‘Apple could bypass iPhone security’

New York, February 18

Faced with a federal judge’s order to help investigators break into an iPhone used by one of the San Bernardino, California, shooters, Apple may well argue that the request places an unreasonable burden on the company.

In fact, experts say that complying with the government’s request wouldn’t be particularly challenging for Apple. But doing so might set a dangerous precedent that could threaten the data security of the millions of iPhone users around the world.

The phone in question was used by Syed Farook, who along with his wife, Tashfeen Malik, killed 14 people in a December attack. Investigators don’t know if the phone contains important evidence about the attack or the couple’s communications — and because its contents are encrypted, they won’t unless they can get the passcode to unlock it. The phone was issued by Farook’s employer, the county of San Bernardino.

Investigators can’t just try random passcodes until they hit on the right one, either. The phone has apparently enabled an Apple security feature — a sort of self-destruct option that would render the phone’s data unreadable after 10 incorrect passcode attempts.

The judge’s order requires Apple to create a unique software package — one Apple CEO Tim Cook described as ‘a new version of the iPhone operating system’ — that would allow investigators to bypass the self-destruct system. The same software would also let government enter passcodes electronically, eliminating both the tedium of manual entry and the enforced delays the iPhone system imposes after a few wrong guesses.

Apple opposes the order, arguing that such software would amount to a security ‘backdoor’ that would ultimately make iPhone users across the globe more vulnerable to information or identity theft. Both the ACLU and the Electronic Frontier Foundation have pledged to support Apple, saying that the government’s request endangers security and privacy.

From a technical perspective, making such software shouldn’t be difficult for Apple, experts say. But once created, it would be nearly impossible to contain, says Ajay Arora, CEO and co-founder of Vera, a start-up that provides companies with encryption services.

“Imagine if that got into the wrong hands,” he says. “What they’re asking for is a God key — and once you get that, there’s no going back.”

Apple Pay launched

SHANGHAI: Apple on Thursday launched its mobile payment service Apple Pay in China, pitting the US technology giant against strong domestic rivals in a large but already crowded market. Success in the world’s second-largest economy is crucial for the California-based firm. Apple Pay is available in only a few other countries including the United States, Britain, Canada and Australia. But unlike most other countries, mobile payment systems are already well-established in China and Apple does not have a first-mover advantage. China had 359 million online payment users in mid-2015, up almost 18 per cent in six months, according to the state-backed China Internet Network Information Centre. China’s mobile transactions were valued at some $1.4 trillion last year, up an annual 57 per cent, one industry estimate showed. — AFP