Finn dAbuzz wrote:
This is a very tough question, and anyone who has argued that "slippery slope" propositions are logical fallacies should probably recuse themselves from this discussion, especially if they come down on the side of Apple.
It is a tough question but at its core is not a slippery slope argument. Apple's arguments about a legal precedent would be (if unsubstantiated) but that isn't the key point.
The key point is really simple (and complex at the same time) and it is that the way encryption works is based on some complex math and some simple assumptions. The simple assumptions are that you own what we can safely assume is a mathematical secret.
By giving any third party this secret this fundamental assumption does not work anymore.
This is a fundamentally changed situation, and no actual abuse needs to take place for technologists to point out that we all now have weaker security. It is objectively true.
Think of it like this. Right now your garage opener uses encrypted keys to give you a general assumption that you hold a secret that opens your door. Now it can be hacked etc, and is not perfect but you understand the reasonable level of security it provides.
Now let's say that a company starts making them so secure they can't
be hacked. That's great for you, but bad for people who want in against your wishes. So the government goes to the company and demands a master key to all garages.
This is what's at stake. If this is granted, whether or not it is abused it has changed the situation and somebody has been granted the key to every house in the world. In security theory, this is objectively a significant step back in security.
It is a legal demand that users not be allowed to have secrets, and the user having the secret is the whole key to encryption.
It would be like a requirement that every user share their passwords with the government in case they want to get into a bad person's account, just because passwords have become so secure their previous methods no longer reliably work.
This single instance can probably be worked out to give the FBI what it needs without compromising privacy, but it is valid to wonder what it might lead to. The Slippery Slope.
The thing about encryption is that it fundamentally cannot. Encryption is a complex bit of math around a simple set of assumptions and the kind of assumptions there are involve fundamental things like X is a secret, and Y can be trusted.
The whole concept is predicated on the notion that we can trust Apple not to do this one thing. The entire system revolves around the assumption that the key is my secret, and that I can trust Apple not to deliberately undermine the fundamental ways it is kept a secret or to build in a backdoor (i.e. break the arrangement). They built the box that only I can open and only they can be forced to unmake it that way, and make my box openable by third parties.
If you can't trust your software and hardware vendor (with Apple thankfully this means trusting fewer people) then the security stack collapses. Computer security requires several key assumptions to work, and if you deliberately break them to get into one computer you are still deliberately breaking the system for all people.
I am someone who has an inherent distrust of people who hold and wield power and that is a fine definition of the Government. Anything that can be abused will be abused, and I always laugh when progressives declare their confidence in the integrity of government but are the absolute last ones to come to it's defense when abuses are claimed, and , in fact, generally believing the worst of it.
It's not even a matter of trusting the government to not abuse something. I don't personally fear the government at all in my encryption concerns. But if they have a master key to everyone's phones then I do have to trust their competence too, and their technical understanding.
We don't just have to trust that they will not abuse this key, we have to trust that they can actually keep the key a secret. And we have to trust that our fundamentally weakened locks are going to hold, even though one of the core assumptions they are built on is no longer true.
I'm not happy declaring my support of Apple, but I must.
I hear ya. This is a legitimately tough debate. I personally prefer to have functional computer security but there are going to be legitimate cases where this is going to cost lives, I do not take it lightly at all and understand why the FBI et al seek the powers they do.