Apple’s Craig Federighi: creating iPhone backdoor would be ‘a serious mistake’

By , Mar 7, 2016

WWDC 2015 Keynote Craig Federighi teaser 002

Craig Federighi, Apple’s Senior Vice President of Software Engineering who oversees the development of iOS, OS X and Apple’s common operating system engineering team, has written an op-ed piece in The Washington Post in which he reiterates Apple’s position that the FBI’s demand that Apple create a version of iOS with decreased security would be “a serious mistake,” saying the FBI wants to “turn back the clock to a less-secure time”.

“In just the past 18 months, hackers have repeatedly breached the defenses of retail chains, banks and even the federal government, making off with the credit card information, Social Security numbers and fingerprint records of millions of people,” he wrote.

But that’s “just the tip of the iceberg,” because the real danger are our smartphones that are on us all the time and hold a treasure trove of personal information like our texts, banking, photos, places we’ve been, our contacts, things we post online and so forth.

Federighi went on to argue that the nation’s vital infrastructure becomes more vulnerable when individual devices get hacked. “Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person’s smartphone,” he said.

The encryption, he wrote, is of utmost importance to keep our data safe and that’s why it’s “so disappointing” that the FBI, Justice Department and others in law enforcement want to force Apple to “turn back the clock to a less-secure time and less-secure technologies.”

“They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013,” the executive wrote. Federighi acknowledges that the security of iOS 7, “while cutting-edge at the time, has since been breached by hackers.”

“What’s worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious,” he cautioned, referring to IP boxes that can brute-force their way into any iOS 7 device protected with a four-digit passcode within about half an hour.

Federighi sums it up nicely:

Security is an endless race—one that you can lead but never decisively win. Yesterday’s best defenses cannot fend off the attacks of today or tomorrow.

Software innovations of the future will depend on the foundation of strong device security. We cannot afford to fall behind those who would exploit technology in order to cause chaos. To slow our pace, or reverse our progress, puts everyone at risk.

The whole op-ed article is a very interesting read so save it for later if you don’t have the time to read through the whole thing right now.

Meanwhile, NYPD’s chief of counter-terrorism John Miller accused Apple of “providing aid to murderers.”

“I still don’t know what made them change their minds and decide to actually design a system that made them not able to aid the police,” he told The Daily News “You are actually providing aid to the kidnappers, robbers and murderers.”

“Right now Cy Vance, the Manhattan district attorney, has 175 iPhones stacked up in his office that are subject to search warrants, issued by judges, involved in crimes,” he said.

Source: The Washington Post

  • Share:
  • Follow:

    This article is very misleading. The FBI just wants the SIF (system information file) from the phone of the San Bernadino shootings , not a program to unlock any iPhone. The FBI even said that Apple could develop the software, keep the phone on campus, and after the SIF file was handed over they could destroy the phone and software. Apple states that it would establish a terrible precedent for the future. But what precedent would that be? That if you decide to become a terrorist and attack American citizens that you lose your right to privacy? Seems pretty fair to me!

    • Mike

      You are correct in that the FBI only want data pertaining to the shootings, but in order to do that, Apple needs to to do modify their existing software, or at the very least, hack into their own software.

      I have no specific stance on an issue like this, but if you were somehow able to get your hands on the less secure software, you could sell it and gain loads of money. Once that happens someone is bound to leak it on the Internet and congrats! You have a way to brute force into an iPhone. All you have to do now is steal one.

      I’m sure there’s a lot more we as consumers don’t know, which is why it’s so easy for us to pick a side. Both the FBI and Apple are trying to protect citizens/consumers, they just have different stances on the issue.

    • But what precedent would that be?

      The precedent is that if you ask Apple to break their software they will. If they are forced to break their software for the FBI what happens when other countries and their agencies come knocking? Should Apple also break their security for Russia and China who might have ulterior motives beyond unlocking a single iPhone?

  • iPhoneWINS

    Why the hell is this crap getting so much publicity? why is the FBI pretending they can’t hack into the damn iPhone no there own? Thats their job to get into information sources.. this whole case is full koi propaganda to make humans think they actually have privacy.. lol apple wants you too think that your iPhone is actually private… false.. the feds want you to think they can see everything you do.. false..

    • Mike

      I believe there was a post saying that they technically could break into it on their own, but it’s very risky and if they screw up then all the data will be lost.

  • Bob Forsberg

    I despise terrorists and anyone else who weakens our country’s defenses, as well as those blaming others for not being able to do their own jobs. Allah’s mid-evil nut cases would not be here or threatening us today if elected types and agencies involved, hampered by political correctness and jurisdiction ego’s, had done their jobs in the first place.

    When Federal agencies ask Federal Courts to demand private enterprise to compromise security features only to make their jobs easier that they’ve failed at, American freedoms may have already been defeated. I only disagree with Apple on one aspect of this situation threatening the revision of our Constitution. Congress should not determine the outcome, where decisions are guarantied to be politically motivated, nor the lower courts where conflicting rulings already exist on iPhone securities. The Supreme Court should rule, where Constitutional rights to privacy still mean something.

    For hundreds of years many wars have been fought and lives lost to protect us from outside enemy nations and terrorist groups from compromising our Constitution and our way of life. Our own government agencies should not be allowed to accomplish this defeat where outside enemies failed, because it makes their jobs easier.