SoylentNews is people
SoylentNews
Judge Orders Apple to Unlock iPhone Belonging to San Bernardino Shooter
Apple has been ordered to assist in the unlocking of an iPhone belonging to one of the San Bernardino shooters. This may require updating the firmware to bypass restrictions on PIN unlock attempts:
Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to one of the San Bernardino shooters in California. US magistrate Sheri Pym says Cupertino must supply software that prevents the phone from automatically annihilating its user data when too many password attempts have been made.
The smartphone belonged to Syed Farook, who with his wife Tashfeen Malik shot and killed 14 coworkers on December 2. The couple died in a gun battle with police soon after. Cops have been unable to access Syed's iPhone 5C because they do not know the correct PIN, and will now gain the assistance of Apple, as ordered by Judge Pym [PDF] on Tuesday.
iOS 8 and above encrypts data on devices, requiring a four to six-digit PIN to unlock. After the first few wrong guesses, iOS waits a few minutes between accepting further PIN entry attempts, escalating to an hour's delay after the ninth failed login.
[...] Judge Pym wants Apple to come up with some magic software – perhaps a signed firmware update or something else loaded during boot-up – that will allow the FBI to safely brute-force the PIN entry without the device self-destructing. This code must only work on Farook's phone, identified by its serial numbers, and no other handset. The code must only be run on government or Apple property, and must not slow down the brute-forcing process.
Apple has five days to appeal or demonstrate that it cannot comply with the order. It is crucial to note that the central district court of California has not instructed Apple to crack its encryption – instead it wants Apple to provide a tool to effectively bypass the unlocking mechanism. "It's technically possible for Apple to hack a device's PIN, wipe, and other functions. Question is can they be legally forced to hack," said iOS security expert Jonathan Ździarski.
Apple Ordered to Aid FBI in Unlocking Shooter's iPhone
According to this Reuters article, "A U.S. judge on Tuesday ordered Apple Inc to help the FBI break into a phone recovered from one of the San Bernardino shooters, an order that heightens a long-running dispute between tech companies and law enforcement over the limits of encryption.
Apple must provide "reasonable technical assistance" to investigators seeking to unlock the data on an iPhone 5C that had been owned by Syed Rizwan Farook, Judge Sheri Pym of U.S. District Court in Los Angeles said in a ruling."
"...Forensics expert Jonathan Zdziarski said Tuesday Apple might have to write custom code to comply with the order, presenting a novel question to the court about whether the government could order a private company to hack its own device.
Zdziarski said that because the San Bernardino shooting was being investigated as a terrorism case, investigators would be able to work with the NSA and CIA on cracking the phone. Those U.S. intelligence agencies likely could break the iPhone's encryption without Apple's involvement, he said."
Update: EFF to file an amicus brief in support of Apple's position.
Update 2: mendax writes: The New York Times has some "breaking news" which says that Apple will not comply with the judge's order. It's a good way to get in trouble with the judge but it's the right decision on Apple's part.
Previously: FBI Unable to Decrypt California Terrorists' Cell Phone
(Score: 2) by wisnoskij on Wednesday February 17 2016, @12:41PM
This. Looking into it, apparently they do not make it easy. It looks like it is an integrated chip to me (https://d3nevzfk7ii3be.cloudfront.net/igi/APJRFAcfVnCupMpb.medium), the big chip labelled SKhynix. But their must still be millions of people with either the skill to unsolder that chip and transfer it to a more usable board.
(Score: 4, Insightful) by BasilBrush on Wednesday February 17 2016, @01:18PM
And it would be as useless as transferring an encrypted disk to a different computer. You still need the key, and that is stored in the secure area of the CPU.
Hurrah! Quoting works now!
(Score: 0) by Anonymous Coward on Wednesday February 17 2016, @01:35PM
All the FBI is asking for is that Apple remove features in the software the frustrate brute-forcing like mandatory delays after X failed attempts and wiping the data after Y failed attempts, they are not expecting Apple to actually decrypt the data.
(Score: 2) by Geezer on Wednesday February 17 2016, @01:44PM
To what purpose, given the encrypted data? Oh, wait, FBI has already broken Apple encryption?
(Score: 1, Insightful) by Anonymous Coward on Wednesday February 17 2016, @02:06PM
They don't need to - if there's no restriction on the number attempts they just start guessing at the PIN - Given a 4 digit pin at 5 seconds per attempt and you can try every possible unlock combination in just under 14 hours; (10000*5)/(60*60) = 13.889.
Even for 6 digits it's up 1388 hours or about 58 days worst case. All very crackable if the phone continues to let you retry.
(Score: 0) by Anonymous Coward on Wednesday February 17 2016, @02:16PM
And if you can copy the data straight off the chips that means you can paralleize the cracking across thousands of systems. Even farm it out to the cloud and spend $100K to get it done in a day.
(Score: 3, Informative) by gnuman on Wednesday February 17 2016, @03:45PM
Even farm it out to the cloud and spend $100K to get it done in a day.
Is this idiocracy? What $100k? It costs nothing and could be done in less than a second to crack all passwords protected by a 6-digit code. The ONLY protection for iPhone is the self-wipe feature and inability to access the encrypted key. If you bypass it, then you can access the data.
