Apple have finally released iPhone encrypted software by default within the new IOS 8, however it took the upheaval of the Edward Snowden revelations to make clear to everyone that we need protection from snooping, governmental and otherwise. Snowden illustrated the capabilities of determined spies, and said what security experts have preached for years: Strong encryption of our data is a basic necessity, not a luxury.
Now Apple, seem to have got the message with an eye to market the demand, the company has taken a bold step to the side of privacy, making strong crypto the default for the wealth of personal information stored on the iPhone.
Apple have improved iPhone encryption built into iOS 8. Now for the first time, all the important data on your phone—photos, messages, contacts, reminders, call history—are encrypted by default. Nobody but you can access the iPhone’s contents, unless your passcode is compromised, something you can make nearly impossible by changing your settings to replace your four-digit PIN with an alphanumeric password.
Predictably, the US government and police officials are in the midst of a misleading PR offensive to try to scare Americans into believing encrypted cellphones are somehow a bad thing, rather than a huge victory for everyone’s privacy and security in a post-Snowden era. Leading the charge is FBI director James Comey, who spoke to reporters late last week about the supposed “dangers” of giving iPhone and Android users more control over their phones. But as usual, it’s sometimes difficult to find the truth inside government statements unless you parse their language extremely carefully. So let’s look at Comey’s statements, line-by-line.
Comey began: I am a huge believer in the rule of law, but I also believe that no one in this country is beyond the law. … What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.
First of all, despite the FBI director’s implication, what Apple and Google have done is perfectly legal, and they are under no obligation under the “the rule of law” to decrypt users’ data if the company itself cannot access your stuff. From 47 U.S. Code § 1002 (emphasis mine):
A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication.
Comey continued: I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the content of anyone’s closet or their smart phone.
