Common software would have let FBI unlock shooter's iPhone

February 21, 2016 by Tami Abdollah And Bree Fowler
Common software would have let FBI unlock shooter's iPhone
An iPhone is seen in Washington, Wednesday, Feb. 17, 2016. The San Bernardino County-owned iPhone at the center of an unfolding high-profile legal battle between Apple Inc. and the U.S. government lacked a device management feature bought by the county that, if installed, would have allowed investigators easy and immediate access. (AP Photo/Carolyn Kaster)

The county government that owned the iPhone in a high-profile legal battle between Apple Inc. and the Justice Department paid for but never installed a feature that would have allowed the FBI to easily and immediately unlock the phone as part of the terrorism investigation into the shootings that killed 14 people in San Bernardino, California.

If the technology, known as mobile device management, had been installed, San Bernardino officials would have been able to remotely unlock the iPhone for the FBI without the theatrics of a court battle that is now pitting digital privacy rights against national security concerns.

The service costs $4 per month per phone.

Instead, the only person who knew the unlocking passcode for the phone is the dead gunman, Syed Farook, who worked as an inspector in the county's public health department.

The iPhone assigned to Farook also lacked a Touch ID feature, meaning the FBI cannot use the dead gunman's thumbprint to unlock it now. The FBI found the phone in a car after the shootings.

A U.S. magistrate last week ordered Apple to provide the FBI with highly specialized software that could be loaded onto the work-issued iPhone 5C used by Farook. He died with his wife in a gun battle with police after killing 14 people in December.

The software would help the FBI hack into the phone by bypassing a security time delay and feature that erases all data after 10 consecutive, unsuccessful attempts to guess the unlocking passcode. This would allow the FBI to use technology to rapidly and repeatedly test numbers in what's known as a brute force attack.

An Apple iPhone 6s Plus smartphone is displayed Friday, Sept. 25, 2015 at the Apple store at The Grove in Los Angeles. On Wednesday, Feb. 17, 2016, a federal judge ordered Apple Inc. to help the FBI hack into an encrypted iPhone used by Syed Farook, who along with his wife, Tashfeen Malik, killed 14 people in December in the worst terror attack on U.S. soil since Sept. 11, 2001. Apple has helped the government before in this and previous cases, but this time Apple CEO Tim Cook said no and Apple is appealing the order. (AP Photo/Ringo H.W. Chiu)

The FBI said it wants to determine whether Farook had used his phone to communicate with others about the attack.

Apple has said it will protest the ruling and has until Friday to intervene in court.

San Bernardino had an existing contract with a technology provider, MobileIron Inc., but did not install it on any inspectors' iPhones, county spokesman David Wert said. There is no countywide policy on the matter and departments make their own decisions, he said.

Wert disputed the value of the remote management technology because he said Farook—or any other county employee—could have removed it manually. That would have alerted county technology employees and led them to intervene.

In many offices and classrooms, officially issued smartphones include the installed management software. It can unlock the phone, delete all information in case of loss or theft, track the device's physical location, determine which apps are installed, check battery life and push software updates. The technology is intended to make such products more suitable in corporate environments, where tighter controls are important to protect company secrets.

"This is the business case" for mobile device management, said John Dickson, a principal at Denim Group Ltd., a security consultancy. "The organization simply has no control or influence or anything over the device unless they have some MDM authority. The ability to do remote air updates, the ability to do remote wipe, the ability to control certain settings. Those are the standard kinds of things you do in mobile device management."

Dickson said "the big question now going forward, it builds the case for, is why this guy would have an essentially uncontrolled device."

This is the first time since the county issued its first Blackberry device in 2003 that law enforcement has needed access to a locked county-owned phone, Wert said. Prosecutors said in court filings that the county gave its consent to search the device. County policy said digital devices can be searched at any time and Farook signed such an agreement.

Apple executives said Friday that the company had worked hard to help federal investigators get information off the locked iPhone, suggesting they use an iCloud workaround while the phone was connected to a familiar wireless network so that it would begin automatically backing up and provide access to data. The executives spoke on condition of anonymity because of the ongoing legal process.

