Just like the perennial discussion on location-based services and Apple’s ability to track you, the question of accessing an iOS device’s data when the device is locked seems to come up every few months. This time around, the discussion was inspired by a CNET article, with the sensational title “Apple deluged by police demands to decrypt iPhones.”
The article seemed to be built around a single paragraph in a blurry copy of a search warrant affidavit from ATF, which stated that the writer “contacted Apple” and was told by “an employee […] who is part of their Apple Litigation Group” that Apple “has the capabilities to bypass the security software” on the iPhone.
That’s it. That’s all we know. An ATF agent reports having talked to a single person at Apple, who told him that they can “bypass the security software” on iOS devices. And from that tenuous hold, the Twitters exploded with “See! I TOLD you Apple had a back door!” and other related Fear, Uncertainty, and Doom.
But is any of it warranted? What could Apple really be doing, and is that any different from what we already know? Let’s review what we know, and don’t know, about iOS security, passcodes, and encryption.
Filesystem Access via Boot Images
iOS devices will only boot from a drive with a boot image properly signed by Apple. This image is (usually) on the device itself, but the Device Firmware Update (DFU) mode can allow the device to boot from an external drive via USB. For older devices, an bug in the bootrom allowed unsigned drives to be booted. That’s since been fixed, but it’s always been an “open secret” that Apple could probably still boot from DFU (since, obviously, they would be able to create a signed external boot image).
Once booted off an external drive, the internal device can be mounted, and unprotected information read. Most built-in Apple apps do not provide extra encryption (to my knowledge, only the Mail application separately encrypts its data at this time). One reason is that some data needs to be accessible while the device is locked: Inbound SMS messages and phone call information have to be written to the disk, the Contacts list needs to be available for displaying the name of inbound calls (and for making outbound calls), etc. So there’s a fair amount of data that can be retrieved at this stage.
So far, we’ve simply replicated what commercial forensics providers do: Boot off an external drive, and find “easily extracted” data. The difference is that forensics tools take advantage of the DFU bug (and thus can’t extract data from iPhone 4S or 5), while Apple doesn’t need any stinking bugs and can do this magic with any device.
“But wait, iOS devices also have crypto! Crypto that uses ALL the bits! And this article PROVES that Apple can bypass that! They must have a back door.”
Well, yes, there are multiple layers of cryptographic support, but again, there’s no proof that Apple has any kind of way to get around that. First, let’s start with the device’s unique ID (UID). This isn’t the same as the “UDID” that’s been used by app developers to track devices and their users. This is a deeper ID, that’s “fused into the application processor during manufacturing.” Apple says that “No software or firmware can read [the UID] directly; they can only see the results of encryption or decryption operations performed using them” (see the excellent iOS Security overview paper, last updated October 2012).
This UID is used as the basis for all the rest of the keys on the system. At the lowest level, it’s used to derive the overall disk key, which provides a built-in full disk encryption for the iOS device. This means you can’t simply remove the flash drive from one iPhone and move it to another, since the key will still be back in the first device.
Additional encryption protection (alluded to above) can be added to a file’s data if the developer requests it, simply by setting an attribute when writing data to the disk. These files have their own encryption keys (it gets complicated — you really need to read that Apple paper. And when you do, keep this HITB 2011 presentation open in another window, it’ll help…) The keys for all the files are themselves protected with class-level keys (now we’re getting kind of hierarchical and/or meta), and those keys are stored in a keybag, which is itself encrypted using yet another key.
This last key is derived using the user’s passcode and the aforementioned UID device-unique key. Because the UID is tied to a device, any brute-force attempts to break the passcode have to happen on that device. And because “The UID is unique to each device and is not recorded by Apple or any of its suppliers” (again, the iOS Security paper) it is not possible to move any of these operations to another system, or to speed it up in anyway.
So how could apple “bypass” security? Several possibilities have been speculated on:
- They could have an escrow keybag that only they know about. True, this is possible. But this security system has been subject to some pretty heavy scrutiny, if there’s a hidden escrow bag, it’s very well hidden, and nobody’s discovered the mechanism for creating and updating that.
- There could be a back door in the crypto. Not likely, again, given the 3rd party research in the system. If there’s a back door, it’s an “NSA-LEVEL” hole and way beyond anything Apple would be doing.
