Inside The FBI's Encryption Battle With Apple

Uploaded on 2016-03-01 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

For months, the FBI searched for a compelling case that would force Apple to weaken iPhone security – and then the San Bernardino shooting happened

The next battle in the privacy wars erupted with a bang as a judge in California ruled on the 16th February 2016 that Apple must help the FBI bypass security features on an iPhone used by attackers in the San Bernardino shooting in December. Apple’s CEO Tim Cook responded with a letter saying that the government’s order presented a threat to data security and was tantamount to demanding that the company create a “backdoor” in its operating system.

The order does not oblige Apple to “break” its encryption standards, but the encrypted data on the phone is what the FBI is after. Specifically, the order asks Apple to help the government get around a feature that deletes the data if someone makes ten unsuccessful pass combination attempts. That would allow law enforcement to try millions of possible combos and get at that info.

Recently, the FBI called Apple’s headquarters in Cupertino, California, with a jarring message: the agency wanted Apple to help them hack an iPhone. Apple refused.

The request stepped up a level on 16 February when a federal magistrate ordered Apple to help the FBI unlock a single iPhone, the phone belonging to one of the killers in the December mass shooting in San Bernardino, California. Apple again refused.

But this carefully planned legal battle has been months in the making, as the government and Apple try to settle whether national security can dictate how Silicon Valley writes computer code.

Both sides expect the ensuing legal battle to have far-reaching implications that will touch on encryption, law enforcement, digital privacy and a 227-year-old law from America’s post-colonial days.

“The law operates on precedent, so the fundamental question here isn’t whether the FBI gets access to this particular phone,” said Julian Sanchez, a surveillance law expert at the libertarian-leaning Cato Institute in Washington. “It’s whether a catch-all law from 1789 can be used to effectively conscript technology companies into producing hacking tools and spyware for the government.”

The politics are tricky. Apple is popular and code is protected by America’s free-speech law. Privacy advocates planned to gather at Apple stores across the US in support of the iPhone maker.

Apple introduced enhanced encryption in 2014
Apple’s actions in this case require some context. In September 2014, Apple introduced new encryption into its iPhone operating system that would make it mathematically impossible for the company to unlock them for investigators. This was a departure from the past, when investigators could get access to a device if they sent it to Apple headquarters with a search warrant.

The shift was in response to increased digital privacy concerns and distrust of America’s digital spies following revelations from former National Security Agency contractor Edward Snowden.

In the meantime, Justice Department lawyers believed they had found another way into a locked iPhone. The All Writs Act, passed in 1789, gives judges broad authority to ensure their orders are fulfilled. Justice Department lawyers believed it would provide an underpinning for forcing companies to grant them access, sources said.

And then came San Bernardino

On 2 December a husband and wife opened fire on a local government office building in southern California. The FBI quickly said the two suspects, who both practiced Islam, had been “radicalized” and declared the incident a terrorist attack.

One of the suspects, Syed Farook, had worked for the county, which meant the government owned his iPhone 5C. With a search warrant, Apple provided the FBI data from weekly backups Farook made with Apple’s iCloud service. But those backups stopped on 19 October, according to a federal search warrant request.

FBI investigators believed there was more data about Farook’s motives in the phone but couldn’t get to it without unlocking the device. The phone’s contents were encrypted and Apple didn’t have the four-digit passcode. Modern iPhones also have an optional feature that will erase all data on the phone with 10 incorrect passcode entries. FBI agents weren’t willing to take the risk.

So FBI lawyers came up with a clever request for Apple: don’t turn off the encryption – just make it easier for agents to guess the password as many times as they wanted.

But Apple said that it would be impossible to limit the technology to this case. Once Apple built such an investigative tool, any iPhone’s security system – even the most modern ones – could be weakened by it, an Apple executive said. Dan Guido, co-founder of security analyst Trail of Bits, called such a system, “FBiOS”, a riff on Apple’s smartphone operating system iOS.

If the FBI succeeds, it could be a ‘troubling precedent’
To Justice Department officials, San Bernardino is a long-awaited test case. In October 2014, the FBI’s James Comey first told a Washington audience that encryption on mobile devices effectively left law enforcement “dark” to emerging threats. Ever since, officials believed it was only a matter of time until they came upon a case like the San Bernardino shootings: a device from a terrorist whose lock screen they couldn’t bypass by guesswork to get at the data held on the phone, and not in Apple’s iCloud.

Both sides are gaming out how far their legal strategies will go. Amid speculation that the case is sure to reach the Supreme Court, litigation is almost certain.

At a closed-door January meeting with national security officials in San Jose, Cook urged the Obama administration to make a public statement in support of strong encryption. That statement was never made. But Google chief executive Sundar Pichai posted several messages on Twitter backing Apple.

Giving law enforcement officials occasional access to user data is “wholly different than requiring companies to enable hacking of customer devices & data”. If the bureau succeeds, it “could be a troubling precedent”.

DefenseOne: http://bit.ly/1WNJz5o   
Guardian: http://bit.ly/1Qi2iWi

« Forget Trident & Welcome To Cyber Warfare
Belgian Government Plagued By Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Pyramid Computer

Pyramid Computer

Pyramid Computer provides custom enterprise solutions for Industrial PC, Imaging, Network, Security, POS, Indoor Positioning and Automation.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

VigiTrust

VigiTrust

VigiTrust is a security firm specializing in cloud based eLearning programs, security compliance portals and providing security assessments.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Very Good Security (VGS)

Very Good Security (VGS)

VGS is the modern approach to data security. Our SaaS solution gives you all the benefits of interacting with sensitive and regulated data without the liability of securing it.

Horiba Mira

Horiba Mira

Horiba Mira is a global provider of automotive engineering, research and test services including services and solutions for automotive cybersecurity.

oneM2M

oneM2M

oneM2M is a global organization creating a scalable and interoperable standard for communications of devices and services used in M2M applications and the Internet of Things.

European Healthcare Fraud & Corruption Network (EHFCN)

European Healthcare Fraud & Corruption Network (EHFCN)

EHFCN is the only organisation dedicated to combating fraud, corruption and waste in the healthcare sector across Europe.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Secure Forensics

Secure Forensics

Secure Forensics can assist in any situation that requires digital forensics or an investigation ranging from complex criminal matters to fraud and file tampering to cyber crime.

UK Cyber Cluster Collaboration (UKC3)

UK Cyber Cluster Collaboration (UKC3)

UKC3 has been launched to support Cyber Clusters and encourage greater collaboration across regions and nations of the UK.

Xobee Networks

Xobee Networks

Xobee Networks is a Managed Service Provider of innovative, cost-effective, and cutting-edge technology solutions in California.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

Castlepoint Systems

Castlepoint Systems

Castlepoint Systems is a pioneer in information governance, risk and compliance as a service. An all-in-one solution offering powerful risk management, built in compliance, cybersecurity and audit.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.