Skip to main content

Don’t worry, the backdoor to your data already exists

iPhone Passcode
ymgerman/123rf
Risk assessment: we’re not even safe in the air anymore. Every time you log into a device and have it connected to the space we call the Internet, it most likely checks for automatic updates … unless you’ve turned them off. Depending on how urban you are, it might be a good idea to do so. Because the very developers you’ve purchased your software from most likely also provided hackers with a pre-installed backdoor. Sort of.

In a recent article on Ars Technica, Leif Ryge discusses the importance of the ongoing encryption battle between Apple and FBI. The FBI demands that Apple develops a new operating system (likely a modified version of iOS); one that would assist the FBI in catching criminals without having to turn to Apple for help –this would also set a nefarious precedent. The Feds also demand that Apple’s devices no longer delete certain data after a limited number of failed PIN unlocking attempts. It would effectively let anyone abuse your phone for hours on end, should they get their hands on it.

Recommended Videos

There’s also a push for Apple to provide the FBI with a “backdoor” to their operating system — even Apple is calling it such. But that backdoor has existed for a long time; it simply takes the right key to get access, and that’s something the FBI is very interested in. Giving in to those demands would put other IT companies in an awkward position, and unlikely to succeed in refusing the FBI themselves. The clincher is that other countries could follow in the those tracks. After all, if the iPhone is accessible by the United States, why shouldn’t it be the same in, say, China?

Please enable Javascript to view this content

But before we start concerning ourselves with whether China will be hacking their way through smartphones on an international level, there’s already a major security flaw to address. Because in pretty much every software update you receive, be it on your computer, tablet, or phone, there’s a hacking buffet awaiting the one that gets a hold of that update’s master key. Assume that this is your operating system for one moment, take a few steps back and breathe.

How often is your device automatically updated (assuming you have that option turned on)? How about the entire OS? For an OS, it most likely checks whether or not you’re using an authentic version of the software before starting the update. At that very moment, it will often use the previously mentioned master key. There can be several keys to get access to your system, and due to their nature, they’re cryptographic single points of failure. They are access points rather than safeguards, should they fall into the wrong hands.

If you’re having a bad day, and a poorly mannered hacker passes by your digital life, they might infer it’s a good day to check for someone with a false sense of security. Provided the conditions are right, the hacker could be in a position to pose as an authentic update to your device. In a worst case scenario, this then equals a malicious automatic update delivered directly to you, one which the hacker tricks your device into believing is real. It wouldn’t look dangerous. For all you’d know it looks like an update with puppy eyes, meant to improve your system stability and ask you to play around with all the new toys/features.

“But,” you ask, “if this key is so powerful, what happens if it’s not just some lone hacker that gets access to that key?” Massive damage, perhaps. It all depends on the intentions of your hacker. The crucial point is that they essentially will have the ability to do as they please with your device. All due to a deliberately placed security system that’s getting outrun by both governments and criminal organizations.

Dan Isacsson
Former Digital Trends Contributor
Being a gamer since the age of three, Dan took an interest in mobile gaming back in 2009. Since then he's been digging ever…
Don’t wait for macOS Sequoia. This app already has its best feature
Apple's Craig Federighi introducing the new window tiling feature in macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.

When Apple lifted the shroud on macOS Sequoia at its Worldwide Developers Conference (WWDC) in June, there were a lot of headline announcements: Apple Intelligence, iPhone mirroring, a new Passwords app, plus a whole lot more. Yet it was the much more modest announcement of window snapping and tiling that really caught my eye.

For years, Windows users have been able to point to the lack of macOS window snapping as proof of the inferiority of Apple’s operating system. After all, if Apple couldn’t even get such a simple productivity feature right, what else was it failing at?

Read more
Elon Musk tells Tim Cook he doesn’t want Apple’s ‘creepy spyware’
elon musk stylized image

Elon Musk has lashed out at Apple’s plan to partner with OpenAI to bring artificial intelligence features to the iPhone, telling Apple CEO Tim Cook directly to “stop this creepy spyware” and threatening to ban iPhones on the premises of his companies -- SpaceX, Tesla, and X (formerly Twitter).

Apple announced the partnership with the ChatGPT maker on the opening day of its Worldwide Developers Conference (WWDC) on Monday. But just a few hours later, Musk fired off a number of X posts expressing his annoyance at the plan, calling it “an unacceptable security violation.”

Read more
MacOS 15 will completely change how you use your iPhone
The iPhone Mirroring feature from macOS Sequoia being demonstrated at the Worldwide Developers Conference (WWDC) 2024.

Apple just announced macOS 15 at WWDC 2024. Called macOS Sequoia, the updated operating system brings a suite of new features to Macs this fall. The key change, however, is a new Continuity feature that allows you to mirror your iPhone on your Mac, from the MacBook Air to the Mac Studio.

Although iPhone mirroring takes center stage, there are a ton of new features in MacOS 15. Here are all of them.
iPhone mirroring

Read more