Security Pros Offer Opinions, Solutions for FBI vs. Apple
Morey Haber, vice president of technology, BeyondTrust: A1: Based on public-record information, Apple has assisted the FBI 80 times [or more] since 2008 accessing devices that were under investigation. This request is no different than any other, except the potential complexity to access the phone is exponentially increased due to local encryption and a feature to erase all data if a PIN [personal identification number] is unsuccessfully tried after 10 times. Apple has decided to take a stand based on a custom piece of firmware that could be used to remove key security features and allow brute-force access to the phone. The custom firmware is not a threat to individuals or anyone else unless it is leaked into the wild and a hacker found a way to distribute it to cell phones everywhere. If they did, Apple could easily stop signing that version, like they do with all previous versions, and the point would be moot. I believe that in one-off cases like this, and the possible threat of future terrorism, Apple should help the FBI. If the method the court order suggests is "too risky" for unknown reasons, then mediation can find another way. After all, iOS 9 can be jailbroken, and the modifications needed for the phone to access the data can probably occur with over-the-counter hacks currently available. I firmly believe the security community can do this without the PIN. A2: Apple has been slow in adopting new and commonly acceptable features since the inception of the iPhone and iPad. If you remember, it took them years to admit the phone needed copy and paste. Why can't Apple add a commonly accepted feature to the home pin screen like everyone else: "Forgot my PIN." They provide hints on OS X, sensitive Websites have "forgot my password," and in the most extreme cases, the PIN is sent via USPS. I understand the basic mechanics of the Secure Enclave; why the PIN needs to be entered the first time the phone is booted, etc. There is no reason Apple cannot add this feature, especially if they trust all our passwords in iCloud under a keychain with a one-time password. The same technique could be used for an iPhone. By the way, if you have young children, you may have experienced them changing the PIN and not remembering. That just leads to a bricked device.As for the FBI accepting the information [as obtained by Apple itself], I am not an attorney. I do not know the legal ramifications of a third party providing this data. However, if the FBI was involved in every step and informed of the procedure, I don't see why this would be an issue. This leads to the premise above: They [Apple] may not want the FBI to know or have decided to take a stance for marketing, political or other reasons. Remember, they have been cooperative in the past. So why now? This is a one-off backdoor. Nothing more. Apple can create plenty of mitigating controls to ensure safety of the code. My only fear is the insider threat. The creators would know how to make the backdoor that currently does not exist, and it would be a commodity to the FBI, NSA or anyone else. Right now, the claim is no one has that knowledge and the FBI would have to accept another method to get the data. J.J. Thompson, founder and CEO, Rook Security: A1: No. In this request, the FBI is turning to Apple to help with something that is feasible only through working with the vendor. The solution is intended to be specific to this one phone, and it will not set dangerous precedent as the situation is very specific. A2: Apple can sit with the FBI and the U.S. Attorney on the case to craft documentation that specifically outlines what can and cannot be done to modify the Secure Enclave firmware written and signed by Apple—for this one device to be modified, for this specific purpose only. The U.S. attorney and the FBI can re-submit the warrant to improve the specificity of the request so that Apple and the public's concerns are addressed. A3: In theory, yes. iOS adds a 256-bit, device-unique secret key called a UID to the mix, and to store that key in hardware where it's hard to extract from the phone. Apple claims that it does not record these keys nor can it access them. This key and the UID/GID fusion process is conducted within the Secure Enclave. Only the device knows the UID—and the UID (according to Apple) can't be removed from the Secure Enclave, which means cracking attempts have to be attempted on the device itself. Apple could provide custom firmware that attempts to crack the keys on the device.
A3: Yes, I believe Apple could retrieve the data in a number of ways, which include disassembly of the device and copying the contents from the chips directly. There are probably a few approaches they could use based on their design and development standards. If someone says no, I would suggest to look deeper. After all, the court order has identified a method that Apple rejected. There is probably another way and a lot of intellectual property is being revealed based on this alone. The other techniques may just not be in Apple's interest and they need to take a stand.