:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/63705578/encryption-key.0.1542760854.0.jpg)
As a federal magistrate judge ordered Apple to provide the FBI help in accessing the information locked on a suspected San Bernardino gunman’s iPhone, many wondered whether the federal law enforcement agency’s request was technologically feasible.
One security expert says that what the FBI is seeking is possible — even if Apple Chief Executive Tim Cook described the request as both unprecedented and dangerous. Whistleblower Edward Snowden, the former government contractor whose disclosures about the National Security Agency’s global surveillance program arguably spurred Apple, Google and others to bolster security on devices, warns the technical changes would crack open the device in a flash.
https://twitter.com/Snowden/status/699991372040966145
The FBI told the court it discovered a phone used by one of the alleged shooters, Syed Rizwan Farook, in a search of a black Lexus. The device is the property of Farook’s former employer, the San Bernardino County Department of Public Health, which has already given the law enforcement agency permission to search it.
The FBI hasn’t even tried, for fear that Farook enabled a security feature known as “auto-erase,” which renders the information on the device inaccessible after 10 failed password attempts (technically, it destroys the encryption key). He and his wife, Tashfeen Malik, died in a shoot-out with law enforcement following the Dec. 2 attack at a holiday party that left 14 people dead and 22 injured.
A magistrate judge Tuesday ordered Apple to create what amounts to a special version of its iOS mobile operating system to be loaded onto this one iPhone, that would ignore multiple password attempts. The court also ordered that the FBI be able to connect the phone to a device that could make multiple guesses — potentially thousands or millions of them — in a hurry, without encountering the hour-long delays Apple builds into its software after multiple failed password attempts.
Apple says this is a slippery slope.
“Up to this point, we have done everything that is both within our power and within the law to help [the FBI],” Cook wrote in a letter to consumers. “But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a back door to the iPhone.”
Dan Guido of the security research firm Trail of Bits says anyone who has jailbroken a phone knows that permanent software known as “firmware” can be loaded onto a device when an iPhone is in device firmware upgrade mode. He explains that the phone will accept new firmware over a USB cable — but the device first checks to see whether it has a valid signature from Apple.
“This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware,” Guido writes.
The iPhone 5C that the FBI recovered lacks one important new security features from Apple — Touch ID, which boasts the secure enclave. Apple says this chip is separate from the device’s main processor and performs cryptographic operations — or, as Guido writes, it’s “a separate computer inside the iPhone that brokers access to encryption keys for services like … Apple Pay.”
The password and secure enclave work together to protect the device.
“When you enter a passcode on your iOS device, this passcode is ‘tangled’ with a key embedded in the [secure enclave] to unlock the phone,” Guido writes. “Think of this like the two-key system used to launch a nuclear weapon: The passcode alone gets you nowhere.”
But that’s not the case with the iPhone 5C — one reason Guido thinks it’s technically feasible for Apple to comply with the FBI’s request for a technical assist.
Cook argues that the FBI’s request — that Apple create a key to unlock a single device — ignores the significance of what the government is really demanding.
“The government suggests this tool could only be used once, on one phone. But that’s simply not true,” Cook writes. “Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
Cook maintains the government is asking Apple’s engineers to hack the company’s own software and undermine decades of security advancements that protect its law-abiding customers from hackers and cyber criminals.
“We can find no precedent for an American company being forced to expose its customers to a greater risk of attack,” Cook writes.
The digital rights group Fight for the Future is organizing a nationwide protest outside Apple stores at 5:30 pm local times on Tuesday, Feb. 23, to demand that the government drop its request, saying it sets a dangerous precedent. The organization receives funding from a number of sources, including the Consumer Electronics Association trade group.
“Governments have been frothing at the mouth hoping for an opportunity to pressure companies like Apple into building backdoors into their products to enable more sweeping surveillance,” Evan Greer, Fight for the Future’s campaign director, said in a statement. “It’s shameful that they’re exploiting the tragedy in San Bernardino to push that agenda.”
This article originally appeared on Recode.net.
