now browsing by tag
#nationalcybersecuritymonth | Security experts explain why unlocking the Pensacola shooter’s iPhones would unleash a privacy nightmare for iPhone owners
- Apple’s decision not to unlock or create a backdoor into the iPhones used by a gunman in a Florida shooting last month puts the tech giant at odds with the United States government yet again.
- Security experts agree, however, that circumventing the iPhone’s security poses a significant risk to iPhone users since it would provide a means to obtain private data that even Apple can’t presently access.
- There’s a risk that such a tool could fall into the wrong hands, some experts warn.
- Visit Business Insider’s homepage for more stories.
Attorney General William Barr recently called on Apple to help unlock the iPhones used by a gunman in Pensacola, Florida last month – a situation that once again requires the tech giant to balance protecting consumer privacy with its legal obligation to assist in investigating a shooting that’s resulted in the loss of American lives.
But security experts agree that providing access to the shooter’s iPhone could jeopardize the security of the millions of iPhones in use around the world.
„In essence, you’re trying to make a weapon that can only be used on a single target,“ Jacob Doiron, an information systems lecturer at San Diego State University, said to Business Insider. „But that’s not the nature of weapons, or exploits. They are applicable to any device that has that profile or configuration.“
On Monday, Barr said that Apple had not provided any „substantive assistance“ in getting access to two iPhones belonging to the shooter, Mohammad Alshamrani, who killed three people at a naval airbase last month. But Apple has since refuted that characterization, saying that it had provided iCloud backups, information, and other data from Alshamrani’s account in cooperating with the investigation. Now, Apple is reportedly gearing up for a legal battle with the Department of Justice to defend its position, according to The New York Times.
„We have always maintained there is no such thing as a backdoor just for the good guys,“ Apple said in a comment to Business Insider. „Backdoors can also be exploited by those who threaten our national security and the data security of our customers.“
Apple took a similar position in 2016 when it was caught in a stand-off with the Federal Bureau of Investigation over whether it should unlock an iPhone linked to a shooting in San Bernardino, California. Apple refused to unlock the iPhone, and the FBI ultimately ended up working with a private companyto gain access to the device.
The crux of the issue when it comes to unlocking an iPhone or bypassing its encryption , according to privacy experts, is that once Apple creates a backdoor, there’s a risk that it can be used in unpredictable and in some cases harmful ways.
„I would say the chances of it falling into the wrong hands are 100%,“said Mark Nunnikhoven, vice president of cloud research for cybersecurity firm Trend Micro.
There’s also the question of why Apple couldn’t just create the tool for the purposes of the investigation and then push an update to iPhones that would render it obsolete. For that to work, the backdoor would have to be tied to the software only, not the iPhone’s hardware, says Doiron. „Sometimes these vulnerabilities take place on the hardware, level,“ he said. „That’s not something that could be fixed via software.“
„We’re on your side“
The broader issue, however, may be that creating such a tool would put private, encrypted data from iPhone users in the hands of Apple and its employees – a privilege the company doesn’t want to begin with. Such a move that would be in stark opposition to Apple’s stance on consumer privacy.
„You are not our product,“ Apple CEO Tim Cook said in an interview with ABC News last year. „Our products are iPhones and iPads. We treasure your data. We want to help you keep it private and keep it secure. We’re on your side.“
Foto: Apple CEO Tim Cook.sourceREUTERS/Toru Hanai
Theoretically, if Apple were to create some type of tool or key that would provide backdoor access to encrypted iPhone data, employees from Apple would have access to that information as well since they would likely be assisting in the investigation. What’s to prevent an Apple worker from going rogue and possibly leaking iPhone user data, or using the tool for nefarious purposes?
Nunnikhoven pointed to EternalBlue as an example of how a tool built for specific purposes could fall into the wrong hands. EternalBlue was a National Security Agency hacking tool that leaked to the public in 2017 that was linked to the WannaCry ransomware attack that infected computers all over the world during that same year.
Creating the tool in general would also require a significant effort on Apple’s part. It’s not simply about cracking the passcode of the device, but would likely require that a dedicated team at Apple create a piece of software capable of accessing the data stored on the device, says Nunnikhoven. The government, in other words, is asking Apple to enable something that isn’t even possible on iPhones today.
Unlocking these iPhones for the Pensacola investigation would also likely set a precedent for law enforcement agencies to request similar treatment for future cases as well, says Matt Wilson, chief information security advisor at BTB Security.
„It’s just more evidence to prove this isn’t just [cybersecurity experts] saying, ‚I don’t want to think about it,’“ said Wilson. „It’s [experts] saying we’ve thought about it very long and very hard, and we don’t see a viable way that addresses all of these issues.“
The post #nationalcybersecuritymonth | Security experts explain why unlocking the Pensacola shooter’s iPhones would unleash a privacy nightmare for iPhone owners appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans Cryptocurrencies continue to be a bonanza for criminals and hackers. The latest targets are people who have touted their ownership of BitCoin or other cryptocurrencies. The vulnerability is through their cell phones. Hackers are finding out the telephone numbers of virtual currency owners then calling up […] View full post on AmIHackerProof.com | Can You Be Hacked?
Randell Heath isn’t sure how hackers got into his company’s website — all he knows is a supplier called, saying the site had become an online store selling Viagra and Cialis. The problem might have been at the company that …
The post Why Small-Business Owners Are Easy Prey for Hackers appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Edward Snowden has secretly been working on a project to stop smartphones from revealing the location of people in dangerous places. Snowden said he envisions it as a protection for journalists and human rights workers, but it could be used by anyone who doesn’t want to be spied on. On Thursday, the ex-NSA whistleblower unveiled […]
The post Snowden designs a phone case that hides owner’s location appeared first on National Cyber Security.
View full post on National Cyber Security
Corporate security consultant and Tesla owner Nitesh Dhanjani said that hackers can potentially unlock Tesla cars by stealing owner’s password. Tesla cars are password protected. When a customer buys the car he will be required to obtain a password from Tesla’s official website.
The password that’s set by Tesla owners when they create an account is six characters long, and it must contain at least one number and one letter. This makes the password easy to obtain with brute-force attacks. Since it’s only 6 characters long, it’s not difficult to crack.
Furthermore, there are no account lockout policies for incorrect login attempts. Nitesh Dhanjani says hackers can also employ certain other methods to obtain the password which may include phishing and social engineering. Nitesh said the if hackers get access to password they can lock and unlock the car can steal valuables placed inside.
Hacker can also flash lights and can remotely locate the cars. Nitesh has submitted the findings to the company. Tesla assured that it will consider all possible risk and take the necessary measures accordingly.
The post Hackers Can Unlock Tesla Cars by Stealing Owners’ Passwords appeared first on Am I Hacker Proof.
View full post on Am I Hacker Proof
Have you ever gone on a date with someone who didn’t share your passion for dogs? Wasn’t a very nice time, was it? Now, according to a report by iDigital Times on June 25, there is a new dating app for dogs…and their owners, of course. Read More….
View full post on Dating Scams 101
Hacker Accounting loves helping business owners. One way they do this is by helping owners prepare and file their taxes. With so many rules, regulations, and deadlines to be aware of, some business owners might not know that an important […]
For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com
The post Hacker Accounting Reminds Business Owners That Tax Returns Are Due in September appeared first on National Cyber Security.
View full post on National Cyber Security