It has been widely speculated that the method used by the FBI to access the San Bernardino iPhone might not work with phones that have the Secure Enclave, and this has now been effectively confirmed. FBI director James Comey told CNN that the method doesn’t work with the latest iPhones.
The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5S.
This fact also lends support to the main theory about how the hack was performed …
The White House will not be supporting draft legislation that would allow courts to force tech companies like Apple to help law enforcement hack into encrypted devices, reports Reuters.
The Senate Intelligence Committee in February announced plans to impose criminal penalties on companies that fail to comply with court orders like the one challenged by Apple and finally withdrawn by the FBI. Remarks by President Obama last month appeared to suggest he would support the proposed legislation, but it now appears this isn’t the case …
Just over a week ago, the FBI revealed that it had successfully unlocked the iPhone 5c used by one of the San Bernardino gunmen without the help of Apple. To this day, the FBI has not publicly disclosed the method it used to gain access, and it’s unclear if it ever will. The National Journal, however, reports today that the FBI has been briefing members of the Senate on how it was able to gain access to the locked iPhone.
Many were skeptical that the work iPhone at the centre of the San Bernardino controversy would prove in any way useful to the FBI given that the shooters left it untouched while destroying their personal phones, and so far that skepticism seems justified. Despite having had access to all the data on the phone for more than a week, the FBI has apparently not yet found anything of value.
The American Civil Liberties Union has accused the FBI of gambling with cybersecurity by failing to disclose to Apple the method used to access the San Bernardino iPhone, reports the WSJ.
Chris Soghoian, principal technologist at the ACLU, said the FBI is facing “a million-dollar question, and really what it comes down to is, does the FBI prioritize its own surveillance needs, or does it prioritize cybersecurity.’’
The longer the FBI keeps the security flaw to itself, he said, “the more they are gambling that no other entity will discover this flaw.’’
A former FBI official said that the agency’s decision on whether or not to reveal the method would likely depend on how many iPhone models it is able to unlock …
In this episode, Zac and Benjamin discuss the new Apple Watch bands, the conclusion to Apple’s FBI standoff, iOS quality control, and much more. The Happy Hour podcast is available for download on iTunes and through our dedicated RSS feed.
See italicised updates below, with statements from both the Department of Justice and Apple.
The battle between the FBI and Apple over accessing a work phone used by one of the San Bernardino terrorists started as headline news and ended in a rather anti-climactic fashion.
While the FBI has successfully accessed the data on the iPhone 5c in the San Bernardino shootings, and the court battle is over for now, the government says that it may not accede to Apple’s demand to be told the method used.
The White House said back in 2014 that the government would consider the pros and cons of disclosing vulnerabilities discovered by its various law enforcement agencies. ArsTechnica asked whether the FBI would reveal the method used in this case, and was told that it wasn’t saying one way or the other …
Update: A source close to Microsoft tells me the software – which is not yet complete – will be used only by public sector agencies. No information was provided as to how the software differs from the standard Chinese version of Windows 10.
While Apple has strongly resisted building a special ‘GovtOS’ to provide the U.S. government with access to iOS devices, it appears that Microsoft has no such qualms. TechInAsia reports that Microsoft has created a special version of Windows 10 for China, called Windows 10 Zhuangongban, which includes “more management and security controls.”
Cellebrite, the mobile forensics company reportedly assisting the FBI to extract data from the iPhone in the San Bernardino case, has written a white paper noting that extracting the data is only part of the challenge. If law enforcement agencies are to be able to obtain convictions on the basis of that data, there are a lot of questions that have to be answered.
Just as it is for physical evidence, the admissibility of digital evidence depends on good handling procedures throughout the entire chain of custody. Each link on the chain is responsible for the proper preservation, collection, and documentation practices that demonstrate the evidence is as close as possible to its original state.
When evaluating whether a tool is forensically sound – whether its use can certify that evidence remains unchanged and that the resulting report is a true and accurate representation of what exists on the evidence device – here are four questions to ask:
Is it a tested theory or tool?
Has it been independently peer reviewed?
Will its use support both fact and expert witness trial testimony?
Is it generally accepted within the forensic community?
At face value, it would seem that any compromised version of iOS that Apple was forced to create for the FBI would fail at least three of the four tests …
Adding to a report from VentureBeat earlier this week, today’s report offers more details on what Apple is doing with“Project McQueen” that could see the company replacing third-party vendors with more of its own cloud infrastructure. The Information reports that Project McQueen is actually just one of at least six internal efforts at Apple including building its own servers, networking equipment, and “systems that could one day help developers to power their apps.”
Israeili YNetNews reports that the so-far unnamed “third party” which has offered to help the FBI try to break into the San Bernardino iPhone is Cellebrite, a mobile forensics company based in Israel.
The FBI has been reportedly using the services of the Israeli-based company Cellebrite in its effort to break the protection on a terrorist’s locked iPhone, according to experts in the field familiar with the case. Cellebrite has not responded to the report. But if it is indeed the “third party” in question, and it is able to break into the terrorist’s iPhone, it would bring the high-stakes legal showdown between the government and Apple to an abrupt end. Cellebrite, considered one of the leading companies in the world in the field of digital forensics, has been working with the world’s biggest intelligence, defense and law enforcement authorities for many years. The company provides the FBI with decryption technology as part of a contract signed with the bureau in 2013.
