It doesn’t matter that much that Apple and Google encrypts your phone

Apple’s and Google’s announcements that they will encrypt information on your phone are nice, but won’t help much. Most data is in the cloud, these days; and your protections in the cloud are governed by laws of numerous countries, almost all of which have quite large exceptions.

At the Internet Engineering Task Force we have taken a very strong stand that pervasive surveillance is a form of attack. This is not a matter of lack of trust of any one organization, but rather a statement that if one organization can snoop on your information, others will be able to do so as well, and they may not be so nice as the NSA. The worst you can say about the NSA is that a few analysts got carried away and spied on their partners. With real criminals it’s another matter. As we have seen with Target, other large department stores, and now JP Morgan, theirs is a business, and you are their commodity, in the form of private information and credit card numbers.

So now here comes Apple, saying that they will protect you from the government. Like all technology, this “advance” has its pluses and minuses. To paraphrase a leader in the law enforcement community, everyone wants their privacy until it’s their child at risk. However, in the United States, at least, we have a standard that the director of the FBI seems to have forgotten- it’s called probable cause. It’s based on a dingy pesky old amendment to the Constitution which states:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

So what happens if one does have probable cause? This is where things get interesting. If one has probable cause to believe that there is an imminent threat to life or property and they can’t break into a phone, then something bad may happen. Someone could get hurt, for instance. Is that Apple’s fault? And who has the right to interpret and enforce the fourth amendment? If Apple has a right to do so, then do I have the right to interpret what laws I will? On the other hand, Apple might respond that it has no responsibility to provide law enforcement anything, and all it is doing is exercising the right of free speech to deliver a product that others use to communicate with. Cryptographer and Professor Daniel Bernstein successfully argued this case in the 9th Circuit in the 1990s. And he was right to do so, because going back to the beginning of this polemic, even if you believe your government to be benevolent, if it can access your information, so can a bad guy, and there are far more bad guys out there.

Apple hasn’t simply made this change because it doesn’t like the government. Rather, the company has recognized that for consumers to put private information into their phone, they must trust the device to not be mishandled by others. At the same time, Apple has said through their public statements that information that goes into their cloud is still subject to lawful seizure. And this brings us back to the point that President Obama made at the beginning of the year: government risk isn’t the only form of risk. The risk remains that private aggregators of information – like Apple and Google or worse, Facebook– will continue to use your information for whatever purposes they see fit. If you don’t think this is the case, ask how much you pay for their services?

And since most of the data about your or that you own is either in the cloud or heading to the cloud, you might want to worry less about the phone or tablet, and more about where your data actually resides. If you’re really concerned about governments, then you might also want to ask this question: which governments can seize your data? The answer to that question is not straight forward, but there are three major factors:

Where the data resides;
Where you reside;
Where the company that controls the data resides.

For instance, If you reside in the European Union, then nominally you should receive some protection from the Data Privacy Directive. Any company that serves European residents has to respect the rights specified in that. On the other hand, there are of course exceptions for law enforcement. If a server resides in some random country, however, like the Duchy of Grand Fenwick, perhaps there is a secret law that states that operators must provide the government all sorts of data and must not tell anyone they are doing so. That’s really not so far from what the U.S. government did with National Security Letters.There’s a new service that Cisco has rolled out, called the Intercloud that neatly addresses this matter for large enterprises, providing a framework to keep some data local, and some data in the cloud, and the enterprise has some control over which. Whether that benefit will extend to consumers is unclear.In the end I conclude that people who are truly worried about their data need to consider what online services they use, including Facebook, this blog you are reading right now, Google, Amazon, or anyone else. They also have to consider how if at all they are using the cloud. I personally think they have to worry less about physical devices, and that largely speaking Apple’s announcement is but a modest improvement in overall security. The same could be said for IETF efforts.

How do you deal with a bully?

Over the past year this blog has been quiet. I cannot, however, remain quiet any longer about the situation in Russia. Even back in 2008 I wrote that Vladimir Putin was trouble, that the Cold War was back on, and that President Bush stood idly by. It would be bad enough to say that nothing has changed, but since then, things have gotten worse, and for the Ukraine, a lot worse.

Once again the world stands at the brink of war with a maniac, and we wonder how to avoid it. Those Russians who resist the kook are subject to harassment or arrest. The casual relationship Mr. Putin has with the truth makes negotiations impossible. It would be bad enough if it were just the Ukraine that was put through this nightmare. But Estonia has suffered cyberattacks from Russia, and it is a sure bet that the rest of the world has suffered them as well.

All of this because the Ukraine dared enforce their democracy to establish stronger economic ties with the European Union, against their neighbor’s will. And when it was shown that threatening to turn off the gas was not enough to dissuade Ukrainians, Mr. Putin invaded.

There are very few steps between where we are now and opened armed conflict beyond the Ukraine. Knowing this, rather than seeking peaceful resolution to the situation, Mr. Putin rattled his large nuclear sword, like bullies flex their muscles.

But there are a few.

Europe took additional steps this week to attempt to restrain this great bear, and one knows that Russia has transgressed when the leaders of the EU can agree on something. Whether it is enough to keep the peace in the Ukraine and to keep Russia’s domineering presence at bay is a question only Mr. Putin can answer.

