Feb 25, 2016

FBI vs. Apple: The Subpoena is a rabbit trail

I've been following the news about the FBI vs Apple subpoena and realized that the more I heard the less it made sense. What the FBI was reported to be asking for would work, but it would take a very long time. Why would they do it the slow way when they can crack the phone so much faster? So, I read the subpoena. Very interesting read. Well worth your time to read it. It is a beautiful example of verbal jujitsu. It says very clearly exactly what the FBI wants Apple to do, er NO, it does not.

While the subpoena seems to state exactly what the FBI wants, every demand is followed by weasel words something like "in an alternative technical manner if mutually preferable." (bottom of page 4 of the subpoena). In other words, Apple can help the FBI crack the phone any way they want to so long as they do help the FBI. The details being reported by the media are all misdirection. Apple is not required to carry out any of the reported actions. Apple is required to give the FBI technical aid in decrypting it.

There are a few things that really bother me about the subpoena even if you do assume it is all baffle-gab. The FBI makes statements about the security structure of IOS version 9 that are disturbing to me. The FBI asserts that Apple has the ability to download and execute code on a locked iPhone. That may be something that, if true, Apple does not want advertised in public. That bit of information tells every Apple customer that while the FBI can not crack your iPhone Apple can. Apple can load code onto your iPhone, execute that code, and then clean up after itself so you can't even tell it happened. The subpoena says that Apple can download code directly to RAM bypassing the file system and then cause that code to be executed. The FBI claims that Apple can do that to a locked iPhone without asking permission from the owner of the phone and without leaving a trace that they have done it.

All of that means anyone with access to the IOS code signing key can get anything they want off of any iPhone. Not really a surprise, I suppose. I tend to believe that everything on a computer is public knowledge. On the other hand while I was very tempted to buy an Apple II I have never owned any Apple products. I learned my lesson from Microsoft. (Required gratuitous MS slam just so I seem unbiased.)

According to the FBI the iPhone encrypts data using AES. The FBI says that each iPhone has a unique 256 bit key that is "burned in" at the factory. The FBI says that the actual key is created from a combination of the password and the AES key. That means that if the FBI wants to try to crack the phone by trying all possible keys they want Apple to provide a tool that pulls out that 256 bit unique key, the file system, along with details of the algorithm used to create the actual key.

Why does the FBI want Apple to do that? After all the FBI has the phone. They can extract the entire contents of the file system by extracting the flash drive and hooking it up to another system that understands the electronics of the drive. They can then download the entire file system and play with the data to their little hearts content. Why not subpoena the algorithms? And, why not issue the subpoena through a secret security court? None of this needed to be done in public.

It is possible extracting the AES key from the hardware of an iPhone is hard to do. If it were easy to get they could get it from the raw hardware. They may need an atomic force microscope to do it, but they should be able to get it. The key is stored in a way that allows the encryption algorithm to read it. If any piece of code or any piece of hardware can read it then anyone who has control of the physical device can also read it. Unless it is designed to self destruct...

Given the file system, the base key, and the relevant algorithms the FBI can use N (N is an arbitrarily large number greater than zero) computers loaded with copies of the file system, the AES key, and the appropriate software to try passcodes millions of times faster than they could do it using a wire connected to a cracked iPhone. Using possibly thousands of computers to brute force a crack beats all hell out of what it appears they are asking for.

(The FBI realizes, properly, that messing with the hardware is risky. No matter how careful you are the data you want could be lost if the hardware is accidentally damaged or if it is built to delete data when tampered with. Getting a cracking tool from Apple is safer for the FBI. Imagine the uproar if the FBI lost the data on that phone while taking it apart. That would be a nasty political black eye for the FBI. The FBI must keep their collective asses covered.)

My bogometer pinned in the red when I realized that what the FBI appeared to be demanding from Apple was millions of times slower than the obvious approach. I concluded that much of the subpoena is misdirection intended to make Apple look bad and direct public discussion in the direction the FBI wants it to go.

It appears the FBI, and by extension the DOJ, wants to undermine belief in the security of Apple products, to force Apple to provide details of all the encryption algorithms used by IOS, and software that reads out each iPhone's unique AES key and also dumps the file system. That is exactly what they need to let them use a super computer to smash open the doors on every iPhone.

If everything goes right for the FBI they get a way to crack all iPhones, a legal precedent saying they can force companies like Apple to provide cracking tools for their products, and a chance to get public support for laws that criminalize personal security. They may even be able to make building a truly secure device illegal. To make matters worse the FBI just told every hacker in the world about a potentially devastating hole in iPhone security.

The art of misdirection is vital to magicians, con men, and used car sales men. I just learned that it is a well developed part of the FBI's arsenal. I'll be watching for it in the future.

No comments:

Post a Comment