FBI wants Apple to bring back the security standards of 2013: Federighi

Apple SVP of software engineering Craig Federighi has said US law enforcement is looking to turn back the clock to a less secure time.
Written by Chris Duckett, Contributor

Craig Federighi has struck out at the argument being put forward by US law-enforcement agencies that Apple should help create a special version of iOS that would allow the FBI to brute force the passcode of an iPhone 5C without the phone deleting all of its data after a number of failed attempts.

Writing in The Washington Post, the Apple senior vice president of software engineering said the FBI and Department of Justice are looking to return the world to the security environment of 2013.

"They have suggested that the safeguards of iOS 7 were good enough," Federighi said. "But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What's worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious."

Federighi echoed the words of Apple CEO Tim Cook by saying that the software a US Federal Court order is demanding the company create is a backdoor.

"Once created, this software -- which law enforcement has conceded it wants to apply to many iPhones -- would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all," he said.

"Great software has seemingly limitless potential to solve human problems -- and it can spread around the world in the blink of an eye. Malicious code moves just as quickly, and when software is created for the wrong reason, it has a huge and growing capacity to harm millions of people."

To slow, or even reverse, the security improvements that have been made to Apple's products since the release of the iPhone 5C, and iOS 7, would put everyone at risk, Federighi argued.

"Yesterday's best defenses cannot fend off the attacks of today or tomorrow. Software innovations of the future will depend on the foundation of strong device security. We cannot afford to fall behind those who would exploit technology in order to cause chaos," he said.

Last week, Apple notched up a victory against the Department of Justice when US Magistrate Judge James Orenstein from the United States District Court Eastern District of New York concluded that Apple is not obligated to assist government investigators against its will.

Orenstein found that Apple was not blocking US law enforcement from accessing the data on the iPhone in question in that case, and the government interpretation of All Writs Act (AWA) was so expansive as to render the Act unconstitutional.

The AWA is the same law under which the FBI is seeking access to the iPhone 5C used by one of San Bernardino shooters.

"The government's interpretation of the breadth of authority the AWA confers on courts of limited jurisdiction thus raises serious doubts about how such a statute could withstand constitutional scrutiny under the separation-of-powers doctrine," Orenstein said.

"It is a reading that thoroughly undermines both the legislature's own prerogative to reject a legislative proposal effectively and efficiently (without the need to affirmatively ban the proposed authority) and the more general protection against tyranny that the founders believed required the careful separation of governmental powers."

In its fight against the Federal Court order, Apple has gained the support of many technology heavyweights, including Google and Microsoft.

Last week, Microsoft chief legal officer Brad Smith called on the US government to create a panel of experts to advise Congress on encryption matters.

"We need to keep in mind that when it comes to security, there is no technology as important as encryption," Smith said. "And despite the best of intentions one thing is clear -- the path to hell starts at the backdoor."

Editorial standards