Within the last few days US courts have issued a demand that
Apple provide investigators access to data on the phone belonging to San
Bernardino gunman Syed Rizwan Farook, which the FBI says contains critical data.
So far Apple has complied with subpoenas for data requested by the FBI in the San
Bernardino case. It appears that, within 24 hours of being in custody, the
suspect iPhone had its Apple ID password changed preventing forensic teams from
accessing backup information.[1]
Apple are not in a position to actually break the encryption
on the iPhone. Because of this, the US government, using an obscure law from
1789 called the “All Writs Act”, has ordered Apple to produce a
new iOS which introduces the ability to input the phone's four-digit passcode “electronically” and prevent the iPhone from
erasing data after 10 failed logins. Essentially the request is to open up the
iPhone to a brute force. The FBI insist that this is a one-off back-door for this
particular iPhone, and Apple can work on
the phone in their own HQ to reduce the risk of the new iOS being released to
the world.
A one-off back-door for a single iPhone might not be a big
ask; but it sets a precedent to become a regular occurrence. Once
the US government has a back-door to iPhone user’s private information, how
long before sophisticated hackers make use of this backdoor?
Earlier this week, writing in an open letter, Apple CEO Tim Cook wrote: "We oppose this order, which has implications far beyond the legal case at hand…Customers expect Apple and other technology companies to do everything in our power to protect their personal information, and at Apple we are deeply committed to safeguarding their data. Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us."[2]
A few days ago John McAfee, as in Anti-virus software company
McAfee, apparently came to Apple’s aid making his own offer to the FBI saying
his team will decrypt the information on said iPhone
within 3 weeks using social engineering techniques, free of charge[3]. Just how he
intends to do this is unclear, but then a US presidential candidate never
rejects free publicity in an election year.
No comments:
Post a Comment