Communications of the ACM
No Backdoor Required or Expected
Credit: iStockPhoto.com
I was disappointed by Eugene H. Spafford's column "The Strength of Encryption" (Mar. 2016) in which Spafford conflated law enforcement requests for access to the contents of specific smartphones with the prospect of the government requiring backdoors through which any device could be penetrated. These are separate issues. Even if the methods the FBI ultimately used to unlock a particular Apple iPhone 5C earlier this year are too elaborate for the hundreds of encrypted or code-protected phones now in police custody, the principle—that it is a moral if not legal responsibility for those with the competence to open the phones do so—would still be relevant.
Unlocking an individual phone would not legally compel a backdoor into all Apple devices. Rather, Apple would have to create and download into a particular target phone only a version of iOS that does two things—return to requesting password entry after a failed attempt, without invoking the standard iOS delay-and-attempt-count code and allow password attempts at guessing the correct password be submitted electronically rather than through physical taps on the phone's keypad. The first is clearly trivial, and the second is, I expect, easily achieved.
No entries found