Apple Likely to Move iPhone Security Features into Hardware


The FBI is attempting to use a court order to force Apple to unlock an iPhone. Apple is likely to render such attempts moot in future iPhone versions by strengthening the hardware.

Let's Begin:

In the wake of the unprecedented court order by US Magistrate Judge Sheri Pym directing Apple to hack their own software in order to unlock the iPhone of Syed Farook from the 2015 San Bernardino attack that killed 14 people and injured 22 others, Apple will most likely respond by moving the last remaining iPhone security features presently under the control of the system software into hardware to make hacking future iPhones practically impossible. Such a move would essential render any future court orders moot since Apple would be powerless to do anything even if it wanted to help.

Of all the smart phones presently on the market, Apple’s iPhone (and iPad as well, since they both run the same OS) is probably the most secure of all the popular smart phones out today. You can learn all the intricate details of the iPhone and iOS security in Apple’s publicly available white paper on the topic: Apple iOS Security Guide. In it you will learn how essentially everything inside the phone is encrypted and how the encryption keys are protected. You will also learn how the encryption is based upon unique device IDs that are burned into the device at manufacture time and for which neither Apple nor its suppliers keep records of. Furthermore, these unique device IDs are inaccessible to the software running on the device, so they cannot be retrieved after manufacture either. This means that the encryption is extremely strong since each device is different and if you somehow managed to crack the encryption on one device, it wouldn’t get you anywhere with any other device.

However, two parts of the puzzle are still controlled in Apple’s software on the device: enforcing the delay after a failed passcode attempt and erasing the device (auto-wipe) after too many failed passcode attempts.

In order to prevent brute force attempts to unlock an iPhone by trying all possible passcodes, iOS enforces a delay after each failed attempt. According to Apple’s iOS security paper, these delays are as follows:

Attempts Delay Enforced
1-4 none
5 1 minute
6 5 minutes
7-8 15 minutes
9 1 hour

So after nine failed attempts, the 1 hour delay before the phone will accept another attempt makes brute guessing of the passcode impractical. The delay is enforced even if the device is power-cycled or rebooted, so that won’t help a would-be hacker.

iPhone screen showing passcode delay lockout after failed attempts

The iPhone can also be configured by the user to erase itself after 10 failed attempts to unlock the phone with a passcode. This serves as the final nail in the coffin to brute force attacks on a locked iPhone.

As mentioned above, these two security features are presently under control of Apple’s system software on the phone. Since the system software is digitally signed by Apple, only Apple can produce the software since the hardware on the phone rejects any software not signed by Apple and won’t even boot. This is why the FBI is attempting to conscript Apple to do it’s dirty work since only Apple can digitally sign the software. The FBI wants Apple to produce a custom version of iOS, which many are now referring to as GovtOS, which omits the passcode delay and auto-wipe features so that the FBI can then do a brute force attack on the passcode. Without the enforced delay and auto-wipe features, a brute force attack with computer assistance is only expected to take a couple of days at most.

Apple has wisely chosen to oppose this action. Among all the other civil liberty and privacy arguments (which we won’t go into here), is the simple fact that once GovtOS exists, the floodgates will open and Apple will have to endure a limitless barrage of court orders to unlock phones coming from countries around the globe.

To nip that in the bud, Apple will almost certainly move the logic needed to enforce the passcode delay and auto-wipe features into hardware on all future iOS devices. While I have no inside information on this, it is simply the most logical response for Apple and is neither difficult nor costly to implement. Therefore, I predict that the next iPhone version (or the one following that if it’s too late to alter the design of models already in the pipeline) will have hack-proof encryption security implemented in the device’s hardware. Once this is in hardware, law enforcement and the courts will be powerless to force Apple to do anything to unlock future phones since it would be physically impossible for Apple to do anything. The only thing that could prevent this would be a new law from Congress that makes it illegal for Apple to make this move and which would essentially require companies to build backdoors into their devices. It is highly unlikely that such a law requiring backdoors would get passed given the growing list of high-tech companies that have lined behind Apple on this issue and the intense lobbying that would certainly ensue, and even if it did pass, it would no doubt be tied up in court over questions of constitutionality.

Hopefully, Apple will win its appeal to oppose Judge Pym’s order in the present case. And once the new iPhones I expect to see are released, all future such court orders will be rendered moot.

Category: Apple iPhone