See italicised updates below, with statements from both the Department of Justice and Apple.
The battle between the FBI and Apple over accessing a work phone used by one of the San Bernardino terrorists started as headline news and ended in a rather anti-climactic fashion.
The high-profile congressional hearing was due to be followed by a big showdown in court. Instead, the FBI asked that the hearing be vacated, and later quietly announced that it had, with help, managed to gain access to the phone. Nothing to see here, move along.
But while this particular case may be settled, it’s extremely unlikely that this will be the end of the matter – for two reasons …
First, CNN reported today that the method used works only on the particular model in question, an iPhone 5c. While we may or may not get to find out what that method was, the smart money seems to be on the approach described by Edward Snowden.
Apple protects iPhones against brute-force passcode attacks by limiting the number of attempts to ten. But the passcode attempt counter is stored in NAND flash memory. If you copy the contents of that memory, make your ten attempts and then copy it back again before the next round of attempts, you can repeat that process as many times as needed to reach the correct passcode. Provided only a 4- or 6-digit numeric code has been used, it’s a relatively trivial process.
But the approach relies on the fact that the iPhone has no way of knowing that the counter has been reset. This is true of the iPhone 5c, but may not be true of later models. The reason? The Secure Enclave.
Nobody seems to know for sure at this stage, but it appears that the Secure Enclave may have the ability to log the number of passcode attempts in its own non-volatile storage – which would prevent that method of working on the iPhone 6 and up. From ArsTechnica:
Apple implies that the A7 processor—the first to include the “Secure Enclave” function—does have some form of non-volatile storage of its own. On the A6 processor and below, the time delay between PIN attempts resets every time the phone is rebooted. On the A7 and above, it does not; the Secure Enclave somehow remembers that there has been some number of bad PIN attempts earlier on. Apple also vaguely describes the Secure Enclave as having an “anti-replay counter” for data that is “saved to the file system.” It’s not impossible that this is also used to protect the effaceable storage in some way, allowing the phone to detect that it has been tampered with.
So if the FBI or any other U.S. law enforcement agency wants to access a more recent iPhone, it may very well head straight back to court to make the same demand that Apple write a ‘GovtOS’ to bypass that protection.
I don’t expect it to do this anytime soon. The FBI clearly thought that, in a high-profile terrorism case, it would have overwhelming public support. That turned out not to be the case – in large part because it seems incredibly unlikely that there’s any incriminating data on the phone in question. Law enforcement agencies are likely to keep their heads down for a while, and ensure that the next case they bring is a far more compelling one. But it’s only a matter of time before that happens.
Update: The Department of Justice has confirmed my view in a statement to ArsTechnica:
“It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails,” Melanie Newman, a Justice Department spokesman, wrote in an e-mail to Ars. “We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors.”
Apple responded by saying:
This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy. Apple remains committed to participating in that discussion
If the Secure Enclave does work in the way ArsTechnica speculates, I’m not clear whether Apple could even load new firmware onto an existing locked phone. If it can, you can be sure that’s a hole Apple will seek to plug next time around.
The second reason the matter is unlikely to end here is that a national debate has now begun, and Congress has taken an interest. Even if another court case isn’t brought, it’s almost certain that Congress will be pressed to pass legislation to address the issue.
This legislation could take the form of affirming that device manufacturers can be required to assist law enforcement agencies to access devices when presented with a court order. It could even go further than this, and ban manufacturers from making devices that cannot be breached. In the FBI’s language, outlaw the creation of ‘warrant-proof spaces.’
We’re already seeing the UK head in this direction, using very similar phrasing. Prime Minister David Cameron has said that the government wants to ban messaging services that use end-to-end encryption because they provide terrorists with a “safe space to communicate.” The government has put forward proposals in an Investigatory Powers Bill which, if passed, would outlaw services like iMessage and FaceTime. The bill is commonly referred to in the UK as the Snooper’s Charter.
Whether either country would go so far as to pass such legislation is as yet unknown, but the fact remains that the attempt is being made in the UK and we can expect a similar attempt in the USA.
