Anti-Surveillance Coalition That Includes Apple Condemns Proposals for Device Backdoors

iphonecreateapasscodeThe Reform Government Surveillance coalition, which includes several major tech companies who have teamed up to lobby for surveillance law reform, this week released a statement condemning recent proposals for backdoor access into electronic devices and reaffirming a commitment to strong encryption.

The coalition is made up of multiple tech companies who have taken a strong stance against weakening encryption, including Apple, Google, Microsoft, Dropbox, Snap, Evernote, LinkedIn, Oath (owned by Verizon) and Facebook.

Reform Government Surveillance recently announced a new core principle on encryption that will guide our advocacy efforts, and we continue to believe that strong encryption helps protect the security and privacy of individuals and companies around the world. We have consistently raised concerns about proposals that would undermine encryption of devices and services by requiring so-called "exceptional access" for law enforcement. Recent reports have described new proposals to engineer vulnerabilities into devices and services - but they appear to suffer from the same technical and design concerns that security researchers have identified for years. Weakening the security and privacy that encryption helps provide is not the answer.

As ZDNet points out, the statement comes following a WIRED article profiling Microsoft chief technical Ray Ozzie and his suggestion for a solution called "Clear" that would supposedly provide law enforcement with access to encrypted data with less security risk.

Ozzie's proposal uses a public key and a private key (housed and protected by a company like Apple) that are used to encrypt and decrypt a PIN generated on the device. No one is meant to be able to decode and use the PIN to unlock the device aside from the vendor, using the aforementioned private key.

So, say the FBI needs the contents of an iPhone. First the Feds have to actually get the device and the proper court authorization to access the information it contains--Ozzie's system does not allow the authorities to remotely snatch information. With the phone in its possession, they could then access, through the lock screen, the encrypted PIN and send it to Apple.

Armed with that information, Apple would send highly trusted employees into the vault where they could use the private key to unlock the PIN. Apple could then send that no-longer-secret PIN back to the government, who can use it to unlock the device.

Ozzie demonstrated his "Clear" solution to representatives from tech companies that included Apple, Google and Facebook, according to WIRED, but unsurprisingly, none of them had "any interest whatsoever" in voluntarily implementing that kind of access into their devices and services.

The coalition Apple is a part of in April published a core principle pledging to ensure device security through strong encryption and calling on governments to avoid taking actions that would require companies to "create any security vulnerabilities in their produces and services."

Strong encryption of devices and services protects the sensitive data of our users - including individuals, corporations, and governments. Strong encryption also promotes free expression and the free flow of information around the world. Requiring technology companies to engineer vulnerabilities into their products and services would undermine the security and privacy of our users, as well as the world's information technology infrastructure. Governments should avoid any action that would require companies to create any security vulnerabilities in their products and services.

The renewed activity from the Reform Government Surveillance group follows reports that have suggested law enforcement officials are quietly revisiting proposals that would require tech companies to add backdoor access into electronic devices for use by law enforcement officials.

FBI and DOJ officials have been meeting with security researchers with the aim of developing approaches that would offer "extraordinary access" to encrypted devices like the iPhone, with DOJ officials reportedly "convinced" there is a way to create a backdoor without weakening a device's defense against hacking.

Apple software engineering chief Craig Federighi recently said that this kind of backdoor access would "inject new and dangerous weaknesses into product security."

"Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," Federighi said.

Apple vehemently opposes backdoor solutions like the one Ozzie proposed because they have the potential to weaken device encryption and provide new ways for bad actors to access device data.

Apple's strong stance against weakened device protections for the sake of law enforcement access was highlighted in the 2016 Apple vs. FBI conflict that saw Apple refuse to create a backdoor access solution to allow the FBI to crack the iPhone 5c owned by San Bernardino shooter Syed Farook.

graykey1

GrayKey iPhone unlocking box via MalwareBytes

Without device backdoors, law enforcement officials have still found ways to crack devices like iPhones through other means. At the current time, for example, agencies like the FBI and DOJ have access to an iPhone unlocking box called GrayKey, which is capable of unlocking Apple's most recent iPhones running modern versions of iOS.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

GermanSuplex Avatar
46 months ago
Explain why not.
Because it compromises the privacy of everyone, not just lawbreakers.

You’re only as strong as your weakest link, and the government wants to force a weak link onto a chain.
Score: 28 Votes (Like | Disagree)
PotatoLeekSoup Avatar
46 months ago
Weakening security is dumb.
Score: 20 Votes (Like | Disagree)
camomac Avatar
46 months ago
I'm glad that Apple is staying strong.
Score: 16 Votes (Like | Disagree)
tridley68 Avatar
46 months ago
Stick to your guns Apple keep security tight.
Score: 16 Votes (Like | Disagree)
bitfactory Avatar
46 months ago
Microsoft and security recommendations. lul
Score: 13 Votes (Like | Disagree)
Black Tiger Avatar
46 months ago
Good for Apple. There is an alarming trend towards sacrificing privacy in the name of “security”. The problem is when organized crime or hackers are able to utilize these back foot methods, and it seems that this is a greater problem.
Score: 12 Votes (Like | Disagree)

