Dylan Ayrey, a security engineer with the information security company Praetorian, points out that an iPhone’s lock screen is only the first barrier to its contents. WhatsApp recently announced that it would use end-to-end encryption for all its messaging services.
“Encryption is here whether we want it to be or not,” he says. “The landscape has changed forever, mostly for the better, and these types of proposals can’t gain traction.”
However just last week, two U.S. senators introduced legislation to require tech companies to unlock phones and provide other “technical assistance” to government officials with a court order.
Mislan at Rochester Institute of Technology points out that as CEO of one of the world’s leading mobile forensics companies, Bollö would be uniquely positioned to profit from any software designed to execute FACT. Bollö insists that his competitors could do the same and says he is focused on developing a new industry standard rather than a software sales pitch.”
Of course, we could develop this stuff and we’d be happy to do that but I’m not trying to push that,” Bollö says. “I’m trying to say, ‘Here’s a solution that could work for everyone.’”
Rather than require companies to install a key, Praetorian’s Ayrey thinks the best solution is for mobile forensics companies such as MSAB and Praetorian to continue doing what they have been doing all along—finding vulnerabilities in each new device or operating system that is released, and exploiting those holes on behalf of clients until an update renders them obsolete.
For consumers, Mislan has an even simpler strategy. “For me, it boils down to: If you really want to protect something, don’t put it on your phone,” he says.