iPhone Encryption: 5 Ways It's Changed Over Time

Apple took a few more swings at the US Justice Department and the FBI, in a legal brief filed with a US District Court in California March 15. Apple depicted the government as reckless in its use of the All Writs Act to try to force Apple to create software that could unlock an encrypted iPhone.

The March 15 brief was first discovered by Mashable.

"According to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up," wrote Apple's attorneys. "The Founders would be appalled."

The filing also comes amid media reports focused on the government's repeated suggestion, in its March 10 filing, that it could force Apple to provide the government with its "cryptographic keys and source code" -- a possibility that has appalled security experts.

ACLU Technology Fellow Daniel Kahn Gillmor, in a March 7 blog post, spelled out the threat he sees in such a scenario.

"The FBI wants to weaken the ecosystem we all depend on for maintenance of our all-too-vulnerable devices," wrote Gillmor. "… When we're asked to install a software update, we won't know whether it was compelled by a government agency (foreign or domestic), or whether it truly represents the best engineering our chosen platform has to offer."

"Potentially Cataclysmic"

Indeed, the suggestion of a source-code transfer is "potentially cataclysmic" and "the scariest news we've heard yet in this case," Eric Lundbohm, chief marketing officer at iSheriff, a provider of enterprise cloud security solutions, told InformationWeek.

While it may solve the problem in the near-term, Lundbohm added, vendors, likely outside of the country, and so outside of US government control, would "step in to fill the gap."

Nathan Wenzler, executive director of Security at Thycotic, a D.C.-based provider of privileged account management solutions, called a request for the source code and signing key "absolutely the worst case scenario," explaining that the invasiveness it would allow could quickly scale to a global level.

Are you prepared for a new world of enterprise mobility? Attend the Wireless & Mobility Track at Interop Las Vegas, May 2-6. Register now!

"It's a shame, in many ways, that the US government has chosen this particular time and situation to draw a line in the sand, in a last-minute gambit to get this level of access to people's devices," Wenzler told InformationWeek. "I believe it won't be long before Apple and other manufacturers begin using levels of encryption and security methods … that will make it truly impossible to breach in the future, no matter the legal nature of the request."

Robert Grapes, vice president of Marketing and Operations at Ottawa-based mobile solutions company Graphite Software, pointed out how "very harsh" it is of the government to push forward on the matter, given that it has more resources than ever before in its fight against terrorism.

"If it is a real threat, then it completely undermines the creative and competitive capacity of any company to succeed in the marketplace," said Grapes. "Would you buy an Apple product, in this case, with the knowledge that the US government has full access, or would you buy another product? I'd buy another product."

Steve Durbin, managing director of the UK-based Information Security Forum, points out that, given Apple's long tradition of secrecy and "keeping a very tight rein on its intellectual property and valuing its source code and keys highly," both competitors and governments will be closely watching the matter unfold.

"Has the so-called war on terror simply reached a level at which no stone may be left unturned, and should all vendors be compelled to provide similar access?" wondered Durbin. "We'll just have to wait and see. But a ruling in favor of the government could well be a game changer for all of us."