Don’t worry, the backdoor to your data already exists

iPhone Passcode
ymgerman/123rf
Risk assessment: we’re not even safe in the air anymore. Every time you log into a device and have it connected to the space we call the Internet, it most likely checks for automatic updates … unless you’ve turned them off. Depending on how urban you are, it might be a good idea to do so. Because the very developers you’ve purchased your software from most likely also provided hackers with a pre-installed backdoor. Sort of.

In a recent article on Ars Technica, Leif Ryge discusses the importance of the ongoing encryption battle between Apple and FBI. The FBI demands that Apple develops a new operating system (likely a modified version of iOS); one that would assist the FBI in catching criminals without having to turn to Apple for help –this would also set a nefarious precedent. The Feds also demand that Apple’s devices no longer delete certain data after a limited number of failed PIN unlocking attempts. It would effectively let anyone abuse your phone for hours on end, should they get their hands on it.

There’s also a push for Apple to provide the FBI with a “backdoor” to their operating system — even Apple is calling it such. But that backdoor has existed for a long time; it simply takes the right key to get access, and that’s something the FBI is very interested in. Giving in to those demands would put other IT companies in an awkward position, and unlikely to succeed in refusing the FBI themselves. The clincher is that other countries could follow in the those tracks. After all, if the iPhone is accessible by the United States, why shouldn’t it be the same in, say, China?

But before we start concerning ourselves with whether China will be hacking their way through smartphones on an international level, there’s already a major security flaw to address. Because in pretty much every software update you receive, be it on your computer, tablet, or phone, there’s a hacking buffet awaiting the one that gets a hold of that update’s master key. Assume that this is your operating system for one moment, take a few steps back and breathe.

How often is your device automatically updated (assuming you have that option turned on)? How about the entire OS? For an OS, it most likely checks whether or not you’re using an authentic version of the software before starting the update. At that very moment, it will often use the previously mentioned master key. There can be several keys to get access to your system, and due to their nature, they’re cryptographic single points of failure. They are access points rather than safeguards, should they fall into the wrong hands.

If you’re having a bad day, and a poorly mannered hacker passes by your digital life, they might infer it’s a good day to check for someone with a false sense of security. Provided the conditions are right, the hacker could be in a position to pose as an authentic update to your device. In a worst case scenario, this then equals a malicious automatic update delivered directly to you, one which the hacker tricks your device into believing is real. It wouldn’t look dangerous. For all you’d know it looks like an update with puppy eyes, meant to improve your system stability and ask you to play around with all the new toys/features.

“But,” you ask, “if this key is so powerful, what happens if it’s not just some lone hacker that gets access to that key?” Massive damage, perhaps. It all depends on the intentions of your hacker. The crucial point is that they essentially will have the ability to do as they please with your device. All due to a deliberately placed security system that’s getting outrun by both governments and criminal organizations.

Product Review

Kwikset Kevo Convert Review: A simple route to a smart lock

While it lacks the features and overall value of the August Smart Lock, Kwikset’s Kevo Convert offers a simple and friendly route to upgrade your front door’s deadbolt. Learn more in our full review.
Gaming

Xbox's app lets you access your console while away from home. Here's how

Microsoft's Xbox allows you to access your profile information and launch media content directly from your mobile device. Check out our quick guide on how to connect your smartphone to an Xbox One.
Computing

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.
Gaming

Take to the virtual skies with these free flight simulators

You don't have to spend the entirety of your paycheck to become a virtual ace, at least when it comes to flight simulation. Our list of the best free flight simulators will let you unleash your inner Maverick.
Web

Rid yourself of website notification requests in just a few easy steps

Wish you knew how to block browser and website notifications? You can do it on a case by case basis, but that can become dull after the 10th site has asked for your approval. Here's how to block them outright.
Computing

Don't take your provider's word for it. Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.
Computing

Decades-old Apple IIe computer found in dad’s attic, and it still works

A New York law professor went viral last weekend after he discovered an old Apple IIe computer sitting in his dad's attic. In a series of tweets, he showed that the vintage machine still works perfectly fine after 30 years.
Computing

Logitech’s G MX518 gaming mouse pairs classic looks with all-new tech

Logitech is relaunching one of its most popular classic gaming mice, the MX518. Now called the G MX518, it sports upgraded internals that give it a 16,000 DPI optical sensor and new and improved memory.
Computing

Microsoft could be planning a laptop with foldable screen, hints patent filing

Filed in late 2017 and titled "Bendable device with Display in Movable Connection With Body," the patent filing explains a new mechanism for laptops which can eliminate a hinge and allow the screen to fold shut from the inside,
Deals

From Chromebooks to MacBooks, here are the best laptop deals for February 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we've got you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Computing

Is AMD's Navi back on track for 2019? Here's everything you need to know

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles, like Sony's PlayStation 5.
Deals

Here are the best Chromebook deals available in February 2019

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- that won't…
Computing

RTX might be expensive, but the 16 series could have the best Nvidia Turing GPUs

Set to debut at a step below the RTX 2060 on the price and performance spectrums, the GTX 1660 Ti and its other 16-series brethren could be Nvidia's killer mid-range cards of 2019 — especially with Tensor Core-powered DLSS.
Computing

Ryzen 3000 chips will be powerful, and they might be launched as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far, based on both leaks and the recent…