Gilmore's 15 reasons not to trust Apple's crypto claims

Apple FaceTime and iMessage
From Apple’s Web site, this image shows the interface for iMessage on the left and shows what Facetime looks like in action on an iPhone or iPad.

For the most of the past decade, the posts at this blog have been mostly about politics — an unsurprising result of the fact that I began reporting from Parliament Hill in early 2005. But in the decade before that, I was a technology reporter, fascinated less by the finances of the industry than by its inventors and inventions, by its rebels, and by its deep thinkers. John Gilmore is an inventor, a rebel and — to me, at least! — a deep thinker. Made wealthy from his work at Sun Microsystems, Gilmore is one of the c0-founders of the Electronic Frontier Foundation and has long been a champion of the empowering possibilities of software, knowledge, and access to information.

This week, Apple got the (re-newed) attention of Gilmore when Apple released the latest operating system for its tablets and smartphones. Among other things, iOS 8 (for the non-Apple crowd out there, that’s pronounced eye-oh-ess-eight and references the 8th major upgrade of the Operating System for Apple’s i-devices like iPod, iPhone, and iPad) has improvements for its proprietary text message and video-chat services, iMessage and FaceTime. Both of these services allow users to communicate with others who also have Apple’s device. Recognizing that its users increasingly have concerns about who will have control or access to these communications as they happen or where they are stored, Apple published the following information:

Your iMessages and FaceTime calls are your business, not ours. Your communications are protected by end-to-end encryption across all your devices when you use iMessage and FaceTime, and with iOS 8 your iMessages are also encrypted on your device in such a way that they can’t be accessed without your passcode. Apple has no way to decrypt iMessage and FaceTime data when it’s in transit between devices. So unlike other companies’ messaging services, Apple doesn’t scan your communications, and we wouldn’t be able to comply with a wiretap order even if we wanted to. While we do back up iMessage and SMS messages for your convenience using iCloud Backup, you can turn it off whenever you want. And we don’t store FaceTime calls on any servers.

Gilmore considered what Apple said and considered how Apple creates its software — a closed, secret, proprietary method —  and what coders like him know about the code that Apple says protects our privacy — pretty much nothing — and then wrote the following for distribution on Dave Farber‘s Interesting People listserv. I’m pretty sure neither Farber nor Gilmore will begrudge me reproducing it.

And why do we believe [Apple]?

  • Because we can read the source code and the protocol descriptions ourselves, and determine just how secure they are?
  • Because they’re a big company and big companies never lie?
  • Because they’ve implemented it in proprietary binary software, and proprietary crypto is always stronger than the company claims it to be?
  • Because they can’t covertly send your device updated software that would change all these promises, for a targeted individual, or on a mass basis?
  • Because you will never agree to upgrade the software on your device, ever, no matter how often they send you updates?
  • Because this first release of their encryption software has no security bugs, so you will never need to upgrade it to retain your privacy?
  • Because if a future update INSERTS privacy or security bugs, we will surely be able to distinguish these updates from future updates that FIX privacy or security bugs?
  • Because if they change their mind and decide to lessen our privacy for their convenience, or by secret government edict, they will be sure to let us know?
  • Because they have worked hard for years to prevent you from upgrading the software that runs on their devices so that YOU can choose it and control it instead of them?
  • Because the US export control bureacracy would never try to stop Apple from selling secure mass market proprietary encryption products across the border?
  • Because the countries that wouldn’t let Blackberry sell phones that communicate securely with your own corporate servers, will of course let Apple sell whatever high security non-tappable devices it wants to?
  • Because we’re apple fanboys and the company can do no wrong?
  • Because they want to help the terrorists win?
  • Because NSA made them mad once, therefore they are on the side of the public against NSA?
  • Because it’s always better to wiretap people after you convince them that they are perfectly secure, so they’ll spill all their best secrets?

There must be some other reason, I’m just having trouble thinking of it.

A free U2 album for your iPhone perhaps?

3 thoughts on “Gilmore's 15 reasons not to trust Apple's crypto claims”

  1. You missed one – Jobs openly stated at one point he wanted to be the leader of the world (ie topple governments to get there).

    What else can you expect from a company led by a demented social misfit like that ?

  2. So, in other words, not a SINGLE VALID Reason other than supposition, paranoia and accusations based in… nothing?

    How about a single one based in the here and now with evidence to back it up. That would be so wonderfully novel compared to this Minority Report crap.

    The exact same can be said for every single operating system there is. Even Linux doesn’t release the entire kernel code so these arguments are churlish at best.

    Someone needs a new hobby.

    Because some people have nothing better to do with there time than try to imagine ways a company COULD do things wrong so focus on what MAY be as opposed to what actually IS. That’ll get the mentally unburdened going for sure.

Leave a Reply

Your email address will not be published. Required fields are marked *