While the dispute between Apple and the FBI on the San Bernardino shooter’s iPhone case continues, the popular NSA whistleblower Edward Snowden takes a position giving us his opinion, and it is not so surprising.
The FBI wants to obtain a court order to force Apple to unlock the terrorist’s iPhone, the authorities have tried to do it, but an error made during the government custody apparently made impossible for the police to access the device. The FBI is demanding that Apple disables the iPhone’s “auto-erase” security feature that wipes the Apple mobile device after 10 failed passcode attempts.
On the other hand, the company of Cupertino is refusing to unlock the device, announcing a legal battle that could reach the Supreme Court.
Snowden in a video call at Blueprint for a Great Democracy conference on Tuesday accuses the FBI of lying defining its declaration defining its claims as absurd, in reality, he used a more colorful expression.
“The FBI says Apple has the ‘exclusive technical means’ to unlock the phone,” said Snowden in video conference “Respectfully, that’s horse sh*t.”
On the same day, Snowden shared via Twitter a link to an American Civil Liberties Union blog post titled “One of the FBI’s Major Claims in the iPhone Case Is Fraudulent,” which explains that the FBI has the ability to bypass iPhone protection mechanism.
— Edward Snowden (@Snowden) 8 Marzo 2016
“But the truth is that even if this feature is enabled on the device in question, the FBI doesn’t need to worry about it, because they can already bypass it by backing up part of the phone (called the “Effaceable Storage”) before attempting to guess the passcode. I’ll go into the technical details (which the FBI surely already knows) below.” states the post.
The post explains that FBI can simply make a copy of the content of the Effaceable Storage while trying to guess the passcode.
“So the file system key (which the FBI claims it is scared will be destroyed by the phone’s auto-erase security protection) is stored in the Effaceable Storage on the iPhone in the “NAND” flash memory. All the FBI needs to do to avoid any irreversible auto erase is simple to copy that flash memory (which includes the Effaceable Storage) before it tries 10 passcode attempts. It can then re-try indefinitely, because it can restore the NAND flash memory from its backup copy.” continues the post.
“The FBI can simply remove this chip from the circuit board (“desolder” it), connect it to a device capable of reading and writing NAND flash, and copy all of its data. It can then replace the chip, and start testing passcodes. If it turns out that the auto-erase feature is on, and the Effaceable Storage gets erased, they can remove the chip, copy the original information back in, and replace it. If they plan to do this many times, they can attach a “test socket” to the circuit board that makes it easy and fast to do this kind of chip swapping.”
Image credit: http://www.mobpart.com/iphone-5c-c-61_63
Snowden expressed his solidarity to IT giants that are working to provide new solutions, and improve the existing ones, to protect the users’ privacy through the implementation of strong encryption.
“We should support vendors who are willing to [say], ‘You know, just because it’s popular to collect everybody’s information and resell it to advertisers and whatever, it’s going to serve our reputation, it’s going to serve our relationship with our customers, and it’s going to serve society better. If instead we just align ourselves with our customers and what they really want, if we can outcompete people on the value of our products without needing to subsidize that by information that we’ve basically stolen from our customers’,” he told TechCrunch in June, months before the December massacre in San Bernardino. “That’s absolutely something that should be supported.”
(Security Affairs – Snowden, Apple)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.