An Apple backdoor is too dangerous to create
Tim Cook refusal to comply with the US Government demand to weaken its security has created such a turmoil on internet. During the investigation of the San Bernardino terror case, the FBI recovered iPhones from the murderers which are encrypted and its information inaccessible. Therefore now they’re asking to create a new version of iOS which would allow to brute-force it. Essentially a backdoor.
Currently, the iPhone allows to enter PIN codes via screen only. After a certain number of fails, the iPhone itself will erase all information on it, so trying to use every PIN combination (a brute-force attack) is not possible. Under the request by the US Government, Apple would create a new iOS which will have a switch to eliminate the auto-erase feature. Furthermore, the FBI is asking for a way to enter the PIN codes electronically (as opposed via screen which a human need to enter), so they can test millions of combinations until the correct passcode is found.
Although the reasons behind the investigations might be well intentioned, weakening security for everybody in the world using iOS is far beyond reasonable proportions. Tim Cook is right in its refusal: a backdoor in the wrong hands will render the almost unbreakable encryption in iOS, well, breakable. If they comply with this request, there might more and more request coming over. Even Android or Blackberry (which is used by the US President) might have a similar request in the future if a precedent is in place.
This is a dangerous request. There is a good reason why the Secrecy of Correspondence is enshrined in the constitutions of the free world. Even the US states that:
“No law of Congress can place in the hands of officials connected with the Postal Service any authority to invade the secrecy of letters and such sealed packages in the mail; and all regulations adopted as to mail matter of this kind must be in subordination to the great principle embodied in the fourth amendment of the Constitution”.
Privacy is a fundamental principle of the free world that we’re trying to defend. In this globalised world this request from the US Government extends beyond its national borders and should be of interest of anyone using a smartphone privately. Most security and privacy advocates, such as the Electronic Frontier Foundation are backing up Apple with good reason. Even if the US Government can be fully trusted, once a backdoor is created there’s no guarantee it will never be used by hostile governments or terrorists themselves in detriment of national and international security. Tim Cook is correct stating that this is “[…]something we consider too dangerous to create.”
Order compelling Apple, Inc. to assist agents (PDF).
Tim Cook’s letter explaining Apple's refusal to comply.
This post appeared originally in Metaluxo IT Security.
Managing Director at Precision Framework
8 年There is not a simple answer to this issue, but Apple creating a backdoor creates far more issues than problems solved. How you then deal with this need, I don't know - but I do know it's a real need, for terrorist and all sorts of other criminal needs. And even if Apple did, there are 3rd party apps which offer encryption on top of Apple
Cloud Development Operations Engineer at HomeLINK
8 年Isn't there a danger of encryption itself becomming the enemy? How long will the US government put up with repeated refusals? Take the UK example when under Tony Blair, obstacles to national security such as personal encryption where "legislated around".