For quite a few months now, the FBI has been giving Tim Cook and all the other officials over at the Apple a hard time, by requesting, demanding and forcing them to help them get past the security of an iPhone 5C of one of the terrorists who perpetrated the San Bernardino Mass shootings back in December, by compromising its long-standing principle of a “Secure iPhone”.
But, for reasons that have a lot to do with iPhone Customers’ trust and faith, Apple openly refused to cooperate with the FBI.
Even so, there are only two possible ways to break into an iPhone through its security.
- iPhone’s internal encryption chip: This is an impossible security measure to crack through. Here’s why. iPhone’s internal security chip is 256 bits long and uses the AES algorithm. 256 bits of the encryption key, translates into trillion password guesses using the Brute-Force technique. Meaning, lifetimes would pass, but you will still not have broken the code. So, iPhone’s internal chip hacking is simply out of line.
- iPhone’s Passcode: iPhone’s passcode can either be 4 or 6 characters long. So, that means, there are 10,000 or million possibilities respectively. So, mathematically, it would take 11 to 22 hours to get the right combination of the passcode. It would, of course, take a lot longer than that if the passcode is alphanumeric.
Both these ways can only be approached by employing a Brute-Force technique (Guessing different combinations of code until success).
Still, breaking into the iPhone using passcode guessing seems relatively easy and doable, which is why Apple introduced two additional security features to secure iPhone.
- If the passcode guess turns out wrong several times, iPhone creates a delay of an hour it will accept further guesses.
- iPhone can be enabled with a Self-destruct mode, that erases all of iPhone’s data if the passcode is guessed wrong for the certain number of times.
And this is essentially FBI’s problem into hacking into the terrorist’s captured iPhone 5C.
HOW APPLE HELPED FBI
Now, Apple cannot offer any substantial help, since its policy is to discard the iPhone’s internal chip key once they leave their factories.
But one way Apple could actually offer help in this regard and what FBI has been constantly trying coerce out of Apple is a software that modifies iPhone’s security measures in such a way that it removes the delays between passcode guesses and disable the self destruct mode.
And now, after months of FBI’s attempts to get this job done, Apple has been asked by the Federal Court to comply with FBI’s request and provide it a backdoor to be able to attempt more than 10 PINs without triggering the self destruct mode
HOW TO SECURE iPhone FROM FBI AND GOVERNMENT
iPhone’s software allows one passcode to be entered/ guessed per 80 million seconds.
That means like we already mentioned, a 6 digit passcode will take 11 to 22 hours to crack.
Here’s a thought:
So, another alternative is to use an 11 digit passcode, which would take 127 to 253 years to break. So, unless the FBI has that long to crack, you can secure iPhone definitively.
So, if you are a Mac or Linux user, open the terminal app and type the following command to generate an 11 digit passcode.
python -c 'from random import SystemRandom as r; print(r().randint(0,10**11-1))'
This, of course, is assuming the FBI is not yet technically equipped enough to handle the 11 digit passcode.
OTHER ADJUSTMENTS THAT CAN SECURE iPhone FURTHER
- Avoid using a predictable passcode: Setting your birth dates, phone numbers, passwords of your social networking accounts etc., to secure iPhone, are easy guesses for any hacker, which is why they shouldn’t be your iPhone’s passcode.
- Do not enable iCloud Backup: This obviously will no longer make the passcode effective because the attacker can get a copy of your data from Apple’s server, where passcode doesn’t work to secure iPhone.
- Use no fingerprint: Fingerprint is a matter of physical issue. How many times did we not see in the movies people rendered unconscious by chloroform? Fingerprints can be easily procured.