The executives said Apple sent engineers to work with the FBI on the workaround but the effort ultimately failed. In the government's filing Friday, prosecutors said in a footnote that neither the county nor the FBI knew the password to the iCloud account and the county, in an effort to get access to information on the phone in the hours after the attack, reset the password remotely—thereby eliminating the possibility of that workaround being successful.

But if the county had installed the management device it had bought onto Farook's phone, none of these efforts would have been necessary.

Gartner Inc., a technology research firm, estimated that over 60 percent of large enterprises—meaning business, government and educational entities—used some kind of MDM software as of last year, though not necessarily on all company-owned devices. That percentage is likely higher now than when the research was done months ago, said Terrence Cosgrove, a research director with Gartner's mobile and client computing research group. Cosgrove said MDM adoption rates are generally higher among government users.

Many workers balk at the idea that the software can monitor and track their personal phones, said Alex Heid, chief research officer at the cybersecurity firm SecurityScorecard Inc. But if the company provides a , it's considered reasonable practice to use such software.

"If a company's assumption is that they might not be able to get back into a device one day then it's not really a company asset at that point, it's a gift," he said.

Explore further: Apple ordered to hack San Bernardino shooter's iPhone

Related Stories

Protests planned across US to back Apple in battle with FBI

February 21, 2016

Protesters are preparing to assemble in more than 30 cities to lash out at the FBI for obtaining a court order that requires Apple to make it easier to unlock an encrypted iPhone used by a gunman in December's mass shootings ...

Apple to fight order to help FBI unlock shooter's iPhone

February 17, 2016

Apple Inc. CEO Tim Cook says his company will fight a federal magistrate's order to help the FBI hack into an encrypted iPhone belonging to one of the San Bernardino, California shooters. The company said that could potentially ...

US would let Apple keep software to help FBI hack iPhone

February 20, 2016

The Obama administration told a U.S. magistrate judge on Friday it would be willing to allow Apple Inc. to retain possession of and later destroy specialized software it has been ordered to design to help the FBI hack into ...

Q&A: A look at the Apple vs US Justice Dept. court fight

February 17, 2016

A U.S. magistrate judge has ordered Apple to help the FBI break into a work-issued iPhone used by a gunman in the mass shooting in San Bernardino, California. Apple chief executive Tim Cook immediately objected, setting the ...

US fight over gunman's locked iPhone could have big impact

February 17, 2016

A U.S. magistrate's order for Apple Inc. to help the FBI hack into an iPhone used by the gunman in the mass shooting in San Bernardino, California, sets up an extraordinary legal fight with implications for ordinary consumers ...

Recommended for you

Swiss unveil stratospheric solar plane

December 7, 2016

Just months after two Swiss pilots completed a historic round-the-world trip in a Sun-powered plane, another Swiss adventurer on Wednesday unveiled a solar plane aimed at reaching the stratosphere.

Solar panels repay their energy 'debt': study

December 6, 2016

The climate-friendly electricity generated by solar panels in the past 40 years has all but cancelled out the polluting energy used to produce them, a study said Tuesday.

Wall-jumping robot is most vertically agile ever built

December 6, 2016

Roboticists at UC Berkeley have designed a small robot that can leap into the air and then spring off a wall, or perform multiple vertical jumps in a row, resulting in the highest robotic vertical jumping agility ever recorded. ...

28 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

dogbert
5 / 5 (9) Feb 21, 2016
The terrorists had two phones which were not owned by anyone else. They were destroyed by the terrorists. Since they did not destroy this phone, it is unlikely that the phone contains any useful information.

The FBI said it wants to determine whether Farook had used his phone to communicate with others about the attack.


A more accurate statement would be that the FBI wants to determine if Farook used the county's phone to communicate with others about the attack.

The phone service provider doubtless maintains records of origination and destination headers in text communications. Checking those records would seem the logical first step in determining if Farook was using that phone to contact other terrorists.

