Apple vs. FBI

Ben Thompson:

Therefore, the judge has ordered Apple to build a custom version of the operating system using their signature that removes the 10-try limitation and the artificial delay between passcode entries (and adds a way to enter guesses via an external device, as opposed to having someone enter passcode guesses manually); this would allow the FBI to bruteforce the passcode and potentially gain access to the device. I say “potentially” because even with the five-second software limitation removed the 5C’s hardware needs 80-milliseconds to process each request, and we don’t know how long the terrorist’s passcode is: a 4-digit numeric passcode would only take 34 minutes to brute force, while an 8 digit alphanumeric passcode would still take over a million years.

A few months ago our little one added a restrictions passcode to his iPhone 4s running iOS 9. He forgot what it was, and I haven’t been able to figure out it. I’d love to have this tool the FBI wants. I’m sure it’s a 4-digit numeric passcode so I’d be able to crack it in 34 minutes. There’d be lots of other moms and dads who would like it. Millions of thieves too. That’s the really bad consequence of making this tool the FBI wants: anyone who gets his hands on your iPhone (5c and older) can bruteforce crack it and get access to all the information inside. But I think it’s worth it, because the worst case scenario won’t happen. Here’s Tim Cook’s response dated February 16, 2016:

When the FBI has requested data that’s in our possession, we have provided it. Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case. We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

By the way, when Tim Cook mentions “data that’s in our possession” that’s your data on iCloud. Anything you store — photos, videos, documents, etc. — on iCloud can be accessed by Apple and with valid papers Apple will give that data over to the authorities. If someone within Apple can access your data on iCloud, assume your data on iCloud is not secure.

Apple has a lot of smart engineers who can build a limited iPhone operating system that runs only on the aforementioned iPhone 5c. Isn’t there a unique identifier for each iPhone? Tie the special operating system to that identifier, and then make the operating system erase itself after a certain time has passed. The FBI must realize Apple cannot build an iPhone operating system that allows bruteforce cracking of any iPhone and forever, so I think this device-limited time-limited version is reasonable. The FBI will then let a Cray supercomputer have at the iPhone 5c. And at the same time Apple can run a special promotion: anyone with an iPhone 5c gets a US$200 credit toward the purchase of an iPhone 6s or 6s Plus.