Cellebrite declined to comment officially, and no information was given as to the method the company plans to use. One unlikely source claims to know …
Update #2: Apple has responded to the latest filing from the Department of Justice saying that if the government is unable to succeed in unlocking the device on its own, Apple will demand to know everything about the method by which it tried.
Update: The judge has granted the DOJ’s motion to vacate the hearing.
Apple was set to face off against the FBI in court tomorrow regarding its refusal to unlock the iPhone 5c used by one of the San Bernardino gunmen. Now, however, the government has moved to vacate tomorrow’s hearing, saying that it has found an outside method with which to unlock the iPhone.
It’s March 21st, the day of Apple’s March 2016 media event. As we’ve been reporting over the past several months, Apple is set to debut a new 4-inch smartphone called the iPhone SE, a 9.7-inch version of the iPad Pro, and new Apple Watch bands. You can read our extensive roundup to see all of our expectations. It is still to be seen if Apple CEO Tim Cook takes the stage to discuss the Apple/FBI case, which goes to court tomorrow morning. In this News Hub, we will be live blogging all of the major announcements and highlighting all of our site-wide coverage of the event. The event begins at 10 AM Pacific Time/1 PM Eastern Time, but we’ll be updating this post with the latest details before the event as well.
A detailed behind-the-scenes look by Bloomberg at the showdown between Apple and the FBI details how it had been on the cards for years before the San Bernardino shootings. Among the details revealed are that Apple provided the FBI with early access to iOS 8 so that the agency could understand the impacts ahead of its introduction.
The government’s concern about Apple’s increasing use of strong encryption dates back to 2010, said one source.
Long before iOS 8 was launched, U.S. law enforcement and intelligence agencies had fretted about Apple’s encryption, according to a person familiar with the matter. In 2010, the company introduced the video-calling app FaceTime. It encrypted conversations between users. The following year, the iMessage texting application arrived; it, too, featured encryption. While neither of these developments caused a public stir, the U.S. government was now aware how much of a premium Apple put on privacy.
It was around this time, says the piece, that the FBI started pushing the White House to introduce new legislation which would guarantee law enforcement access to data on smartphones and other devices. These attempts were reportedly abandoned when the Snowden revelations changed the public mood …
The Department of Justice surprised Apple attorneys this week by reportedly placing a last-minute request to make the March 22nd hearing on the San Bernardino case an evidentiary hearing. The hearing change will allow for witness cross-examination based on previous court declarations, and each side will be allowed to question their own witnesses.
In the ongoing controversy over Apple’s refusal of the FBI’s request to assist in unlocking the iPhone of the San Bernardino gunman, The New York Times reports Apple engineers could refuse the work necessary even if Apple as a company decides to cooperate with authorities.
Citing “more than a half-dozen current and former Apple employees,” the report claims there is already an internal discussion over engineers possibly refusing to do the necessary work or even quitting:
Apple CEO Tim Cook has gotten his first solo appearance on the cover of TIME magazine today, with the publication printing a lengthy interview with Cook about Apple’s fight with the FBI over iPhone encryption backdoors. The full transcript of the interview is available on TIME’s website.
Cook says he is uncomfortable fighting the government, but Apple is fighting willingly for what it believes are civil liberties. Although interesting, the piece largely repeats the same arguments Apple has been touting for the last few weeks on the right to privacy, freedom of speech in iOS code and more.
Harvard Law professor Susan Crawford and former special assistant to President Obama has written a blog post setting out the reason why she believes it is legally impossible for the FBI to win its case. The piece is entitled ‘The Law is Clear: The FBI Cannot Make Apple Rewrite its OS.’
While the FBI is relying on an extremely broad interpretation of the All Writs Act, Crawford points out that it is an accepted principle that specific laws take precedence over more general ones – and there is a specific law which outlaws what the FBI is asking for …
Fight for the Future, the protest group that organized demonstrations in support of Apple outside its retail stores, plans to hold a demonstration outside the next Apple/FBI court hearing on March 22nd. Re/code reports that the group has created a website inviting people to voice their support for secure iPhones, comments from which will be displayed outside the U.S. District Courthouse in Riverside, California.
The FBI wants to force Apple to weaken the security measures that keep all of us safe. This is misguided, and dangerous. On March 22, when Apple goes to court, we’ll display thousands of statements from Internet users outside the courthouse.
Fight for the Future has so far had mixed success with its protests …
The man responsible for leaking explicit photos of dozens of celebrities back in 2014 has been formally charged today. According to a post on the Department of Justice website, a man from Pennsylvania has been charged with felony computer hacking after obtaining access to Gmail and iCloud accounts of more than 100 different people, the majority of whom were celebrities.
The Apple/FBI iPhone encryption backdoor debate continues to ramp up, with an FBI filing late last week causing Apple SVP Bruce Sewell to describe the case as a smear campaign against the company. Apple and the FBI take the battle to the courts officially on March 22nd, the day after Apple’s spring media event.
Although the topic at hand is clearly important, where the government is asking Apple to make software to undermine the security of iPhones, the bureaucracy of court proceedings can make the (continuing) story pretty stale and laborious. In a Last Week Tonight segment, comedian Jon Oliver humorously presents the opposing arguments without losing the underlying factual basis.
The Apple and FBI controversy just barely makes it into our top stories again this week, but it’s overshadowed by Apple’s announcement of its upcoming March 21 iPhone SE event, a new OS X ransomware detected in the wild, the release of iOS 9.3 beta 6, and leaks related to the much anticipated iPhone 7.
