Apple seems to challenge the court’s order regarding change in an iPhone’s encryption. The order was issues on Dec 16 by court which instructed Apple to cooperate with FBI in decrypting the security settings of an iPhone that was used by one of the terrorists involved in San Bernardino shootings. The order by court instructs Apple to develop a custom iOS that will be used by investigators to break the encryption. According to Apple, creating custom iOS for security setting’s decryption is a good move that may provide a breakthrough in shootings investigations but this move is certainly going to create a loophole that will put security of iPhones at stake.
The complication of this case is due to a clash between national security and mobile’s data security. According to mobile companies and Apple, it would be essential to keep the encryption out of everyone’s reach so that personal data and settings of every mobile could stay protected. On the other hand, law enforcers urge that this encryption is the major obstacle in their way to investigate the terrorists’ activities at an advanced level.
It’s worth mentioning here that San Bernardino shooting incident is a big mishap which activates All Writs Act for government. This act authorizes government to take stern actions without taking orders from courts or law enforcement agencies.
Apple’s attorney, Theodore Boutrous, states that All Writ Act would completely nullify Apple’s right to challenge the amendment order. Application of this act in Apple’s case would certainly be the clear violation of freedom of speech.
When PEW research center asked US citizens regarding Apple’s stance, 51% people gave a nod to the law enforcers’ stand while 38% people suggested that Apple shouldn’t compromise on its mobile security.
The hearing on this matter is going to be held on March 22. Tim Cook, Apple’s CEO, has informed that Cupertino is going to represent Apple’s case in the court.
Furthermore, Cook has demanded congress to make a commission in which national security, personal freedom and mobile security would be discussed.
You might want to rethink about keeping your important files in a Linux based computer because Linux has been found being exposed badly to even pettiest hacking attempts. According to a report, about a research by security experts, in PC world, hitting the backspace key 28 times can bypass password protected lock screen in Linux.
It is worth repeating that any layman can now access highly complex Linux servers without even entering the password. This vulnerability of Linux was discovered by a researchers’ team from Cybersecurity Group. According to them, pressing backspace 28 times makes use of Grub2 bootloader, instantly authorizing user to log in.
This process is basically caused by initiation of Grub rescue shell. This initiation prompts the user to bypass log on screen without typing the password in. GRUB’s main task is to allow the creation of multiple usernames on a computer.
With this news about simple hacks, companies with entire networks being set up on Linux based systems should have something big to worry about. All an employee will need to do is to hit backspace 28 times and he/she will get complete and unrestricted access to a hard drive which was supposed to be secured.
There are very alarming security concerns with this weakness of Linux because it can lead to the computer’s security badly exposed to a very small hack. Any cybercriminal with access to sensitive information can do serious damage to an organization’s integrity and even the financial assets. Moreover, this vulnerability has also increased the chances of manual malwares attacks.
This security leak, which is also known as CVE-2015-8370, is present in all Grub2 versions from 1.98 to 2.02. Since many of the top organizations around the globe have their servers based on Linux based platforms, this issue is being seen as a major blow to the overall cyber security. However, different Linux based operating systems namely Debian, Ubuntu, red hat and several others have released updates that fix this issue. Therefore, it is highly recommended for the Linux users to allow installation of updates that target Grub2 fix.