steem

Tuesday, March 22, 2016

FBI might have way to unlock attacker’s iPhone without Apple

FBI might have way to unlock attacker’s iPhone without Apple


A much-anticipated court hearing on the federal government’s effort to force Apple Inc. to unlock the iPhone used by one of the shooters in the San Bernardino terror attack was abruptly vacated Monday after the FBI revealed it may have a way to access data without the company’s help.

Federal prosecutors made the surprising announcement on the eve of Tuesday’s hearing in U.S. District Court in Riverside, California. In court papers they said the FBI has been researching methods to access the data on Syed Rizwan Farook’s encrypted phone since obtaining it on Dec. 3, the day after the attack.

“An outside party” came forward over the weekend and showed the FBI a possible method, the government said in court papers requesting the hearing be postponed. Authorities need time to determine “whether it is a viable method that will not compromise data” on the phone.

If viable, “it should eliminate the need for the assistance from Apple,” according to the filing.

The government did not identify the third party or explain what the proposed method entailed.

Magistrate Judge Sheri Pym granted that request and ordered the government to file a status report by April 5. Pym also stayed her Feb. 16 order compelling Apple to create software that would disable security features on the phone, including one that erases all information if a passcode is incorrectly entered more than 10 times.

In a conference call with reporters, Apple attorneys said it’s premature to declare victory in the case because it’s possible that authorities could come back in a few weeks and insist they still need the company’s help. The attorneys spoke under an Apple policy that wouldn’t allow them to be quoted by name.

The company hopes the government will tell Apple about whatever method it uses to access the phone’s encrypted files. But the attorneys said it may be up to the FBI to decide whether to share the information.

The fact that a third party may have found a way into the phone without Apple’s help appears to contradict every sworn affidavit and filing put that the Justice Department has put forward in the last month. The government has argued in each of its filings that Apple’s help is necessary and that the company was the only entity that could provide investigators with what was needed.

FBI Director James Comey told the House Judiciary Committee in sworn testimony earlier this month that agency investigators had approached even the National Security Agency for help but did not have success.

Apple has previously said in court filings that the government did not exhaust all its options, and lawmakers have criticized the FBI for not doing more to try to crack the iPhone itself before seeking Apple’s help.

“To me, it suggests that either the FBI doesn’t understand the technology or they weren’t giving us the whole truth when they said there is no other possible way” of examining the phone without Apple’s help, said Alex Abdo, staff attorney for the American Civil Liberties Union. “Both of those are scary to me.”

The ACLU has filed a court brief supporting Apple’s position.

Robert Cattanach, a former U.S. Department of Justice attorney who handles cyber-security cases for the Dorsey & Whitney law firm, said the government would likely not have disclosed it had a lead on possibly unlocking the phone unless it was almost certain the method would work. That’s because the disclosure weakens the government’s case by introducing doubt that it could only access the phone with Apple’s help, he said.

“They’ve created ambiguity in a place where they’ve previously said there is none,” he said.

Prosecutors have argued that the phone used by Farook probably contains evidence of the Dec. 2 attack in which the county food inspector and his wife, Tashfeen Malik, slaughtered 14 at a holiday luncheon attended by many of his work colleagues. The two were killed in a police shootout hours later.

The FBI has said the couple was inspired by the Islamic State group. Investigators still are trying to piece together what happened and find out if there were collaborators.

The couple destroyed other phones they left behind, and the FBI has been unable to circumvent the passcode needed to unlock the iPhone, which is owned by San Bernardino County and was given to Farook for his job.

Apple has argued that the government was seeking “dangerous power” that exceeds the authority of the All Writs Act of 1789 it cited, and violates the company’s constitutional rights, harms the Apple brand and threatens the trust of its customers to protect their privacy. The 18th-century law has been used on other cases to require third parties to help law enforcement in investigations.

It’s not clear what method the government now wants to test. But even as the FBI has insisted that only Apple is able to provide the help it needs, some technical experts have argued there are other options.

The most viable method involves making a copy of the iPhone’s flash memory drive, said Jonathan Zdziarski, a computer expert who specializes in iPhone forensics. That would allow investigators to make multiple tries at guessing the iPhone’s passcode. A security feature in the phone is designed to automatically erase the data if someone makes 10 wrong guesses in a row.

But if that happens, Zdziarski said, investigators could theoretically restore the data from the backup copy they have created.

No comments:

Post a Comment