Apple has announced that it will update its iOS software to block tools which are used by police, law enforcement agencies and others, to gain access to its iPhones via the charging port and bypass the need for a password.
The company confirmed this in a statement to Reuters, saying, “We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs.”
So what will these changes in Apple’s iOS encryption mean for iPhones?
The feature has already been spotted in developer beta versions of iOS 11.4.1 and iOS12. Apple told Reuters it will be made permanent in the future public releases of its iOS software. iOS will essentially block techniques, which allowed tools to bypass Apple’s default disk encryption.
According to Reuters, hackers or even law enforcement agencies will be unable to access the iPhone’s encrypted disk via the charging port, if the phone has not been unlocked in the last one hour. What this also means is that authorities will get relatively less time, when trying to crack a device to access the data. The report notes, that new setting will cut off communication to the charging port, when the phone has not been unlocked over the last one hour.
Why is Apple making changes to its iOS encryption?
Apple has in the past maintained that weakening encryption is not an option for them, as it can open devices to greater risks from hackers and cyber-criminals. In fact in 2016, Apple resisted the FBI which wanted the company to write new software for the agency to access the iPhone 5c of the San Bernardino shooter.
Apple refused to comply and CEO Tim Cook also wrote a long letter on the same, addressing why this was an issue of privacy where the company would not compromise. FBI wanted to used ‘brute force’ in order to unlock the iPhone 5c, and wanted Apple to write a code, which would let the agency have unlimited attempts at unlocking the phone without being locked out. The Cupertino-based technology giant refused to comply on the same.
Eventually FBI found another way to access the data on the iPhone. Companies like GrayShift, Cellebrite, etc, give law agencies the option of accessing locked iOS devices, without the device looking them out. After a number of incorrect password guesses, Apple devices get locked and after 10 attempts the data is also erased if the user has turned this option on in settings. Previously GrayShift had offered to unlock the iPhone 5c for the FBI for $15,000. In April this year, Motherboard had reported how GrayKey was a cheap tool for bypassing the iPhone’s security, which was being used by police in the US.