Americas

  • United States

Asia

The FBI now says encryption is good for you

news analysis
Dec 04, 20245 mins
Messaging SecurityiOS SecurityiPhone

Apple has been battling to maintain encryption for a decade. Two federal agencies now see it as a way to fend off foreign hackers.

Apple has faced an unequal battle in recent years as some lawmakers, the FBI, and regulators insist that the company create backdoors through which to access messages and other parts of its platform.

Apple and others have always insisted that there is no such thing as a safe backdoor, and that if one person has access, then it’s only a matter of time until others gain access, too. 

Use encryption for all your communications

Now, the FBI seems to agree.

In a recent security warning, the FBI and the US Infrastructure Security Agency have warned people to use encrypted apps such as iMessage and FaceTime for communication in order to retain security resilience against foreign hackers

They also warn people to avoid using Rich Communication Services (RCS) when sharing messages between iPhones and Android devices, as RCS does not yet provide end-to-end encryption. (It is allegedly coming eventually, according to RCS standards body, the GSMA). What this means is that Android and iPhone users should probably consider installing Signal for cross platform communications, which does provide cross-platform encryption. 

Apple also continues to invest in encryption technologies to protect its customers, and recently introduced upgraded protection against future high-level attacks that use quantum computers to break into your communications.  

An about face?

What’s noteworthy about the FBI warning is that the agency has been battling Apple for years to convince it to put backdoors into its encryption — ostensibly to enable law enforcement. Apple has resisted so far, arguing that once you leave any form of vulnerability in any platform you are automatically placing customers at risk. 

Knowledge of these back doors will inevitably slip outside the control of law enforcement into the hands of nation state attackers and — eventually — criminal groups, making everybody far less secure and placing personal, commercial, and national interest at risk. Not only does such weakened encryption directly threaten personal privacy, it also undermines national security. 

A former head of UK national security agency MI5 warned of this almost a decade ago, while Apple software Vice President Craig Federighi has similarly warned: “Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems.”

All the same, demands that Apple weaken platform security by diluting device encryption have remained. But with the attack environment now in a red zone, the FBI issued its warning about encryption.

It comes after a CISA warning concerning ongoing attacks by China-based hackers.

So, what is the FBI saying? 

“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication,” said Jeff Greene, executive assistant director for cybersecurity at the CISA. “Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible [to use].” 

The FBI also shared a recipe for security that should be on the desk of every IT purchaser. It recommends you use mobile devices that automatically receive timely OS updates, have encryption built in, and use multi-factor authentication for most collaboration tools. In other words, use a higher-end smartphone in preference to a low-end land-fill wannabe. Or, given that the best way to ensure security in your tech is to invest in secure products, use an iPhone, which has built-in encryption and is designed with a security-first agenda.

That focus on security likely reflects how Apple approaches the topic. 

The next big war

After all, it was almost a decade ago that Apple CEO Tim Cook warned: “I think some of the top people predict that the next big war is fought on cybersecurity. With hacking getting more and more sophisticated, the hacking community has gone from the hobbyist in the basement to huge, sophisticated companies that are essentially doing this, or groups of people or foreign agents inside and outside the United States. People are running huge enterprises off of hacking and stealing data.

“So yes, every software release we do, we get more and more secure,” he said at the time.

Now, at last, the FBI seems to agree that encryption makes us safer. We really should keep using it, and reject arguments against doing so.

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe