US hacks iPhone, ends legal battle but questions linger (Update)

March 29, 2016 by Tami Abdollah And Brandon Bailey
In this Friday, Sept. 25, 2015, file photo, an Apple iPhone 6s Plus smartphone is displayed at the Apple store at The Grove in Los Angeles. The FBI said Monday, March 28, 2016, it successfully used a mysterious technique without Apple Inc.'s help to hack into the iPhone used by a gunman in a mass shooting in California, effectively ending a pitched court battle between the Obama administration and one of the world's leading technology companies. (AP Photo/Ringo H.W. Chiu, File)

The extraordinary legal fight pitting the Obama administration against technology giant Apple Inc. ended unexpectedly after the FBI said it used a mysterious method without Apple's help to hack into a California mass shooter's iPhone.

Left unanswered, however, were questions about how the sudden development would affect privacy in the future, and what happens the next time the government is frustrated by digital security lockout features.

Government prosecutors asked a federal judge on Monday to vacate a disputed order forcing Apple to help the FBI break into the iPhone, saying it was no longer necessary.

The FBI used the unspecified technique to access data on an iPhone used by gunman Syed Farook, who died with his wife in a gun battle with police after they killed 14 people in San Bernardino, California, in December. The Justice Department said agents are now reviewing the information on the phone.

But the government's brief court filing, in U.S. District Court for the Central District of California, provided no details about how the FBI got into the phone. Nor did it identify the non-government "outside party" that showed agents how to get past the phone's security defenses. Authorities had previously said only Apple had the ability to help them unlock the phone.

Apple responded by saying it will continue to increase the security of its products.

Read: Explainer: Apple vs. FBI—What Happened?

"We will continue to help law enforcement with their investigations, as we have done all along," the company added in a statement, while reiterating its argument that the government's demand for Apple's help was wrong.

"This case should never have been brought," the company said.

FBI Assistant Director David Bowdich said Monday that examining the iPhone was part of the authorities' effort to learn if the San Bernardino shooters had worked with others or had targeted any other victims. "I am satisfied that we have access to more answers than we did before," he said in a statement.

The dispute had ignited a fierce Internet-era national debate that pitted digital privacy rights against national security concerns and reinvigorated discussion over the impact of encryption on law enforcement's ability to serve the public.

Rep. Darrell Issa, R-California, said in a statement that while it was "preferable" that the government gained access to the iPhone without Apple's help, the fundamental question of the extent to which the government should be able to access personal information remains unanswered.

Issa, a critic of the administration's domestic surveillance practices, said the government's legal action against Apple raised constitutional and privacy questions and that "those worried about our privacy should stay wary" because this doesn't mean "their quest for a secret key into our devices is over."

The surprise development punctured the temporary perception that Apple's security might have been good enough to keep consumers' personal information safe even from the U.S. government.

And while the Obama administration created a policy for disclosing such security vulnerabilities to companies, the policy allows for a vulnerability to be kept secret if there is a law enforcement or national security rationale for doing so.

The withdrawal of the court process also takes away Apple's ability to legally request details on the method the FBI used in this case. Apple attorneys said last week that they hoped the government would share that information with them if it proved successful.

The Justice Department wouldn't comment on any future disclosure of the method to Apple or the public.

Denelle Dixon-Thayer, chief legal and business officer at Mozilla, which makes the Firefox web browser, said in a statement that "fixing vulnerabilities makes for better products and better security for everyone" and the "government needs to take that into account" and disclose the vulnerability to Apple.

Jay Kaplan, a former NSA computer expert who's now CEO of cyber-security firm Synack, said it is likely Apple will pursue avenues to further lock down their operating systems and hardware, especially as a result of the public announcement of some new technique to crack their phones.

U.S. Magistrate Sheri Pym of California last month ordered Apple to provide the FBI with software to help it hack into Farook's work-issued iPhone. The Justice Department relied on a 1789 law to argue it had the authority to compel Apple to bypass its security protocols on its phone for government investigators. While Magistrate Judge James Orenstein in New York ruled last month in a separate case that the U.S. was seeking broad powers under that legal argument, the decision wasn't binding in the California case and the Justice Department is appealing.

Technology and civil liberties organizations say they're concerned the case is far from settled, with some worrying that smaller companies might not have the resources to fight off similar demands.

Apple CEO Tim Cook had argued that helping the FBI hack the iPhone would set a dangerous precedent, making all iPhone users vulnerable, if Apple complied with the court order. He as well as FBI Director James Comey has said that Congress needs to take up the issue.

Apple was headed for a courtroom showdown with the government last week, until federal prosecutors abruptly asked for a postponement so they could test a potential solution brought to them by a party outside of the U.S. government last Sunday.

The encrypted phone was protected by a passcode that included security protocols: a time delay and auto-erase featured that destroyed the phone's data after 10 tries. The two features made it impossible for the government to repeatedly and continuously test passcodes in what's known as a brute-force attack. But with those features removed, the FBI said it would take 26 minutes to crack the phone.

A law enforcement official said the FBI would continue to aid its local and state partners with gaining evidence in cases—implying that the method would be shared with them. The official spoke to reporters on condition of anonymity because he wasn't authorized to publicly comment.

High on the waiting list for assistance likely is Manhattan District Attorney Cyrus Vance, who told a U.S. House panel earlier this month that he has 205 iPhones his investigators can't access data from in criminal investigations. Apple is also opposing requests to help extract information from 14 Apple devices in California, Illinois, Massachusetts and New York.

Explore further: Citing FBI quest, Apple asks judge to delay iPhone data case

Related Stories

Apple has 'obligation' to protect users: Cook

March 21, 2016

Apple has "an obligation" to protect user data and privacy, chief executive Tim Cook said Monday, reaffirming his stand in a high-profile court showdown with the US government on encryption.

Protests planned across US to back Apple in battle with FBI

February 21, 2016

Protesters are preparing to assemble in more than 30 cities to lash out at the FBI for obtaining a court order that requires Apple to make it easier to unlock an encrypted iPhone used by a gunman in December's mass shootings ...

Recommended for you

Computer learns to recognize sounds by watching video

December 1, 2016

In recent years, computers have gotten remarkably good at recognizing speech and images: Think of the dictation software on most cellphones, or the algorithms that automatically identify people in photos posted to Facebook.

16 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

rderkis
not rated yet Mar 29, 2016
Repeat from other article, I should have posted here. Sorry :-(

I wish the FBI would release in exacting detail exactly how they hacked the apple phone. Then maybe next time the FBI need a company to cooperate, the company would think twice about refusing. :-)
IronhorseA
2.3 / 5 (3) Mar 29, 2016
"Issa, a critic of the administration's domestic surveillance practices, said the government's legal action against Apple raised constitutional and privacy questions and that "those worried about our privacy should stay wary" because this doesn't mean "their quest for a secret key into our devices is over."

Issa forgets that the NSA has been around a lot longer than the current administration, and his own party is just as likely to make use of its services if not more so.

As far as Apple goes, if they want to be know as the phone/camera of choice of pedophiles everywhere, then that's up to them.
kochevnik
5 / 5 (3) Mar 29, 2016
It is possible to find pedophiles and criminals without joining a fascist empire. Glad you approve of the low crime rate in Hitler's Germany
antigoracle
5 / 5 (2) Mar 29, 2016
So, the FBI can now access any iPhone and Apple doesn't have a clue what that hole is, far less how to plug it. Thank you Tim.
DirtyLens
1.7 / 5 (6) Mar 29, 2016
The most annoying thing about Apple is that Apple thinks that 100% of its customers are good people without any intentions to harm anyone.. This is pure arrogance on Apple's part.. Apple has to own up to the fact that this very technology makes people far more dangerous! If Androids or even Surfaces can be cracked, so must Apple, too. If Apple is being singled out , then there is no difference.. I don't care who the users are.. they are not to be trusted..
Humans are dangerous creatures... especially with devices no matter who makes them.
kochevnik
not rated yet Mar 29, 2016
@Dirtylens Are you from North Korea?
Captain Stumpy
2.3 / 5 (3) Mar 29, 2016
I wish the FBI would release in exacting detail exactly how they hacked the apple phone
@rderkis
they probably went to 4chan/b/ ... or they TOR'ed the specific phone
then followed the directions

.

