http://news.cnet.com/8301-13578_3-57583 ... t-iphones/

The obvious question is how do they do it?

I'm guessing you need physical access to the chip-set to inject a back-door code, or something similar. If it was done purely with software, there wouldn't be such a waiting list and the security implications would be of great concern. The alternative is that they have access to more processing power than the US government?!

You don't need anything like that much power to brute force a simple passcode. The interesting part is how do they stop the phone wiping itself after X (10, I think, but I can't remember) tries. I assume they're accessing the flash RAM directly without going through the phone OS, trying brute force attacks against data of a known value in a known memory location.

Even assuming you allow passcodes like 1111, there are still only 10,000 possible combinations. In cryptographic terms, that's effectively 'none at all'.



A standard 4 digit passcode isn't really very much protection for any encryption scheme, the fact it's an iPhone is pretty much irrelevant to that. if you have a four digit password on your PC I guarantee it wouldn't take long to get into. IIRC we require all our corporate phones (of all brands) to be locked with a passphrase (which contains both numbers and letters) and is longer, but still I wouldn't expect it to survive attack for that long.

The 'Apple' part of this is a total red herring though, it's basically a simple illustration of don't have short, easy to guess passwords.

Course XKCD 538 still applies, even if 'the wrench' might be 'we will keep you in prison until you give us the pass code'. Which I believe would be the case in the UK, if the authorities wanted to get into your phone.

A 4 digit password takes about 11 seconds on an online attack (limited to 1000 attempts per second).

Offline attack 0.000000111 seconds

Using a GPGPU array 0.000000000111 seconds

https://www.grc.com/haystack.htm

It is the lock out systems and auto wipe systems that can slow things down, or stop them in their tracks.

The longest part of the equation is going to be dumping the data out in a form that is court acceptable - it has to be an exact copy and they have to prove that the data in the device has not been altered (i.e. it is in read-only mode).

My Windows password comes in at:

Search Space Depth (Alphabet): 26+10+33 = 69
Search Space Length (Characters): 27 characters
Exact Search Space Size (Count):
(count of all possible passwords
with this alphabet size and up
to this password's length) 45,213,239,798,058,967,886,035,417,361,349,315,464,671,600,690,179
Search Space Size (as a power of 10): 4.52 x 1049
Time Required to Exhaustively Search this Password's Space:
Online Attack Scenario:
(Assuming one thousand guesses per second) 14.38 trillion trillion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.44 hundred thousand trillion trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.44 hundred trillion trillion centuries

They might only have one person doing all the decryptions.


Sent from my iPad using Tapatalk.

Are you suggesting that the iPhone 5 will not permit a passcode longer than 4 digits? From the article linked in the OP:

IIRC, by default (i.e. if you take the phone out of the box and set that you want an unlock code) iOS only allows for a four digit passcode yes. if you connect it to any sort of corporate system the security policy that system requires then gets imposed, which can be any sort of textual passcode with any specific requirements (e.g. 6 characters, one letter one number one non-alphanumeric or whatever). I don't think the OS version has changed that at all, although it's noticeable iOS 6 is missing from Elcomsoft's claim. I suspect iOS 6, while not requiring a better minimum password, actually encrypts the data in such a way as to make it less 'crackable'.

Android (particularly 4.2) is better in this regard as it offers a set of unlock methodologies out of the box. However some of them are much more easily overcome than others.

Mine was 4 numbers but is now 10 digits. I just hope I remember it.

Wouldn't the best option for you be setting the unlock code to your phone number?

Jon

Not really I have had the same mobile number for 8 years and still only remember the 07 bit.

I decided to go back to the 4 digit one as I could remember that.