Monday, February 22, 2016
FBI explains why it changed Apple ID password in iPhone unlock case
The FBI has released a press statement explaining its motivation for resetting the iCloud password in the San Bernardino iPhone backdoor/unlock case. It seems like a screw-up, which prevented Apple from extracting data from the phone via iCloud. However, the FBI says that the county did it, in collaboration with FBI, in order to gain access to the suspect’s iCloud account. It says it was able to successfully retrieve iCloud backups up to October 19th. However, the reason it wants Apple to create a backdoor into the locked iPhone is because it believes there is more data on the phone relevant to the case yet to be uncovered.
For unknown reasons, the iPhone did not backup anything to iCloud after 19th October. It is possible Syed Farook disabled the feature or the iPhone simply did not return to a known WiFi network whilst being plugged in. It is not known if a later iCloud backup would have yielded more information.
Here’s a direct quote from the FBI statement, via Re/code, explaining that the government wants Apple to create a backdoor so that it can perform data extraction on the iPhone itself, which it knows from previous investigations will often contain more information than what an iCloud backup includes.
Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance as required by the All Writs Act order, since the iCloud backup does not contain everything on an iPhone. As the government’s pleadings state, the government’s objective was, and still is, to extract as much evidence as possible from the phone.
Apple has been given additional time to respond to the FBI order, with the deadline set for next Friday in a week’s time. Apple is expected to formally reject the motion in court, given its hard stance expressed in an open letter by Tim Cook last week.
In the case, the FBI has asked Apple to create a special version of the iPhone operating system which removes certain passcode-related features to enable brute-force attack on the PIN code. The FBI wants Apple to create custom firmware that will allow an unlimited number of PIN attempts without the usual hour-long delays between incorrect passcode entries. The iPhone used by the attacker is an iPhone 5c. so it lacks a fingerprint sensor and other security features enabled by the Secure Enclave of later iPhone models. However, Apple has said the same techniques the FBI wants it to deploy could apply to newer iPhones too.
Apple continues to receive support by other companies and individuals regarding its fierce privacy-focused stance. Billionaire Mark Cuban said Apple deserves a standing ovation for fighting the FBI’s encryption backdoor efforts. Smartphone manufacturer Huawei also piped up (A Chinese smartphone manufacturer), saying privacy is very important but shied away from openly indicating it would stand up to government in a similar situation.
“Tim Cook spoke up for that (privacy) … for us it is really very important,” Yu said. “I think it’s good letting the government understand why we cannot do some things. There are some things we can do, but there are some things we cannot do.” Asked directly if Huawei would take the same approach in similar circumstances, Yu said Huawei would “insist on the important things for consumers”.
It’s also worth considering the voice of the victims of the San Bernardino shootings, where 12 people were killed. Carole Adams, who lost her son in the attack, has openly stated that she stands with Apple’s point of view on constitutional grounds:
“This is what makes America great to begin with, that we abide by a constitution that gives us the right of privacy, the right to bear arms, and the right to vote.”