Home » Topics » Cybersecurity » Apple vs FBI: backdoors are bugs, never features

Apple vs FBI: backdoors are bugs, never features

Avatar photoby Ben Rossi

Following 11 court orders, support from dozens of Silicon Valley tech firms and nearly two months of public debate, Apple and the FBI finally drew their cryptographic dispute to a close – only to reignite it again a couple of days later.

While many in the tech community were disappointed with the FBI’s response to Apple’s defiance – paying a third-party to hack the iPhone 5C without Apple’s permission – the battle for individual privacy was far from lost.

Ever since the US government forced the demise of encryption services such as Silent Circle email and Lavabit messenger, most small and medium-sized tech companies have come to accept they simply don’t have the time or resources to fight the government on the issue of customer privacy.

>See also: Two thirds of IT pros oppose government surveillance and back Apple over the FBI

For everything from international cloud storage companies, right down to Silicon Valley start-ups, the post-Snowden logic has been go with the government or go out of business.

By standing up and taking a stance against the FBI on this issue, Apple has finally been able to offer an alternative mentality.

Following Edward Snowden’s revelations that the US government was able to hack into locked iPhones and Android devices, Apple drastically improved its security across both iOS8 and iOS9, making it near-impossible for government institutions to demand or collect data from individual iPhones.

Following a series of court orders in February, however, Apple was pressured by the FBI to unlock one of its iPhone 5Cs to aid in investigations surrounding the 2015 San Bernardino shooting – a request with which Apple refused to comply.

Industry impact

Already those in the security industry have come to consider how the hack will impact their organisations and the wider technology industry. According to Mateo Meier, a Swiss privacy advocate and data centre CEO, Apple’s stance is already resonating across the privacy space:

“By taking this stance against the government – even on the contentious issue of counter-terrorism – Apple has helped to remind businesses of all sizes that they not only have every right to protect their customers’ data, but also have a responsibility to do so,” said. “This is a matter that both businesses and consumers agree on.”

According to Artmotion’s own research, 70% of US consumers believe the government should not be allowed access to personal communications data, siding with Apple in the recent privacy debate.

“Choosing to allow certain services access to your data should not be considered the same as handing over your complete right to personal privacy,” Meier added.

That the FBI ultimately managed to crack into the iPhone 5C via a third party does not undermine this fact. Apple’s willingness to fight has helped set a precedent for technology companies both across the US and all around the world.

By refusing to comply, the company is telling the government that while snooping and invasion may still be possible, businesses are not under an immediate legal obligation to weaken their security protocols or to make their customers’ data available on demand.

Lessons learned

While few businesses would have the legal might to enforce this point themselves (Apple has spent more per year on legal fees than on R&D), they can at least use the Apple dispute as justification for protecting their own customers’ privacy concerns.

As already seen with the launch of Whatsapp’s end-to-end encryption service last week, other tech firms are already taking advantage of this new dynamic.

>See also: Researchers break hole in Apple's 'unbreakable' encryption

By refusing to comply, Apple has made it clear that this form of brute force data collection should be the exception rather than the rule. As a result, rather than forming an official backdoor for the US government, the security hole exploited by the FBI can now be identified, updated and ultimately blocked.

Already, spokespeople from Apple and the wider security community have made it clear that the methods behind the FBI’s iPhone hack won’t stay secret for much longer.

One senior Apple engineer commented, “Flaws of this nature have a pretty short life cycle,” which in itself is a victory for the wider privacy and technology community.

This is the real lesson that Apple has taught both the public and US government: backdoors may be bugs to be exploited, but they will never be features.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics

Data

Related Stories

Cybersecurity

How AI will shift the security landscape in 2024

The impact of AI within cybersecurity is expected to grow significantly this year, says Alex Holland, senior malware analyst at HP

AI & Machine Learning

NCSC releases guidelines for secure AI development

New guidance from the National Cyber Security Centre (NCSC) aims to help businesses securely innovate with AI and minimise risks

Cybersecurity

3 cybersecurity compliance challenges and how to address them

Earning those trust seals can strengthen relationships with board members and prospective customers, but it sure isn’t easy.

Cybersecurity

70% of UK firms reported cyber insurance changes in past year

According to research from Databarracks, seven in 10 UK businesses have seen changes to their cyber insurance in the past 12 months, as requirements rise