A US judge has ordered Apple to help the FBI hack into an iPhone used by one of the assailants in the San Bernardino, California shootings—and the computer giant has so far refused a request from the law enforcement agency.
But the reason the FBI can’t get into the phones without Apple’s help is ludicrously simple. It comes down to one setting, that anyone can turn on or off in seconds.
Users of the iPhone can find the toggle that’s foxed America’s top security officials by going to Settings > Passcode, where they’ll be asked to enter their security code. Once that’s done, a screen appears at the foot of which is this option: Erase Data. Erase all data on this iPhone after 10 failed passcode attempts.
If the setting is enabled, a “brute force” approach to hacking—like using a computer to try thousands of number combinations—would quickly lead to the erasure of all data.
The FBI is asking (pdf) for technical assistance to essentially give them an unlimited number of guesses to crack the PIN, using a “special version of iOS that only works on the one iPhone they have recovered,” according to the Trail of Bits blog.
Tim Cook, Apple’s CEO, has championed the need for encryption—and he means it. The iPhone that the FBI is trying to get into is the 5C model, which, luckily, does not have Apple’s most important security feature, the Secure Enclave.
The Secure Enclave is a separate computer within the computer that holds access to the encryption keys controlling Apple Pay, the iCloud keychain, and other bits and pieces linked to Touch ID, which uses your fingerprint to access the device on top of the of PIN. (The 5C is an older model that is no longer on sale; the iPhone 5S and all newer models have Touch ID.)
“If the San Bernardino gunmen had used an iPhone with the Secure Enclave,” according to Trail of Bits, “then there is little to nothing that Apple or the FBI could have done to guess the passcode.”