译文转自虎嗅:库克怒发公开信:苹果不会给美国政府开后门,你们越权了!
最近,美国政府要求苹果公司采取一项史无前例的措施,这项措施将危及用户安全,我们因此表示反对,我们认为这种行为的影响将远远超出眼下的这起案件。
加密的必要性
以iPhone为首的智能手机已经成为我们生活中不可或缺的一部分,人们用智能手机储存数量庞大的个人信息,包括私密对话、照片、音乐、笔记、日历、联系人、银行信息、健康数据,甚至是从过去到现在我们的一切行踪。
这些数据都可能被非法分子在我们不知情、不允许的情况下窃取和盗用,这也是我们要保护这些数据的原因。客户也期望苹果及其他科技公司竭尽全力保护他们的个人信息,这也是苹果一直在做的事。
加密对于所有人来说都至关重要,因为个人信息的安全最终关乎人身安全。
多年来,我们的加密技术一直在保护用户的个人数据不受侵犯,因为我们相信,这是保证用户个人信息安全的唯一途径,甚至连苹果自身都无法获取我们用户的信息,因为我们认为,用户iPhone里的东西与我们无关。
关于圣博娜迪诺枪击案
我们对去年12月发生在圣博娜迪诺的恐怖枪击行为感到震惊和愤怒,我们为逝去的生命哀悼,也希望所有受到影响的人能够讨回公正。案件发生后,FBI曾向我们请求帮助,我们也一直在努力配合政府的破案工作。我们对恐怖分子是不持任何同情心的。
在FBI向我们索要的数据中,凡是苹果所有的,我们均已提供。苹果向来服从依法出具的传讯和搜查令,在圣博娜迪诺枪击案中也是如此。我们还派出了苹果的工程师为FBI提供建议,同时提出了一系列我们所能想到的最佳调查方案供警方参考。
我们对FBI的专业办案人员表示尊重,也相信他们有良好的意图。可以说,目前为止,我们已经在法律允许范围内竭尽所能。但是现在,美国政府所要求的东西我们确实没有,即便非要提供,那也将是非常危险的。他们所要求的是,为iPhone开发一个“后门”。
具体来说,FBI实际上是要求我们为iPhone开发一个全新的操作系统,解除多个现有手机上重要的安全功能,然后安装到该案中发现的iPhone上。但是,这款尚不存在的系统,一旦落入非法分子之手,就可能被用来解锁任何一款iPhone。
无论FBI如何描述这款工具,有一点事实无法改变:开发一款绕过安全功能iOS,无疑就是创造了一个“后门”。尽管政府可以说,这款系统仅限在本案中使用,但是谁都没法保证滴水不漏的控制。
数据安全遭遇威胁
有人会说,为本案中的这部iPhone开发一款独有的系统岂不是两全其美?但是这种观点忽视了数字安全的基础,也没有真正理解政府的要求。
在当今的数字世界,解开一个加密系统的“钥匙”就是一份解锁数据的信息,而这个密钥的安全程度和受它保护的数据别无二致。一旦密钥泄露,只要是掌握了这一信息的人,都可以轻易破坏这个系统。
政府方面强调这种工具只会在一部手机上使用一次,但是事实并非如此。一旦创造出来,这一技术就可能在任意数量的设备上被反复利用。在现实世界中,这种密钥就相当于一把万能钥匙,不论是餐厅还是银行的大门,都可以被它打开。没有人愿意看到这种情况发生。
眼下美国政府要求苹果所做的,无异于侵入我们用户的手机,将我们几十年来为保护用户安全所做的努力一并抛弃,此后,苹果将无法保护包括上千万美国公民在内的用户免受黑客的侵犯。讽刺的是,当年为iPhone搭建了强大加密系统的工程师,如今却要被迫削弱其安全性。
我们从没听过这样的先例:一个美国公司被迫将其客户置于可能遭受攻击的危险之中。多年来,密码学家和国家安全专家都在反复提醒人们削弱加密技术的危险性,这样做只会伤害那些充分信任苹果这类公司的遵纪守法的公民,而非法分子依然会利用他们所掌握的技术,为自己的数据加密。
危险的先例
FBI其实是在以一种前所未有的方式,绕开国会,利用1789年《全令法案》来为自己实际上的滥用权力正名。
政府要求我们解除现有系统上的安全功能,添加新的功能,允许通过输入密码的方式来解密数据。这将使得iPhone更容易遭到“强力破解”,即让计算机通过穷举法强制破解密码。
政府的这一要求让人不寒而栗。如果政府可以利用《全令法案》轻易解锁你的iPhone,那么政府也就有了获取任何设备上数据的权力。政府对隐私的侵犯或许将不止于此,他们还可能要求苹果开发监控软件,用以拦截你的信息、获取健康数据、银行信息、追踪位置,甚至是在你不知情的情况下控制你的麦克风和摄像头。
反对这一要求,我们是经过深思熟虑的,我们认为我们必须公开指出美国政府的这种越权行为。
我们反对FBI的要求,是出于对美国民主的尊重和对这个国家的热爱。我们相信,各退一步,充分考虑后果,对所有人都是有好处的。
尽管我们相信FBI是善意的,但是我们认为在我们的产品中创建后门是一个错误的决定,我们担心这种要求恰恰会破坏我们的政府意欲保护的自由。
以下是英文原文:
The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.
This moment calls for public discussion, and we want our customers and people around the country to understand what is at stake.
The Need for Encryption
Smartphones, led by iPhone, have become an essential part of our lives. People use them to store an incredible amount of personal information, from our private conversations to our photos, our music, our notes, our calendars and contacts, our financial information and health data, even where we have been and where we are going.
All that information needs to be protected from hackers and criminals who want to access it, steal it, and use it without our knowledge or permission. Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data.
Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us.
For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.
The San Bernardino Case
We were shocked and outraged by the deadly act of terrorism in San Bernardino last December. We mourn the loss of life and want justice for all those whose lives were affected. The FBI asked us for help in the days following the attack, and we have worked hard to support the government’s efforts to solve this horrible crime. We have no sympathy for terrorists.
When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.
We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
The Threat to Data Security
Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.
In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.
The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.
The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.
We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data. Criminals and bad actors will still encrypt, using tools that are readily available to them.
A Dangerous Precedent
Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.
The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.
The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.
Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government.
We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.
While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.
Tim Cook
