An Apple logo at a retail location in San Francisco, 2014. REUTERS
The iPhone battle between the FBI and Apple isn't about getting help unlocking a terrorist's phone. It's about our government forcing Apple to invent a customized-on-demand version of its iOS operating system, effectively stripped of all security and privacy features. Command performance coding. As security researcher Dan Guido describes it in his widely cited technical explainer blog post, what they're asking for is an 'FBiOS.'
After the mass shootings in San Bernardino, FBI investigators seized shooter Syed Rizwan Farook's iPhone. It was his work phone, and the San Bernardino County Department of Public Health gave the government the green light to search their employee's work device. The FBI is having a hard time bypassing the phone's security, which says something great about Apple.
In his explainer blog post, Dan Guido offers a comprehensive technical analysis of whether it's technically possible for Apple to comply with the court's order to do what the FBI demands, and create special software just for the government, coded to the government's specifications, to crack the phone without data loss.
Can Apple do this? Probably. Had Farook used an iPhone 6, this discussion might be different. But yes, what the FBI's asking for looks like it may be technically possible.
But this isn't about whether Apple can do what the government demands. It's about whether they should.
This is the slipperiest of slippery slopes, guys. If you think this makes sense, will you feel the same about the government demanding backdoors or software rewrites in every other technology device or service you use? How about when China demands backdoors in everything? The whole world is watching.
Read Dan Guido's post here, or listen to the Risky Business podcast episode where he discusses his analysis in detail.
Previously on Boing Boing:
• "Rallies planned at Apple stores to protest the FBI's crusade to hack your iPhone"
• "FBI demands iPhone backdoor access; Tim Cook tells them to get lost"
In his first U.S. TV interview, Ren Zhengfei describes Huawei as “a tomato” crushed between two superpowers.
MG has built a proof-of-concept malicious USB cable with a tiny wifi radio hidden inside of it, able to wirelessly exfilatrate stolen data; he calls it the O. MG, and while the prototype cost him $4k and took 300 hours, he's working with a team on a small production run for other security researchers to […]
Writing on Techcrunch, Zack Whittaker (previously) calls out the timeworn phrase "we take your privacy and security seriously," pointing out that this phrase appears routinely in company responses to horrific data-breaches, and it generally accompanied by conduct that directly contradicts it, such as stonewalling and minimizing responsibility for breaches and denying their seriousness. "We take […]
Use a single password for every website, and you’re compromising your security. Use a different one each time, and you’re bound to lose track of them. The solution? RoboForm Everywhere, a catch-all tool that will not only manage the passwords on every site you visit but generate better ones. As a simple password database, it’s […]
Just a reminder: Print isn’t dead. And now that printers are becoming as portable as cell phones, it might be around for quite some time. Enter the MEMOBIRD Mobile Thermal Printer, a mini-printer that is versatile, portable – and most importantly, never needs a refill on ink or toner. Measuring just a few inches around, […]
What do Facebook, Twitter, YouTube and Google all have in common? Somewhere in their framework, they all use MySQL, that most versatile (and free!) of database management systems. And they’re not alone. If your company or the one you’d like to work for wrangles data (and who doesn’t?), they’re going to need someone with a […]