Apple must remove auto-erase protection from the phone

Feb 17, 2016 09:25 GMT  ·  By

Apple is being forced by judge Sheri Pym, in the US District Court of Central California, to help the FBI break into the phone belonging to one of the shooters in San Bernardino.

Specifically, Apple doesn’t have to break the encryption system and provide access to the phone, but only to disable the protection system that removes the data from the device when too many wrong password attempts are being made. This should allow the FBI to turn to brute-force hacking in order to break into the device and access content that they believe could help in the investigation.

The court documents reveal that the FBI found the phone two months ago, but because of the auto-erasing system, police officers were not able to access any data stored on the device amid fears that all information could be lost. The phone is an iPhone 5c running iOS 9.

The FBI claims that it hasn’t tried to hack the device, and it turned to the court to force Apple to help break into the phone, as the company had previously refused to assist the government in its attempts to access encrypted iPhones.

FBI Director James Comey said earlier this month that no information was recovered from the phone used by one of the San Bernardino attackers, suggesting that hacking attempts had indeed been made.

“We still have one of those killers’ phones that we haven’t been able to open. It has been two months now and we are still working on it,” he added.

Unlimited hack attempts

A password-protected iPhone automatically sets gradually increasing delays between failed passcode entries and eventually removes all data stored on the device should the password be entered 10 times. The judge ordered Apple to provide a custom application that can be installed on the phone without making any changes to the operating system or the data stored on it. It doesn’t have to provide the FBI with direct access to this data, but only allow them to hack the passcode by offering unlimited passcode entries.

“Apple’s reasonable technical assistance shall accomplish the following three important functions. It will bypass or disable the auto-erase function whether or not it has been enabled,” the court order reads.

“It will enable the FBI to submit passcodes to the subject device for testing electronically via the physical device port, Bluetooth, Wi-Fi or other protocol available on the subject device and it will ensure that when the FBI submits passcodes to the subject device, software running on the device will not purposefully introduce any additional delay between the passcode attempts beyond what is incurred by Apple hardware.”

Apple has always opposed attempts to break into phones and criticized the government for pushing for legislation that would force manufacturers to install backdoors on their devices, so it’ll be interesting to see how the company acts following this court order.

Update: Tim Cook has issued a public response, revealing that Apple would oppose the judge order.