Police unable to decrypt iPhones, asks Apple to do it
Posted on 13 May 2013.
Court documents from a drug trial in Kentucky have revealed that the U.S. federal Bureau of Alcohol, Tobacco, Firearms and Explosives nor any other U.S. local, state, or federal law enforcement agency are able to break the hardware encryption on an iPhone 4S device or higher, so they have resorted to asking Apple to do it for them.


In fact, the move is so popular with law enforcement agencies, that Apple has been forced to create a "waiting list" to handle all requests.

In this particular case the agents had to wait at least seven weeks for their request to be handled, and the whole process seems to have taken at least four months.

It is also largely unknown how Apple does it - it is only confirmed that once Apple analysts bypass the passcode, they download the (probably decrypted) contents of the phone to an external memory device and ship it to the law enforcement agency that requested it.

"It's not clear whether that means Apple has created a backdoor for police -- which has been the topic of speculation in the past -- whether the company has custom hardware that's faster at decryption, or whether it simply is more skilled at using the same procedures available to the government," notes Cnet's Declan McCullagh.

But the fact is that if you believe that the data contained in your Apple device is safe from law enforcement's eyes, you are wrong.

According to McCullagh, Google resolves the issue by simply resetting the password on the suspect's Android device and provides the new password to law enforcement.

As a reminder, a recent investigation conducted by US Drug Enforcement Administration agents has also revealed that they were unable to decrypt messages the targets exchanged via Apple's iMessage system. Again, the problem can be sidestepped by getting a court order and demanding Apple to help intercept and decrypt the messages.









Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //