The FBI announced that it successfully got into the terrorist's iPhone and read all the data - without Apple's help. There are two major theories about how that happened. I'm getting a lot of my information about this from Zdziarski's blog post, which I highly recommend reading.
- The FBI could have used a technique called NAND mirroring. That would allow them to copy the raw contents of the storage medium and rewrite it back every time it got erased by the controller. Such operations would be tricky with a high risk of physically destroying the data medium, but possible with sufficient funds and testing.
- There might have been a flaw in the security of the controller's software. Just like how desktop computer software sometimes has vulnerabilities that can be exploited remotely (i.e. without modifying anything on the disk) to take over the system, a certain sequence of input could have been discovered that allowed the FBI to have the controller do what they wanted.
Good encryption would have defended against both attack methods. The terrorist used an exceptionally weak password: a four-digit PIN, for which there are only ten thousand possibilities. For contrast, there are many trillions of possible alphanumeric eight-character passwords, and even those aren't very good. Microsoft BitLocker, a common disk encryption method for Windows computers, is secure even when attackers have the raw data. It holds up because there are so many possible keys.
If you use strong passwords to key strong encryption, you'll have strong security that's virtually unbreakable.
No comments:
Post a Comment