So, the FBI can now access any iPhone and Apple doesn't have a clue what that hole is, far less how to plug it
@antig
if apple has anyone with common sense, they'll have programmers who use TOR or other similar darkweb sites to track who does what
RandallKing
5 / 5 (1) Mar 29, 2016
rarely keep up w/ comments & blogs & other posts, so i apologize if i repeat anyone else's ideas. here's a logical loophole i haven't heard expressed publicly: if a "way in" were created, would that "trick" be any more vulnerable to unwanted access from the public/bad guys than ANY OTHER SOFTWARE? doesn't every software company guard all of their secrets very carefully? if Apple (or other company) creates a "master key," would they open source it or would they keep it secret? and if some gov't agency has a secret, isn't it guarded carefully as well? sorry, Apple, that argument doesn't fly...it was just a convenient diversion to instill fear of possible attack. funny, they used a tactic that their adversary (the gov't) is often accused of using.
TehDog
5 / 5 (7) Mar 29, 2016
1st, there are no fully secure systems or devices. All you can do is make it as expensive (physical resources/time/cpu cycles wise) to crack as possible.

2nd, "So, the FBI can now access any iPhone..." No, the method suspected to have been used (NAND mirroring) will not work on any iphone after the 5C, as they have an extra hardware layer (secure enclave).

http://arstechnic...storage/
https://www.mikea...ave.html

koitsu
5 / 5 (1) Mar 29, 2016
I wonder if they really hacked it... or if this is just a convenient way to back out of the spotlight and a legal battle while still maintaining pride in the public eye.
Da Schneib
5 / 5 (2) Mar 29, 2016
So basically the technologically incompetent FBI was skooled by an unidentified computer science graduate.

If they were really smart they'd've offered a million bucks-- chickenfeed to them-- and had the answer a lot sooner.

Bureaucracies suck at technology. A committee is the only known form of life with fifty mouths, a hundred hands, and no brains.
Da Schneib
5 / 5 (2) Mar 29, 2016
The most annoying thing about Apple is that Apple thinks that 100% of its customers are good people without any intentions to harm anyone..
No, Apple thinks 100% of its customers are...

wait for it...

customers. You know, as in people who paid for what they got.

Maybe you think smart phones are too dangerous for ordinary folks to have.
obama_socks
1 / 5 (1) Mar 29, 2016
Repeat from other article, I should have posted here. Sorry :-(

I wish the FBI would release in exacting detail exactly how they hacked the apple phone. Then maybe next time the FBI need a company to cooperate, the company would think twice about refusing. :-)
- rderkis
The FBI has no inclination to release their "secret formula". This is a government agency we are talking about, and the gov't guards its capabilities jealously once they have access to it. If the FBI exceeds their authority, the only thing for all American citizens to do is to threaten to vote OUT members of Congress. If and when that happens, those career politicians will do their utmost - even commit perjury - to keep their political careers from tanking. FBI now isn't what it was like in the days of the G-men who were patriotic. Now, for the most part, they are loyal to those who can provide them with job security.
obama_socks
1 / 5 (1) Mar 29, 2016
I wonder if they really hacked it... or if this is just a convenient way to back out of the spotlight and a legal battle while still maintaining pride in the public eye.
- koitsu
That is a good possibility. FBI may have decided that since the principal terrorists are already dead, the public will consider the agency a nuisance who is more likely to snoop into private lives rather than only into terrorist communications. They don't want to lose the public trust and find potential informers clamming up rather than going to the agency, especially when national security is at stake.
obama_socks
3 / 5 (2) Mar 29, 2016
The most annoying thing about Apple is that Apple thinks that 100% of its customers are good people without any intentions to harm anyone.. This is pure arrogance on Apple's part.. Apple has to own up to the fact that this very technology makes people far more dangerous! If Androids or even Surfaces can be cracked, so must Apple, too. If Apple is being singled out , then there is no difference.. I don't care who the users are.. they are not to be trusted..
Humans are dangerous creatures... especially with devices no matter who makes them.
- DirtyLens
The vast majority of Apple users aren't terrorists or pedophiles, and only use their phones for the usual mundane reasons. Dangerous creatures? What makes you think in such terms?
No matter what brand of communications gadget the public is using, it is always a good idea to use observation to identify a potential threat that may kill or injure people and harm the infrastructure. IOW, keep your eyes and ears open.
xponen
1 / 5 (2) Apr 02, 2016
Apple don't need to defend customer which's obviously a murderer. If FBI had warrant to hack an iPhone, then help them. A warrant meant the request had gone thru justice process, and it's okay to comply.

If Apple refuse even after a justice process had been done, then it's obvious that Apple is on the side of criminals. Probably that might work for Apple as people nowadays is weirdly pro-crime. (like how a presidential candidate that make racist or insulting comment still get support)

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.