Apple head of software engineering says FBI’s demands compromise the safety of all iOS users

Next Story

Process as code: Security ops orchestration for a brave new world

Craig Federighi, Apple’s senior vice president of software engineering (and one of its most popular WWDC presenters) says the FBI’s demands on the company will make all iOS users more vulnerable to malicious attacks in an opinion piece for the Washington Post.

Apple is currently battling a court order that would force it to create new software for the FBI so the bureau can unlock an iPhone 5c used by one of the perpetrators of a Dec. 2 shooting attack on a social services center in San Bernardino, California that killed 14 people. The company has said repeatedly—including in a public letter to customers and before a congressional Judiciary Committee—that doing so would set a precedent that could compromise the security of all iOS users.

Apple’s stance got reinforcement at the end of February when in a separate but legally similar case in New York, a district court judge ruled in favor of Apple by denying a government request for information on an iPhone, saying that the government had failed to prove it is entitled to force Apple to help it bypass the device’s passcode by the All Writs Act.

In his op-ed, titled “The FBI wants to roll back safeguards that keep us a step ahead of criminals,” Federighi wrote that fulfilling the FBI’s request would force Apple to compromise its current encryption technology, negating years of work by the company’s engineers and creating a security hole that could be exploited by criminals:

That’s why it’s so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013. But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What’s worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.

To get around Apple’s safeguards, the FBI wants us to create a backdoor in the form of special software that bypasses passcode protections, intentionally creating a vulnerability that would let the government force its way into an iPhone. Once created, this software — which law enforcement has conceded it wants to apply to many iPhones — would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all.

The ruling in this case potentially affects all tech businesses that need to safeguard sensitive customer data. Companies that have filed amicus briefs in support of Apple include Box, Google, Facebook, Microsoft, Square, Twitter, and LinkedIn. The United Nations’ human rights commissioner has also issued a statement supporting Apple.

Apple vs FBI

Featured Image: Pavel L Photo and Video/Shutterstock