The demand that Apple create some method of breaking the protection of Apple phones is an attempt to circumvent the congress which has denied the government a back door. The FBI is using the court to circumvent the congress. This phone is not even important.
Captain Stumpy
3.8 / 5 (4) Feb 21, 2016
@dog
it is unlikely that the phone contains any useful information
not so sure
sometimes it is a subtle connection that can establish important context to an investigation
therefore it is entirely possible that what most would consider "useful information" is not the same as what an investigative team would consider "useful"

evalentovic
5 / 5 (6) Feb 21, 2016
FWIW,... The government has no power what-so-ever to compel you or any other citizen to make or create or build that which you do NOT have.

It does not matter if the government is offering to pay Apple to build a device, create a device or system or expects Apple to perform this task for free. Most likely being the government takes itself way too seriously they expect it for free. There is no lawful authority anywhere in the Constitution or any other law to dictate that Apple or any other company whether technology or medical and any other sector of business to do so. In fact there is a definite and crystal clear explicit prohibition against any citzen be requested to give their involuntary servitude, with renumeration or not, in the 13th Amendment or any other Amendent.
dogbert
5 / 5 (5) Feb 21, 2016
Captain Stumpy,

I am not certain either. It seems likely that the terrorists would confine planning and communications about attacks to the phones they later destroyed.

The FBI could possibly rule out communications with collaborators on that phone by examining the data in possession of the phone carrier. Such data might show that the business phone was only used for business purposes. The fact that the FBI wants to break the phone encryption before accessing the information accessible from the phone carrier is an indication of the real purpose of involving the court.
dogbert
5 / 5 (3) Feb 21, 2016
evalentovic,

You are correct that the government has no constitutional right to compel Apple to create software or hardware capable of breaking the phone and in fact is constitutionally prohibited from requiring it. However, our current government, including the courts, care very little for the legal system.

The Executive makes laws with the stroke of a pen and the courts make laws whenever they do not like the laws the congress has made. None of this is constitutional, but it happens with depressing regularity.
evalentovic
5 / 5 (6) Feb 21, 2016
It goes something like this,...actually exactly like this,..."Neither slavery nor involuntary servitude, except as a punishment for crime whereof the party shall have been duly convicted, shall exist within the United States, or any place subject to their jurisdiction."

Apple in no way shape or form has committed a crime by standing it's legal ground and has not only has not been convicted of a crime it has not even been accused of an offense. In fat, what the government is doing is stepping outside legal precedence and attempting ot bully Apple and initiating a rule of law that does not exist. Otherwise know as telling a bold-face lie !

There is simply no legal authority for the government, FBI or any other agency of the government to demand and/or compel the company to make anything. The government and it's other agency's can compel or demand Apple or any other firm to hand over something the company actually possesses as a technology under proper legal due process of law.
evalentovic
5 / 5 (5) Feb 21, 2016
SO,...It does not matter if the government is offering to pay Apple to build a device, create a device or system,..the system does not exist and Apple cannot be compelled to build that device. In fact there is a definite and crystal clear explicit prohibition against any citizen be requested to give their involuntary servitude, Apple does not work for the government. In fact the last time I looked We The People are the owners of government.
dogbert
5 / 5 (4) Feb 21, 2016
evalentovic,

It would perhaps be useful if Apple were to quote the constitution to the court as you did. I wish they would.
evalentovic
5 / 5 (5) Feb 21, 2016
It's going to be an interesting fight. You are correct ,..the government and the courts are a bunch of bought and sold entities.

Hey government whats wrong with using the NSA since it tracks any and all data ? At least that is what we as citizens are made to believe. So,..if the NSA,,...a government agency, cannot be tapped to give the government what it wants,..is the government admitting that the NSA really does not have they programs to do what they say they can do ?

The government just wants further entry into private pants of the American public for its enjoyment.

Bottom line is the entire matter reeks of manure.
Eikka
5 / 5 (3) Feb 21, 2016
The phone service provider doubtless maintains records


What if the communications were not calls or text?

the government has no constitutional right to compel Apple to create software or hardware capable of breaking the phone


None such need to be created. They simply need Apple's existing tools and knowledge for low level hardware access to poke the bit that counts the number of password attempts, and reset it before the phone self-destructs to have unlimited tries.

