In a discussion sweeping the tech (and consumer) world, it’s easy to suffer from “Apple vs. FBI” information overload. Here at WinMagic, we’ve been closely following the developments of the story and understand Apple’s firm stance. In an effort to break the story down (and share some of our own thoughts) here are the nuts and bolts of the Apple vs. FBI case.
WHO:
On February 16, Judge Sheri Pym, of the Federal District Court for the District of Central California, granted the U.S. Attorney’s request for tech giant Apple to unlock an encrypted iPhone.
WHAT:
The United States government approached Apple with a request to build an iPhone operating system to be installed on an encrypted iPhone 5c, circumventing the existing security settings on that iPhone.
Apple has told the judge that although they could write a new program, doing so would compromise security and violate the company’s rights.
WHEN:
The request was issued earlier this month.
WHY:
The FBI is asking for Apple to unlock the encrypted iPhone because it was used by one of the terrorists responsible for the tragic attack in San Bernardino, California.
The U.S. Attorney is asking for “reasonable technical assistance” to the FBI. Without Apple’s help, the FBI has no way of cracking the encryption code through a key without possibly wiping the device of its contents – contents that the FBI believes could serve as critical information.
Our Thoughts
As a leading provider of intelligent key management and encryption solutions, WinMagic understands Apple’s firm stance. If Apple were compelled to write a program that enables easier key identification (tied to the users’ password), the technology company would essentially be providing a backdoor to the security of the specific phone, which could very realistically be replicated for future brute-force attacks.
Although there is a chance that by breaking into the iPhone the FBI could uncover useful information in the San Bernardino case, we as security experts recognize that the risk associated with this request far outweighs the potential benefit.
Here’s why – from an in-depth, expert view of today’s evolving threat landscape, we recognize that the hacking techniques of cybercriminals are becoming exponentially more advanced. If Apple were to comply with the FBI’s request and create a backdoor, trolling cybercriminals could easily capitalize on the backdoor, find a way to manipulate and replicate the action, thus creating a domino effect of compromised security loopholes.
As Apple continually updates it iOS, it took the security measure to stop storing encryption keys for devices, making it impossible for the company itself to unlock the code. Simply put – without an encryption key, Apple cannot bypass a lock code. In short: Apple has given the encryption keys back to their customers.
For over two decades, WinMagic has provided intelligent key management for everything encryption, with robust, manageable and easy-to-use data security solutions. Our flagship solution, SecureDoc, secures data wherever it is stored by providing enterprise grade data encryption and key management policies across all operating systems to our customers. In short, WinMagic gives the encryption keys back to our customers. We’ve done so for two reasons:
- To supply our customers with the ability to use a single key manager for all platforms
- To offer the ability to select and use whichever encryption technologies best meet the requirements regardless of key management capabilities
According to a recent blog post on intelligent key management, we take a deeper dive into our offering:
Our intelligent key management offering increases security by supporting a single instance of strong multi-factor authentication for each user, while concealing all other encryption keys and authentication credentials behind the scenes.
The case of Apple vs. FBI has raised long overdue awareness around the subject of encryption and its ability to strongly secure data. Our intelligent key management encryption offering has created a fortress of data security that can only be stormed by the keeper of the keys – i.e. our customers. There are no loopholes, no backdoors. Just intelligent encryption.