Details of Cracking a
Terrorist’s Iphone
The federal court order compelling Apple to help the FBI crack into a phone belonging to Syed Farook, one of the
San Bernardino, California, attackers, is the latest example of a problem which
has confounded investigators in the era of smartphones.
The Apple iPhone -- the one I am typing this on and the one on which
you are likely reading this -- has software with a fairly simple and elegant
security measure which can be enabled by the user. It is called the auto-erase
function. Make 10 failed attempts to open a locked phone using the 4-digit
user-created code and the iPhone and all the data it holds will be rendered
inaccessible. Investigators believe this function was enabled on Farook's 5c
model iPhone.
As described by the FBI in court filings, data on iPhones is
encrypted. The 4-digit code you enter into your phone initiates a complex
calculation which generates a unique key to unlock the data on the phone. No
key, no data. The auto erase function, if triggered, will wipe out all the
encryption keys rendering the data on the iPhone useless.
The iPhone has another feature to frustrate automated
attempts to unlock a phone. A 4-digit code would produce 9,999 unique
possibilities. Not a particularly big challenge by itself, but the code must be
punched in manually. This would be time consuming enough, but after five failed
attempts, the iPhone will require the the user to wait one minute before
another attempt. After attempt six the wait is five minutes. Attempt seven and
eight, 15 minutes and an hour after the ninth try. More time can be added in
the software.
Due to the auto-erase feature, the FBI can't attempt to
unlock the iPhone without risking losing all the data. The FBI wants Apple to
alter the operating system just on Farook's phone to allow the FBI to bypass or
disable the auto-erase function. It also wants Apple to alter the software to
allow the test pass codes to be entered without punching the keys by using
Bluetooth or other means to speed the process. And the FBI wants Apple to
change the operating system to eliminate the delays caused by multiple attempts
to unlock the phone.
Why can't the FBI change the operating system codes? Apple
has designed its phones so that only Apple software with a special
cryptographic signature can run on it. No other software will work.
What about iCloud? IPhones can save data to the cloud. The
FBI believes Farook turned this function off sometime after Oct. 19, the date
of the phone's last backup.
The is the scenario the FBI and intelligence offices have
been concerned about since these security measures were first introduced.
Google's Android phones also have encryption capabilities. It is why FBI
Director James Comey has been pleading with the tech industry and Congress to
come up with a means for investigators to find evidence.
Many of these security features hit the market after the
disclosures released by former NSA contractor Edward
Snowden exposed government efforts to collect phone data in bulk.
Apple’s Response to the
U.S. Government
Apple has vowed to challenge a judge's order to help the FBI access the cellphone of one of the San Bernardino shooters to aid in the investigation of the
case.
Investigators obtained Syed Rizwan Farook's work phone with
an authorized search warrant, but "has been unable to complete the search
because it cannot access the phone’s encrypted content," federal
prosecutors said in a court filing.
"Apple has the exclusive technical means which would
assist the government in completing its search, but has declined to provide
that assistance voluntarily," prosecutors said.
But Apple responded early today with this statement to
customers, signed by CEO Tim Cook:
A Message to Our Customers
The United States government has demanded that Apple take an
unprecedented step which threatens the security of our customers. We oppose
this order, which has implications far beyond the legal case at hand.
This moment calls for public discussion, and we want our
customers and people around the country to understand what is at stake.
The Need for Encryption
Smartphones, led by iPhone, have become an essential part of our lives. People
use them to store an incredible amount of personal information, from our
private conversations to our photos, our music, our notes, our calendars and
contacts, our financial information and health data, even where we have been
and where we are going.
All that information needs to be protected from hackers and
criminals who want to access it, steal it, and use it without our knowledge or
permission. Customers expect Apple and other technology companies to do
everything in our power to protect their personal information, and at Apple we
are deeply committed to safeguarding their data.
Compromising the security of our personal information can
ultimately put our personal safety at risk. That is why encryption has become
so important to all of us.
For many years, we have used encryption to protect our
customers’ personal data because we believe it’s the only way to keep their
information safe. We have even put that data out of our own reach, because we
believe the contents of your iPhone are none of our business.
The San Bernardino Case
We were shocked and outraged by the deadly act of terrorism
in San Bernardino last December. We mourn the loss of life and want justice for
all those whose lives were affected. The FBI asked us for help in the days
following the attack, and we have worked hard to support the government’s
efforts to solve this horrible crime. We have no sympathy for terrorists.
When the FBI has requested data that’s in our possession, we
have provided it. Apple complies with valid subpoenas and search warrants, as
we have in the San Bernardino case. We have also made Apple engineers available
to advise the FBI, and we’ve offered our best ideas on a number of
investigative options at their disposal.
We have great respect for the professionals at the FBI, and
we believe their intentions are good. Up to this point, we have done everything
that is both within our power and within the law to help them. But now the U.S.
government has asked us for something we simply do not have, and something we
consider too dangerous to create. They have asked us to build a backdoor to the
iPhone.
