In the ongoing Apple CSAM saga, Irreal has mostly been concerned with Apple’s betrayal of their promise to protect their users’ privacy but there’s also the issue the long term security consequences of Apple’s decision. We’ll take a look at the security of Apple’s plan in a later post. This is a sort of meta-post on the dangers of introducing backdoors.
Before we begin, it’s worth noting that Apple has delayed the rollout of their clientside CSAM scanning. The optimistic reading of their words is that, “Yes we know we screwed up and this is our way of abandoning the program without admitting we were wrong.” If they’re still not convinced, here are some reasons why it’s a really bad idea.
In the early 2000’s, the NSA had a clever plan. They devised a random number generator (DUAL_EC) that would allow them access to encrypted messages and pressured industry to adopt it. Almost immediately, security researchers pointed out the RNG had serious vulnerabilities but the NSA and its apologists pressed on. They claimed that even if that was true, only the NSA had the key to exploit the vulnerability so all was well. Unfortunately, the NSA had been too clever by half because hackers—unidentified to this day—managed to rekey Juniper Networks implementation and gained access to sensitive government communications for three years. Irreal has written about DUAL_EC before [1, 2]. Matt Green has an excellent Twitter thread (unrolled here) that recounts a brief history of the disaster.
This is the NSA, whose raison d’être is devising secure communication protocols, trying to introduce a secure backdoor and failing. What reason is there to believe that Apple would do any better? Indeed, security researchers have already pointed out problems. Apple insists that there’s no backdoor and, trust us, everything is under control. If Apple persists, they and the rest of us will find out just how naive that view is.