Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Tells US Judge It's 'Impossible' To Break Through Locks On New iPhones (reuters.com)

Posted by Soulskill on from the for-sufficiently-possible-values-of-impossible dept.

An anonymous reader writes: Apple told a U.S. judge that accessing data stored on a locked iPhone would be "impossible" with devices using its latest operating system, but the company has the "technical ability" to help law enforcement unlock older phones. Apple's position was laid out in a brief filed late Monday, after a federal magistrate judge in Brooklyn, New York, sought its input as he weighed a U.S. Justice Department request to force the company to help authorities access a seized iPhone during an investigation. In court papers, Apple said that for the 90 percent of its devices running iOS 8 or higher, granting the Justice Department's request "would be impossible to perform" after it strengthened encryption methods.

16 of 225 comments (clear)

  1. Sounds like by Chrisq · · Score: 5, Insightful

    Sounds like a challenge!

    1. Re:Sounds like by tripleevenfall · · Score: 4, Interesting

      I see this as a marked strengthening of Apple's platform. If truly not even Apple can unlock or decrypt the phones, then that's a huge benefit to using the platform.

      Of course this reminds one of TFA from last week, where it was claimed that the NSA had made some sort of computing breakthrough and could decrypt even standards that are thought to be secure today.

    2. Re:Sounds like by adamstew · · Score: 3, Insightful

      Every device that is capable of running iOS 8 is the iPhone 4S and greater...so pretty much 5 generations of devices. I doubt many people have a 5+ year old iPhone at this point. iPhone 4 and under account for 4% of the current iOS market share. (source: https://david-smith.org/iosver... )

      I doubt that they are now using this as a gimmick to try and force people to upgrade to a new handset at this time.

    3. Re:Sounds like by WorBlux · · Score: 5, Informative

      Considering Apple includes a security co-processor it's not actually that easy. Touch ID wrapped keys are discarded after reboot, 48 hrs, or 5 failed attempts. This authentication method can also be disabled or never activated by the user.

      Additionaly the root keys are only held in the co-prossesor and co-mingled with a UID (which even apple doesn't know) as well as the password. You can't begin a dictionary or pin attack without pulling out that UID (and cosidering the co-proccessor is running L4, the only way I know to do it is use nano-meter scale probes to spy on the hardware as it operates. The root of the file-system is encrypted by a key held only in the security co-processor, and the comingled password is used in a sort of chain of trust with the hardware key to secure file-metadata and per-file encyprion keys.

      The firmware is designed to resist brute force, and apple fixes every known vulnerability to brute-force it discovers. The update mechanism requires the user password and cannot be rolled back to a prior vulnerable version, So apple can't provide a targeted device update to enable brute-forceing. At best the forensic team will have to sit on the device and hope a new vulnerability is discovered, and hope the data erase after 10 failed attempts was not enabled by the user.

      https://www.apple.com/business...

    4. Re: Sounds like by Anonymous Coward · · Score: 3, Informative

      Yes, the security processor handles the passwords, the flash is encrypted with a sufficiently long symmetric key, brute force will take longer theoretically than the heat death of the universe, though every few years it seems to halve. The better attack is against the keychain in the active device. Depending on whether the user updated to a longer pin, then only a few days. But if they did enable a passphrase, then no, back to very long time beyond usefulness to LEOs, assuming they didn't choose correct-horse-battery-staple. Or something equally guessable from their private info.
      And if they set wipe after ten wrong attempts, the security processor wipes the saved flash security key, and it's gone.

    5. Re:Sounds like by tlhIngan · · Score: 4, Informative

      Simple.

      1. Remove the flash.
      2. Mount it with a non Apple device.
      3. Run a dictionary attack on the password.

      With the right equipment, it would only take a few hours depending on the complexity of the user's password.

      Am I missing something?

      Yep. Starting with the iPhone 4, the flash media is encrypted with a key held in the device memory. That key is encrypted with the device UID key, the user's PIN (if enabled), and an instance key. The encryption key is changed when you select "Clear and Delete Everything" (it throws away the key and generates a new one, and re-encrypts it).

      Moving the flash chip to a new device means you lack the per-device key which makes the flash inaccessible.

      It's a fairly sophisticated system and short of implementation flaws, it's unbreakable.

  2. That, Detective, is not the right question by rmdingler · · Score: 5, Insightful
    Impossible or not, is it a private company's (or individual's) duty to engage in the evidence-gathering duties of law enforcement?

    I'm not sure the judicial conviction of this one suspect is worth granting law enforcement the unfettered ability to deputize anyone, any time it's convenient.

    --
    Happiness in intelligent people is the rarest thing I know.

    Ernest Hemingway

    1. Re:That, Detective, is not the right question by gstoddart · · Score: 4, Insightful

      Because, apparently, it is now "un-American", or straight up illegal, for private companies to NOT be part of the spy apparatus.

