No matter where you come down on the Apple / FBI debate — should we potentially sacrifice privacy when national security is concerned? — there is one thing that is clear: it’s really hard to hack an iPhone. Given the security measures Apple has in place, the FBI may never hack an iPhone even with a “backdoor” from Apple.
The FBI wants to initiate a “brute force” attack on the iPhone of the San Bernardino shooter. It would use a computer to generate and test all the possible combinations of the iPhone’s password until it gets in. Depending on the composition of the password, that could take as little as 13 minutes and as long as a lifetime. But there’s a problem. The iPhone in question will brick itself after 10 failed attempts. That’s the backdoor the FBI wants — a firmware update to allow for unlimited tries without any slowdowns (after six failed attempts the phone will lock out a user for increasing amounts of time).
If the password is only 4-digits, a backdoor could get the FBI access in 13 minutes. Four digits can be arranged into 10,000 unique passwords, and if each attempt takes 80 milliseconds to process (according to Apple), then the FBI could get access in no time. But the fear is that the iPhone has a much more sophisticated password, exponentially increasing the time a brute force attack would take. If it’s 6-digits, the wait grows to 22 minutes, if it’s a combination of six numbers and lowercase letters, it’s five and a half years. Change some of those letters to uppercase and the FBI could spend 144 years trying to hack a single phone, despite Apple’s help. iPhones also allow for custom passwords twice as long.
So should Apple help the FBI? It may not matter logistically in the long run, but it will ethically. What do you think? Are you changing your password from “123456” right now? You should.