IoT
IoT
IT Leadership // Security & Risk Strategy
Commentary
3/7/2016
11:06 AM
Michelle Maisto
Michelle Maisto
Commentary
50%
50%

Apple's Federighi: Encryption Reversal Would Put US At Risk

With the Feds pressing Apple to return to iOS 7-style security, Craig Federighi, Apple's head of software engineering, used an op-ed piece in The Washington Post to explain the need to always race forward.

 Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
(Click image for larger view and slideshow.)

Craig Federighi, Apple senior vice president of software engineering, added his voice to the growing national conversation over encryption in a March 6 opinion piece in the Washington Post.

"Our nation's vital infrastructure -- such as power grids and transportation hubs -- becomes more vulnerable when individual devices get hacked. Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person's smartphone," Federighi wrote.

The encryption "conversation" was instigated by a Feb. 16 court order insisting Apple unlock the iPhone of one of the San Bernardino terrorists and create new software that will enable law enforcement to unlock iPhones on an as-needed basis. On March 1, the discussion continued in a House Judiciary Committee hearing.

[What does the battle between Apple and the Feds mean for your business? Read Apple, FBI, Congress: 5 Burning Questions.]

Federighi primarily focused his statements on the desire of the FBI and National District Attorney's Association (NDAA) for Apple to return to its iOS 7 security policy.

With iOS 8, a user's personal data, such as photos, messages, and call history were, by default, put under the protection of the user's password, making the data inaccessible to Apple -- and suddenly also law enforcement.

(Image: billnoll/iStockphoto)

(Image: billnoll/iStockphoto)

Apple stated on its website at the time, "For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user's passcode, which Apple does not possess."

In an amazing leap of logic, the NDAA, in its written testimony, quoted Apple's original assertions that iO7 "provides solid protection against viruses, malware and other exploits that compromise the security of other platforms."

Apple's Craig Federighi
(Image: Apple)

Apple's Craig Federighi

(Image: Apple)

Federighi explained that the security of iOS 7, "while cutting-edge at the time, has since been breached by hackers." He also described requests to "turn back the clock" as "disappointing."

"Security is an endless race -- one that you can lead but never decisively win. Yesterday's best defenses cannot fend off the attacks of today or tomorrow," he concluded. "To slow our pace, or reverse our progress, puts everyone at risk."

But getting Apple to turn back the clock may be exactly the FBI's motive with the court order, some argue.

The horrendousness of the San Bernardino attack, coupled with the scale of the news media's response, lends an emotional bias to the argument, making it a perfect case on which to press Apple over a matter that has been frustrating all levels of law enforcement since the debut of iOS 8 in September 2014.

In its testimony, the NDAA quoted a victim's assistance organization as saying "we owe no less" to victims than making all relevant evidence available.

Selina Wang reported in Bloomberg Business March 4 that security experts believe "there are many ways" the FBI could have hacked the iPhone in question by now.

"Experts interviewed for this story have concluded the Feds aren't even trying," wrote Wang, "because they'd rather win a legal precedent that gives agents the power to access phone data with a warrant."

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of August 14, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.