There is an ongoing battle going on between Apple and the FBI, in which the later is asking Apple to give them access to the iPhone 5c of San Bernardino shooter Syed Farook, The New York Times says Apple has already begun work on implementing stronger security measures “even it can’t hack” to protect iOS devices.
The new security measures Apple is working on strengthening its encryption methods to make Apple device users even more secure, and, essentially, remove the possibility that the FBI could request for device access at a later date with future iPhones or iPads. These reports support another from Reuters, which stated that Apple’s plans to enforce its encryption policies would only get better depending on the results of its current legal battle over a locked iPhone 5c.
Apple has announced its intentions to challenge the order that would force it to help the FBI, calling the software the FBI wants “too dangerous to create.” The company has also said that such software could be used to “unlock any iPhone” available today, including its most recent devices. If Apple loses the fight against the FBI and is forced to create the software in question, stronger security would ensure it could not go on to be used again.
The new reports both state that Apple has engineers working on improving the encrypted backups within iCloud, in an effort to make them inaccessible even by Apple.
As it stands right now, iCloud backups are encrypted, but Apple has keys to access that information. Law enforcement can ask Apple, and has asked Apple, for the data on locked iPhones with those keys, provided by Apple’s servers. The Financial Times states that Apple is looking into ways to making those encryption keys tied to the device itself, and not through Apple’s servers. This would mean that the device’s information couldn’t be obtained by Apple at all, if security protocols are in place on the device, whether through a passcode or Touch ID.
However, that report also states that this could come at a strike against convenience for the user, indicating that if a user forgets their iCloud authentication password, they would be completely locked out of their device, too. At the time of reporting, Apple hadn’t responded to the claims.
These changes, making it impossible for Apple to access the information on an iOS device at all, seems like a step in the same direction the company has been moving in ever since it debuted iOS 8, so it may not be all that surprising. However, if Apple does reach that point, it’s likely that the U.S. government, or many other governments for that matter, might not like that particular path.
Source: The New York Times
Apple Working on Strengthening iOS encryption