Gates gets it wrong with ribbons

Gates describes the security on an iPhone like a ribbon that the FBI simply wants Apple to cut. That is pretty much totally wrong.

On Ribbons and Ribbon Cutters 
[Via | Zdziarski’s Blog of Things]

With most non-technical people struggling to make sense of the battle between FBI and Apple, Bill Gates introduced an excellent analogy to explain cryptography to the average non-geek. Gates used the analogy of encryption as a “ribbon around a hard drive”. Good encryption is more like a chastity belt, but since Farook decided to use a weak passcode, I think it’s fair here to call it a ribbon. In any case, lets go with Gates’ ribbon analogy.


As stated in the article:

Instead of cutting the ribbon, which would be a much simpler task, FBI is ordering Apple to invent a ribbon cutter – a forensic tool capable of cutting the ribbon for FBI, and is promising to use it on just this one phone. In reality, there’s already a line beginning to form behind Comey should he get his way.

Inventing it is not all. Apple will have to vet the tool to make sure it works, convince a forensic peer review that it will not alter any data on the phone then defend the use of that tool in every single court it will be asked to use it.

We are already talking about 100s of court cases that Apple employees will be required to testify in, even years after they develop this tool.

Not to mention that this same tool can easily be put onto the UNLOCKED phone of anyone to insert any malware the FBI or any criminal wants to.

Simply use a man in the middle attack to sen a fake screeen saying a new update is available and would they like to down load it (assuming people have automatic downloading turned off).

So not only would Apple have to create the tool to cut the ribbon but that same tool could be used by anyone to help put a ribbon around anything else – a ribbon with a tear away section to allow easy opening at any time. 

Image: Anders Ljungberg