Apple vs FBI expert comments

Apple Hands Over iCloud Encryption Keys to Users

1722

In a new twist to the FBI vs. Apple story, Apple has announced they will be handing over encryption key management to its users, making it more difficult for Government agencies to access iCloud data. Here to comment on this story is Brian Spector, CEO of MIRACL.

Brian Spector, CEO of MIRACL:

There are no winners here. Six weeks of discussion have led to a widespread iPhone hacking challenge which clearly demonstrates the resources and actors available to bypass current security protocols, and leaves us all more exposed. The truth is that any technology with a single point of compromise is vulnerable to brute force attacks – Apple is no exception.

Going forward, this kind of ‘business vs. Government’ mentality will make us all less safe. Quite apart from damaging the products and technologies in question, it can damage trust in the Internet entirely. For trust to be effectively restored, users need to believe that the systems they use online are not part of a government program to spy and snoop on its citizens. This is no doubt why Apple is planning to hand over iCloud encryption key management to its users. Going a step further, advances in pairing-based cryptography will soon allow a private key to be split into several different parts, eliminating the single point of failure that currently exists.  These kind of changes put power back into the hands of the individual and give users valuable new tools in the fight to keep our data secure.

About Brian Spector
Brian SpectorBrian is co-founder of CertiVox and brings more than 20 years of experience in the information security industry. Brian began his career in cryptographic development at Silicon Valley’s first full disk encryption software company, which later became Guardian Edge and was acquired by Symantec. Brian joined McAfee, where he began his sales career in the anti-virus solutions group. He then moved to RSA Data Security, Inc., successfully forming several major strategic partnerships in the intellectual property licensing division, which included the BSAFE line of cryptographic SDKs that was responsible for the development of several standards.