An Apple logo at a retail location in San Francisco, 2014. REUTERS
The iPhone battle between the FBI and Apple isn't about getting help unlocking a terrorist's phone. It's about our government forcing Apple to invent a customized-on-demand version of its iOS operating system, effectively stripped of all security and privacy features. Command performance coding. As security researcher Dan Guido describes it in his widely cited technical explainer blog post, what they're asking for is an 'FBiOS.'
After the mass shootings in San Bernardino, FBI investigators seized shooter Syed Rizwan Farook's iPhone. It was his work phone, and the San Bernardino County Department of Public Health gave the government the green light to search their employee's work device. The FBI is having a hard time bypassing the phone's security, which says something great about Apple.
In his explainer blog post, Dan Guido offers a comprehensive technical analysis of whether it's technically possible for Apple to comply with the court's order to do what the FBI demands, and create special software just for the government, coded to the government's specifications, to crack the phone without data loss.
Can Apple do this? Probably. Had Farook used an iPhone 6, this discussion might be different. But yes, what the FBI's asking for looks like it may be technically possible.
But this isn't about whether Apple can do what the government demands. It's about whether they should.
This is the slipperiest of slippery slopes, guys. If you think this makes sense, will you feel the same about the government demanding backdoors or software rewrites in every other technology device or service you use? How about when China demands backdoors in everything? The whole world is watching.
Read Dan Guido's post here, or listen to the Risky Business podcast episode where he discusses his analysis in detail.
Previously on Boing Boing:
• "Rallies planned at Apple stores to protest the FBI's crusade to hack your iPhone"
• "FBI demands iPhone backdoor access; Tim Cook tells them to get lost"
Shenzhen Gwelltimes Technology Co., Ltd is the white-label vendor behind a whole constellation of Internet of Things networked home cameras sold as security cameras, baby monitors, pet monitors, and similar technologies; these cameras are designed to be monitored by their owners using an app, and because of farcically bad default passwords ("123") and other foolish […]
Fingerprint locks are catastrophically awful, part LXVII: the software security on the crowdfunded Tapplock "is basically nonexistent" -- the lock broadcasts its own unlock code over Bluetooth, and if you send it back to the lock, it pops open.
A team of computer scientists, psychologists and neuroscientists used eye-tracking and fMRI to measure how users perceived security warnings, such as warnings about app permissions and browser warnings about insecure pages and plugin installations.
While it’s fun to watch Hollywood action heroes hack into cameras to spy on their targets, the thought of an actual cybercriminal using our own security devices against us is chilling for most. That’s what makes the iPM World HD 360 Degree 1080p Wireless IP Camera essential for anyone looking to deter digital and physical intruders […]
Spring came and went, but we’re not here to judge if you didn’t get around to cleaning up your living space. After all, taking the time to vacuum your floors can stretch out into a lengthy task when you’re constantly switching between power outlets and trying to jam your machine into those tight corners. With […]
Projects big and small always go smoother when the whole team is collaborating, but members tend to get lost once the conference call ends. Timelinr is a project management solution that helps keep your stakeholders, team, and clients in the loop with high-level project roadmaps and granular task boards. Subscriptions are available today for $49.99. […]