Apple has found itself in the midst of an encryption battle against the US government after a federal judge issued an order compelling it to unlock a iPhone 5C belonging to the San Bernadino shooter. Apple CEO Tim Cook has issued a statement saying that it will fight the order, as complying with the court order would set a dangerous precedent for backdoors on mobile devices.
The case centres on the San Bernadino incident, where two gunmen – Syed Rizwan Farook and Tashfeen Malik – perpetrated a terror attack on a training event and party for county staff. Fourteen people were killed while 22 others were injured. The terrorists were later shot dead by pursuing law enforcement officers, although two policemen were wounded in the shootout. Investigators looking into the incident have been attempting to ascertain if the two had other connects later hit a roadblock when they were unable to access information stored on Farook’s iPhone 5C.
A Californian judge has ordered Apple to create a workaround that would allow federal investigators to gain access to the data under the All Writs Act – which generally allows the courts to compel a person or company to do something. In this case, the courts want Apple to create a specific version of iOS to install on the iPhone 5C that would allow investigators to brute force the password. It is, technically, not asking Apple to unlock the phone for them.
However, Cook has said that this backdoor is something that Apple does not have – and is too dangerous to create. An open letter to Apple customers outlines the company’s fears and worries about allowing government access to iPhone data. Essentially, it is worried that this would hand the US government a tool that would allow it to gain access to data stored on just about any iPhone in the world.
The actual court order is rather specific about what it wants Apple to do:
Apple’s reasonable technical assistance shall accomplish the following three important functions: (1) it will bypass or disable the auto-erase function whether or not it has been enabled; (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT and (3) it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.
Realistically, Apple could comply with the order and simply create a bypass that would only work on Farook’s iPhone. However, security experts fear that the FBI and American National Security Agency could potentially reverse engineer the backdoor for their own use.
That being said, Apple’s new stance on user privacy is a new one. The company has happily complied with court orders asking for user data in the past. A case involving a drug dealer in New York revealed that Cupertino has unlocked iPhones 70 times in the past, and had acknowledged that it could extract the information if it really wanted to. However, that case involved a device running on iOS 7; which lacks the device level encryption found on the much more secure iOS 9.
On the other hand, the same case revealed that the US government has the capability to break into certain iPhones. Which means that it doesn’t actually need Apple to comply with the order to get what it wants. At the moment, investigators are insisting that they are unable to access the iPhone 5C; and that they need Apple’s help with it.
This has brought to light an argument about government backdoors, which American law enforcement agencies have been lobbying for since last year. The New York legislature has already proposed a bill that would compel all technology companies (like Google, Microsoft, Facebook, and Apple) to build backdoors into their products.
While it looks like this would mainly affect Americans, the effects could potentially be much wider. The backdoors could potentially allow the US to spy on just about anyone in the world; which includes Facebook and Gmail users in Malaysia. Although, it’s not like the NSA isn’t already spying on anyone it can get its hands on.
Google CEO Sundar Pichai has also weighed in on the issue through his Twitter account. Pichai siding with Cook in stating that Apple’s non-compliance is the right thing to do in this situation. Both Google and Apple have been pushing for stronger encryption and privacy for their customers, and this court order is a massive step back for not just them, but the entire cyber security industry.
Apple may not have the moral high ground in this situation, but it is taking an important step in ensuring the privacy of its users by refusing the court order. Of course, the company may have an unlikely ally in its fight. European governments are notoriously strict about maintaining privacy, and may step up to pressure the US into backing down if they believe that anyone might be spying on Europeans.
Malaysian iPhone users should also be paying close attention to the outcome of the legal battle. Unless, of course, they are not too concerned about Americans gaining access to the private information – be it personal or work related.