An Apple logo at a retail location in San Francisco, 2014. REUTERS
The iPhone battle between the FBI and Apple isn't about getting help unlocking a terrorist's phone. It's about our government forcing Apple to invent a customized-on-demand version of its iOS operating system, effectively stripped of all security and privacy features. Command performance coding. As security researcher Dan Guido describes it in his widely cited technical explainer blog post, what they're asking for is an 'FBiOS.'
After the mass shootings in San Bernardino, FBI investigators seized shooter Syed Rizwan Farook's iPhone. It was his work phone, and the San Bernardino County Department of Public Health gave the government the green light to search their employee's work device. The FBI is having a hard time bypassing the phone's security, which says something great about Apple.
In his explainer blog post, Dan Guido offers a comprehensive technical analysis of whether it's technically possible for Apple to comply with the court's order to do what the FBI demands, and create special software just for the government, coded to the government's specifications, to crack the phone without data loss.
Can Apple do this? Probably. Had Farook used an iPhone 6, this discussion might be different. But yes, what the FBI's asking for looks like it may be technically possible.
But this isn't about whether Apple can do what the government demands. It's about whether they should.
This is the slipperiest of slippery slopes, guys. If you think this makes sense, will you feel the same about the government demanding backdoors or software rewrites in every other technology device or service you use? How about when China demands backdoors in everything? The whole world is watching.
Read Dan Guido's post here, or listen to the Risky Business podcast episode where he discusses his analysis in detail.
Previously on Boing Boing:
• "Rallies planned at Apple stores to protest the FBI's crusade to hack your iPhone"
• "FBI demands iPhone backdoor access; Tim Cook tells them to get lost"
Berlin-based security researcher Sébastien Kaul discovered that Voxox (formerly Telcentris) -- a giant, San Diego-based SMS gateway company -- had left millions of SMSes exposed on an Amazon cloud server, with an easily queried search front end that would allow attackers to watch as SMSes with one-time login codes streamed through the service.
Researchers at NYU and U Michigan have published a paper explaining how they used a pair of machine-learning systems to develop a "universal fingerprint" that can fool the lowest-security fingerprint sensors 76% of the time (it is less effective against higher-security sensors).
A year ago, the Norwegian Consumer Council commissioned a study into kids' smart watches, finding that they were incredibly negligent when it came to security and incredible greedy when it came to surveillance: a deadly combination that meant that these devices were sucking up tons of sensitive data on kids' lives and then leaving it […]
Ever wondered what it takes to make the transition from amateur photography to a full career? If you answered “a better camera,” you’re half right. Before you get the equipment, get the know-how to use it with the Hollywood Art Institute Photography Course & Certification. Taught by experienced pros, this course is geared towards shutterbugs […]
Anyone can learn piano, but don’t tell that to the bored kids who had to endure hours of “Chopsticks” and similar drills in their music lessons. Today, there’s a better way. Pianoforall lets you jump right in to discover what makes music fun, leaving you eager to learn more. In a simple but innovative approach, […]
There are two times you never want to just “eyeball” it: Conducting brain surgery and matching shades of paint for your walls. Whether you’re painting or repainting, make sure you’re never just “close enough” to the color you want. Not when the Nix Mini Color Sensor can scan and match any color perfectly. Small enough […]