Thought Experiment: FBiOS Wiretap Edition

A thought experiment.

The ongoing issue…

Apple vs. F.B.I.

The US Department of Justice (DOJ) invoked the All Writs Act and asked a federal judge to order that Apple develop “FBiOS”, a modified version of iOS lacking particular security controls. Apple is required to digitally sign FBiOS. The case is currently being argued.

Coming next?

Expand the functionality of FBiOS

The DOJ will attempt to use the All Writs Act to expand FBiOS development to include wiretapping functionality of a phone in use. Also, additional writs to create Android versions of FBiOS (aka GovtOS).

Pass legislation to expand wiretap authority

The US Congress could pass a law that facilitates wiretapping smartphones by requiring device manufactures to push FBiOS wiretap edition via update channels (in warranted investigations).

Welcome to the future.

At which point…

With client-side platforms being completely pwnable – everything is no longer “dark”.

End-to-end encrypted app? No problem. The wiretap function will get content from the UI, keyboard, et cetera.

Signal Private Messenger iOS

So, while your data in transit might remain fully encrypted, every device will now include the potential to be wiretapped unless you compile the OS yourself (or install from trusted sources) and maintain control of the update channel. History suggests that FBiOS wiretapping functionality would be too easily abused by multiple governments.

Conclusion… the Apple vs. F.B.I. case involves far more than just one iPhone 5c.

End of thought experiment.

Kudos to you, Tim Cook.



Articles with similar Tags