Apple’s decision to protect user privacy rather than add security backdoors to cooperate with law enforcement has been a common theme of 2016. The company has pointedly refused to weaken its stance on strong encryption and privacy for all Apple users; the most notable being the San Bernardino Apple/FBI clash.
As it is practically impossible to access data stored on a modern iPhone, thanks to security measures Apple introduced in iOS 8 and iOS 9, the UK police have developed a new tactic to be able to recover usable intelligence; conduct a street robbery and steal the suspect’s phone whilst it is in use, in their hands …
Try Amazon Prime 30-Day Free Trial
Any iPhone with a Secure Enclave is considered all but impossible to crack into, if secured with a passcode or fingerprint due to hardware-level security and encryption policies.
Without knowledge of the PIN code, the iPhone is pretty much impermeable to law enforcement as the system data encryption is tied to the passcode. iOS also includes measures to prevent brute force attacks of the code (i.e. the system will require users to wait for longer intervals after failed PIN entries).
Some police forces have thought they could simply force an individual to place their finger on the Touch ID sensor and use their fingerprint authentication to unlock the device; in this investigation, the UK police force found that this practice could not lawfully enforced. Combined, this means that accessing data on a locked iPhone is simply not possible for law enforcement.
The UK police have developed a new tactic to counter this; track a suspect covertly, stage a robbery in the street and steal the phone out of the person’s hand whilst it is still unlocked. As long as the iPhone is kept awake and powered, all data on the iPhone device is then unencrypted for examination.
This strategy has already been used in one British police investigation. They were targeting a person called Gabriel Yew, who was suspected to be making fake payment cards which criminal gangs use to buy luxury goods. Intelligence indicated that the suspect was performing all communication regarding the activity on his iPhone, seemingly safe in the knowledge that if the police caught him, his phone’s strong encryption would prevent him from being found guilty.
The police trailed Yew whilst he was going about his daily business and waited for him to take a phone call, meaning his device must have been authorized and unlocked in that state. They then stole the phone out of his hand whilst arresting him.
One police officer was given the duty to continuously swipe around the iOS UI to prevent the device from sleeping until they managed to connect it to a computer and retrieve the (decrypted) data. The mission was successful and the detective chief inspector later said that the evidence on the phone was ‘crucial to the prosecution’. Yew subsequently pleaded guilty and was sentenced to five years behind bars.
This strategy may become more prevalent in law enforcement going forward, as it’s an inexpensive and (relatively) risk-free way to circumvent the strong security measures the iPhone imposes whilst it is locked … take the phone whilst it isn’t locked.