Will Cy Vance's Anti-Encryption Pitch Change Now That The NYPD's Using iPhones?
from the or-will-encryption-only-be-an-option-for-the-protected-class? dept
For years, Manhattan DA Cy Vance has been warning us about the coming criminal apocalypse spurred on by cellphone encryption. "Evil geniuses" Apple introduced default encryption in a move likely meant to satiate lawmakers hollering about phone theft and do-nothing tech companies. In return, DA Cy Vance (and consecutive FBI directors) turned on Apple, calling device encryption a criminal's best friend.
Vance still makes annual pitches for law enforcement-friendly encryption -- something that means either backdoors or encryption so weak it can be cracked immediately. Both ideas would also be criminal-friendly, but Vance is fine with sacrificing personal security for law enforcement access. Frequently, these pitches are accompanied with piles of uncracked cellphones -- a gesture meant to wow journalists but ultimately indicative of nothing more than how much the NYPD can store in its evidence room. (How many are linked to active investigations? How many investigations continued to convictions without cellphone evidence? Were contempt charges ever considered to motivate cellphone owners into unlocking phones? So many questions. Absolutely zero answers.)
Will Vance be changing his pitch in the near future? Will he want weakened encryption safeguarding the NYPD's new tools? I guess we'll wait and see. (h/t Robyn Greene)
Announced last year, the shift will see some 36,000 Nokia handsets replaced over the coming weeks. Initially purchased in 2014 as part of a $160 million program to modernize police operations, the Nokia phones running Windows Phone will be collected, wiped and sold back to the company.
The move to iPhone 7 comes at no cost to the NYPD, as the handsets are considered upgrades under the agency's contract with AT&T.
NYPD's rollout began last month when officers patrolling the Bronx and Staten Island swapped their obsolete Nokia smartphones for Apple devices. The department is handing out about 600 iPhones per day, according to NYPD Deputy Commissioner for Information and Technology Jessica Tisch.
Let's get some crippled encryption for these guys. After all, their phones are manufactured by a company an FBI forensic detective called an "evil genius." Let's give malicious hackers an attack vector and street criminals more reasons to lift an iPhone off… well, anybody. By all means, let's give Vance what he wants and see if he hears anything back from his buddies in blue.
This upgrade puts Vance in a lose-lose situation. If he stops calling for weakened encryption, he's a hypocrite. If he keeps calling for it, he's an asshole. But it should drive home an important point: encryption doesn't just protect the bad guys. It protects the good guys as well.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cy vance, encryption, going dark, iphones, nypd
Reader Comments
Subscribe: RSS
View by: Time | Thread
Of course
[ link to this | view in thread ]
(Disclaimer; this is not an actual tender. I don't have $500,000 USD. This is mostly wishful thinking about what could be done with a backdoor into police phones.)
[ link to this | view in thread ]
Good luck with that, twitwaffle.
[ link to this | view in thread ]
Double Standards
[ link to this | view in thread ]
Re:
Forget nerd harder, perhaps we should be asking why Vance and others like him are so lazy, that they refuse to cop harder?
[ link to this | view in thread ]
This is a foolish rhetorical stance to take
And you can bet that some cop who is having an affair in the department is going to tag his buddy in IT to track a phone and pull the photos, and it's going to be a below-the fold scandal that will be brushed off as a "one-off" incident. That, I think, is where the reporting should be focused, not "Ha! Ha! There's no way they'll roll out backdoored encryption because it doesn't exist!"
This article comes across as a one-sided, click-bait-ey muckrake. We know mandating breakable encryption is stupid, but setting up a paper-thin effigy and then rounding up the troops for a bonfire seems like a low bar for reporting at TechDirt.
[ link to this | view in thread ]
Re: This is a foolish rhetorical stance to take
If only you were as interested in discussing the opinions of others as you are in mocking others for not reporting in the way you personally want them to. We could have discussion as to why some people think you're as wrong as the article you decided to attack.
Alas, you're not that honest or interested in discourse.
[ link to this | view in thread ]
Depends who it is for, of course
Encryption is only evil if used by the criminal element, AKA the great unwashed. Of course that does not include their majesties in law enforcement or federal government.
[ link to this | view in thread ]
Betteridge's Law of Headlines seems applicable
"Any headline that ends in a question mark can be answered by the word no."
Or as I prefer to modify it, "Whenever a headline asks a yes/no question, the answer is always "no"."
Almost every rule has its exceptions, however, and hope does spring eternal...
[ link to this | view in thread ]
One law for me, and another for thee
If he stops calling for weakened encryption, he's a hypocrite. If he keeps calling for it, he's an asshole.
Allow me to present Option 3: Both.
I imagine the excuse, if he deigns to address the peons at all and doesn't just brush it off as 'official business', will be that much like police are allowed special dispensation to do things your average person isn't, of course they are allowed extra special security as well.
