The Golden Key: FBI vs Apple iPhone – Computerphile

– What are the ins and outs of unlocking this iPhone? Surely, it’s just one phone. There’s devil’s advocate for you. – Well, the FBI started off in this case, saying they wanted to unlock just one phone. That was a phone that belonged to the government, anyway, and was used by a dead terrorist, and as he was dead, he had no privacy rights. But once we started to dig into it, it turned out that there had been dozens to hundreds of similar cases where the FBI wanted Apple and others to create tools to get at stuff, and they weren’t willing. And, clearly, this was the photogenic case that the FBI thought they could use to batter down the door. Now, it’s an enormous expansion of government surveillance powers because, traditionally in America, if the police got a warrant, that gave them the right to look, but it didn’t give them the right to compel the suspect’s neighbors or other people to help them. And, in particular, if you take the rights to order a company to provide a weakened version of its software, there is a big problem about who else will want that weakened version of the software– that golden key–and what they’re going to do with it. – What is this golden key? How would that work? If you’ve locked something, you’ve locked it, haven’t you? – Well, on an iPhone or an Android phone, or any other electronic device, the lock that a user can deploy to encrypt his data or her data using a password is largely implemented in software on the device, and the software can be updated–and it typically is, once a month or so– to have patches against whatever security vulnerabilities have been discovered. So, if you can somehow subvert or coerce the update process, you can turn the update into a golden key. And this, for law enforcement, must be very thrilling, but for everybody else, it’s disastrous, because if people start worrying that software updates might give the government or a foreign government access to their stuff, they’ll turn it off. And the consequences of that for Internet security could be really, really serious. – So, I’m thinking of a real-world, non-digital example of this. Is this like you’ve gone and bought a safe with very strong metal walls, and then the company who sold you the safe can turn those walls into jelly? – Well, yeah, if the company has got a secret 12-digit engineering access code for use by its own technicians only–when they attend a customer for a bank whose branch manager has died and didn’t write down the combination. And the safe manufacturer’s technician can then enter this 12-digit magic code and unlock the bank vault. Well, that’s very convenient if you’re a safe manufacturer. But, then, if the FBI says, “We want you to give us this safe magic code because there’s one of these safes in the Chinese embassy,” and you do so, right? And then that 12-digit code gets out because Mr. Snowden puts it in his latest batch of revelations, and then the Chinese and the Mafia all have this magic 12-digit code, then you’re absolutely hosed. And there’s an example of that from Juniper routers. Juniper make routers–you know, the telephone switches for the Internet. And some years ago, it seems the NSA got a backdoor on one of these routers, presumably because they got one of their people to get a job at Juniper, or they subverted someone who was already there. And, we learned from the Snowden documents that this backdoor existed. And what happened, then, was that the Russians and Chinese and others went looking for it and found it. And, now, Juniper routers, half of whose outputs are sold in the USA, are being used by bad guys overseas to attack America far more than they are used by the American intelligence agencies to attack targets in China. And this is blow-back; this is what happens when you start abusing infrastructure and other trustworthy facilities for your own intelligence purposes. It can come back and bite you. And that’s one of the reasons why former senior American intelligence officials– Hayden, Roberts and so on are now against encryption backdoors. A number of agencies have dreamed about and sometimes implemented NOBUS capabilities– And there is a very long history of these “nobody but us” capabilities suddenly becoming capabilities that many nations had. Another example is the atomic bomb. When the Americans used it in 1945, they reckoned it might be decades before the Soviets figured out how to build one. But, of course, within three years, the Soviets had it, too, and we had the nuclear standoff of the Cold War. – Here in the UK, though, that’s not going to affect us, is it? This is an iPhone in America, and it’s American laws we’re talking about. – The FBI case is really, really critical for Britain because of the Investigatory Powers bill that’s now going through Parliament. Now, the Investigatory Powers bill gives the home secretary the power to order communications service providers to help law enforcement with warrants. Now, in the old days, that just meant that British Telecom had to let in the chap from GCHQ with his crocodile clips to attach a tape recorder to your phone line. But nowadays, that most communication is being handled by Facebook, Google, Yahoo!, Twitter, and so on, it’s very, very different. And the bill has the facility for the home secretary to give a secret technical capability notice to a services company saying that they must make available a certain wiretap or surveillance capability. Now, because foreign firms objected, they put a clause in the draft bill which says that there’s a defense if it’s technically impractical to provide the facility, you don’t have to do it. And, also, if it’s against the law in the company’s country of origin, you don’t have to do it. But, now, if the FBI succeeded in compelling Apple to provide a golden key for Apple products in the US courts, and Apple then make that golden key and use it only once, then Teresa May (UK Home Secretary) can put a secret order on Apple in the UK saying, “We would really rather like to have one of these golden keys, too please. Kindly deliver it to GCHQ within the next 30 days or go to jail, and you may not tell anybody that you’ve given us this golden key.” And what’s going to happen, then, is that the French will do the same. Do Apple give a key to the French? Well, perhaps, because the French are a civilized country and a permanent member of the United Nations Security Council and so on. And then the Italians will want one, too. And–now hang on a minute, Silvio Berlusconi was in cahoots with the Mafia for many years and abused state facilities to do the Mafia’s bidding–do you really want to give it to the Italians? Well, perhaps, given European structures, you have to. And, if you give it to the Italians, the Greeks want one. And then the Egyptians want one. And then the Saudis want one. And, pretty soon, just about everybody except the government of North Korea has got a golden key to your iPhone. – We’d like to thank for sponsoring this episode of Computerphile. They’ve got over 180,000 titles to choose from, so if you like books, go over to: and there’s a chance to sign up for free. Today, I’d like to recommend iWoz, which is Steve Wozniak’s biography. Many of you all know he is, if you like, the computerphile half of the pair that started Apple. Most people have heard of Steve Jobs. I’m sure you guys as computerphiles will know who Steve Wozniak is, so check out iWoz. Sign up for your free trial at: Thanks, once again, to them for sponsoring this video. – I have been speaking to people in the big service companies, and an example of the thing that they suffer and that really bothers them is this… – [multiple voices]

