FBI asks Apple for access to encrypted iPhone dataPosted by SecurityAuditTeam on Feb 29, 2016 in Security Blog, Security Monitoring • No comments
Tim Cook, chief executive of Apple, has recently stated that the FBI’s recent US court order to enable them to access the mobile phone of San Bernardino killer Syed Farook is “dangerous”, “chilling” and “unprecedented”.
Apple’s lack of co-operation is hindering the FBI investigation, or so they say!
Strong words indeed, but where will this potentially lead to regarding whether personal data is sacrosanct or not? Apart from anything else, can we then trust the authorities to not turn a ‘one-off’ access request into the new ‘status quo’ regarding access to all of our private information?
Before we delve further into all this, it is worth noting that Apple themselves made the decision, in 2014, to remove its own ability to access data on its own encrypted devices, such as iPhones, iPads and Macs. This was done mainly to avoid unfortunate positions such as this case.
The FBI is not actually asking Apple to ‘break’ the encryption on this iPhone, which would be virtually impossible in any case due to the companies already stated objective. Basically Apple is saying that it could not gain access, even if it wanted to. But how does this really stand up to some serious scrutiny?
Let’s first take a look at the FBI’s request as outlined in these court documents:
The FBI would like Apple to alter a file on the iPhone called the SIF or System Information File. They want Apple to modify the software that is running on the device. They want the company to generate a new version of the SIF, copying it onto this particular iPhone, in order to carry out certain functions that commercially available iPhones cannot perform.
What exactly does the FBI want to do?
The basic objective of all this is to stop the device from erasing the data that it contains. This is because, on standard iPhones, when particular security settings are enabled, the phone will erase its data following 10 failed attempts at entering the users set passcode. This would mean that all personal data on this phone would be erased if they failed the passcode 10 times.
The FBI does not want to lose what could be valuable data, naturally!
Apple iPhones are protected by a four-digit passcode, which would mean that there are a total of 10,000 possible passcode combinations. If the FBI had to attempt to guess the passcode manually then it is clear that, in all likelihood, the data that it contains would be lost forever.
This is why the FBI would like Apple to allow the passcode to be attempted electronically and not manually. All the FBI would need to do, if Apple modified the SIF according to their request, would be to use an algorithm to try every possible passcode until it is successful. In addition to all this, Apple iPhones prevent users from attempting to enter the passcode for longer durations after each incorrect attempt. They would like the company to remove this functionality too.
What does Apple have to say about this?
Apple CEO, Tim Cook, has said that he did not want to introduce what is known in IT security circles as a “back door” into its devices.
Back doors are a big deal in IT security. Computer hackers basically make their money from being able to find them and gain access.
In fact, this is often how both cyber criminals and government spy agencies currently attempt to gain access to the vast majority of our data.
Apple believes that introducing a ‘back door’ into this particular iPhone would not simply make Farook’s phone accessible to the US government, it would set a new precedent by making it easier for anyone to gain access to its devices, should the workaround become public knowledge.
Tim Cook says “You can’t have a back door that’s only for the good guys” and that “Any back door is something that bad guys can exploit.”
An in-depth explanation of how this could all be performed was recently posted by IT security research firm Trail of Bits on their blog.
Dan Guido of the firm says that “jailbreaking” – i.e. the practice of forcibly removing restrictions and/or any security measures within the iPhone’s software could enable hackers to penetrate the device and force new software onto it.
When it comes to our personal or valuable corporate data, where there is a will there is often a way. Indeed, in most cases, it is often only a matter of time for many hackers to break down any organisations IT defences.
IT Security and UK penetration testers Security Audit Systems would also tend to agree. Rob Phelps, of the company, says “It will be interesting to see the outcome of this case between the FBI and Apple, are we about to see another back door mechanism appearing?”.
Companies such as Security Audit Systems are able to use their detailed cyber hacking knowledge to help clients better protect themselves from online hackers. They do this by highlighting back doors into websites, IT infrastructure or networks, via website pen testing and other penetration testing techniques at their disposal.