Apple’s Security Features have Locked the FBI Out

Apple's Security Features have Locked the FBI Out

A federal court order mandating that Apple assist law enforcement in breaking into the locked iPhone of Syed Farook, one of the San Bernardino attackers, has been opposed by Apple CEO Tim Cook.

Apple’s iPhone has software with a fairly simple security measure that can only be enabled by the user: the auto-erase function. This function renderers all data on the smartphone inaccessible when a certain amount of attempts to crack the four-digit security code have failed. Investigators believe this function was enabled on Farook's 5c model iPhone.

As described in the FBI court filings, the data on the iPhone is encrypted. The four-digit code you enter into your phone initiates a complex calculation which generates a unique key to unlock the data on the phone. If you don’t know the key, you don’t get the data. The auto-erase function, if triggered, will wipe out all the encryption keys rendering the data on the iPhone useless.

Another unique feature that the iPhone implores that would frustrate any user, is the time delay when trying to manually enter codes. A four-digit code can have up to 9,999 possibilities, and after just five tries, the user must wait one minute before trying again. After the six failed attempt, the wait is five more minutes. The seventh makes you wait 15 minutes and an hour after the next try.

Due to the auto-erase feature, the FBI can't attempt to unlock the iPhone without risking losing all the data. The FBI wants Apple to alter the operating system just on Farook's phone to allow the FBI to bypass or disable the auto-erase function. It also wants Apple to alter the software to allow the test pass codes to be entered without punching the keys by using Bluetooth or other means to speed the process. And the FBI wants Apple to change the operating system to eliminate the delays caused by multiple attempts to unlock the phone.

In an open letter, Cook addressed the issue stating that the FBI is asking for something that Apple just doesn’t have.

“Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation [of the San Bernardino mass shooting],” Cook said. ““In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.”

Cook strongly disagrees with the FBI, explaining that if this new software was picked up by a hacker, there would be no privacy for anyone.

“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor,” Cook said.“And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.