We are closely following the case of Apple battling the US government on unlocking the iPhone of San Bernardino mass murderer Farook who killed 14 in December 2015. In our previous post we looked at what the FBI was asking, and why Apple opposes the motion.
On February 19th, a new document shows up. The “GOVERNMENT’S MOTION TO COMPEL APPLE INC. TO COMPLY WITH THIS COURT’S FEBRUARY 16, 2016 ORDER COMPELLING ASSISTANCE IN SEARCH; EXHIBIT”. In this document (which is a highly recommended reading by the way), government attorneys summarize several important points and reply to the many Apple’s and public concerns raised after the original court order. So what do we know today about this case that we didn’t know last week?
The Passcode Is Numeric
The government states that the iPhone 5C in question is protected with a numeric password (see the above motion, p.5/13). This, in turn, means that all possible combinations can be enumerated in about 30 minutes (if the passcode consists of 4 digits) or several days (if there were 6 digits).
In other words, Apple could disable the artificial delay that increases the time between unsuccessful entries, as well disable as the provision that may wipe the phone’s data after 10 unsuccessful attempts. The company could then run an attack on the passcode (using either an in-house tool or one of the many existing forensic solutions such as Elcomsoft iOS Forensic Toolkit), and unlock the device in almost no time.