[Cryptography] Apple ordered to decrypt cellphone

Mark Seiden mis at seiden.com
Wed Feb 17 10:39:12 EST 2016 




On 2/16/16 9:28 PM, Henry Baker wrote:
> FYI -- Below is the OCR'd version of today's court
> order to Apple to decrypt a cellphone.
> 
> https://regmedia.co.uk/2016/02/17/apple_order.pdf

decryption isn't what the court ordered.

rather, it's firmware allowing the FBI to brute force the unlock
code for the phone (without the usual timeouts imposed by software
to avoid that, and without activating the protective "erase memory"
features.

the original article and the comments abundantly point this out:

http://www.theregister.co.uk/2016/02/17/apple_help_fbi_san_bernardino/

i'll save you some time:

this is the county-provided work phone of one of the san
bernadino shooters, who supposedly destroyed their personal
phones and hard drive has not been found.

it appears iphones can boot a signed image in recovery
mode. that's what the requested system image would be.

the 5c does not have a fingerprint reader.

ocr-introduced typos: model 5c, RAM.

> 
> EILEEN M. DECKER
> United States Attorney
> 
> PATRICIA A. DONAHUE
> Assistant United States Attorney
> Chief, National Security Division
> 
> TRACY L. WILKISON (California Bar No. 184948)
> Assistant United States Attorney
> Chief, Cyber and Intellectual Property Crimes Section
> 
> ALLEN W. CHIU (California Bar No. 240516)
> Assistant United States Attorney
> Terrorism and Export Crimes Section
> 
> 1500 United States Courthouse
> 312 North Spring Street
> Los Angeles, California 90012
> Telephqne: (213) 894-0622/2435
> Facsimile: (213) 894-8601
> Email: Tracy.wilkison at usdoj.gov Allen.Chiu at usdoj.gov
> 
> Attorneys for Applicant
> UNITED STATES OF AMERICA
> 
> UNITED STATES DISTRICT COURT
> FOR THE CENTRAL DISTRICT OF CALIFORNIA
> 
> IN THE MATTER OF THE SEARCH OF     No. ED l5-045lM
> AN APPLE IPHONE SEIZED DURING
> THE EXECUTION OF A SEARCH          ORDER COMPELLING APPLE,
> WARRANT ON A BLACK LEXUS 1S300,    INC. TO ASSIST AGENTS IN SEARCH
> CALIFORNIA LICENSE PLATE 35KGD203
> 
>      This matter is before the Court pursuant to an application
> pursuant to the All Writs Act, 28 U.S.C. ยง 1651, by Assistant United
> States Attorneys Tracy Wilkison and Allen Chiu, requesting an order
> directing Apple Inc. ("Apple") to assist law enforcement agents in
> enabling the search of a digital device seized in the course of a
> previously issued search warrant in this matter.
> 
>      For good cause shown, IT IS HEREBY ORDERED that:
> 
>      1. Apple shall assist in enabling the search of a cellular
> telephone, Apple make: iPhone SC, Model: Al532, P/N:MGFG2LL/A,
> S/N:FFMNQ3MTG2DJ, IMEI:35882005230l412, on the Verizon Network, (the
> "SUBJECT DEVICE") pursuant to a warrant of this Court by providing
> reasonable technical assistance to assist law enforcement agents in
> obtaining access to the data on the SUBJECT DEVICE.
> 
>      2. Apple's reasonable technical assistance shall accomplish
> the following three important functions: (1) it will bypass or
> disable the auto-erase function whether or not it has been enabled;
> (2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE
> for testing electronically via the physical device port, Bluetooth,
> Wi-Fi, or other protocol available on the SUBJECT DEVICE; and (3) it
> will ensure that when the FBI submits passcodes to the SUBJECT
> DEVICE, software running on the device will not purposefully
> introduce any additional delay between passcode attempts beyond what
> is incurred by Apple hardware.
> 
>      3. Apple's reasonable technical assistance may include, but is
> not limited to: providing the FBI with a signed iphone Software
> file, recovery bundle, or other Software Image File ("SIF") that can
> be loaded onto the SUBJECT DEVICE. The SIF will load and run from
> Random Access Memory ("RAW') and will not modify the iOS on the
> actual phone, the user data partition or system partition on the
> device's flash memory. The SIF will be coded by Apple with a unique
> identifier of the phone so that the SIF would only load and execute
> on the SUBJECT DEVICE. The SIF will be loaded via Device Firmware
> Upgrade ("DFU") mode, recovery mode, or other applicable mode
> available to the FBI. Once active on the SUBJECT DEVICE, the SIF
> will accomplish the three functions specified in paragraph 2. The
> SIF will be loaded on the SUBJECT DEVICE at either a government
> facility, or alternatively, at an Apple facility; if the latter,
> Apple shall provide the government with remote access to the SUBJECT
> DEVICE through a computer allowing the government to conduct passcode
> recovery analysis.
> 
>      4. If Apple determines that it can achieve the three functions
> stated above in paragraph 2, as well as the functionality set forth
> in paragraph 3, using an alternate technological means from that
> recommended by the government, and the government concurs, Apple may
> comply with this Order in that way.
> 
>      5. Apple shall advise the government of the reasonable cost of
> providing this service.
> 
>      6. Although Apple shall make reasonable efforts to maintain
> the integrity of data on the SUBJECT DEVICE, Apple shall not be
> required to maintain copies of any user data as a result of the
> assistance ordered herein. All evidence preservation shall remain
> the responsibility of law enforcement agents.
> 
>      7. To the extent that Apple believes that compliance with this
> Order would be unreasonably burdensome, it may make an application to
> this Court for relief within five business days of receipt of the
> Order.
> 
> DATED:  FEB 16 2016                        SHERI PYM
>                                   UNITED STATES MAGISTRATE JUDGE
> 
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>

More information about the cryptography mailing list