Friday, February 26, 2016

Even if Apple decrypts the phone, what if local app storage uses encryption?

Even if Apple loses the legal challenge and is forced to decrypt the iPhone, the FBI still may not get all data they are looking for.  Best practices for mobile applications requires that any sensitive data is stored encrypted in local storage on the phone.  What this means is that it is possible that some applications in use by the suspects may be encrypted on the phone.  If the keys required for decryption are also stored on the phone, perhaps the FBI can decrypt the data from these applications.

However, the possibility also exists that the application requires the user to enter a password to access the data (e.g. when opening the application).  If this is the case, the FBI may not be able to get at the data regardless of Apple's help.  Just food for thought, but it's a great reason to ask "if the FBI gets its way, where will it end?"

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.