Apple vs. FBI: Do you need to be concerned?

Standard
applefbiA U.S. magistrate judge ordered Apple to help the FBI break into a work-issued iPhone used by one of the two gunmen in the mass shooting in San Bernardino, California.  Apple CEO Tim Cook immediately objected.

The following was originally published on February 21, 2016 on Seacoastonline.com.

This week, Apple CEO Tim Cook published a strongly worded letter pushing back against a court ruling that requires Apple to help the FBI gain access to an iPhone that belonged to one of the San Bernadino terrorists. If Apple complies with the court order, privacy advocates predict the dawn of 1984, that Orwellian novel that portends the ever present, highly intrusive “Big Brother” government knowing of your every thought and action.

Do you need to be concerned about this fight? In my opinion, no, you do not. Why? Here is my view and please keep in mind I am not a legal expert. I view this court order to be, in effect, an electronic search warrant. Under our Constitution, law enforcement agencies are not allowed to have a master key that unlocks every door to every home and commercial building so they can walk in and search for any reason they wish. In order to search premises, they need either probable cause for an immediate search or a search warrant signed by a judge that affords them unfettered entry. As I said, I am not a legal expert, so I hope I have summarized that correctly.

In this instance, one of the terrorist’s iPhone may have communication records or other data on it that will help the FBI definitively ascertain whether they were lone wolf terrorist sympathizers or acted with the direction and tangible support of a known terrorist organization. Because of the passcode security and device encryption Apple has built into the iOS software that runs the iPhone, the FBI is unable to access this information. The FBI requested Apple’s assistance in doing so and Apple declined. As a result, the FBI went to court to see an order forcing Apple to assist it. The court agreed and issued such an order.

So a court has ordered Apple to comply and Apple is trying to refuse. Again, I am no legal expert, but to me it seems like Apple is treading on thin ice. As far as I know, you either comply with a court order or go to jail for contempt. Certainly, an entire company cannot be imprisoned so how this would be enforced is a topic for another to comment on.

Apple’s contention is that the FBI is asking it to create a version of its iOS software that will allow the FBI to disable the passcode and unlock the encryption so it can review the apps and data on the iPhone. The issue is that Apple feels the FBI will take possession of this new version of iOS and use it whenever and however it wants to gain access to any iOS device (iPhones and iPads) whenever and however it wishes, thus allowing unlimited covert surveillance on anyone using these devices. As I have researched this matter, I do not agree this is what the court has ordered. It appears to me the court ordered Apple to provide the FBI with unrestricted access to this one iPhone for a very specific criminal investigation with significant implications for our national security. Due to the specific nature of the order, I personally do not have an issue with it.

So the real question becomes, is this technically possible and what are the implications to all of us who use any type of connected device? To the first question, the answer appears to be yes. I am not an iOS developer, so I am not able to definitely say whether or not Apple can do this. From the research I have done over the last few days, it is technically possible and Apple has the resources to comply with the court order. Apple’s resistance seems to be entirely on principle at this point. It is concerned about the privacy implications this would raise. While I can appreciate and even applaud that concern, I don’t think it’s valid in this case.

It is true that if companies create back doors or other methods of defeating the security of a given device that our privacy becomes at risk. The entire fiasco with the National Security Agency’s domestic surveillance program is proof the risk is real. However, I believe it is entirely possible to develop the necessary software code to comply with the court order without providing that same code for unlimited ongoing use. In effect, I believe this can be addressed in a one-time manner to comply with the court order and assure the public of the safety of their personal data, provided they are not breaking the law or conspiring to cause harm to the public. If this argument prevails, then we need to look deeply into all manner of security systems, including manufacturers of locking systems, security systems, surveillance systems and more.

I appreciate the principle of the argument as I said before. However, in this case I believe the argument is misguided and our right to privacy is not under attack. This is a case worth monitoring as depending how this plays out, there could be serious implications for the protection of all manner of digital assets, but for now, I think this is more of a public relations battle than anything else.

Mac OS isn’t as safe as you think

Standard

osx

The following was originally published on February 7, 2016 on Seacoastonline.com.

Recent reports from security software firm GFI has what some may say are surprising results. Mac OSX now holds the undesirable title of most vulnerable computer operating system.

For years, Mac users have maintained the strong insistence that Apple software is more secure than Microsoft software, specifically the Mac operating system as compared to the Windows operating system. While that was certainly true for a time, this latest study states this has changed and I’m not surprised at all.

For many years, I have contended that as Apple products gained market share that it was only a matter of time before it became larger targets for hackers and distributors of malicious software designed to break in to operating systems and applications. My theory appears to be accurate based on this new report.

Specifically, the report lists Mac OSX as the most vulnerable, followed next by iOS, the operating system that runs iPhones and iPads. Third is the Linux kernel, the heart of the Linux operating system that is used by many embedded devices and finally Microsoft’s Windows operating system for both server’s and PCs.

If you are unfamiliar with Linux, it is a server and personal computer operating system similar to OSX and Windows in that it is the software that runs the hardware. However, it was originally developed as a free personal computer operating system and later evolved into commercial versions from companies such as Red Hat. Today, Linux runs in a variety of applications and is used extensively in embedded systems. These are dedicated pieces of hardware that typically perform a single function and Linux controls this.

Operating systems are the most sought after points of vulnerability to hack into a computer or network, but there are several applications that run on these applications that are also a serious concern. Chief among them is web browser software. Again, this is no surprise as web browsers are so heavily used, not only for surfing the web, but also for running all manner of web-based applications like online banking.

Internet Explorer tops the list, which makes sense as it is the most widely used browser. Chrome is second followed by Firefox. Next on the list is Adobe Flash and Java. I’m sure you see the periodic pop-ups asking you to update these pieces of software and it’s important to do so to be sure they stay secured from vulnerabilities.

All this points to a longstanding need to keep your computer secured, regardless what operating system it is running. I know far too many users of Macs who stand fast that they do not need to worry about viruses, malware and the like and this is simply not true. Especially in the workplace, where more Macs are in use now than at any time in the past, these computers must be properly managed and secured and their users properly educated, to insure they do not fall victim to the increase in security threats that face them.

Many software companies that make security software for Windows also have versions for Mac and a growing number for Linux as well. What is most important is to be monitoring all your computers for malicious or suspect activity that may suggest a vulnerability exists or is being exploited. As today is Super Bowl Sunday, it seems very fitting to remind you that the best offense is good defense and this applies to every computer you use.

%d bloggers like this: