Apple Used DMCA Takedown to Temporarily Remove Tweet With iPhone Encryption Key
Apple recently used the Digital Millennium Copyright Act (DMCA) to get Twitter to remove a viral tweet that featured an iPhone encryption key, provoking the ire of the security community, reports Motherboard.
On December 7, security researcher "Siguza" on Twitter shared an encryption key that could potentially be used to reverse engineer the iPhone's Secure Enclave, which handles encryption for the device. While it doesn't expose user data stored in the Secure Enclave, it does give researchers the ability to access the Secure Enclave's firmware to investigate how it works.
Just two days later, a law firm that works with Apple sent a DMCA takedown notice to Twitter, requesting that the tweet be removed. Twitter complied, deleting the tweet.
Today, the tweet reappeared, and Siguza said that the DMCA claim was "retracted." Apple confirmed to Motherboard that it sent the takedown notice and then asked Twitter to put the tweet back in place.
iPhone11,8 17C5053a sepi 9f974f1788e615700fec73006cc2e6b533b0c6c2b8cf653bdbd347bc1897bdd66b11815f036e94c951250c4dda916c00 — Siguza (@s1guza) December 8, 2019
Reddit also received several DMCA takedown requests for posts shared on r/jailbreak, a subreddit where security researchers and hackers discuss methods for jailbreaking Apple iPhones. It's not clear if this is also Apple, as the source of the takedown requests was unable to be verified.
Still, security researchers suspect Apple, and according to Motherboard, they see Apple's actions as an attempt to stifle the jailbreaking community.
For many years, there was no available jailbreaking software for modern iPhones, but that changed earlier this year when Checkra1n, a jailbreak for certain devices running iOS 13, was released. Checkra1n doesn't work on iPhones released in 2018 and 2019, but it does work on all older iPhone models, which has likely put Apple on edge.
Apple is also in the middle of a lawsuit against Corellium, a mobile device virtualization company that supports iOS. Corellium's software allows security researchers and hackers to create digital replicas of iOS devices for the purpose of finding and testing vulnerabilities, and the security community has criticized Apple's decision to levy a lawsuit against Corellium.
Top Rated Comments
Sure, some cute little tweaks, but it was always been cat and mouse. I'm too busy to muck about with it
There's zero good that can come from compromising the Secure Enclave that I can see. Do you think it would somehow force Apple to strengthen the security even more? Yes, that would be good.
Regardless of the long-term benefits, I find behaviour exhibited by hackers like Siguza to be dangerous and irresponsible.