Is San Bernardino iPhone fully Encrypted?

Here is a question that keeps me up at night…

Is the San Bernardino iPhone just locked or is it properly encrypted?

Isn’t full encryption beyond the reach of forensic investigators? So we come to the real question: If critical data on the San Bernardino iPhone is properly encrypted, and if the Islamic terrorist who shot innocent Americans used a good password, then what is it that the FBI thinks that Apple can do to help crack this phone? Doesn’t good encryption thwart forensic analysis, even by the FBI and the maker of the phone?

iphone-01In the case of Syed Rizwan Farook’s iPhone, the FBI doesn’t know if the shooter used a long and sufficiently unobvious password. They plan to try a rapid-fire dictionary attack and other predictive algorithms to deduce the password. But the content of the iPhone is protected by a closely coupled hardware feature that will disable the phone and even erase memory, if it detects multiple attempts with the wrong password. The FBI wants Apple to help them defeat this hardware sentry, so that they can launch a brute force hack-trying thousands of passwords each second. Without Apple’s help, the crack detection hardware could automatically erase incriminating evidence, leaving investigators in the dark.

Mitch Vogel is an Apple expert. As both a former police officer and one who has worked with Apple he succinctly explains the current standoff between FBI investigators and Apple.


The iPhone that the FBI has is locked with a passcode and encrypted. If it was just locked with a passcode, like most iPhones, then something like the 4ukey iPhone Unlocker could be used to bypass and remove the passcode and gain entry into the phone. Download 4ukey iPhone Unlocker for Windows here, if you need these services. However, the iPhone in question is encrypted and this makes things somewhat more complicated. It can only be decrypted with the unique code. Not even Apple has that code or can decrypt it. Unlike what you see in the movies, it’s not possible for a really skilled hacker to say “It’s impossible”” and then break through it with enough motivation. Encryption really is that secure and it’s really impossible to break without the passcode.

What the FBI wants to do is brute force the passcode by trying every possible combination until they guess the right one. However, to prevent malicious people from using this exact technique, there is a security feature that erases the iPhone after 10 attempts or locks it for incrementally increasing time periods with each attempt. There is no way for the FBI (or Apple) to know if the feature that erases the iPhone after 10 tries is enabled or not, so they don’t even want to try and risk it.

oceans_of_data-sSo the FBI wants Apple to remove that restriction. That is reasonable. They should, if it is possible to do so without undue burden. The FBI should hand over the iPhone to Apple and Apple should help them to crack it.

However, this isn’t what the court order is asking Apple to do. The FBI wants Apple to create software that disables this security feature on any iPhone and give it to them. Even if it’s possible for this software to exist, it’s not right for the FBI to have it in their possession. They should have to file a court order every single time they use it. The FBI is definitely using this situation as an opportunity to create a precedent and give it carte blanche to get into any iPhone without due process.

So the answer to your question is that yes it is that secure and yes, it’s a ploy by the FBI. Whether it’s actually possible for Apple to help or not is one question and whether they should is another. Either way, the FBI should not have that software.

Apple Ecosystem: Simple, elegant, safe & arrogant

Until recently, I lived in a primarily Windows Universe. For the most part, my family, friends and colleagues used Windows PCs and gadgets that played nicely with Windows applications. Some of my friends had proprietary gadgets with an interface by Blackberry or a particular wireless carrier like Verizon, but these devices rarely interfaced with a PC except to exchange media files.

apple_logo (tight)Of course, Apple is a powerhouse of ergonomics and industrial design. The MAC, iPod iPhone, and iPad have successively broken new ground and raised the bar for what a device can be. They are marvels of engineering.

I don’t expect Apple to cave to Microsoft and adapt or debase their user experience because of Microsoft’s dominance on the desktop market. I certainly don’t wish to discourage or stifle Apple’s innovation, quirky marketing or their cultivation of an ardently devoted user base.

But not every single component of the Apple world is invented within and built just for Apple. Their products use many standard, off-the-shelf technologies and components. For example, Apple PCs and gadgets interface with local networks using standard WiFi. They use standard RAM memory and disk drives in their their PCs. Although Apple uses a proprietary interface cable for charge, data transfer and video output, the charge port voltage, keyboard interface and monitor scan specs are universal standards.

