Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Apple's fight with the FBI could trigger a password arms race

Grant Gross | Feb. 22, 2016
Apple’s dispute with the FBI over providing access to a mass shooter's smartphone could lead device makers to require stronger passwords in future.

Without Secure Enclave, Apple could implement the password workaround through a "single firmware update," added Dan Guido, co-founder of the Trail of Bits security blog.

"In plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered," wrote Guido, a veteran security consultant. "The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus."

Magistrate Judge Sheri Pym originally gave Apple five days from Tuesday to respond to her order, but that deadline may be extended until next Friday. The U.S. Department of Justice weighed in on the case on Friday, filing a brief in support of the FBI's request.

This fight between Apple and the FBI is shaping up to be a major test case in a year-and-a-half-old argument over whether law enforcement agencies can require device and OS makers to help them defeat encryption and other security measures. Some legal experts predict the case could go all the way to the U.S. Supreme Court.

The judge's ruling, if it stands, opens the door to law enforcement agencies inside and outside the U.S. demanding technology companies help them break security measures in wide range of scenarios, some unrelated to major police investigations.

The problem with the ruling is "the precedent that this sets," said Cigital's Sethi. "Will the U.S. government require Apple to build a backdoor into all Apple devices that takes away this protection and makes all users' devices less secure?"

The contents of the iPhone used by Syed Rizwan Farook, who killed 14 people in a mass shooting in San Bernardino, California, on Dec. 2, are key to an ongoing terrorism investigation, U.S. Attorney Eileen Decker of the Central District of California said this week.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.