In the ongoing battle between Apple and the Federal Bureau of Investigations, National Security Agency whistleblower Edward Snowden has once again spoken up. In a statement made at a civil liberties conference, Snowden referred to the FBI’s claims that only Apple can unlock the San Bernadino iPhone 5c as nonsense, to paraphrase. A video of Snowden’s remarks was recently posted by The Intercept.
In a Twitter statement, Snowden links to a recent blog post on the American Civil Liberties Union’s website that explains how the FBI could, on its own, bypass the security of the iPhone in question.
The back of the iPhone circuit board, with the NAND flash storage chip outlined in redCredit: ACOS Electronics
The method in question is described in detail, and is quite involved but still a trivial matter for anybody skilled in mobile phone forensics. Basically, the procedure revolves around the fact that the key that gets erased when too many failed passcode attempts is stored in something called “effaceable storage,” on an NAND flash memory chip.
That chip, according to blogger Daniel Gillmor, could easily be desoldered from the circuit board before attempts are made to crack the passcode. The contents of the NAND flash memory chip could then be copied. Then, the FBI could replace the chip and begin its attempts to determine the correct passcode. If the “auto-erase” feature is enabled (it’s disabled by default), law enforcement investigators could simply write the contents back to the flash memory chip and start over.
The missing information here is whether this procedure has actually been tested or if it’s merely theoretical. The details of how Apple stores the encryption keys comes straight from Apple’s iOS Security Guide, but Gillmor fails to disclose whether he has actually tried his suggested procedure. I’m not entirely convinced that it would work, simply because a new key is generated “when iOS is first installed or when the device is wiped by a user.” If a new key is generated after an automatic wipe, it wouldn’t make sense for the old key to continue working.
With that said, it’s certainly an interesting possibility. I would love to see Snowden or Gillmor demonstrate this procedure. If it works, it’s definitely proof that the FBI isn’t so much interested in a single iOS device, but having easier access to all iPhones and iPads in the future.
To see Snowden’s discussion, check out the video below, beginning at 30:21. If the video fails to load, just click here.