Either everyone gets security or no one does. Either everyone gets access or no one does. The current case is about a single iPhone 5c, but the precedent it sets will apply to all smartphones, computers, cars and everything the Internet of Things promises. The danger is that the court's demands will pave the way to the FBI forcing Apple and others to reduce the security levels of their smart phones and computers, as well as the security of cars, medical devices, homes, and everything else that will soon be computerized. The FBI may be targeting the iPhone of the San Bernardino shooter, but its actions imperil us all.
Bruce Schneier is one of the leading security and privacy experts in the world and his opinion in this case is no surprise.
On Tuesday, the United States District Court of California issued an order requiring Apple to assist the FBI in accessing a locked iPhone — and not just any iPhone, but the iPhone 5c used by one of the San Bernardino shooters. The order is very clear: build new firmware to enable the FBI to perform an unlimited, high speed brute force attack and place that firmware on the device.
Dan Guido argues that the request is technically feasible given that Apple can sign firmware updates to the Secure Enclave:
I believe it is technically feasible for Apple to comply with all of the FBI's requests in this case. On the iPhone 5C, the passcode delay and device erasure are implemented in software and Apple can add support for peripheral devices that facilitate PIN code entry. In order to limit the risk of abuse, Apple can lock the customized version of iOS to only work on the specific recovered iPhone and perform all recovery on their own, without sharing the firmware image with the FBI.
Despite the technical feasibility and the emotion of a terrible domestic terrorism case, Apple is fighting this order as the act of coercing a company to defeat their own security measures using a law from 1789 could lead to dangerous precedence for future cases and for encryption at large. Tim Cook's letter shows that Apple well understands the legal precedent this could set and is resolutely opposed:
The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.
I applaud Apple's stance and support the continued adoption of strong encryption and security measures to protect us from government and criminals alike.
This blog post explains how you might have the wrong idea™ about percentiles, the degree of the mistake (it depends), and what you can do instead.
I used to work with a monitoring system that produced banded metrics, but didn't realize they were as robust to scaling and other manipulations as they are.
The information security community has a model to assess and respond to threats, at least as a starting point. It breaks information security into three essential components: confidentiality, integrity, and availability.
Of these, integrity is the least understood and most nebulous. And what many people don't realize is it's the greatest threat to businesses and governments today.
Reading maketh a full man, conference a ready man, and writing an exact man.
— Sir Francis Bacon
They are never alone who are accompanied with noble thoughts.
— Sir Philip Sidney
In a closed-doors match last October, AlphaGo won by 5 games to 0. It was the first time a computer program has ever beaten a professional Go player.
Quite a feat for artificial intelligence.
A team of researchers from Microsoft and the Broad Institute of MIT and Harvard has developed a new system that allows researchers to more quickly and effectively use the powerful gene editing tool CRISPR.
In this case, the machine learning system is being used to predict which part of a gene to target when a scientist wants to knockout – or shut off – a gene. Machine learning enables the model to make predictions for any gene of interest, including those not seen in the experimental training data.
To woo these iconic companies — among them P&G, Estée Lauder, and Macy's — Alibaba is pitching itself as a shortcut to the world's most populous market. Alibaba is helping foreign companies with marketing, data analytics, and shipping. And more recently it has sweetened the pot with a newer service, Tmall Global, that lets U.S. brands sidestep many of the taxes, regulatory hurdles, and logistics hassles that trip up foreign companies in China.
In pulling back the curtains, Amazon, one of the most private public companies in the world, revealed how it is racing to piece together an immensely complex puzzle—much of which it is having to build from scratch, at giant expense and with painstaking attention to the minutiae, as it tosses out assumptions that American customers have taken for granted for decades. In doing so, the company, an upstart here, has thrown itself into a knife fight with two privately owned and much more established Indian competitors [...] as well as a clutch of smaller Indian startups that are nipping at all of their heels.