Apple’s New Encryption Won’t Stop Intelligence Gathering

As Apple and Google introduced a more thorough encryption for their devices and revised their privacy policy (Apple), many people are wondering what this actually means to them. Apple claims it’s a move to better protect the privacy of its users, while some opponents claim that Apple is just picking a pointless fight with the US government, while providing criminals with protection at a cost to the public.

Whichever view you hold, the truth is, if you’re concerned about intelligence agencies (let’s call them I.A.) listening in on your conversations, you’re out of luck. Here’s a few reasons why:

  • Apple only encrypts data on your device directly. Phone calls, text messages, internet data packets all cross the carrier’s network and are weakly encrypted. Your carrier is also legally required to provide this data to law enforcement and I.A.
  • If this I.A. can communicate with your device directly (via Wi-FI, SMS, man-in-the-middle of the radio link, access to the USB port, or spearphishing via a well made email and more) they might be able to use a zero day exploit to gain code execution ability on your phone and bypass encryption by reading the cleartext out of RAM while the phone is unlocked.
  • Often, the contents of text messages and calls are not even necessary. If the law enforcement or an I.A. need to locate you, they can use the existing e911 GPS location or triangulation of your position via cell phone towers.

These are just a few ways an interested third party may gain access to your information. Andrew Zonenberg put together an in-depth article for those interested in a more through examination of Apple’s encryption and its possible breaking.