I’ve been going back and forth on the FBI vs. Apple situation and have finally come to a few conclusions.
First, the government cannot keep stuff safe online, and this involves coding or programming to defeat Apple’s latest security measures. If hackers could, they’d steal our nuclear missile codes and try to sell them back to the government for bitcoins.
Anything that Apple gives to the FBI to unlock a terrorist’s iPhone is vulnerable to theft by nefarious individuals who would exploit the back door. Destroy the code after it’s been used? Wishful thinking. What is deleted can be restored, if you have the right tools or training. One-use coding? Nope…hackers can get around that little problem too.
Next, why is the government bringing Apple in to fix their mistake? The accused San Bernardino terrorist’s iPhone belonged to the county health department where he worked, and they could have installed software that would have given them complete access to the phone’s data. They paid for the software but never installed it. If a government owns the phone that an employee is using, they should be able to access the data at any time, especially if the employee leaves the government, dies, or is accused of a crime. This is a huge screw-up.
Finally, I’m of the opinion that any politician who supports the government position deserves to have their data hacked and then released for public consumption. They’ll be singing a different tune after they’re publicly shamed.
Also, they can set the example for the rest of us, and not encrypt their phones or tablets or other electronic devices.
I bet that even before Apple incorporated their security measures into their latest operating systems that Donald Trump had put an unlock code into his iPhone and other devices. And yet he called for a boycott of Apple products until they help the FBI with defeating their iPhone security. Any politician saying stuff like this doesn’t deserve a vote.
This is less about civil liberties, and more about government data being potentially stolen and used by hackers to open millions of locked phones. That’s what this is really about.
Apple doesn’t need to invoke the civil liberties argument; they’ve got plenty of facts about the federal government having stuff stolen by hackers and being unable to protect Apple’s source coding.
Here’s a partial list of computer breaches in the U.S. Government:
September 2009 through December 2011—U.S. Department of Health and Human Services breached 13 times. Employee records of 300 employees believed to have been compromised.
March 2012—Environmental Protection Agency hacked, personal and financial data for 8,000 users stolen, including bank account numbers and Social Security numbers.
May 2012—Department of Justice had 1.7 gigabytes of data stolen by Anonymous, posted publicly. Database contained sensitive information about crimes, criminals and crime victims.
June 2012—Multiple U.S. Navy servers breached, over 200,000 people affected. Sensitive personal data stolen.
June 2012—Commodity Futures Trading Commission (CFTC) server breached, email accessed, attachments stolen along with Social Security numbers of 700 employees.
June 2012—U.S. Department of Energy breached by an employee, attempted to sell access to supercomputer to an undercover FBI agent.
June 2012—Department of Homeland Security breached, personal data stolen included access information to DHS servers.
October 2012—U.S. Army Chief of Public Affairs mistakenly posted sensitive information to a public database. 500 Army soldiers and employees had their personal data, Social Security numbers and other sensitive data posted.
October 2014—Denial of Service (DoS) attack from inside the Department of Health and Human Services (HHS)’s own network.
November 2014—White House network is breached, President Obama’s schedule was accessed.
November 2014—NOAA network was compromised by Chinese hackers. Information of what was accessed has not been provided as of yet.
November 2014—USPS network was breached; personal information including names, addresses, phone numbers, emergency contacts, birthdates and Social Security numbers were stolen. 800,000 employees affected.
November 2014—State Department network breached; the Russian hackers got into State Department non-classified email systems. Information gleaned helped hackers to go after and access the White House servers.
April 2015—FAA hacked; experts publicly worried that the nation’s air traffic control systems were vulnerable.
April 2015—Department of Defense breached. Non-classified files were accessed.
May 2015—St. Louis Federal Reserve breached. Internet traffic was redirected elsewhere.
May 2015—IRS breached. 334,000 taxpayers had their information stolen. IRS reported that their main system was not affected.
June 2015—U.S. Army web site breached by Syrian Electronic Army. Defacing of web site resulted.
June 2015—Office of Personnel Management (OPM)—Government worker data stolen. 25,000 workers affected initially; after lengthy investigation it was discovered that the number was actually 22.1 million people affected. Names, addresses, phone numbers, birthdates, Social Security numbers, and other sensitive information was stolen.
July 2015—Census Bureau—User accounts, audit information stolen and posted by Anonymous.
August 2015—Pentagon—Email systems for 4,000 employees compromised by Russian hackers.
=============
Should Apple be concerned about trusting the government with coding to break the security of their operating system, given the (partial) list of failures above?
Um, in a word….YES!!!
No comments:
Post a Comment