So what’s the problem?

The problem is that whenever a Windows or Linux user tries to help an Apple user with even the smallest thing, they are thwarted by a culture of paternalistic design arrogance that goes beyond the things that benefit Apple users. Typically this type of design arrogance dissipates as a company begins to dominate one of more market sectors. But in the case of Apple, their design lead is significant and the market sectors that they dominate were first cracked by them. And so, they are able to cling to this arrogance a bit longer than I would prefer.

To explain and illustrate this point, I am posting an exchange that I had with two other iPhone users within an authorized Apple support forum. In the exchange below, ‘Kiwi’ poses a simple question: How can one quickly transfer a few music files between a PC and an iPhone? I am first to reply. Attempting to help a child with an iPhone perform the same task, I identify with the user and await an answer from a full-fledged Apple user.

I find myself in a philosophical debate with two other respondents. Of course, they point to the obvious answer: Do it Apple’s preferred way: Simply sync the phone with a PC that is running Apple iTunes software. But this is not always what the user or the PC owner wants.

Let’s dig a little deeper. In the following exchange, I give a Wild Duck perspective on market leadership –vs– design arrogance…
_______________________________________

Kiwi asks a question:

I want to transfer music from my iPhone 5s to my PC. With pictures, it’s very simple.  I can easily access the DCIM folder through internal storage and transfer picture files to/from my iPhone and PC with ease.

It seems to be a very different story with transferring music from my iPhone to my PC.  I can’t find the music folder. In fact, there doesn’t seem to be any way of accessing MP3 files stored on my iPhone even when I have the show hidden items option checked.

Because I’m constantly adding and deleting songs from my iPhone, it’s very important that I’m able to easily transfer what music I have back onto my PC for when I eventually upgrade to a newer device. According to Apple tech support there is no way of doing this unless it’s with music purchased through iTunes or stored with iCloud (I don’t do either).

I am aware there are some third-party programs that are able to do this but I was hoping to be able to do it just through Windows Explorer if possible. If I end up having to use a third-party program, which is the best? I’m aware of Copytrans, Phonetrans, TouchCopy, and iExplorer.
_______________________________________

Ellery replies:

I want to do the same thing, but in the other direction. I wish to transfer music from a Windows 8 PC to an iPhone 5s.

In a separate thread, Lawrence Finch and other Apple devotees insist that one should simply sync to iTunes. These individuals are indoctrinated with the proprietary world of Apple, and they just don’t get it…

This is not my iPhone. The owner doesn’t want my music, she wants the music from a few CDs and thumb drives. I know how to RIP these few tracks into MP3, AAC or any other audio format. But I don’t want to risk syncing her phone with my iTunes libarary. In fact, I don’t want the whole iTunes library hierarchy and associated mishigas!

Why can’t I locate and browse the music, video and system folders when attaching an iPhone by USB or Bluetooth? How is it that Apple users feel it is simpler to force a proprietary App and hide their music folders and files?

These loony restrictions have corporate arrogance written all over it. Some Apple users feel that their ecosystem is friendly, safe and simple. Friendly? Perhaps to a very unexperienced user. I acknowledge that they may be more comfortable in an Apple ecosystem. Safe? Perhaps. Simple? Far from it! Apple thwarts simplicity by dumbing things down to the very lowest level while thumbing their nose at any semblance of standards and practices.

Steve Jobs pointin-s

Look into my eyes. Do exactly as I say.

Hey Siri. I would like to load a few songs onto my iPhone. Can I do that?

“I am sorry…I only know how to play and sync with iTunes.
I am sorry…I don’t now where the music is stored.
I am sorry…You can only access videos with the native tools that Mr. Jobs deems worthy.
I am sorry. This phone is not intended for an experienced user.
I am sorry…This phone is not compatible with open standards.
I am sorry…Utilities to browse your own content are not permitted!
I am sorry…The Bluetooth feature is limited to audio output.”
_______________________________________

Gnome replies:
Ellery asked “Why can’t I locate and browse the music, video and system folders when attaching an iPhone by USB or Bluetooth?”

