Well, this is going on a bit longer than I expected. I’ve changed the title (Apple vs IBM Overview), added a featured image, and am trying to make sure this stays pinned to the top of the first page.
Update Links and Descriptions
Update March 30: Did the FBI really crack the iPhone? And, if so, what did they find? Bonus: I am pointed to Jonathan A. Zdziarski, a genuine security expert.
Update March 22: The FBI has (at least temporarily) withdrawn their request to the court. Can they really crack the iPhone or is this just another face-saving maneuver?
Update March 4: Attorney General Loretta Lynch comes clean about what the FBI really wants.
Update March 2: FBI Director Jim Comey has admitted that I (along with many others) was correct. The FBI screwed up.
Update February 21 3:30 left coast time: I asked a couple of iOS experts about this case. Their answers are instructive.
Update February 21: The iPhone was the work phone. But now the FBI is alleging that the county had to reset the iCloud password because no one knew the old password. Earlier they claimed they had obtained data from the iCloud account, but the data stopped two weeks before the shooting. How did they access the iCloud data if no one knew the password?
Update February 20: Was the shooter’s iPhone his work phone? If so, why is the FBI so interested in it?
Update February 19: How could a San Bernardino employee change the password for the shooter’s Apple ID? And why can’t the FBI use that password to unlock the iPhone?
Apple vs FBI Overview
The FBI wants Apple to remove the encryption on the iPhone used by one of the murderers in the San Bernardino terrorist attack. That agency now has a court order on its side, courtesy of a court order issued by California Magistrate Judge Sheri Pym. The case is Apple vs FBI.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.
Over at MacWorld, Glenn Fleishman has a pretty good description of Apple’s security history as well as some tips on passcodes and fingerprint ID.
TidBits.com has an interesting explanation of the All Writs Act of 1789, noting the requirement that the writ not pose an “unreasonable burden” on the respondent. Author Adam C. Engst seems to think that’s the route Apple is pursuing.
The Wall Street Journal Weighs In
[pullquote]Apple’s iOS operating system is designed to automatically erase local data after too many incorrect passcode attempts.[/pullquote]
Today’s Wall Street Journal has a long editorial that explores the issues pretty well. There is one factual error that should be corrected.
←The Journal says
This is wrong. Erasing your iOS 9.x device after ten unsuccessful login attempts is a user option, not mandatory:As you can see, I have disabled the “erase everything” option on my iPad Air. The question then becomes how incorrect passwords are handled. I’ll answer that soon. First, however, we need to understand how to crack the iPhone’s encryption.
Cracking the iPhone
The short answer is that, unless someone has used a very stupid passcode, you can’t remove the encryption unless you are very, very patient. Apple’s encryption is a two-layer scheme that makes it impossible for Apple to remove the encryption. The FBI will instead use a brute force method.
The Default Passcode
Here’s how it works. iOS requires a six-digit passcode:
That means there are 10^6 possible combinations. The FBI’s brute force procedure will start with 000000 and try all combinations up to 999999. Frankly, writing a script to do this is so easy I could probably manage it. But (for better or worse) this is only the first step in the protection process.
Now you’re probably thinking, “How hard can it be to perform 1,000,000 guesses?” The answer is that there is more to the protection than six digits.
A Better Passcode
First, if you do a little exploration you can find other passcode options. Go to Settings/Touch ID & Passcode. You’ll have to enter your current passcode. After you do that, select Change Passcode. Enter your current passcode but DON’T CHANGE IT. Instead look carefully at the screen until you see this:
If you select Passcode Options you’ll see this:
Oops. You can create any alphanumeric passcode you want. And you can make it as long as you want. There are 256 characters in the ASCII table. Even if you just pick six characters, there are 256^6 combinations. That’s 281,474,976,710,656 combinations. So much for only needing 1,000,000 tries.
But There’s More Security
The next layer of security starts with a question: what happens if you have disabled the automatic wiping after ten failed tries? The answer is that Apple imposes an ever-increasing time interval before you can try again. I’ve actually run into this issue. Here’s a start toward the answer.
While I am no fan of the Puffington Host (h/t James Taranto), there’s a pretty good description of how Apple’s encryption works in an article by Gernot Poetsch. This is a key point:
Currently the OS requires you to use your fingers to unlock your phone. After the 4th wrong attempt you have to wait 15 seconds, and on the tenth, you have to wait an hour for your next try. You have to enter a million of the now-standard 6-digit passcodes to try them all, and longer alphanumeric passwords are even crazier to guess. And if the user set it up that way, after the 10th failed attempt all the device key is dropped into the acid bath and there’s no point trying after that.
But if you’ve turned off the “wipe after ten tries” option, the time interval simply gets longer and longer. I have no idea whether this claim from one of Apple’s forums is accurate, but it’s indicative of the problem the FBI might encounter:
HI, I currently have an iPad which is up to over 13,000 minutes until next passcode attempt. 3 weeks! I do not know how many passcode attempts have been made upto point to get this so high, anyone else seen a wait this long???
The Net Result
In theory the FBI could eventually crack the iPhone in question. In practice, if the passcode is reasonably long, the probability of getting the device cracked in any reasonable time is very, very low.
What the FBI Wants
Put simply, the FBI wants Apple to write some code that disables the delay feature. That way they can stream passcode guesses to the device at (literally) the speed of electricity. This will clearly be much faster. But is it a good idea?
Once Apple has written this code it can be used with any iPhone. Some have proposed that the code specifically access one of the device’s ID numbers. If you look at Settings/General/About you will see several unique ID numbers: a serial number, the IMEI number, the ICCID number, the MEID. Any or all of these could be used – assuming Apple knows those numbers. Remember, without knowing the passcode there’s no way to access Settings/General/About. I simply don’t know whether that information is included in backups to iCloud.
But it doesn’t matter. Once the technology has been developed, there will be many, many demands to have other iPhones cracked. And, since the technology is mainly software, there’s a good chance it will be leaked to the public. At which point hackers only need to figure out how to change those ID numbers. (Remember, this is the same U.S. government that gave away secret security information on U.S. government employees, many of whom currently or previously worked in the intelligence community.)
I’m with Tim Cook. I hope Apple sticks to its guns. Remember, government coercion can only go so far. Mr. Cook should probably start taking lessons in surviving some time in jail. Whether the government will go that far is an open question. But I have to point out that journalists have been held in U.S. prisons for withholding sources. The cases would appear to be similar.