Tufts Now All Stories
In early 2016, Apple was faced with a dilemma: give the FBI a way to break into a terrorist’s iPhone—or protect the security and privacy of every other iPhone by refusing the request. The couple who killed 14 people in San Bernardino in December 2015 had destroyed their personal smartphones, but one work phone was later found, and the FBI wanted to get inside it. The trouble was, if investigators failed to figure out its four-digit password in ten attempts, the phone was programmed to destroy its data.The FBI wanted Apple to write code to create a security update that would undo the phone’s security protections, but the company refused, saying that would weaken security for all users. As the case wended its way through the courts, the U.S. House of Representatives Judiciary Committee held hearings on the issue. One of the key experts testifying was Susan Landau, now Bridge Professor in Cybersecurity at Tufts, where she splits her time between the Fletcher School and the School of Engineering. Her take on the issue was unequivocal: weakening the security on one iPhone weakens it on all iPhones, and that’s bad for U.S. security, she said.
Now Landau has written a new book, Listening In: Cybersecurity in an Insecure Age (Yale), elaborating on her concerns. In it, she details how we got from the beginnings of the Internet to today’s far-reaching Internet of things. Underlying it all is her argument “that securing our data is essential for securing us,” she said.
At the same time, improving security means that the data of bad actors—from would-be terrorists to garden-variety criminals—is also secure, and increasingly hidden from law enforcement. That’s what the Apple case was really about: does secure data for all mean that law enforcement and national security take a back seat to privacy?