• Skip to main content
  • Skip to primary sidebar
  • About
    • Authors
      • About Mark Draughn
      • About Ken Gibson
      • About Gary Olson
      • About Joel Rosenberg
    • Terms and Conditions
    • Disclosures

Windypundit

Classical liberalism, criminal laws, the war on drugs, economics, free speech, technology, photography, sex work, cats, and whatever else comes to mind.

A Brief Response to Cy Vance About Apple and the FBI

February 26, 2016 By Mark Draughn 6 Comments

I was going to write an overview of the technical issues involved in the FBI’s demand that Apple help them break into the iPhone 5C that was being used by San Bernardino shooter Syed Farook, but it soon became apparent that the issues were too complex for easy summary, and the story keeps changing as more details leak out.

On the other hand, I would like to respond to a recent op-ed by Manhattan district attorney Cyrus Vance (brought to our attention by Scott Greenfield) arguing for a government exception to securely encrypted phones:

iPhones are the first warrant-proof consumer products in American history. They compel law enforcement to deploy extraordinarily creative prosecutorial strategies – and obtain state-of-the-art tools – to carry out even the most basic steps of a criminal investigation. I applaud our federal colleagues for their commitment to justice for the 14 killed in San Bernardino and their families.

The magistrate judge’s order rests firmly on centuries of jurisprudence holding that no item – not a home, not a file cabinet and not a smartphone – lies beyond the reach of a judicial search warrant. It affirms the principle that decisions about who can access key evidence in criminal investigations should be made by courts and legislatures, not by Apple and Google. And it provides the highest-profile example to date of how Silicon Valley’s decisions inhibit real investigations of real crimes, with real victims and real consequences for public safety.

I can certainly see what he’s getting at. Up until now, when a court ordered some evidence seized, the government’s ability to carry out that seizure was never in question. The agents of law enforcement have been able to kick open every door, tear down every wall, and break every box. But strong encryption now challenges that idea, and people like Cy Vance don’t like it.

I have a few responses to Vance, starting with “So what?”

Law enforcement agents used to be able to get any evidence they wanted, but now some new technology means they can’t. So what? Things change, the world moves on, the organizing principles of society evolve. Slavery, the divine right of kings, Papal inquisitions — all have fallen. Now maybe it’s the end for the principle that courts have “a right to every man’s evidence.” That’s kind of an open-ended argument, but then Vance’s argument is basically little more than “It’s always been that way.” I think it’s quite reasonable to respond that just because it’s always been that way doesn’t mean that it always should be.

On the other hand, I could also argue that the rule doesn’t really go where Vance wants it to because (1) the current situation is already in complete compliance with the rule, and (2) there is nothing to which the rule could apply.

I need to go into a bit of technical detail. The FBI’s problem is that sensitive data files on an iPhone are strongly encrypted in such a way that reading the unencrypted contents requires one of a handful of “class keys,” which are in turn encrypted using the user’s passcode. So to get an iPhone to read its data, you have to provide the passcode to decrypt the class key it needs to decrypt the file containing the data.

(I’ve simplified this description of iPhone security quite a bit. If you want more details, Dan Guido has a mildly technical overview and you can get more background technical information from the Apple iOS security whitepaper, especially the “System Security” and “Encryption and Data Protection” sections. It’s absolutely fascinating, if you’re into that kind of thing.)

If you have a modern iPhone with a passcode set, you can see all this for yourself. Call your iPhone from another phone that is in your contacts list. When your phone rings, it should display the name of the other phone’s owner, which it got by searching your contacts list for someone with a number matching the calling phone. Now turn your iPhone all the way off by holding down the power button for a few seconds to display the slider you can use to power it off. Then turn your phone back on by pressing the power button for a few seconds, but don’t enter the passcode. Now try calling your phone again from the other phone. This time the phone should only display the calling number, but not the name from the contacts list. Your phone won’t be able to display contact names until you enter the passcode again.

