Apple Can Comply With the FBI Court Order

via John Gruber. [ TRAIL OF BITS BLOG ] Dan Guido:

Again in plain English, the FBI wants Apple to create a special version of iOS that only works on the one iPhone they have recovered. This customized version of iOS (*ahem* FBiOS) will ignore passcode entry delays, will not erase the device after any number of incorrect attempts, and will allow the FBI to hook up an external device to facilitate guessing the passcode. The FBI will send Apple the recovered iPhone so that this customized version of iOS never physically leaves the Apple campus.

As many jailbreakers are familiar, firmware can be loaded via Device Firmware Upgrade (DFU) Mode. Once an iPhone enters DFU mode, it will accept a new firmware image over a USB cable. Before any firmware image is loaded by an iPhone, the device first checks whether the firmware has a valid signature from Apple. This signature check is why the FBI cannot load new software onto an iPhone on their own — the FBI does not have the secret keys that Apple uses to sign firmware.

The more I understand what the FBI is requesting of Apple the more reasonable the request seems, especially the part about the FBI sending the recovered iPhone to Apple so that the iPhone with the customized version of iOS never physically leaves the Apple campus. That sounds to me the FBI does not want a special iOS version with a backdoor that can be used to hack into any iPhone.

The potential problem is: will government agencies like the FBI take this as precedent and compel Apple and other technology companies to develop special software that allows them to bruteforce crack into iPhones and other devices in the name of national security? Apple clearly doesn’t not want to go down this rabbit hole, but could the FBI and Apple come to a some type of legally-binding agreement that limits this kind of effort by Apple to just this one instance? That doesn’t sound all that realistic, but it’s worth a try. I think.