“Apple has vowed to increase the security of its products after the FBI bypassed the security of the San Bernardino gunman’s iPhone 5C with the help of a third party,” ComputerWeekly reports.
“The company said it would continue to help law enforcement with their investigations, but it also vowed to continue to increase the security of its products in the face of increasingly frequent and sophisticated attacks on data,” ComputerWeekly reports. “Apple said it believed people around the world deserve data protection, security and privacy. ‘Sacrificing one for the other only puts people and countries at greater risk. This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion.'”
“The US Department of Justice has declined to comment on whether it will share with Apple the method it has used to bypass the iPhone’s security features. Officials also declined to say whether the FBI would share the method with other state agencies working on cases that require bypassing iPhone security measures,” ComputerWeekly reports. “If the method exploits a flaw, Apple is keen to fix it so that it could not be exploited by cyber criminals, but US government officials have classified the information, according to the Guardian”
Read more in the full article here.
MacDailyNews Take: If the feds fail to disclose, as we wrote last week:
Apple should simply buy Cellebrite and other entities like it and task these newly acquired engineers with hardening iPhone to ridiculously hack-proof levels.
SEE ALSO:
U.S. government drops Apple case after claiming hack of terrorist’s iPhone – March 29, 2016
Meet Cellebrite, the Israeli company reportedly cracking iPhones for the FBI – March 24, 2016
“Claims,” indeed. Show mw. No, it’s secret, we can’t tell how or what was recovered. Hard to lose that game?
MDN’s take is wrong. It would be a very disadvantageous thing for Apple to own and control the company that is able to perform this hack.
So long as Cellebrite remains an independent and foreign owned company, it’s a huge advantage for Apple. Apple can point to Cellebrite and tell law enforcement officers from anywhere in the world that they are the people to go to and have nothing more do do with them. Apple avoids being forced to create a dangerous version of IOS with a back door while the cost of using Cellebrite is likely to be so high that they will only be used for the most urgent and significant cases.
Apple should have absolutely no involvement with Cellebrite Mobile Forensics, if Apple happens to close the weakness that Cellebrite are exploiting, then that’s simply Apple doing it’s job thoroughly. If Apple owned Cellebrite and then closed the loophole, people would call foul.
Having a proprietary and expensive procedure to bypass the security in an iPhone is a perfect solution. Law enforcement agents can pay for the service when they absolutely do need it and have possession of an iPhone, but the iPhones being used by the public at large are not at risk and certainly not weakened.
1 million percent agree with aa. I wonder if the iPhone had to be carried to Israel or if Cellebrite has the capability of taking their show on the road?
If the memory was sliced and diced to get at the data I wonder if Apple can design a chip that falls apart when tampered with.
The future will be interesting.
A chip that falls apart. A friable chip. How about a chip that explodes? Or a chip that melts like a Hershey bar in Phoenix in July? Or a chip that simply vanishes into thin air? I think silverchicken’s brain is suffering hypoxia.
Yes, Apple should not buy Cellebrite. However, Apple needs to have a contract with each and every hacker organization it can with really big bounties for each and every vulnerability disclosed to Apple. Apple should make it financially worthwhile to disclose to Apple before any other organization (government or otherwise).
If Apple spent a $1 billion a year on these bounties to these companies/organizations it would be money very well spent.
This maintains the “arms length” relationship allowing Apple to refuse to create OS variants, and it gives Apple access to all the vulnerabilities that the companies find.
No.
You assume Cellebrite is magically impenetrable or that some rogue Cellebrite employee isn’t going to leak for a nice sum of money. Your assumptions are incredibly wrong and laughably naive.
alanaudio ..
and.. what happens when just one employee of Cellebrite.. who realizes
that he’s sittin’ on a million dollar
piece of info ?
Money talks.. and BS walks !
I suppose the State of Israel could buy the company. The Israeli government probably had a hand in the development of the technique anyway.
If that scenario happened, then it would vividly demonstrate just how dangerous creating a back door in IOS would be. One rogue employee could circulate the GovOS code and every iPhone could be at risk.
This procedure has been declared Top Secret and therefore the company would know that it has to be kept secret or otherwise the company would massively lose out financially. It’s up to Cellebrite to ensure that no employee could walk off with their crown jewels.
I am in the camp that says they never hacked the phone. The whole shenanigans was a power play by the DOJ and when they were loosing the case to public opinion, this was their way of saving face.
IF the FBI hacked the phone, it will be interesting to see how long they can keep their method secret. I’ll give them two weeks. Right now governments and criminals the world over are trying to duplicate this feat.
As far as the suspicion that the Israeli government might be involved, I wouldn’t be surprised. Turnabout is fair play.
This is a shot across the bow “Apple said it believed people around the world deserve data protection, security and privacy.”
That’s people, that’s around the world. That includes people from the free and civilized world. That’s global security. That includes bringing the security up to a level so that those bereft of morality and ethics can no longer conduct industrial espionage and sabotage with the ease they have done so in the past, prior to things like Snowden’s revelation.
It’s the global way and humanity will certainly remember the past as it moves forward. It will remember those who opposed progress and who supported beheadings and slavery.
Moving on, “If the method exploits a flaw, Apple is keen to fix it so that it could not be exploited by cyber criminals, but US government officials have classified the information, according to the Guardian.”
This is to be expected, it will probably take another one like Snowden to cast the light into the shadows of the classified information designed to maximize national security while putting global security at risk. That’s all right though, Apple has the moral high ground and we know who’s side it’s on, and we know that side always prevails.
As my dad used to say, “Locks are for honest people.” There is no such thing as a hack-proof device. For every security protection that Apple creates, the barbarians at the gate will eventually devise a work-around. But, Apple should keep trying. The best it can do, ultimately, is to slow the hackers down. Look, it took the FBI months and the assistance of unnamed hackers from somewhere in the world to get into this Phone. And we really don’t know that the phone has been hacked. All we know is that the FBI says the phone has been hacked. Take it for what it is worth.
I’m not so sure I could bring up an example of when the FBI told the truth, now that it’s mentioned.
People seem to forget that this was an older iPhone. We already knew it was potentially hackable but that the newer 6s are more secure. So this may not (or may) represent a threat for more current iPhones. With Apple doubling down on security in upcoming phones, I really question whether this will be a legitimate threat moving forward.
Of course, we don’t really know that for sure. But we do know that the older phone was not as secure so this should not be a total shock.