FacebookTwitterGoogle+RedditEmail

Are Apple and Google Really on Your Side Against the NSA?

by

In the past couple of days both Google[i] and Apple[ii] have announced that they’re enabling default encryption on their mobile devices so that only the user possessing a device’s password can access its local files. The public relations team at Apple makes the following claim:

“Apple cannot bypass your passcode and therefore cannot access this data… So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8″

The marketing drones at Google issued a similar talking point:

“For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement… As part of our next Android release, encryption will be enabled by default out of the box, so you won’t even have to think about turning it on.”

Quite a sales pitch? Cleverly disguised as a news report no less. Though it’s not stated outright the tacit message is: open your wallet for the latest gadget and you’ll be safe from Big Brother. Sadly, to a large degree this perception of warrant protection is the product of Security Theater aimed at rubes and shareholders. The anti-surveillance narrative being dispensed neglects the myriad of ways in which such device-level encryption can be overcome. A list of such techniques has been enumerated by John Young, the architect who maintains the Cryptome leak site[iii]. Young asks readers why he should trust hi-tech’s sales pitch and subsequently presents a series of barbed responses. For example:

Because they can’t covertly send your device updated software [malware] that would change all these promises, for a targeted individual, or on a mass basis?

Because this first release of their encryption software has no security bugs, so you will never need to upgrade it to retain your privacy?

Because the US export control bureaucracy would never try to stop Apple from selling secure mass market proprietary encryption products across the border?

Because the countries that wouldn’t let Blackberry sell phones that communicate securely with your own corporate servers, will of course let Apple sell whatever high security non-tappable devices it wants to?

Because they want to help the terrorists win?

Because it’s always better to wiretap people after you convince them that they are perfectly secure, so they’ll spill all their best secrets?

Another thing to keep in mind is that local device encryption is just that. Local. As Bruce Schneier points out this tactic does little to protect user data that’s stored in the cloud[iv]. When push comes to shove executives will still be able to hand over anything that resides on corporate servers.

Marketing spokesmen are eager to create the impression that companies are siding with users in the struggle against mass surveillance (never mind the prolific corporate data mining[v]). Especially after business leaders denied participating in the NSA’s PRISM program. Yet the appearance of standing up to government surveillance is often a clever ploy to sell you stuff, a branding mechanism. It’s important to recognize that Internet companies, especially billion dollar hi-tech multinationals like Yahoo[vi] and Cisco[vii], exist to generate revenue and have clearly demonstrated the tendency to choose profits over human rights when it’s expedient.

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

End Note


[i] Craig Timberg, “Newest Androids will join iPhones in offering default encryption, blocking police,” Washington Post, September 18, 2014.

[ii] Craig Timberg, “Apple will no longer unlock most iPhones, iPads for police, even with search warrants,” Washington Post, September 18, 2014.

[iii] John Young, “Apple Wiretap Disbelief,” Cryptome, September 19, 2014.

[iv] Bruce Schneier, “iOS 8 Security,” Schneier on Security, September 19, 2014.

[v] Bill Blunden, “The NSA’s Corporate Collaborators,” Counterpunch, May 9-11, 2014.

[vi] Bill Blunden, “Corporate Executives Couldn’t Care Less About Civil Liberties,” Counterpunch, September 15, 2014.

[vii] Cindy Cohn and Rainey Reitman, “Court Lets Cisco Systems Off the Hook for Helping China Detain, Torture Religious Minorities,Electronic Frontier Foundation, September 19, 2014.

 

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

More articles by:
Weekend Edition
May 27, 2016
Friday - Sunday
John Pilger
Silencing America as It Prepares for War
Rob Urie
By the Numbers: Hillary Clinton and Donald Trump are Fringe Candidates
Paul Street
Feel the Hate
Daniel Raventós - Julie Wark
Basic Income Gathers Steam Across Europe
Andrew Levine
Hillary’s Gun Gambit
Jeffrey St. Clair
Hand Jobs: Heidegger, Hitler and Trump
S. Brian Willson
Remembering All the Deaths From All of Our Wars
Dave Lindorff
With Clinton’s Nixonian Email Scandal Deepening, Sanders Must Demand Answers
Pete Dolack
Millions for the Boss, Cuts for You!
Peter Lee
To Hell and Back: Hiroshima and Nagasaki
Gunnar Westberg
Close Calls: We Were Much Closer to Nuclear Annihilation Than We Ever Knew
Karl Grossman
Long Island as a Nuclear Park
Binoy Kampmark
Sweden’s Assange Problem: The District Court Ruling
Robert Fisk
Why the US Dropped Its Demand That Assad Must Go
Martha Rosenberg – Ronnie Cummins
Bayer and Monsanto: a Marriage Made in Hell
Brian Cloughley
Pivoting to War
Stavros Mavroudeas
Blatant Hypocrisy: the Latest Late-Night Bailout of Greece
Arun Gupta
A War of All Against All
Dan Kovalik
NPR, Yemen & the Downplaying of U.S. War Crimes
Randy Blazak
Thugs, Bullies, and Donald J. Trump: The Perils of Wounded Masculinity
Murray Dobbin
Are We Witnessing the Beginning of the End of Globalization?
Daniel Falcone
Urban Injustice: How Ghettos Happen, an Interview with David Hilfiker
Gloria Jimenez
In Honduras, USAID Was in Bed with Berta Cáceres’ Accused Killers
Kent Paterson
The Old Braceros Fight On
Lawrence Reichard
The Seemingly Endless Indignities of Air Travel: Report from the Losing Side of Class Warfare
Peter Berllios
Bernie and Utopia
Stan Cox – Paul Cox
Indonesia’s Unnatural Mud Disaster Turns Ten
Linda Pentz Gunter
Obama in Hiroshima: Time to Say “Sorry” and “Ban the Bomb”
George Souvlis
How the West Came to Rule: an Interview with Alexander Anievas
Julian Vigo
The Government and Your i-Phone: the Latest Threat to Privacy
Stratos Ramoglou
Why the Greek Economic Crisis Won’t be Ending Anytime Soon
David Price
The 2016 Tour of California: Notes on a Big Pharma Bike Race
Dmitry Mickiewicz
Barbarous Deforestation in Western Ukraine
Rev. William Alberts
The United Methodist Church Up to Its Old Trick: Kicking the Can of Real Inclusion Down the Road
Patrick Bond
Imperialism’s Junior Partners
Mark Hand
The Trouble with Fracking Fiction
Priti Gulati Cox
Broken Green: Two Years of Modi
Marc Levy
Sitrep: Hometown Unwelcomes Vietnam Vets
Lorenzo Raymond
Why Nonviolent Civil Resistance Doesn’t Work (Unless You Have Lots of Bombs)
Ed Kemmick
New Book Full of Amazing Montana Women
Michael Dickinson
Bye Bye Legal High in Backwards Britain
Missy Comley Beattie
Wanted: Daddy or Mommy in Chief
Ed Meek
The Republic of Fear
Charles R. Larson
Russian Women, Then and Now
David Yearsley
Elgar’s Hegemony: the Pomp of Empire
FacebookTwitterGoogle+RedditEmail