A U.S. magistrate judge ordered Apple on Tuesday to help the FBI search an iPhone belonging to the man behind the recent mass shooting in San Bernardino, California.
In early December 2015, U.S. citizen Syed Rizwan Farook and his Pakistani wife Tashfeen Malik stormed an event at Farook’s workplace and shot 14 people dead. The couple were killed in a shootout with police hours later.
The incident, classified as a terrorist attack, is being investigated, but there still are some missing pieces of the puzzle, some of which authorities hope to find on Farook’s iPhone 5C running iOS 9. The FBI has failed to hack the shooter’s phone on its own, and it has now convinced a judge to order Apple to assist its agents with accomplishing the task.
More precisely, the judge has ordered Apple to help bypass or disable the “Erase Data” function that makes iOS devices erase all data stored on them after 10 failed passcode attempts. The tech giant must also assist law enforcement in accessing the device either via Bluetooth, Wi-Fi or its physical port.
Finally, Apple must somehow disable the delays between password entry attempts, which indicates that the FBI is trying to brute-force Farook’s password. The task might not be very difficult considering that many users set weak passwords that can be easily guessed.
The FBI has some recommendations regarding the methods that can be used, but the judge told Apple that it can use other means to comply with the order. Apple can charge the government a “reasonable” amount of money for its services, the judge said.
The company has five days to appeal the court order.
Authorities in the United States and elsewhere have been complaining that the encryption and security features integrated by tech companies into their products are making it difficult for them to investigate crimes and national security threats.
“In San Bernardino, a very important investigation to us, we still have one of those killers' phones that we've not been able to open. It's been over two months now and we're still working on it,” FBI Director James Comey said last week.
With the launch of iOS 8 in September 2014, Apple introduced a feature that encrypts all the data on a user’s device when a passcode is set. The company said at the time that it could no longer assist law enforcement in accessing data stored on devices because it does not hold the decryption keys.
However, iOS forensics expert Jonathan Zdziarski noted shortly after Apple’s announcement that law enforcement could still access the data stored on iPhones even without the vendor’s help.
Zdziarski and cryptography expert Matthew Green now believe Apple can help the FBI access Farook’s phone.
It’s technically possible for Apple to hack a device’s PIN, wipe, and other functions. Question is can they be legally forced to hack.
— Jonathan Ździarski (@JZdziarski) February 17, 2016
Stuff like the ten-attempt limit and throttling delays are probably all enforced by software and Apple can almost certainly turn them off.
— Matthew Green (@matthew_d_green) February 17, 2016
Apple recently told a federal magistrate judge in New York that it’s impossible to access data stored on devices running iOS 8 or higher, which, according to the company, represents 90 percent of its devices.
Response from Apple
In a message to customers, Apple CEO Tim Cook revealed that the company has been helping the FBI with its investigation into the San Bernardino case. However, the tech giant cannot comply with the FBI’s request to create what the company sees as a “backdoor to the iPhone.”
“The FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession,” Cook said.
“The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control,” he added.
Apple’s CEO believes that complying with the FBI’s request would set a dangerous precedent, which is why the company is determined to fight the order.
“While we believe the FBI’s intentions are good, it would be wrong for the government to force us to build a backdoor into our products. And ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect,” Cook said.
Encryption Backdoor Debate
While US authorities have been trying to get tech companies to add backdoors to their encryption products to aid their investigations, a recent study has found that mandatory encryption backdoors would be futile due to the global nature of the encryption market.
An analysis revealed that there are more than 500 hardware and software encryption products available from countries outside the U.S. Forcing companies to place backdoors would be inefficient because malicious actors can easily switch to non-backdoored products.
"Many people have the mistaken impression that if Apple and other mobile OS providers are forced to build-in backdoors, then suddenly law enforcement officials will have a magical and lasting backdoor to all encrypted information," John Gunn, VP of Communications at VASCO Data Security, told SecurityWeek. "In reality, if backdoors are built-in, then two things will happen: criminals will still keep their secrets using any one of the more one hundred third-party encryption products, and average citizens will be left more vulnerable to criminal and state-sponsored hacking."