Apple’s software chief refuses to ‘turn back the clock’ on iPhone security – CNET

Apple’s head of software engineering, Craig Federighi, warns against going backward in the “endless race” for digital security.

James Martin/CNET

With every new generation of smartphone software and every browser update, the battle rages on.

Software engineers improve digital defenses, hackers find new vulnerabilities to exploit, and the engineers, in turn, work even harder to keep your data safe.

In what he describes as an “endless race” against the bad guys, a top Apple exec refuses to be hobbled, saying that engineers shouldn’t have to turn back the clock on security, no matter the stakes.

Craig Federighi, senior vice president of software engineering at Apple, on Sunday penned an op-ed in The Washington Post, arguing that building a backdoor into the iPhone would drag Apple back to security standards of three years ago.

Federighi’s comments are the latest salvo in the legal battle over FBI’s requests for Apple to decrypt an iPhone 5C belonging to one of the terrorists involved in December’s massacre in San Bernardino, California. The FBI, along with the US Department of Justice, argues that the phone could hold vital clues, while Apple says deliberately compromising iPhone security would affect the online safety of all its customers.

The case has seen the likes of Google and Microsoft lend their support to Apple, while Republican presidential contender Donald Trump has called for an Apple boycott.

But for Apple’s software team, it’s a simple matter of not losing ground in a critical battle.

“Our team must work tirelessly to stay one step ahead of criminal attackers who seek to pry into personal information and even co-opt devices to commit broader assaults that endanger us all,” Federighi wrote in his op-ed. “Sadly, these threats only grow more serious and sophisticated over time.”

Just as Apple fans wouldn’t want the company to take the stage to launch an iPhone with last year’s specs, Federighi said, Apple’s security team isn’t happy with old security either. According to his op-ed:

The encryption technology built into today’s iPhone represents the best data security available to consumers…

That’s why it’s so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013.

But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What’s worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.

These comments resonate all the more after security researchers on Sunday announced the discovery of ransomware targeting Apple’s Mac computers. The malicious software, which takes control of a computer until its owner pays a ransom, is believed to be the first targeting the Mac in the real world.

According to Federighi, the defenses that Apple’s teams of engineers work hard to maintain are the very protections that keep malware out of its devices and keep sensitive data out of the wrong hands.

“Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person’s smartphone,” he said.

With Apple’s legal counsel being called before Congress and other big names in tech filing their support for the company, the clash between Apple and the FBI is growing in scope by the day. And with national security being weighed against the personal security of an increasingly connected public, both parties have serious skin in the game.

But for the engineers behind it all, the personal is political.

“Great software has seemingly limitless potential to solve human problems — and it can spread around the world in the blink of an eye,” Federighi said. “Malicious code moves just as quickly, and when software is created for the wrong reason, it has a huge and growing capacity to harm millions of people.”


Write a Reply or Comment:

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.