What Would Be the Implications for Android if Apple Creates a Super-Secure iOS?

| Analysis

Apple has always marketed the strong security of iOS with features like the Secure Enclave and hardware encryption. Despite the acknowledged superiority of iOS security compared to Android, customers have granted Android a larger market share. How might Apple's new efforts affect that equation?

Every crisis brings new opportunities. When I first read the news that Apple is reportedly already working on new ways to improve iPhone and iCloud security, I started thinking about the implications. For background, see: "FBI Wants into our iPhones, so Apple is Making Them More Secure." Jeff wrote:

Sources speaking with the New York Times said Apple is working on ways to make the passcode hack impossible. Sources talking with the Financial Times said Apple is developing new security features to block its own ability to recover data from iCloud accounts, too.

As Apple supposedly works to achieve this better, even absolute, iOS system security, immune to the kinds of hacks currently possible, what will be the impact on the rest of the industry?

  • Will Samsung, always eager to replicate Apple's features, demand to work with Google to achieve an equivalent level of security?
  • Will this technical implementation interfere with Android's agenda to know so much about the user that it can provide helpful assistance?
  • Will the current public discussion between Apple and the FBI make Android customers more aware of the security issues with their own smartphones, especially those locked into older versions of Android due to fragmentation?
  • If Google/Android, for whatever commercial or technical reason, fails to duplicate Apple's notable efforts to deeply secure iOS, will it have an impact on the relative market share of these two smartphone OSes?
  • Suppose Google/Android and Microsoft fail to achieve the same level of smartphone security and privacy as Apple. What would be the political consequences, without a national consensus or law on the paramount importance of citizen privacy, regarding the iPhone being dubbed the "favored device" of terrorists?
  • In light of the above, should Apple work with competitors. in order to support its just cause? Or keep its technology proprietary in order to gain a competitive advantage? One that might be, heaven forbid, eventually overturned by Congressional legislation?

I am just beginning to think about this, and I may not even be asking the right questions. (What are your questions?) What I do know, however, is that both Google/Android and Microsoft are next up to bat when it comes to the kinds of demands the FBI and other government organizations will be making.

I think it's doubtful that Apple's competitors have any choice but to follow Apple's lead, at least in the U.S. And that has repercussions for the smartphone industry worldwide. We're just getting started.

Popular TMO Stories

Comments

Jamie

I believe it’s just the beginning as well. ‘Digital rights’ and security weren’t real to the majority of the populace until the mobile era had fully taken hold and they realized everything they do on their devices, without proper protection, was up for public consumption. This is an important case, and hopefully it not only results in better security across the board, but a little education for the masses as well. Also, yes,

Apple is set to change the industry again. If people *truly* had any idea how insecure their devices and subsequently the data contained therein were with the non iOS alternatives, there’d be outrage. This is all so important as we trudge ever further into the 21st century.

Lee Dronick

Yes it will be race for the most secure.

BenG

Will make no difference to the average $100 phone user.  They don’t know what the talk is all about and don’t care.

However, businesses will jump on it, expecially if it morphs over into OSX.  Apple and IBM might just be able to rout the desktop computer business if they could come up with an absolutely bulletproof OSX and apps.

No more Chinese/N Korean/Russian hacks.  Sony will be happy.

skipaq

I am an old fashioned conservative with libertarian leanings. I come down strong on Apple’s side of this issue. However, the political winds are fairly strong against Apple on this issue. The current administration using the power of the DOJ have been trying for years to crack Apple’s security wall. This court order is a follow on to the failure in Congress. What Apple is able to do on security is dependent on the results in this court battle. It will not stop there if Apple wins (my doubts about Apple winning increased with the passing of Scalia.)

We can be sure this matter will come before Congress again for a vote. If or when the administration or new administration defeats Apple on this, any advances Apple makes in this area will be rendered useless. There likely won’t be any competitive advantage if that happens. Now I have become cynical.

RonMacGuy

What I do know, however, is that both Google/Android and Microsoft are next up to bat when it comes to the kinds of demands the FBI and other government organizations will be making.

John, I suspect they have been ‘to the plate’ many many times prior, but without the extreme international attention that this latest FBI vs. Apple case has enjoyed. There has been little to no attention most likely in that both google/android and Microsoft have enough security holes that I am sure the FBI has for the most part either figured out how to hack in themselves or involved google/android or MS for a quick ‘open sesame’ job, to which they have no problem supporting. From a google/android perspective, I am sure this has been happening for many years. The latest Apple situation has changed the modern cell phone ‘security’ from a simple FBI-supported illegal search-and-seizure to now a much different and more difficult situation.

CudaBoy

Again, I must lead with this old chestnut:
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” - Benjamin Franklin
  I don’t think Mr. Martellaro understands why Android is the more popular mobile OS, which makes his observations always amusing. OAN,
It’s all about DATA. I would say 99% of the population has NO clue how much of their daily lives are tracked from the stores they visit and food they buy to the roads they travel (Boston fixes potholes by monitoring the accelerometer “jolts” of people’s smartphones juxtaposed on a map) to the online purchases, to Google (or ANY) searches - on and on. Data is what the world runs on now. Again 99% populace give up freely most of this data and don’t even know it. Starbucks knows what you like, Target can predict when you are pregnant simply from a change in your purchase habits etc. There is a VERY good doc. on PBS called “The Human Face of Big Data” on this subject.

Lee Dronick

Cuda, the inverse is also true, it is a matter of balance.

CudaBoy

Ahhh yes,  The Moody Blues - A Question of Balance

Lee Dronick

In Search of a Lost Backdoor

wab95

John:

I think you’re asking excellent questions, albeit some vendor or platform specific.

The broader arc, in my view, might modify them thusly for a vendor/platform agnostic format:

1) Is vendor/platform committed to end-to-end encryption? Answering this question requires context, specifically whether or not the user base understands and values such encryption and is that base willing to advocate for it in a politically relevant manner.

2) If a company’s business model is dependent on monetising their user base, are they capable of and willing to nest certain data, e.g. financial transactions, in a secure enclave that cannot be compromised?
3) Irrespective of business model, is said vendor/platform committed to protecting user privacy such they are willing to respond to any and all valid warrants, on the one hand, but not compromise they security and privacy of the platform on which their business is based, on the other?

Although there are others, these, in my view, are three core questions that every major tech company responsible for user data needs to ask themselves and be prepared to unequivocally explain to their user base, their competition and to governments.

WaltFrench

No.
No.
Doubtful.
Doubtful.
BS—ignore.
Ditto.

I will just address the “favored phone of terrorists” slander.

Everybody in the world has access to encryption; for most of us not using iPhones it’s a nuisance. For any real terrorists, secure encryption is well worth the extra effort and Apple’s is down the list of priorities. Apple merely makes it easy for ordinary citizens to be safe. Google & its OEMs are moving the same way so by policy (if not implementation, given today’s dismal Android security), Apple is no better for terrorists than anybody.

If they’re not present today, Microsoft will likely implement similar protections since their clientele is jealous about corporate secrets that China & other crony-capitalist states dearly want.

Apple’s basic argument—that YOUR phone is YOUR business and nobody else’s—should withstand all the authoritarian and totalitarian attacks on your rights.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account