Apple to close iPhone security gap police use to collect evidence

Yolanda Curtis
June 14, 2018

A new version of iOS will block a controversial loophole that law enforcement agencies have leveraged in order to crack into locked iPhones.

Apple CEO Tim Cook defended the company's decision saying, among other arguments, that weakening encryption gives criminals and other malicious actors an easier way to break into phones.

"We have the greatest respect for law enforcement, and we don't design our security improvements to frustrate their efforts to do their jobs", an Apple spokesperson said over email.

One of the biggest complaints people have about Apple devices is their use of proprietary connectors, but if rumours circulating about USB-C support for Apple's new iPhones and iPads are to be believed, we could see that change.

The Israel-based Cellebrite and the United States startup Grayshift sold their services to law enforcement agencies trying to hack into locked iPhones, according to media reports.

Cyber-security expert Alan Woodward, who is a visiting professor at the University of Surrey, is sceptical of the idea that GrayKey devices could be used for mass surveillance by police.

In an email, an Apple spokesman, Fred Sainz, said the company is constantly strengthening security protections and fixes any vulnerability it finds in its phones, partly because criminals could also exploit the same flaws that law enforcement agencies use. But Apple confirmed yesterday that a plugged-in iPhone will require a passcode every hour for the data transfers to continue.

The new changes could stoke another round of debate between Apple and law enforcement. Law enforcement officials said they generally send iPhones to Cellebrite to unlock, with each phone costing several thousand dollars to open.

But then Apple chose to cut the time span to a mere hour with the upcoming iOS 12.

Two years ago, Apple went to court to block an Federal Bureau of Investigation effort to force it to weaken iPhone encryption on the device of a mass shooter in San Bernardino, California, but officials dropped the case after finding a tool to unlock the phone.

With the changes, police or hackers will typically have an hour or less to get a phone to a cracking machine.

The FBI didn't immediately respond to a request for comment.

Other reports by iNewsToday