Apple to close major iPhone security loophole exploited by police
Apple is set to close a a major iPhone security loophole that enabled hackers and law enforcement agencies to unlock devices without legal approval.
The Cupertino-based company has revealed that a forthcoming software update will fix a vulnerability that allowed data to be transferred via the iPhone’s Lightning port without authorisation.
In the future, an iPhone’s Lightning port will disable data transfer functionality just an after the device was last unlocked, unless the user’s password is entered first. Before, a loophole meant it was theoretically possible to access a handset’s data at any time using specialist ‘cracking’ software or hardware.
Police forces made use of the ‘flaw’ to glean evidence and background information from phones for use in criminal investigations, but weren’t required to attain authorisation.
Related: iPhone 9
Hackers were also known to make use of the loophole, and Apple is obviously pitching its forthcoming patch as a measure against cyber ne’er-do-wells, rather than obstruct law enforcement efforts.
“We’re constantly strengthening the security protections in every Apple product to help customers defend against hackers, identity thieves and intrusions into their personal data. We have the greatest respect for law enforcement, and we don’t design our security improvements to frustrate their efforts to do their jobs,” Apple said in a statement.
Having said that, privacy was a key talking for the company during its recent WWDC 2018 keynote, and the company has publicly fought legislative efforts in the US that would force tech firms to retain and provide access to user data.
Predictably, there has been an immediate backlash from law enforcement, who say it will stop them effectively doing their jobs, and potentially puts more people at risk than it might protect.
“If we go back to the situation where we again don’t have access, now we know directly all the evidence we’ve lost and all the kids we can’t put into a position of safety,” Chuck Cohen, the lead officer on an Indiana State Police task force dedicated to thwarting online crimes against children, told The New York Times.
It’s unknown when Apple will push the iPhone update, but it seems likely to surface this autumn with the full launch of iOS 12 at the latest.
Do you approve of Apple closing a security loophole that was exploited by hackers but also helped police? Tweet your thoughts to us @TrustedReviews.