ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

Apple ordered to install a backdoor on the iPhone

In an unprecedented move, a US federal magistrate has ordered Apple to develop a special version of iOS that will help the FBI decrypt an iPhone 5C that belonged to the married couple responsible for the 2015 San Bernardino terrorist attack.

By using a VPN iPhone users' data is encrypted and therefore kept, secure. We recommend all iOS users look into downloading one. 

As CEO Time Cook explains in an open letter to Apple’s customers,

The U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone. Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation.

Even more specifically, the FBI wants Apple to create a custom firmware (IWPS) file that would:

  • Disable any auto-delete features built into the phone
  • Introduce a way for FBI agents to easily input password guesses, and
  • Remove a security feature that slows down how quickly such guesses can be entered.

These measures would make it much easier for the FBI to brute force the encryption keys used to secure the phone (which would otherwise take an estimated 5 ½ years to crack per device).

“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The FBI has pushed for this measure because it hopes to discover how much influence radical Islam played in the motivations of Syed Rizwan Farook and Tashfeen Malik, and to trace who they were in contact with the before the attack.

The iPhone in question runs iOS 9, and ever since the release of iOS 8, Apple phones have implemented full end-to-end encryption. This means that all newer iPhones are encrypted, and that the user, not Apple, holds the encryption keys, making it impossible for Apple to simply decrypt their contents (and hence the demand for Apple to make efforts to brute force the keys easier).

This issue has been a major bone of contention between Apple and the FBI ever since. Apple, however, while expressing sympathy for the FBI’s motives, is adamant that building any such back door would be a disastrous move,

Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution. But it ignores both the basics of digital security and the significance of what the government is demanding in this case.

In today’s digital world, the “key” to an encrypted system is a piece of information that unlocks the data, and it is only as secure as the protections around it. Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals. The same engineers who built strong encryption into the iPhone to protect our users would, ironically, be ordered to weaken those protections and make our users less safe.”

An interesting aspect of the court ruling is that relies on the 1789 All Writs Act, a 230-year-old catch-all piece of legislation that simply lets a court order someone to do something. Needless to say, Apple is unimpressed,

If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Apple has vowed “with the deepest respect for American democracy and a love of our country,” to fight the ruling because “ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at ProPrivacy.com. Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.

3 Comments

Ray
on February 23, 2016
Government has an open door policy on the border and now they want to open the backdoor on the iPhones. That will work just like their open door border policy. Every asshole will be hacking your iPhone.
Brian O'Meara
on February 20, 2016
I wonder would Google or HTC have the same attitude if an Android phone such as the HTC1 were involved. Three cheers for Apple anyway.
Larry
on February 20, 2016
"I'm from the government & I'm here to help".

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

The fastest VPN we test, unblocks everything, with amazing service all round

A large brand offering great value at a cheap price

One of the largest VPNs, voted best VPN by Reddit

One of the cheapest VPNs out there, but an incredibly good service