James Comey’s new book, A Higher Loyalty has been making waves around the world thanks to his robust views about US President Donald Trump.
But his comments about encryption also make for interesting reading and go some way to explain the stance of the US intelligence community on this highly controversial issue.
Encryption drove Comey ‘crazy’
James Comey was the Director of the FBI for four years between 2013 and 2017, a period when the issue of encrypted communications really came to a head in the US thanks to a number of high profile cases in which the FBI was unable to access encrypted communications and devices such as the iPhone.
It was in 2014 Apple and Google took the decision to encrypted all of their devices and in his book, Comey admits that it was a decision which made him crazy.
It was evident that the FBI had made strong representations to Apple and Google on this issue and Comey notes his frustration that neither company was willing to engage in “true listening”.
By ‘true listening’, we can only assume that he means the FBI were annoyed that the smartphone manufacturers were not willing to slavishly do what the FBI told them, but instead decided to put the privacy of their users first.
Joking about the sunny weather enjoyed by most US tech executives in Silicon Valley, California, Comey went on to say that they “don’t see the darkness the FBI sees.”
Going Dark is the term used by the FBI for mobile devices and communications systems that they are unable to access.
For an organization which, as Edward Snowden revealed, was well used to being able to see everything that anyone does at any time, the ability for a huge number of people to ‘go dark’ on their mobile communications would undoubtedly have been a challenge.
But the broader implications of giving law enforcement agencies like the FBI access to encrypted devices and communications systems cannot in any way be justified by this inconvenience.
It is notable that nowhere in his book does Comey make any effort to build a case for the FBI being able to compromise encryption either. He merely reiterates the well-used arguments that encryption makes their job harder.
GreyKey means iPhone encryption can now be bypassed
However, while the FBI continues to try and secure backdoor access to encryption, it seems that they may have already managed to compromise the encryption that protects iPhones.
It was well-known that they had, eventually, managed to gain access to the iPhone of the San Bernardino terrorist. However, it is rumoured that they had to pay as much as US$1 million to do so and no suggestion that they learned anything worthwhile from it.
But according to an investigation by Vice News, it seems that both the FBI and other law enforcement agencies across the US may now have access to a much more affordable tool which is able to compromise the encryption on iPhones.
The solution in question is known as ‘GreyKey’ and has been developed by a company called GreyShift. GreyKey is a small box with two lightning cables to connect to an iPhone. It is thought to be able to access all iPhone’s up to the latest iPhone X, but details of how it does so are unclear.
It costs either US$15,000 for an online box which allows up to 300 unlocks, while an offline box which offers unlimited unlocks is available for US$30,000.
According to Vice, a number of regional police forces and the US State Department have already purchased GreyKey, while the FBI and the Secret Service have also expressed an interest.
VPN still best option for secure encryption
GreyKey may not work forever. To be able to unlock an iPhone, it must be exploiting a flaw in the encryption coding which Apple may at some point manage to identify and fix. But for now, it seems that no iPhone users can be sure about the security of their device.
As long as tools like GreyKey are available, it will be hackers as well as law enforcement agencies who are able to take advantage. With the ongoing debate over encryption on such devices continuing, the case for users taking matters into their own hands becomes more and more compelling.
That is where a VPN comes in. When using a VPN, everything you do online is encrypted and protected. Most reputable VPNs, such as IPVanish or ExpressVPN offer great dedicated iPhone apps. To learn more, a good place to start is our Best VPN for iPhone 2018 guide.