backdoor Stories February 18, 2016


Discussing the FBI case with a friend yesterday, one distinction that seems worth addressing is the difference between a backdoor into iPhones – which is what law enforcement agencies have so far been calling for – and what we might term a master key, which is what the FBI is calling for in this particular case.

Law enforcement agencies have so far been calling for Apple to abandon its use of strong encryption. Technically, they want Apple to build in a backdoor route into that encryption for use by law enforcement agencies, but that’s the same thing: strong encryption with a built-in flaw is not strong encryption. It’s only a matter of time before hackers find and exploit it.

What the FBI is asking in the San Bernardino case is quite different. Instead of asking Apple to weaken the encryption, they want it to weaken the lock guarding access to the phone by removing the auto-wipe and time-delay functions. That would leave the phone vulnerable to a brute-force attack.

And, the FBI assures us, it isn’t asking Apple to do this for all iPhones, just this one specific device. It’s a very different scenario, and one that sounds superficially harmless …

expand full story

backdoor Stories July 22, 2014


Earlier this week, Apple denied claims that it had hidden secret backdoors in its iOS platform that could allow the government or malicious users to extract a variety of critical and personal details about a device’s user from an iPhone or iPad, sometimes storing that data in unencrypted formats.

Today, the company published a new document on its support website explaining the diagnostic tools that iOS uses to collect data for troubleshooting and other purposes. According to the document:

expand full story

backdoor Stories July 21, 2014

Apple responds to iOS backdoor access claims, denies its existence

Over the weekend, iOS security hacker Jonathan Zdziarski released a presentation claiming to show how Apple had purposefully made backdoor access points for a variety of system and user data on iOS devices, that would usually be locked and encrypted via the passcode. The legitimacy of the claims is still questionable.

Powered by WordPress VIP