ITsecurity
twitter facebook rss

iPhone and the FBI backdoor

Posted by on February 17, 2016.

Much is being written about the FBI’s court order instructing Apple to provide a backdoor into a terrorist’s iPhone. And much praise is being heaped upon Apple for its disinclination to do so. This disinclination is described by Tim Cook in a letter to Apple users: A Message to Our Customers.

I think, however, it is worth looking at Cook’s precise words; and at one paragraph in particular:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software β€” which does not exist today β€” would have the potential to unlock any iPhone in someone’s physical possession.

What the FBI is demanding is not access to this iPhone, but an ability to access any iPhone. That much will surprise no-one other than die-hard government apologists.

The important bit is partly what Cook says, but primarily what he does not say. He says that such software does not exist today; he does not say that it cannot exist – he doesn’t say it would be impossible. I suspect that if it were impossible, he would say so.

It would be feasible to design the iPhone so that any attempt to install a new operating system would wipe the phone. See for example, Dr Steven Murdoch quoted by the BBC:

Other secure products such as smart cards are designed so that the security cannot be changed after they leave the factory.

Some devices such as bank computers wipe themselves if you try to change the software.

But this doesn’t seem to apply to the iPhone.

It would be reasonable to assume, then, that the FBI is not asking for the impossible, but demanding that Apple do something difficult but possible for them. The problem with this scenario is that if Apple could do it, so could someone else. It may be that the FBI does not have the technical capacity to do so; but there are other agencies on both sides of the Atlantic that have both the resources and the ability to do this.

In fact, if such a backdoor is technically possible, I would be surprised if it is not already available to the NSA and GCHQ.


Share This:
Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: Expert Views, Kevin Townsend's opinions, News, News_hacks, News_legal, News_politics, News_privacy, News_surveillance | Tags: ,