Libertarian Party presidential candidate and developer of the first commercial anti-virus program, John McAfee, has been receiving considerable news coverage following his claims that he could hack into the iPhone of San Bernardino gunman Syed Rizwan Farook in half an hour or less.
The McAfee security chief also claims that the FBI can hack into the phone, making its demands to tech giant Apple fraudulent and part of a wider conspiracy to ‘spy’ on the American public. Whilst McAfee has since revised his position – explaining that he drastically simplified the process that would be required to, in his words, “get a s**tload of public attention” – his motives must be questioned given his current political aspirations as well as his differing descriptions of how the iPhone can be hacked, depending which of his interviews you listen to.
On 2 December 2015, 14 people were killed and 22 seriously injured as the result of a terrorist attack that was perpetrated by a married couple of Pakistani descent living in the US – an example of what the FBI describes as “home grown violent extremism”. Being an emotive issue, some have argued that the FBI is using this tragedy to force Apple to create a general back door into their iOS software, enabling the FBI easy access to user’s phones in the future as the hack would have to work on any phone of the same model. It would also create a significant security risk going forward for all iPhone users, as past experiences tell us that it is likely to be a matter of weeks before this hack is available illegally.
Of course, there is no reason that the FBI could not write the software itself. It would seem that there are a number of issues including time, money and the varying degrees of difficulty, depending on whether the user had the ‘auto-erase’ feature enabled, and what problems may have been caused by the County Police Department’s initial attempts to access the data by changing the iCloud password.
Many experts have asked why the FBI has not worked around the ‘auto-erase’ feature by copying the flash memory (including the effaceable storage) before it tries 10 passcode attempts. It could then retry inputting passwords indefinitely until the code is cracked, and restore the flash memory from the backup copy.
To add to all the confusion, NSA whistleblower Edward Snowden has also contributed to the debate, stating that: ‘The FBI says Apple has the “exclusive technical means” to unlock the phone. Respectfully, that’s horse sh*t.’
So back to John McAfee. In interviews he has offered to help the FBI access the data on the iPhone. It’s worth wondering why the FBI aren’t genuinely considering his offer, given that McAfee is a proven expert when it comes to computer software and hacking, and owns a globally recognised anti-virus software company.
He expanded on his method in one interview saying that it would include ‘decapping’ the phone’s processor and acquiring the device’s unique identifier (UID), which may allow someone to access the phone via brute force – by flooding it with options.
However, a pertinent point from McAfee’s comments on the matter is that he is trying to make the American public aware of the overall implications of the creation of a master back door key to iOS, and what that means for the security of iPhones in the future for everyone.
In an open letter to customers, Apple’s Tim Cook states his position by firstly outlining the importance of encryption and security. He goes on to describe his (and Apple’s) ongoing cooperation with the FBI and how Apple has done everything within its power to assist in the San Bernadino case but is not prepared to create a new version of the iOS software with a back door, circumventing several important security features, as it risks their integrity and puts customer data at future risk.
The outcome of this case is yet to be decided and, as the debate rumbles on with Apple preparing to fight the order and possibly being asked to hand over the source code of the entire operating system to the FBI, the questions still remain:
- Can the FBI already hack into this (and any other) phone? If so, why go to so much trouble to get Apple to develop a back door into their iOS?
- And, if they do get this capability from Apple, what does this mean for the future of phone encryption?
As with any other technology, encryption software and techniques evolve. Responding to the latest security threat, developers must be continually aware of what’s going on in the wider online community to enable them to stay one step ahead of potential hackers, online threats and government surveillance. But, as is always the case, the best developers manage to do this.
This is the case with the developers here at Cryptique, who are constantly updating and evolving the Pryvate™ app. Pryvate uses the most secure encryption software currently on the market and secures all daily digital communications including voice, IM and email. It achieves end-to-end encryption by using unique encryption keys that are generated for each individual communication, so there is no middle man, and no data is ever stored. This makes it impossible to hack, leak or give away data. We closely follow worldwide events to ensure that we stay ahead of any potential threats to our software or industry as a whole. When you are using the Pryvate™ app you can be sure that every aspect of your communications is covered.