Comment by InsomniacL
1 day ago
I'm not suggesting Apple should be able to see the content, I'm saying the Police should be able to, when they have a valid court order issued in accordance with the legislation.
For example, A 'Personal Recovery Key' could be recorded in a police database. To gain access to 'encrypted' data from Apple, a court order is needed, once they have the encrypted data, they can unencrypt it using the key only they hold.
There's lots of ways to skin a cat.
> A 'Personal Recovery Key' could be recorded in a police database.
That's about as secure as not having ADP at all, or worse. If that police database gets compromised, not only my data is accessible to the attackers, but I will be none the wiser about it.
An attacker would have to both compromise the police database AND Apple to retrieve the data.
The Key could even be split, say 3 ways. Apple holds 1 piece, the police hold another, and the Courts hold the third, all three would be needed to decrypt the data.
This is too far in to the weeds though.
It is not beyond humanities ability to have a system as secure as ADP while still providing a mechanism to access terrorists phones for example.
Leaving aside the fact that RIPA was drafted by deranged lunatics and deserves zero compliance from anyone, who the hell would you trust to run this database?
We have a 5th amendment. You shouldn't have to do all the police work for them.