The phone encryption debate
There has been a fierce debate raging for the past month in America, as the FBI were in a high stakes legal battle with tech company Apple as they needed them to break into a phone. The court-case was dropped once the FBI found another way to hack the phone, but now Apple have hit back and are saying they will be able to find and fix this gap in security. Naked Scientists tech-wizard Peter Cowley joined Connie Orbach to go through this debate, and what this means for the average phone user...
Peter - Yes, it's been in the news quite a bit. It was because there was a very nasty terrorist incident in San Bernadino at the end of last year. There was a gun fight and both of the perpetrators were shot but they had a number of mobile phones too which they crushed, but one was found. On that phone - you're probably aware of how much there is on a phone nowadays. On a smartphone there may be emails, there may be phone calls, there may be text messages, there will be Location there will be Whatsap. The location itself might be very relevant and that's why they wanted to get in to continue the investigation.
Connie - How was the phone in question - an iPhone - encrypted?
Peter. Yes. In fact, it was an older iphone - it was a 5C which came out about three or four years ago and that only uses software encryption. The newer ones use hardware encryption as well in a really clever way where there's a separate processor embedded on the main computer which acts as the encryption module below the software, so that it's actually using some other software which is completely independent of the software that can be got at by somebody who's trying to hack into it. On top of that it's got specific encrypted hardware between the main memory and the flash memory. So that's the encryption but also, of course, you do need to get into it so you put a passcode into it and they've got software in there that stops you putting your passcode in too many times, otherwise it will actually delete all the memory and it takes a bit of time to do that. In fact, what the FBI were trying to do was to ask Apple to speed that up and remove the maximum number. It works out that if you put a 13 digit passcode in, it will still take 12,500 years to try all the combinations.
Connie - And what was the stance of Apple when they refused to break in?
Peter - First of all they gave a few clues on how to do it. They said go round to the wi-fi system and switch it back on again in the house they were renting and it should back itself to the iCloud. Unfortunately, something had happened in between to do with the person who owned the iphone that meant that they couldn't get any data off that. So at that point then Apple were asked whether they could break into it and they said no. And they said no, basically for a number of reasons, but the most important one is would effectively set a legal precedent. It would allow the government or law enforcement agency to ask them to get into any phone at that point. They also said that if it got into the wild, their method of breaking in, it could be used by criminals then so anyone could get into any phone.
Connie - But it appears the FBI found a way in anyway - how can this affect the rest of us who don't feel like we've got anything to hide?
Peter - We have got stuff to hide haven't we? We've got things like pin codes, passwords, bank account details. Now obviously we shouldn't put that on our phones but I'm sure plenty of people do, and if you were to put that on your phone and not lock it, you've got a device there that's lost in the street that will give access to all kinds of things. So you've got partly that and partly the fact that if somebody wants to target you as a criminal and starts to understand what your movements are, where you've been, etc., they can plan something. They can plan potentially for when you're not at home because you've gone to work. So there is data on there which is of use to criminals so although we might feel and know we are not criminals ourselves, there is something on there that could be used by the criminal fraternity. Really there's a conflict between the amount of privacy you want to keep and what the security forces and the government need to know in order to protect ourselves. So really you're comparing a conflict between our own privacy and society's benefit and that shouldn't be decided by one particular case. It should be decided at a very high level by discussion, and if you look at the States, the tech companies would definitely want the privacy but the senators and congress are not quite sure. They did a survey actually and there was 50% on the side of Apple and 45% on the side of the government so the population doesn't really know.