Specifically, the FBI wants us to make a new version of the
iPhone operating system, circumventing several important security features, and
install it on an iPhone recovered during the investigation. In the wrong hands,
this software — which does not exist today — would have the potential to unlock
any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but
make no mistake: Building a version of iOS that bypasses security in this way
would undeniably create a backdoor. And while the government may argue that its
use would be limited to this case, there is no way to guarantee such control.
The Threat to Data Security
Some would argue that building a backdoor for just one
iPhone is a simple, clean-cut solution. But it ignores both the basics of
digital security and the significance of what the government is demanding in
this case.
In today’s digital world, the “key” to an encrypted system
is a piece of information that unlocks the data, and it is only as secure as
the protections around it. Once the information is known, or a way to bypass
the code is revealed, the encryption can be defeated by anyone with that
knowledge.
The government suggests this tool could only be used once,
on one phone. But that’s simply not true. Once created, the technique could be
used over and over again, on any number of devices. In the physical world, it
would be the equivalent of a master key, capable of opening hundreds of
millions of locks — from restaurants and banks to stores and homes. No
reasonable person would find that acceptable.
The government is asking Apple to hack our own users and
undermine decades of security advancements that protect our customers —
including tens of millions of American citizens — from sophisticated hackers
and cybercriminals. The same engineers who built strong encryption into the
iPhone to protect our users would, ironically, be ordered to weaken those
protections and make our users less safe.
We can find no precedent for an American company being forced
to expose its customers to a greater risk of attack. For years, cryptologists
and national security experts have been warning against weakening encryption.
Doing so would hurt only the well-meaning and law-abiding citizens who rely on
companies like Apple to protect their data. Criminals and bad actors will still
encrypt, using tools that are readily available to them.
A Dangerous Precedent
Rather than asking for legislative action through Congress,
the FBI is proposing an unprecedented use of the All Writs Act of 1789 to
justify an expansion of its authority. The government would have us remove
security features and add new capabilities to the operating system, allowing a
passcode to be input electronically. This would make it easier to unlock an
iPhone by “brute force,” trying thousands or millions of combinations with the
speed of a modern computer.
The implications of the government’s demands are chilling.
If the government can use the All Writs Act to make it easier to unlock your
iPhone, it would have the power to reach into anyone’s device to capture their
data. The government could extend this breach of privacy and demand that Apple
build surveillance software to intercept your messages, access your health
records or financial data, track your location, or even access your phone’s
microphone or camera without your knowledge.
Opposing this order is not something we take lightly. We
feel we must speak up in the face of what we see as an overreach by the U.S.
government.
We are challenging the FBI’s demands with the deepest
respect for American democracy and a love of our country. We believe it would
be in the best interest of everyone to step back and consider the implications.
While we believe the FBI’s intentions are good, it would be
wrong for the government to force us to build a backdoor into our products. And
ultimately, we fear that this demand would undermine the very freedoms and
liberty our government is meant to protect.
Tim Cook
The U.S. Government’s
Order
A judge has ordered Apple to help the FBI access the cellphone of one of the San Bernardino
shooters to aid in the investigation of the case.
Investigators obtained Syed Rizwan Farook's work phone with an authorized search
warrant, but "has been unable to complete the search because it cannot
access the phone’s encrypted content,” federal prosecutors said in a court
filing.
“Apple has the exclusive technical means which would assist
the government in completing its search, but has declined to provide that
assistance voluntarily,” prosecutors said.
Authorities hope to obtain “crucial evidence” on the phone
about the terror attacks at the Inland Regional Center in San Bernardino,
California on Dec. 2, the filing states.
Investigators hope to gain insight on who Farook and his
wife, Tashfeen Malik, may have contacted in plotting the attack. They are also
interested to learn where the couple may have traveled to before and after the
shooting, along with any other "pertinent" information.
The phone is owned by Farook's employer, the San Bernardino
County Department of Public Health. The department has given authorities
consent to search the phone, but it's locked with a numeric password.
The FBI's attempts to crack the passcode have failed because
Apple has set its phone systems with a function that automatically erases the
access key and renders the phone "permanently inaccessible" after 10
failed attempts.
Investigators don't know if Farook enabled that function,
but they are concerned that the phone may erase all of its contents.
Prosecutors insist that Apple has the ability to modify the
software and ensure that the auto-erase function is turned off.
"This would allow the government multiple investigative
attempts to determine the passcode in a timely manner, without fear that the
data subject to search under the warrant would be rendered permanently
inaccessible," a U.S. magistrate wrote.
A representative for Apple did not immediately return ABC
News' request for comment.
Farook and Malik stormed the Inland Regional Center during a
Department of Public Health training session and holiday party in December,
killing 14 people and injuring 22. Nearly all of those who were killed or
injured worked for the county.
No comments:
Post a Comment