Apple’s best defense against the FBI is the one it can’t share publicly

“To put it briefly and bluntly: The iPhone is already vulnerable to hackers around the world. So are Android-based devices and other smart device platforms. In fact, the US government is late to a party long dominated by black hat hackers working for themselves or even more nefarious parties. The FBI’s order has only brought this sensitive issue to a head,” Min Pyo Hong writes for TechCrunch. “Here’s why: The iPhone already has backdoors Apple hasn’t yet closed.”

“The US government lost the backdoor race long ago,” Hong writes. “Many foreign governments have long been secretly working with blackhat hackers to create unauthorized backdoors into the iPhone, usually without Apple’s knowledge or control, seeking the ability to access documents of officials from rival governments. (Senator Bernie Sanders may not care about Secretary Clinton’s damn e-mails, but I can assure him that many people in the blackhat underground surely do.)”

Tis is “why Apple is fighting with such tenacity to prevent the iPhone’s security from becoming even weaker,” Hong writes. “A majority of Americans understandably assume the US government’s demand for a backdoor is a reasonable request to make us safer from terrorist attacks. If they understood how profoundly insecure and under threat all their devices already are, I believe their thinking on the topic would instantly change.”

Much more in the full article here.

MacDailyNews Take: Every hack – of which Apple becomes aware – makes iOS and OS X that much more secure. If they’re not already, Apple should offer significant sums to entice blackhat hackers to come out of the woodwork to identify flaws. Apple can in fact afford to pay more than many foreign governments.

To set a stronger alphanumeric passcode on your iOS device that cannot be easily brute-forced:

1. Settings > Touch ID & Passcode. On devices without Touch ID, go to Settings > Passcode
2. Tap Change Passcode
3. Tap Passcode Options to switch to a custom alphanumeric code
4. Enter your new, stronger passcode again to confirm it and activate it

SEE ALSO:
San Bernardino DA: Terrorist’s county-owned iPhone could contain ‘dormant cyber pathogen’ or something – March 4, 2016
U.N. Human Rights Commissioner: U.S. government risks opening a Pandora’s Box in Apple iPhone case – March 4, 2016
Former U.S. Homeland Security Chief: iPhone override would be software equivalent of biological weapon – March 4, 2016
U.S. Congressman introduces bill to forbid federal agencies from purchasing Apple products until company unlocks terrorist’s iPhone – March 3, 2016
Apple is racking up supporters in privacy fight against U.S. government overreach – March 3, 2016
Husband of San Bernardino terrorism victim backs Apple vs. U.S. government overreach – March 3, 2016
Over 40 companies to back Apple vs. U.S. government overreach; beleaguered Samsung still thinking about it – March 3, 2016
Apple posts amicus briefs in support of Apple vs. U.S. government overreach – March 3, 2016
U.S. Defense Secretary says strong encryption essential to national security, not a believer in back doors – March 3, 2016
Apple digs in for long fight against U.S. government overreach: ‘There is no middle ground’ – March 3, 2016
ACLU, other privacy groups urge U.S. judge to support Apple vs. U.S. government in iPhone case – March 2, 2016
Apple scored the knockout punch against FBI in House Judiciary Committee hearing – March 2, 2016
Within an hour of Malaysia Flight 370 disappearing, Apple was working with officials to locate it – March 2, 2016
John McAfee reveals how the FBI can unlock an iPhone in 30 minutes – March 2, 2016
Can the FBI force a company to break into its own products? No, says U.S. Magistrate – March 2, 2016
Apple CEO Cook decried Obama’s ‘lack of leadership’ on encryption during a closed-door meeting last month – February 29, 2016
Obama administration set to expand sharing of data that N.S.A. intercepts – February 28, 2016
Apple’s fight with U.S. could speed development of devices impervious to government intrusion – February 24, 2016
Petition asks Obama administration to stop demanding Apple create iPhone backdoor – February 19, 2016
Obama administration claims FBI is not asking Apple for a ‘backdoor’ to the iPhone – February 18, 2016
Obama administration wants access to smartphones – December 15, 2015
Obama administration war against Apple just got uglier – July 31, 2015
Obama’s secret attempt to ban cellphone unlocking, while claiming to support it – November 19, 2013

11 Comments

  1. Yes, the NSA has zero-day hacks that they’ve been saving up that they won’t share with the FBI. Notice how the FBI didn’t ask the NSA for help.

      1. Actually, read the story, the FBI makes no mention of actually asking the NSA. I saw the hearing on CSPAN3 and Comey is vague in his answer. I kept waiting for the Congresspeople to ask specifically and they didn’t.

      2. There’s a difference between _saying_ they asked and just _implying_ or _hinting_ that they asked. Spokespersons are VERY good at implying what they want the audience to believe without actually saying it. Easier to deny lying later. Most journalists are too lazy/sloppy/cowardly to pin them to something that is definite, so they get away with it.

  2. Amazing, Min Pyo Hong claims that hackers already have backdoors into the iPhones, but then he goes on to warn everyone that:

    “This raises another irony: With so many trying so hard to access the iPhone already, an FBI-ordered backdoor will only assist their efforts. Once created, blackhats will surely increase their attacks on the FBI and Apple, hoping to ferret out clues to this entrance route. It is almost certain they will eventually succeed.”

    This idiot thinks we won’t notice the elephantine logic hole in his article! He claims they have backdoors, but they need Apple’s and the FBI’s help providing clues to find the way to make the backdoors because they don’t yet have them.

    Of course, there is no way they can access the encrypted data on modern iOS devices. He says “I’m also unable to confirm whether the hacking method would work on the latest iOS operating system.” There’s a reason he can’t confirm it. It’s because he knows it won’t work. He’s talking about hacks that worked only on much older iOS versions that were NOT encrypted at all.

    After he’s set up his sleight-of-hand, “look over there while I pull this rabbit out of the my hat,” he then goes on to lie through his teeth about hackers finding “0 day iPhone vulnerabilities” and then using them to “quietly connect and extract data from a user’s device without her knowledge, control it remotely, or even spy on her daily activities”, he tugs at our our sympathies for a hypothetical and obviously vulnerable female user, hoping we won’t notice the smoke and mirrors of his magic trick that he’s making the whole thing up, because he’s talking about MUCH OLDER iOS DEVICES that are NOT the subject of today’s discussions!

    Min Pyo Hong’s dishonest in everything he presents in his article. The article is a long, involved implied FUD attack on Apple.

  3. MDN got trolled by this article. Their posting (and response more importantly) of this is equivalent to me feeding a troll on this forum. The guy who wrote that article has written ONE article for Tech Crunch. ONE. Hint: He’s not a real journalist. His Twitter handle @silverdel indicates the he’s the Funder and CEO of a mobile app security software firm… in Microsoft Startup Accelerator program. He also wrote a second article without, again, upfront disclosure that he has this same conflict of interest: http://www.scmagazine.com/hackers-are-after-your-app/article/377608/ Only at the bottom does it note that he Founder and CEO of a mobile app security firm. He’s using the current Apple/FBI legal battle to drum up some business – as any good company in a startup accelerator should do. I’d remove this article purely on principle alone. It’s marketing gimmickry – even if the article may have elements of merit.

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.