In a pair of interviews on RT and CNN, antivirus pioneer John McAfee implied that the Federal Bureau of Investigation should be able to hack the locked iPhone tied to the San Bernardino shooting suspect in as little as half an hour.
But his explanation for how the phone’s content can be accessed–by having a hardware engineer essentially extract the iPhone’s onboard software for a software expert to scour for the passcode used to access the phone–is at odds with ordinary security practices and Apple’s own description of its passcode features.
“What he is looking for is the first access to the keypad, because that is the first thing you do, when you input your [passcode],” McAfee told RT. “It’ll take half an hour. When you see that then he reads the instructions for where in memory this secret code is stored–it is that trivial–a half an hour.”
But for McAfee’s method to work, the iPhone’s passcode would have to be stored as unencrypted text on the device itself to be compared with what the user enters, which violates decades of digital security practices and is unnecessary for the iPhone to operate.
According to Apple’s security documents, the passcode entered by the user is combined with a device identifier to create a key used to encrypt and decrypt user data. A built-in time delay prevents an unauthorized user from trying too many passcodes too quickly, and too many bad passcode attempts will cause the phone to erase itself.
The FBI has argued that it needs Apple to create a modified version of the iPhone’s software to circumvent that limit and allow it to determine the alleged shooter’s passcode by brute force, effectively virtually trying each possible passcode until one unlocks the phone. Apple, along with privacy advocates including McAfee, argue that the modified software could be used by hackers to decrypt other iPhones as well, endangering iPhone users around the world.
“There has never been a single issue of a master key or a backdoor being placed in software that was not accessed within a matter of weeks by foreign agents or black hat hackers,” McAfee told CNN.
Apple is contesting a court order requiring it to enable the FBI to access the phone.
McAfee, who is currently seeking the Libertarian Party presidential nomination, told critics on YouTube that he simplified his description of the iPhone’s security to make it understandable to the press.
“I look like an idiot because I am speaking to idiots,” he wrote. “Can you imagine me explaining the A7 or A6 chip architecture, secure enclave co-processors, isolated memory, UIDs, etc. I did the only thing I could do–drag them, kicking and screaming into the early 1980s.”