Because his is not a feature of the iPhone.

The only way to add music to an iPhone is by syncing with iTunes or by purchasing the songs from iTunes.

This is how the device works.
_______________________________________

I accept and appreciate your answer. I hold Apple in high esteem — especially the legacy of Steve Jobs. They have mastered the art of product engineering and especially the ability to imbue gadgets across their product lines with an exhilarating user interface.

But I am both surprised and disappointed. Typically, by the time that a company demonstrates market leadership and by the time that they grow to dominate several consumer fields, there are forced to reconcile certain market pressures and crack just a bit of their ecosystem open to ether public or popular standards. Sure, Apple has given a nod to USB, Wi-Fi and they use off the shelf drive memory technology within their products. But thy have also managed to stave off the most basic and consumer friendly standards.

I would point to the sealed battery and lack of SD card expansion in their phones as an example of over-parenting and arrogance. But, I acknowledge that this may also be driven by design trade-offs. After all, the new Samsung Galaxy S6 has both of these limitations. But the inability of most iPhones to use standard monitors and USB cords (even after all other companies capitulated) represents a systemic problem in the ranks of top management. Of course, Apple is not holding a gun to consumers and forcing them to buy their products. They shine for other reasons, and they are unquestionably popular.

But, I think that it is reasonable to raise a flag and warn consumers that this brilliant design company thwarts users with picky and sophomoric traps, not just to ensure profit, but more specifically to control their long term experience. Some of this is unnecessary and profoundly damaging to the user experience.

Perhaps the biggest problem with this arrogance, is that it prevents many geeks from helping friends and family, because the design decisions are so terribly mis-cued and antithetical to popular standards.

At the very least, Apple should offer a diagnostic mode that allows a user or technical consultant to directly access any file or folder. If they feel that this creates the potential for chaos, they can simply set a flag that demonstrates a user has accessed a non-warranty, non-support mode.
_______________________________________

AppleFan replies:

» I would point to the sealed battery and lack of SD card expansion in their phones as an example of over-parenting and arrogance.

I prefer to think of it as Security and consideration for users.  There’s really no reason you should ever need to replace a battery yourself. If there is something wrong with the battery, Apple offers services to replace them.  When under warranty, they do so for free.

As to the SD card, We are not allowed to speculate on Apple’s decisions in these forums. suffice it to say, in 8 years, they have not seen the need to include an SD card reader in any device.

» But the inability of most iPhones to use standard monitors and USB cords (even after all other companies capitulated) represents a systemic problem in the ranks of top management.

Why?  There are an abundance of connectors for the apple devices out there. The Micro USB standard is dated, and slow for todays requirements. why would Apple use an outdated port, when the Lighting port is faster and better in every way.

»  Perhaps the biggest problem with this arrogance, is that it prevents many geeks from helping friends and family, because the design decisions are so terribly mis-cued and antithetical to popular standards.

No it doesn’t.  I can help my friends just fine with their Apple devices. One just needs to know what one is doing.  And yes, I have used every kind of mobile device under the sun. I used a windows Phione, moved to an android phone, and finally to an iPhone 5 3 years ago. Its the best move I have ever made. And I find it easier to help friends with iPhones then I do friends with Android devices.

» At the very least, Apple should offer a diagnostic mode that allows a user or technical consultant to DIRECTLY access any file or folder. If they feel that this creates the potential for chaos, they can simply set a flag that demonstrates a user has accessed a non-warranty, non-support mode.

iOS devices do not have a filesystem to access. There’s nothing for you to directly access at all. All files are stored within Apps. There’s no reason to have this. There would be nothing to be gained by this.

Going back to the Music query, to add music you use iTunes. There’s no reason people should  to be adding music from a computer they do not sync with.

If they have music they want to add to the device, they can import it to iTunes on their own computer and sync the phone to it.

Adding such liberties would not only allow for rampant piracy of media, but would also open the device up to vulnerabilities.