If you can bypass memory protection and just copy the entire block out with an app (including key), then the entire protection is completely useless and can be cracked as if it wasn't there at all. And not just in special circumstances, but routinely and on mass scale.
(Score: 0) by Anonymous Coward on Wednesday February 17 2016, @04:01PM
> Is this idiocracy?
Apparently it is since you don't understand that an iphone can be protected by a passcode longer than a 6-digit PIN. [imore.com]
Oh wait, you were trying to insult me and not yourself! Well, I guess you fucked that up too.
(Score: 2) by gnuman on Wednesday February 17 2016, @04:56PM
Oh, I'm sorry. But maybe you should realize that typical 12-character passwords are just as weak as 4 or 6 digit PINs, unless you put a limit on retries. So unless someone writes 20-character passphrases that are not in some rainbow table, if allowed to just dump these things out out of the device. This is the Achilles Heel of all password protected crypto, be it LUKS or TrueCrypt.
Now, I will repeat myself. It is completely asinine to put a limit of
Even farm it out to the cloud and spend $100K to get it done in a day.
That statement is idiocracy. You have no clue what is the complexity of the problem, yet you somehow pull this number out of your ass. And as I said, it costs *nothing* to lookup a rainbow table to even to brute force all typical passwords. As to how much it would cost to brute force this particular password given unlimited retries?? No one knows except the person that knows the password. It could be negligible or it could be completely unattainable. Saying "spend $100 and get it done in a day" is just completely ignorant.
(Score: 0) by Anonymous Coward on Wednesday February 17 2016, @05:38PM
> Now, I will repeat myself. It is completely asinine to put a limit of
Never said it was a "limit" it was an example.
But I shouldn't be surprised that you've never heard of the principle of charity and instead decided to pick the worst possible interpretation so you could belittle another person.
(Score: 2) by frojack on Wednesday February 17 2016, @08:34PM
Exactly.
Since whatever you guess the pin might be has to be tried EACH time on the device, the real protection is the limit and the rate.
How long it takes to try each pin on some remote computer doesn't matter.
However, if you could clone the phone's entire internal storage you could replicate that to the cloud and just try to brute force the encryption itself. You will know when you have hit THE key (as opposed to some possible key) because there will be recognizable data structures that appear on ALL iphones. When you know significant portions of what is expected, determining when you have the actual key is not that hard, and trying them all becomes a solvable task. They ought to be done in 4 or 9 years.
No, you are mistaken. I've always had this sig.
(Score: 2) by gnuman on Thursday February 18 2016, @06:19AM
However, if you could clone the phone's entire internal storage you could replicate that to the cloud and just try to brute force the encryption itself
Well, no, actually you can't. Unless there is some unknown hidden attack on symmetric crypto, you can't just brute force your way through keys like this.
http://stackoverflow.com/questions/18847580/aes128-vs-aes256-using-bruteforce/28516055 [stackoverflow.com]
You can check 1e15 (1,000,000,000,000,000) combinations reasonably quickly. So 56-bit DES or 64-bit is completely insecure and have been for decades. I don't know what Apple is using, but it is at least 128-bit crypto, probably 256-bit. This means that if you can brute force a 56-bit key in one millisecond, it would take you longer than the age of the universe to crack 128-bit key, never mind 256-bit key.
The bottom line is this - crypto is either secure or insecure. Any backdoor makes crypto insecure. If Apple added a super-secret-hash-hash key so they could unlock the phone, that key would be completely compromised sooner rather than later along with ALL the devices. Such a key would be immediately attacked and extracted from the phone by uncovering the chip and extracting the key, bit by bit from the flash, or by compromising Apple or government servers. There is nothing that can't be unlocked like that, given sufficient time and resources. This also means that this entire fiasco with the phone has nothing to do with the phone itself - Apple can't unlock it even if they wanted to and FBI doesn't want to spend resources (that it can't afford anyway) to find nothing on that phone. What this is about is future of security - it's the next installment of the crypto wars.
https://en.wikipedia.org/wiki/Crypto_Wars [wikipedia.org]
(Score: 2) by frojack on Thursday February 18 2016, @09:10AM
This means that if you can brute force a 56-bit key in one millisecond, it would take you longer than the age of the universe to crack 128-bit key, never mind 256-bit key.
Did you miss that bit about the cloud, and the other references about using the power of a zillion machines metioned up-thread?
By the way, if you think encryption can't be brute forced in this day and age, you need to go back and re-read what Snowden has written.
No, you are mistaken. I've always had this sig.
(Score: 2) by BasilBrush on Thursday February 18 2016, @12:44AM
The fact that the FBI are having to use dubious legal means to compel Apple to bypass the self-wipe indicates that there is no known way of doing it in the wild with current iPhones. Whether by forensics or any other method.
Hurrah! Quoting works now!
(Score: 0) by Anonymous Coward on Thursday February 18 2016, @07:36AM
Not sure it's still current but software wa announced in 2014:
http://www.cultofmac.com/280450/heres-easy-hack-past-apples-activation-lock-missing-iphone/ [cultofmac.com]
There's also something called the IP Box that tries PINs via USB, and in case of a failed attempt cuts the power to the phone so the failure can't be logged:
http://gizmodo.com/this-cheap-hack-shows-no-iphone-pin-is-really-safe-1692020457 [gizmodo.com]