Among cybersecurity vendors at the RSA conference, many expressed concerns that decryption – in this case, a formal request by the FBI that Apple unlock the phone – would constitute a slippery slope.
“If the government wants to do it, believe me, they can do it,” said Khalid Noufal, a director at SecureNinja, a cybersecurity education and training company. Noufal added, however, that among his peers at the conference, the majority expressed sympathy with Apple: “They don’t want this to turn into carte blanche,” he said.
“Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution,” Apple CEO Tim Cook wrote in an open letter in Feburary. “But it ignores both the basics of digital security and the significance of what the government is demanding in this case.”
Apple has argued that, despite the government’s insistence that the unlocking tool would be used only on Farook’s phone, “once created, the technique could be used over and over again, on any number of devices.”
Amy Baker of Wombat Security, a security education platform, echoed such concerns that the tool could be too easily replicated and abused by criminals: “We’re already losing that battle,” she said.
While some vendors shied away from publicly commenting on the developing legal case, many expressed broader concerns over government access to private data.
“That’s why this case is so important – it affects every company that captures and stores personally identifiable information,” explains Charley Moore, CEO at Rocket Lawyer and a former securities attorney. “Since that’s basically everyone that does business online or via an app, it’s a really big case.”