100 thoughts on “The Golden Key: FBI vs Apple iPhone – Computerphile

  1. How cute is the BBC's headline? – "US debates a world without privacy" – The author, Dave Lee, may have an iPhone and doesn't want to read its EULA. Privacy is not compatible with proprietary software.

  2. Would you leave your door unlocked 24/7 for government officials and agents to come through your house at any time convenient to them wherever and wherever they wanted, I don't think so.

    They may go after this in the guise of just to catch a bad guy, but they will use it against civilians at a whim. Makes sense why Australia brought in data retention laws late last year, they must of been expecting a win in this arena.

    The release of this would be the death of Apple.

  3. Why is nobody discussing the fact that Apple has a golden key to begin with? There is absolutely no technical reason that the manufacturer would need to have this golden key.

  4. Snowden calls this whole thing "bull shit"…..

    I for one think americans will lie about anything, at any time… So if the FBI claims they cant open a smart phone, its because thats already their standard procedure….

  5. About the backlash from exploiting trusted infrastructure:

    This is why journalists and aid workers are routinely targeted in conflict zones…. Its not bad regimes, its bad western governments, sending agents and supplies via red-cross to aid the "rebels".

  6. The problem is that the media is used as a fear mongering device, spreading propaganda and tricking people into thinking that a certain law (Patriot Act for instance) is well intended for their 'safety' and thereby goes unchallenged. Meanwhile, people are kept at bay by leaving them ignorant; we see this process at work in the US by the de-rated quality of education and lack of progressive classes taught to youth in primary schooling i.e. programming language etc. It's a corrupt, broken system.

  7. Ever wonder why Google and Microsoft are not having to fight this battle? Can you say "backdoor"? Google and Microsoft are already playing ball with the FBI. Guaranteed.

  8. could some explain this to me? the phone in question needs a pin to unlock it, but doesn't it need to be unlocked before an update with the key could be installed? also if its possible for apple to create a weakened iOS why can't the FBI edit an update themselves. if apple can do it why can't the FBI. also why couldn't they transfer the encrypted data to a PC where they can spend all the time they want to dycrypt it?

