Israeli data extraction firm Cellebrite announced the ability to break into any iPhone or Android device for law enforcement agencies near the same time Trump administration officials weighed the pros and cons of banning encryption law enforcement can’t break.
Senior Trump officials met on 26 June to discuss whether to seek legislation that would crack down on end-to-end encryption in a move that would reignite a feud between federal law enforcement and Silicon Valley stemming from the San Bernardino iPhone case.
While companies such as Apple and Google bill the encryption as a privacy and safety feature, law enforcement agencies argue that it hinders investigations into terrorism, drug trafficking and child pornography.
"The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation," an anonymous source from the meeting told Politico.
The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even at the expense of hacking risks but such measures would also make it easier for hackers and spies to steal Americans’ private data by creating loopholes in encryption that are designed for the government but accessible to anyone who reverse-engineers them.
Cellebrite’s bold claims also come after Apple added new security measures that crippled a separate iPhone cracking tool, GreyKey, which had already become popular among US law enforcement agencies.
SecurityFirst Chief Marketing Officer Dan Tuchler said there’s a fine line between positions on this issue with no grey area.
"An authoritarian government will always seek to exert control by monitoring its citizens, using the reasoning that safety of citizens is more important than any erosion of their rights," Tuchler said.
"The United States has a long history of mottoes such as "Live Free or Die" emphasising the common conviction that the balance should always lean towards freedom of speech," he said. "We don’t like it when suspected terrorists have the ability to communicate on encrypted channels, but we need to catch them a different way, so that we can protect one of our most important fundamental rights."
Tuchler added that phone vendors will need to improve their ability to protect our private data, using stronger encryption.
Lucy Security CEO Colin Bastable called the argument of eliminating encryption for protection an excuse.
"The police will use this technology to go for low-hanging fruit, as always, like speeding motorists and jaywalkers, whilst terrorists and drug cartel barons will carry on regardless," Bastable said. "The USA crippled its IT security industry in the ‘90s by limiting strong crypto to domestic use only, selling easily cracked crypto to foreigners, who rightly built their own, superior, security products."
Bastable added that end-to-end encryption ensures privacy and consistency and integrity of data and delivers immediate communication, for fast business and personal interaction.
This article was originally published on SC Media US.