Skip to main content

Don’t worry, the backdoor to your data already exists

Risk assessment: we’re not even safe in the air anymore. Every time you log into a device and have it connected to the space we call the Internet, it most likely checks for automatic updates … unless you’ve turned them off. Depending on how urban you are, it might be a good idea to do so. Because the very developers you’ve purchased your software from most likely also provided hackers with a pre-installed backdoor. Sort of.

In a recent article on Ars Technica, Leif Ryge discusses the importance of the ongoing encryption battle between Apple and FBI. The FBI demands that Apple develops a new operating system (likely a modified version of iOS); one that would assist the FBI in catching criminals without having to turn to Apple for help –this would also set a nefarious precedent. The Feds also demand that Apple’s devices no longer delete certain data after a limited number of failed PIN unlocking attempts. It would effectively let anyone abuse your phone for hours on end, should they get their hands on it.

Recommended Videos

There’s also a push for Apple to provide the FBI with a “backdoor” to their operating system — even Apple is calling it such. But that backdoor has existed for a long time; it simply takes the right key to get access, and that’s something the FBI is very interested in. Giving in to those demands would put other IT companies in an awkward position, and unlikely to succeed in refusing the FBI themselves. The clincher is that other countries could follow in the those tracks. After all, if the iPhone is accessible by the United States, why shouldn’t it be the same in, say, China?

But before we start concerning ourselves with whether China will be hacking their way through smartphones on an international level, there’s already a major security flaw to address. Because in pretty much every software update you receive, be it on your computer, tablet, or phone, there’s a hacking buffet awaiting the one that gets a hold of that update’s master key. Assume that this is your operating system for one moment, take a few steps back and breathe.

How often is your device automatically updated (assuming you have that option turned on)? How about the entire OS? For an OS, it most likely checks whether or not you’re using an authentic version of the software before starting the update. At that very moment, it will often use the previously mentioned master key. There can be several keys to get access to your system, and due to their nature, they’re cryptographic single points of failure. They are access points rather than safeguards, should they fall into the wrong hands.

If you’re having a bad day, and a poorly mannered hacker passes by your digital life, they might infer it’s a good day to check for someone with a false sense of security. Provided the conditions are right, the hacker could be in a position to pose as an authentic update to your device. In a worst case scenario, this then equals a malicious automatic update delivered directly to you, one which the hacker tricks your device into believing is real. It wouldn’t look dangerous. For all you’d know it looks like an update with puppy eyes, meant to improve your system stability and ask you to play around with all the new toys/features.

“But,” you ask, “if this key is so powerful, what happens if it’s not just some lone hacker that gets access to that key?” Massive damage, perhaps. It all depends on the intentions of your hacker. The crucial point is that they essentially will have the ability to do as they please with your device. All due to a deliberately placed security system that’s getting outrun by both governments and criminal organizations.

Dan Isacsson
Being a gamer since the age of three, Dan took an interest in mobile gaming back in 2009. Since then he's been digging ever…
iOS 18 gives your iPhone a super-handy charging feature. Here’s how it works
The display on the iPhone 16 Pro.

Now that iOS 18 is rolling out, we're finding new features that are even more exciting than some of the larger-scale changes -- like a new setting that alerts you if you're using a slow charger on your iPhone.

If you're anything like me, you probably have a lot of old charging cables and bricks around the house. You might not realize that some of those are dated and aren't capable of supporting fast charging, especially if you tend to power your phone up in the evenings while you sleep.

Read more
Trading in your old phone for the iPhone 16? Make sure you do this first
iPhone 16 Pro color options.

The thought of $650 off a new iPhone 16, as promised during the Apple event, might be enticing -- but know there are conditions associated with trade-in. If your phone is damaged at all, the trade-in value quickly drops to a whopping $0. If you plan to trade in your current device for an upgrade, you might also want to consider taking it in for repairs before you swing by the Apple Store.

Macworld's Michael Simon had some first-hand experience with this. His iPhone 15 Pro Max, a phone likely to yield almost the maximum value, had a crack along its back. The glass wasn't falling off, and it was a relatively easy repair -- but Apple offered him $0 for the trade-in, even though he could have taken it in for repairs for just $29 thanks to AppleCare Plus.

Read more
This strange iOS bug can crash your iPhone in seconds
The App Library on the iPhone 14 Plus

Bored? Swipe all the way over to the App Library on your iPhone and type "":: in the search bar. Congratulations! You've just crashed your iPhone. But don't worry — it's not permanent or serious, according to security researchers.

Mastodon user Konstantin found that typing those four characters into the search bar will crash SpringBoard, the app responsible for the iPhone home screen. All it does is throw the phone into a loop for a moment before returning you to your lock screen. It doesn't close any apps or cause any other issues; if anything, it's just a reset. I tested it on my device and found nothing out of the ordinary.

Read more