FBI Risks Product Security

Apple Incorporated, the maker of most of your cell phones, recently passed a court order to provide the Federal Bureau of Investigation technical assistance in accessing data on a very special iPhone. The device, which was originally property of one of the San Bernardino shooters, is now in the possession of San Bernardino County and the FBI suspects that it may contain information on a terrorist network in the United States.

The FBI proposed getting into the locked phone by overriding the time delay that occurs when a wrong pass code is entered in too many times. They also considered entering the pass code electronically, rather than manually. This would allow the government investigators to hook the phone up to a computer and blaze through the 94 possible 4-digit PIN combinations without having to pay multiple government employees to wear their thumbs down entering PINa into the locked phone. Of course, the FBI would have to enter a much greater number of possible PINs if the device’s PIN contained letters or more than four characters. Plus, iPhones apparently delete data after 10 failed pass code attempts. That is why I have an Android.

Apple Inc. has refused and appealed the order. Tim Cook, chief executive officer of Apple Inc., explained in a public letter that creating such a “backdoor” to the iPhone would set a dangerous precedent for the government obtaining access to private data on a person’s device. Furthermore, once the software was created, malicious hackers could get a hold of it and unlock iPhones themselves.

Advocates for the unlocking of the San Bernardino iPhone noted that Apple Inc. has assisted in unlocking iPhones per government request before. On the one hand, an exchange from the court hearing also suggests that Apple’s main motive is to keep its brand name shrouded in a free-spirited, down-with-Big-Brother ethos of information privacy. In other words, Apple’s refusal to assist the FBI in unlocking the iPhone might just be a ploy to stay on customers’ good sides. On the other hand, Cook has suggested that the government is itching to get the go-ahead from this case so they can use the suggested tool to access more private information on dozens of other government-seized iPhones.

If this tool becomes available to the FBI, there is certainly a risk that hackers will get a hold of it and access private data themselves. This would be particularly ironic, since the security features that make such a high-power, password-guessing hack necessary were recently introduced with Apple’s new iOSpace8 software. Although ingenious hackers might find a way around these tough security features eventually, subverting the security feature so soon after it was built is like letting your 2-year-old brother into your bedroom immediately after putting together a Lego Millennium Falcon. All of your hard work will be smashed to pieces within minutes of being finished. You might drop it on the floor eventually, but at least that way you can admire the structure for a more significant period of time before its destruction.

The security update in the iOSpace8 software remarkably transforms the role of the passcode in the usability of iPhones. All data files on the phone are encrypted by the pass code. Each bit of information the phone contains is built with a lock on it, with the keys to each lock on the pass code the user enters. Without this encryption, the code can do nothing more than unlock the screen. All the information lays waiting beneath the locked screen like a freshwater pool beneath a thin layer of ice. Even if you cannot break the ice, there are other ways to get to the water; once you do, the water — like data — is yours to use. The portion of the phone that stores the data can be read on a different system. However, with encryption, the pass code is required to open all the data the phone stores. The entire pool is solid ice. If you do not have the tool to break the ice, you cannot remove any bit of water from the pool.

After spending an arguably ridiculous amount of money for a new iPhone, are you ready to risk the benefits of the updated security features flushed down the toilet? Chances are, hackers will not be interested in using your Uber account or reading texts from your ex; if they are, I am jealous that these talented hackers have judged you to be so significant. Since we can open so many applications without the hassle of entering an account password each time, there are still plenty of ways someone can spend your money once they get past the first and only security barrier on your lock screen.

Some experts argue that there are other ways to access the data besides uncovering the phone’s pass code. It is possible that Apple Inc.’s position is a phony ideological stance in the spirit of its founder, Steve Jobs, and the information on this device may give the U.S. government information to prevent a terrorist attack. That is an important thing, but is such a hunch compelling enough to put information security at risk?

Patrick Soltis is a sophomore in the College. INNOVATION SMACK TALK appears every Friday.

Have a reaction to this article? Write a letter to the editor.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>