http://www.marketwatch.com/story/heres-what-exactly-the-fbi-wanted-from-apple-2016-02-17
Apple Inc. AAPL, +1.53% Chief Executive Tim Cook said in a sharp online letter that the company will oppose a federal judge’s order to help unlock a San Bernardino, Calif. attacker’s phone.
“Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case,” Cook wrote. “We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.”
So what more did the FBI ask for that Cook is outright refusing? Here’s a breakdown of what exactly the feds wanted from Apple and why Cook said no:
The U.S. magistrate asked Apple to provide “reasonable technical assistance” for law enforcement to bypass or disable certain security features.
In practice, and as noted by the court document and Cook’s letter, that means Apple would have to create a new version of the iPhone operating system and purposefully change or kill the security option that prompts a phone to erase all data and reset if the incorrect password is entered 10 times.
Apple to oppose judge's order to unlock iPhone
<time style="box-sizing: border-box; margin: 0px; padding: 0px 0px 0px 5px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; color: rgb(175, 175, 175); font-style: italic; font-stretch: normal; line-height: 1; background: 0px 0px;">(1:35)</time>Apple CEO Tim Cook said the company will oppose a federal judge's order to help the Justice Department unlock a phone used by a suspect in the San Bernardino attack, which killed 14 people.
Why does the FBI need that function to go away? Investigators need to unlock the phone to see what evidence they can find on it. The 10-time limit means investigators need to wait around before reattempting password combinations so they don’t wipe the phone’s contents while trying to crack it. Each attempt at guessing a six-digit password takes about 80 milliseconds, which means it would take more than 5.5 years to try all possible combinations, according to an Apple guide to iOS security. And that’s just if the password is six digits: iPhones support four-digit, six-digit and longer passcodes. Getting rid of this kind of security roadblock would “provide the fastest-possible route for the FBI” to get into the phone, says Matthew Green, a cryptographer and Johns Hopkins University professor.
<tbody>
</tbody>
The court says “Apple’s reasonable technical assistance” should accomplish three things: Get rid of the self-destruct after 10 tries feature, make it such that the codes can be entered electronically by connecting the phone to another device (so the FBI doesn’t have to hand-enter each passcode) and get rid of any potential delays between password guesses.
Cook doesn’t think that’s reasonable.
“In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession,” he wrote.
“And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
If Apple finds this request to be “unreasonably burdensome,” it can ask the court to reverse it within five business days, the magistrate’s order says. Cook’s letter makes it clear Apple plans to do just that.
Apple Inc. AAPL, +1.53% Chief Executive Tim Cook said in a sharp online letter that the company will oppose a federal judge’s order to help unlock a San Bernardino, Calif. attacker’s phone.
“Apple complies with valid subpoenas and search warrants, as we have in the San Bernardino case,” Cook wrote. “We have also made Apple engineers available to advise the FBI, and we’ve offered our best ideas on a number of investigative options at their disposal.”
So what more did the FBI ask for that Cook is outright refusing? Here’s a breakdown of what exactly the feds wanted from Apple and why Cook said no:
The U.S. magistrate asked Apple to provide “reasonable technical assistance” for law enforcement to bypass or disable certain security features.
In practice, and as noted by the court document and Cook’s letter, that means Apple would have to create a new version of the iPhone operating system and purposefully change or kill the security option that prompts a phone to erase all data and reset if the incorrect password is entered 10 times.
Apple to oppose judge's order to unlock iPhone
<time style="box-sizing: border-box; margin: 0px; padding: 0px 0px 0px 5px; border: 0px; outline: 0px; font-size: 14px; vertical-align: baseline; color: rgb(175, 175, 175); font-style: italic; font-stretch: normal; line-height: 1; background: 0px 0px;">(1:35)</time>Apple CEO Tim Cook said the company will oppose a federal judge's order to help the Justice Department unlock a phone used by a suspect in the San Bernardino attack, which killed 14 people.
Why does the FBI need that function to go away? Investigators need to unlock the phone to see what evidence they can find on it. The 10-time limit means investigators need to wait around before reattempting password combinations so they don’t wipe the phone’s contents while trying to crack it. Each attempt at guessing a six-digit password takes about 80 milliseconds, which means it would take more than 5.5 years to try all possible combinations, according to an Apple guide to iOS security. And that’s just if the password is six digits: iPhones support four-digit, six-digit and longer passcodes. Getting rid of this kind of security roadblock would “provide the fastest-possible route for the FBI” to get into the phone, says Matthew Green, a cryptographer and Johns Hopkins University professor.
| Attempts | Delay enforced |
| 1-4 | none |
| 5 | 1 minute |
| 6 | 5 minutes |
| 7-8 | 15 minutes |
| 9 | 1 hour |
<tbody>
</tbody>
The court says “Apple’s reasonable technical assistance” should accomplish three things: Get rid of the self-destruct after 10 tries feature, make it such that the codes can be entered electronically by connecting the phone to another device (so the FBI doesn’t have to hand-enter each passcode) and get rid of any potential delays between password guesses.
Cook doesn’t think that’s reasonable.
“In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession,” he wrote.
“And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
If Apple finds this request to be “unreasonably burdensome,” it can ask the court to reverse it within five business days, the magistrate’s order says. Cook’s letter makes it clear Apple plans to do just that.
