If the FBI can force Apple to build a special hack software for the iPhone at the center of the San Bernardino case, could the software put other iPhones at risk of attack and data theft? Today, FBI Director James Comey told lawmakers that the special software that they are asking the company to make them “likely” could not be used on other phones. Comey also warned lawmakers that a “world with universal strong encryption” was one where the FBI could not do its job of protecting the American people.
Here’s the background: Last Friday, a California court issued an order telling Apple to create a new operating system for the iPhone 5C used by Syed Farook, one of the shooters in the San Bernardino terrorism case (the phone belongs to Farook’s employer, San Bernardino County.) The FBI requested a new operating system, derisively nicknamed by some FBIOS, to install on the phone in order to bypass two security features, enabling the FBI to unlock it.
Comey has pushed back against accusations that the bureau is using the San Bernardino case as a means to establish a new precedent and force Apple to break into more phones.
In the motion that Apple filed Thursday, they argue: “This is not a case about one isolated iPhone … Rather, this case is about the Department of Justice and the FBI seeking through the courts a dangerous power that Congress and the American people have withheld: the ability to force companies like Apple to undermine the basic security and privacy interests of hundreds of millions of individuals around the globe … No court has ever granted the government power to force companies like Apple to weaken its security systems to facilitate the government’s access to private individuals’ information.”
Is FBIOS a Dangerous Power?
Comey on Thursday told the House Intelligence Committee that FBIOS “likely” wouldn’t work on other phones because Farook’s 5C phone was unique. “The combination of a 5C and this particular operating system is sufficiently unusual that it’s unlikely to be a trailblazer because of technology being the limiting principle” he said.
If true, that would undermine Apple’s claim that FBIOS is too dangerous to create.
Unfortunately, it’s “not exactly true,” according to Dan Guido, founder of the Trial of Bits information security consultancy, a hacker in residence for the NYU Tandon School of Engineering, and a former threat intelligence lead for the Federal Reserve. “The modifications that the FBI would have Apple make would be easily portable to any other version of iOS. There is very little of iOS that differs between iPhone versions,” Guido told Defense One.
FBIOS would potentially work to break into other, but not all, iPhones. In an editorial on Sunday, Comey said that the danger of FBIOS to other phones was “limited and its value increasingly obsolete because the technology continues to evolve.”
Apple indeed has innovated its technology since the 5C, which would limit the damage that FBIOS could render onto consumers’ phones across the globe. Newer operating systems have a feature called the Secure Enclave, or SE. It’s literally a secure little enclave in your phone, a separate small computer contained inside the shell that serves as a data panic room. When you interact with your phone’s TouchID, (if your phone is a version 6 or higher and has a TouchID) you’re interacting with the SE. It manages the phone’s encryption keys and you can’t get it to behave differently but uploading a new operating system to the phone. In phones that have an SE, it also manages the feature that makes the user wait to enter the passcodes after unsuccessful attempts, a defense against precisely the sort of brute force attack that the FBI is trying to run.
The presence of the SE on newer iPhones would mean that they would be protected from FBIOS, making FBIOS less dangerous to regular iPhone owners, which would help the FBI’s case. But that doesn’t mean that the newer iPhones would be impervious to newer versions of FBIOS or combination attacks, if the company was mandated to perform those on its own devices.
“Apple would have to make further modifications to those phones to achieve the same effect that the FBI wants,” Guido told Defense One. “But the level of difficulty we are talking about is not high and much of the legwork would already be done with the original modifications for the 5C.”
He outlines more of his thoughts on what this hack would look like in this blog post.
That’s why the particular legal tactic that the FBI is using in this case, the All Writs Act, is of such concern to many in the technology and legal community and to Apple. In their motion on Thursday, Apple said “The All Writs Act does not support such sweeping use of judicial power, and the First and Fifth Amendments to the Constitution forbid it.”
The San Bernardino case isn’t the only case where the FBI is asking Apple to make them special software to break into phones. In a letter from Apple attorney Marc Zwillinger to U.S. Magistrate Judge James Orenstein, the company showed that it’s facing nine orders in cases that involve newer operating systems. In fact, Apple is facing 12 other known cases where the FBI is attempting to use the All Writs Act to make it open phones, some of those phones are version 6 or higher. If the FBI is able to compel Apple to make FBIOS work for the 5C in the San Bernardino case, it could make them modify it, or devise a combo hack, against newer phones with an SE.
The New World
Both Apple and lawmakers say that technology is hurtling toward a future where even Apple won’t be able to break into their phones, even if ordered to do so.
The New York Times on Wednesday, quoting sources within Apple, said that the company was working to further upgrade the security of its devices to put consumer data permanently beyond the reach of law enforcement, or even the company itself.
Guido told Defense One that this would be “feasible” for Apple.
“They have already isolated all the important data within the Secure Enclave on newer phones. Now they need to secure it so that they cannot strip away the protections from the Secure Enclave,” he said. “If you have a 6-character or greater alphanumeric passcode then even the ‘FBiOS’ modifications would be unable to crack your phone,” he said.
At Thursday’s hearing, Comey told lawmakers that “a world of universal strong encryption,” was one where the FBI was paralyzed to protect people, an evocative and more pointed version of the director’s “going dark” arguement.
“When I hear corporations saying I want to take you to a world where no one can look at your stuff, part of me thinks that’s great, I don’t want anybody looking at my stuff… Law enforcement, which I’m part of, really does save people’s lives, rescue kids, rescue neighborhoods from terrorists, and we do that a whole lot through court orders that are search warrants; and we do it a whole lot through search warrants that are [for] mobile devices. We are going to move to a world where that is not possible anymore? The world will not end but it will be a different world than where we are today and where we were in 2014 and so we just have to make sure that the bureau explains to folks what the costs are,” he said.