Upgrade Your iPhone Passcode to Defeat the FBI’s Backdoor Strategy

Discussion in 'Technical' started by melbo, Feb 24, 2016.

  1. melbo

    melbo Hunter Gatherer Administrator Founding Member

    On February 17th 2016, APPLE CEO TIM COOK published an open letter opposing a court order to build the FBI a “backdoor” for the iPhone.

    Cook wrote that the backdoor, which removes limitations on how often an attacker can incorrectly guess an iPhone passcode, would set a dangerous precedent and “would have the potential to unlock any iPhone in someone’s physical possession,” even though in this instance, the FBI is seeking to unlock a single iPhone belonging to one of the killers in a 14-victim mass shooting spree in San Bernardino, California, in December.

    It’s true that ordering Apple to develop the backdoor will fundamentally undermine iPhone security, as Cook and other digital security advocates have argued. But it’s possible for individual iPhone users to protect themselves from government snooping by setting strong passcodes on their phones — passcodes the FBI would not be able to unlock even if it gets its iPhone backdoor.

    The technical details of how the iPhone encrypts data, and how the FBI might circumvent this protection, are complex and convoluted, and are being thoroughly explored elsewhere on the internet. What I’m going to focus on here is how ordinary iPhone users can protect themselves.

    The short version: If you’re worried about governments trying to access your phone, set your iPhone up with a random, 11-digit numeric passcode. What follows is an explanation of why that will protect you and how to actually do it.

    If it sounds outlandish to worry about government agents trying to crack into your phone, consider that when you travel internationally, agents at the airport or other border crossings can seize, search, and temporarily retain your digital devices — even without any grounds for suspicion. And while a local police officer can’t search your iPhone without a warrant, cops have used their own digital devices to get search warrants within 15 minutes, as a Supreme Court opinion recently noted.

    The most obvious way to try and crack into your iPhone, and what the FBI is trying to do in the San Bernardino case, is to simply run through every possible passcode until the correct one is discovered and the phone is unlocked. This is known as a “brute force” attack.

    For example, let’s say you set a six-digit passcode on your iPhone. There are 10 possibilities for each digit in a numbers-based passcode, and so there are 106, or 1 million, possible combinations for a six-digit passcode as a whole. It is trivial for a computer to generate all of these possible codes. The difficulty comes in trying to test them.

    One obstacle to testing all possible passcodes is that the iPhone intentionally slows down after you guess wrong a few times. An attacker can try four incorrect passcodes before she’s forced to wait one minute. If she continues to guess wrong, the time delay increases to five minutes, 15 minutes, and finally one hour. There’s even a setting to erase all data on the iPhone after 10 wrong guesses.

    This is where the FBI’s requested backdoor comes into play. The FBI is demanding that Apple create a special version of the iPhone’s operating system, iOS, that removes the time delays and ignores the data erasure setting. The FBI could install this malicious software on the San Bernardino killer’s iPhone, brute force the passcode, unlock the phone, and access all of its data. And that process could hypothetically be repeated on anyone else’s iPhone.

    (There’s also speculation that the government could make Apple alter the operation of a piece of iPhone hardware known as the Secure Enclave; for the purposes of this article, I assume the protections offered by this hardware, which would slow an attacker down even more, are not in place.)

    Even if the FBI gets its way and can clear away iPhone safeguards against passcode guessing, it faces another obstacle, one that should help keep it from cracking passcodes of, say, 11 digits: It can only test potential passcodes for your iPhone using the iPhone itself; the FBI can’t use a supercomputer or a cluster of iPhones to speed up the guessing process. That’s because iPhone models, at least as far back as May 2012, have come with a Unique ID (UID) embedded in the device hardware. Each iPhone has a different UID fused to the phone, and, by design, no one can read it and copy it to another computer. The iPhone can only be unlocked when the owner’s passcode is combined with the the UID to derive an encryption key.

    So the FBI is stuck using your iPhone to test passcodes. And it turns out that your iPhone is kind of slow at that: iPhones intentionally encrypt data in such a way that they must spend about 80 milliseconds doing the math needed to test a passcode, according to Apple. That limits them to testing 12.5 passcode guesses per second, which means that guessing a six-digit passcode would take, at most, just over 22 hours.

    You can calculate the time for that task simply by dividing the 1 million possible six-digit passcodes by 12.5 per seconds. That’s 80,000 seconds, or 1,333 minutes, or 22 hours. But the attacker doesn’t have to try each passcode; she can stop when she finds one that successfully unlocks the device. On average, it will only take 11 hours for that to happen.

