lolloj - Fotolia

Apple vows to raise security as FBI breaks into iPhone

Apple says it will help law enforcement with investigations, but will increase the security of its products after the FBI broke into an iPhone

Apple has vowed to increase the security of its products after the FBI bypassed the security of the San Bernardino gunman’s iPhone 5C with the help of a third party.

For nearly six weeks Apple has been under pressure after a judge ordered the company to help the FBI by creating a backdoor to access data held on the device.

The court order fuelled debate over encryption and privacy, and prompted big US technology firms such as Google, Microsoft and Facebook to come out in support of Apple.

When Apple refused to obey the court order, the FBI filed a court case aimed at forcing the company to unlock the iPhone of San Bernardino gunman Syed Rizwan Farook.

The court showdown was set for 22 March 2016 – but the FBI postponed at the last minute, to test a way of accessing the data offered by an unnamed third party.

The case has subsequently dropped after the FBI announced that the unspecified method of bypassing the iPhone’s security systems to access data on the device proved successful.

“It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with co-operation from relevant parties or through the court system when co-operation fails,” US Department of Justice spokeswoman Melanie Newman said.

“We will continue to pursue all available options for this mission, including seeking the co-operation of manufacturers and relying on the creativity of both the public and private sectors.”

Read more about encryption

Putting people at risk

Apple issued a statement in response saying: “From the beginning, we objected to the FBI's demand that Apple build a backdoor into the iPhone, because we believed it was wrong and would set a dangerous precedent. As a result of the government's dismissal, neither of these occurred. This case should never have been brought.”

The company said it would continue to help law enforcement with their investigations, but it also vowed to continue to increase the security of its products in the face of increasingly frequent and sophisticated attacks on data.

Apple said it believed people around the world deserve data protection, security and privacy.

“Sacrificing one for the other only puts people and countries at greater risk. This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion.”

The US Department of Justice has declined to comment on whether it will share with Apple the method it has used to bypass the iPhone’s security features.

Officials also declined to say whether the FBI would share the method with other state agencies working on cases that require bypassing iPhone security measures.

If the method exploits a flaw, Apple is keen to fix it so that it could not be exploited by cyber criminals, but US government officials have classified the information, according to the Guardian.

Legal debate remains

News of the iPhone security bypass method has raised concerns that it may not work only for the iPhone 5C running iOS9, but for other models and versions of the operating system, if not all.

Although the battle between the FBI and Apple may be over for now, it will probably only be a matter of time before the issue raises its head again, either with Apple or some other technology company being ordered to build a backdoor, according to independent security consultant Graham Cluley.

“Maybe next time the FBI will take on a company which doesn't have the backbone of Apple, and isn't as prepared to stand up - meaning a precedent might be set much more easily,” he wrote in a blog post.

Cluley said that by dropping the case, the FBI has prevented an important debate in court and it remains unknown if law enforcement agencies can compel a company’s software engineers to write code that they did not want to write.

Los Angeles lawyer Stephen Larson who represents seven families of those killed in the San Bernardino attack welcomed the outcome, reports Phys.org.

"For this to have dragged out in court battles would not have served the interests of either" the victims or law enforcement, he said.

But Alex Abdo, a lawyer representing the American Civil Liberties Union said the case is far from settled and it was "just a delay of an inevitable fight" about whether the government can force a company like Apple to undermine the security of its products to facilitate an investigation.

In the UK, several technology suppliers have raised concerns about the government’s draft Investigatory Powers Bill, and some have indicated that they have contingency plans to leave the UK if the final draft of the bill is not clear that it will not require weakened encryption or back door access.

Investigatory Powers Bill

In a written submission to the Investigatory Powers Public Bill Committee published on 24 March 2016, technology firms Apple, Facebook, Google, Microsoft, Twitter and Yahoo reiterated their concerns about the planned legislation.

The areas of concern include the bill’s extra-territorial jurisdiction, the lack of clarity around encryption, judicial authorisation, bulk collection, transparency, judicial process, oversight, and network integrity and cyber security requirements.

The US tech firms have called for several amendments, including the introduction of statutory provisions recognising the importance of network integrity and cyber security.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Privacy and data protection

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

I am personally happy with the way this worked out. Lawful enforcement needs a way to properly investigate what criminals are doing and then prosecute them. At the time, individuals must be protected from autonomous spying by government authorities and others. We now have a workable solution for both sides – no back door was created that could be abused and law enforcement has a way to open specific, individual communication devices that they have confiscated through a warrant or arrest process.
Cancel
Law Enforcement got what they wanted in the first place. Access to iPhones, public notice that unlike what Apple claims their Security is.... REALITY.... is Absolutely Nothing is Ever Absolutely and Perfectly Secure.

It will always be like "Nature Abhors a Vacuum". It's simply not possible for a complete vacuum to exist, just like Perfect Absolute Security. Therefore security is ranked by it's percentage of Trustability and since Govt and Enterprises are overwhelming choosing SAMSUNG KNOX Security Suite, and rejected Apple's Security Solution (no NSA approval) on BYOD and phone purchases run on their own Secure Tunneled Private Garden Walled Network.

It's obviously why the Secret Service, etc Agencies, including the FBI bought 26,500 SAMSUNG KNOX Security Suites and phones over iPhones. Plus the biggest reason being Knox is totally cross platform for BYOD phones. Apple's is only available to iPhones and remained under Apple's control instead of Govt and Enterprise customers. If you were Gov would you trust the now convicted Price Fixing Criminals in Cupertino???
Cancel
Everyone assumes they got in just because that is the story from the party that was lying about their intent (one phone vs all phones) from the outset. The company that supposedly did it, will not admit it. They saw a temporary stock jump.

None of this is even relevant to any newer iPhone with the secure enclave.

This is not settled at all (unless you are talking about a zero security set-up, aka 'Android').
Cancel
I hate to say this, but Apple has brought this all on themselves. By utilizing a cat n mouse game that foiled both, Apple has let the power they gave away to claiming they don't know the encryption key any longer!

So now that the shoe is on the other foot... Apple is having a HissyFit over it. Since what Gov/FBI did was do a little Turnabout's Fair Play. Sorry... we don't know how they did it, but since they were at least willing to help us get what we were really after and you didn't they deserve the money and their Private Enterprise Trade Secret Privacy!

Maybe Apple should go to Israel and DEMAND.... they tell them like the Gov did to them here? Maybe threats to sue them will work or maybe Apple can declare Thermonuclear War on Israel if they don't tell them? But.... Apple it's a Trade Secret and they deserve to keep those methods private for yours and their safety. Er... at least that's what that company will say..... just like YOU... Apple trying to make out like our own Gov were the Criminals. Obviously you forgot about the Pinstripe Suit You're wearing having to be monitored over Your Price Fixing Scandal! .....yeah criminals never think they are doing anything wrong!!!
Cancel
I can see it now - “We won’t help the government break security on our phones. We won’t help the government break security on our phones. We won’t help the government break security on our phones. Aw man, they broke the security on our phones!”
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close