Padlocks
“How long do you want these messages to remain secret?” Randy asked, in his last message before leaving San Francisco. “Five years? Ten years? Twenty-five years?”
After he got to the hotel this afternoon, Randy decrypted and read Avi’s answer. It is still hanging in front of his eyes, like the afterimage of a strobe:
I want them to remain secret for as long as men are capable of evil.
– from Cryptonomicon
Whenever I’m tempted by some shiny future tech thing, or shifting some desktop task to an online service, I still hear the dubious counsel of a much younger self. It’s centralised. It’s proprietary. Don’t let them lock away your computers, man. Don’t let them own you.
It’s the voice of the me who built his frankenstein computers partly out of parts salvaged from skips. Who wasn’t comfortable using an OS where he didn’t compile everything from scratch. A boy with too much time on his hands.
It’s the voice of the me who hasn’t become completely resentful at the amount of time that years of personal computing has eaten up just with the tending, the watering and feeding. The upgrading and backing-up and restoring. And with every year our personal computers have become more tightly bound to our own real lives. What impact a broken phone when it’s also your keys or wallet? Or more. There are no “computer hobbyists” in the 21st Century.
It’s as if we’ve woken up into a world where letting a Tamagotchi die was punishable by law. Or karma. Or both.
So, while everyone else seemed to focus on the Music Match “pirate amnesty” that was offered at the end of the Apple WWDC keynote, the slide that caught my attention came about an hour into the presentation.
Almost as an aside, Scott Forstall mentions great features for “enterprise customers” such as encrypting email with S/MIME.
Of course, alluding to “enterprise customers” is like a fnord-wrapping it for a significant sections of the technology press. It conjures up images of the bloated, legacy-supporting suites of the Windows world. Bor-ing, what’s next? Apple can’t really do business business software. That’s not a slight, by the way. More that they don’t seem interested in adopting the fiction that “enterprise users” have fundamentally different requirements from normal users.
And normal users are apparently still happily sharing their secrets with the network.
But I’ve been thinking about this for a few days, and this seems like it has the potential to be something described as “controversial” in future news reports.
The me in the past started using internet email around the same time that PGP became widely available. Keys were signed. Fingerprints were relayed. And yet almost every mail I’ve sent since then has been clear text. Which is not to say in the clear. All my mail these days is submitted and retrieved over TLS encrypted connections, transmitted over TLS when available. Even DKIM-signed on some accounts. But still clear text. I haven’t sent an encrypted email in the last decade that didn’t include the word “test” in the subject line. I can’t even remember my old pass-phrases.
But just having the capability seemed important, even in a country not under rule of oppression. Not dissimilar a philosophy, I suppose, to owning a firearm you hope never need use. A deliberate analogy, since crypto was treated by the US government as a munition for which they attempted to regulate exports (and to a lesser extent still do). Computer security was effectively nerfed at a critical point in the mainstream adoption of the internet. Even downloading web-browsers with SSL support was restricted based on your physical location.
This happened just at the point where encrypting communications when from being a hardware problem to being a user interface problem. Before anyone had a chance to get it right, the webmail providers changed the game. While they’ll now happily offer an https interface, Google doesn’t want you to use effective end-to-end privacy – how would they be able to mine your communications for behavioural data-points to sell to advertisers? How can it be searched?
But perhaps a user behaviour that’s bad for ad-funded web-centric business can be good for an app-centric business?
In the short-term S/MIME is obviously a tick-box Apple needs before big corporate BlackBerry clients consider switching. For the same reason, I’d be surprised if the new iMessage system doesn’t end up with end-to-end encryption in the same way that iChat has supported it when the relevant certificates were available.
Full crypto tools have been available on OSX for years, but (literally) hidden away. Unless you’ve generated or imported a certificate with Email capabilities, the native Mail program gives no indication that it supports encryption. Install or generate a certificate using “Key Chain Access” and magically new “sign” and “encrypt” icons appear in the UI. (“Key Chain Access” is still a bit intimidating, but it’s far easier than pouring through the OpenSSL man page.) In fact, Apple used to offer certificates for .Mac customers that worked with both iChat and Mail. (The email support mysteriously disappearing in 2006… almost as if Apple was about to release a device without S/MIME email support.)
Signed tweets, anyone? Encrypted DMs? A second factor authenticator?
I don’t think it’s outlandish to imagine that S/MIME (and associated key management) integrated into the iOS ecosystem might be the trigger point at which personal crypto gains significant adoption outside of corporate contexts. The same push we see today toward https for social network access we’ll might see in securing the more sensitive of our communications.
And, while I make a point of not conflating institutional transparency with personal privacy, there’s a similar mental exercise we all need to perform in separating out the merely private from the confidential. Especially in communications we know to be stored. I’d expect certain high-profile politicians to be early adopters.
An open standard that’s supported out-of-the-box on the iPhone and iPad is as close to de facto as you’re going to get, and it might come to be expected on all competing devices (if it’s not already there). I’d expect to see signed receipts (non-repudiation) from online stores (iTunes already uses DKIM, but it’s not currently reflected in the Mail UI). Encrypted messages from doctors, banks. From lawyers. From the state.
And therein, potentially the source of future headlines. Some governments have a tendency to get grumpy when another source of intelligence ebbs away. BlackBerry has already been offering encryption, but (apart from those using its Enterprise Server) it’s not end-to-end so “legal” interception still remains a possibility. Not so on the iPhone if they’re offering unrestricted public-key , so I’d expect to see the threat of restrictions in some regimes. Not that I believe there are many nations capable of effectively keeping the shiny shiny out of the hands of anyone who wants one.
There’s cause for caution in how the world adopts cloud technologies congruently with an unprecedented increase in the unauthorised leaking of both personal and institutional data from online sources. Yet congruously Apple may have announced a potential Crypto-Ragnarök.
It’s almost a shame my younger self isn’t around to see how it plays out.
1 Comment