The Encryption Precedent, $4 Smartphones, and 3D Printer Toys

The legal battle taking place publicly between the FBI and Apple is all about a precedent being set for or against backdoor encryption. Philosophically, we are at a junction that could alter the direction of our digital future. In reading this letter from Tim Cook, many things stood out including this paragraph in particular:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The software to do this does not exist. Which means, Apple has to create it. Once created, then what happens? One master key in the hands of the wrong people is not good. Certainly the device in question could be given to Apple who does the work and gives the device back to the government and then destroys the key. The issue here is whether such a thing should even be created.

Apple has been intentionally designing iOS so this is not possible. And, while it is speculated a master key could be created even for devices with a secure enclave, inevitably we are heading in a direction where someday it will be impossible to have a master key. Encryption will be that good. My concern is, if the government wins, then Apple and others will always have to make sure a backdoor or master key exists. Essentially always building this into their devices thus never creating the inevitable unbreakable device. At which point, we are never really secure because a backdoor will always exist.

How this plays out will determine whether or not true security will be possible.

$4 Smartphones

I had predicted a few years ago we would see a sub $10 smartphone at some point in the next five years. I was thinking that prediction would happen toward the latter part of that time frame but we find ourselves in 2016 with a $4 smartphone. Now, there are some skeptics out there who rightly point out you simply can’t make a smartphone given the bill of materials (BOM) for $4 and this is true. It appears this device is being subsidized by the Indian government.

Anyone who looks at this price point will think the price of the device makes it so that anyone can get a smartphone. The problem is, it is not the initial cost of the device that is the barrier. It is also the cost to get the device on the network, the cellular and data fees, and the cost to charge it.

Note this chart via stats from the ITU:

Screen Shot 2016-02-17 at 5.29.34 PM

As you can see, the data rates are most expensive in the least developed countries. While pre-pay plans exist that allow people to pay for as much data as they use, given the costs in these countries to use the internet, you have to wonder how many meaningful things they can do for a few bucks a month.

The next issue is charging. Since those who can only afford a $4 or even a $20 smartphone are likely much more rural or village residents, it means they likely don’t have electricity. My brother-in-law lives in rural Kenya and said most Kenyans in the village where he lives go to a guy who has a hut and a car battery. They pay anywhere between $1.25-$2.00 (surge pricing applies) per charge. Granted, this is for a feature phone needing to be charged once a week or maybe once every two weeks.

Two billion people have smartphones and pay to be on the internet. Another two billion have a feature phone and pay for basic cellular coverage. We assume at some point those next two billion with feature phones will transition to smartphones but it will take some time. 1.5 billion people or so are living on less than $2 a day. As you can see, the economics are not in favor of the poor getting on the internet even with a $4 smartphone.

3D Printer Toys

I came across this Mattel 3D printer called ThingMaker. The device is $300 and positioned as a way for kids to print their own toys.

First, notice how fast 3D printers have come down in price. Just a few years ago, they were nowhere near prices that seemed like they would get in people’s homes anytime soon. Now a toy company is going to market with one targeting kids. Fascinating times, but it just goes to show you how fast prices can come down with new innovations.

Second, this is interesting as a “razor and razor blades” play, a trend I think you are going to see more of in consumer tech. The physical cost of the printer is just the Trojan Horse to a larger business model. Kids can buy new patterns, need to fill it with printer material, buy new colors, etc.

This is just one example of what I think many companies will start to do as they embrace getting into hardware, but doing so with a business model that is not solely hardware dependent.

Published by

Ben Bajarin

Ben Bajarin is a Principal Analyst and the head of primary research at Creative Strategies, Inc - An industry analysis, market intelligence and research firm located in Silicon Valley. His primary focus is consumer technology and market trend research and he is responsible for studying over 30 countries. Full Bio

10 thoughts on “The Encryption Precedent, $4 Smartphones, and 3D Printer Toys”

  1. Once the backdoor is created, even if it only exists within Apple, every nation in which Apple operates will require Apple to use the backdoor for their nation’s judicial and intelligence purposes. Up to now, Apple has been able to refuse requests from all nations, including China, because the backdoor doesn’t exist.

