• Explore the magic and the mystery!



  • Newsletter Issue #981

    April 1st, 2020

    THAT BACKDOOR CONTROVERSY REVISITED AND OTHER STUFF

    It’s been a while since I’ve posted. So the world copes with the ravages of the novel coronavirus, most Apple Stores remain closed, and speculation is rampant on whether or not new products will appear on time.

    Where is ET when we need them — it?

    Despite the concerns about delays in new Apple gear, the iPad Pro has received a fairly comprehensive upgrade, in large part based on iOS 13.4, which adds fairly capable support for input devices, such as trackpads. It thus becomes more of a laptop replacement than ever, but it’s also closer in concept to the mythical toaster oven and refrigerator by dint of its touchscreen and keyboard/trackpad capability.

    A new MacBook Air drops the controversial butterfly keyboard, which is replaced by a scissor keyboard in the tradition of the Magic Keyboard. It is said to feel better, and it is allegedly more reliable, though it’s not certain whether or not sales were actually hurt by rumors of serious defects.

    The big news is that a $999 MacBook Air has returned, representing a  lower price with a model that has twice the storage (256GB versus 128GB), and a faster 10th generation Intel CPU. The new processor demonstrates again that clock speed isn’t important, since performance is boosted despite a lower rating. More powerful integrated graphics can drive a 6K display, including the one $5,000 that was designed for the Mac Pro. Perhaps it’s future proofing for the time when 6K displays will be cheap.

    In short, the MacBook Air has become the perfect laptop for the rest of us — and particularly those who felt Macs were too expensive.

    One thing is sure: Until people can gather in public crowds less than six feet apart, physical Apple media events aren’t in the cards. But maybe the virtual sessions will just take over, assuming the experiment with the next WWDC succeeds. Of course, airlines and hoteliers aren’t going to appreciate the lost business.

    So let’s move on…

    During its 2015 investigation of a terrorist mass shooting in San Bernardino, CA, an iPhone 5c work phone was recovered by the FBI. It was reportedly used by one of the shooters and thus the authorities wanted to search its contents for evidence.

    As you recall, the iPhone was locked, the data encrypted, and multiple attempts to hack its passcode more than 10 times would disable the unit. If it was fully backed up via iCloud, it could be recovered, but maybe it wasn’t. Or maybe the FBI just wanted to make sure.

    Now in passing, I do wonder how a smartphone given out to employees by a company wouldn’t be activated via an Apple enterprise management system, but that assumes it wasn’t, which is not altogether clear from the news reports on the matter. If such a tool was used, it would allow recovery of data and provisioning of the unit for another employee. Well, if it wasn’t being used as evidence in a criminal investigation.

    As you recall, the FBI demanded that Apple create a backdoor that would allow law enforcement agencies to gain access to an Apple mobile device that might contain the evidence they need. But as Tim Cook and others at Apple have said many times, once a backdoor or master key is created, there is no way to confine it to the proper parties. Criminal elements and rogue nations, such as China and Russia will also be able to use that backdoor for their own ends.

    Once the barn door is opened, it cannot be closed. That backdoor would potentially impact the privacy of hundreds of millions of iPhone users.

    After a dispute that ended up in court and the halls of Congress, the FBI reportedly paid $900,000 to a third-party that was able to hack the iPhone. In the end, there was nothing of significance on it. Clearly the terrorists were smart enough not to include incriminating evidence on a work phone.

    Since then, commercial tools that can hack an iPhone and other devices have gone on the market. Apple, in turn, continues to improve its encryption scheme.

    That was then.

    This contentious issue resurfaced in January, with demands from U.S. Attorney General William P. Barr that Apple unlock iPhones used in a terrorist attack in December of last year. The tragic event occurred at a naval air station in Pensacola, FL.

    Now it’s clear that the AG, a controversial figure in the current polarized political climate, hasn’t looked at the history of previous attempts to force Apps to unlock iPhones when law enforcement required it, maybe he was just getting the wrong advice. Or maybe he was grandstanding.

    The arguments remained the same. Apple was accused of providing sanctuary or a safe haven for criminals. It’s a matter of weighing the privacy of Apple’s customers against the need of the authorities to decrypt these devices.

    Nonetheless, there are contraptions out there that are quite capable of breaking/unlocking an iPhone without the need for Apple to do anything at all.  One of the first came from Cellebrite, an Israeli firm. The gadget is known as the Universal Forensic Extraction Device (UFED).

    There’s no need to do a full-scale overview of these products. But they are available to governments around the globe, and thus there is no need to confront a tech company’s privacy concerns. Sure, Apple will do what it can to improve security on its iOS gear, and thus make it more difficult for these devices to succeed. But it’s not necessarily about keeping law enforcement from doing its job. It’a about the fact that there is no way to stop criminals or rogue governments from getting ahold of such equipment.

    Unfortunately, most members of the media, beyond tech sites, in a misguided attempt to appear to be fair and balanced, failed to describe the downsides of the AG’s blatherings about iPhone security. Or that there were workable solutions that didn’t force Apple to be put on the spot.

    In the end, you should probably accept the reality of the situation, that there is no way that you can be 100% certain that there’s no way to break into your tech gear. So follow common sense and be careful about the personal information you store. A password manager (or Apple’s iCloud Keychain) will help deal with confidential login data. But I’d never, ever, put passwords in Notes. Then again I wouldn’t put them on psysical sticky notes either. Isn’t that what a bank vault is for?

    In any case, the coronavirus and other more pressing issues have pushed the latest Apple backdoor brouhaha to the back burner. That’s where it should stay.

    THE FINAL WORD

    The Tech Night Owl Newsletter is a weekly information service of Making The Impossible.

    Publisher/Editor: Gene Steinberg
    Managing Editor: Grayson Steinberg
    Marketing and Public Relations: Barbara Kaplan
    Worldwide Licensing: Sharon Jarvis



    Share
    | Print This Issue Print This Issue

    Leave Your Comment