Europe ought not stand alone when dealing with this threat. The United States has a role to play by supporting Europe in arranging for alternative sources of fuel. Other leaders need to stand up and say that this is not a way for a superpower to behave.

How to speak the truth and yet lie? Ask General Alexander

Old joke in the industry: the difference between a sales person and marketing person is that the marketing person knows when he’s lying. Which is General Alexander?

Let’s appreciate that the head of a spying agency is in a tough spot. Allies and citizens of the U.S. alike are outraged, making an actual dialog difficult. Leaders, however, must address hard issues head on and truthfully; and they must demonstrate command of the subject matter, or we waste our time.

Let’s go through some of the General’s statements:

“the assertions… that NSA collected tens of millions of phone calls [in Europe] are completely false”.

– From a BBC article

Maybe, but he and the president have in the past made the distinction between so-called “meta-data” (which the rest of us just call “data”). And so maybe the NSA doesn’t have access to the calls, but he has not denied that they have access to who people called, the time and date they called, and for how long. What is the truth?

Yesterday The Washington Post dropped another Snowden bombshell, indicating that the NSA was intercepting Google customer traffic by tapping into their communications lines. The Guardian had previously reported that GCHQ was tapping fiber cables. Alexander’s response, this time?

This is not NSA breaking into any databases. It would be illegal for us to do that. So, I don’t know what the report is. But I can tell you factually we do not have access to Google servers, Yahoo servers. We go through a court order.–From CNN

Except in this case, the NSA is not accused of breaking into servers, but rather tapping communications off of fiber cables. By answering a charge that wasn’t made, either general doesn’t understand the issue and therefore cannot meaningfully inform the President or the public, or he does understand the truth and is intentionally prevaricating to the public. What is necessary is a public debate over the policy issues relating to surveillance, and when it should and should not be authorized. The people leading that dialog should be truthful and informed.

I’m sure the general is aware that everyone has their day of reckoning. It’s time for his. The president needs to find a new director of the NSA who can intelligently advance an honest discourse.

Is Bitcoin Really Money Laundering?

For those who don’t know, BitCoin is an attempt at a new type of currency, one that isn’t linked to any nation. In a way, bitcoin is a lot like gold or other commodities, only it differs in that you don’t actually have to ship anything around or even keep trading futures to stay in the game. Still it accrues similar benefits as gold. In fact there is a bitcoin to gold price, based on milligrams of gold. As you can see the number of milligrams one gets for a bitcoin has gone from about 300 in January to about 3,300 in October. Bitcoins have clearly paid off for some people.

One of the other goals of bitcoin is that they be as anonymous as cash. This is where the problems start. Let’s say you want to sell a few bitcoins, and receive American dollars. One question is simply this: do you have to list the sale on Schedule D? I am no accountant, but I would think the answer would be “yes”. Now let’s say that instead of selling them, you are just holding them, and let’s for the sake of argument say that you have $500,000 worth of bitcoins. Do these represent foreign assets? If so, you are required to file forms with both the Treasury (TD-F 90-22.1) and the relatively new IRS Form 8938.

Those who in any way behave like banks will find that the Treasury department expects them to do all the things banks do. That includes reporting on suspicious transactions or any transaction over $10,000.

This hasn’t stopped people from attempting to hide transactions. Here’s an article from CNN about a guy who attempted to do all sorts of nasty things with Bitcoins. This led to a huge drop in their value, almost overnight.

So, now the question: are bitcoins here to stay or are they a passing fad (read: pyramid scheme)? The entire technical premise of bitcoins is in fact that they can be anonymously traded. The bad news for people with bitcoins is that because there is no single management point that has guns (thus differentiating them from a classic currency), unless the likelihood is that those with the guns will want to limit or prohibit this sort of transaction; especially in large quantities.

A similar situation arose in 2001 when the U.S. government began to crack down on those using the old mechanism known as Hawala, even though the mechanism is legal. And so one question is simply this: are bitcoins really anonymous? A researcher named Sarah Meiklejohn will present a paper at SIGCOMM this month on just what law enforcement capabilities there are. Watch that spot.

iOS 7.0 Upgrades and Security

Well, here we are. Another version of Apple’s iOS that is supposed to wow us with all sorts of new functionality. That’s all great and everything but since I use my iPhone for work our work people have an internal page that shows what will work and what won’t with the current release. They’ve performed both a great service to me and a great disservice to you. For me, I’ll know when I can safely upgrade and have all of my work-based apps work. For you, since I’m delaying my upgrade, it also means delaying any fixes to security vulnerabilities that could impact people elsewhere on the network.

Did Apple make a mistake by not making iOS 7 compatible with iOS 6? If their goals are to have a very secure operating system, then it’s quite possible. But typically a company’s goal is profitability, and here an expanded platform with broader capabilities might suit the tastes of both users and developers in the long run. And so once again, security may have taken a back seat.

It is possible that Apple could mitigate this situation directly by telling developers that the phone won’t run apps on the old platform after a certain date. This might actually align both sets of interests: the public’s security interest and Apple’s interest in not having to support older interfaces.

This works until the value to the consumer of laggards well exceeds that of the combination of those who have updated their software and the value of the upgrade itself to the consumer. Once that line is crossed, people will stop upgrading their operating system, returning us to the state we are in, today. Let’s all hope Angry Birds is up to date.