  9. can someone explain in a much simpler way of what he said about other countries would want a golden key too near the end of the video please? thanks!

  10. Could you please do an interview with prof Anderson about his Lovelace Medal and his research? I was just at his medal presentation and lecture today at the Royal Society – it was fantastic!

  11. The only THING that matters in this video is near the very start.
    When it talks about how the police can get a warrant to get something, but they CAN'T force someone to help get something.

  12. My understanding of the case was that the FBI wanted the ability to just brute-force the phone via a modified version of the OS, rather than specifically a 'golden key' piece of code?

  13. I'm not up to date on how microchips are designed & manufactured, but even with cache memory years ago, it would be on a separate location from the processor.
    How difficult would it be for a hardware technician in a lab to isolate the memory circuits from the processor with the self destruct code?

  14. I'm a bit disappointed from the trend of your security/privacy videos (especially this and the one about predictive policing). They seem to be very one-sided and narrow-minded.
    This whole "If they build a golden key, then the communists could get it"… really, is this the biggest problem you can think of? Don't you think backdoors in one of the most private and sensitive parts of your life is not bad on its own?

  15. It would be an utter disaster if Apple was forced to comply with the FBI request for this 'Golden Key'. I believed this as soon as I heard the news breaking. I commend Computerphile for their position, but wish their presentation had been done a lot more forcefully.

  16. I agree with both sides in ways, but to me if you want a compromise this is what you do. Make it so it can only be bypassed via the USB port, etc on the phone. The phone would have to be inserted into a stand with some encryption processing, etc. This stand would then have 3 slots where some sort of authentication has to be given simultaneously. Could be like a USB dongle, a smart card, etc. One card would go to apple, anther to the FBI, and the 3rd would belong to a judge probably a supreme court judge for each state. If one of these three items is missing they can't do anything.

    Apple gets some control, the judge's key would be like a digital warrant, the FBI one would keep out other agencies that don't need to be involved. Preferably each device would have some login or something too so if it's stolen it's useless.

  17. The analogy is flawed. Instead of a password that can open ALL the safes, imagine the safe manufacturer having a unique password set into each safe they make. If the customer forgets their password the manufacturer can still open the safe. If the FBI needs to open one safe the manufacturer can give them the password for this one safe. If the password gets loose only the single safe is compromised.

  18. When are you going to make a video about how you think the FBI got into the iPhone? It would also be nice for some computer security experts to give suggests how to fix it.

  19. At least Obama convinced me. The executive force of a state was and is always able to search some ones house by order of the judicial force of the state (e.g. in case of a crime). So why should we protect some ones phone more than his house? So there should be a way to come in. But not the golden key. It needs to be a an individual key generated on each phone, then send to e.g. Apple with the third party judical decision – legalizing it – and then Apple sends the individual unlock key. AND the user of the phone should also be informed that his phone was searched, as well as he is informed that his house has been searched. This would be a solution … wouldn't it?

  20. There is apparently one way it already has been done without a back door. I even believe that Apple could have done it without the need for a back door. Surely Apple must have someway in that does not involve a forced back door. These days we see false flag events happen in their attempts to make us give up our liberties more freely. The FBI should hire the ones who opened the phone for them and leave all of us others alone.

  21. I am more interested in how this "golden key" actually works. Is there a video about that?

  22. An updated video discussing the implications of the investigatory powers act would be interesting given that it just passed royal assent at the end of November

  23. You seem like you're making Snowden a villain in a video about government intrusion into privacy. Snowden is the biggest proponent of privacy of them all, and he risked everything to let us all know about it. Yeah he leaked. That's the point. He leaked to let us know how shitty our privacy really is. He's far from being the threat.

  24. Everyone has a right to privacy via strong encryption, including terrorists. Also, what modern IT department doesn't have company issued phones with device management solutions in place that already give them this level of access? There should be no devices on the network that the network administrator doesn't have access to.

  25. And just this week the CIA was proven to harbor, buy, and create these vulnerabilities. Not even a week has past and there is no discussion of it………….Humans are doomed

  26. "this is blow back. it can come back and bite you." // well seems to me this is justice served. its like watching a thief have his getaway car stolen right after completing a bank robbery.

