With every new generation of smartphone software and every browser update, the battle rages on.
Software engineers keep improving digital defenses, hackers find new vulnerabilities to exploit, and so the engineers work harder in turn to keep your data safe.
In what he described as an “endless race” against the bad guys, the head of software engineering at the world’s biggest tech company is refusing to be hobbled, saying that engineers shouldn’t have to turn back the clock on security, no matter the stakes.
Craig Federighi, senior vice president of software engineering at Apple, on Sunday penned an op-ed in The Washington Post, arguing that building a backdoor into the iPhone would drag Apple back to security standards of three years ago.
Federighi’s comments are the latest salvo in the legal battle between Apple and the FBI over requests to decrypt an iPhone 5C belonging to one of the terrorists involved in December’s San Bernardino shootings. While the FBI, along with the US Department of Justice, argue that the device could hold vital clues, Apple says deliberately compromising iPhone security would affect the online safety of all its customers.
The case has seen the likes of Google and Microsoft lend their support to Apple, while Republican presidential contender Donald Trump has called for an Apple boycott.
But for Apple’s software team, it’s a simple matter of not losing ground in a critical battle.
“Our team must work tirelessly to stay one step ahead of criminal attackers who seek to pry into personal information and even co-opt devices to commit broader assaults that endanger us all,” Federighi wrote in his op-ed. “Sadly, these threats only grow more serious and sophisticated over time.”
Just as Apple fans wouldn’t want the company to take the stage to launch an iPhone with last year’s specs, Federighi said Apple’s security team isn’t happy with old security either.
The encryption technology built into today’s iPhone represents the best data security available to consumers…
That’s why it’s so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013.
But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What’s worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.
These comments resonate all the more after security researchers on Sunday announced the discovery of ransomware targeting Apple’s Mac. The malicious software, which takes control of a computer until its owner pays a ransom, is believed to be the first targeting the Mac in the real world.
According to Federighi, the defenses that Apple’s teams of engineers work hard to maintain are the very protections that keep malware out of its devices and keep sensitive data out of the wrong hands.
“Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person’s smartphone,” he said.
With Apple’s legal counsel being called before Congress and other big names in tech filing their support for the company, the clash between Apple and the FBI is growing in scope by the day. And with national security being weighed against the personal security of an increasingly connected public, both parties have serious skin in the game.
But for the engineers behind it all, the personal is political.
“Great software has seemingly limitless potential to solve human problems — and it can spread around the world in the blink of an eye,” Federighi said. “Malicious code moves just as quickly, and when software is created for the wrong reason, it has a huge and growing capacity to harm millions of people.”