There’s a reason Apple devices work like they do. And that is for security, privacy, and piracy prevention.  I would wager that Apple knows what the are doing, and their sales figures support that.
_______________________________________

Ellery replies:

Phil, I understand your first two points statements and address all 3…

» Adding such liberties would not only allow for rampant piracy of media, but would also open the device up to vulnerabilities

» … There’s a reason Apple devices work like they do. And that is for security, privacy, and piracy prevention.

I concede that Apple makes design decisions for these reasons, and they are all valid. Perhaps more compelling reasons are to unify the entire user experience, and to reduce the support headache. That is, if users are restricted to certain methods of interaction, then a support technician has fewer branches to parse when diagnosing and correcting a problem.

But this does not change my surprise and disappointment. As I pointed out above, there typically comes a time when successful companies must begin complying with popular standards. I suspect that Apple is so wildly successful at device ergonomics, music services, and the general mobile market that it can postpone the day of reckoning. My disappointment stems from a belief that doing so will not thwart their unique style, their cult following or their panache for design excellence. These things are not incompatible nor threatened by making things a bit easier for res-of-world integration.

» The Micro USB standard is dated, and slow for todays requirements. why would Apple use an outdated port, when the Lighting port is faster and better in every way.

This is really a matter of technology market timing rather than best technology. Sony’s memory stick was used on thousands of cameras, but they were still forced to kill it, because it was non-standard, and had not sparked massive licensing by competitors. Apple PCs have a larger overall user base than Sony cameras, so they can hang in longer and buck the trend. But users lose out, due to higher pricing and fewer competitive offerings.

The lightning Port valiant effort. I had one on my JVC mini-DV camcorder. But I am quite gladdened that for the next iteration, Apple has chosen the newest USB connector that is also being adopted by PCs and mobile devices.

The same goes for monitors. Sure, Apple leads the introduction of many consumer technologies. But this, too, is not about better technology. Apple forced users into a unique interface. Why? To make it more difficult to use any old monitor at a hotel, conference or friend’s home. If Apple played by the rules (rules that do not crimp its design and marketing edge), it would have adopted a standard DVI or HDMI connector and at least USB 3.0.

» There’s no reason people should  to be adding music from a computer they do not sync with.

» [Additionally], there’s no reason you should ever need to replace a battery.

Now, this are points we really disagree upon! They are black-&-white statements for which I do not respect your opinion… My gut reaction: Are you serious?!

I find it difficult to even craft a response, because I don’t know your frame of reference for making such a reckless  statement. I can’t figure out where to begin. Are you my mother? Do you honestly believe that I “should not” replace a battery or be adding music from any computer that I do not sync with?

Forget, for a moment, your thoughts on the battery. That position defies any rational explanation. Here are four scenarios that illustrate why I should be allowed to put music on a music device. (Just a few reasons that come to mind as I write this reply). You may find ways to accommodate one or two of these scenarios, but won’t you acknowledge that your statement is reckless? Don’t you feel that it is a tad paternalistic to tell me that I should not be adding music to a phone that I own? Seriously, Phil!…

  1. The user’s PC owned by a school or employer. The user cannot install executable software, but can upload, download and transfer files. —OR—
  2. The PC already has iTunes, but it is for a different user, and it is directly tied to an online music-matching service that analyzes music and makes recommendations based on any tracks that are added. The primary user does not wish to pollute or risk “syncing” with a child’s iPhone. Additionally, the child does not want to be tied to the parent’s iTunes account. —OR—
  3. The user is at a recording studio and has just recorded a TV commercial for a client. The studio gives the user a USB drive with the new audio file. The user wants the audio track on her iPhone, but the studio does not have a PC on which they can install Apple software. —OR—
  4. The PC user has Panda Antivirus 13.xx installed. It can scan a thumb drive and media files, but it warns the user that it cannot scan the attached iPhone. It warns that running software that accesses the phone directly exposes the local network to unknown risks.

[End of support thread]

In the next few days, I will summarize this Wild Duck post and probably end with some über-pithy observation. But first, tell me what you think? I would like to solicit input from friends, readers and colleagues before force-feeding the final word on this issue.

Is Apple the bully that I perceive them to be? Do you believe that they can get away with an incompatible and paternalistic user interface forever?