Encryption

FBI Allegedly Cracks Terrorist's Phone, Ending Fight with Apple (for Now)

The Senate is still interested in legislation that could weaken everybody's security.

|

Apple
Credit: Andrew* / photo on flickr

It appears as though a major court battle over whether the federal government can force Apple to weaken its iPhone security in order to assist in data gathering is not going to happen. That doesn't, however, mean this larger conflict is remotely over.

The FBI had gone to the courts to try to use the All Writs Act to force Apple to help it weaken the security of the work iPhone of Syed Farook, one of the terrorists who launched the deadly attack in San Bernardino, California. Apple resisted on the grounds that it wasn't possible to weaken the security on just one phone—doing so would weaken the security on everybody's phones.

The FBI asked for a delay on the court fight last week because it may have figured out a way to break the iPhone's encryption on its own. Today the Department of Justice announced they have succeeded in getting into Farook's phone with the help of a third party. Apple's help is no longer needed. From CNN:

A law enforcement official, speaking to reporters on condition of anonymity, would not reveal how it pulled off this hack, but he said the method only works on this particular model, an iPhone 5C running a version of iOS 9 software. He said it was "premature" to say whether this method works on other devices.

He would not name the "third party" that helped the FBI. And he refused to say whether the FBI will disclose this hacking method to Apple so the company can protect future phones from being hacked this way.

Normally, in a situation like this, the FBI must hold a high-level meeting with the president's National Security Council to discuss whether to tip off Apple about the hacking method, according to a senior Obama administration official. Hacks are only possible through vulnerabilities in technology, and the same method used by the FBI could be used by foreign governments to hack Americans' iPhones.

The FBI should have that discussion immediately, said Ross Schulman, senior policy counsel at the Open Technology Institute, a think tank.

Even though this particular fight is ending, the battle over encryption bypasses or "back doors" upon command by the federal government is far from over. Members of the Senate Intelligence Committee are currently drafting legislation that might require tech companies in some fashion to provide access through their own encryption. We don't know the final text as yet, but it would apparently authorize judges to order tech companies to do exactly what happened in this Apple case. Specifically giving judges authority to demand assistance would avoid a fight over the limits of the All Writs Act.

If you don't know why this sort of cooperation is bad, here's how encryption is important to everyday joes and the potential consequences of "back doors."