Friday, April 1, 2016

Apple demands to know how FBI cracked San Bernardino iPhone

The FBI recently dropped its case against Apple after a third-party was able to break into the iPhone used by Syed Farook. Now, Apple is demanding to know how they did it.


In the Apple vs FBI controversy, the roles have officially been reversed.
On Monday, the Justice Department dropped its case against Apple after it was able to unlock the iPhone used by San Bernardino shooter, Syed Farook, with the help of an "outside party." Now, Apple wants to know just how they did it.
The controversy around the phone began when Apple refused a court order to unlock the phone for the FBI to assist with their investigation. Apple would have been required to rewrite its OS with fewer security measures in place so that it could be accessed by the authorities.
However, a filing posted by the FBI on Monday stated: "The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court's Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016."
"It's the best and worst case scenario for [Apple]," said John Pironti, of IP Architects. "The best case scenario is that they can continue to say that they're doing everything they can do, and that they did not support law enforcement in this way."
Apple didn't have to create any custom code to help the authorities, nor did it have to violate its own ethical standards. But, the fact that the FBI and its unknown partner were able to unlock the phone means that there is a security flaw that Apple may be unaware of.
The FBI has yet to disclose who helped them crack the iPhone's security, or what measure was used to accomplish the task. And, if the potential vulnerability goes unchecked, it could be leveraged by malicious hackers to steal information from other iPhones.
So far, most people can only guess how the phone was unlocked. Some reports have indicated that Israeli company, Cellebrite, may be the unknown party that assisted the FBI. Others have speculated that the limit on incorrect password guesses was lifted, allowing the FBI to run software that eventually guessed the correct passcode. Another method, Pironti said, would be through using copied images on an emulator.
"You would take an image of the actual device, recreate the image into an emulator and then, using the emulator, you would run permutations against emulated devices," Pironti said.
The core device would still be safe and you would just keep making copies and running number combinations on those copies—almost like a virtual machine. At the time of this writing, though, nothing has been confirmed.
So now, Apple needs the FBI's help. Or, at least, its sympathy. Although, that it may be difficult for Apple to convince the FBI of its plight, as it continually pushed back against the FBI's orders—going as far as to increase the encryption on their devices in light of the FBI's original case.
This brings a new question, will the FBI ever help Apple out? If we are simply counting an eye for an eye, there is no reason for the FBI to explain its tactics. But, there are also more strategic reasons for refusing Apple's request.
ZDNet's Zack Whittaker recently pointed out a tweet by the ACLU's Christopher Soghoian that read: "The [government] doesn't disclose security flaws to firms like Apple if useful to law enforcement."
It makes sense that the FBI would like to keep its method under wraps. For one, if they disclose the method (and subsequently, the flaw it exploits) Apple will remedy the issue, and the FBI will no longer have a way into future iPhones. And, as some have pointed out, the FBI's current contention with Apple involve about 15 other iOS devices that they want access to. So, if they found a way in, why would they give it up?
Also, the U.S. government has a history of keeping these kinds of capabilities hidden.
"The Snowden releases released ways that the NSA had been able to compromise iPhones for years, and that was never disclosed to Apple, at least that I know of, until the Snowden releases," Pironti said.
Apple took direct action immediately after the Snowden releases to improve the iPhone's security, and their stance has continued to focus heavily on encryption.
The LA Times reported that Apple's attorneys are researching ways that they could legally compel the FBI to reveal the method used to hack the phone, but no updates have been released. Benjamin Wright, an attorney and instructor at the SANS Institute, isn't convinced that Apple would have much of a case if they did pursue a legal avenue.
"It just feels like quite a stretch for Apple to use some mechanism of law to force the police to reveal what they did, when Apple wasn't involved," Wright said.
At the time of the investigation, the phone was owned by the county of San Bernardino, and the county gave permission to the FBI to do whatever they needed to do in order to gather evidence. There could be some language in the end-user license agreement regarding IP or reverse engineering, that could potentially be used in a legal case, but Wright said that would likely be a stretch as well. There's also another option, Wright said.
"To get information about how the FBI cracked the iPhone, Apple might allege that the third party who did the work violated an Apple patent or stole a trade secret from Apple," Wright said. "A substantiated allegation like that might justify a lawsuit by Apple against the third party. Such a lawsuit might justify legal discovery of the technique used by the third party."
Jay Edelson of Edelson PC, which does privacy class action work in the tech sector, said that the legal situation shouldn't be taken lightly by either party.
We do not believe the government has a legal duty to tell Apple the details about the backdoor it found. However, we believe it is in the nation's security interests that the government start working with the private sector to identify and close cyber vulnerabilities. Right now, the government has inconsistent interests. On the one hand, it doesn't want to see companies get hacked, and knows that cyber terrorism is aimed at private companies, along with the government. On the other hand, it does not tolerate the idea that systems are totally secure because it always wants to maintain the option of gaining access for law enforcement, anti-terrorism, or other purposes. We believe the government cannot straddle the fence on this issue—it should be helping companies prevent hacks, even if it means that increased security will make their job harder in certain instances.
Additionally, Wright said, the timing for the news about the iPhone being unlocked was a little suspicious. Wright said he felt the FBI's original legal case was weak, and its agenda wasn't so much to procure specific data from one phone, but to set precedent for law enforcement to force Apple to cooperate. However, the FBI didn't realize how weak its case was until Apple pushed back as hard as it did.
"The FBI realized it was about to get a judge ruling against the FBI, and they didn't want that precedent so, magically, they produced some other third party who's come out of nowhere to save the day," Wright said.

The 3 big takeaways for TechRepublic readers

  1. The FBI has officially unlocked the iPhone 5C of San Bernardino shooter Syed Farook, with the help of an unknown third party. Now, Apple is working to find out how they were able to access the information.
  2. There is no official statement on exactly how the phone was unlocked, or by whom, but some reports indicate that Israeli company Cellebrite helped the FBI bypass the number of passcode attempts on the phone.
  3. The FBI has many reasons to keep its methods secret, if it can. By not disclosing the flaw that allowed access to the phone, the FBI has a better chance of unlocking iPhones in the future if the need arises.

No comments:

Post a Comment