Should Encryption Be Permanent?

[cybercoma]

The days of exponential advances in commuting power are nearly over. In the last 10 years clock speeds have been static and they have only moved the needle by putting more cores on a chip but once transistor sizes hit the 2nm range in the next few years those advances will stop as well. Quantum computing may end up like like fusion: always 30 years away from commercial reality.

This is right. The reason we need to upgrade nowadays is planned obsolescence. Fact is a computer that's 10 years old can actually run modern OS software. That wasn't so in 1990.There's an interesting video on the topic here:

Has Moore's Law Come to an End?

[TimG]

Also, the moment you have working quantum computers you can also use quantum encryption which is fundamentally unbreakable given our understanding of the laws of quantum mechanics (no cloning theorem and observer effect).

When was first fusion reactor built? When will we have commercially viable fusion power? Why would quantum computing be any different?

[Bonam]

When was first fusion reactor built? When will we have commercially viable fusion power? Why would quantum computing be any different?

No fusion reactor that achieves steady state fusion has ever been built. The first one with this goal is planned to be turned on in the 2020s.

Fusion will likely never be commercially viable for terrestrial power generation, but could be very useful for space power systems, naval reactors, remote outposts, and the like.

As for why would quantum computing be "different"... why wouldn't it? Many new technologies are developed and reach commercialization, many others do not. You don't know in advance which are which.

Edited February 18, 2016 by Bonam

[TimG]

As for why would quantum computing be "different"... why wouldn't it? Many new technologies are developed and reach commercialization, many others do not. You don't know in advance which are which.

That is true. But we also can't assume that quantum computing nirvana is just around the corner. There is a real possibility that we will have no real increases in computing speeds for the foreseeable future. I see the slowdown in my work. I have one laptop which is over 7 years old and it still is usable. My desktop is close to 4 and I can't justify replacing it despite the fact that I need much more computing power than a typical user.

[msj]

I wonder if this was, say, Iran's police forces asking for the key, if most people would then side with Apple?

[Bonam]

That is true. But we also can't assume that quantum computing nirvana is just around the corner. There is a real possibility that we will have no real increases in computing speeds for the foreseeable future. I see the slowdown in my work. I have one laptop which is over 7 years old and it still is usable. My desktop is close to 4 and I can't justify replacing it despite the fact that I need much more computing power than a typical user.

I don't think quantum computing is "just around the corner". Someone brought up quantum computing as a way to break current encryption methods, and the point I was trying to make was that, if and when quantum computers become practical, their ability to break classical encryption methods will be largely irrelevant (except during a brief transition period) because they would also make unbreakable quantum encryption possible.

Edited February 18, 2016 by Bonam

[cybercoma]

I wonder if this was, say, Iran's police forces asking for the key, if most people would then side with Apple?

Good question. How does this change when a foreign state accuses someone of terrorism or some other crime and wants the tool to decrypt phones.

[overthere]

It's entirely software based. The FBI wanted a custom version of iOS that decrypted the phone.

No, the FBI want to bypass the feature that wipes data from the phone when 10 wrong attempts are made to guess the password.

They have not asked for a key to the encryption of data.

[cybercoma]

That's not what Tim Cook is saying.

[dre]

I don't think quantum computing is "just around the corner". Someone brought up quantum computing as a way to break current encryption methods, and the point I was trying to make was that, if and when quantum computers become practical, their ability to break classical encryption methods will be largely irrelevant (except during a brief transition period) because they would also make unbreakable quantum encryption possible.

That was exactly my point as well. And cryptographers have an inherent advantage because they always get to be the first movers. Rijndael was developed years ago, and the spooks and snoops are still many years away from able to crack messages.

Also the government sucks at IT. The encryption standard used by the US government and military was developed by a couple of guys from Belgium. The successful attacks against it have come from college kids and university professors.

In my opinion governments have zero chance of winning a secure communications "technology cold war" against the academic and open source communities. They will waste a mountain of money and probably actually DAMAGE their ability to monitor people by driving people to use secure communications that otherwise would not be.

[eyeball]

Also the government sucks at IT.

They should privatize our snoopage and let Google run the country. I can agree to Google's terms and conditions so far but I haven't met a government's I'd agree to yet.

[BubberMiley]

Apple built an encryption system specifically to help terrorists, pedophiles and organized crime figures evade detection and monitoring by authorities. As far as I'm concerned Apple should be required to open up the phone, and if not, fined out of existence and its CEO put in prison.

I remember the day when right-wingers on this board made coherent arguments backed up by facts. Now it's all rabid hysteria and idiotic, uninformed rambling.

[Big Guy]

The response from Apple is not, "We cannot do anything to access our encrypted phones".

The situation appears to me to be that Apple has the technical knowledge and ability to get past the encryption of their phones. Its argument is currently that if it uses that knowledge to access that particular phone then it would compromise the encryption on all their phones.

Interesting. How does Apple know that software would be capable of getting access to these phones?

