FacebookTwitterGoogle+RedditEmail

Are Apple and Google Really on Your Side Against the NSA?

In the past couple of days both Google[i] and Apple[ii] have announced that they’re enabling default encryption on their mobile devices so that only the user possessing a device’s password can access its local files. The public relations team at Apple makes the following claim:

“Apple cannot bypass your passcode and therefore cannot access this data… So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8″

The marketing drones at Google issued a similar talking point:

“For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement… As part of our next Android release, encryption will be enabled by default out of the box, so you won’t even have to think about turning it on.”

Quite a sales pitch? Cleverly disguised as a news report no less. Though it’s not stated outright the tacit message is: open your wallet for the latest gadget and you’ll be safe from Big Brother. Sadly, to a large degree this perception of warrant protection is the product of Security Theater aimed at rubes and shareholders. The anti-surveillance narrative being dispensed neglects the myriad of ways in which such device-level encryption can be overcome. A list of such techniques has been enumerated by John Young, the architect who maintains the Cryptome leak site[iii]. Young asks readers why he should trust hi-tech’s sales pitch and subsequently presents a series of barbed responses. For example:

Because they can’t covertly send your device updated software [malware] that would change all these promises, for a targeted individual, or on a mass basis?

Because this first release of their encryption software has no security bugs, so you will never need to upgrade it to retain your privacy?

Because the US export control bureaucracy would never try to stop Apple from selling secure mass market proprietary encryption products across the border?

Because the countries that wouldn’t let Blackberry sell phones that communicate securely with your own corporate servers, will of course let Apple sell whatever high security non-tappable devices it wants to?

Because they want to help the terrorists win?

Because it’s always better to wiretap people after you convince them that they are perfectly secure, so they’ll spill all their best secrets?

Another thing to keep in mind is that local device encryption is just that. Local. As Bruce Schneier points out this tactic does little to protect user data that’s stored in the cloud[iv]. When push comes to shove executives will still be able to hand over anything that resides on corporate servers.

Marketing spokesmen are eager to create the impression that companies are siding with users in the struggle against mass surveillance (never mind the prolific corporate data mining[v]). Especially after business leaders denied participating in the NSA’s PRISM program. Yet the appearance of standing up to government surveillance is often a clever ploy to sell you stuff, a branding mechanism. It’s important to recognize that Internet companies, especially billion dollar hi-tech multinationals like Yahoo[vi] and Cisco[vii], exist to generate revenue and have clearly demonstrated the tendency to choose profits over human rights when it’s expedient.

Bill Blunden is an independent investigator whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including The Rootkit Arsenal , and Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex. Bill is the lead investigator at Below Gotham Labs.

End Note


[i] Craig Timberg, “Newest Androids will join iPhones in offering default encryption, blocking police,” Washington Post, September 18, 2014.

[ii] Craig Timberg, “Apple will no longer unlock most iPhones, iPads for police, even with search warrants,” Washington Post, September 18, 2014.

[iii] John Young, “Apple Wiretap Disbelief,” Cryptome, September 19, 2014.

[iv] Bruce Schneier, “iOS 8 Security,” Schneier on Security, September 19, 2014.

[v] Bill Blunden, “The NSA’s Corporate Collaborators,” Counterpunch, May 9-11, 2014.

[vi] Bill Blunden, “Corporate Executives Couldn’t Care Less About Civil Liberties,” Counterpunch, September 15, 2014.

[vii] Cindy Cohn and Rainey Reitman, “Court Lets Cisco Systems Off the Hook for Helping China Detain, Torture Religious Minorities,Electronic Frontier Foundation, September 19, 2014.

 

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

Weekend Edition
January 18, 2019
Friday - Sunday
Melvin Goodman
Star Wars Revisited: One More Nightmare From Trump
John Davis
“Weather Terrorism:” a National Emergency
Jeffrey St. Clair
Roaming Charges: Sometimes an Establishment Hack is Just What You Need
Joshua Frank
Montana Public Schools Block Pro-LGBTQ Websites
Louisa Willcox
Sky Bears, Earth Bears: Finding and Losing True North
Robert Fisk
Bernie Sanders, Israel and the Middle East
Robert Fantina
Pompeo, the U.S. and Iran
David Rosen
The Biden Band-Aid: Will Democrats Contain the Insurgency?
Nick Pemberton
Human Trafficking Should Be Illegal
Steve Early - Suzanne Gordon
Did Donald Get The Memo? Trump’s VA Secretary Denounces ‘Veteran as Victim’ Stereotyping
Andrew Levine
The Tulsi Gabbard Factor
John W. Whitehead
The Danger Within: Border Patrol is Turning America into a Constitution-Free Zone
Dana E. Abizaid
Kafka’s Grave: a Pilgrimage in Prague
Rebecca Lee
Punishment Through Humiliation: Justice For Sexual Assault Survivors
Dahr Jamail
A Planet in Crisis: The Heat’s On Us
John Feffer
Trump Punts on Syria: The Forever War is Far From Over
Dave Lindorff
Shut Down the War Machine!
Glenn Sacks
LA Teachers’ Strike: Student Voices of the Los Angeles Education Revolt  
Mark Ashwill
The Metamorphosis of International Students Into Honorary US Nationalists: a View from Viet Nam
Ramzy Baroud
The Moral Travesty of Israel Seeking Arab, Iranian Money for its Alleged Nakba
Ron Jacobs
Allen Ginsberg Takes a Trip
Jake Johnston
Haiti by the Numbers
Binoy Kampmark
No-Confidence Survivor: Theresa May and Brexit
Victor Grossman
Red Flowers for Rosa and Karl
Cesar Chelala
President Donald Trump’s “Magical Realism”
Christopher Brauchli
An Education in Fraud
Paul Bentley
The Death Penalty for Canada’s Foreign Policy?
David Swanson
Top 10 Reasons Not to Love NATO
Louis Proyect
Breaking the Left’s Gay Taboo
Kani Xulam
A Saudi Teen and Freedom’s Shining Moment
Ralph Nader
Bar Barr or Regret this Dictatorial Attorney General
Jessicah Pierre
A Dream Deferred: MLK’s Dream of Economic Justice is Far From Reality
Edward J. Martin
Glossip v. Gross, the Eighth Amendment and the Torture Court of the United States
Chuck Collins
Shutdown Expands the Ranks of the “Underwater Nation”
Paul Edwards
War Whores
Peter Crowley
Outsourcing Still Affects Us: This and AI Worker Displacement Need Not be Inevitable
Alycee Lane
Trump’s Federal Government Shutdown and Unpaid Dishwashers
Martha Rosenberg
New Questions About Ritual Slaughter as Belgium Bans the Practice
Wim Laven
The Annual Whitewashing of Martin Luther King Jr.
Nicky Reid
Panarchy as Full Spectrum Intersectionality
Jill Richardson
Hollywood’s Fat Shaming is Getting Old
Nyla Ali Khan
A Woman’s Wide Sphere of Influence Within Folklore and Social Practices
Richard Klin
Dial Israel: Amos Oz, 1939-2018
David Rovics
Of Triggers and Bullets
David Yearsley
Bass on Top: the Genius of Paul Chambers
FacebookTwitterGoogle+RedditEmail