So one way or another, this issue will be back. Apple will, I’m sure, be making whatever hardware and software changes are necessary to ensure that it is simply unable to load a ‘GovtOS’ onto future devices, but it can only do what is permissible within the law. If the law is changed to say that manufacturers are not allowed to make hack-proof devices, Apple would have no choice but to comply.
There is one piece of good news in all this: the debate is now a very public one. I’ve made my own views known, both before and after the San Bernardino shootings. For me, the bottom line is that any time you build in a vulnerability designed to be used by the good guys, it’s only a matter of time before it is discovered and exploited by the bad guys.
But while my own view is clear, I do still see the other side. I can absolutely appreciate the frustration law enforcement officials feel if placed in a situation where not even court orders will allow them to unlock a device they believe to be key to either solving a case or – more urgently – preventing a future attack. There are no absolute rights and wrongs here. It’s right that we should debate the pros and cons of the two sides, and it’s absolutely right that the debate take place out in the open, rather than behind the closed doors of secret courts.
When the issue is finally decided – either by the Supreme Court or by Congress – which way do you think it will go? Take our poll, and please share your thoughts in the comments.
Images: Shade You; White House/Lawrence Jackson; Apple
FTC: We use income earning auto affiliate links. More.
That iPhone case is awesome. Can anyone tell me where i can get Fox Mulder one?
Welcome to the government’s circus show! There was nothing in that iphone in the first place, they’ve already gathered all the infos prior to changing the icloud password.
Do you work for the FBI? Because if you don’t then your claim is just BS.
BTW, are there actually people that think their I-phone is secure?….LOL
If I have a strong alphanumeric passcode, no Touch ID and no iCloud enabled then yes, at this point in time and until proven otherwise I believe my iPhone is secure.
Well, if the Paris terrorism attack showed anything it was the fact that the terrorists used burner phones – “Once and discard” – so all this hullabaloo over encryption and National Security is a smoke screen to get the LEDs what they want – access to phones that have absolutely nothing to do with National Security and all to do with local cases.
I stand with Apple. For the people who feel that my security needs are UN-American, all I can say is read the Bill of Rights.
Hence why they are finally pursuing a law that you must provide ID to purchase burnerer phones.
Agree with everything you said.
Instead of focusing on the FBI trying to do it’s job, why don’t you question why Apple aren’t doing their job and are unaware of security holes in their operating systems?
I’ll tell you why – because it’s Apple.
How about instead of one-note whining at every person who doesn’t bash Apple in the comments of an Apple-themed blog, you go find something more productive to do with your life. It shouldn’t be hard to pick one, as almost literally any other activity than this would be more productive.
I agree with flaviosuave and as an activity, I recommend bridge jumping sans bungee cord.
It may be a rocky path, but there is only one answer. It, strangely, almost mirrors the gun-debate. If we force a law that says everything must be readable by the govt. then it will be the bad guys that have the only mechanisms for communicating securely. While they may not be in a position to build their own phones/devices, it would not be unthinkable that they could build software solutions that allow for point-to-point secure communications. Law enforcement needs to adapt, not try to hold back the tsunami that is secure-encrypted communications. I know that’s easier said that done – which is why they need to get started now and stop wasting resources opposing it.
The software solutions exist. Encrypted VPN. Encrypted messaging. Encrypted e-mail. They all exist now from third parties, most of whom are based outside of the US and are therefore untouchable. Well done FBI, harming American software and hardware companies and vendors to accomplish nothing. Nothing but what many of us predicted would happen before this all started.
The FBI has just learned that the iphone, nor any “device” is purely encrypted. Welcome to the light of day FBI, if one looks hard enough, there are plenty of ways to access any device. Therefore, this case will now never go to SCOTUS in its present litigation state- there’s no need.
I think that most read the poll question as “Which side do you want to win?” I would be shocked if the government didn’t get their way, eventually. It’s the same reason people vote for big-government democrats… Too many Americans think the government knows better than they do, and has their best interests in mind.