They're important people doing important work, it only makes sense that they have equally important security protecting that work.
The filthy public on the other hand is absolutely filled with criminals that the police haven't gotten around to arresting yet, criminals of course being the only ones who would ever want to protect their sensitive and personal information via encryption, so the crusade to provide cop-friendly encryption will continue on, same as before.
[ link to this | view in thread ]
Re: This is a foolish rhetorical stance to take
Splendid. That will provide one-stop shopping for any adversary with either the technical chops or sufficient hard cold cash to acquire the entire set simultaneously and subsequently monitor the position and communications of every officer carrying an iPhone.
[ link to this | view in thread ]
Re: Of course
The goons in blue would crucify him for that.
[ link to this | view in thread ]
Re: Re: This is a foolish rhetorical stance to take
[ link to this | view in thread ]
Re: Betteridge's Law of Headlines seems applicable
[ link to this | view in thread ]
What ... ROT-13 encryption?
[ link to this | view in thread ]
Re:
Nah.
Pig latin.
[ link to this | view in thread ]
Re: Re: Betteridge's Law of Headlines seems applicable
So either the statement is false, or the law still applies.
[ link to this | view in thread ]
Re: Re:
Maybe not something quite that transparent.
They might be considering Opp, or alfalfa speech, or...
[ link to this | view in thread ]
Re: One law for me, and another for thee
There is a difference between ignorance and stupidity.
Ignorance can be cured through education and enlightenment. Since any nerds they have talked to must have told them how math works, they cannot be ignorant. Leaves only one option.
[ link to this | view in thread ]
Re: Re: One law for me, and another for thee
I'll just interject here slightly. The issue isn't that it's "unbreakable", it's that it takes longer than authorities want it to take, combined with the fact that Apple don't have access to the encryption key, by design. The complaint is not "we cannot possibly hack this", it's "we don't want to wait for the amount of time it takes to brute force".
A stolen police iPhone would not be unbreakable, it would just take time assuming that no new exploit has been found that makes it quicker. They would be safer than a member of the public, but that would probably be counteracted by the fact that every hacker group in existence would be happy to go out of their way to gain access. Then probably keep quiet about any confidential data they found there until that's also exploited.
I don't doubt that they'll push for a double standard, but I wouldn't make the mistake of assuming that the phones used by the authorities will be invulnerable to any attacks. They won't be.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Of course
[ link to this | view in thread ]
Typical double standard is all I see.
[ link to this | view in thread ]
Re: Re: Re: One law for me, and another for thee
[ link to this | view in thread ]
Re: Re: Re: Re: One law for me, and another for thee
(Realizes that I'm taking about America....)
(Does a quick check and confirms that stun gun iPhone cases are indeed being sold in America.)
[ link to this | view in thread ]
Re: Double Standards
Social standards and due process may not hold them to the same standards, but the laws of mathematics do.
I think the question could be rephrased as "Will Cy Vance figure out that there's no such thing as encryption that only the Good Guys can break now that the NYPD's using iPhones?"
I think the answer isn't quite a flat-out "No"; it's more like "Not unless they get their wish for weak encryption and NYPD iPhones start getting pwned en masse."
[ link to this | view in thread ]
Go ahead leave them unencryped..
Lets ask something about encryption..
When asked for 4-6 digit code..WHY are you restricted to 4-6.. That CUTS OFF the first 10,000 numbers to encode with. Unless you encode with Alpha/Num..and just use numbers or Patterns...YOU ARE SCREW'D..only 4-6 number or pattern..
THEN,..there WILL BE A BACKDOOR...as everyone FORGETS THE CODE..
WHY NOT android?? THEY THINK iPhone is more secure???
ANDROID is programmable to be SUPER secure..
That if you forget your password, you have to have an ACCOUNT to get into it..AND if someone resets it(can remove this option) IT DELETES EVERYTHING..and/or CRAPS out the phone to never be used again..
[ link to this | view in thread ]
Re: One law for me, and another for thee
[ link to this | view in thread ]
Re: Re: Double Standards
They would simply blame the tech - again,
and demand they nerd harder this time.
[ link to this | view in thread ]
Encryprion is bad, for other folks.
[ link to this | view in thread ]
Re: Re: Re: Double Standards
[ link to this | view in thread ]
Re: Re: Double Standards
[ link to this | view in thread ]
Re: Re: Re: Double Standards
[ link to this | view in thread ]
"We don't NEED it, we're just taking extra steps to be extra sure."
Nah, they'd just spin it by claiming that 'Responsible' encryption is perfectly secure, and that they are merely taking extra steps to secure their stuff 'just in case'.
[ link to this | view in thread ]
Re: Re: Re: Re: One law for me, and another for thee
[ link to this | view in thread ]
Re: "We don't NEED it, we're just taking extra steps to be extra sure."
[ link to this | view in thread ]