    But the FBI would be happy to spend mere hours cracking your iPhone. What if you use a longer passcode? Here’s how long the FBI would need:
    • seven-digit passcodes will take up to 9.2 days, and on average 4.6 days, to crack
    • eight-digit passcodes will take up to three months, and on average 46 days, to crack
    • nine-digit passcodes will take up to 2.5 years, and on average 1.2 years, to crack
    • 10-digit passcodes will take up to 25 years, and on average 12.6 years, to crack
    • 11-digit passcodes will take up to 253 years, and on average 127 years, to crack
    • 12-digit passcodes will take up to 2,536 years, and on average 1,268 years, to crack
    • 13-digit passcodes will take up to 25,367 years, and on average 12,683 years, to crack
    It’s important to note that these estimates only apply to truly random passcodes. If you choose a passcode by stringing together dates, phone numbers, social security numbers, or anything else that’s at all predictable, the attacker might try guessing those first, and might crack your 11-digit passcode in a very short amount of time. So make sure your passcode is random, even if this means it takes extra time to memorize it. (Memorizing that many digits might seem daunting, but if you’re older than, say, 29, there was probably a time when you memorized several phone numbers that you dialed on a regular basis.)

    Nerd tip: If you’re using a Mac or Linux, you can securely generate a random 11-digit passcode by opening the Terminal app and typing this command:
    python -c 'from random import SystemRandom as r; print(r().randint(0,10**11-1))'
    It’s also important to note that we’re assuming the FBI, or some other government agency, has not found a flaw in Apple’s security architecture that would allow them to test passcodes on their own computers or at a rate faster than 80 milliseconds per passcode.

    Once you’ve created a new 11-digit passcode, you can start using it by opening the Settings app, selecting “Touch ID & Passcode,” and entering your old passcode if prompted. Then, if you have an existing passcode, select “Change passcode” and enter your old passcode. If you do not have an existing passcode, and are setting one for the first time, click “Turn passcode on.”

    Then, in all cases, click “Passcode options,” select “Custom numeric code,” and then enter your new passcode.

    By choosing a strong passcode, the FBI shouldn’t be able to unlock your encrypted phone, even if it installs a backdoored version of iOS on it. Not unless it has hundreds of years to spare.

    Upgrade Your iPhone Passcode to Defeat the FBI’s Backdoor Strategy
    Last edited: Feb 24, 2016
  2. T. Riley

    T. Riley Monkey+++

    I do not understand why law obeying citizens worry about the FBI getting into their phone. Personally I don't give a damn. Move along now, nothing to see. If I needed that level of privacy I damn sure would not use any phone or the internet. Nor do I understand the objection of any red blooded conservative American to the FBI forcing Apple to unlock that one phone used by a DEAD Muslim who killed 14 innocent people. I write software for a living and I never included any security feature in my software I did not know how to defeat when I included it, and neither did Apple. It's all a publicity stunt by Apple and more Americans may die because of it.
    AD1 likes this.
  3. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    I applaud Apple (I don't own any of their products) for their stand.
    Use of technology shouldn't be giving up ones right to privacy.
    Just because one uses encrypting or maintain privacy from prying eyes doesn't mean it's illegal.
    Homer Simpson and Cruisin Sloth like this.
  4. Tikka

    Tikka Monkey+++

    The terrorist didn't own the phone; the county owned the phone. The owner of the phone requested Apple to unlock it and they refused.
    When they refused the rightful owner; I changed my opinion to publicity stunt.
    AD1 likes this.
  5. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

  6. Tikka

    Tikka Monkey+++

    Then all the droning is a waste of our time.

    As every article I've read stated the county reset the phone which is the standard procedure at most corporations. The media needs to make up what they call their mind.

    As usual, there are so many differing stories. At this point in time, I don't believe Apple, the FBI or the media. To be honest, I never did in the first place.
    AD1 and VisuTrac like this.
  7. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    The truth is out there but it's probably been erased or munged up pretty good by now.
  8. Tikka

    Tikka Monkey+++

    The media and the players stand in the way of that ever happening.
  9. Tikka

    Tikka Monkey+++

    "The FBI has admitted that a reset of the San Bernardino shooter’s iCloud passcode was done with the agency’s consent in the days following the terror attack at the Inland Regional Center that left 14 people dead.

