Apple has to learn how its iPhone was cracked

Now that the US government has cracked open an iPhone that belonged to a gunman in the San Bernardino, California, mass shooting without Apple's help, the tech company is under pressure to find and fix the flaw.

But, unlike other cases where security vulnerabilities have cropped up, Apple may face a higher set of hurdles in ferreting out and repairing the particular iPhone hole that the government hacked.

The challenges start with the lack of information about the method that the law enforcement authorities, with the aid of a third party, used to break into the iPhone of Syed Rizwan Farook, an attacker in the San Bernardino rampage last year. Federal officials have refused to identify the person, or organisation, who helped crack the device, and have declined to specify the procedure used to open the iPhone. Apple also cannot obtain the device to reverse-engineer the problem, the way it would in other hacking situations.

The situation is in many ways a continuation of the cat-and-mouse game Apple is constantly engaged in with hackers, but the unusually prominent nature of this hacking - and the fact that the hacker was the United States government - creates a predicament for the company.

"Apple is a business and it has to earn the trust of its customers," said Jay Kaplan, chief executive of the tech security company Synack and a former National Security Agency analyst. "It needs to be perceived as having something that can fix this vulnerability as soon as possible."

Apple referred to a statement it made on Monday when the government filed to drop its case demanding that the company help it open Farook's iPhone. "We will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated," Apple said.

Apple has been making many long-term moves to increase the security of its devices. The company's Chief Executive Timothy D Cook has told colleagues that he stands by Apple's road map to encrypt everything stored on its devices and services, as well as information stored in Apple's cloud service iCloud, which customers use to back up the data on their mobile devices. Apple engineers have also begun developing new security measures that would make it tougher for the government to open a locked iPhone. For now, with the dearth of information about the flaw in Farook's iPhone 5C, which runs Apple's iOS 9 operating system, security experts could only guess at how the government broke into the smartphone.

Forensics experts said the government might have attacked Apple's system using a widely discussed method to extract information from a protected area in the phone by removing a chip and fooling a mechanism that blocks password guessing, in order to find the user's password and unlock the data.

The authorities may have used a procedure that mirrors the phone's storage chip, called a NAND chip, and then copied it onto another chip. Often referred to as "NAND-mirroring," this would allow the Federal Bureau of Investigation (FBI) to replace the original NAND chip with one that has a copy of that content.

©2016 The New York Times News Service