Science Scene: Taking a byte out of cybersecurity

Laura Zhang

Students may be OK with the Eyes of Texas upon them but not the eyes of Uncle Sam. 

The recent San Bernardino shooter’s iPhone breakthrough has stumped UT professors in its technical, ethical and legal implications. However, professors continue to work on research projects to protect students, corporations and governments from hackers.

Last December, two shooters killed at least 14 people in San Bernardino, California. The FBI attempted to unlock one of the shooter’s iPhones, but Apple’s security features prevented the FBI from accessing the phone. These main security features include complete erasure of the phone’s data after ten incorrect passcode guesses.

The FBI was not asking Apple to unlock or decrypt the phone, but rather circumvent this key security feature, according to Mohit Tiwari, assistant professor in the Cockrell School of Engineering.

A judge issued a search warrant that required Apple to help open the phone.

However, Apple argued this was an excessive burden for the company, giving them a legal basis to object to overriding the security feature. 

The tension between government surveillance and right to privacy has remained central to the recent struggle between the FBI and Apple, said Angela Newell, fellow at the Center for Politics and Governance at the LBJ School of Public Affairs and lecturer in McCombs. 

Recently, the FBI unlocked the shooter’s iPhone with an unknown technique. 

According to UT computer science graduate student Ashay Rane, the FBI may have copied a specific memory chip from the iPhone. Even though the phone will erase its memory after ten incorrect passcode guesses, the memory chip replications provide almost unlimited trials. 

“Apple had its own business interests, the FBI wanted surveillance, and at the same time, there is also the question of legal precedent,” Rane said. “It is obviously not a simple issue. 

Each part wants its own share, and they’re not necessarily playing well with each other.”

Apple also argued against the legal precedent it would set in future cases — it was concerned about their customers’ confidence, Newell said.

UT professors are addressing these security concerns in their research projects.

Tiwari said he has been working on a project to create an insulated layer of security to prevent computers or phones from transporting data to other sources. The program will be piloted at Dell Medical School. 

The security layer will work to ensure that external sources, such as apps, come to the data, rather than the data traveling to the app. That way, even if the information within the device gets corrupted, it cannot be distributed further. 

“We cannot prevent the apps from messing the data up. For example, if you’re using Instagram to edit your photos and stuff messes up, there’s nothing you can do,” Tiwari said. “But we can prevent Instagram from sending that photo to some shady dude somewhere else. And that’s the same with medical data.”

According to Rane, students need to be aware of the dangers of hacking and ways to prevent it. To keep their information secure, students could take cautionary measures such as not using public WiFi when undergoing a financial transaction. 

Students should also be aware of the “https” in the URL — the “s” means the site is secure. They should be suspicious of emails and use strong passwords, according to Rane. 

Ethical concerns of privacy and security have emerged from the San Bernardino case, Newell said.  

“By accessing the iPhone, you aren’t just accessing someone’s reading list or grocery list. You’re accessing everything about that person. So there’s a huge tension between national security and civil liberty,” Newell said. “I don’t know how to solve this tension, though. If I did, the Nobel Peace Prize would be mine.”