Encryption Wars Ramp Up As Apple Improves Phone Security

iPhoneApple is making it even harder for people to break into iPhones and steal their contents. While that is good news for consumers, law enforcement agencies complain that Apple is giving free rein to terrorists and pedophiles by impeding government access and surveillance.

The data port you use to charge your phone or connect it to your computer can also be used to access and download your data. Apple is planning a software update that will block port access to a phone’s data if the phone has not been used for an hour. Anybody who wants to access the data will have to enter the phone’s password.

This change means that if somebody steals your phone it will be harder for them to access the contents. It also means that if law enforcement agents take your phone, it will be harder for them to access the data. You can guess which aspect of this security update is getting the media attention. From The New York Times:

Such a change would hinder law enforcement officials, who have typically been opening locked iPhones by connecting another device running special software to the port, often days or even months after the smartphone was last unlocked. News of Apple’s planned software update has begun spreading through security blogs and law enforcement circles—and many in investigative agencies are infuriated.

“If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety,” said Chuck Cohen, who leads an Indiana State Police task force on internet crimes against children. The Indiana State Police said it unlocked 96 iPhones for various cases this year, each time with a warrant, using a $15,000 device it bought in March from a company called Grayshift.

A cryptography professor notes that Apple is fixing a huge security vulnerability, because these Grayshift devices could easily get out into the public and be used for purposes other than law enforcement. Apple’s statement makes it clear why the company needs to update its systems: “We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data.”

Motherboard, which broke the news of the security improvement earlier this month, notes that Grayshift won’t simply give up and may have already figured out a workaround. If that’s true, no doubt Apple will try to close any new security loopholes. And so it goes.

from Hit & Run https://ift.tt/2HNpJpq
via IFTTT

Leave a Reply

Your email address will not be published.