UK updates Apple Icloud Backdoor Push to threaten Crypto wallet security

The UK is once again putting pressure on Apple to create backdoors for encrypted iCloud backup services, and issuing alarms among cybersecurity and crypto advocates.

According to the Financial Times, the UK government has ordered Apple to grant access to encrypted iCloud backups for UK users. The updated request differs from previous requests in terms of limiting access to UK-based accounts, but critics argue that the change still poses a serious risk.

Many mobile wallets, such as Coinbase wallet, Uniswap wallet, Zerion, Crypto.com Defi Wallet, and Metamask, allow users to store encrypted private key backups in iCloud, which could expose users to attacks due to changes.

Accessing the file, despite the encrypted key backup, allows for so-called dictionary or brute-force attacks, where the attacker attempts all possible combinations to decrypt the file. As a result, if an attacker is able to obtain a backup file, security depends on the strength of the encrypted password.

“This is still a disturbing overdue that keeps UK users unsafe and free,” the Electronic Frontier Foundation, a nonprofit dedicated to defending digital rights. “As we’ve said many times, backdoors built for the government are at a higher risk of hacking, identity theft and fraud for everyone.”

Related: The Ethereum Foundation presents the “Privacy Stewards of Ethereum” and roadmap

The UK is working on it again

The UK government made a similar request earlier this year, and needs blanket capabilities to display fully encrypted materials, rather than simply helping with cracks in certain accounts. The Electronic Frontier Foundation said the demand will utilize authority known as the Technical Capacity Notice (TCN) under the UK’s Investigation Powers Act.

The TCN in question was first published in January, with Apple forced to create a backdoor or block advanced data protection features in the UK that turn on end-to-end encryption for iCloud. The US Director of Intelligence’s Intelligence Bureau claimed that the UK had withdrawn the request, but advanced data protection remained unavailable for UK users.

Related: Ethereum Core Deve “safe and free” after being detained in Türkiye

The roots of code in privacy activities

Bitcoin (BTC), and the broader cryptocurrency industry that followed, both existed in early digital rights advocacy groups. Bitcoin was developed primarily by the so-called Cypherpunks, famously for its famous opposition to US government encryption and classification of key figures as munitions.

Images of shirts classified as ammunition under old US regulations. Source: Adam Back

This tradition continues today with activities carried out by the crypto community. Recently, Ethereum co-founder Vitalik Buterin criticized the European Union’s proposed “chat management” law.

Buterin emphasized that the background built for law enforcement is “inevitably hackable” and undermines the safety of everyone. The Electronics Frontiers Foundation also warned that new demands in the UK will reduce safety for everyone.

magazine: Can privacy survive the US crypto policy after the conviction of the Roman Storm?