1 week Ago By Zak Doffman, Contributor
Apple's iPhone security has never been more at risk. With reports of $2300 and even $3500 iPhones, it’s little surprise to see suggestions that Apple CEO Tim Cook “ is facing the most daunting moment of his career .” But as President Trump plays out a game of tariff chicken with other world leaders, let’s not forget Apple has an even bigger problem on its hands, and one that is getting worse.
First to tariffs. We’re currently in the eye of the storm, but at some point realpolitik will kick in. Trump’s 90-day pause has to some extent morphed a global crisis into a U.
S. versus China crisis. And here too let’s pause for a reality check.
Trump Part 1 fueled a “ technological war " that reset the global technology landscape. As Trump 2 started, Apple was already in trouble in China as Huawei surged off the back of its U.S.
tech free hardware and its homegrown Android alternative, all of which came as a result of that first term. Apple will inevitably find ways through by changing sourcing arrangements and product BOMs. Prices may rise, but prices were rising anyway.
And anyway, with U.S. defense and security chiefs along with their Five Eyes peers warning that China’s cyber threat is getting more dangerous, and off the back of Salt Typhoon and so much more, the oddity of ring-fencing globalized trading links always appeared surreal.
Perhaps this was always destined to be just U.S. versus China.
What Apple won’t be able to fix is the fundamental threat to the very essence of its iPhone now playing out on a very different world stage. The U.K.
kicked this off with an ill-conceived secret / non-secret order for Apple to backdoor its own encryption to let governments peek inside, described by EFF as an “ emergency for us all .” Apple has now so weakened its U.K.
user security, that even its Chinese users appear better protected. The U.K.
isn’t alone. Australia, Brazil, France and others have started prodding at the walled garden around privacy-first iPhones. And back home, the FBI has confirmed it wants the same “ lawful access ” to all encrypted user data that the U.
K. is seeking. But the most significant issue post the U.
K. news has just come courtesy of the EU, the same body that has already forced Apple to open its iPhones to competing messengers, browsers and app stores, and which has already prompted Apple to warn its users that the fundamental security of their devices and their data is now compromised. The EU has announced ProtectEU , “a European Internal Security Strategy to support Member States and bolster the EU’s ability to guarantee security for its citizens,” including “a roadmap on lawful and effective access to data for law enforcement.
” As explained by Henna Virkkunen, the EU’s EVP for Technological Sovereignty, Security and Democracy, “the problem is that our law enforcement has been losing ground to criminals because our police investigators don’t have access today. That’s a big problem because we have identified that in about 85% of investigations we should have access to data..
. It’s something that we can’t tolerate, we can’t take care of security because we don’t have the tools to work in this digital world. We don’t have the tools and our law enforcement doesn’t have them.
So, we have to find solutions." This is broadly what the U.K.
wants and what the FBI means by responsible encryption . Yes, Virkkunen stresses that “we want to protect the privacy and cyber security at the same time,” but that’s the usual politician’s misunderstanding of the stark technical reality, the hard facts. There is no such thing as a selective back door.
Weakened encryption is exactly that. And once you burst the security bubble, it’s game over. I have covered device security and end-to-end encryption for many years now, as the tech world has seen off other similar pushes for data access, ghost protocols, nation-state vulnerabilities and varying levels of client-side screening and monitoring.
But this is the most precarious it has been. You get the sense that this is a battle Apple cannot afford to lose, and so its victory in the U.K.
courts to prevent its appeal being held in secret is a big deal. This battle needs to be fought publicly. Meanwhile, there’s a very different threat creeping up on users and their data from a very different direction.
We’re talking AI, and the relentless push to utilize AI to solve ever more problems we didn’t realize we had. Google’s latest is relevancy searching in Gmail, which it admits doesn’t work with its own security. Read into that what you will.
Now Google has filed a patent application for a new form of search, where its AI can search a user’s own data instead of public domain data to answer a question. It’s only a matter of time before politicians propose “private and secure” on-device AI to flag user data that breaches serious red lines around CSAM or terrorism. Only then would the AI notify the authorities, so good people have nothing to worry about, or so we’ll be told.
If you’re starting to worry about where all this is going, you’re not alone. We’re heading into dangerous territory and we should all be concerned. As for Apple, its entire ecosystem trades on privacy, take that away and its own bubble may burst.
.
