Now let’s talk a little bit about Apple, and what they are thinking of doing with their new iPhone. It’s been a top priority item, you can imagine, following their standoff with the Federal Bureau of Investigations. As we have commented before on Curious, this was a very slippery slope on where they found themselves; and on reflection, it was an argument that both sides were right and wrong. Now Apple wants to look ahead and endeavor to make their latest iPhone unable to hack.
This new dedication to security is probably born from Apple’s frustration, completely fed up with the whole FBI lawsuit against them, taking a stand only to have the FBI employ a third-party and hack into it anyway. Along with licking their figurative wounds, they want more than ever to make an iPhone even they themselves could not break into, so they are developing new encryption methods that will keep the iPhone secure from everyone, even Apple itself. You see, your iCloud data can be accessed through encryption key Apple possesses. If the FBI wants to subpoena the data in the iCloud, they can get it.
In light of this particular iPhone case, Apple is looking to rid both themselves and their clientele from certain loopholes. The encryption they are currently working on would close that loophole allowing Apple to access private data. This is the same loophole that the FBI wanted to exploit, and if this loophole is successfully closed, the FBI and any law enforcement entity in the future will face the same challenges as any other hacker. Currently there is an 80 millisecond delay every time a password is entered which may not seem like a lot but that delay has been effective in deterring hackers from correctly guessing passwords, and if you make too many guesses the wait time increases.
Even more of a deterrent is the preference that if you set security measures appropriately, the data inside the phone will automatically erase after ten attempts.
Backups are currently encrypted with key stored in the Apple server, but Apple is attempting to create a new system where the key is stored on the iPhone itself, reliant on your login credentials to create the security measure, thereby making only you accessible to the phone. Skeptics are critical of this step as it now makes the phone even more of a desired target, carrying that kind of access key, but the plan is to develop a safeguard for the iOS firmware. If someone tries to access and change the iPhone’s firmware, the device will automatically erase its data, essentially blocking any back doors hackers could exploit.
This is all fallout from the Apple vs FBI lawsuit, and we will probably be feeling the fallout from this matter for years to come. There is a lot of collateral damage for both sides to sift through, but on the plus side the concern for privacy is at the forefront of everyone’s mind. At least for the time being. We have certainly covered the importance of such matters on this very blog, but then a “new shiny” will present itself—be it an app or the latest tech toy—and regardless of what is at stake, we will sacrifice far more than we should. Security should not be treated like a fad diet where we talk about the issue only to forget about it when we find something new that makes us feel good. Security is lifestyle change, and we must treat it as such if we do not want to find ourselves, or our data, in a compromised position.
A research physicist who has become an entrepreneur and educational leader, and an expert on competency-based education, critical thinking in the classroom, curriculum development, and education management, Dr. Richard Shurtz is the president and chief executive officer of Stratfdord University. He has published over 30 technical publications, holds 15 patents, and is host of the weekly radio show, Tech Talk. A noted expert on competency-based education, Dr. Shurtz has conducted numerous workshops and seminars for educators in Jamaica, Egypt, India, and China, and has established academic partnerships in China, India, Sri Lanka, Kurdistan, Malaysia, and Canada.