Apple recently used the Digital Millennium Copyright Act (DMCA) to get Twitter to remove a viral tweet that featured an iPhone encryption key, provoking the ire of the security community, reports Motherboard.
On December 7, security researcher "Siguza" on Twitter shared an encryption key that could potentially be used to reverse engineer the iPhone's Secure Enclave, which handles encryption for the device. While it doesn't expose user data stored in the Secure Enclave, it does give researchers the ability to access the Secure Enclave's firmware to investigate how it works.
/article-new/2019/09/iphone-11-and-11-pro-no-background.jpg?lossy)
Just two days later, a law firm that works with Apple sent a DMCA takedown notice to Twitter, requesting that the tweet be removed. Twitter complied, deleting the tweet.
Today, the tweet reappeared, and Siguza said that the DMCA claim was "retracted." Apple confirmed to Motherboard that it sent the takedown notice and then asked Twitter to put the tweet back in place.
iPhone11,8 17C5053a sepi 9f974f1788e615700fec73006cc2e6b533b0c6c2b8cf653bdbd347bc1897bdd66b11815f036e94c951250c4dda916c00 — Siguza (@s1guza) December 8, 2019
Reddit also received several DMCA takedown requests for posts shared on r/jailbreak, a subreddit where security researchers and hackers discuss methods for jailbreaking Apple iPhones. It's not clear if this is also Apple, as the source of the takedown requests was unable to be verified.
Still, security researchers suspect Apple, and according to Motherboard, they see Apple's actions as an attempt to stifle the jailbreaking community.
For many years, there was no available jailbreaking software for modern iPhones, but that changed earlier this year when Checkra1n, a jailbreak for certain devices running iOS 13, was released. Checkra1n doesn't work on iPhones released in 2018 and 2019, but it does work on all older iPhone models, which has likely put Apple on edge.
Apple is also in the middle of a lawsuit against Corellium, a mobile device virtualization company that supports iOS. Corellium's software allows security researchers and hackers to create digital replicas of iOS devices for the purpose of finding and testing vulnerabilities, and the security community has criticized Apple's decision to levy a lawsuit against Corellium.
Top Rated Comments
(View all)Sure, some cute little tweaks, but it was always been cat and mouse. I'm too busy to muck about with it
No, the exact opposite. I don't care what people do with their devices and I think that they should have the freedom to do that. However, if someone is posting things like encryption keys that could undermine *everyone's* devices because of their personal beliefs or whatever, I think it's reckless and irresponsible.So you’re basically okay with anything that protects only your interests, without regard with how it affects anyone else.
So you're okay with some dimwit (Siguza) publishing the keys to your "personal property"? Imagine if someone took the keys to your car and house, copied them, and handed them out to every passerby. Are you okay with that? How would you feel?I will keep my iPad jailbroken (with checkra1n) no matter what kind of crap Apple tries to do against it. Jailbreaking = freedom to do what i want with my device.
There's zero good that can come from compromising the Secure Enclave that I can see. Do you think it would somehow force Apple to strengthen the security even more? Yes, that would be good.
Regardless of the long-term benefits, I find behaviour exhibited by hackers like Siguza to be dangerous and irresponsible.