New York City has a $10 million cybercrime lab to crack the iPhone
In an interview published on Tuesday, Manhattan District Attorney Cy Vance Jr. has pulled back the curtain on what it's like trying to access data that's needed by law enforcement on a passcode-protected iPhone.
In a lab in New York City, two computers generate random numbers in an effort to guess the passcodes that keep smartphones seized by crime suspects locked down. The challenge is daunting, but not impossible if you can circumvent Apple's limits on attempts. A four-digit key has 10,000 possible combinations, whereas a six-digit key has one million.
To prevent the devices from contacting remote servers or responding to wipe requests, New York City is storing iPhones within a vault-like faraday cage, designed to block electromagnetic waves.
Fast Company has taken an insider's look into at what it's like to try to break into an iPhone.
Apple has anticipated this sort of attack from criminals, which is why it limits the number of times per minute that a passcode can be tried, even after memory chips have been removed from a device. This often requires investigators to look into the suspects life to try to find relevant codes. Birthdays, anniversaries, zip codes and more are all tested, in hopes of breaking into the device to extract useful information.
Law enforcement has been fighting Apple's security measures for some time. When iOS 8 was released, Apple said that they wouldn't provide data extractions in response to search warrants, and would instead provide what it could from the contents of a user's iCloud. Further complicating the matter, is more users passcode-protecting a device. Five years ago, only 52% of the smartphones that the District Attorney's office obtained were locked. Now, they're seeing rates upwards of 82%.
"It had a big impact right away on our cases," district attorney Cyrus Vance Jr. told Fast Company. "The inability to access devices in small cases and big cases was having an impact on our ability to get evidence."
And their success rate isn't getting much better. Vance says his crime lab is able to successfully crack half of the phones they receive. Every time Apple releases a new operating system, the penetration task gets increasingly complex. Often it takes years for the lab to crack a new phone or a new iOS version, well after a case is in court.
Apple helps law enforcement, just not as much as the police might like
Apple takes its users' data seriously, and as a side-effect of that policy, it makes it difficult for Apple devices to be used in criminal investigations. Apple has repeatedly refused to help federal investigators unlock devices, citing that it would undermine the overall security of its hardware.
Apple had also been working on an option that would offer end-to-end encryption of iCloud backups. These backups contain sensitive data, such as contact information, pictures, and texts from iMessage and other messaging apps. Apple scrapped the plans after the FBI demanded that the data stay in a readable format.
The FBI has obtained iCloud data in the past, and continues to do so. According to Apple, In the first half of 2019, U.S. authorities had obtained full device backups of more than 6,000 accounts. Apple turns over data for 90% of the requests it receives. In the second half of 2018, Apple handed over the data for 14,000 accounts by court order.
However, a user can still clear their iCloud and on-device data remotely, thwarting any attempts at gaining useful evidence for an investigation.
Because of this, investigators have had to take new precautions and employ new methods to handling digital evidence. The New York City lab is a larger scale example, with smaller police forces using devices from Cellebrite in "kiosks" available to investigators.
Vance hopes that U.S. Attorney General William Barr, who demanded Apple unlock a pair of iPhones related to a shooting, can make headway.
"That's not their call," Vance says in the interview. "And it's not their call because there's something bigger here at issue rather than their individual determination of where to balance privacy and public safety."