“warrant-proof spaces” I think North Korea is a warrant-proof space. Also, someone’s brain.
As Tim Cook said, Apple doesn’t own encryption.
Even if the government could force Apple and Google and Microsoft to keep encryption keys and turn them over, and even if they could force them to keep encrypted messaging apps out of their proprietary app stores, Google and Microsoft allow non-approved apps on their mobile devices, and Apple allows them on the desktop.
And terrorists could just set up an encrypted messaging service through a website. No app on the device required.
Well first of all, US&A govt now will plan another attack on their own people to bring this case back in court, not a biggie there. Watch out, what’s the next big thing happening?
Crazy thought: Apple should freeze sales of iPhones for a day/week/month if and when this case resurfaced. I’m sure they can afford it and it will deliver the message.
And what message exactly would that be? Everyone already knows what they are saying. Halting sales would be ridiculous and doesn’t further their own goals nor does it do anything to help their investors when their share price collapses as their most profitable product is pulled from the market.
The govt attacks its own people? You may be a russian troll with a paid agenda but nope, the US doesnt do that.
There’s a reason the western world has enviable quality of life overall, and people from Russia, india, China and plenty more line up in droves to get in and get away from their oppressive governments and corruption.
But to say terror attacks in the west are done by own governments is just pathetic. the countries that you cherish would just shoot you for same accusations made there. Feel free to move, planes depart every day.
OK just found out you are In Canada, so that explains it, you whine about the US all the time, but when stuff happens or you need to shop, the US always has your back. The same US govt u shrill about.
No this should not be the end.
I’ve been reading the same thing time and time again for all the years I’ve dealt with responsible tech corporations ‘we will not disclose your personal data to outside parties, except where required by law’
Apple seems to believe it is so large and so rich that is above the law.
That can’t be allowed to stand, no greedy corporation can be above the law.
Have you ever said the word “corporation” without putting greedy in front of it? I’m betting not. Btw, your comment makes zero sense.
Your comment is interesting: “no greedy corporation can be above the law.”
Taking this stand cost Apple a lot, legal fees, time for all the top people, sales. It was a very expensive stand. It would have been far less expensive a course to go along, do what the FBI asked, like Microsoft did with China, and keep going business as usual. That would have been the course a company only driven by greed would have done. Apple took the stand they did on principle, that customers data is private and Apple will not access it. Taking the stand they did cost the company a good deal of real profit. That is not a stand a purely “greedy corporation” would take.
Your characterization is fallacious.
“except where required by law”
Except its debatable as to whether the law in this case actually requires them to share the data. This isn’t information Apple possesses. Apple handed over information from iCloud backups to which they had access to and have been very upfront about that. The unlocking of a phone is a different argument entirely and without Apple having the opportunity to appeal, the decision in turn hasn’t properly faced the scrutiny of the court system which fundamentally allows parties to appeal decisions prior to the final verdict being enacted.
Also keep in mind that a very very similar case in New York resulted in the FBI being told that the All Writs Act did not permit them to conscript Apple to unlock the device within about a fortnight of Apple being initially asked to aid in the unlocking of this phone. Clearly a different judge decided that the law did not require Apple to assist.
Sure, FBI would never lie. A bit of torture and murder, that’s OK when really required, but lies, that would be immoral and even UN-American. Why do you all assume that they really broke into that phone?
Absolute nonsense! “…I can absolutely appreciate the frustration law enforcement officials feel if placed in a situation where not even court orders will allow them to unlock a device they believe to be key to either solving a case or – more urgently – preventing a future attack.”
We have been spending HUNDREDS of BILLIONS on national security since 9/11. The national security agencies should be using the resources they already have instead of endangering every single mobile device user around the world. What did they do BEFORE smartphones? They did their jobs! If these incompetent wankers can’t do their jobs with the resources and methods they have, then it’s time to find people who can. It is NOT our responsibility to give them the tools they desire to make their jobs as easy as possible at the expense of our basic freedoms. But it should be our expectation that they do their jobs effectively with the resources they have.