Apple Fbi Case Study
By: 1111 • January 15, 2018 • Case Study • 1,275 Words (6 Pages) • 1,254 Views
素材
- 新闻(400-450)
In February this year, the FBI called on Apple to help them hack an iPhone belonging to Islamic State-inspired terrorist Syed Rizwan Farook, who had opened fire on a local government office building in San Bernardino in December 2015, killing
14 people.
Despite Apple providing the FBI with data obtained from the weekly back-ups Farook had made using Apple’s iCloud service, FBI investigators believed the iPhone itself contained important additional data about Farook’s motives along with his contacts list. The phone’s contents, however, were encrypted and FBI agents weren’t willing to risk the phone’s automatic data wipe facility kicking in should more than 10 incorrect passcode entries be made. Apple refused to comply, so the FBI pursued a US court order that would compel the company to subvert its own encryption systems and provide a back door entry to the iOS operating system. In response, Apple argued this would force it to create a weak link in its encryption which, while speeding up the investigation of crimes such as this, would also put the privacy of millions of law-abiding iPhone users at risk.
The event that led to a more direct
clash between the two sides was the mass
shooting in San Bernardino, California
by Syed Farook and his wife Tashfeen
Malik in December 2015. 2 They attacked fellow workers at the San Bernardino
Department of Public Health, leaving 14
dead and 22 seriously injured. Quickly
categorised – by both media and the
authorities – as a terrorist attack, it was
the deadliest such incident on US soil
since the 9/11 atrocities of 2001. One of the items left behind by Farook
was a company-issued iPhone 5C.
Naturally, the FBI wanted to carry out
a forensic examination of the device but
the agency found itself thwarted by the
security features Apple had built into the phone – in particular, the requirement
to enter a PIN to gain access. The FBI
turned to Apple to request its help – and
the tech firm refused. And so began a bat-
tle – in the courts and in the media.
The fact is,
Apple co-operated with the agency to a
considerable degree, including providing
Farook’s iCloud back-ups.
This is some-
thing that wasn’t always clear when the
debate spilled out into the public arena. So if Apple was co-operating, why did it
stop? The sticking point came when the
FBI wanted access not just to information that Apple held, but data that was on the
phone and which would require changes
– hacks, if you will – to the operating system to recover.
The FBI was unable to get past the
iPhone’s lock screen. The system used by
Apple allows a small number of attempts
at guessing the code before imposing a
time delay between tries – a common
security technique known as rate limiting.
These delays can get quite large quite
quickly – up to an hour – making a brute
force attempt at unlocking the phone
impractical. In addition, devices can be
configured to wipe all data after 10 incor-
rect guesses.
As the passcode security is baked deep
into the iOS operating system, Apple could not offer a simple work-around.
After all, the whole point of having secu-
rity like this is that it is not easily subvert-
ed. The FBI’s solution was to ask Apple
to create a special, one-off version of iOS
with the rate limiting disabled. That’s
where Apple drew the line and said no.
I
n an open letter, Apple CEO Tim
Cook wrote: “Up to this point, we have
done everything that is both within our
power and within the law to help them.
But now the US Government has asked
us for something we simply do not have,
and something we consider too dangerous
to create. They have asked us to build a
back door to the iPhone.”
Ultimately, much of this will be decided
in court. The FBI attempted to force
Apple to co-operate by invoking the All
Writs Act, which compels people and
organisations to assist law enforcement
investigations. Unusually, in such matters,
the FBI’s case against Apple was a civil
one. The FBI won its suit. Apple then
appealed, but before a judgment could be
reached, the FBI dropped the case.
Superficially, the reason appeared simple
– the FBI had finally gained access to the
data on the iPhone. It had bought – for
a rumoured $1.2m – an exploit from
an unnamed company that somehow
bypassed the passcode security. Not only
has the FBI refused to name who supplied
the technique, it has refused to give details
of the vulnerability it exploited, potentially leaving other iPhone 5C users at risk.
The
agency claims that the exploit runs only on
the 5C model and only on the specific ver-
sion of iOS that Farook was using.
- 分析
Refuse 的原因it’s not really a black-and-white case. I
think it’s become quite emotional.”
Apple’s stated contention was that any such back door represented a potential security vulnerability that would quickly become a target for hackers and cyber-criminals, resulting in the personal data stored on iPhones – including banking details, health records and details of frequently visited locations – potentially becoming accessible to any cyber-geek determined enough to crack the code.
...