We discussed very often of the difficulties of the law enforcement in conducting investigations when suspects used devices that make use of encryption, the case that we are going to analyze is emblematic.
Apple must assist the FBI in unlocking the passcode-protected encrypted iPhone belonging to Syed Farook, one of the San Bernardino shooters in California.
The smartphone belonged to Syed Farook, who with his wife Tashfeen Malik killed 14 coworkers on December 2, 2015. Police intervened but failed to capture them alive because they died in a shootout with agents.
The agents seized the Syed’s smartphone, an iPhone 5C, but they were not able to access it because it is protected by a password. The authorities requested support to Apple with a court order issued by the US magistrate Sheri Pym.
After 10 wrong guesses, the iOS locks up requiring a sync with iTunes to restore, or automatically wipes the handset’s data, depending on the user settings.
The magistrate Sheri Pym is requesting Apple to find a way to supply software that prevents the phone from automatically wipe data when too many attempts fail. In this way, the police is free to run a brute-force attack to guess the PIN and overwhelm the security feature.
Be aware, the magistrate hasn’t requested apple to crack its encryption, instead, it demands a tool to bypass the security mechanism.
“It’s technically possible for Apple to hack a device’s PIN, wipe, and other functions. Question is can they be legally forced to hack,” stweeted Forensic scientist Jonathan Ździarski.
“Theory: either NSA/CIA dragnet and cryptanalysis capabilities are severely limited, or this is a test case to see how the courts respond.”
It’s technically possible for Apple to hack a device’s PIN, wipe, and other functions. Question is can they be legally forced to hack.
— Jonathan Ździarski (@JZdziarski) 17 febbraio 2016
Judge Pym is requesting a software update working only on the Farook’s iPhone and running only on government or Apple property.
At this point Apple has two options, demonstrate that it cannot technically comply with the order or provide the requested software.
There is no such time, Apple has five days!
(Security Affairs – San Bernardino tragedy, iPhone encryption)