- They could have a way to extract the UID after all. One person on Twitter said that “sending me marketing material a la It’s secure because the vendor says it is is THIS close to insulting my mother.” Okay, fair point. But this is also a very technically detailed bit of marketing material, with far more insight and transparency than just about any other vendor provides. And, again, pretty much everything in that paper has been verified by many other security researchers. Why would Apple risk everything and have a flat-out lie in this paper? It just doesn’t fit.
Finally, I think it’s important to apply Occam’s Razor to the situation. If any of these backdoors existed, then it would take like 10 minutes for Apple to completely unlock a phone, and the alleged “7 month backlog” wouldn’t exist (unless they had thousands and thousands of confiscated devices to process).
Now, there is one final way that Apple might be able to get at the encrypted data on a locked phone: iCloud. If the user has iCloud backups enabled, then there’s a real possibility that Apple has the ability to access that data. After all, you can restore an iCloud backup to a different device, and you can change your iCloud password without losing the data in the backup. But that also shouldn’t take much time at all, and so probably only happens rarely (not contributing to the 7-month backlog).
So, to sum up:
- Apple almost certainly gets confiscated iPhones sent to them by law enforcement
- With the proper search warrant, etc., Apple will do what they can to extract data from those phones
- They almost certainly can boot the phones from a legit, signed external drive, and gain access to much of the unencrypted data on the phone (damned near everything, unfortunately)
- If they want to get at data protected by a passcode, then they can start a brute-force attack, just as researchers and forensics tool companies have been doing for years
- If the user’s passcode is strong (5-6 alphanumeric characters), this could take months, if not years, to complete
- If the device was backed up to iCloud, it’s possible that all bets are off and the data would be easily retrieved from backup
Is any of this new? Any of it at all? Nope. Not a single item in that CNET article told us anything we didn’t already know, except maybe the length of the backlog. Which, really, should be a good demonstration that there isn’t any kind of magic back door, and that if you use a strong passcode and avoid iCloud backups, the data on your phone should be secure against just about anything, including being sent home to Cupertino.
I’m going to go out on a limb and say that I’m still skeptical about the whole “Gizmodo’s got a 4th generation iPhone” story. Yes, it looks a lot like it could be real. And they’re saying all the right things. But the one thing that I can’t get over is this: they’re only saying those things.
There’s still no real proof. Everything we know about this comes from Gizmodo (other sites with pictures claim to have only received those photos, none of
them have actually handled the unit).
I’m not saying this is a hoax. I don’t think any of us really know enough to say one way or the other. What I am saying is that we’re all jumping up and down over what’s really not more than a few well-done photos and videos. In the past, such photos have been met with disbelief. This time, not so much, for whatever reason.
Anyway, some specific points that I wish had been addressed:
- There are no pictures of the phone turned on. They claim it had been remote-wiped, but that there was still a “Connect to iTunes” screen that appeared to be much higher resolution (to support rumors of a better screen). Why no pictures of that screen?
- Also, there are claims of Apple logos on the internals of the device. Why no pictures of them? Sure, there’s a single photo of a wire harness and an empty case, but no chips. Not even the mainboard. One of the first things that I wanted to know was what networks would this work on, so chipset details would have been good to get.
- Related to that — they say it uses a micro SIM. I’ve never seen a micro SIM before. It would have been nice to see that, with a comparison to a regular SIM. What carrier is it on? Is there an adapter to use the micro SIM in a normal phone? Try that, tell me what carrier it wants to use (even if it’s disabled, I’d think it should at least come up with a carrier ID).
- We’re told that the computer identified this as an iPhone. Why no details? Did it come up as “iPhone3,1” or “iDev2,2” or something else equally interesting? Did you plug it into a Linux box and see what you can get there? USB details, screenshots, movies, etc… all would have been nice to see.
- Has anyone tried to restore a backup to the phone? Would that even work? Even a failure would be interesting. Perhaps a remote-wipe prevents such a restore, or maybe iTunes would refuse because it didn’t recognize the specific model, but again, that’s something I’d expect to have been at least discussed.
