A new report from the Manhattan District Attorney calls for law requiring "any designer of an operating system for a smartphone or tablet manufactured, leased, or sold in the U.S. to ensure that data on its devices is accessible pursuant to a search warrant."
Smartphones (a marketing category with no legal definition or firm boundaries) are general-purpose computers, capable of running any code that will compile, including the myriad of end-to-end cryptographic communications tools currently extant.
There's no practical way for a smartphone vendor to give me a computer capable of running all the valid programs, but still grant law enforcement access to the data stored on it if I don't cooperate.
There is, however, a very impractical way: the vendors could come up with a secret backdoor for my phone, perhaps a keylogger that stores all my keystrokes (including the passphrases for my secret files), and hope that I never discover and disable this.
The technical term for this security model is "wishful thinking."
The alternative is to just have phones that, out of the box, don't have working crypto. That would require criminals who want to have secrets from the police to download and install their own software. This is something that law enforcement agencies ensure us criminals are already doing.
The bulk of the DA's report deals with the potential objections to their proposal, but they don't engage with its lack of technical rigor. Instead, it goes through backflips to talk about why this isn't a violation of human rights law, and pointing out that governments in the UK and the Netherlands also like this dumb idea. If all the other DAs jumped off a bridge...
DISTRICT ATTORNEY’S OFFICE
ENCRYPTION AND PUBLIC SAFETY [PDF]
(via Interesting People)
The Internet of Dongs is Brad Haines's term for the world of internet-connected, "teledildonic" sex toys, and Haines, along with Sarah Jamie Lewis, have exhaustively documented all the ways in which internet-connected sex toys can screw you, from leaking private data to physically attacking your junk.
Last October, I published a list of cities that appeared to have contracted with Predpol, a "predictive policing" company, based on research provided to me by an anonymous source who used clever methods to uncover the customer list.
It's been a year and a half since the Norwegian Consumer Council commissioned a security audit of kids' "smart watches" that revealed that anyone on the internet could track the wearers, talk to them through their watches, and listen in on them; a year later, Pen Test Partners revealed that the watches were still leaking […]
What do Facebook, Twitter, YouTube and Google all have in common? Somewhere in their framework, they all use MySQL, that most versatile (and free!) of database management systems. And they’re not alone. If your company or the one you’d like to work for wrangles data (and who doesn’t?), they’re going to need someone with a […]
There’s a reason you’re hearing about the gig economy in every other business story these days. More than ever, people are finding income from more than one source. And if you find the right one, a side hustle can do more than just pad your pockets – it can allow you to finally get paid […]
High-def cameras are available to anyone and for much less than they were just a decade ago. Even the phones in our pockets can be used to shoot and edit short films. It’s never been easier to be a filmmaker, providing you have the technique. Enter the Film & Cinematography Mastery Bundle, an online boot […]