Right now, the FBI is trying to compel Apple to develop new software that would allow it to more easily break the security on the locked iPhone 5c that’s currently at the center of the San Bernardino terrorism investigation. As configured, the smartphone’s set to permanently destroy the means to access its encrypted data if an incorrect PIN is entered too many times, and the FBI wants Apple to craft a special version of iOS that would disable this countermeasure. While Apple waits to see how its motion to dismiss the order plays out in court, security experts are questioning whether or not the FBI really needs the assistance it’s demanding of Apple.

That list of high-profile figures in computer security include Edward Snowden, who yesterday tweeted his support for this analysis of the situation:

Basically, there’s no reason the FBI should need a software work-around for the iPhone’s auto-delete mechanism, as it already has physical access to the phone’s flash storage. On the iPhone 5c, when too many incorrect PINs are entered, iOS deletes a key stored on that flash chip (not the encrypted data itself) – and without that key, the rest of the data on there can’t be decrypted, even with a correct PIN.

But there’s nothing stopping the FBI from removing that chip, copying it (like with the gear you see above), and guessing the PIN all it wants. When it guesses wrong too many times, it can simply reflash the chip, restore that key, and keep on trying. Unlike future iPhones, there’s no secure enclave on the 5c that can’t be readily accessed – all the data the FBI needs to work with is on that flash chip. Sure, this would take slightly longer than an automatic brute-force strategy, but it’s well within the FBI’s capabilities.

This analysis is only fueling speculation that the FBI’s motives for ordering Apple’s help go beyond gaining access to this one phone, and it could be more interested in the precedent of compelling tech companies to weaken their security.

Source: ACLU, Edward Snowden (Twitter)

You May Also Like

Samsung Galaxy Z Flip could soon receive FCC certification, while we get more details

There is new information concerning the Samsung Galaxy Z Flip that mentions its camera, fingerprint sensor and more

A new Samsung Galaxy Fold may launch in Q2 with S Pen and ultra-thin glass

The new Samsung Galaxy Fold may arrive sometime during the second quarter of 2020, and it could arrive with 5G connectivity and more
Pixel 3a hands-on

Google Pixel 3a is $350 on B&H, plus more deals from Amazon

These are the latest deals available from B&H and Amazon, where you will find the Google Pixel 3a, smart TVs, a wide variety of headphones and more