    Apple said that had the passcode to Syed Farook’s iPhone not been reset, the company would have been able to initiate a backup of the phone’s data to its associated iCloud account in order to retrieve its contents. However, with the passcode on the phone no longer matching the one on iCloud, the only remaining option is the decryption of the phone itself."

    My problem is I'm confused. :)
  10. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    Drapes and Curtains no longer match.
    No one knows who the daddy is.
    But freedom loving individuals will eventually pay for the folly.
    Homer Simpson likes this.
  11. Tikka

    Tikka Monkey+++

    Well said!

    In a sea of liars, the truth will not be found.
  12. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    seriously though.
    If you are using technology you should encrypt every chance you get.
    Over-write multiple times when you want to delete something (delete the file, fill up device with new useless stuff, erase that, repeat a couple of times .. prevents original file from being retrieved)

    Technology is great but it will also be the down fall of many an individual
  13. BTPost

    BTPost Stumpy Old Fart Snow Monkey Moderator

    Just an NOTE, here: Apple did advise the FBI, and worked with them, to deal with this iPhone, but the County made the easy Hack Path unworkable, when they reset the AppleID on the Account. The County ALSO paid for, a optional Management Package that if Implemented, completely, would have given the County, COMPLETE Control over this iPhone. HOWEVER they never implemented the complete Management Package, that they PAID FOR, and left off the part that would have given the Compete Control, over the iPhone. So now tell us ALL, Just who is at Fault, for NOT being able to access the Data on this iPhone? The County? The FBI? or Apple? For you folks that RAIL against Apple, for giving their Users, the ability to SECURE, their Data.... Then be the First one, on your Block, to Open up your Phones, Computers, Mail, Bank Records, and Health Records, to the .GOV, with NO Restrictions... You can do it today, All by yourself... as you say, "You have nothing to HIDE, So what is stopping you...."

    As for Me, and MY House, We will keep our Data, Locked UP, and Encrypted, and Keep our Messaging, and Comms, SECURE, with the best available Hardware and Software..... Why do you think I worked so hard on MonkeyNet, along with some of the Brightest Monkeys, on the Site, and made that Technology, available to ANYONE, who feels the Need for TOTALLY SECURE Comms??? My family uses it, and we do so because it is our RIGHT....
    Homer Simpson and VisuTrac like this.
  14. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    Plus post naked pics of themselves and their family members and take down their window coverings. ;)
    BTPost likes this.
  15. ghrit

    ghrit Bad company Administrator Founding Member

    While you're all discussing Apple's stand on privacy, take note that Gates has come out and stated that Apple is wrong, and a backdoor should be made and loaded. Think on that while you are enjoying all the things that W10 does for you, and how easily it does it.
  16. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    Oh I've got no expectation on privacy on my windows boxes, nor the internet in general.
    I figure some day, the chickens will come home to roost. Come what may, at this point, it's out there and if they wanted to twist it about, they could probably find a court and make it stick, it's not like our legislators are rescinding any laws. I'm sure there are a bunch I don't know about that I've broken.
  17. ghrit

    ghrit Bad company Administrator Founding Member

    Knew that about you ---.o_O Me neither.:cool:
  18. BTPost

    BTPost Stumpy Old Fart Snow Monkey Moderator

    Ghrit, that is why my Windoz Computers are ALL Virtual Machines that run as Applications on my iMac, and MacBooks, are only XP Software, and rarely if ever connect to the Internet, even as Virtual Machines.... Way to many "nasties" floating around out there, to trust a MicroSquash Box, to be naked, on the Internet... even behind firewalls and MULTIPLE Routers, with Packet Sniffing...
  19. DarkLight

    DarkLight Live Long and Prosper - On Hiatus Site Supporter

    Two words:
    Microsoft, PRISM

    Microsoft was reportedly one of the first "signatories" to PRISM. When we as a company had a pow-wow with them in early 2014, I asked them point blank about that. The response was to direct me to their website about security. I pushed them and they started making noises about how they don't release this, that or the other thing. I pushed again and asked, in effect, if anyone in the room had the authority or even the desire to assure me that a) Microsoft was not involved with PRISM and b) they implemented technology to prevent the US Government from ever accessing any of their cloud systems and data.

    Half way through the conversation, every person who had been involved in the two day conference started showing up, real casual like. Kind of a show of force. We (the company I work for) went from a 1:1 ratio of "us vs. them" to being outnumbered 4 to 1. Not like they could or would do anything but it was really weird.

