The rollout of the solution to this OS-level loophole might reignite the standoff between Apple and federal agencies that have been pushing for a law that will force smartphone-makers maintain access to users’ data.
In its forthcoming general iOS release, Apple will introduce a patch to shut the tool known as GrayKey that has empowered police and/or criminals to unlock the dormant iPhones by dodging the disk encryption. The move is expected to refuel the conflict between the Cupertino-based giant and the federal agencies.
In a statement to Reuters, Apple said the roll out of the update is aimed at protecting all its customers, “especially in countries where phones are readily obtained by police or by criminals with extensive resources.” The company said it will change default settings in the iOS to cut off communication through the USB port when the phone has not been unlocked in an hour.
Apparently the USB port is the place where the forensic agencies connected the GrayShift and Cellebrite machines to sidestep the security provisions that limit the number of password attempts that can be made to unlock the device before it freezes. These companies have offered the machines to law enforcement agencies in several countries for thousands of dollars and per-phone pricing as low as $50, the report claimed.
With this update, the agencies will not be able to open iPhones one hour after the device has stayed locked.
“We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs,” Apple said.
The Federal Bureau of Investigation (FBI) in 2016 successfully hacked into the encrypted Apple phone of Syed Farook, one of the terrorists who had planned and executed the December 2, 2015 shooting killing 14 people in San Bernardino, California. Following the success, the US Department of Justice — who was demanding that Apple help the FBI to unlock the iPhone 5C used by the terrorist — withdrew legal action against the tech giant.
At that time, Apple CEO Tim Cook had outrightly denied to help FBI crack the terrorist’s iPhone saying, “We have a responsibility to help you (customers) protect your data and your privacy. We will not shrink from this responsibility. We built the iPhone for you, our customers, and for many of us it is a deeply personal device.
After the FBI cracked the phone, Apple vowed that it would work on increasing the security in future iPhones.
"This case should never have been brought. We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated," Apple had said.
"This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy," the company’s statement added. Several personalities,including Google CEO Sundar Pichai and Apple Computers co-founder Steve Wozniak sided with Cook on this issue. The episode also led several security firms express fears of a backdoor entry to put users’ data and security at hackers’ mercy.
Follow Us
Sourabh Kulesh
A journalist at heart; has knowledge of a wide gamut of topics related to enterprise and consumer tech. View Full Profile
