re: #215 Charles Johnson

I’m totally opposed to forcing Apple to break the lock on iPhones.

Apple already have a method of “breaking the lock” on any of their current range of phones. They can push an upgraded operating system to any machine they can access, over the air or by a direct connection (Lightning or maybe USB or, worst case JTAG after cracking the case). The phone doesn’t need to be unlocked for this upgrade to happen.

For good security reasons any such push upgrade is digitally signed and the phone won’t accept an upgrade without a valid signature. That signing process is Apple’s security Crown Jewels and the crypto behind it is very much not for public consumption. It’s the same with things like Microsoft’s OS patches, third-party device drivers etc. for similar security reasons.

The FBI are asking Apple to produce a modified version of the phone OS that does not have the “10 bad entries and wipe” feature for the PIN entry system to unlock the phone in question and then use their push upgrade capability to upload it to that phone so that it will not wipe itself when they brute-force the PIN to unlock it. That OS image would be trivial for them to create for this purpose, I believe.

If they agree to do it then it’s likely the FBI or other law enforcement agencies would require/demand they do it in future cases too and I think that’s part of the reason they’re rearing back on this first demand/request.

Saying all that there are other ways to break this kind of security but they’re a lot more difficult and would take a lot of money and time to do and they might not work perfectly. The modified software update method is fast, cheap and very likely to work, and it can be tested thoroughly before the evidential phone is exposed to the process and possibly invalidated as evidence if it is accidentally corrupted by the upgrade.