I suggest that they already have that technology available and ready to use - not to assist the USA in getting information on potential terrorists but if/when they can/have to use it for their better good.

I also have no doubt that the main priority of Apple is to survive, do better financially and make a large profit for their share holders. I also believe that Apple will use its ability to bypass its password system if/when it becomes profitable for them.

[dre]

I also have no doubt that the main priority of Apple is to survive, do better financially and make a large profit for their share holders. I also believe that Apple will use its ability to bypass its password system if/when it becomes profitable for them.

Whats profitable for Apple is to be able to satisfy the huge demand for security. Businesses and corporations, and individuals all want it, and if Apple wont provide it then someone else will.

The situation appears to me to be that Apple has the technical knowledge and ability to get past the encryption of their phones.

No. Apple can unlock IOS7 but not IOS8 and IOS9. That's what they've told the courts. The phone in question is IOS7 meaning they COULD unlock it but why should they provide this service to the government or anyone else when it would harm their reputation, hurt their sales, and damage their business?

[TimG]

The situation appears to me to be that Apple has the technical knowledge and ability to get past the encryption of their phones.

Completely false. Apple cannot break the encryption on the phones without the user password which Apple does not know.

The FBI asked that Apple change the OS so the phone would not erase itself after the 10th failed attempt. The FBI intends set up a system that will try every possible code combination and hope it will be lucky. There is not guarantee that the FBI would succeed even if Apple complied.

Apple does not want to do that because they feel their international reputation is more important than the concerns of the US government.

Edited February 19, 2016 by TimG

[msj]

Give me liberty or give me death!

Give me privacy or give me death!

Versus:

The government should have a back door to anyone's private information because terrorists or pedophiles, or some other undesirable group (gays? Jews? Muslims? Atheists?).....

[Bonam]

Completely false. Apple cannot break the encryption on the phones without the user password which Apple does not know.

The FBI asked that Apple change the OS so the phone would not erase itself after the 10th failed attempt. The FBI intends set up a system that will try every possible code combination and hope it will be lucky. There is not guarantee that the FBI would succeed even if Apple complied.

Err... you're talking about the 4 number pattern thing to unlock a phone, right? There's only like 10000 possible combinations. Wouldn't take much luck if the phone didn't have a lockout after N failed attempts. 10000 possibilities is like nothing in cryptography.

[bush_cheney2004]

Err... you're talking about the 4 number pattern thing to unlock a phone, right? There's only like 10000 possible combinations. Wouldn't take much luck if the phone didn't have a lockout after N failed attempts. 10000 possibilities is like nothing in cryptography.

Yep...that's the same protection on my garage door opener remote. Child's play....

[bush_cheney2004]

Apple should just cooperate privately with the FBI while proclaiming never to have done so.

[TimG]

Err... you're talking about the 4 number pattern thing to unlock a phone, right? There's only like 10000 possible combinations. Wouldn't take much luck if the phone didn't have a lockout after N failed attempts. 10000 possibilities is like nothing in cryptography.

You use any number of digits. If it was a 4 digit pin it would be easy. 10 digit (i.e a phone number) not so easy. I read it was longer than 4. Edited February 19, 2016 by TimG

[cybercoma]

Apple does not want to do that because they feel their international reputation is more important than the concerns of the US government.

This is a pretty cynical way of looking at it. I'm sure that's true on some level but Cook made it clear that once this software is out there, there's no guarantee it won't fall into the wrong hands. Their phones will be easily crackable and people's personal data will be compromised. Once it's in the wrong hands, you can't put the genie back into the bottle.

[bush_cheney2004]

Laughable, since Apple and others already mine and sell their customers' personal data.

[eyeball]

Laughable, since Apple and others already mine and sell their customers' personal data.

With legal permission.

[cybercoma]

Err... you're talking about the 4 number pattern thing to unlock a phone, right? There's only like 10000 possible combinations. Wouldn't take much luck if the phone didn't have a lockout after N failed attempts. 10000 possibilities is like nothing in cryptography.

Theres an 80 millisecond delay between attempts, before you're allowed to enter another password. The FBI is asking Apple to develop software for them that will 1) disable the wipe after ten attempts feature, 2) allow them to enter passwords by plugging into the phone's port, and 3) remove the 80 millisecond delay so the only limitation is the phone hardware. The phone's encryption works as a combination of your password and a unique identifier with each phone that not even Apple knows.

[cybercoma]

You use any number of digits. If it was a 4 digit pin it would be easy. 10 digit (i.e a phone number) not so easy. I read it was longer than 4.

The encryption is a combination of a pin, which Apple cannot access and a unique identifier to each phone that neither Apple nor its suppliers know or can access. Apple has literally designed it so that its impossible for them or anyone else to decrypt their customer's data. New iPhones have a 6-digit PIN. Right now, those PINs would need to be entered manually by tapping in each digit, coupled with an 80ms delay between attempts. That's the only way to brute force an iPhone right now. Edited February 19, 2016 by cybercoma