Anonymous claim Apple's Touch ID is linked to US surveillance

Anonymous have some big claims concerning Apple [AAPL] Touch ID system, claiming a connection between the technology and the US defense industry to claim it's just another step forward for state surveillance.

[ABOVE: Anonymous claims regarding Touch ID.]

True or false?

It's possible these claims should be taken with a pinch of salt -- after all, Anonymous are, by their nature, unknown, and this enables the group to make claims of this nature.

In brief, the claims the group make concerning Touch ID seem to focus on Authentec director, Robert E Grady, who appears to have been a prominent figure within the George Bush administration and (Anonymous claim) was connected with The Carlyle Group, which Anonymous also claim is a majority shareholder in Booz Allen Hamilton, the NSA contractor with which whistleblower Edward Snowden worked.

The group also claims Authentec was keen on Apple acquiring the company, thinking that as it adopted the biometric technology other firm's would follow suit. This doesn't ring true, by the way, as Apple is incredibly unlikely to license its new technology. It is possible other firms may attempt to emulate the tech.

Because of the nature of Anonymous, it is not easily possible to verify the source of these claims -- is it the group of Internet freedom advocates, or do they come from some anti-Apple Android fan whose intentions are to sully the reputation of the firm?

According to the video, the claims are based on previous investigations by state-silenced journalist Barrett Brown. The group has also linked to evidence in support of its claims hosted on Pastebin.

The inherent story within these claims seems to imply that Touch ID is not secure, and acts as a framework with which security and surveillance firms can acquire large quantities of biometric data.

That claim seems to fly against Apple's stated promise that the fingerprints used by Touch ID are not stored in the cloud, but instead held inside a secure area hosted on the device. If these claims were correct then the implication would be that the secure area on the device is not that secure.

Trusted computing

What makes these claims so powerful is the atmosphere of mistrust that has sprung up regarding US government surveillance following the Edward Snowden revelations.

This atmosphere means that claims such as these from Anonymous are more likely to be taken seriously than before. People are now aware of the scale of surveillance that is taking place, and will inevitably be more willing to consider such claims.

However, rather than dwelling on the inherent paranoia of such accusations it is probably more useful to consider just how much damage US authorities have done to technology solutions providers through their decision to engage in seemingly indiscriminate surveillance.

The damage to public and corporate trust in cloud-based services is immense, and is likely to dampen these industry sectors on a global basis. This is bad for those businesses, but also bad for business across the board, as enterprises feel unable to engage with the efficiencies and opportunities inherent in SaaS and cloud-based services.

These fresh Anonymous claims in conjunction with previous revelations should mean most people will support technology firms who are currently lobbying US authorities for more transparency when it comes to what they do with and for the NSA and FBI.

Technology firms recognize their future evolution depends on transparency in such affairs -- and such transparency would help those who reject these fresh claims from Anonymous in making an argument. In the absence of such transparency, it seems likely people will be unable to stop themselves thinking the Internet agitators may have a point.

Transparency please

In order to prevent this creeping paranoia, and in order to protect the evolution of future connected services for enterprise and consumer markets, Apple, Google, Microsoft and others have all signed a letter in support of two bills that would let them reveal more details about the US government's secret information requests.

Submitted by the Center for Democracy and Technology, the letter urges Congress to pass two bills which would allow tech firms more options when it comes to disclosing when and how often they receive national security information requests. That bill may be imperfect, because Snowden's claims suggested tech firms may not be aware of all the surveillance that is taking place, but it does constitute a step toward a more transparent understanding of what is taking place.

In the event such bills are not passed, then this lack of transparency is likely to foster a culture of fear, in which claims such as those made by Anonymous will be seen as potentially credible. That’s not to say these claims are untrue -- I simply don't know. Why? Because without such transparency even educated industry watchers will be unable to determine fact from fiction.

Today in a land of smoke and mirrors, consumers and enterprise firms are unable to make educated decisions as to how they wish to protect their personal and business-related data.

And that's bad for business.

Google+? If you're one of those who likes to use social media and also happen to be a Google+ user, why not join AppleHolic's Kool Aid Corner community and join the conversation as we pursue the spirit of the New Model Apple?

Got a story? Drop me a line via Twitter or in comments below and let me know. I'd like it if you chose to follow me on Twitter so I can let you know when these items are published here first on Computerworld

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies