On Monday, federal authorities announced that they were able crack the encryption of an iPhone 5C that belonged to one of the two San Bernardino shooters, ending a month-long legal battle with the device’s maker.
In court, Apple has been pressured into creating a backdoor into the phone’s encryption that would allow FBI investigators access the handset and bypass its data-destruction safety mode triggered by multiple wrong passwords.
Somehow the government managed to break the encryption, but experts declined to tell what security flaw they exploited. And if the iPhone maker doesn’t know what it was it cannot fix it. We only know for sure that the flaw affects iPhone 5C with iOS9.
In the meantime, the federal agency disclosed only clues to how they did it. According to a senior officer, FBI experts managed to turn off the feature that wipes phone memory after ten consecutive but unsuccessful log-in attempts. After disabling the security feature, they used a brute force attack, i.e. a supercomputer tried every possible password combination at super-fast speeds. The officer believes that the entire operation took just 26 minutes.
For sure, Apple experts have been working on detecting the flaw ever since. But apparently they are still unable to tell what it was. Plus, detecting a security flaw in an iPhone is a tremendously complicated task since the handset’s architecture is extremely complex.
One expert likened iPhone’s design to a house with thousands of doors and windows. So, the company’s engineers now need to find which window or door was breached, which may take some time. Still, the government should not enter a house forcefully no matter the reason, experts think.
A Johns Hopkins University team reported last week that they detected a security flaw in Apple’s iMessage platform, which would allow hackers and the government intercept content transmitted through a secure channel. Yet, they briefed Apple on the issue before publishing a research paper on it. And they now hope that the government will follow suit.
Joseph Lorenzo Hall of the Center for Democracy and Technology noted that making a secret out of a vital security flaw that could put millions of people at risk is at odds with the FBI’s self-professed goal of keeping Americans safe and secure. So far, the agency seems to see an ongoing investigation more important than the security of millions of iPhone users worldwide.
Image Source: Wikimedia