[kictanet] kictanet Digest, Vol 105, Issue 71

Mose Karanja mosekaranja at gmail.com
Sun Feb 21 21:31:50 EAT 2016 

Thank you Ali for this timely post.

The question here for me goes beyond Apple the company. It is about a government asking a company to intentionally degrade the security of a product in the name of securing the country. It makes sense until you get to the details;
1. FBI have had the capacity to access the info they need. They intentionally ‘locked' themselves out of the iCloud account to ensure they have this court order.
2. FBI have been asking the political class to make a move on encryption/security. Congress has been dillydallying. They thus went to the Judiciary. The underlying motive being the assumption that unless FBI or NSA for that matter can ‘collect it all’, they cannot assure ‘total security’. I think that is a lame excuse. We can have that debate later.

However, I think the security agencies should have access to targeted information as investigations lead them - with the oversight of legislature and judiciary. The problem is how to ensure this is not misused to collect any information they think they need about a society. Self censorship, fear and basically ‘guilty by default’ will be the order of the day and you really don’t want to go down that road.

Back to Apple/FBI case, the marketing angle is clear, so is the privacy one. However, I think on this one it is more about security. Creating a crippled software version for one investigation opens the door for criminals hack-race. Criminals will reverse engineer this for all sorts of evils. You cannot secure the cyberspace by creating loopholes for government to use. This is myopic, to say the least.

These companies might be US-Based but they operate globally - heck even in space - ask Tesla and Virgin. The next government which will come to Apple or Google or Samsung or Facebook or BRCK here in Kenya is a foreign government. Think Uganda, Syria, Kenya…because a precedent will have been made by this case.

Moses.

