The Future of iPhone Security

The current faceoff between Apple and the FBI has placed the topic of Apple's security into the public eye. Apple has placed an emphasis on security and privacy in their products for some time now, but this is likely to be the most attention the topic has ever received.

Of course there's a question of whether or not Apple will be forced to help the FBI bypass current security features of the iPhone, but looking forward there's also a question of how iOS security will continue to advance.

What the FBI is requesting

For those unfamiliar or unclear about the current case, let's do a quick recap of what the FBI is requesting of Apple. The work-issued phone used by one of the shooters in the San Bernadino attack was recovered by the FBI.

The device (an iPhone 5c) is locked with a passcode, and may have the security feature enabled which erases the device's encryption keys after 10 failed passcode attempts. The FBI has requested that Apple create a special version of iOS that removes 3 security features.

The FBI has requested that Apple create a special version of iOS that removes 3 security features.

  1. The OS will bypass or disable the mechanisms to erase data after 10 failed attempts.
  2. The OS will allow for electronic passcode attempts (as opposed to manual entries performed physically on the device's screen). The phrasing of the FBI's request could also be read to mean that Apple will be responsible for providing the means to electronically submit passcode attempts.
  3. The OS will not introduce delays between failed passcode attempts.

In other words, the FBI would like to be able to brute force the device's passcode in a timely manner without the risk of losing the data that is on the device.

Why Apple can comply with the FBI's request

At the core of what the FBI is requesting is the ability to update the software of the iPhone without the user's passcode, and without losing data on the device. Currently, iOS can be updated on a locked device without ever entering the passcode.

This means that Apple could create an iOS update which removes or disables security features, sign it using keys that only they possess, and load it onto the locked device. Once the update were installed, the FBI (or any other party in possession of the device) could attempt to brute force the device's passcode without risk of being slowed down by backoff delays or losing data.

How Apple can change this

If the current legal battle ends with Apple being legally required to comply with the FBI's request, there is no technical limitation that would prevent Apple from complying on this device. However, a future version of iOS could remove their ability to do this.

A future update could (and in my personal opinion, probably will) require the device passcode to be entered prior to loading a recovery image (read: OS update). If the passcode cannot be entered, the user would have the ability to load the recovery image anyway, but the device would wipe its current encryption keys first, rendering existing data on the device practically irretrievable.

iCloud backups

Apple's current case with the FBI focuses entirely on the security of a physical device. However, many people utilize Apple's iCloud service for storage and backups. While data on iCloud servers is encrypted, this encryption is done with keys that Apple possesses, rather than keys possessed only by each user.

Apple would need to change iCloud to have it encrypt a user's data using a key that only they possess.

This means that Apple can comply with any legal requests for a user's iCloud data. For people who use iCloud for backups, this means that just about all of the information stored on your devices is retrievable by Apple. Even with backups disabled, a large amount of information may still be stored on iCloud including photos, documents, contacts, calendars, bookmarks, mail and app-specific data.

To change this, Apple would need to change iCloud to have it encrypt a user's data using a key that only they possess, rather than one that Apple controls. It is now rumored that Apple intends to make this very change at some point in the future.

While such a change would be a clear improvement for user security and privacy, it remains unclear how this may impact a user's ability to retrieve their data should they ever forget their password (or whatever other user-controlled piece of information may be used to encrypt their data).

The fight for the future

It's impossible to know what changes Apple may implement to further increase the security of their devices down the road, but it's a safe bet they'll be doing something. Each year, in addition to number other features and enhancements, we see Apple continue to make improvement to security, and put increasing amounts of user data out of their reach. In fact, it seems likely that the changes to iCloud encryption were on their product roadmap well before this legal case caught the public's attention.

Everything Apple has done for security up to this point has been in full compliance with applicable laws.

Security researcher Jonathan Zdziarski published a list of requested iOS security improvements, which doubles as an interesting list of weaknesses in Apple's current security model.

It's also important to be mindful that everything Apple has done for security up to this point has been in full compliance with applicable laws. Apple's current fight with the FBI isn't an act of civil disobedience or defiance of the law, but rather Apple challenging that the FBI's request is unlawful.

If applicable laws change, it's very possible that Apple's actions will change accordingly. While Apple is not currently required to implement backdoors to facilitate investigations by law enforcement, such laws do exist for telecommunications companies, and similar laws could be passed in the future that apply to smartphone manufacturers.

The bottom line

While we will have to wait to see the outcome of Apple's current battle with the FBI, the world of mobile security will likely never be the same. For years law enforcement has made legal requests for user information and data. And for years Apple has complied with legal requests, while distancing themselves from that user data.

With Apple continuing down this path, the next major version of iOS and next iPhone update may contain the most public and controversial security enhancements yet.

Nick Arnott