This Tuesday, Apple announced that it will not be writing a code for the FBI to unlock the San Bernardino shooters’ iPhone. Why is this news such a big thing? Well, because while it clarifies and stressed upon Apple’s standing regarding making their devices secure, it also raises certain questions regarding security.
CEO Tim Cook stated in a post on company’s website, “The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.”
So, why does the government need Apple’s help in the first place? Surely, the brightest minds that are working for government agencies can figure out a way of unlocking the iPhone and getting the required information from it.
The four digit passcode that is used for protecting the iPhone is more than a fancy looking locked door that can be bypassed by a clever hacker. In fact, it is the only way a hacker can access the vault. Most of the important information that is on the iPhone is encrypted. The 4-digit passcode when combined with a key built into the hardware of the phone is used for decrypting the photos and messages on the iPhone.
Why is Apple better equipped for accessing the data when compared with FBI? That’s because Apple has an array of keys that won’t exactly unlock the vault but will rather allow FBI to access and modify the vault’s locking mechanism, thus allowing them to pick the lock.
Right now, if you enter wrong passcode on an iPhone 5c (the model that was owned by the shooter) you just can’t get into the phone. If you keep trying and continue making mistakes, the iOS will make you wait for longer and longer spans of time between consecutive attempts. Screwing this attempt a number of times will result in iPhone erasing the data. This protects the iPhone from ‘brute-force attack’ – a hacking attempt that makes use of a computer to send countless possible combinations of passcodes until one gets approved.
The FBI’s order demanded that Apple should create a firmware update that would bring down these walls of defense and allow for a brute force attack. While this order implies that Apple should come up with a firmware update that will only work on a particular iPhone in this case, however, Tim Cook says that such an exploit would pave a way for sabotaging a lot of Apple devices.
While the government claims that this tool is to be used only once, but Apple is confident that once such a technique is created it would become a utility that would be used over and over again.
Apple is fighting a war with FBI over the privacy of its users data fearing that if it creates a ‘master key’ it would be used again and again and that’s something Apple isn’t willing to allow.