Over the past few weeks, Apple and the FBI engaged in a prolonged and highly publicized battle that sought to find a balance between user privacy and the interests of national security. As you likely know by now, Apple, while having no objection to helping the FBI when it could, drew a line in the sand when asked to create an entirely new version of iOS capable of bypassing the iPhone’s built-in security mechanisms. So while Apple had no problem handing the FBI information on its servers, pro-actively creating an entirely new OS was simply too much for Apple to bear.
Apple’s recent battle with the FBI notwithstanding, iPhone engineers recently explained during a conference call with reporters that they still view hackers as more of a pressing threat to mobile security than the government.
Specifically, Techcrunch relays that Apple’s reluctance to assist the FBI had nothing to do with their lack of desire to help the FBI in their investigation, but rather due to broader concerns over mobile device security.
Senior Apple engineers feel that government intrusion is not their primary threat model when designing iPhone security and said they instead prefer to focus on fending off hackers.
The engineers also characterized Apple’s pushback against the FBI as motivated not by a desire to impede a terrorism investigation, but rather to defend its ability to protect users against non-governmental threats.
Apple engineers also took umbrage with the notion that iOS security somehow provides criminals with an easy way to shield their illicit activities. Rather, Apple hammered home the point that its robust security schemes are intended to protect the data and sensitive information of hundreds of millions of iOS users across the globe. Indeed, Apple over the past few weeks made a point of noting that if it actually acquiesced and developed a new version of iOS, it would only be a matter of time before the software, which Tim Cook called the software equivalent of cancer, would wind up in the wrong hands.
Especially interesting is that iPhone engineers on the call took some time to discuss how Apple’s ability to control both the software and the hardware on the iPhone makes for a much more secure device.
To this point, The Verge adds:
The security for iPhone involves multiple layers, some of which are industry-standard and others that are specific to Apple hardware. The protection starts with the chip inside of the phone, these Apple engineers said. The Boot ROM, or memory chip, includes a certificate or secret key that only Apple has access to. If an attacker wanted to try to take over an iPhone by taking a version of iOS and modifying it to run their own code, the software wouldn’t run because the attacker wouldn’t have access to that secret key, Apple said. This is the case for iPhones 3GS and later.
There’s also a chain-of-security-command built directly into the iOS mobile software, known in the tech industry as the boot chain. This, again, ensures that the certificate or key is validated before iOS even begins to boot up on the phone.
Taken together, Apple boasted of having the “most effective security organization in the world.”
Make sure to hit the source link below for the full run down of Apple’s call with reporters.