Related Stories

General Apps Messages

Android iMessage Competitor Puts Pressure on Apple

Friday July 30, 2021 3:15 am PDT by
Google and the three major U.S. carriers, including Verizon, AT&T, and T-Mobile, will all support a new communications protocol on Android smartphones starting in 2022, a move that puts pressure on Apple to adopt a new cross-platform messaging standard and may present a challenge to iMessage. Verizon recently announced that it is planning to adopt Messages by Google as its default messaging...
iphone 13 teal with text

Apple Begins Preparation for iPhone 13 Production Ahead of Fall Launch

Monday June 28, 2021 3:29 am PDT by
We're just a few months away from when Apple is expected to reveal the 2021 iPhone, dubbed the "iPhone 13." In preparation for its launch, it has been pulling in shipments of different components needed to produce the new iPhones, according to a report from DigiTimes. In years past, Apple released its latest iPhone lineup, alongside a new Apple Watch, during a September event at Apple Park....
studio buds family

Beats Studio Buds Debuting Today With Active Noise Cancellation, Stemless Design, and More for $150

Monday June 14, 2021 8:00 am PDT by
We've seen a lot of teasers about the Beats Studio Buds over the past month since they first showed up in Apple's beta software updates, and today they're finally official. The Beats Studio Buds are available to order today in red, white, and black ahead of a June 24 ship date, and they're priced at $149.99. The Studio Buds are the first Beats-branded earbuds to truly compete with AirPods...
bluetti eb70 main

MacRumors Giveaway: Win a Bluetti EB70 Portable Power Station and 200W Solar Panel

Friday September 3, 2021 11:13 am PDT by
For this week's giveaway, we've teamed up with MAXOAK to offer MacRumors readers a chance to win a Bluetti portable power station and an accompanying solar panel. Bluetti makes a range of portable power station options that are useful for camping, emergencies, power outages, off-grid living, and similar situations. The Bluetti EB70 is a solid middle of the road option that offers 716Wh and...
apple privacy

Apple Publishes FAQ to Address Concerns About CSAM Detection and Messages Scanning

Monday August 9, 2021 1:50 am PDT by
Apple has published a FAQ titled "Expanded Protections for Children" which aims to allay users' privacy concerns about the new CSAM detection in iCloud Photos and communication safety for Messages features that the company announced last week. "Since we announced these features, many stakeholders including privacy organizations and child safety organizations have expressed their support of...
macos catalina legacy system extension alert

Apple Begins Warning Users That 'Legacy System Extensions' Won't Work With a Future Version of macOS

Wednesday March 25, 2020 9:53 am PDT by
Apple has shared a new support document that indicates kernel extensions — which it calls "legacy system extensions" — will not be compatible with a future version of macOS because they "aren't as secure or reliable as modern alternatives."System extensions are a category of software that works in the background to extend the functionality of your Mac. Some apps install kernel extensions, which...
General Spotify Feature

Spotify Pauses Plans to Add AirPlay 2 Support to iOS App [Update: Spotify Clarifies]

Friday August 6, 2021 9:07 am PDT by
See update at bottom of article Spotify this week confirmed that its plans to add AirPlay 2 support to its iOS app have been placed on indefinite hiatus. In an online discussion forum post, a Spotify representative said the streaming music service had been working on supporting AirPlay 2, but the company has paused the efforts "for now" due to "audio driver compatibility issues." The...
youtube apple tv

YouTube Discontinuing 3rd-Generation Apple TV App, AirPlay Still Available

Wednesday February 3, 2021 3:09 pm PST by
YouTube is planning to stop supporting its YouTube app on the third-generation Apple TV models, where YouTube has long been available as a channel option. A 9to5Mac reader received a message about the upcoming app discontinuation, which is set to take place in March.Starting early March, the YouTube app will no longer be available on Apple TV (3rd generation). You can still watch YouTube on...
os x mountain lion macs 16x9 2

Apple Makes OS X Lion and Mountain Lion Free to Download

Wednesday June 30, 2021 12:19 pm PDT by
Apple recently dropped the $19.99 fee for OS X Lion and Mountain Lion, making the older Mac updates free to download, reports Macworld. Apple has kept OS X 10.7 Lion and OS X 10.8 Mountain Lion available for customers who have machines limited to the older software, but until recently, Apple was charging $19.99 to get download codes for the updates. As of last week, these updates no...
Pixel Stand 23W 668x445

Google Pixel 6 Rumored to Support 23W Wireless Charging, Beating iPhone 12's MagSafe

Wednesday September 1, 2021 1:54 am PDT by
Google is rumored to be working on a new wireless charging stand that could deliver 23W of charging power to its upcoming Pixel 6 and Pixel 6 Pro phones, according to a leaked inventory image published by Android Police. Image via Android Police. If true, that would beat the iPhone 12's maximum 15W wireless charging speed (or 12W on ‌iPhone 12 mini‌) using Apple's MagSafe charger, and...