Ken Gude wrote on WIRED about Apple’s encryption of data on iOS 8.
Apple’s new operating system, iOS 8, makes two changes to the encryption of data on the device that dramatically increases the security of those data. First, it now encrypts and passcode protects virtually all data on the device—such as text messages, photos, contacts, and notes—unlike previous versions of iOS. Secondly, and most importantly, it virtually eliminates the possibility that the encrypted data can be unlocked without the passcode. Earlier operating systems allowed Apple to unlock any device with a key that it controlled. But in iOS 8, Apple has essentially thrown away the key so it can’t access the data anymore. Hackers, cyber criminals, and thieves can’t access it. And governments, foreign and domestic, can’t access it either.
The only key you can’t steal is one that doesn’t exist. Having a golden key that certain authorised parties can use means that the key can be stolen.
The elimination of the key is the crucial element of Apple’s improved security systems and the crux of Comey’s criticism. The existence of the key allowed Apple to unlock individual devices and gain full access to the data on the device, sometimes in response to a request from the government, but far more often from device owners who had either lost it or had it stolen. Since it is impossible to create a back door into an operating system that eliminates the possibility that other unauthorized access will occur, the key also created a vulnerability that could be exploited by hackers, cyber criminals, or foreign intelligence services. This vulnerability could have opened the door to a much larger data breach than those at Target or JP Morgan, affecting tens of millions of Americans and hundreds of millions more worldwide.
Comey wants us to believe that the elimination of the key could allow violent criminals to “go dark”—thus evading detection and arrest. It is possible to construct a hypothetical scenario in which the only evidence of criminal activity is stored on a suspect’s personal device, consists only of data not backed up in cloud storage, and is not in the possession of third parties like telecommunications carriers or app developers. But none of the criminal cases cited by Comey meet that hypothetical because in real life those instances would be extremely rare and far outweighed by the clear public benefit of preventing the very real threat of a large-scale data breach that could affect millions of Americans.
This sums up the situation pretty well. Are we going to make millions of phones vulnerable based on the hypothesis of being able to catch a few criminals?