Apple has been at the receiving end of public and political pressure to create a backdoor to its systems for legal investigations; but now it appears the company will be even more under fire. New research suggests that Apple’s encryption has a gaping hole. Are Apple products really not secured?
Apple has been expanding and developing its encryption techniques and technologies. The company made it clear that it wants to protect customer data to the point that the US government has started warning the company that such robust security is also allowing criminals and terrorists to communicate secretly – far and safe from the eyes of law enforcement.
However, this may not the case at all. A team of Johns Hopkins University researchers discovered a bug in the supposedly vaulted Apple encryption. The bug can allow an experienced attacker to decrypt photos and videos even when sent as secure messages. Although the bug will not enable the FBI to hack into the concerned iPhone in relation to December’s San Bernardino terrorist attack, it does disprove that a tech company’s strong encryption will not allow hackers or law enforcement to get into devices.
“Even Apple, with all their skills — and they have terrific cryptographers — wasn’t able to quite get this right,” noted Matthew D. Green in the paper (via Washington Post). Green is a computer science professor at Johns Hopkins University who led the research team.
“So it scares me that we’re having this conversation about adding back doors to encryption when we can’t even get basic encryption right.” The researcher added. Nonetheless, Tim Cook will not be letting up, as he previously maintained that encryption matters.
“We need to decide as a nation how much power the government should have over our data, and over our privacy,” Wired quoted Tim Cook when he went up on stage to introduce Apple’s new devices. “We did not expect to be in this position, at odds with our own government. But we believe strongly that we have a responsibility to help you protect your data, and protect your privacy. We owe it to our customers, and we owe it to our country. This is an issue that impacts all of us, and we will not shrink from this responsibility.” The CEO added.
More importantly, Apple continues to send a strong message on the encryption matter through its new platform called CareKit. This will allow developers to offer health care apps that can monitor a treasure trove of information across Apple devices – the kind of information that users would be willing to guard as closely. The CareKit is considered somewhat like ResearchKit. A platform that Apple introduced in the previous year that helps research institutions conduct large-scale researches with devices running on iOS.