After 14 people were killed on December 2 last year in San Bernardino, California, law enforcement officials have been trying to bring the individuals responsible for the attacks to justice. After recovering an iPhone that belonged to one of the attackers, the FBI hoped to gain some information from its contents, but could not access it due to Apple’s security protocols. Intent on retrieving the information, the FBI had a Federal District Court judge in California issue a court order for Apple to develop a software “backdoor” that doesn’t currently exist.
Considering the amount of personal information people have stored in their smartphones, including private conversations, financial information, health data, and travel itineraries, Apple representatives say they recognize that compromising security on protected information could put customers’ personal safety at risk, and the company takes its responsibility to these customers very seriously.
An official statement released by Apple last week said, “For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe. We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.”
Using the All Writs Act of 1789 as a rather rusty legal mechanism, the requested court order would have Apple create a new operating system with built-in security breaches that they could install to the suspect’s iPhone to retrieve the information sought by the FBI. Fearing the software could be disastrous if it fell into the wrong hands, Apple remains non-compliant in creating the subterfuge software.
Other technology companies are joining voices in solidarity with Apple. Wordfence is a security plugin for the WordPress platform, on which we develop many mobile-friendly websites for Blink;Tech clients. Wordfence provides great protection from hackers, and its creators recently backed Apple’s decision to their put client security first.
Referencing Facebook’s Chief Security Officer Alex Stamos, Wordfence’s release asked, “If we give the US government a backdoor into encrypted data, should we give other governments that same access? How do we justify giving the United States extraordinary access if we do business in France and don’t give the French government the same access? The results of granting the US government a backdoor could well be that all governments require that same access if you do business in their jurisdiction.”
But just because Apple protects its clients’ information even from the FBI doesn’t mean that all the private information on your smartphone is safe.
Arxan, a top provider of mobile application security providers, recently released its 5th annual State of Application Security study. In their study, 48% of people who use mobile health and finance applications said they expect them to be hacked in the next six months, and 46% of IT executive decision-makers felt the same way. Part of the problem is that half of the organizations that create mobile applications have no budget for developing the security protocols to protect them. Due to this apathy, 90 of the 126 applications Arxan tested for the report had at least two critical security vulnerabilities. (See an infographic summary of Arxan’s report at the end of this article.)
Although these mobile applications seem to offer up a number of backdoors to hackers intent on stealing information, you still have the power to protect yourself. Get your applications from official app stores and research their security protocols. Don’t jailbreak your phone. Update your apps regularly. These simple measures can do much to keep your information safe. And although Orwellian ideas of Big Brother’s invasive, unsleeping eye make a great many people very insecure, thanks to Apple and other companies — for the moment — information privacy has its staunch champions.
The web can be a dangerous place to do business. Is your website fully secure? Reach out to our security experts for a comprehensive web security evaluation.