A $10 million lab has been created in New York by the district attorney of Manhattan to break into iPhones and iPads. The lab houses technology experts who use state-of-the-art equipment to try and break into smartphones used by criminals.
Fast Company has published a profile of the cyber lab built by the district attorney of Manhattan, Cyrus Vance Jr. The lab was built to compete against the encryption efforts by technology giants like Apple and Google, who implemented stronger security measures on their platforms. The lab has specialized hardware to repair damaged devices and even a supercomputer to generate passcodes to be used for brute force attacks.
Proprietary software provides prosecutors with real-time information about each smartphone in their possession, which can be removed from the radiofrequency-shielded room using Ramsey boxes—miniaturized versions of the isolation chamber that allow technicians to manipulate the devices safely. In other corners of the lab are a supercomputer that can generate 26 million random passcodes per second, a robot that can remove a memory chip without using heat, and specialized tools that can repair even severely damaged devices.
As per Vance, Apple used to happily provide data from iPhones before September 2014. But things changed ever since Edward Snowden exposed the surveillance program operated by the United States National Security Agency, also known as the NSA. Edward had revealed that Apple, Google, Microsoft, and Facebook participate in the surveillance program by providing direct access to their servers to the NSA. This was denied by Apple and it double-downed its encryption efforts next year with iOS 8, and started encrypting iPhones with passcodes. The company also introduced longer passcodes, and limits to how many times a passcode could be entered per second. This time would increase exponentially with every wrong entry, which made it almost impossible to brute force into an iPhone.
Awareness of smartphone security has also increased. As per Moran, director of the High Technology Analysis Unit, the number of locked smartphones that come in for investigation has changed from 52% five years ago, to 82% now.
Although Apple provides iCloud backups for investigation, which are not end-to-end encrypted, it sometimes is not enough. It usually does not include the latest backup from the time of the incident, which causes difficulties in investigation. The latest communications, GPS coordinates and other important information is usually missing from such backups. Automated iCloud backups usually take place at night when the iOS device is connected to WiFi and plugged in for charging.
Not all investigations result in charging criminals. Many wrongly accused suspects have been exonerated because of the data and evidence extracted from their smartphones. These are the kind of examples that are used by Vance to try and convince the CEOs of Apple and Google, as well as the Congress, to legislate a "compromise" against encryption. Vance somehow also believes that Apple has a backdoor for iOS, even though the company refuses to create one.
Despite the security measures put into place by Apple, devices like Jeff Bezos' iPhone X have fallen to hacks. Even the FBI unlocked an iPhone 11 and an iPhone 11 Pro Max, without Apple's help. United States President Donald Trump has been pressurizing Apple to help with iPhone unlocks, especially for the Florida shooting case, where the FBI has been unsuccessful.
This cat and mouse game between law enforcement and tech companies will not end anytime soon. Each time Apple and Google release software updates, they make it even more difficult for law enforcement agencies to crack into iPhones and Android smartphones and conduct investigations. The tech companies rightfully believe that creating backdoors will compromise the security of everyone. Including those who ask for the backdoor.