IoT
IoT
Government // Cybersecurity
News
3/29/2016
10:05 AM
50%
50%

FBI Cracks iPhone Encryption Without Apple, Drops Court Case

The FBI vacated its court order against Apple March 28, saying it had successfully accessed an encrypted iPhone without Apple's help.

 Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
(Click image for larger view and slideshow.)

The US government filed a status report March 28 saying it "no longer requires the assistance from Apple" that was mandated by a Feb. 16 court order.

The New York Times first reported the filing Monday evening.

"The government has now successfully accessed the data stored on Farook's iPhone," the filing stated, referring to Syed Farook, the San Bernardino man who, with his wife, killed 14 people at an office holiday party Dec. 2.

Unlocking Farook's iPhone, which was found powered off in his car after a fatal chase with law enforcement, pitted the FBI and the US Justice Department against the world's most valuable public company; raised questions about the relationships between technology, privacy, security, and Americans' civil liberties; and became yet another issue to split the country down the middle.

NSA whistleblower Edward Snowden tweeted Monday night about the case:

The FBI put its case on hold March 21, a day before it was due in court with Apple, stating that "an outside party" had shown it a method that might unlock the iPhone without Apple's help. It added that testing was still required and it would provide a status report by April 5.

Among the more contentious elements of the case were that the FBI was asking Apple to both offer a way into Farook's iPhone and to create software that would allow it to access additional devices in the future, and that it was doing so under the All Writ's Act -- a gross misappropriation, Apple argued.

To be discovered are whether the FBI will disclose the method by which it accessed the iPhone so that Apple can fix it, and whether it will make that information classified.

(Image: AlexAndrews/iStockphoto)

(Image: AlexAndrews/iStockphoto)

"I would hope they would give that information to Apple so that it can patch any weaknesses," Esha Bhandari, an attorney with the American Civil Liberties Union, told The New York Times.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

The FBI had repeatedly stated that only Apple had the ability to access the device. Citing such remarks, The Wall Street Journal called the agency's credibility into question in a scathing editorial following the March 21 filing.

The Justice Department and FBI insist the encryption debate is critical to national security, and they're right. The problem is that -- amid another terror attack in the West -- they continue to supply more reasons to doubt their credibility and even basic competence.

The opinion piece went on to accuse the FBI of rushing into a legal war with "dubious theories," and to question why an organization that itself has been hacked should be trusted with what it has called Apple's "keys to the kingdom."

Further, it continued, the Justice Department "fibbed" by saying the case is about one phone.

Apple vice president and general counsel Bruce Sewell, in testimony before a House Committee hearing on the matter, said that FBI director James Comey "agreed that the FBI would likely use this precedent in other cases involving other phones," and that it would "absolutely plan to use this on over 175 phones."

Comey added, "We can all agree this is not about access to just one iPhone."

That point, in addition to the legal and ethical questions that have been raised, makes clear that the FBI accessing Farook's phone hardly means that the matter is over.

The FBI did not say in its filing who, or what organization, helped it access the iPhone, or whether it had yet uncovered any useful information.

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Compgenius44
50%
50%
Compgenius44,
User Rank: Apprentice
3/30/2016 | 8:35:40 PM
Apple IPhone exploit
Apparently there is an exploit in the IPhone's software. If the FBI has found someone or some company to exploit the IPhone's encryption, then our data will never be safe until that exploit is patched. That includes any transactions we make with our Apple Wallets. So I guess I will not be using my Apple wallet to do any transactions until it's patched.
Stephane Parent
50%
50%
Stephane Parent,
User Rank: Moderator
3/30/2016 | 1:01:53 PM
Re: PR Move
I guess we now know that CSI: Cyber is not based on a true FBI unit!
Banacek
100%
0%
Banacek,
User Rank: Ninja
3/30/2016 | 11:48:41 AM
One thing for sure
If there was no data worth mentioning on the phone, the FBI will never let us know anything about what they found "for national security reasons".

But you can be sure if there was anything on that phone, esp. anything dealing with another terror attack (say there's a text from someone saying "Yeah, and we're going to hit Brussels in March. We're holding up at 52 Main Strasse, Brussels. Don't tell anyone!") or they find something that they can, with 20/20 hindsight, link to any other "terror" group, we will hear about it over and over again. Probably through gov't leaks to certain media outlets at first. Or through to congress during meetings on banning encryption or something.
LeeB120
67%
33%
LeeB120,
User Rank: Strategist
3/29/2016 | 7:34:32 PM
Re: PR Move
They could have opened the case and accessed the chips directly to read off the data and then played with crypto until they had it decifered if they couldn't find any simpler way before.   I also believe this was nothing more than them trying to force all companies to create a backdoor for them so they could snoop at will.  Once they had managed to make Apple do it they would have applied it to every company out there possible and not just to cell phones either.  They would have tried to apply it to EVERYTHING. 

 
Whoopty
100%
0%
Whoopty,
User Rank: Ninja
3/29/2016 | 1:14:35 PM
PR Move
I do wonder if the FBI had the capability all along and it was pushing for A: a legal precedent to do it whenever it wanted and B: a PR move to try and turn the public against encryption by leveraging some of the hate people have for Apple. 

Kudos to Tim Cook for standing firm the whole time though. It forced the FBI to drop its whole campaign and backpedal so it doesn't look weak.
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of August 21, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.