While hacking an iPhone to obtain personal information went from the proverbial million bucks for the FBI to crack the San Bernardino shooter's handset, to the current $15,000 for a Cellebrite
machine, the secretive New York lab
that the Feds built for the purpose has the price tag of a cool $10 million.
A thorough investigation of said federal stomping ground for all things phone and encryption has been carried out by Fast Company
, and the things that the federal government can do to our iPhones turn out to be limited, and not only by the imagination.
Last week, the Attorney General William Barr put Apple in hot water by demanding that it should provide more "substantive assistance" to law enforcement when it comes to encryption. At a press conference on January 13, AG Barr asked that Apple provide the US Department of Justice (DOJ) with access to a pair of oldie iPhones used by the terrorist in shooting spree at an Air Force training facility base in Pensacola, Second Lt. Mohammed Saeed Alshamrani.
He was a radicalized cadet in the Saudi Air Force who arrived for a training exchange program, and managed to kill three US cadets and wound eight others before being shot by a deputy. The DOJ has pegged the incident as an act of terrorism that was brought on by jihadist beliefs.
Apple immediately jumped for a rebuttal the very same day of Barr’s claim. "We reject the characterization that Apple has not provided substantive assistance in the Pensacola investigation," stated its PR office. "Our responses to their many requests since the attack have been timely, thorough and are ongoing."
While Apple is holding the fort on providing a backdoor for the FBI to decrypt phone passwords and messaging convos, it did back down on end-to-end encryption for iCloud
, and recently provided all of the Pensacola terrorist's cloud data to investigators shortly after they requested it.
Moreover, nowadays law enforcement can crack a perpetrator's iPhone
provided they acquire certain equipment and/or software for about $15000 or less from companies like Greyshift or Cellebrite. "We’ve got the tools to extract data from an iPhone 5 and 7 now
," according to Andy Garrett, a CEO of a forensics company, referring to the iPhones belonging to the Pensacola shooter. "Everybody does
," he commented for the Wall Street Journal
That "everybody" turns out to be none other than a smorgasbord of government agencies, too, as Grayshift has sold its wares to the U.S. Bureau of Prisons, the Drug Enforcement Administration, the Internal Revenue Service and the FBI. The Bureau has alone purchased $1 million worth of Grayshift devices, meaning that there are probably iPhone encryption crackers in each and every local office now.
The High Technology Analysis Unit opened after Apple started demanding six-digit iPhone passwords
Why is AG Barr co-opting President Trump to pressure Apple into providing a backdoor into its iPhones then? Because cracking them still costs a lot and takes time, it seems, judging from Fast Company's Manhattan tour of a dedicated FBI facility that sprung into action after Apple started encrypting it all in iOS 8.
The High Technology Analysis Unit's cracking setup sure looks impressive
The so-called High Technology Analysis Unit has been built on the order of the district attorney of Manhattan, Cyrus Vance Jr., and run by FBI's Steven Moran.
Moran stocked the cyberlab with mind-bending hardware and a crack team of technology experts, many of whom are ex-military. Proprietary software provides prosecutors with real-time information about each smartphone in their possession, which can be removed from the radiofrequency-shielded room using Ramsey boxes - miniaturized versions of the isolation chamber that allow technicians to manipulate the devices safely.
In other corners of the lab are a supercomputer that can generate 26 million random passcodes per second, a robot that can remove a memory chip without using heat, and specialized tools that can repair even severely damaged devices. (Word to the evil: If you really want to destroy your iPhone, try throwing it into the ocean. For electronics, saltwater is the most readily available corrosive substance.)
While you may be fixating on that last sentence, Mr Moran clarifies that the process of cracking an iPhone isn't really straightforward and requiring brute force only. Apple and Google aren't sleeping and are making it increasingly harder for the team, so they have to prioritize their hacking approaches.
Since Apple limits the number of times per minute that a passcode can be tried, Moran has to think like Sherlock Holmes to narrow down the possibilities before the prosecution’s window of opportunity—or the statute of limitations—expires. “Do they like the Mets?” Moran explains. “Do they like the Yankees? Is their favorite player Derek Jeter? Is their favorite player Mickey Mantle? What’s the dog’s name? What’s the kid’s birthday? What’s their birthday? Where did they get married? What date did they get married? We are looking for any edge that we can try to find.”
Get that? Never use anything remotely personal as an iPhone password seems to be the takeaway here. It's still a cat and mouse game, it seems, as at the day of the visit the lab had three thousand handsets waiting to be cracked, and isn't shy to seek outside help as well. According to Director Moran, "if a third party were to say ‘hey, we have a solution that will work on iOS 12.1.2 and it costs X amount of dollars,’ I can see within five seconds that that’s going to affect 16 different phones."
That's where Israeli hacking companies like the one that makes the Cellebrite machine and software come in, and it recently announced a patch that can crack the heretofore off-limits iOS 13 encryption as well. Here is the hacking in action, demonstrated by none other than Scottish law enforcement itself.
Well, revealing the daily pains that FBI's iPhone cracking forensics lab has to go through in order to find incriminating or exculpatory evidence may very well be part of the strategy to change the public's perception on the matter but it's still fascinating to see.
President Trump just had breakfast with Tim Cook
as part of the proceedings at the Davos conference this morning, and we are fairly certain that the encryption battle with law enforcement has been a central theme, now that Apple's CEO may be gearing up for a legal fight with the FBI
on the matter.
Photos: Samir Abady for Fast Company