Monday, February 22, 2016

Apple: FBI Requests to Break Encryption


The tech giant Apple was recently inquired by the FBI to help hack into an iPhone owned by a suspect involved in a shooting. The issue is that this isn’t a normal case where information needs to be taken from a phone or online services. Apple usually complies with the FBI in these instances but this time a request was made for alternative software to be made to break encryption. This would allow the FBI to get past security protection put on the device for every iPhone owner’s protection. Apple has publicly stated that they’re against this form of investigation and will not fulfill the request. 

I found a few points in the article to be worth mentioning. The first thing that was apparent is just how secure our information is from the FBI. Otherwise there would be no need for them to make requests such as these. As a customer I want to have the ability to protect my own private information and its key to my purchase. Apple ensures very good security and has an excellent reputation for it. If Apple chooses to break its own security methods it also means that it will forever be broken and the method can be repeated on any other device given to the FBI. This would eliminate Apples history of strong security, as this ‘backdoor’ will always be open. This is important as most business rely on Apples security features to protect their own confidential data and if Apple cannot protect its own than why should they?

Another point I found interesting was the information on the iPhone password lock, specifically in the case of the suspects phone. For the FBI the password is the currently the largest obstacle. Traditionally the password was 4 digits in length and with software tricks it could easily be brute forced by trial and error. The issue is that the suspect has enabled a security feature to erase data from the phone if more than a certain amount of wrong passwords are entered. The FBI wants apple to remove this limit and the time lockout so they can easily solve the password. Since newer versions have been released it has circumvented the FBI’s traditional methods of handling these situations. If the FBI cannot get past this protection they will not have access to important data that led up to the shooting.

The article also discusses how easily Apple could do this if they’re legally forced to oblige. They would have to create a custom version of the operating system that would allow for the passcode to be made useless. The issue is that it proves that the system can be modified in such a way for this to work. Anyone would also be able to get around this major security component of the iPhone. I feel that this should not be done and that Apple should just disable the auto erase feature for the device without any major software manipulation if possible.

I feel that this article might have overlooked the availability of exploits that currently break Apples security features. Popular rooting or “Jailbreaking” allows for root access to the device and modification of the software functionality without the need of Apples intervention. It might be in the FBI’s interest to break into the software themselves and gain root access to the device. This method of gaining root access is very popular and some even place bounties for security holes to be discovered. 

Sources:
http://www.wired.com/2016/02/verizons-new-video-service-tests-net-neutrality-laws/
http://www.wired.com/2015/11/hackers-claim-million-dollar-bounty-for-ios-attack/

5 comments:

  1. I think that it would be in the best interest for the FBI to break into the phone on their own. However, I think that this case has become less of the FBI's ability to break into the phone, but more so an issue of power and control. If the government cannot make a company based in their country participate in an investigation however it sees fit, then that could be seen as a detriment to their ability to govern the people. One of the problems with opening the device would be that this would be setting a precedent for other governments or large corporate entities to demand the same of Apple in similar situations, thus compromising their ability to create a safe and secure operating system and/or application(s).

    ReplyDelete
  2. I agree with, Judah. One inquiry that has surfaced from this particular situation is that if the United States government can get Apple to comply with their demands, why can't other countries like China do the same? If Apple is to comply with the FBI's demands, other countries that sell Apple's products might ask for Apple to comply with their specific demands as well. The main reason I feel Apple is not complying with the FBI's demands is a combination of their business ethics and their overall sales. Apple has worked hard for decades to maintain their customers' private securities. If Apple were to comply with the FBI and forego all of their advancements for private securities, it can be assumed that their sales would fall drastically. However, at the same time many people have also said that if Apple does not help the FBI gain access to the San Bernardino terrorist's phone, they would stop buying Apple products.

    ReplyDelete
  3. Hi Nick,
    I found this article pretty interesting as well, and I agree with you on multiple points. One of the most valid points is the apparent protection of our information and personal data from even the FBI. It is reassuring as a customer that our phones are private and no one, not even the government, is privy to information we do not want them to have. Apple upholds its reputation of protecting its customers with features on the devices sold to have high security on information, although this is not good news for the FBI when they need information on a suspect. However, another good point is that Apple holds a lot of power with security, if they are legally obligated to do so. I think that it is admirable that Apple takes customer security seriously enough to deny the FBI, but it is clear that they could have access to any phone if they wanted to. The article make it known that it would be easy for Apple to break the password and change the software if they wanted to, which is worrying for some people. Overall I thought this was a very interesting article and you made a lot of valid points.

    ReplyDelete
  4. Hi Nick,
    I would like to start by saying this article is very interesting, additionally; the article brings up the controversial topic of consumer privacy. In continuation of what Grace was saying, Apple has an esteemed reputation for protecting its customers. To the dismay of the FBI, I do not believe that Apple should make the software to get unlock the suspects phone. My reasoning for this is simple, if Apple creates a "backdoor" software, then another online entity, possibly a malicious one, could create a similar software that could by-pass the security information on iPhones; leaving apples customers open to hacking. From a consumer's viewpoint, it is re-assuring to see a company stand up for its customer's right to privacy; but it is clear to us as consumers that apple could access our phones, if-need-be. In conclusion, I found that this article brings up a very controversial topic for businesses and consumers. Your use of outside sources and knowledge of software and software modification adds insight to the blog post. I also agree that the FBI should try and break into the phone on their own, they need to leave Apple out, because it would only make the company look bad if they comply with the FBI.

    ReplyDelete
  5. Hi Nick,
    This is a very interesting situation because of the possible severe consequences involved with the interaction between Apple and the FBI. I liked your first point when you say how well protected and secured our information is from the FBI. It’s crazy to think that we control information that not even the FBI can access. It is also crazy to think that Apple has access to almost all of the information in the world while the FBI doesn’t. I also think your second point is very interesting because it shows how ingenious Apple is that they have the intelligence to prevent hacking by changing the phone lock features from a four-digit password to a larger number password. This allows for more customization by people which allows for more possible combinations and this makes it very difficult for a possible hacker. We even see that you can open your phone by using your fingerprint which makes it impossible for hackers to get into your phone because no fingerprint is the same. I think you make an interesting point in your last paragraph when you talk about how the FBI could break into the phones themselves through different methods. It is a little unnerving that the government would break into a phone to get vital information but there is always the possibility of something like that happening. We just have to hope that the wrong people don’t try to break into phones because that could become very scary and potentially very dangerous.

    ReplyDelete

Note: Only a member of this blog may post a comment.