Apple could make it even tougher to hack iPhones

SAN FRANCISCO -- Suppose the FBI wins its court battle and forces Apple to help unlock an iPhone used by one of the San Bernardino killers.

See Full Article

That could open all iPhones up to potential government scrutiny -- but it's not the end of the story.

Turns out there's a fair bit both individuals and Apple could do to FBI-proof their phones and shield private information from investigators and cybercriminals alike. Those measures include multiple passcodes and longer, more complex ones.

Of course, increased security typically comes at the expense of convenience. Most efforts to improve phone security would make the devices harder to use, perhaps by requiring you to remember more passwords.

Making it more difficult for law enforcement to crack open iPhones could also spur legal restrictions on phone security, something that neither Apple nor other technology companies want to see.

"They are walking a tightrope," says Mark Bartholomew, a law professor at the State University of New York at Buffalo who specializes in privacy and encryption issues. Requiring longer passcodes might annoy most Apple users, he says, while boosting phone security "sort of amplifies the whole argument that Apple is making things too difficult and frustrating law enforcement officials."

Apple had no comment on any future security measures. In a recent letter to customers, it noted that it has routinely built "progressively stronger protections" into its products because "cyberattacks have only become more frequent and more sophisticated."

In the current fight, the FBI aims to make Apple help it guess the passcode on the work phone used by Syed Farook before he and his wife killed 14 people at an office party in December. The FBI wants Apple to create special software to disable security features that, among other things, render the iPhone unreadable after 10 incorrect guesses.

Apple has resisted, maintaining that software that opens a single iPhone could be exploited to hack into millions of other devices. The government insists that its precautions would prevent that, though security experts are doubtful.

Should the FBI prevail, it would take computers less than a day to guess a six-digit passcode consisting solely of numbers, the default type of passcode in the latest version of the iPhone operating system. Even with security features disabled, each passcode guess takes 80 milliseconds to process, limiting the FBI to 12.5 guesses per second.

For security-conscious individuals, the simplest protective move would be to use a passcode consisting of letters and numbers. Doing so would vastly increase the amount of time required to guess even short passcodes. Apple estimates it would take more than five years to try all combinations of a six-character passcode with numbers and lowercase letters. Adding capital letters to the mix would extend that further.

Changing to an alphanumeric code is as simple as going into the phone settings and choosing "Touch ID & Passcode," then "Passcode options."

Another option is simply to pick a much longer numeric code. An 11-character code consisting of randomly selected numbers -- that means no references to birthdays or anniversaries that could be easily guessed -- could take as long as 253 years to unlock.

But longer, more complex codes are harder to remember, and that's probably why Apple hasn't yet required their use. It could, however, easily do so. In fact, iPhones moved to six-digit passcodes from four last September.

Apple may have other tricks up its sleeve. For instance, the company could add additional layers of authentication that would thwart the security-bypassing software the FBI wants it to make, says computer security expert Jonathan Zdziarski.

Apple phones rely on a feature known as the "secure enclave" to manage all passcode operations. The software demanded by the FBI would alter the secure enclave, Zdziarski says. But the software couldn't do so if the secure enclave required the user passcode to approve any such changes.

"This is probably the best way to lock down a device," Zdziarski says.

Apple could also require a second passcode whenever the phone boots up; without it, the phone wouldn't run any software, including the tool the FBI is requesting. "It would be like putting a steel door on the phone," Zdziarski says. Currently, iPhones automatically load the operating system before asking for a passcode.

For now, Apple CEO Tim Cook is focusing on winning the current battle with the FBI in a Southern California federal court while also trying to sway public opinion in the company's favour. The skirmish could go all the way to the U.S. Supreme Court.

In the meantime, Apple is probably already working on security improvements for the next version of the iPhone operating system that it will probably announce in June and release in September.



Advertisements

Latest Tech & Science News

  • Trump's bright idea: a solar wall at the U.S.-Mexico border

    Tech & Science CTV News
    WASHINGTON -- U.S. President Donald Trump wants to add solar panels to his long-promised southern border wall -- a plan he says would help pay for the wall's construction and add to its esthetic appeal. Source
  • Astronomer who built advanced telescopes has died

    Tech & Science CBC News
    Jerry Nelson, an astronomer who designed advanced telescopes that help scientists glimpse far reaches of the universe, has died in California. He was 73. The University of California, Santa Cruz, where Nelson was a professor emeritus of astronomy and astrophysics, said he died June 10 at his home. Source
  • Research into exoskeleton walking devices big leap forward for human-robot interactions

    Tech & Science CBC News
    At first glance it looks like a fancy leg brace. But the "exoskeleton" system developed by a group of researchers at Carnegie Melon University in Pittsburgh could open the door to a new, more customized way of approaching human-robot interaction. Source
  • Gaps in tidal power addressed in federal project

    Tech & Science CTV News
    HALIFAX -- Ottawa has announced $1 million to help address challenges in harnessing the crushing tides of the Bay of Fundy and beyond to create renewable energy. Natural Resources Minister Jim Carr says the project led by the Offshore Energy Research Association will address current knowledge gaps in tidal power. Source
  • U.S. officials to lift Yellowstone grizzly bear protections

    Tech & Science CTV News
    HELENA, Mont. -- U.S. government officials say grizzly bears in Yellowstone National Park region are no longer threatened, and that they will lift protections that have been in place for more than 40 years. Interior Secretary Ryan Zinke said Thursday that the recovery of Yellowstone's grizzlies is one of the nation's great conservation success stories. Source
  • 10-year-old invents device to save children trapped in hot cars

    Tech & Science CTV News
    A Texas boy who was heartbroken to hear of a neighbour’s child who died in an overheated minivan, is hopeful that a device he invented could one day help prevent other such deaths. Bishop Curry V was moved to invent the device after learning that a baby in his neighbourhood had died when the child’s father forgot the toddler in the family minivan. Source
  • Total solar eclipse an 'unprecedented' excuse to visit U.S.: expert

    Tech & Science CTV News
    Every now and then there's a total eclipse of the sun, but rarely is it as high-profile as the one expected over the continental U.S. in August. NASA says a solar eclipse will track across North America on the afternoon of Aug. Source
  • Heat wave suffocates American Southwest on 1st day of summer

    Tech & Science CBC News
    Don Kushner emerged from his afternoon hike on Camelback Mountain clearly a little run down from the heat. Kushner was one of the few who ignored warnings to avoid strenuous outdoor activity and decided to exercise outside on one of the hottest days in Phoenix's recorded history. Source
  • World population to hit 9.8 billion by 2050: UN

    Tech & Science CTV News
    A new UN report forecasts that the current world population of 7.6 billion will reach 9.8 billion in 2050 and 11.2 billion in 2100. The report by the Department of Economic and Social Affairs' Population Division released Wednesday said roughly 83 million people are being added to the world's population every year. Source
  • Flying bikes, anti-drone trackers, and the next Concorde: The best of the 2017 Paris Air Show [Video]

    Tech & Science Toronto Sun
    PARIS — There are flying cars and Concorde’s would-be supersonic successor, a company offering to deliver cargo to the Moon — for a mere $1.2 million per kilogram — and the latest in funky futuristic aviation ideas, both big and small. Source