If the cybercriminals win the race, then hundreds of millions of peoples' payment information, medical records, and extremely private personal information get put at risk. (If they knew about it, then it would not have made it into iOS in the first place!) So as soon as these vulnerabilities appear, then Apple (and Google and Microsoft) quickly cat to patch the vulnerabilities because they are now in a race with cybercriminals to identify ways to exploit those vulnerabilities.Īll too often, before anyone patches them, these sorts of loopholes get exploited by cybercriminals and hackers. More often than not, Apple is not the party who discovers the newest iOS vulnerability. For example here is the current CVE list of known iOS vulnerabilities and the current CVE list of known Android vulnerabilities. Quite often, these exploits get published online in the CVE database. good-guy hackers), then the security flaw gets patched as quickly as possible. As soon as a loophole is found by the "white-hat" security researchers (i.e. Now, let me put that into the context of today's cybersecurity landscape.Īpple, Google, Microsoft, and other major tech companies are constantly searching for security holes in their own and each others products, then quietly and quickly patching those exploits. Then Apple must write malware that depends entirely on the existence of that vulnerability, and keep that malware around indefinitely into the future for the FBI.Įven if Apple never releases this malware, or tells anyone about the vulnerability, or how they exploited it, Apple must still leave open the vulnerability that they found, so that their malware hacking tool they made for the FBI will continue to work. To comply with the court order by creating this malware, Apple's engineers must first identify a vulnerability in their hardware and software-both of which are specifically designed not to have such vulnerabilities. Imagine if Apple complies and creates the malware suitable for hacking the dead terrorist's phone (and the 12 others that the FBI wants them to hack, and however many others they will continue being asked to hack). However it's impossible to explain the cybersecurity landscape in the context of a radio show phone call, as I had wanted to try to do. We know the FBI trying to just do their jobs, and it's for our protection. ![]() ![]() I work with ex-Marines every day at the software startup I work for. I have many relatives who served in the military. Of course I would want to stop any such horrific attack.Īlso, I am pro-law-enforcement, and I support the police. I said no, but I have been thinking about it. ![]() On the air today, Lars Larson asked me whether, if I was the CEO of Apple, whether I would order my engineers to unlock a would-be terrorist's phone if I was told that stopping something like 9/11 was on the line.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |