A measure that does not please the police who call him an accomplice of criminals
Apple has long touted its iPhone as a sufficiently secure device that only its owner is able to unlock it. A slightly watered down view of reality that still held the iOS editor away from all forms of bug bounty before his standoff with the police.
As a reminder, the latter wanted Apple to install a mechanism that makes it possible to circumvent its own security. Apple refused to do so, highlighting the fact that this could affect the security of its devices around the world, the FBI has used a third party that has been vulnerable to achieve its purpose. Since then, Apple has decided to launch a Bug Bounty, in the same way as the other technological brands.
To position itself again as the champion of security, Apple announced Wednesday that it will improve the encryption of data on its iPhone to better counter hackers or police too zealous. These new measures come at a time when a new tool called GrayKey, which is said to be able to unlock the iPhone, is starting to make a name for itself in tech circles.
"We put the customer at the center of everything," Apple said in a statement on Wednesday. "We are steadily strengthening our security protections in every Apple product to help our customers defend themselves against hackers"
The manufacturer has confirmed to Reuters the presence of a function that prohibits a device connected to the lightning port of the iPhone or iPad to access its content if the user has not identified in the last hour.
The option, which appeared in the first beta of iOS 11.4.1 and is also present in the iOS 12 preview, is in the Face ID and Code settings at the bottom of the panel. By disabling it, it effectively prevents the connection of USB accessories if the iPhone has been locked for more than an hour. For Apple, this feature helps to cut off the footprint of police forces and acronym agencies to dig into the data of a terminal with the help of a GrayKey case for example.
The GrayKey case that can "break" the protections of two iOS devices at once.
Want to unlock an iPhone? By this it will not be possible anymore
A decision that seems to be angering the police and could well raise the question of whether the government has the right to enter the personal devices of modern life is now revived.
With this function, to transfer data from or to the iPhone via the port, a person will have to enter the password of the phone if it has been locked for more than one hour. Such a change will hinder law enforcement, which has generally unlocked iPhones by connecting another device running special software on the port, often days or even months after the last unlock of the smartphone. The news of Apple's scheduled update began to spread through security blogs, which has resulted in angering many investigative agencies.
"If we go back to the situation where we have no access, then we will have lost so much evidence and there will be so many children that we will not be able to put ourselves in a safe position," said Chuck Cohen, who runs an Indiana State Police Task Force on Internet Crimes Against Children. Indiana State Police said they have released 96 iPhones for various cases this year, each time with a warrant, using a $ 15,000 device it bought in March from a company called Grayshift .
A decision that is not unanimous
However, for privacy advocates, Apple is right to fix this security vulnerability that has become easier and less costly to exploit: "This is a very big vulnerability in Apple phones," said Matthew D Green, professor of cryptography at Johns Hopkins University. According to him, a Grayshift device on a desk in a police station could very easily end up in other hands.
In an email to the New York Times, Apple spokesman Fred Sainz said the company was steadily strengthening security protections and fixing any vulnerabilities found on its phones, in part because criminals could also exploit the same flaws. "We have the utmost respect for law enforcement, and we do not design our security improvements to negate their efforts to improve their work."
