Apple Claims Unlocking iPhone Could Lead To Cyber-Attacks

Apple has ratcheted up the rhetoric over the issue of jailbreaking, or unlocking, its popular iPhone smartphone.

While the Copyright Office is currently reviewing a request by the digital rights group Electronic Frontier Foundation, Apple filed a response to questions the office sent the company for its regular review of the U.S. Digital Millennium Copyright Act, which forbids practices like jailbreaking that threaten copy control mechanisms.

Apple argues that not only does jailbreaking violate a license agreement between Apple and the purchaser of an iPhone, but it could lead to cell tower disruption by hackers looking to wreak havoc.

“Before partnering with Apple to provide voice and data services, it was critical to AT&T that the iPhone be secure against hacks that could allow malicious users, or even well- intentioned users, to wreak havoc on the network,” the statement reads. “Because jailbreaking makes hacking of the BBP software much easier, jailbreaking affords an avenue for hackers to accomplish a number of undesirable things on the network.”

These include manipulating the ECID (Exclusive Chip Identification) number that identifies the phone to the cell tower. With access to the BBP via jailbreaking, Apple charges that hackers may be able to change the ECID, which in turn can enable phone calls to be made anonymously, which Apple points out would be desirable to drug dealers, or charges for the calls to be avoided.

Apple claims if changing the ECID results in multiple phones having the same ECID being connected to a given tower simultaneously, the tower software might react in an unknown manner, including possibly kicking those phones off the network, making their users unable to make phone calls or send and receive data.

“More pernicious forms of activity may also be enabled,” the document reads. “For example, a local or international hacker could potentially initiate commands (such as a denial of service attack) that could crash the tower software, rendering the tower entirely inoperable to process calls or transmit data. In short, taking control of the BBP software would be much the equivalent of getting inside the firewall of a corporate computer—to potentially catastrophic result. The technological protection measures were designed into the iPhone precisely to prevent these kinds of pernicious activities, and if granted, the jailbreaking exemption would open the door to them.”

Apple pointed out that in the EFF’s submission proposing the jailbreaking exemption, the digital rights organisation admits “decryption and modification of the iPhone firmware appears to be necessary for any jailbreak technique to succeed on a persistent basis.”

Apple said, therefore, the modifications to the bootloader and the OS that the user makes in the course of jailbreaking—which Apple noted should be referred to as “hacking”— constitute a breach the Internet Protocol Service Level Agreement (IP SLA).