Senior Apple Engineers Say Hackers Are Main iPhone Security Threat, Not Government
Apple may be embroiled in an ongoing battle with the U.S. government over privacy rights and the boundaries of encryption, but in a meeting with reporters (via TechCrunch), Apple security engineers said the government is not the threat they aim to counter when implementing new security features for iOS devices.
Senior Apple engineers feel that government intrusion is not their primary threat model when designing iPhone security and said they instead prefer to focus on fending off hackers.
The engineers also characterized Apple's pushback against the FBI as motivated not by a desire to impede a terrorism investigation, but rather to defend its ability to protect users against non-governmental threats.
Hackers, not the government, are what Apple aims to counter by beefing up security, and Apple engineers don't want to be "viewed as government adversaries." With every iOS update, hackers, some malicious and some not, make an effort to discover previously unknown security flaws able to be exploited to gain access to iOS devices. Apple has to continually work to eliminate vulnerabilities and improve security in never-ending race.
In the call, TechCrunch says Apple engineers explained features in its Security White Paper [PDF] to reporters in an effort to emphasize the work that goes into protecting data, highlighting features like the Secure Enclave, Touch ID, two-factor authentication, and end-to-end encryption in iMessage.
Built into devices utilizing an A7 or later, the Secure Enclave, which maintains encryption keys directly on the chip, is a separate chip with its own secure boot and personalized software that's updated separately from the application processor. With iOS 8, Apple improved encryption for devices, making it impossible for the company to access data on a locked iPhone.
According to Apple engineers, who reportedly "disputed the theory" the iPhone's security allows criminals to evade law enforcement, implementing strong security measures is necessary to protect personal privacy for all people. In past arguments, Apple executives have also pointed out that even if the iPhone did have weaker encryption, criminals would be savvy enough to seek out other encryption methods like messaging apps with end-to-end encryption while the average consumer would be left more vulnerable.
Amid its dispute with the FBI, reports suggested Apple had already begun work on implementing stronger security measures to protect iOS devices, and in today's call with reporters, Apple said it has revamped its internal security teams.
Update: The Verge has shared additional details on the press briefing.
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.