The technology at the heart of the Apple-FBI debate, explained
[Commentary] What if the FBI could force Samsung to covertly turn on the video camera in your smart TV? Or force Google to deliver a malicious security update to your web browser which actually spied on you and transmitted your passwords and other sensitive information back to the FBI? Sound like something from a dystopian sci-fi movie? If Apple loses its high-profile legal fight with the US government, these scenarios could become a reality. This will also threaten the security of all Internet users.
Earlier in Feb, the American public learned that the Department of Justice had sought and obtained a court order forcing Apple to help it hack into the iPhone of Syed Rizwan Farook, one of the San Bernardino (CA) shooters. The court ordered Apple to create a new, special version of Apple’s iOS operating system that bypasses several security features built into the company’s operating system. The court also ordered Apple to sign the custom version of the software. Without this digital signature certifying the software’s authenticity, the iPhone would refuse to run it. Experts fear that the precedent that the government is seeking in this case - to be able to force Apple to sign code for the government - could allow the government to force other technology companies to sign surveillance software and then push it to individual users’ devices, using the automatic update mechanisms that regularly look for and download new software.
[Christopher Soghoian is the Principal Technologist with the Speech, Privacy & Technology Project at the American Civil Liberties Union.]
The technology at the heart of the Apple-FBI debate, explained