Apple Fbi Case Study

素材

1. 新闻(400-450)

In February this year, the FBI called on Apple to help them hack an iPhone belonging to Islamic State-inspired terrorist Syed Rizwan Farook, who had opened fire on a local government office building in San Bernardino in December 2015, killing

14 people.

Despite Apple providing the FBI with data obtained from the weekly back-ups Farook had made using Apple’s iCloud service, FBI investigators believed the iPhone itself contained important additional data about Farook’s motives along with his contacts list. The phone’s contents, however, were encrypted and FBI agents weren’t willing to risk the phone’s automatic data wipe facility kicking in should more than 10 incorrect passcode entries be made. Apple refused to comply, so the FBI pursued a US court order that would compel the company to subvert its own encryption systems and provide a back door entry to the iOS operating system. In response, Apple argued this would force it to create a weak link in its encryption which, while speeding up the investigation of crimes such as this, would also put the privacy of millions of law-abiding iPhone users at risk.

The event that led to a more direct

clash between the two sides was the mass

shooting in San Bernardino, California

by Syed Farook and his wife Tashfeen

Malik in December 2015. 2 They attacked fellow workers at the San Bernardino

Department of Public Health, leaving 14

dead and 22 seriously injured. Quickly

categorised – by both media and the

authorities – as a terrorist attack, it was

the deadliest such incident on US soil

since the 9/11 atrocities of 2001. One of the items left behind by Farook

was a company-issued iPhone 5C.

Naturally, the FBI wanted to carry out

a forensic examination of the device but

the agency found itself thwarted by the

security features Apple had built into the phone – in particular, the requirement

to enter a PIN to gain access. The FBI

turned to Apple to request its help – and

the tech firm refused. And so began a bat-

tle – in the courts and in the media.

The fact is,

Apple co-operated with the agency to a

considerable degree, including providing

Farook’s iCloud back-ups.

This is some-

thing that wasn’t always clear when the

debate spilled out into the public arena. So if Apple was co-operating, why did it

stop? The sticking point came when the

FBI wanted access not just to information that Apple held, but data that was on the

phone and which would require changes

– hacks, if you will – to the operating system to recover.

The FBI was unable to get past the

iPhone’s lock screen. The system used by

Apple allows a small number of attempts

at guessing the code before imposing a

time delay between tries – a common

security technique known as rate limiting.

These delays can get quite large quite

quickly – up to an hour – making a brute

force attempt at unlocking the phone

impractical. In addition, devices can be

configured to wipe all data after 10 incor-

rect guesses.

As the passcode security is baked deep

into the iOS operating system, Apple could not offer a simple work-around.

After all, the whole point of having secu-

rity like this is that it is not easily subvert-

ed. The FBI’s solution was to ask Apple

to create a special, one-off version of iOS

with the rate limiting disabled. That’s

where Apple drew the line and said no.

I

n an open letter, Apple CEO Tim

Cook wrote: “Up to this point, we have

done everything that is both within our

power and within the law to help them.

But now the US Government has asked

us for something we simply do not have,

and something we consider too dangerous

to create. They have asked us to build a

back door to the iPhone.”

Ultimately, much of this will be decided

in court. The FBI attempted to force

Apple to co-operate by invoking the All

Writs Act, which compels people and

organisations to assist law enforcement

investigations. Unusually, in such matters,

the FBI’s case against Apple was a civil

one. The FBI won its suit. Apple then

appealed, but before a judgment could be

reached, the FBI dropped the case.

Superficially, the reason appeared simple

– the FBI had finally gained access to the

data on the iPhone. It had bought – for

a rumoured $1.2m – an exploit from

an unnamed company that somehow

bypassed the passcode security. Not only

has the FBI refused to name who supplied

the technique, it has refused to give details

of the vulnerability it exploited, potentially leaving other iPhone 5C users at risk.

The

agency claims that the exploit runs only on

the 5C model and only on the specific ver-

sion of iOS that Farook was using.

1. 分析

Refuse 的原因it’s not really a black-and-white case. I

think it’s become quite emotional.”

Apple’s stated contention was that any such back door represented a potential security vulnerability that would quickly become a target for hackers and cyber-criminals, resulting in the personal data stored on iPhones – including banking details, health records and details of frequently visited locations – potentially becoming accessible to any cyber-geek determined enough to crack the code.