    1. 1- We don’t know that. Apple has submitted to stuff in China it would never have accepted in the US.
      2- The point is mostly moot: active iPhones can be hacked, TouchID iPhones can be unlocked… Inactive non-TouchID iPhones are the edgiest of edge cases.

      1. Here’s what the New York Times reports:

        “In China, for example, Apple — like any other foreign company selling smartphones — hands over devices for import checks by Chinese regulators. Apple also maintains server computers in China, but Apple has previously said that Beijing cannot view the data and that the keys to the servers are not stored in China. In practice and according to Chinese law, Beijing typically has access to any data stored in China.

        If Apple accedes to American law enforcement demands for opening the iPhone in the San Bernardino case and Beijing asks for a similar tool, it is unlikely Apple would be able to control China’s use of it. Yet if Apple were to refuse Beijing, it would potentially face a battery of penalties.

        Analysts said Chinese officials were pushing for greater control over the encryption and security of computers and phones sold in the country, though Beijing last year backed off on some proposals that would have required foreign companies to provide encryption keys for devices sold in the country after facing pressure from foreign trade groups.

        “People tend to forget the global impact of this,” said Raman Jit Singh Chima, policy director at Access Now, a nonprofit that works for Internet freedoms. “The reality is the damage done when a democratic government does something like this is massive. It’s even more negative in places where there are fewer freedoms.””

        I’m sure you think “import checks” involves reading iOS source code, and that Apple is lying about the keys. Please write the Times if you disagree with their reporting.

        1. Kudo for skirting and the issue so neatly. This is not about individual devices and keys to servers, this is about source code (which is pretty much the same as keys, because iOS has so many holes: http://www.gfi.com/blog/most-vulnerable-operating-systems-and-applications-in-2014/ , https://duo.com/blog/identifying-bad-apples-getting-to-the-core-of-ios-vulnerabilities), and server location.

          – Apple locating its servers in China in an essentially gov-controlled space means the Chinese gov has free rein legally and technically to do anything with them and the traffic to/from them: issue secret warrants with the equivalent of NSA letters, snoop on incoming and outgoing traffic to at least get the metadata, manipulate the traffic to/from any targeted iPhone. Which they’re doing: http://www.wsj.com/articles/apple-targeted-as-hackers-infect-popular-chinese-mobile-apps-with-malware-1442750168

          – and Apple most probably agreed to show their source code, so the gov can exploit any of iOS numerous security holes (publicly-own holes would probably be sufficient any way). Since the gov can control all the traffic to/from Apple’s servers, this can be done for any iPhone in China, and fairly automated.

          Here’s what Apple had to say about it: “Apple didn’t say either way whether it had agreed to a Beijing security
          audit. Apple didn’t respond immediately to Quartz’s attempts to confirm those reports at the time, and said weeks later it could not comment on them.” (from http://qz.com/618371/apple-is-openly-defying-us-security-orders-but-in-china-it-takes-a-very-different-approach/ )

          I’m sorry the NYT hasn’t yet made a piece on this. Please write Quartz and all the rest that did report on this if you disagree with their reporting.

    1. Safes don’t require work from the manufacturer of the safe. The FBI cracks safes on its own or by paying a contractor. Also, safes are not sold as totally uncrackable, only as reasonably uncrackable.

      Apple is objecting to the FBI compelling it to do the cracking.

      1. I’m pretty sure safe companies routinely work with law enforcement. Not positive, but pretty sure.

        I can certainly see a line where Apple’s objections make sense. It would be unduly burdensome to invent, on a case by case basis, a crack for a phone.

        Since they are the creators of the device, they can create a version for all iOS devices. I’m not a gambler, but the root solution will likely be laws on encryption. Heaven help us, by tech either cooperates with policy or the policymakers will, in their glorious ignorance, make bad law.

        1. Last sentence exactly right.. Apple can make an unbreakable safe. So if they lose then it changes that and likely such a safe then won’t exist. So the question is should an unbreakable safe exist.

  2. The FBI request appears to be very nearsighted. Yes, maybe possibly there is something of interest on those phones (don’t count on it). However, the real national security risk does not come from San Bernardino type shootings, but rather 1) from unfriendly nation states demanding equal access to encrypted data and 2) from the systemic fragility that a weakly encrypted mobile infrastructure brings with it.

Leave a Reply

Your email address will not be published. Required fields are marked *