Is the DEA Lying About iMessage Security? 195
First time accepted submitter snobody writes "Recently, an article was posted on Slashdot about the claim that law enforcement made about being frustrated by their inability to decrypt messages using Apple's iMessage. However, this article on Techdirt suggests that the DEA may be spewing out disinformation. As the Techdirt article says, if you switch to a new iDevice, you still are able to access your old iMessages, suggesting that Apple has the key somewhere in the cloud. Thus, if law enforcement goes directly to Apple, they should be able to get the key."
Yes and no (Score:5, Informative)
I think one of the main problems law enforcement has with iMessages is that it is ridiculously easy to get a pen register from a telco for a phone number. This is a list of the calls made to/from that number and a list of SMS/MMS to/from that number. iMessage bypasses SMS/MMS if both the origin and destination device are iMessage capable, so those interactions do not show in a pen register. The same could be said for many other text/chat services, but iMessage is the default texting client for a large number of people and does not require the user to do anything special to message others without the telco knowing, unlike many other services.
iMessage isn't that special, the memo could just as easily been talking about FaceBook messages, which also won't appear in a pen register.
Key in cloud != Key accessible by Apple (Score:5, Informative)
Do it yourself (Score:4, Informative)
Erdos+Bacon=Pen register results in probable cause (Score:4, Informative)
.
When you get links that are that long, you can ensnare everyone in the world, whether or not they are truly guilty of anything, just from guilt by association. See the comment [slashdot.org] about 6-degrees-of-Kevin-Bacon or the one about [slashdot.org] Bacon numbers and Erd''os Numbers.
Re:Are you kidding? (Score:5, Informative)
Getting the key from Apple isn't really "technically interceptible" anyway. The problem, from their end, is likely that they need to subpoena the information from Apple (both past messages and the key for future use),
This assumes a certain architecture. If the cryptosystem is strong, there is probably a frequent key rotation schedule, in which, the same key that encrypted past messages will potentially be replaced in the future by the time any new messages are exchanged.
It would be ideal, if some portion of this key were secured by the password, e.g. a SCRPT, BCRYPT or PBKDF2 hash of the password, is part of the secret material required to decrypt the key on the client, and any change of the user's password results in key rotation.
It is conceivable that Apple could design a system, in which, the keys would be available on multiple of your devices (because you knew an additional secret), but not available to Apple, to extract or find out what the key is (because Apple denies themselves access to the secret)
Do I think it's designed that way? No... it would not happen by coincidence, for sure.
Could they have designed it that way? Yes
Re:The DEA (Score:5, Informative)
I don't know about the spreading of falsehood part, but destroying families and doing far more harm than good -- that's fact.
Glenn Greenwald debated GWB's drug czar on the question of whether the US should legalize all drugs. http://vimeo.com/32110912 [vimeo.com] Greenwald identified the following costs, all of which we pay due to the drug war, all of which would go away if reason prevailed, and challenges prohibitionists to address why these costs are worth it. Listen closely to Portugal's experience with decriminalizing all drugs (evaporation of the following costs, slight increase in usage rates of some drugs (but less of an increase than neighbor countries during the same time period), a DROP in usage rates of drugs among young people, reduction in the spread of HIV etc, returning people who use drugs to the productive economy rather than making them burdensomely unemployable, acceptance of the police as a helpful organization rather than an enemy, which leads to the police being able to actually investigate real crime).
If you are unable to address those costs with evidence based information, we will know your opinion is based on mere personal dislike for drugs and drug users, i.e., moralizing, fear mongering, and prejudice:
1. The US is the world's largest prison state on a per capita basis AND on an absolute basis. We hold 25% of the world's prisoners despite having only 5% of the world's population.
2. The War on Drugs is undeniably racist. All ethnic groups use drugs at essentially equal levels, but certain minorities comprise the greatest number by far of those convicted.
3. Economic costs in the 100s of billions and yet no reduction in drug use.
4. Drug war has spawned the privatised prison industry.
5. The erosion of civil liberties experienced in the last 40 years has been rooted in the drug war.
6. Militarization of the police force which turns it from an organization community members will trust for help, into one which is feared and deemed an enemy. This hinders solving crime.
7. International resentment to the US based on US demands that other countries criminalize their population and take on what are seen as unnecessary social and economic costs.
8. Extreme violence due to the fact that in a black market, only criminals will participate and criminals use violence to secure market share ("you don't see Budweiser and Heinken shooting each other over territory").
9. Drug war breeds contempt for the law, because millions of people use drugs, even frequently, without any consequences at all (depending on one's demographic profile).
10. The drug war destroys the lives of the very individuals the government claims it wishes to help because as felons, they become unemployable. So while imprisoned and after release, such people are unable to provide for their families and being separated from families is highly corrosive to families.
Re:The DEA (Score:5, Informative)
Obviously you failed to watch the debate.
1. 50% of the Federal inmates, 25% of state inmates for drug offenses: http://www.drugwarfacts.org/cms/Prisons_and_Drugs [drugwarfacts.org]
2. You're just being racist.
http://healthland.time.com/2011/11/07/study-whites-more-likely-to-abuse-drugs-than-blacks/ [time.com]
http://www.hrw.org/news/2009/06/19/race-drugs-and-law-enforcement-united-states#_Part_I:_Race [hrw.org]
3. I don't even understand you're point in the first sentence. It's totally incoherent. The second, about the sex trade, completely misses the point because the number of people who use prostitutes is vastly smaller than those who use drugs. The drug war is like outlawing french fries -- sure, they make you fat but so many people use them, it's pointless to push against the tide. The same cannot be said about prostitution. If we ever get to the point that is the case, then we can address that -- right now, it's just off topic. A diversion.
5. As Greenwald pointed out in his debate, the egregious civil liberties violations of the last decade, first took root in the drug war.
6. Google "drug war militarization of the police force" and pick an article: https://www.google.com/search?q=drug+war+militarization+of+the+police+force [google.com]
7. Again, you totally didn't watch the debate