Apple working on stronger iCloud backup encryption during fight with FBI


Apple has a stake in security, now more so than ever before as it battles with the Federal Bureau of Investigation, and it looks like it’s doubling down on that effort.

In a pair of reports from The New York Times and Financial Times, it is said that Apple is working on strengthening its encryption methods to make Apple device users even more secure, and, essentially, remove the possibility that the FBI could request for device access at a later date with future iPhones or iPads. These reports support another from Reuters, which stated that Apple’s plans to enforce its encryption policies would only get better depending on the results of its current legal battle over a locked iPhone 5c.

The new reports both state that Apple has engineers working on improving the encrypted backups within iCloud, in an effort to make them inaccessible even by Apple.

As it stands right now, iCloud backups are encrypted, but Apple has keys to access that information. Law enforcement can ask Apple, and has asked Apple, for the data on locked iPhones with those keys, provided by Apple’s servers. The Financial Times states that Apple is looking into ways to making those encryption keys tied to the device itself, and not through Apple’s servers. This would mean that the device’s information couldn’t be obtained by Apple at all, if security protocols are in place on the device, whether through a passcode or Touch ID.

However, that report also states that this could come at a strike against convenience for the user, indicating that if a user forgets their iCloud authentication password, they would be completely locked out of their device, too. At the time of reporting, Apple hadn’t responded to the claims.

When it comes to hardware, the New York Times report suggests that Apple is considering changes to the way it implements security measures on devices themselves. That would mean a pretty big change for future iOS-based devices, and older handsets would be missing out on any hardware-based security implementations that did see the light of day, but that wouldn’t be much different than new devices equipped with Touch ID, and the older ones that are not.

These changes, making it impossible for Apple to access the information on an iOS device at all, seems like a step in the same direction the company has been moving in ever since it debuted iOS 8, so it may not be all that surprising. However, if Apple does reach that point, it’s likely that the U.S. government, or many other governments for that matter, might not like that particular path.

[via Financial Times; The New York Times]