Apple can do that with what they already have. They just don't want to do it because they've sold the phone's security as "unbreakable" which is a lie.
ekim
5 / 5 (2) Feb 21, 2016
Ultimately, Apple needs to look out for it's shareholders. This case is terrific publicity for Apple to showcase the security of their phones. To comply with the governments request would only serve to weaken public perception of their phones, leading to lost sales, a lower stock price and laid off workers.
Eikka
5 / 5 (2) Feb 21, 2016
Ultimately, Apple needs to look out for it's shareholders. This case is terrific publicity for Apple to showcase the security of their phones. To comply with the governments request would only serve to weaken public perception of their phones, leading to lost sales, a lower stock price and laid off workers.


On the other hand, if the government gives up and says they don't have to, the public is being mislead to believe that they don't have to co-operate with government agencies like NSA who can force them to reveal information and have the ability to issue gag-orders to prevent public knowledge of the fact.

And that would be worse, because the government CAN access the information anyways. It just depends on which agency they put on the job, only, the public would be under the impression that this cannot happen because the FBI got cockblocked this one time.

A cynical person could say the whole case is a show trial designed to mislead.
animah
5 / 5 (4) Feb 21, 2016
What if the communications were not calls or text?

You mean internet activity? That is also logged at the telco's. That's how their data bills stand up to scrutiny when customers challenge them.

Unfortunately some are going to use Apple's opposition to lobby for making hands-off encryption illegal. But it's just like guns: Bad guys will still be able to use non-US services or software so the law will be ineffective. Law-abiding citizens will lose out as their data becomes easier to compromise.

Because let's face it: If Govt can get to your data, cyber-criminals will manage to as well.
evalentovic
5 / 5 (2) Feb 21, 2016
The bottom line is the government is really in control . They are presenting the illusion that they are. Example: when you file your tax return the opening inside paragraph talks of Voluntary Compliance. Thats an oxymoron. Either you Volunteer to file a tax return or you are Complied to file a tax return. The government creates the illusion of an all reaching power. They really don't have it unless you comply to what >they say< their authority is. But they also know they will drain you with legal costs until you comply. Well if they really had the power they wold only have to site the law backing their claims. They can't so they make it up and you decide if it's worth the fight or not. Your choice.

Very good point,....Because let's face it: If Govt can get to your data, cyber-criminals will manage to as well.
ekim
5 / 5 (1) Feb 21, 2016
Imagine if this were a different product. Perhaps Law Enforcement orders a different company to produce something "new" to disable their product in the event that public safety is put at risk. Lets say a small chip installed into every firearm to disable the firing pin. Of course they would only use this "new" addition to protect the public from harm, and they would do everything to prevent it from falling into the wrong hands. However, the consumer might not have the same level of confidence in the product after such a modification.
evalentovic
5 / 5 (2) Feb 21, 2016
Sorry I meant to write,...The bottom line is the government is really NOT in control.
david_king
1 / 5 (1) Feb 21, 2016
From what I understand the FBI is actually interested in any communication Farook had with his fellow colleagues before he shot them as they are still looking for a precise motive. Presumably if that were the case the other worker's phones would also have a record of those communications.
I'd think that the data on this phone could be backed up and then the FBI could take their time trying to guess the 4 digit access code using social engineering to help them guess.
antonima
1 / 5 (1) Feb 21, 2016
I just cannot believe iPhone encryption would be an insurmountable challenge for an agency like the FBI. It looks to me like it would just be convenient if apple would do it, for financial and legal reasons.

But it raises the question : if the FBI does not have the software to unlock an iPhone, say, because the NSA does not want to share, how should they go about getting this software? I think that an agency like the FBI has every reason, and responsibility, to be able to access data from Mr. Farook's phone. So, should they spend tens of millions of taxpayer dollars to hire those experts who can crack the iPhone encryption? Or, should Apple be made to do it via court order? It would cost a lot less because they are familiar with the architecture.

The way I see it, the encryption will be broken either way. Isn't it the duty of a responsible government to reduce the cost on the taxpayer?
ekim
not rated yet Feb 22, 2016
The way I see it, the encryption will be broken either way. Isn't it the duty of a responsible government to reduce the cost on the taxpayer?

