Apple Engineering VP: The FBI Wants Us To Make Everyone Less Safe

As so many have tried to frame the Apple v. FBI fight as one of "privacy v. security," the fact is that it's really about security v. security, where it really comes down to what are you more afraid of: the off-chance that someone will secretly plan a terrorist attack on an encrypted iPhone, or the much more likely issue with millions of phones being stolen or hacked into by criminals looking to swipe your private information. Apple's VP of software engineering, Craig Federighi, had now taken to the pages of the Washington Post to try to highlight this issue, and explain that the FBI and DOJ are really trying to make everyone a lot less safe.

But the threat to our personal information is just the tip of the iceberg. Your phone is more than a personal device. In today's mobile, networked world, it's part of the security perimeter that protects your family and co-workers. Our nation's vital infrastructure -- such as power grids and transportation hubs -- becomes more vulnerable when individual devices get hacked. Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person's smartphone.

And he also has a good response to those, like Manhattan DA Cyrus Vance, who insist that they just want Apple "to go back" to the way they had security on phones prior to iOS 8. In other words, make everyone less secure. Their argument is that if that was okay a few years ago, why isn't it okay now. And the answer is that security holes are found over time and they make systems less and less secure. So taking a step back is not just like going back a couple of years, but much, much worse, because now lots of people know how to get past the security features:

Of course, despite our best efforts, nothing is 100 percent secure. Humans are fallible. Our engineers write millions of lines of code, and even the very best can make mistakes. A mistake can become a point of weakness, something for attackers to exploit. Identifying and fixing those problems are critical parts of our mission to keep customers safe. Doing anything to hamper that mission would be a serious mistake.

That's why it's so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013. But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What's worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.

And, as he notes, the FBI's demands in the San Bernardino case are akin to doing the same thing to the security of iOS 8: creating a vulnerability that will almost certainly "spread around the world in the blink of an eye." It's a good, straightforward piece explaining why the FBI and DOJ's demands are so dangerous here.

Permalink | Comments | Email This Story