This shows that your passcode is more than just a locking mechanism, it’s a decryption key: Without it, your phone literally cannot even read its own contacts list. It also can’t read any of the other sensitive files that are also encrypted to require the passcode. An iPhone for which the passcode has not been entered doesn’t just refuse to give you access to its data. In a fundamental way, it can’t even read the data.

That’s the FBI’s problem. The passcode is not stored on the device, and the copy of the passcode in Farook’s brain is no longer accessible because he’s dead, so the FBI has no way to get his iPhone to decrypt any of his files without a code-breaking effort.

That brings me to the first part of my answer to Vance: The FBI already has all the evidence on Syed Farook’s iPhone. They have physical possession of the phone itself, including the internal flash drive that contains all the data. It’s a relatively minor technical task to remove the drive from the iPhone and attach it to another computer so they can read every bit of it. Of course, the files they read will still be encrypted, so they won’t be able to make sense of the data, but they do have all the data on the phone. No one, including Apple, is keeping it from them.

This may sound like some kind of philosophical hair splitting, but it’s the ground truth of the situation at the technical level. It’s confusing because we often speak of encryption using the metaphor of a container. We describe encrypted messages as being like envelopes with plaintext messages inside, and we talk of using keys to unlock stored data. In reality — the reality of the hardware and software — the relationship between encrypted and unencrypted data is not one of containment but of transformation: Plaintext data is transformed into encrypted data using an encryption algorithm and a key, and encrypted data can only be transformed into plaintext data using a related algorithm and the right key. If the key is lost, transformation of encrypted data into plaintext may not be possible.

When Vance asserts that “no item – not a home, not a file cabinet […] – lies beyond the reach of a judicial search warrant” he’s not speaking about merely metaphorical containment. If the court orders a home searched for drugs, that search will be successful if there are actually drugs in the home. If the court issues a warrant that includes searching a file cabinet for financial records, it’s because there’s reason to believe the file cabinet contains the records. More fundamentally, it makes sense to require the production of evidence because the evidence might exist.

That’s my second point of argument: No matter how much the FBI or the judge may want to seize this data, there’s simply nothing to seize. The data existed at one point, but now it’s all been transformed into unreadable gibberish, and the original data is gone. What the government wants — an unencrypted copy of the data on Syed Farook’s iPhone — doesn’t actually exist anywhere in the world.

As a practical matter, this isn’t a get-out-of-jail card. Don’t go trying to convince a judge that you don’t have to turn over financial records on your computer because your hard drive is encrypted and you haven’t entered the key to unlock it. That’s probably not going to work when you routinely decrypt files every day. (But I’m not a lawyer and this isn’t legal advice, so if you actually find yourself in that situation, talk to your lawyer.)

On the other hand, if you truly don’t have the decryption key, then the unencrypted files on your computer actually are beyond the reach of the court. Of course, you might be in for a really bad time if the judge doesn’t believe you, or simply doesn’t care about what you think is possible.

Related

Share This Post

Filed Under: Legal

Reader Interactions

Comments

  1. A Leap at the Wheel says

    February 26, 2016 at 5:25 pm

    This is an important point that just about noone is talking about. The FBI isn’t requesting access to the data, it’s requesting help in making some new data up and using it to transform the data they already have.

    Encrypted data is “locked” in the same way an attractive woman his hot. Its poetic shorthand and shouldn’t be the basis any important court decision.

    Reply
    • Mark Draughn says

      February 26, 2016 at 5:35 pm

      Yeah, the information the FBI wants for its criminal investigation is not possessed by anybody. This is a big enough difference from the usual situation that “the usual rules” shouldn’t be an automatic winning argument. At the very least, you need an argument on more basic principles.

      Reply
  2. William says

    February 29, 2016 at 11:41 am

    Hi, Mark.
    I can’t find an email or contact info, so forgive my use of the comment space. It appears that changes you’ve made to your site have made it very difficult to read. I use Opera for Android because it allows me to zoom text and it then re-flows to fit the screen. That feature no longer works for this site. Whether I select mobile or desktop as the user agent, zoom no longer works at all, even without re-flowing the text. I hope there is an easy fix, as I do enjoy your writing.

