The FBI and the IPhone: How Apple's Security Features Have Locked Investigators Out

A federal judge has ordered Apple to help unlock the iPhone of Syed Farook.

February 17, 2016, 8:20 AM

— -- The federal court order compelling Apple to help the FBI crack into a phone belonging to Syed Farook, one of the San Bernardino, California, attackers, is the latest example of a problem which has confounded investigators in the era of smartphones.

The Apple iPhone -- the one I am typing this on and the one on which you are likely reading this -- has software with a fairly simple and elegant security measure which can be enabled by the user. It is called the auto-erase function. Make 10 failed attempts to open a locked phone using the 4-digit user-created code and the iPhone and all the data it holds will be rendered inaccessible. Investigators believe this function was enabled on Farook's 5c model iPhone.

As described by the FBI in court filings, data on iPhones is encrypted. The 4-digit code you enter into your phone initiates a complex calculation which generates a unique key to unlock the data on the phone. No key, no data. The auto erase function, if triggered, will wipe out all the encryption keys rendering the data on the iPhone useless.

The iPhone has another feature to frustrate automated attempts to unlock a phone. A 4-digit code would produce 9,999 unique possibilities. Not a particularly big challenge by itself, but the code must be punched in manually. This would be time consuming enough, but after five failed attempts, the iPhone will require the the user to wait one minute before another attempt. After attempt six the wait is five minutes. Attempt seven and eight, 15 minutes and an hour after the ninth try. More time can be added in the software.

PHOTO:The iPhone 5C is seen on display at the Fifth Avenue Apple store, Sept.20, 2013, in New York.
The iPhone 5C is seen on display at the Fifth Avenue Apple store, Sept.20, 2013, in New York.

Due to the auto-erase feature, the FBI can't attempt to unlock the iPhone without risking losing all the data. The FBI wants Apple to alter the operating system just on Farook's phone to allow the FBI to bypass or disable the auto-erase function. It also wants Apple to alter the software to allow the test pass codes to be entered without punching the keys by using Bluetooth or other means to speed the process. And the FBI wants Apple to change the operating system to eliminate the delays caused by multiple attempts to unlock the phone.

Why can't the FBI change the operating system codes? Apple has designed its phones so that only Apple software with a special cryptographic signature can run on it. No other software will work.

What about iCloud? IPhones can save data to the cloud. The FBI believes Farook turned this function off sometime after Oct. 19, the date of the phone's last backup.

The is the scenario the FBI and intelligence offices have been concerned about since these security measures were first introduced. Google's Android phones also have encryption capabilities. It is why FBI Director James Comey has been pleading with the tech industry and Congress to come up with a means for investigators to find evidence.

Many of these security features hit the market after the disclosures released by former NSA contractor Edward Snowden exposed government efforts to collect phone data in bulk.