Apple’s Security Features have Locked the FBI Out

Apple's Security Features have Locked the FBI Out

  • By Sydny Shepard
  • Feb 17, 2016

A federal court order mandating that Apple assist law enforcement in breaking into the locked iPhone of Syed Farook, one of the San Bernardino attackers, has been opposed by Apple CEO Tim Cook.

Apple’s iPhone has software with a fairly simple security measure that can only be enabled by the user: the auto-erase function. This function renderers all data on the smartphone inaccessible when a certain amount of attempts to crack the four-digit security code have failed. Investigators believe this function was enabled on Farook's 5c model iPhone.

As described in the FBI court filings, the data on the iPhone is encrypted. The four-digit code you enter into your phone initiates a complex calculation which generates a unique key to unlock the data on the phone. If you don’t know the key, you don’t get the data. The auto-erase function, if triggered, will wipe out all the encryption keys rendering the data on the iPhone useless.

Another unique feature that the iPhone implores that would frustrate any user, is the time delay when trying to manually enter codes. A four-digit code can have up to 9,999 possibilities, and after just five tries, the user must wait one minute before trying again. After the six failed attempt, the wait is five more minutes. The seventh makes you wait 15 minutes and an hour after the next try.

Due to the auto-erase feature, the FBI can't attempt to unlock the iPhone without risking losing all the data. The FBI wants Apple to alter the operating system just on Farook's phone to allow the FBI to bypass or disable the auto-erase function. It also wants Apple to alter the software to allow the test pass codes to be entered without punching the keys by using Bluetooth or other means to speed the process. And the FBI wants Apple to change the operating system to eliminate the delays caused by multiple attempts to unlock the phone.

In an open letter, Cook addressed the issue stating that the FBI is asking for something that Apple just doesn’t have.

“Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation [of the San Bernardino mass shooting],” Cook said. ““In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.”

Cook strongly disagrees with the FBI, explaining that if this new software was picked up by a hacker, there would be no privacy for anyone.

“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor,” Cook said.“And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3