    Reply
  3. Mark Draughn says

    February 29, 2016 at 1:33 pm

    I switched to Headway themes a while back, because I was hoping it would be less of a struggle than some of the others, and so I’m using their solution for responsive design. I’ll have to look into this, and it will probably take a while. Thanks very much for letting me know.

    Reply
  4. William says

    February 29, 2016 at 2:14 pm

    Thanks for the quick reply. It is a pretty new problem. I had previously read your January Judge Judy article without any issue. In the meantime I have updated my OS (to Lollypop), but other sites don’t seem to be affected. I’ll keep checking in, and let you know if there’s any change.

    Reply

Trackbacks

  1. FBI vs. Apple: Might Is Not So Right - Windypundit says:
    March 6, 2016 at 2:03 pm

    […] New York Times op-ed supporting the FBI’s attempt to force Apple to unlock an iPhone was annoying, then prosecutor Andrew King’s blog post at Fault Lines is infuriating. Starting with the […]

    Reply

Leave a Reply Cancel reply

Primary Sidebar

Search

Illinois Covid Status

Recent Posts

  • The Highpoint of the Biden Presidency
  • The Vaccine Rollout is OK
  • 2020: Lessons Learned
  • The Danish mask study and the evidence for community masking
  • Windy’s Guide to Masks – Part 4: Mask Use and Care
  • Windy’s Guide to Masks – Part 3: Buying Guide
  • Windy’s Guide to Masks – Part 2: Types of Masks
  • Windy’s Guide to Masks – Part 1: Basics

Follow Us

  • Twitter
  • Facebook

Bloggy Goodness

  • Agitator
  • DrugWar Rant
  • Duly Noted
  • Dynamist
  • Hit & Run
  • Honest Courtesan
  • Nobody's Business
  • Popehat
  • Ravings of a Feral Genius

Blawgs

  • a Public Defender
  • appellatesquawk
  • Blonde Justice
  • Chasing Truth. Catching Hell.
  • Crime & Federalism
  • Crime and Consequences Blog
  • Criminal Defense
  • CrimLaw
  • D.A. Confidential
  • Defending Dandelions
  • Defending People
  • DUI Blog
  • ECIL Crime
  • Gamso For the Defense
  • Graham Lawyer Blog
  • Hercules and the Umpire
  • Indefensible
  • Koehler Law Blog
  • Legal Satyricon
  • New York Personal Injury Law Blog
  • Norm Pattis
  • not for the monosyllabic
  • Not Guilty
  • Probable Cause
  • Seeking Justice
  • Simple Justice
  • Tempe Criminal Defense
  • The Clements Firm
  • The Trial Warrior Blog
  • The Volokh Conspiracy
  • Underdog Blog
  • Unwashed Advocate
  • West Virginia Criminal Law Blog

Bloggers

  • Booker Rising
  • Eric Zorn
  • ExCop-LawStudent
  • InstaPundit
  • Last One Speaks
  • Leslie's Omnibus
  • Marathon Pundit
  • Miss Manners
  • Preaching to the Choir
  • Roger Ebert's Journal
  • Speakeasy Blog
  • SWOP Chicago

Geek Stuff

  • Charlie's Diary
  • Google Blogoscoped
  • Schneier on Security
  • The Altruist
  • The Ancient Gaming Noob
  • The Daily WTF
  • xkcd

Resources

  • CIA World Factbook
  • Current Impact Risks
  • EFF: Bloggers
  • Institute for Justice
  • Jennifer Abel
  • StrategyPage
  • W3 EDGE, Optimization Products for WordPress
  • W3 EDGE, Optimization Products for WordPress
  • W3 EDGE, Optimization Products for WordPress
  • Wikipedia
  • WolframAlpha

Gone But Not Forgotten

  • Peter McWilliams

Copyright © 2021 Mark Draughn · Magazine Pro On Genesis Framework · WordPress