- “Well, they got a letter from Apple, that proves it!” I’m pretty sure there are enough copies of cease-and-desist letters from Apple floating around the net that anyone could make a convincing-looking letter with only a little trouble. Actually, an interesting angle — couldn’t anyone in the area forge a letter from Apple, arrange a pickup, and walk away with a cool new phone? 🙂
- There’s been no independent verification. Perhaps nobody else wanted to go on the record, but even a mention of “we offered to show it to unnamed high-profile bloggers, but they all refused” would have been a nice touch. But at least having one or two well-known personalities say “Yeah, I saw it too, and it looks legit” would have been worth the trouble.
- Finally, there’s Occam’s Razor. Has Apple EVER lost development hardware like this before? There’s been plenty of press about the iPads provided to key developers before release, and the security on those was impressive. How’d a 27-year-old engineer get one out of the building? (unless he wasn’t authorized, in which case he’d really be in for a world of hurt).
Bottom line: I just don’t know. I want to believe it’s a real iPhone, just because it does look nice and appears to have all the features we’ve been jonesing for. On the other hand, have we ever seen all of our rumored features materialize on a new iPhone release? Pretty convenient that they’re all there (well, except for T-Mobile or Verizon, which they didn’t demonstrate).
But setting aside emotions, wanting to believe, and simply looking at the evidence, I remain skeptical. If only because, as I said, all we’ve seen is photos and movies of the outside, and a couple distant or ambiguous pictures of the internals. And a letter.
On the flip side, though, is this question: Would Gizmodo really have it in so bad for the entire community that they’d try to play everyone with an elaborate hoax? That too, seems unlikely.
So, again, I just don’t know. It would have been nice to see more details, and especially to get some independent verification, but still…it’d be hard to really know for certain unless Apple publicly admitted it.
There’s also been a lot of talk about the ethics of this, if it is a real phone. Is it ethical for a journalist to pay $5000 for a phone that they know isn’t the seller’s personal property? Is it illegal? Certainly, Gizmodo hasn’t signed any NDAs, but Trade Secret law can be odd, especially (or so I’ve read) in California. On the other hand, the phone wasn’t marked proprietary or secret or anything, so you might argue that Apple hasn’t really tried hard to protect it. (You might also argue that letting a young engineer take it out drinking isn’t too responsible either).
I suppose they could claim that they paid for the chance to look at it for a few days, fully expecting to turn it over to the real owner once they’ve come forward. And, really, if someone were to leave a prototype next-generation Prius, doors unlocked, in the parking lot at Car and Driver — would we really expect them to not take a boatload of pictures while they waited for the owner to come back?
I’m not quite ready to totally villify Gizmodo for this. If it’s all true, they might’ve cost someone his job — though even if they’d immediately hand-delivered it to Apple headquarters, possibly in exchange for brownie points, the guy’s job might still be in jeopardy. And if Gizmodo’s job is to break stories, then they did exactly what you’d expect. All I can say is I’m glad I’m not in a business where I have to make that kind of decision. And that alone is a reason I’m not going to judge them, either way.
Now I’ve rambled. Probably too much. So let me sum up:
- Cool pictures.
- Cool anectodal evidence, but no photos/videos to back those up.
- No independent verification, other than photos on other sties.
- Possible confirmation from Apple, but even that has no indepentent verification.
- Apple’s never lost something like this before (that I can remember).
- Simplest answer: We’ve been had.
- Most exciting answer: It’s all real.
Honestly, I’m not sure which of those two options I want to be true.
And realistically, as long as the next iPhone officially supports T-Mobile, so I can stop doing the jailbreak / unlock dance, then I won’t personally give a damn what new features it has. 🙂
I’ve got a blog on another site. Sort of. It’s never updated. It’s been over a year since the last posting, and, frankly, that’s embarrassing. However, I’m constantly thinking of things that I want to talk about, that won’t fit into the limitations of Twitter or Facebook status updates. But because I never post anything, I don’t post anything new, ’cause then I’d look like an idiot who never posts anything.
So I’m pulling a fast one, and putting content out here instead. Maybe, if I actually start doing stuff here, I’ll also start posting on my other site, and I can merge the blogs later. And then I won’t look quite as much like an idiot.
Though if you’ve read this far, then you know the truth. Congratulations, both of you. 🙂