1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Judge Orders Apple to Unlock iPhone Used by San Bernardino Shooters

Discussion in 'The Hacker News' started by RSS, Feb 17, 2016.

  1. RSS

    RSS New Member Member

    The Tech Giant Apple has come into an entangled situation which could be a potential security threat for Apple users in near future: Help the FBI Unlock an iPhone.

    The US Magistrate Judge Sheri Pym has ordered Apple to provide a reasonable technical assistance in solving a critical case of Syed Farook; who with his wife Tashfeen Malik planned a coordinated "2015 San Bernardino attack" that killed 14 people injured 22.

    As part of the investigation, the Federal Bureau of Investigation (FBI) had seized the Farook's iPhone 5C that would be considered as an insufficient evidence until and unless the iPhone gets unlocked by any means.

    Previously, Apple had made several crystal clear statements about its Encryption Policy, stating that even the company is not able to decrypt any phone data as the private key lies at the user's end.

    A similar problem encountered three years back with Lavabit, who was forced to shut down its services soon after when FBI demands SSL keys to snoop the emails.

    However, despite forcing or ordering Apple to break the encryption and unlock the suspect’s iPhone, judges have ordered the company to find an alternative way to unlock iPhone, keeping data intact.

    Can Apple Unlock iPhone? Yes, Here's How:

    From iOS 8, Apple added a data security mechanism called Data Protection, which uses 256-bit AES Encryption key to encrypt everything on the device.

    Here the passcode a user enters is itself used as part of the encryption key and thus, it is impossible for an attacker or even Apple itself to unlock iPhone until the user re-inputs the passcode.

    Besides Data Protection, Apple offers "Auto-Destruct Mode" security feature that will erase all the data on the iPhone if an incorrect password is entered 10 times concurrently, making the data unrecoverable.

    So, Judge Pym wants Apple to come up with an alternative that should increase the brute force attempts from 10 to millions, in order to prevent the data from getting self-destructed.

    Apple has not yet confirmed whether it is possible to write such a code that can bypass iOS Auto-Destruct feature.

    But, if it's possible, it would provide an alternative backdoor mechanism to every law enforcement and intelligence agency to unlock iPhone by simply brute forcing 4-6 Digit Pins effectively within few hours.

    Here we support Apple policy not to help break its users' encryption, because once a master key is created to unlock that particular iPhone, we're sure that the US government will misuse this power and demand for the key again and again in near future for unlocking other phones.

    Apple Rejects to Unlock San Bernardino Shooter's iPhone

    Update: Apple has dismissed the court order to unlock San Bernardino gunman Syed Rizwan Farook's iPhone.

    Here's what Apple CEO Tim Cook said in a statement:

    "The United States government has demanded that Apple takes an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand."

    "We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone."​

    Continue reading...

Share This Page