Even if the US government forces Apple to help break into the iPhone of San Bernardino shooter Syed Farook, the company reportedly has plans to design its new devices to prevent it from being technically capable of assisting the feds in future cases.
Unfortunately for Apple and its privacy-conscious customers, this change would only go so far in protecting companies from being forced to write software for the government if the company loses its case in court.
According to a report Wednesday night from the New York Times, the company's public spat with the FBI over encryption has accelerated efforts to improve its security even more. If you're just tuning in, Apple is currently resisting a court order that would force it to write new software that bypasses security features in iOS—specifically, mechanisms that wipe the device after 10 unsuccessful passcode entry attempts and introduce delays between each attempt. With those features removed, the FBI would be able to "brute force" the device by trying every possible passcode combination.
The court order in the San Bernardino case hinges on the government installing a special version of iOS through the iPhone's Device Firmware Upgrade (DFU) mode, a recovery mode that can be reached by pressing multiple buttons while turning the phone on.
If the government can conscript companies to make malicious updates, it would undermine the trust that underpins the software updates people regularly receive on their devices
The Times report suggests that Apple is now working on a feature that would require a passcode before installing any updates in that mode. That means that a government, cybercriminal, or other entity would be unable to install any software that could disable the device's protections, even if that software was written and signed by Apple itself. For the FBI and its long-standing campaign against strong encryption, it would mean going back to the drawing board.
There are actually several ways Apple could add the extra passcode protection with the firmware in its current devices, according to Jonathan Zdziarski, an iOS forensics expert. But the most comprehensive approach would be to build new hardware that changes how the system boots.
"For example if they encrypted the OS partition in the way I describe on my site then DFU wouldn't be able to mount the disk without the user passcode," Zdziarski told Motherboard in an email. "But if you're going to modify how DFU mode works at its lowest level then that's a boot ROM update."
In other words, Apple would lock itself out from modifying the phone's operating system and disabling security features by changing how the device boots at the hardware level. "Apple is said to be working on unhackable iPhone," is how CNET put it.