    After I pushed that last time, they said that they couldn't go into that and asked to move to a different topic as there was nothing to be gained from further discussion.

    Prior to that, however, they claimed (falsely) that they had never lost a court case against the government to reveal customer data. I say falsely because at that time, they had already lost the first case and the first appeal. While they hadn't given up the data, they had in fact lost twice. The concerning thing was that the case is about data in Ireland. This bit was just an interesting diversion though because I already knew they were lying to us about losing.

    Point being, Microsoft is more than happy to hand over whatever the government asks for and I seriously have less than zero doubt that Windows 10 is designed specifically to aid in that "sharing".
    melbo likes this.
  20. melbo

    melbo Hunter Gatherer Administrator Founding Member

    "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say" Edward Snowden

    "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged", referring to how a state government can find aspects in a person's life in order to prosecute or blackmail that individual. Cardinal Richelieu

    "Too many wrongly characterize the debate as "security versus privacy." Bruce Schneier

    "The real choice is liberty versus control" Bruce Schneier

    "I reserve the right to put blinds on my windows and lock my front door at night" melbo

    Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think About Surveillance

    SUDDENLY, IT FEELS like 2000 again. Back then, surveillance programs like Carnivore, Echelon, and Total Information Awareness helped spark a surge in electronic privacy awareness. Now a decade later, the recent discovery of programs like PRISM, Boundless Informant, and FISA orders are catalyzing renewed concern.

    The programs of the past can be characterized as “proximate surveillance,” in which the government attempted to use technology to directly monitor communication themselves. The programs of this decade mark the transition to “oblique surveillance,” in which the government more often just goes to the places where information has been accumulating on its own, such as email providers, search engines, social networks, and telecoms.

    Apologists will always frame our use of information-gathering services like a mobile phone plan or Gmail as a choice.

    Both then and now, privacy advocates have typically come into conflict with a persistent tension, in which many individuals don’t understand why they should be concerned about surveillance if they have nothing to hide. It’s even less clear in the world of “oblique” surveillance, given that apologists will always frame our use of information-gathering services like a mobile phone plan or Gmail as achoice.

    As James Duane, a professor at Regent Law School and former defense attorney, notes in his excellent lecture on why it is never a good idea to talk to the police:

    Estimates of the current size of the body of federal criminal law vary. It has been reported that the Congressional Research Servicecannot even count the current number of federal crimes. These laws are scattered in over 50 titles of the United States Code, encompassing roughly 27,000 pages. Worse yet, the statutory code sections often incorporate, by reference, the provisions and sanctions of administrative regulations promulgated by various regulatory agencies under congressional authorization. Estimates of how many such regulations exist are even less well settled, but the ABA thinks there are ”nearly 10,000.”

    If the federal government can’t even count how many laws there are, what chance does an individual have of being certain that they are not acting in violation of one of them?

    As Supreme Court Justice Breyer elaborates:

    The complexity of modern federal criminal law, codified in several thousand sections of the United States Code and the virtually infinite variety of factual circumstances that might trigger an investigation into a possible violation of the law, make it difficult for anyone to know, in advance, just when a particular set of statements might later appear (to a prosecutor) to be relevant to some such investigation.​

    For instance, did you know that it is a federal crime to be in possession of a lobster under a certain size? It doesn’t matter if you bought it at a grocery store, if someone else gave it to you, if it’s dead or alive, if you found it after it died of natural causes, or even if you killed it while acting in self defense. You can go to jail because of a lobster.

    If the federal government had access to every email you’ve ever written and every phone call you’ve ever made, it’s almost certain that they could find something you’ve done which violates a provision in the 27,000 pages of federal statues or 10,000 administrative regulations. You probably do have something to hide, you just don’t know it yet.

    Over the past year, there have been a number of headline-grabbing legal changes in the U.S., such as the legalization of marijuana in Colorado and Washington, as well as the legalization of same-sex marriage in a growing number of U.S. states.

    As a majority of people in these states apparently favor these changes, advocates for the U.S. democratic process cite these legal victories as examples of how the system can provide real freedoms to those who engage with it through lawful means. And it’s true, the bills did pass.

    What’s often overlooked, however, is that these legal victories would probably not have been possible without the ability to break the law.