      So, either you accept the provisions of stuff like the PATRIOT Act which says every company is required to participate and keep it secret ... or you have to somehow get a court to overturn that (or have the lawmakers repeal it).

      But, make no mistake about it, in the present situation, spying is a given, the requirement for corporations to help is real, and the expectation that making something you can't help them break into is just helping terrorists.

      So, yes, this may not the be the right question. The problem is to whom are you supposed to ask the right question?

      Because apparently most Americans now accept this crap as perfectly normal, and have fully embraced that if you have nothing to hide you have nothing to fear.

      The cope creep of national security and terrorism to common day to day crimes was inevitable. And now law enforcement expects to bypass any legal controls, and get what they wish because they want it.

      Papers please, comrade. That particular cat has been out of the bag for a while.

      --
      Lost at C:>. Found at C.
    2. Re:That, Detective, is not the right question by Kjella · · Score: 3, Insightful

      you sucker. Do you have any evidence to support your position? Apple moves only to make money. The "apple ecosystem" and the efforts they make to prevent jailbreaking are proof positive that their only ethic is more profit. You've been trolled by dirty capitalists.

      Of course. But if they want to sell to non-US users having encryption that actually protects privacy might be a plus. We care just as much if not more than Americans, particularly since we got fuck all legal recourse if the NSA decides that all my data belongs to them. Nobody expects Apple to be doing it out of the goodness of their heart, they're doing it because it's good business. And now that the cat is out of the bag, if the US tries to push an official government backdoor that's fine with me because it won't sell in the rest of the world. It only worked as long as it was a secret and now it's not.

      --
      Live today, because you never know what tomorrow brings
  3. Bad guys by Anonymous Coward · · Score: 4, Insightful

    This is what encryption is for. Keeping data from the bad guys.

  4. Re: Remember - Apple is a hardware company. by Feral+Nerd · · Score: 3, Interesting

    And for convenience sake it only affects OLDER devices. Seriously, Troll? OS is software, Apple could patch it to a similar level of encryption, or better for the stock price - advise you to upgrade the hardware.

    There is a military axiom about not defending indefensible positions. What would you have Apple do? Patch ancient 2nd and 3rd gen iPhones. Should Microsoft still be patching Windows 2000? Should Fedora still be patching FD12? And don't tell me that old phones being obsoleted because they are unable to run a new OS is some sinister plan by Apple to force users to buy new phones. I have a small pile of old Android phones and tablets that were orphaned (as in: Your device is incompatible with this version of Android) long before the end of their useful life because they could not handle the bloat of the new Android OS. Operating systems get upgraded, hardware becomes obsolete and some people do not bother to upgrade and that is a platform independent fact so if you want to rag on Apple try finding something better to complain about.

  5. "Impossible" for Apple by c · · Score: 4, Interesting

    It's a straight up application of Schneier's Law:

    Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break.

    -- Bruce Schneier

    Someone might be able to break it, but if they can I doubt they'd talk about it.

    --
    Log in or piss off.
  6. Re: Remember - Apple is a hardware company. by bill_mcgonigle · · Score: 4, Informative

    > do your homework

    ha, at least read Apple's security whitepaper if you're going to tell other people to do so. Newer iPhones (5s and later) have trusted hardware - older ones don't, it's that simple. You need a certain OS level to use it effectively, obviously.

    I don't even own any iOS devices and I know this. It's no crime to not stay advised of the market, but if you're going to castigate others you really need to be well-informed.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  7. Re: Remember - Apple is a hardware company. by vux984 · · Score: 4, Informative

    OS 9 - the current version runs on devices as old as the 4S. I believe the 4S was introduced in 2011. That's a lot longer than 2 years.

    It doesn't matter when it was *introduced*, what matters is when it was *discontinued* -- because people were still buying them new up until that day.

    The iphone 4 was discontinued in September 2013. That means, yes, ios9 was released before some iphone 4 users had their phones for 2 years.

    And the iphone 4 wasn't eligible for ios8 either which was released a year ago.

    So anyone who bought an iphone 4 in mid-late 2013 had support for their phone dropped within a few months of buying it.

    Apple is pretty good about updates compared to most android vendors. But there is lots of room for improvement at Apple too.

  8. Re:Seized phone by dhaen · · Score: 4, Funny

    Made in USA = backdoored, Snowden showed us that.

    Lucky they're made in China then!

  9. Re: Remember - Apple is a hardware company. by UnknowingFool · · Score: 4, Informative

    Off the top of my head, is the boot ROM secured? Is there hardware encryption of the flash storage? Can the encryption be defeated by replacing hardware? For example can you simply remove the flash and put it on another phone to access it? Can you replace the boot ROM to trick the phone in thinking is being launched/loaded correctly?

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.