It was the salvo heard round the tech world: United States Magistrate Sheri Pym ruled that Apple must write code to assist the FBI in breaking the code protecting an iPhone. But this is not just any iPhone— it’s the device that belonged to one of the San Bernardino shooters.
Apple has so far refused to comply, despite heavy pressure to do so. In an open letter, Apple CEO Tim Cook stated why: “We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data.”
Cook has previously defended the company’s use of encryption on its mobile devices, including in this interview with 60 Minutes. Not surprisingly, there has been a lot of weighing in on both sides of this issue.
Digital rights experts claim forcing a company to actually write code to allow the government to break into one of their encrypted devices could easily lead to loss of privacy for all—essentially creating a ‘master key’ that can be used again and again if intercepted by hackers. Lawmakers like Rep. Adam Schiff, D-Calif. says that government should not be able to force tech companies to build a backdoor.
It’s a matter of privacy.
On the other side, Senate Intelligence Committee Chairman Richard Burr, R-N.C., and Vice Chair Dianne Feinstein, D-Calif. stated that if law enforcement officials obtain a court order to investigate a specific person, that tech companies should comply. This would be especially important with an investigation into terrorist activities like the San Bernardino shooters—the phone may yield all kinds of records that could prevent more crimes against citizens and lead to the capture of terrorists still at large.
It’s a matter of national security.
This is a heated issue, but let’s put politics aside for a moment and just look at what is being considered:
The FBI has the phone, but entering the 6 digit code required on newer iPhones will delete all data on the phone if the code is entered incorrectly too many times. The FBI wants Apple to write a code that will stop the deletion of the data, allowing them to keep trying codes until the phone is unlocked.
Boiling it down to its essence:
- The FBI has the phone.
- They have the warrants.
- Supreme Court of the United States ruled in 2014 that police may search the contents of a cellphone after obtaining a warrant: SCOTUS: Cellphone Searches Require Warrants.
So literally, the only thing keeping the FBI out of the iPhone that belonged to the San Bernardino shooters is one fact:
The FBI is not able to crack the code on the phone and needs Apple’s help to do so.
Hacking pioneer John McAfee offered to help:
“I will, free of charge, decrypt the information on the San Bernardino phone, with my team. We will primarily use social engineering, and it will take us three weeks,” McAfee wrote. You may wish to file this from the ‘grain of salt department,’ however— McAfee is running for president as a Libertarian, so publicity is a good thing right now. McAfee also said FBI hires straight-laced computer people who have less talent than his “prodigies.”
One thing is for certain: the person who dramatically put encryption and government information gather efforts into the news is Edward Snowden. His revelations about data capture by the NSA have made headlines everywhere, with many feeling that the government has within its power the ability to tap into anything.
But this is simply not true with encrypted communications. Snowden urged anyone with a duty to protect data to encrypt their communications. Specific advice from Edward Snowden, the man who revealed more than anyone else in history about how the NSA gathers information, is specific:
“… unencrypted communications on the internet are no longer safe. Any communications should be encrypted by default…”
So it appears a very good bet that yes indeed, the FBI will not be able to crack the iPhone unless they get help from Apple. In other words: the encrypted information in the iPhone is safe from being gathered by any current technology, outside of its very creator creating a backdoor.
No matter what your politics, the takeaway here is that today’s encryption is tough to break.
How tough? Just ask Hollywood Presbyterian Medical Center. Their computer network was infiltrated and disabled by hackers in an attack that began February 5, 2016. And how was their data disabled? The hackers encrypted it, then demanded a 40 bitcoin ransom—about $17,000- to provide the encryption key.
No email. No patient records. Paper forms were being improvised on the fly, and many patients had to be turned away. The hospital was basically being shut down by the hijacking of its data.
The CEO of the facility, Allen Stefanek, defended the hospital’s decision to pay the ransom—even while the crime was being investigated by none other than the FBI. Said Stefanek, “”The quickest and most efficient way to restore our systems was to pay the ransom and obtain the decryption key.”
Score so far? Encryption 2, FBI 0.
Hackers look for weak links in a company or individual’s computer or server. Then, using encryption, the attacker can secure the contents so well that even the FBI has given up on trying to decrypt the files in the past. Then the attacker offers the decryption key to the victim. The price demanded invariably varies with the perceived wealth of the individual or institution.
McAfee Labs stated that the number of ransomware attacks is expected to grow even more in 2016 and that about 3 percent of victims pay a ransom. Exact numbers are not reliable, however, because many ransomware attacks are never reported due to publicity concerns.
Any company—indeed any person—who has data stored needs protection. Most times, that data safely stored also needs to be accessed in order to run your business. That’s where 5i Solutions can help.
5i Solutions takes your security seriously. Our data hosting and super-secure Cloud Vault offers encryption, network security, and key management. Custom-built identity verification and access control. Threat management, penetration testing, monitoring, logging, and on-demand reports to ensure the continued integrity of your data.
5i can customize a solution where your vital data is secure and available 24/7 from anywhere in the world—but available only to those authorized to have access to it.
Today’s encryption systems are strong, and can protect your vital data from virtually any attack. And 5i Solutions can build a custom solution for you for less than you might think. So encrypt your data today—don’t wait for someone to get hold of your system and hold it for ransom with their own encryption.
5i Solutions. One single, secure point of intake, access, and storage. One singular solution.
5i Solutions, Inc.
Learn more at http://5iSolutionsInc.com
