Apple has been ordered by a US federal court to make it easier for the FBI to hack its phones, and the tech giant isn’t happy about it. What does this mean in the ongoing government war against encryption?
What does the FBI want from Apple?
The FBI wants Apple to create a version of its iOS software used on iPhones that will allow the FBI to enter as many PIN codes into an iPhone as it wants to be able to break into phones. It wants to be able to do this electronically, so instead of someone having to sit there and enter each code individually, the FBI could input via Bluetooth or wi-fi as many PINs as it can using a “brute force” method of breaking the code.
It also wants Apple to disable security protections that only give a user a certain number of tries to enter a PIN (after that number is exceeded the phone will be locked for a time until the user is allowed to try again). The FBI also wants Apple to disable a feature that can auto-erase everything on the phone after a number of failed attempts to enter the PIN.
Yesterday, a court ordered Apple to comply with this request.
Why do the Feds want your phone anyway?
Late last year terrorists Syed Rizwan Farook and Tashfeen Malik killed 14 people and injured 22 more in a shooting and attempted bombing attack in San Bernardino, California. They were killed in a shoot-out with police, and in the course of the subsequent investigation, the FBI obtained Farook’s iPhone 5C. The FBI says it needs to access information stored on the phone in case it can reveal connections to Islamic State.
But Farook, like most people, has a passcode on his phone, so unless the FBI can bypass that passcode, there is no way agents can access that information. Since iOS 8, data on iPhones are encrypted by default, using a combination of the PIN on the phone and a hardware key embedded in the phone itself (Apple says it has no record of the value of the key once it leaves an iPhone factory). Without knowing Farook’s code, the FBI is effectively locked out.
Why is Apple resisting?
Get Crikey FREE to your inbox every weekday morning with the Crikey Worm.
It’s all about precedent. In a public letter to customers overnight, Apple CEO Tim Cook said the implications of the order went far beyond just this one case. He said Apple had been assisting by providing the FBI all data it had in relation to the case in compliance with subpoenas and search warrants, but the creation of a specific tool to bypass Apple’s own security would be too dangerous:
“Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
The FBI claims it would only be used on this one device this one time, but Cook has said there is no way to guarantee that:
“That’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
There is justifiable concern that once the backdoor software is out in the wild it could end up in the hands of anyone, including other governments and hackers.
If the FBI gets its wish could it hack any iPhone?
The US government claims it is just for this one device, but as Cook explained, it could potentially be used for almost any iPhone before the iPhone 6. If Farook had used an iPhone 6 or above, the FBI’s attempt to access his device using this special hacked version of iOS would have been fruitless.
This is because in the last two generations of iPhone, Apple introduced TouchID, which contains new hardware security called Security Enclave. Security expert Dan Guido has explained that the Security Enclave, separate from iOS, keeps its own check on failed attempts to enter a passcode, which iOS can have no impact on.
“The SE keeps its own counter of incorrect passcode attempts and gets slower and slower at responding with each failed attempt, all the way up to 1 hour between requests. There is nothing that iOS can do about the SE: it is a separate computer outside of the iOS operating system that shares the same hardware enclosure as your phone.”
Guido has noted that given the phone the FBI wants access to is an iPhone 5C, if the FBI is able to test as many passcodes it wants with a modified iOS, then a four-digit passcode could be cracked within an hour.
What about other smartphones?
Google’s initial silence on the matter raised concern about its own widely used Android operating system for smartphones, leading some, like NSA whistleblower Edward Snowden, to suggest Google might have picked sides in the war on encryption. But Google CEO Sundar Pichai said that compliance with the order could compromise user privacy. WhatsApp is also backing Apple’s position.
What does it mean for encryption?
Apple has framed this request in the larger debate about government overreach when it comes to the false balance between privacy and security. Governments around the world are beginning to fight tech companies over the encryption on their devices. The United Kingdom is pushing legislation that would require companies like Apple to provide a backdoor into communications on iPhones.
US lawmakers are currently talking about developing legislation to force companies to provide backdoors, stating that encryption “ought to be able to be pierced“. Democratic candidate for president Hillary Clinton has said a number of times that tech companies need to work with the government to develop backdoors into their software for national security investigations.
In Australia, Prime Minister Malcolm Turnbull appears to be resisting a push for a crackdown on encryption from Australian law enforcement agencies. Liberal MP Andrew Nikolic recently asked Australian Federal Police Assistant Commissioner Neil Gaughan whether the AFP had enough powers given the use of encryption, and Gaughan said encryption had brought “a whole raft of challenges” with it.
In his first national security statement, Turnbull indicated that he had asked ASIO to work with its international intelligence partners to “address the challenge of monitoring terrorist groups” in response to ever-increasing use of encryption technology.