> On Feb 21, 2016, at 12:00 PM, kictanet-request at lists.kictanet.or.ke wrote:
> 
> Send kictanet mailing list submissions to
> 	kictanet at lists.kictanet.or.ke
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> or, via email, send a message with subject or body 'help' to
> 	kictanet-request at lists.kictanet.or.ke
> 
> You can reach the person managing the list at
> 	kictanet-owner at lists.kictanet.or.ke
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of kictanet digest..."
> Today's Topics:
> 
>   1. Of Data Security, Terrorism,	National Security and Marketing
>      (Ali Hussein)
> 
> From: Ali Hussein <ali at hussein.me.ke>
> Subject: [kictanet] Of Data Security, Terrorism, National Security and Marketing
> Date: February 21, 2016 at 7:58:47 AM EAT
> To: kictanet at lists.kictanet.or.ke, ISOC at lists.my.co.ke
> 
> 
> Listers
> 
> An interesting email from Fortune Magazine, Data Sheet.
> 
>  This is Jonathan Vanian, filling in for Robert Hackett while he is off.
> The battle between the public and private sector over encryption technology kicked into warp speed this week.
> 
> On Tuesday, a federal judge in Riverside, California ordered Apple to build a custom version of its iOS operating system that can be installed into the iPhone of one of the shooters responsible for the December rampage killings in San Bernardino <http://link.fortune.com/click/6145920.22389/aHR0cDovL2ZvcnR1bmUuY29tLzIwMTUvMTIvMDcvc2FuLWJlcm5hcmRpbm8tc2hvb3RpbmctcmFuZ2Uv/55ba80258cc2b2e72d8b457aB8f2af76d>.
> 
> Because the data inside the shooter’s iPhone is encrypted, the FBI can’t simply retrieve the information it wants from the device’s memory chips. Instead, it needs the device to be unlocked with the appropriate PIN number.
> 
> However, Apple’s tough iPhone security measures make the process of guessing the phone’s PIN number a risky business. If the FBI enters the wrong PIN number too many times, the phone will permanently delete the stored data.
> 
> A special version of the iPhone operating system that would either bypass or remove that data-deletion feature would presumably make it easier for the FBI to crack the PIN number without fearing a total data wipeout.
> 
> Apple CEO Tim Cook was displeased with the court order and wrote a letter to customers in which he said the custom operating system is “too dangerous to create” because it circumvents the company’s security features.
> 
> Cook claims that the government is asking Apple to weaken the measures it takes to encrypt its data. To create the custom software would set a bad precedent that “would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data.”
> 
> That’s balderdash, the Department of Justice responded in the form of a court motion <http://link.fortune.com/click/6145920.22389/aHR0cDovL2ZvcnR1bmUuY29tLzIwMTYvMDIvMTkvZG9qLWFwcGxlLWNvdXJ0LW1vdGlvbi8/55ba80258cc2b2e72d8b457aBe03c39ad>. The DOJ claimed that it won’t “require Apple to create or provide a ‘back door’ to every iPhone.” Apple’s public stance on the issue is only a “public brand marketing strategy.”
> 
> Now, representatives of the House Energy and Commerce Committee have invited <http://link.fortune.com/click/6145920.22389/aHR0cHM6Ly9lbmVyZ3ljb21tZXJjZS5ob3VzZS5nb3YvbmV3cy1jZW50ZXIvcHJlc3MtcmVsZWFzZXMvYmlwYXJ0aXNhbi1jb21taXR0ZWUtbGVhZGVycy1pbnZpdGUtZmJpLWRpcmVjdG9yLWFwcGxlLWNlby10ZXN0aWZ5LWFib3V0LWVuY3J5cHRpb24/55ba80258cc2b2e72d8b457aB606aaa87>Cook and FBI Director James Comey to appear at a yet-to-be-scheduled hearing to discuss encryption, a topic that will almost certainly be debated during the upcoming presidential elections. Additionally, the House Judiciary Committee reportedly asked Apple officials to testify at a similar hearing on March 1. <x-apple-data-detectors://2>
> This chain of events presents a perfect storm to bring the topic of encryption to the public stage.
> 
> You have the world’s most valuable company, the U.S.’s leading criminal investigation and enforcement agency, and the controversial issues of terrorism, national security, and data privacy all intermingling.
> 
> Over the past few years, the topic of whether companies should ease up on encryption seemed to be of interest to only those deeply involved in the issue. Occasionally, there would be a mainstream news report on the issue. But generally speaking, the topic seemed to be of concern primarily to insiders or security conference attendees.
> 
> This time, considering the powerful players involved and its relation to a terrorist attack, the topic of encryption might stick around in the public forum.
> 
> 
> Jonathan Vanian
> 
> @JonathanVanian <http://link.fortune.com/click/6145920.22389/aHR0cHM6Ly90d2l0dGVyLmNvbS9Kb25hdGhhblZhbmlhbg/55ba80258cc2b2e72d8b457aB3bf000bc>
> jonathan.vanian at fortune.com <http://link.fortune.com/click/6145920.22389/aHR0cDovL2pvbmF0aGFuLnZhbmlhbkBmb3J0dW5lLmNvbQ/55ba80258cc2b2e72d8b457aBfc80f467>
> Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett is off for the week. You can reach himvia Twitter, Cryptocat <http://link.fortune.com/click/6145920.22389/aHR0cHM6Ly9jcnlwdG8uY2F0Lw/55ba80258cc2b2e72d8b457aB259a2554>, Jabber <http://link.fortune.com/click/6145920.22389/aHR0cDovL3d3dy5qYWJiZXIub3JnLw/55ba80258cc2b2e72d8b457aB582a7a81>, PGP encrypted email, or however you (securely) prefer. Feedback welcome.
> 
> 
> Ali Hussein
> Principal
> Hussein & Associates
> +254 0713 601113 / 0770906375
> 
> Twitter: @AliHKassim
> Skype: abu-jomo
> LinkedIn: http://ke.linkedin.com/in/alihkassim <http://ke.linkedin.com/in/alihkassim>
> 
> "Discovery consists in seeing what everyone else has seen and thinking what no one else has thought".  ~ Albert Szent-Györgyi
> 
> Sent from my iPad
> 
> 
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet

---
Moses Karanja | @Mose_Karanja <https://twitter.com/Mose_Karanja> | PGP: 0x1529552F <https://pgp.mit.edu/pks/lookup?op=index&fingerprint=on&search=0x1529552F>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20160221/a7146d28/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20160221/a7146d28/attachment.sig>

More information about the KICTANet mailing list