iPhone Encryption: 5 Ways It's Changed Over Time - InformationWeek
IoT
IoT
Mobile
News
2/25/2016
07:06 AM
Dawn Kawamoto
Dawn Kawamoto
Slideshows
50%
50%
RELATED EVENTS
4 Keys to Improving Security Threat Detection
Dec 15, 2016
In this webinar, Ixia will show how to combine the four keys to improving security threat detectio ...Read More>>

iPhone Encryption: 5 Ways It's Changed Over Time

Apple's battle with the FBI has put iPhone encryption in the spotlight. However, some might be surprised that the company's encryption efforts have evolved slowly and are not that different from those of other smartphone makers. Here's a look at the 5 phases of the process so far.
Previous
1 of 8
Next

(Image: ymgerman/iStockphoto)

(Image: ymgerman/iStockphoto)

Despite the recent spotlight on Apple's iPhone encryption technology because of its fight with the FBI over providing access to data stored on a locked iPhone 5c used by one of the shooters in the San Bernardino terrorist attacks, the iconic computer and device maker's encryption efforts are not so different from those of other smartphone makers and software companies over the years, said one security expert.

"They are keeping up with the industry, but are not a pioneer," said Dan Schiappa, senior vice president and general manager of the Sophos Enduser Security Group, in an interview with InformationWeek. "But one thing that they have that the others don't is a proprietary messaging system that encrypts messages from end-to-end, so they have a leg up in encryption there compared to other smartphone makers."

Apple's inability to access encrypted information stored on the iPhone of the San Bernardino terrorist's device has prompted the FBI to seek the unprecedented use of the All Writs Act of 1789 to expand its authority and force Apple to build a backdoor into its iOS software. Apple is refusing to comply with this request. The company notes that once a backdoor is created it can also be used by malicious attackers should they get their hands on the code.

[See Encryption Debate: 8 Things CIOs Should Know.]

Nonetheless, a recent Pew Research study found that 51% of Americans say they believe Apple should unlock the iPhone used by the San Bernardino shooter. Microsoft cofounder Bill Gates has made statements that have been seen by some as being inline with that sentiment. However, other tech titans have backed Apple's position.

Interestingly, Apple's public key encryption method is not all that different from those that other companies are using. The iPhone was introduced in 2007, at a time when Microsoft was already using encryption in the 2005 release of Windows Vista, Schiappa said. Android smartphones, which later emerged commercially in 2008, also rely on device encryption.

Schiappa pointed to the importance of embedding the encryption key in the chipset, but security expert and hacker Jonathan Zdziarski said that encryption is all about the type of iOS used.

In particular, iOS 8, which was launched in 2014, was a significant development in Apple's encryption efforts because it linked the encryption keys to a user's passcode, or pin, according to Zdziarski. He speculated that Apple will likely further increase the strength of its encryption, which could possibly result in the device facing longer delays between tries to unlock the device.

Schiappa also noted that there is definitely a need for encryption, which is designed to ensure the bad guys don't get access to a user's information, such as credit card account information, bank account data, or even pictures stored on the device. But once a backdoor access is created for law enforcement officials, it becomes a backdoor for everyone -- including hackers and cyber-criminals.

Here is a look at the history of encryption on the iPhone and the views of Apple CEO Tim Cook and late cofounder Steve Jobs on the issue of encryption and privacy. Let us know where you stand in the debate by chiming in in the comments section.

Does your company offer the most rewarding place to work in IT? Do you know of an organization that stands out from the pack when it comes to how IT workers are treated? Make your voice heard. Submit your entry now for InformationWeek's People's Choice Award. Full details and a submission form can be found here.

Dawn Kawamoto is a freelance writer and editor. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's News.com, TheStreet.com, AOL's DailyFinance, and The ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
growson
50%
50%
growson,
User Rank: Apprentice
2/26/2016 | 11:44:41 AM
Re: iphone passcode
Withoiut getting into a whole mathematical background on encryption, the big difference:

 

The contents of the filing cabinet are SCRAMBLED and (for all intents and purposes) melted into the filing cabinet themselves (as in, there's no separate pages of documents to "print out").

 

And the crux:  Apple does NOT HAVE THE KEY to unlock this!

 

 
dwhitney306
50%
50%
dwhitney306,
User Rank: Apprentice
2/26/2016 | 9:19:00 AM
Re: iphone passcode
The purpose of encryption to begin with should be protected.  As a consumer, I would not want anyone to infringe upon my personal data and have a right to the protection against ANYONE including the Big Brother FBI.  All Apple has to do is say they can't be sure there is a method of writing code to break the encryption.  Nuf said. 
DR WILL
50%
50%
DR WILL,
User Rank: Apprentice
2/25/2016 | 3:48:32 PM
iphone passcode
How is private information lockd in a file cabinet different from private information locked in an iphone? In the past courts could order search warrants to access that info, and still do today.  Why can't Apple print out the info without revealing the code and hand the info over to the FBI?
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll