The subject of encryption has been one shrouded in controversy and debate since Apple took on the FBI earlier in 2016. In an effort to gain access to the data contained on a terrorist’s smartphone, the FBI wanted Apple to create a “backdoor system” that would allow them to bypass any type of encryption at any time. The argument was that a “golden key” like this would allow the “good guys” to always have a way to make sure the “bad guys” weren’t hiding anything. Apple refused and ultimately won the day, both in terms of its own liability and in the court of public perception.
Microsoft, on the other hand, complied with the FBI’s request. Now, thanks to one small error that will have much larger ramifications moving forward, they’re retroactively making Apple look like the smartest people in Silicon Valley.
Microsoft’s Encryption Troubles
Microsoft is just one example of a company who DID take the measure of creating a “golden key” to its devices, allowing the “good guys” at the FBI to always have access no matter what. Unfortunately, Microsoft also accidentally released a version of its “golden key” to the public – permanently compromising all devices that utilize UEFI Secure Boot technology. The list of affected devices not only includes Windows tablets and smartphones, but also HoloLens devices and more.
On the surface, this means that Microsoft just accidentally allowed all of its users to replace the Windows operating system on their device with any other OS if they choose. However, it also automatically permits boot and rootkits to both install and execute at base levels within the core operating system, essentially throwing security right out the window. With the right piece of malicious software, this basically means that ANYONE could gain full access to one of these devices – regardless of whether encryption is in place or not.
Microsoft quickly released a patch for the issue, but not only was it not fully effective – many experts argue that this situation is so dire that it might not be fixable in any way, at any time.
The important thing to note here is that Microsoft did not find itself in this situation intentionally. It didn’t make a choice regarding the security of these devices; the “golden key” was released accidentally after a case of simple user error. This, unfortunately, is exactly the type of situation that Apple was trying to protect us against.
Apple’s argument was not against allowing the “good guys” to always have access to a “bad guy’s” phone – there is nobody on the other side of this issue. Apple warned, however, that if you create a “golden key” it is only a matter of time before that key itself becomes compromised – threatening the sanctity and security of every digital device compatible with that key at the same time. They argued that no single person or group of people should ever have that much power because there is too much that can go wrong. Unfortunately, Microsoft just proved Apple absolutely correct – and much sooner than people probably expected.
PACE Technical Services is incredibly proud to be your trusted source for all of the latest technology tips, tricks, news and other important information that you can use to make your life easier on a daily basis. If you’re looking for more information about this or any other IT-related topics that you can use to help build the business you’ve always dreamed of, don’t delay – contact us today at 905.763.7896 Ext. 214 or send us an email at email@example.com at your earliest convenience.