power of device encryption, the FBI (and other law enforcement agencies, apparently) noted that such a decision would "make it harder, if not impossible, to solve cases."

The real freak-out is not over the fact that encryption will be turned on by default.  Rather, it was over the fact that Apple would not be able to get to its clients' data – in turn meaning that the FBI wouldn't be able to get to the data by serving the Cupertino company with a search warrant.  Apparently, the FBI prefers that devices have some sort of security backdoor – which is weird, because security back doors are a concern to them as well.

Setting aside all of the nuances and details revolving around this – such as the fact that Apple still would have access to the contents of your iCloud account, and hence so would any G-man waving a search warrant – let's review a couple of reasons why it makes sense to not compromise data security.

The Usual Arguments, Plus One

The tug of war between privacy advocates and government law agencies is not new.  Back in the 1990s, there was what was called the Crypto Wars, pitting the government against privacy advocates, security researchers, businesses, and others.  In the end, the government lost.  Restrictions on the sale and export of cryptographic tools were loosened (to the point of virtual inexistence.  Well, until you run smack into it).

The reasons why the government lost their case are listed and explained at the Electronic Frontier Foundation (EFF).  The reasons why back doors are a bad idea:

 

  • It creates security risks.
  • It won't stop the bad guys.
  • It will harm innovation.
  • It will harm US business.
  • It will cost consumers.
  • It will be unconstitutional.
  • It will be a huge outlay of tax dollars.
  • The government hasn't shown that encryption is a problem.
  • (and recently added) Mobile devices are just catching up with laptops and other devices.

That last one basically makes the case when it comes to the latest security brouhaha: the FBI's arguments are moot because there's already an area where the use of encryption (without back doors) to protect personal information in electronic format already exists – and happens to be 100% legal.  It's called your computer.  And what's a smartphone like the iPhone or an Android phone but a small computer that picks up cell phone tower signals?

Remember, Apple's decision does not impact your calls from or to your iPhone.  Neither does it extend to text messages.  It impacts data stored on your iPhone; in other words, the "computer portion" of the smartphone.  There's no reason why Apple should be lauded for its actions – it's like applauding someone for crossing a marathon finish line in 45th place…when he happens to have won the Boston Marathon 10 years in a row and is currently at the peak of his athletic career.  Apple's late to the game as Android users gleefully point out.

Likewise, it's absurd that the FBI and others are sounding the alarm over something that has been discussed; gone to court (and lost); and whose underlying principles for losing the case remain unchanged.  If anything, the news over the past 10 years shows that our businesses, agencies, organizations, and private individuals (that, is everyone, including legal persons or otherwise) need more data protection than ever.


Related Articles and Sites:
https://www.techdirt.com/articles/20140923/07120428605/law-enforcement-freaks-out-over-apple-googles-decision-to-encrypt-phone-info-default.shtml
https://www.eff.org/deeplinks/2014/09/nine-epic-failures-regulating-cryptography

 

 
<Previous Next>

Encryption Software: Less Than 1% Of Breached Records Encrypted

HIPAA Encryption: American Family Care of Birmingham Laptops Stolen

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.