Actually John McAfee offered to do it for free.
http://www.busine...e-2016-2
antialias_physorg
5 / 5 (1) Feb 22, 2016
because the NSA does not want to share

I'm not sure it could share even if it wanted to. NSA, as far as I know, (officially) isn't allowed to spy on US citizens (...yeah.....right). Farook was a US citizen.
obama_socks
3 / 5 (1) Feb 22, 2016
IMO, dogbert is correct that the two phones that were destroyed were the ones that were used for terrorist communications. The one that's in the possession of the Feds was most likely used for backup in case the other two were lost. Possibly its main function was for ordering pizza.
That reminds me of our favorite whistleblower, Edward Snowden and his desire to return to the US. IF he returns anytime while Obama is in command, he would be as good as dead. Snowden actually did all Americans a big favor. He woke us up to what is really going on in the current government.
Eikka
not rated yet Feb 22, 2016
You mean internet activity? That is also logged at the telco's.


Internet activity isn't traceable in the same sense. They'll see how you've connected to some public server in the cloud, but they can't see who you're messaging with.

What the FBI is looking for is chat logs and emails, photos and contact address lists possibly still remaining on the device.

I'd think that the data on this phone could be backed up and then the FBI could take their time trying to guess the 4 digit access code using social engineering to help them guess.


The encryption on the data is paired to a hardware key on the phone, so it's far more difficult to crack without the actual phone. Not impossible, but they still need Apple to provide them with the backup copy, which they're refusing too.
Eikka
1 / 5 (1) Feb 22, 2016
Besides, Apple already has software in place to reset the device's password remotely. As far as I know, you can do a password reset on an iPhone through the iCloud service, where you're sent a confirmation email to your provided address to verify the action.

If the FBI gains access to the email account - which is known by Apple - then they can send a password reset to the phone and open it without technically breaking any security or encryption.

But that just goes to point out that Apple already has the software in place to open someone's iPhone remotely, and no such "master key" has to be created to comply to the FBI's request. They're just pretending that they can't.
antonima
not rated yet Feb 22, 2016

I'm not sure it could share even if it wanted to. NSA, as far as I know, (officially) isn't allowed to spy on US citizens (...yeah.....right). Farook was a US citizen.


Yeah, it seems that getting a LEGAL allowance to do this is at least part of the FBI's purpose here. Even if the NSA, FBI or whoever, can do this it may not be very helpful in the bigger picture if it is illegal.
Phys1
5 / 5 (1) Feb 22, 2016
... IF he returns anytime while Obama is in command, he would be as good as dead. ...

What do you base this serious accusation against the US president on ?
kochevnik
1 / 5 (1) Feb 22, 2016
@socks IMO, dogbert is correct that the two pones that were destroyed were the ones that were used for terrorist communications.
Terrorists are government officials, BY DEFINITION
ekim
5 / 5 (1) Feb 22, 2016
Besides, Apple already has software in place to reset the device's password remotely. As far as I know, you can do a password reset on an iPhone through the iCloud service, where you're sent a confirmation email to your provided address to verify the action.

If the FBI gains access to the email account - which is known by Apple - then they can send a password reset to the phone and open it without technically breaking any security or encryption.

Did you even read the article?
"The executives said Apple sent engineers to work with the FBI on the workaround but the effort ultimately failed. In the government's filing Friday, prosecutors said in a footnote that neither the county nor the FBI knew the password to the iCloud account and the county, in an effort to get access to information on the phone in the hours after the attack, reset the password remotely—thereby eliminating the possibility of that workaround being successful."
baudrunner
1 / 5 (1) Feb 23, 2016
Actually John McAfee offered to do it for free.
He did indeed. Which is one reason why I view this whole affair with some trepidation as to its veracity. I don't see how this is any different from having to comply with a court order to wiretap a suspect's land line. Tim Cook should be held in contempt.

But he won't. And that is because I believe that this may all very well be a charade to instill in the public a false sense of security that any government body can not spy on us or use clandestine means to find out what we are doing on our devices and our computers.

Furthermore, the fact that this phone was not destroyed by the terrorists points to the possibility that there may have been deliberately misleading leads planted on it by those same terrorists to throw the FBI off track.

I say let it be.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.