    The state of Minnesota, for instance, legalized same-sex marriage this year, but sodomy laws had effectively made homosexuality itself completely illegal in that state until 2001. Likewise, before the recent changes making marijuana legal for personal use in Washington and Colorado, it was obviously not legal for personal use.

    Imagine if there were an alternate dystopian reality where law enforcement was 100% effective, such that any potential law offenders knew they would be immediately identified, apprehended, and jailed. If perfect law enforcement had been a reality in Minnesota, Colorado, and Washington since their founding in the 1850s, it seems quite unlikely that these recent changes would have ever come to pass. How could people have decided that marijuana should be legal, if nobody had ever used it? How could states decide that same sex marriage should be permitted, if nobody had ever seen or participated in a same sex relationship?

    If everyone’s every action were being monitored, and everyone technically violates some obscure law at some time, then punishment becomes purely selective.

    The cornerstone of liberal democracy is the notion that free speech allows us to create a marketplace of ideas, from which we can use the political process to collectively choose the society we want. Most critiques of this system tend to focus on the ways in which this marketplace of ideas isn’t totally free, such as the ways in which some actors have substantially more influence over what information is distributed than others.

    The more fundamental problem, however, is that living in an existing social structure creates a specific set of desires and motivations in a way that merely talking about other social structures never can. The world we live in influences not just what we think, but how we think, in a way that a discourse about other ideas isn’t able to. Any teenager can tell you that life’s most meaningful experiences aren’t the ones you necessarily desired, but the ones that actually transformed your very sense of what you desire.

    We can only desire based on what we know. It is our present experience of what we are and are not able to do that largely determines our sense for what is possible. This is why same sex relationships, in violation of sodomy laws, were a necessary precondition for the legalization of same sex marriage. This is also why those maintaining positions of power will always encourage the freedom to talk about ideas, but never to act.

    Law enforcement used to be harder. If a law enforcement agency wanted to track someone, it required physically assigning a law enforcement agent to follow that person around. Tracking everybody would be inconceivable, because it would require having as many law enforcement agents as people.

    Those in power will essentially have what they need to punish anyone they’d like, whenever they choose, as if there were no rules at all.

    Today things are very different. Almost everyone carries a tracking device (their mobile phone) at all times, which reports their location to a handful of telecoms, which are required by law to provide that information to the government. Tracking everyone is no longer inconceivable, and is in fact happening all the time. We know that Sprint alone responded to eight million pings for real time customer location just in 2008. They got so many requests that they built an automated system to handle them.

    Combined with ballooning law enforcement budgets, this trend towards automation, which includes things like license plate scanners and domestically deployed drones, represents a significant shift in the way that law enforcement operates.

    Police already abuse the immense power they have, but if everyone’s every action were being monitored, and everyone technically violates some obscure law at some time, then punishment becomes purely selective. Those in power will essentially have what they need to punish anyone they’d like, whenever they choose, as if there were no rules at all.

    Even ignoring this obvious potential for new abuse, it’s also substantially closer to that dystopian reality of a world where law enforcement is 100% effective, eliminating the possibility to experience alternative ideas that might better suit us.

    Some will say that it’s necessary to balance privacy against security, and that it’s important to find the right compromise between the two. Even if you believe that, a good negotiator doesn’t begin a conversation with someone whose position is at the exact opposite extreme by leading with concessions.

    We’re not dealing with a balance of forces looking for the perfect compromise between security and privacy, but an enormous steam roller.

    And that’s exactly what we’re dealing with. Not a balance of forces which are looking for the perfect compromise between security and privacy, but an enormous steam roller built out of careers andbillions in revenue from surveillance contracts and technology. To negotiate with that, we can’t lead with concessions, but rather with all the opposition we can muster.

    Even if you believe that voting is more than a selection of meaningless choices designed to mask the true lack of agency we have, there is a tremendous amount of money and power and influence on the other side of this equation. So don’t just vote or petition.

    To the extent that we’re “from the internet,” we have a certain amount of power of our own that we can leverage within this domain. It is possible to develop user-friendly technical solutions that would stymie this type of surveillance. I help work on Open Source security and privacy apps at Open Whisper Systems, but we all have a long ways to go. If you’re concerned, please consider finding some way to directly oppose this burgeoning worldwide surveillance industry (we could use help at Open Whisper Systems!). It’s going to take all of us.
    VisuTrac likes this.
survivalmonkey SSL seal        survivalmonkey.com warrant canary