CNET también está disponible en español.

Ir a español

Don't show this again

Security

Apple's software chief refuses to 'turn back the clock' on iPhone security

Calling digital security an "endless race," Craig Federighi criticizes the FBI for asking Apple to fall behind by building a backdoor into the iPhone.

Apple's head of software engineering, Craig Federighi, warns against going backward in the "endless race" for digital security.

James Martin/CNET

With every new generation of smartphone software and every browser update, the battle rages on.

Software engineers improve digital defenses, hackers find new vulnerabilities to exploit, and the engineers, in turn, work even harder to keep your data safe.

In what he describes as an "endless race" against the bad guys, a top Apple executive refuses to be hobbled, saying that engineers shouldn't have to turn back the clock on security, no matter the stakes.

Craig Federighi, senior vice president of software engineering at Apple, on Sunday penned an op-ed in The Washington Post, arguing that building a backdoor into the iPhone would drag Apple back to security standards of three years ago.

Federighi's comments are the latest salvo in the legal battle over FBI's demand that Apple crack an iPhone 5C belonging to one of the terrorists involved in December's massacre in San Bernardino, California. The FBI, along with the US Department of Justice, argues that the phone could hold vital clues, while Apple says deliberately compromising iPhone security would affect online safety for all its customers.

The case has seen the likes of Google and Microsoft lend their support to Apple, while Republican presidential contender Donald Trump has called for an Apple boycott.

For Apple's software team, though, it's a simple matter of not losing ground in a critical battle.

"Our team must work tirelessly to stay one step ahead of criminal attackers who seek to pry into personal information and even co-opt devices to commit broader assaults that endanger us all," Federighi wrote in his op-ed. "Sadly, these threats only grow more serious and sophisticated over time."

Just as Apple fans wouldn't want the company to launch a new iPhone with last year's specs, Federighi said, Apple's security team isn't satisfied with old security either. According to his op-ed:

The encryption technology built into today's iPhone represents the best data security available to consumers...

That's why it's so disappointing that the FBI, Justice Department and others in law enforcement are pressing us to turn back the clock to a less-secure time and less-secure technologies. They have suggested that the safeguards of iOS 7 were good enough and that we should simply go back to the security standards of 2013.

But the security of iOS 7, while cutting-edge at the time, has since been breached by hackers. What's worse, some of their methods have been productized and are now available for sale to attackers who are less skilled but often more malicious.

These comments resonate all the more after security researchers on Sunday announced the discovery of ransomware targeting Apple's Mac computers. The malicious software, which takes control of a computer until its owner pays a ransom, is believed to be the first targeting the Mac in the real world.

According to Federighi, the defenses that Apple's teams of engineers work hard to maintain are the very protections that keep malware out of its devices and keep sensitive data out of the wrong hands.

"Criminals and terrorists who want to infiltrate systems and disrupt sensitive networks may start their attacks through access to just one person's smartphone," he said.

With Apple's legal counsel being called before Congress and other big names in tech filing their support for the company, the clash between Apple and the FBI is growing in scope by the day. With national security being weighed against personal security of an increasingly connected public, both parties have serious skin in the game.

For the engineers behind it all, the personal is political.

"Great software has seemingly limitless potential to solve human problems -- and it can spread around the world in the blink of an eye," Federighi said. "Malicious code moves just as quickly, and when software is created for the wrong reason, it has a huge and growing capacity to harm millions of people."