TagApple

FBI vs. Apple: Round 2

Ah, the good old false trade-off: Security or Letting the Terrorists Win and Kill Your Children. Once again, we have Apple being asked by the FBI to unlock or build back doors that “only law enforcement” (read: any bad guy) can use.

Look: I’m sympathetic to law enforcement. They have a tough enough time dealing with the literal worst of humanity and having to piece together the crimes that are comited by said. This is made more difficult when one of their suspects (or criminals) has encrypted some information. Because we have a codified right to privacy, it is reasonable to argue that giving up passcodes and other privacy stripping keys is not something we should have to do, no matter the case, as we’re all equal under the law (the Constitution being the “highest” of those laws).

This fight is further exacerbated by the fact that this is not the first time that Apple has reasonably denied these requests. It would damage their brand, their customer’s security and give an already powerful governmental department sweeping access to stuff it wouldn’t (and shouldn’t) have access to on it’s own. All in the name of “security”. The subtext of all of this is some what sadder: Despite all the massive surveillance that is being done on Americans, we still cannot stop domestic terrorism from happening. Giving the FBI or any entity, aside from the consumer, access to a device that has become the epicenter (for better or worse) of many people’s lives goes counter to our rights.

What about providing a sort of “key escrow” for law enforcement? It would be a semi-reasonable method of giving everything they want, in theory. Law enforcement would have the ability to decrypt data that they would presumably have proven their need to access. The user would still have encryption that is difficult to impossible to break in a reasonable manner and their rights are respected.

The main problems with this scenario are:

  • Who do you give these keys to?
  • What legal recourse do you have if they loose, leak or otherwise provide (willingly or not) keys to someone who should not have it?
  • How do you get millions of people, companies and devices to enroll in this system when free, strong and cryptographically secure code and systems exist in the wild and aren’t going anywhere?
  • Criminals are obviously not going to enroll, so it defeats the point.

Not to mention the massive organizational nightmare it would be to ensure keys are tied to the right person, device or organization. The whole idea is infeasible on any sizable scale.

I wish the general public would be more aware of the erosion of rights. All too often we just allow our government to trample over us because it’s convenient or we’re lead to believe that it’s “for the greater good”. When in actuality we could take some pointers from France, England and Italy where when their governments do wrong, people protest. We need some of that fire back in America, not this anesthetized complacency.

I’m Going Through Changes

Ah, the iOS app change logs. “Bug fixes and performance improvements”. How… descriptive. I know it’s not really something that Apple users are looking for in their updates, but as someone who has done development, I appreciate seeing them. Some developers, like 1Password, WordPress and a handful of others do a great job of outlining the things that were fixed from version to version. Most, however, are like the screenshot above.

Compare this with a typical change log on a Linux system (not all distros do this — RPM-based ones have it available).

I know it takes effort. Microsoft and Flickr should know better, though. They have scores of people who are able to add this kind of information to the app store change log.

Moving Forward

I’ve been using computers for 23 years. I’ve endured my fair share of Windows, dove head-first into macOS during the OS 9 to X transition, enjoyed my time using BeOS when it booted off of a floppy in less than 10 seconds. Currently, I’m firmly entrenched in the Linux ecosystem and very happy. Well, I was. I am, and I was. Here, let me explain.

Linux is Amazing

It really is. You can customize almost every aspect of it, and if you run out of ways you think you can customize it, you can learn how to code and make it the way you want it. You have absolute control over your own data and it’s usually pretty easy to move it between systems. This is because there is a focus on interoperability, openness and ensuring that users are put front and center.

This Awesomeness is Expensive

…by that, I mean expensive time-wise. You can setup all your own services, own all your own data and secure it all in a manner of your choosing. This is great, but it means that it’s on you to make sure this is setup right, that the services all run harmoniously, and the data is well secured against casual and somewhat determined attackers. It also assumes you have the knowledge and time to do so.

When I was younger, this wasn’t a problem. I had time, energy and the ability to handle all of these tasks with ease. Even if it meant that I was up until late getting things done, or spending time during work troubleshooting a server or service. All of this endless customization, optimization and learning was incredible. I still enjoy it to a point. The problem is…

I Don’t Have Time Anymore

I’m almost to mid-life. This is a stark realization that, statistically speaking, I have 40-ish years left in my life. While that is a lot, I also want to spend less of it dicking with stuff that should be a solved problem. Sure, I could spend a small fortune on VPS or dedicated/managed hosting solutions, but I honestly don’t want to even deal with that. Ideally I’d like to just turn it on, adjust some simple knobs and get working.

Where Are You Going With This?

I think going forward I’m going to start backing out of computing as a serious task. I love my PCs and Linux and Open Source, and I’ll continue to support them financially, ideologically — but I’m pretty much done worrying about using it. That means as I migrate toward solutions that don’t require so much headspace, I’m not going to worry if the solution is proprietary or Open Source. I’d love for it all to be F/OSS, but that’s not going to be a make or break point.

Ideally, I’d like to move to an iPad with a keyboard (maybe not even that…) and have storage on iCloud or similar. Apple’s ecosystem is private, secure and incredibly well integrated with itself. I already have an iPhone, so it’s familiar and something I already buy into. As for my other services that I connect to, I think I’ll migrate this blog to WordPress.com or a more managed system. I still like writing here. It’s cathartic.

Amusing Levels of Storage

I signed up for an Amazon S3 account. Since I have Transmit, I can connect directly and manage my storage buckets1 and upload/download files in a familiar UI.

So far, I’ve stumbled around inside of it, trying to concoct an adequate backup solution for my personal laptop. I finally think I’ve got it down enough so that I can do away with burning DVD sets every time something important comes (or I get the urge to backup).

Right now, though, the initial upload is almost painful. I have about 10gb of stuff to put up there, including music, movies, pictures and program data (like Wallet and Tasks databases).

Eventually I hope to just use Transmit’s “mirror” mode and have it query the S3 bucket, find out what has changed, and upload it without much work on my behalf and with minimal time used.

Though, so far, I’m hardly crying about it. I’m using a whopping $0.10 a month to host almost 300 MB (so far) of personal data that is encrypted and securely stored at Amazon’s data centers around the world.

Not bad for less than a dollar.

Now, I’m still in the market for a … more conventional storage solution. Erin has pretty much solidified the requirement of locality. Meaning I’ll need to find a nice, cheap, Ethernet NAS that we both can dump gigabytes and gigabytes of data to across the local network with a fair amount of reliability. I know I could just setup a Linux server, but I’m long since past having to have a full tower in my office making loud noises as it sucks down 250-500 watts of power all day, every day.

I’ve also been toying with the idea of instead of using the slick Time Machine, using rsync to do backups. Though, since I have no way of doing such a thing right now, I’m kind of left thinking about it, instead of doing.

1: Storage buckets, or ‘buckets’, are the way Amazon’s Simple Storage Service (S3) handles storage areas. Much like a drive letter on Windows or a volume name on Mac, it’s just a way of defining a place for things.

Logic Board Replacement 2: The Rise of the Machines

Yeah, I have to get my PowerBook’s logicboard replaced again. I know this because the last time my laptop failed to recognize half of my RAM it had to have the logic board replaced.

Sigh.

So I’m using my work laptop. I miss MacOS. Though it’s a bit faster than my Mac, admittedly.

© 2020 Verily

Theme by Anders NorénUp ↑