A renowned computer security expert has cast doubt on the US Federal Bureau of Investigation’s (FBI’s) claim that Apple iPhones offer criminals and terrorists a safe way to communicate.
Apple probably does have the capability to give the FBI access to a key that would translate even encrypted messages sent by iPhones, a second security expert tells Business Insider.
The FBI’s hostility towards Apple stems from the company’s use of a special technology known as encryption. Content stored on iPhones, especially in the iMessage texting app, is encrypted so that can only be read by the owner of the phone or the intended recipient of messages from the phone.
Encryption scrambles digital information using specialist mathematics. Only people in possession of a specific key or password can read the encrypted information.
Nicholas Weaver, a computer security researcher at the International Computer Science Institute in Berkeley, countered the FBI’s claim in a guest post on Lawfare.
“Properly configured, an iOS device is perhaps the most secure, general purpose communication device available,” he says.
“Despite this, ‘best’ does not mean ‘impregnable.’ The FBI claims that iPhones are ‘bricks’ containing no useful information and Apple claims that iMessage is ‘end-to-end’ secure. Neither is the case.”
Weaver said the way Apple encrypts iMessages has a security hole that could be used to wiretap specific users. The bug reportedly exists in the tool used to create iMessage encryption keys.
Using the bug Apple could reportedly create a special key for the FBI that would let agents decrypt messages from specific iPhone users on a case-by-case basis.
F-Secure security advisor Sean Sullivan backed Weaver’s claim, arguing Apple could engineer the functionality if it wanted to.
“I think he’s probably right on the money with this particular analysis. Generally speaking, it isn’t possible for an Apple employee to examine the contents of iMessage conversations at the moment. But that doesn’t mean that it couldn’t be made to be possible,” he told Business Insider.
“Apple just doesn’t want to engineer that capability. Comey’s ‘performance’ in the Senate appears designed to create pressure on Apple to make that engineering happen.”
Business Insider has reached out to Apple for comment on the Weaver’s claim.