  27. You guys do great proof of work explanation and demonstration. I am very glad to have found this channel at my present stage in research.

  28. This YouTube channel from the U of Nottingham's CS department is probably the best recruitment technique by any CS department anywhere

  29. Too many back doors in systems. Maybe only staff should be authorised to make th change rather than reveal how th change is done.

  30. The government cannot be trusted to maintain your security but the manufacturer (ie apple, etc) can? What a joke. Put a serious British sounding guy on , with a line of technical jargon,and you will believe anything.

  31. The UK does not recognize the right to privacy (naturally, lords and dukes dont count).
    It is one of the reasons for Brexit.
    The EU often has problems with the UK breaching rights so the UK "government" wants out.

  32. The unintended consequence scenario is so true as is the nobus mindset. Things are always far worse than our governments let on. Usually they have been operating by illegal means and now want to make legal what they've been doing all along. Just a reality.

  33. This dude has seen some sh*t for sure. They way he stoically, unapologetically delivers information to us is uncommon and sorely needed.

  34. When the government gets a search-warrant, it can compel the opening of the door by someone inside, or someone with a key, or it can break the door down. The government doesn't have one universal key that will open every door because how can we trust them to apply for a warrant whenever they want to use that key? They will use the key WITHOUT warrant. Same thing for breaking a phone. Let them serve a warrant on someone who has a key, and let that person sit in jail until they provide the key. There shouldn't be a key that the government can use BEFORE it gets the warrant. And if a universal key like that DID exist, and even if OUR government used it only, in each case, after applying for a warrant, other governments that are less Libertarian than ours will get copies of that key and go into people's residences all the time.

  35. Why talk about hypothetical cases like "Edward snowden leaking the key".

    Why not talk about something realistic, like the NSA losing it all on their own.

    Edward snowden didn't leak any type of material of this nature, quit being sloppy and portraying him disingenuously.

    Likewise, don't shy away from using real world examples of NSA incompetence. Why would you create such a misleading fictional scenario when it is unnecessary, a perfectly apt much better fitting ACTUAL example already exists?

  36. The "Government" should be publicly hung as a lesson to any who would attempt treason against the republic. See 4th amendment.

  37. Best ad campaign that apple received in cooperation with the US you're trying to tell me that the FBI, CIA, NSA the organizations that hacked Iranian nuclear reactors in the other side of the world and caused billions of dollars loses to Iran and the one that shoots satellites with surface lunched missiles can't 'hack' a consumer grade phone ?

  38. The same thing happened with Stuxnet, there wasn't cyber warfare before then. Now Russia and other actors are actively attacking the US infrastructure including power plants.

  39. What about locking these back doors with multi-party one time encryption keys? Similar to how companies verify web connections by taking verified addresses and combining them with private internal encryption to produce pseudo addresses impossible to reverse engineer?

    So say the FBI or the NSA works with Apple to develop a nobus code. And they then designate "third party witnesses", encrypt the code a number of times at each party, and then use the reverse of that chain to operate the back door?

    Like say Apple encrypts the code, passes it to Google for an entirely separate encryption, passes to another org like some agency in the UK for a third round of encryption, and back to the FBI for a fourth round. So if the FBI ever did want to use the back door, they would have to pass their encrypted key through their decryption, over to the UK for a second decryption, to Google for a third, and Apple for a fourth. The only weak point would be Apple themselves, and they could safeguard against unauthorized application of their own key through multi-step verification.

    This way the FBI can't just use the key however they want. They would need the compliance of multiple parties. All partially encrypted keys wouldn't work because they wouldn't decrypt properly. So only the FBI would have the fully encrypted key and even if it did get doxxed nobody would be able to decrypt it. And even if they could, they would need the willing participation of multiple parties.

    You could even make it more secure by using something similar to TOR hidden processes to establish secured pipelines for the transfer of these key bits.

    Edit: I'm not a fan of any governing entity having back door access to private information from the public sector. But if they are to have this access, I would much prefer to have other people involved to safeguard the legitimate moral use of this door.

Leave a Reply

Your email address will not be published. Required fields are marked *