Experts: The FBI's iPhone-unlocking plan for Apple is risky

February 22, 2016 by Brandon Bailey
Experts: The FBI's iPhone-unlocking plan for Apple is risky
This Feb. 17, 2016 file photo shows an iPhone in Washington. In the searing debate over the FBI's effort to unlock a terrorist's iPhone, federal authorities argue they're seeking only limited help from Apple that won't compromise the privacy of other iPhone users. Security experts say it's not so simple. (AP Photo/Carolyn Kaster)

In its battle with Apple over an extremist's iPhone, the FBI says neither the company nor anyone else has anything to fear. Although they want to compel assistance from Apple to unlock a phone used by San Bernardino mass shooter Syed Farook, officials say the techniques they propose are limited in scope and pose no risk to the privacy of other iPhone users.

Security experts say it's not so simple.

"It's a very dangerous proposition to claim that this capability could not be re-used," said Will Ackerly, at Virtru, a computer he co-founded after working 8 years at the National Security Agency.

Federal prosecutors have asked a court to force Apple to produce special that would help the FBI guess the passcode to an iPhone found in Farook's car. Federal officials say Apple will be free to destroy that software once the iPhone is open to investigators.

Apple argues it's unrealistic to think that governments, both in the U.S. and overseas, won't ask to use the same program again in other cases. Ackerly and other experts echoed that concern. And on technical grounds, experts say, it may simply be impossible to keep the program from falling into the wrong hands.

True, some experts say Apple CEO Tim Cook is exaggerating when he says the wants the company to create a "backdoor" into otherwise secure information held on iPhones. It might be closer to say the government wants to require Apple to help pick the lock to the front door. Even that approach, however, could still pose broader dangers.

Essentially, the FBI wants Apple to write a program that disables some iPhone security features so that federal computer experts could guess the phone's passcode by "brute force." Unlocking the phone with the passcode automatically decodes encrypted files. In particular, the FBI wants to disable a "self-destruct" mechanism that could render the phone unreadable after 10 bad guesses, as well as an enforced delay of up to an hour between incorrect passcode attempts.

U.S. officials say their precautions would prevent anyone else—governments and criminal hackers included—from re-using that bypass software on other phones.

First, the government says Apple can design the program to work only when it recognizes Farook's iPhone, by checking the unique identifying code assigned to each device Apple makes. The iPhone won't respond if the program doesn't contain a cryptographic signature that verifies the software was created by Apple, the government said in its court filing.

Authorities say the program can be loaded onto the iPhone's temporary memory, so it will disappear once the iPhone is turned off. As an additional precaution, the government says Apple can design the program to let investigators try different passcodes by submitting them electronically, so that Apple can keep physical control over the iPhone while the special program is deployed.

"Compliance with the order presents no danger to any other phone," prosecutors said Friday in a court document signed by Assistant U.S. Attorney Tracy Wilkinson.

Those measures should prevent anyone from getting their hands on the special software or re-using it on another phone, agreed Chris Eng, vice president of research at Veracode, a computer security firm. "From a technical perspective, I believe what's being described is completely possible."

Eng said he'd be more concerned if the government was seeking a true "backdoor"—a change in Apple's encryption algorithm that would let others break the code. That's not what the FBI is pursuing in this case, he said.

But other experts warned of technical risks in the government's plan. They said it would be difficult, but not impossible, to reverse-engineer the Apple program so it could work with other phones. Software is easy to copy, despite the government's reassurances, said Bruce Schneier, a security expert and chief technology officer for Resilient Systems. "That's the nature of software."

The program wouldn't work on another iPhone unless a hacker modified it to recognize that device, and that would require forging Apple's digital signature, said Steve Bellovin, a computer science and security expert at Columbia University. But he said it's not beyond the realm of possibility that sophisticated hackers or a foreign government could steal Apple's signature code.

Though Apple is known for guarding its secrets closely, a senior executive said recent history shows that no companies are immune to hacking—either by outsiders or an employee who's been bribed to steal secrets. The executive, who spoke on condition of anonymity, also asserted that an outsider wouldn't need Apple's digital signature to modify the program so it works with another phone.

Any risk that the software could be stolen or modified will increase because other law enforcement agencies are likely to ask Apple to re-use that tool in the future, Apple contends. "Law enforcement agents around the country have already said they have hundreds of iPhones they want Apple to unlock if the FBI wins this case," the company said in a statement Monday.

Using the software even once could give authorities or outsiders new clues to how Apple's security features work, potentially exposing vulnerabilities that could be exploited in the future, Ackerly said. If Apple allows federal investigators to submit passwords through a remote connection, he added, that could open the phone to intrusion—including efforts to copy the program.

The government has promised it won't try to copy Apple's software, of course, and doing so would risk a judge's ire or even legal penalties.

Computer forensics expert Jonathan Zdziarski raised another possibility: If authorities find anything on the iPhone that they use in court—for example, to identify and prosecute any accomplices who aided the San Bernardino shooters—then Apple could be required to explain its software in court. A judge might also permit defense attorneys and their experts to study the program.

There's a strong likelihood "this tool won't be used once, but many times," Zdziarski said in an email, adding that each time could expose the software to copying or misuse.

Explore further: Apple could bypass iPhone security, experts say—but won't

Related Stories

Protests planned across US to back Apple in battle with FBI

February 21, 2016

Protesters are preparing to assemble in more than 30 cities to lash out at the FBI for obtaining a court order that requires Apple to make it easier to unlock an encrypted iPhone used by a gunman in December's mass shootings ...

Q&A: A look at the Apple vs US Justice Dept. court fight

February 17, 2016

A U.S. magistrate judge has ordered Apple to help the FBI break into a work-issued iPhone used by a gunman in the mass shooting in San Bernardino, California. Apple chief executive Tim Cook immediately objected, setting the ...

Apple to fight order to help FBI unlock shooter's iPhone

February 17, 2016

Apple Inc. CEO Tim Cook says his company will fight a federal magistrate's order to help the FBI hack into an encrypted iPhone belonging to one of the San Bernardino, California shooters. The company said that could potentially ...

Recommended for you

Making AI systems that see the world as humans do

January 19, 2017

A Northwestern University team developed a new computational model that performs at human levels on a standard intelligence test. This work is an important step toward making artificial intelligence systems that see and understand ...

Firms push hydrogen as top green energy source

January 18, 2017

Over a dozen leading European and Asian firms have teamed up to promote the use of hydrogen as a clean fuel and cut the production of harmful gasses that lead to global warming.

WhatsApp vulnerable to snooping: report

January 13, 2017

The Facebook-owned mobile messaging service WhatsApp is vulnerable to interception, the Guardian newspaper reported on Friday, sparking concern over an app advertised as putting an emphasis on privacy.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.