New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

FBI Insists Apple Cooperate Despite Resetting iCloud Password on Shooter's iPhone

iPhone-PasscodeThe U.S. Federal Bureau of Investigation has confirmed that it worked with San Bernardino County government officials to reset the iCloud account password on an iPhone belonging to suspected terrorist Syed Farook, according to a press statement obtained by Re/code.

Apple told reporters on Friday that the Apple ID password associated with Farook's iPhone was changed "less than 24 hours" after being in government hands. Had the password not been altered, Apple believes the backup information the government is asking for could have been accessible to Apple engineers.

Nevertheless, the FBI insists that the iCloud password reset does not impact Apple's ability to comply with a court order demanding it create a modified iOS version that allows authorities to unlock the shooter's iPhone 5c by way of a brute-force attack.

The FBI further stated that "direct data extraction from an iOS device often provides more data than an iCloud backup contains," and said investigators may be able to extract more evidence from the shooter's iPhone with Apple's assistance. Tim Cook and company, however, have thus far refused to cooperate.
Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance as required by the All Writs Act order, since the iCloud backup does not contain everything on an iPhone. As the government’s pleadings state, the government’s objective was, and still is, to extract as much evidence as possible from the phone.
Cook shared an open letter on Wednesday stating that while Apple is "shocked and outraged" by the San Bernardino attacks last December, and presumes "the FBI's intentions are good," the company strongly believes that building a "backdoor" for U.S. government officials would be "too dangerous to create."

The White House later denied that the FBI is asking Apple to "create a new backdoor to its products," but rather seeking access to a single iPhone. On Friday, the U.S. Department of Justice called Apple's opposition a "marketing strategy" in a motion filed to compel Apple to comply with the original court order.

The dispute between Apple and the FBI has ignited a widespread debate over the past six days. Google, Facebook, and Twitter have publicly backed Apple, and some campaigners have rallied to support the company, while U.S. presidential candidate Donald Trump and some San Bernardino victims have sided with the FBI.

Apple now has until February 26 to file its first legal arguments against the court order.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.



Top Rated Comments

(View all)

22 weeks ago
You know, one could easily see this as the FBI trying to get into everyone's phones, but it's also making them look really incompetent.
Rating: 46 Votes
22 weeks ago
"No, but we really, REALLY want you to compromise the security of all your devices to satisfy this one whim. Just this one timeeee... We promiseee."

In spite of my disagreement with this guy on a lot of issues, Tim has been absolutely heroic in this issue of privacy. Just fantastic.
Rating: 42 Votes
22 weeks ago
If FBI wins, the world will irreversibly lose its privacy.

If Apple wins, we live to fight another day.

Freedom isn't cheap nor easy.
Rating: 22 Votes
22 weeks ago

So is Apple sitting hard on the key, or is there simply no key? The former would indicate Apple is, as accused, using this as an opportunity to generate warm fuzzies from its customers. The latter would be more palatable, to me anyway.

As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys. But if they won't decrypt this phone because they genuinely can't, wouldn't that be a better argument to the Feds?



Quick recap / summary:

1. Apple does NOT have any "key" to give the FBI or anyone else.
2. The FBI is not asking for a "key", but instead for a special firmware build which will allow them to try each of the 10,000 4-digit passcodes for the device without either activating the soft-lockout (after I think 9 attempts it takes an hour between allowed attempts) or the 10th-failure-data-wipe feature which may or may not be on on the device.
3. Such a firmware build would have to be signed by Apple, and would allow intrusion on any existing iPhone in physical custody.
4. The warrant asks that the specific build be tied to this specific phone, but it is unlikely that this serial-number lock could be engineered as tamper-proof.
5. Finally, if Apple establishes precedent here, that precedent will be applied by various countries around the world (and rumor is that significant pressure to do exactly this has previously been applied by China, and that giving in to the FBI will lead directly to Apple being required to do the same for China as a cost of doing business in that country).

Also: White House Petition to Side With Apple in FBI Fight ('https://petitions.whitehouse.gov/petition/apple-privacy-petition')
Rating: 14 Votes
22 weeks ago
I love how the FBI now "has confirmed that it worked with San Bernardino County government officials to reset the iCloud account password" after the County defended itself by tweeting that FBI actually told them to do it.

The FBI made it look like the County were a bunch of buffoons and reset the password.
The County tweeted that the FBI told them to do it.
Now the FBI implies, "ok, it was joint effort"

Just sounds like the FBI is trying to cover up any wrong doing or mistakes by blaming others (throwing anyone under bus even if they try to help)

.
Rating: 12 Votes
22 weeks ago

But they know how the internals work. So they would have the best chance at breaking it.

That's not how their encryption works. It was intentionally made so they couldn't ...
Rating: 10 Votes
22 weeks ago


As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys.

Isn't that the whole point?

Otherwise... security that can be broken isn't really secure ;)
Rating: 10 Votes
22 weeks ago

So is Apple sitting hard on the key, or is there simply no key? The former would indicate Apple is, as accused, using this as an opportunity to generate warm fuzzies from its customers. The latter would be more palatable, to me anyway.

As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys. But if they won't decrypt this phone because they genuinely can't, wouldn't that be a better argument to the Feds?

They don't have a key. What the FBI wants Apple to do is to write a custom version of iOS that ignores some of the security features and makes a brute force attack feasible.
Rating: 10 Votes
22 weeks ago
"Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple's assistance as required by the All Writs Act order..."
Using weasel words such as "might be" really weakens any government arguments for help from Apple.
Rating: 10 Votes
22 weeks ago

As a megacorp, I've always found it rather unbelievable that Apple doesn't have the ability to crack it's own keys.


The best kind of security is one you can show every aspect (code, mathematical theory, etc.) to everyone, friends and enemies, and everyone agrees, they can't break it. This is why Open Source is so powerful in the area of security: there is no false sense of security through obscurity.

Apple can't break the encryption because they didn't make the encryption. They specifically picked one they can't break. The FBI knows this. They aren't asking Apple to crack encryption. They are asking for a way to circumvent the secure enclave chip that will wipe the phone after 10 failed attempts at guessing the code. There's only 1 million codes to try, if they could try them one every 2 seconds, worst possible case, they would have the code in 23 days.
Rating: 9 Votes

[ Read All Comments ]