No, the FBI Does Not Want to Simply Break Into a Terrorist’s Phone
The case involving the FBI and Apple continues to draw immense media attention. But what many outlets have chosen to mostly ignore is the fact that one of the most important claims made by the FBI is actually fraudulent.
At least that’s what the American Civil Liberties Union is claiming.
In the FBI’s court order handed to Apple, the federal agency claims that it requires Apple’s assistance to unlock the iPhone 5c that belonged to the San Bernardino shooter. Syed Rizwan Farook is tied to the December terrorist attack against government workers in San Bernardino, California that left 14 people dead, and the FBI has his phone in their possession for investigative purposes.
One of the most pressing demands made by the FBI involved Apple disabling the iPhone’s “auto-erase” security feature, an action that would render Apple’s security features vulnerable to future attacks.
The auto-erase system works by protecting user data from hackers, not destroying it. By wiping the key to the phone data after ten failed passcode attempts, the system keeps would-be snoopers from having immediate access to the phone’s information. And the FBI claimed it was afraid of losing the information contained in the San Bernardino shooter’s phone in case Apple chose not to comply.
According to ACLU’s Daniel Kahn Gillmor, however, the FBI’s concern isn’t warranted. Instead of referring to Apple for assistance, Gillmor explains, the FBI should simply back up part of the phone before attempting to guess the passcode. Instead of taking that step, however, the FBI decided to press Apple, urging the tech giant to “bypass or disable the auto-erase function whether or not it has been enabled.”
In his post for ACLU’s website, Gillmor claims the FBI already knows how to bypass the security system. He also claims that a close look at how the FBI claims the auto-erase feature works may offer important clues as to what the agency actually wants with this request.
Before Apple’s Tim Cook issued a formal statement explaining why he refused to comply with the FBI’s requests and just a few days before the court order was issued, the government issued a strongly worded motion to compel. In this motion, the FBI explains what the auto-erase feature does.
The document reads:
“The FBI has been unable to make attempts to determine the passcode to access the SUBJECT DEVICE because Apple has written, or ‘coded,’ its operating systems with a user-enabled ‘auto-erase function’ that would, if enabled, result in the permanent destruction of the required encryption key material after 10 failed attempts at the [sic] entering the correct passcode (meaning that, after 10 failed attempts, the information on the device becomes permanently inaccessible)…”
By using the “permanently inaccessible” term, Gillmor explains, the FBI may be attempting to add urgency to its request, causing Apple to panic before the order. But there’s a problem with how the government explains how the feature works, which means that the FBI may not be disclosing its intentions.
Instead of making the data “permanently inaccessible,” Gillmor explains, the system built into the iPhone to protect the user’s data works by protecting the data from immediate access when a hacker or snooper attempts to guess the passcode ten times. Instead of destroying the data, the system actually destroys one of the keys that protects the data, making that particular data unreadable. What is erased is the “file system key,” which is stored in what Apple calls “Effaceable Storage,” a part of the phone’s flash memory. But the destruction is not exactly a serious issue. According to Apple’s iOS Security Guide, the key is designed to be “erased on demand (by the user, with the ‘Erase all content and settings’ option, or by a user or administrator issuing a remote wipe command…” So what the feature concerning the FBI really protects is a key, not the actual data.
According to Gillmor, the FBI is scared of losing access to the system key, not the data, and yet its officials wrote a request that made a very different claim.
“All the FBI needs to do to avoid any irreversible auto erase,” Gillmor explains, “is simply to copy that flash memory (which includes the Effaceable Storage) before it tries 10 passcode attempts.”
Then, officials will have the ability to re-try guessing the passcode as many times as it is necessary for them to break the code. Once they have access, they can restore the data from its backup copy.
Gillmor closes his article by claiming that what the FBI wants to do is to “weaken the ecosystem we all depend on for maintenance of our all-too-vulnerable devices.” So if the federal agents are so concerned about our security, how come they are so invested in rendering the systems that protect us useless?