Hacked: Hacking Finance

Apple CEO Tim Cook: Building iPhone Backdoor is ‘Dangerous’; Govt Demand is ‘Chilling’


Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary 15th November, 2016

The Largest Breach of 2016: 412 Million FriendFinder Accounts Exposed 14th November, 2016


Apple CEO Tim Cook: Building iPhone Backdoor is ‘Dangerous’; Govt Demand is ‘Chilling’

Posted on .





Apple CEO Tim Cook, easily among the most vocal advocators of encryption in the world has, in an open letter today, passionately vowed to fight the US government over a court order that demands unrestricted backdoor access to an iPhone.

When the government comes knocking with a court order to demand that a company builds a backdoor for its products, most companies would typically oblige and comply at the behest of such governmental requests. Apple isn’t among them.

In an open letter published on Tuesday, Apple CEO Tim Cook has deemed a court order by the US government requesting that Apple build a backdoor for an iPhone as an “overreach.”

The court order comes from the US government via an FBI request that demands access to data stored on an iPhone 5c used by a gunman involved in the recent San Bernadino shooting.

The open letter, simply titled “A Message to Our Customers,” sees Cook begin by stating:

The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers.

We oppose this order, which has implications far beyond the legal case at hand.

Apple’s Encapsulated Encryption

Security was front and center in Apple’s to-do list when developing the most recent versions its mobile operating system, starting from iOS 8. Apple began encrypting its iPhones and other mobile devices by default via an encapsulated encryption method. Quite simply, the security upgrade pins a pass key with the device’s unique ID, locally.

The encryption protocol renders offline phone hacking to be a near impossibility. Furthermore, any attempt to break the device’s encryption would require physical access to the device, directly.

Even then, a codebreaker decryption program would need the hurdle of the 80 millisecond cooldown period employed by the iOS password attempt counter. According to Apple’s estimates, a supercomputer wielding brute-force techniques to relentlessly hammer a device with a barrage of password attempts would still take over five and a half years to crack a six-digit passcode with numbers and lowercase letters. A stronger, longer passcode could take decades, according to the tech giant.

Quite simply, Apple’s reinforced devices are hardened to resist backdoors and passcode breakers, the kind of programs that the FBI is seeking to use to crack Apple’s devices.

Apple’s Compliance So Far

Cook revealed that Apple has actively engaged the FBI in providing support to solve the San Bernadino case during the aftermath of the crime. Apple has also complied with valid search warrants and subpoenas as well as providing the FBI with information that was requested by the agency. It’s important to note that this requested data and information, was in the possession of Apple.

Apple’s Chief Executive also revealed the company has made its engineers available to advise the FBI on investigative options at the agency’s disposal. What’s significant is Apple’s complete encryption philosophy through all this, wherein customers’ personal data is also beyond Apple’s reach with their own products.

“We have even put that (customer) data out of our own reach, because we believe the contents of your iPhone are none of our business,” Cook reminded.

A Request Too Far: A Backdoor to the iPhone

In noting Apple’s compliance to valid law enforcement requests up to this point, Cook then revealed a request by the FBI that Apple simply wasn’t going to adhere to.

Up to this point, we have done everything that is both within our power and within the law to help them (the FBI). But now, the US government has asked us for something we simply do not have, and something we consider too dangerous to create.

They have asked us to build a backdoor to the iPhone.

Cook even elaborated on the specific request from the FBI itself: a new version of the iPhone operating system, iOS, engineered without the security features to be installed on the retrieved iPhone 5c belonging to the gunman from the San Bernadino shooting.

Cook was quick to note that this requested version of a tweaked, security-light iOS does not exist today.

In the wrong hands, this software – which does not exist today – would have the potential to unlock an iPhone in someone’s physical possession.

The FBI’s request for a custom iOS image ROM (software image) seeks a new addition to the modified operating system, one which enables the FBI to bypass the iOS password attempt counter. Fundamentally, the FBI is looking to allow a passcode to be entered electronically.

Cook explained the ‘chilling’ implications of the governmental demands:

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

A direct electronic passcode-breaking device plugged in through the iPhone’s Lightning port without the 80-millisecond delay between passcode attempts would make it easy to crack the iPhone.

Cook was clear about the implications of designing a backdoor for one single iPhone. He argued that once the information is known, anyone with the knowledge to overcome such encryption can replicate it on any number of devices.

The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices.

Apple Isn’t Budging

The overall tone and content of Cook’s letter is one wherein the CEO of the most valuable companies in the world calls for a public discussion about backdoors with a passionate, even aggressive pro-encryption stance.

Cook stated:

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

Apple’s chief executive also elaborated on other demands by the government that may soon come through, if, the request for a backdoor goes through.

The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Cook added that such a vocal, open opposition to the government order isn’t something that is taken lightly by Apple. In making the FBI’s backdoor request public, Cook put a marker on this moment as one wherein everybody involved – millions of citizens and billions of mobile users around the world as well as governments – understand the implications of such a request.

Defiantly, Cook declared:

We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products.

“And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect,” Cook concluded.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?


Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
VoIP phones can be hacked on account of weak passwords,…