Yes, Apple is toughening up the security of iPhones with iOS 12. Yes, the steps Apple is taking will make it harder for law enforcement agencies to thwart iPhone security. But no, that's not the reason Apple is doing it. To understand better, let's take a little history lesson. Back in 2016, Apple CEO Tim Cook opposed court requests that his company help the FBI unlock the iPhone 5C of San Bernardino gunman Syed Rizwan Farook. All of us were appalled by the deaths that occurred in San Bernardino, and the impact the attack would have on those left injured, and the friends and family of the deceased. But many in the tech community agreed with Apple that the horror of such thankfully rare attacks shouldn't be the catalyst for an erosion of privacy and security for hundreds of millions of iPhone users worldwide. Cook described the FBI's request in simple terms:
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession. The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
For a while it looked like Apple and the FBI's opposing views were on a collision course, until the law enforcement agency suddenly dropped its request and revealed that it had found a way to break into Farook's iPhone without Apple's help.
Time has moved on, and the popularity of Apple iPhones has meant that law enforcement agencies, spies, and - yes - criminals are as keen as ever to crack their way into the devices without the owners' permission. The FBI has continued to use the hacking tools developed by digital forensics firms like GrayShift and Cellebrite, which exploit unpatched flaws in iOS to brute force their way into locked devices via a USB connection. The basic version of GrayShift's tool GrayKey, for instance, can reportedly unlock all current iOS devices since the iPhone 5s - including the latest iPhone X. Pricing starts at US $15,000 for 300 unlocks. Such tools, of course, could just as easily be used by state-sponsored hackers, intelligence agencies, and authoritarian regimes. Things are going to get tougher for those bent on cracking phones, however, with the forthcoming iOS 12. As the New York Times describes the iOS software update will disable a device's Lightning port from transferring data one hour after the phone is locked.
"While a phone can still be charged, a person would first need to enter the phone’s password to transfer data to or from the device using the port."
This so-called "USB Restricted Mode" will, of course, require iTunes users wishing to transfer their data via the Lightning port to the iPhone to take an extra step. They will need to unlock the device with a passcode before transferring their music and podcast choices if it has been more than an hour since the iPhone was first locked. In short, the window of opportunity for anyone (whether they be law enforcement agencies or not) to crack into a locked iPhone using tools like GrayKey appears to have reduced dramatically. A statement from Apple confirmed that it was making the changes to secure better the privacy of all iPhone users, rather than to stymie the efforts of police investigations:
"We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs."
Apple's security engineers have worked tirelessly for years, strengthening the iOS operating system from hackers, and things have measurably improved since the San Bernardino gunman's iPhone 5C was first released. This latest step is unlikely to win much favour with law enforcement agents keen to break into iPhones, but should be welcomed by the vast majority of users who simply want their devices to prioritise security and privacy. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
