Encryption

Apple’s Letters to the Public are Slightly Disingenuous but Opposing the FBI Request is the Right Outcome For Now

By Herb Lin
Tuesday, February 23, 2016, 11:31 AM

From my perspective, the original Apple letter to its customers (“original letter”) and its answers to (frequently asked) questions (“answers document”) are slightly disingenuous in two ways.

The original letter and the answers document characterize what the FBI is asking for as the creation of an entirely new operating system for the FBI’s use.   The answers document says:

“The government asked a court to order Apple to create a unique version of iOS that would bypass security protections on the iPhone Lock screen. It would also add a completely new capability so that passcode tries could be entered electronically. . . . The government would have us write an entirely new operating system for their use. They are asking Apple to remove security features and add a new ability to the operating system to attack iPhone encryption, allowing a passcode to be input electronically.”

Well, not exactly.   Of course, one can change *any* digital object into an “entirely different” object by changing just one bit.  And that second “entirely different” object could behave in a completely different way than the first, just because of that one-bit difference.  In the context of an operating system, one could change just one line in the millions of lines of code and have an “entirely different” or a “unique” iOS.

So, literally, what the answers document asserts is true—the government is asking Apple to deliver something different than what currently exists.  But it’s most definitely NOT asking Apple to rewrite a new iOS from scratch.

What would it take technically and financially to develop a change to the iOS that bypassed security features as the FBI requests?  How many dollars?  How many person-hours?  How many lines of code?  No one knows—Apple has been silent on that point.  But it seems to me that’s a critical aspect of the argument.  If it’s hard to do it (i.e., of all of those numbers are large), it would strengthen Apple’s position.  If it’s easy to do it (i.e., all of those numbers are small), it would strengthen the FBI’s position.

[Note added 2/27/2016 - Apple has now estimated the effort needed to comply with the magistrate's order.  In its motion to vacate the order, Apple says it could take 6-10 engineers working for 2-4 weeks to design, create, validate, and deploy the code to comply with the order--roughly one person-year.  So the cost of the effort is several hundred thousand dollars, perhaps a million or slightly more.  But it's not tens of thousands and it's not tens of millions.]

Of course, Apple has already acknowledged that it is technically *possible* to do what the FBI wants; it just doesn’t think it *should* do it, because the creation of the necessary software would mean that

“the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes.”  (From the original letter)

The answers document says something similar.  The answers document asks “Could Apple build this operating system just once, for this iPhone, and never use it again?”  And its answer to that question is:

The digital world is very different from the physical world. In the physical world you can destroy something and it’s gone. But in the digital world, the technique, once created, could be used over and over again, on any number of devices.

Note the use of the word “technique”.  Neither the orginal letter nor the answers document use the term “software” or “tool.”  Again, taken literally, the original letter and answers document are making true claims—any *technique* can be used multiple times.  “Technique” is closer to “algorithm” than it is to “software”, and algorithms—once invented—can’t be uninvented.  (By the way, the same is true in the physical world.  The letter says “in the physical world you can destroy something and it’s gone.”  True enough—but if you have the blueprints for it, you can make as many copies as you want, even if the original physical object is destroyed.)

But I can testify from personal experience—as can many people—that software artifacts *can* be destroyed.  I have certainly written programs that I used once and then deleted—and I have no way of retrieving them.  I might be able *recreate* those programs, and thereby use the “technique” is used in the first version, but I guarantee that the recreated program will be different from the first, where by “different” I mean that it will have different characteristics in execution (e.g., different timing, different formatting of output, and so on) even if it produces the same outputs given the same inputs.

So, yes, the technique can be reused.  But nothing prevents Apple from erasing (destroying) the newly created FBI-friendly iOS after it has been used once.  And the next time the FBI encounters a similar situation, Apple would have to recreate it again.  That might actually be a good outcome from Apple’s standpoint—the delay in recreating it would serve to inhibit such requests to a certain extent.

In fact – taking Jim Comey at his word when he writes that “the San Bernardino litigation isn't about trying to set a precedent” – developing the necessary software changes to the current iOS, using them once, and then destroying them, *would* meet the FBI’s stated requirement.  In that regard, Manhattan District Attorney Cyrus Vance does the FBI no favors when he complains that his office has 175 iPhones it can't open because of encryption.  Indeed, the Apple answers document cites this very point in opposing the FBI request when it points out that “Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case.”   

Of course, Cyrus Vance and other local law enforcement officials don’t speak for Jim Comey, and Director Comey could help the FBI's case a lot if he explicitly addressed the issues regarding precedent in connection with the Vance complaint.  (For example, he might himself advocate one-time use and subsequent destruction of the requested software changes.)

I’ll close with a comment about Director Comey’s Lawfare posting, which says this:

we have awesome new technology that creates a serious tension between two values we all treasure: privacy and safety. That tension should not be resolved by corporations that sell stuff for a living. It also should not be resolved by the FBI, which investigates for a living. It should be resolved by the American people deciding how we want to govern ourselves in a world we have never seen before.

On this point, Director Comey is 110% right.  It’s for that reason that I want the debate to be resolved through the established mechanisms of American democracy.  That’s why, in my view, Apple is right to oppose the FBI request.  When it received the magistrate’s order, it had two choices—comply or fight.  Compliance would have settled the debate in the FBI’s favor but without argument or debate, and without the benefit of public discussion and further court decisions.   Fighting the magistrate’s order is a necessary condition for the debate to occur.  When the courts (and perhaps the Congress) get more involved in this controversy, I may have more comments of a substantive nature about what they should or should not do.