domeet webmaster

Apple claims to be a “guardian of user information.” The tech giant has always shown a tough side in disputes with the federal government. But now, it has also shown a cooperative attitude.

Clearly, there has been a gulf between law enforcement and investigator concerns about security and tech companies’ claims about user privacy.

Not long ago, a Saudi officer shot and killed three Americans at Naval Air Base in Pensacola, Florida. After the incident, Apple provided the FBI with iCloud account details of the terrorists, but as before, claimed that it could not solve the iPhone’s unlock service.

Trump accused Apple on Twitter, accusing Apple of being a “eye-eyed wolf” and refusing to unlock the phones of “killers, drug dealers and other criminals.”

U.S. Attorney General William Barr has publicly pressed Apple to unlock the iPhones in the hands of two terrorists.

This scene is very similar to four years ago.

Apple in 2016: Refusing to open back door to FBI

To accompany the investigation into the California shootings in December 2015, a California federal court prosecutor asked Apple to provide specialized software that unlocks terrorist iPhones, but Apple later issued a statement in order to protect customer privacy. US government requirements.

Cook said in a statement the next day: “This order is equivalent to opening a back door. Although the government claims to use this back door only in this case, it is difficult to guarantee that it will not run out of control in the future.”

He means that if the government today forces Apple to unlock users ’iPhones under the blessing of the All Writs Act, tomorrow it can still ask Apple to write monitoring software to intercept users, track their locations, and even without their knowledge Case call the phone microphone and camera.

People expressed support for Apple ’s protection of user privacy outside the court when the 2016 California shootings occurred

In fact, Apple did send the shooter’s iCloud backup data to the prosecutor in the Pensacola case, but “without providing any substantial assistance”.

According to six former and current FBI officials and Apple employees, as early as two years ago, Apple informed the FBI that it was planning to provide users with end-to-end encryption products to help them store data on personal phones in iCloud. Above.

In the original plan, the reason why Apple encrypted data was mainly to prevent hacking. Because it was end-to-end encryption, Apple would no longer have the key to unlock encrypted data. This means that even in court Under the order, Apple was also unable to transfer the information to the authorities in a readable form.

In a private conversation between FBI cybercrime agents and mobile technology representatives and Apple, the FBI objected to the project, stating that it would severely crack down on federal agencies’ efforts to gather evidence against suspects using the iPhone.

When Apple talked privately with the FBI about its work on mobile security in the second year, the end-to-end encryption plan was cancelled. It’s impossible to determine why Apple Corp. completely abandoned the plan.

“The justice machine killed it, for self-evident reasons”, a former Apple employee was notified of the plan’s cancellation, but no one explained to him the reason and the role of the FBI in the process.

But this person told reporters that Apple is unwilling to be accused by the public of “covering criminals” and that iCloud user backup data was originally available to the government, it is not wise to encrypt this content now. They also do not want the government to use this as an excuse to introduce new anti-encryption provisions.

“They decided not to touch the tiger’s ass anymore”

After the 2015 California shootings, Apple was often ordered to help the FBI resolveLock the iPhone to make it public, and government agencies stopped asking Apple after finding a third-party cracking tool-a common occurrence in FBI case investigations.

Two former FBI officials (not participating in the current talks with Apple) told the media that the number of cloud backup information for Apple devices investigated in the FBI It has played a vital role in thousands of cases.

“Apple is a technology company that has been trusted by the government.” One of them said, “In addition to the well-known California shootings, Apple has always cooperated well with the federal government.”

But for those who are worried about their privacy being snooped, the data stored in the cloud was previously too secure. A former Apple employee said that encrypted information is often deleted for various reasons. For example, many users will find themselves locked out of their data because they forget their passwords.

After the decision to abandon privacy protections, three people familiar with the matter told reporters that more than 10 security experts at Apple Corps have stopped their information encryption projects codenamed Plesio and KeyDrop.

From protecting all iCloud data to protecting sensitive user information

Apple’s decision to abandon end-to-end encryption of iCloud data backups has made the FBI’s work easier.

In the past, the FBI used hacking software that can crack security holes to penetrate Apple phones. However, this method requires direct access to the phone and usually alerts users to make them aware that they are the subject of an investigation.

Apple iCloud profiles can be searched secretly. In the first half of 2019, according to Apple’s semi-annual transparency report, government agencies and other law enforcement authorities with formal court documents applied for user data investigations in 1,568 cases, involving approximately 6000 accounts.

Apple states that it provided at least 90% of the data survey applications it received. And, for orders from the U.S. Secret Intelligence Court, Apple will hand over data more frequently, involving 14,000 accounts in the second half of 2018. In 2019, Apple will no longer provide any such data due to the implementation of the speech injunction.

If this continues, Apple will not hand over any other organization to user-selectable end-to-end encrypted readable data.

But Apple chose to change its policy focus and no longer use end-to-end encryption to protect all iCloud data. Instead, it turned to protecting some of the most sensitive user information, such as stored passwords and health data.

In addition, contact information and text backups from iMessage, WhatsApp and other encryption services remain open to Apple employees and authorities.

Fell from the altar?

The news that “Apple bowed to the US government” has caused widespread concern on the Internet. Many people have said that Apple is no longer the one just for users.

On HackerNews, there was a lively discussion about this incident. Some of them said: This has given us an impression of Apple’s protection of user privacy. Although the iPhone is still a fairly secure phone, the data on iCloud is not encrypted. May mean that there is no longer any confidential information. After all, the iPhone and iCloud are so tied that you can hardly find other alternatives.