The drama is over. The rancorous legal drama during which the Federal Bureau of Investigation tried to compel Apple to create a work-around that would allow the agency to bypass iOS security measures ended when the bureau announced that it had gained access to an iPhone 5C used by terrorists and that Apple’s help was no longer necessary.
Previously, the FBI had asked for a delay in its action against Apple when the agency said that it had received an offer of help from a third party and that the method looked like it would work.
Then on March 28, the FBI told the court that it was able to gain access to the iPhone used by Sayed Farook, the San Bernardino County employee turned terrorist who killed 14 of his colleagues.
The FBI has not said how it gained access to the iPhone, but NBC News has reported that it received confirmation from official sources that the FBI was helped by an Israeli company, Cellebrite, that makes mobile forensic devices. The company has not responded to multiple attempts by eWEEK to confirm the story or otherwise comment.
Once the FBI was able to gain access to the iPhone, it was able to extract its contents. While Cellebrite declined to comment on whether it assisted the FBI, the company’s Website does include detailed information about its ability to gain access to iOS devices as well as to recover passcodes. Cellebrite has even provided a video of these processes in action.
Regardless of whether Cellebrite is actually the third party that helped the FBI, the technology clearly exists, and has existed for some time. In fact, the U.S. government is listed as one of Cellebrite’s biggest customers.
Given the rancor of the legal battle that flared up over Apple’s refusal to help the FBI break one iPhone’s security, one has to wonder what the government was really up to.
After all, Cellebrite’s existence and its capabilities aren’t secrets. The company has been around for nearly 20 years and has been in the forensics business most of that time. Cellebrite’s Website clearly states its services and capabilities.
Likewise, Apple certainly knows about Cellebrite. The company’s products are widely used in mobile phone stores for transferring data between phones. Apple itself reportedly uses Cellebrite products in some of its own stores.
So if such an obvious solution exists that both the FBI and Apple know about, why all the drama? The only explanation that makes sense is that the government wanted to force a court order that would then establish a precedent that would ensure future government access to mobile devices regardless of the level of protection or the quality of the encryption.
For its part, Apple needed to draw a line in the sand, if only to reassure its customers that it wouldn’t break its own privacy promises.
In a sense, both sides can now say they’ve won. The FBI has been able to get past the iPhone’s lock and Apple has been able to say they didn’t help.
Third-Party Tech Help Resolves FBI-Apple Standoff Over Killer’s iPhone
The next step is for the FBI to decrypt the contents of the iPhone that it was able to recover, which is something that Apple can’t help with even if it wanted to. But the FBI has access to the best code-breakers on the planet, the National Security Agency.
The NSA has the skill and the computing power to break the encryption that Apple provided. It might not happen instantly, but it will happen. One of the basic truths about security is that any device can be cracked once you have full access to the device’s functions. The FBI has achieved the first stage already, and the next stage is within the government’s capability.
There’s been a lot of speculation about whether the FBI will tell Apple how it got into the iPhone, but in reality that’s not necessary. If the method was the type of forensic extraction that Cellebrite performs, then Apple already knows the answer. If it wasn’t, then the FBI likely won’t tell Apple if only to slow down any development of countermeasures.
Of course those countermeasures are already underway. Apple has already announced that it would be strengthening the security of its products as they’re released. The company will also likely strengthen the security of iCloud, which is where Farook backed up his iPhone until a month and a half before the terrorist attack. Apple has already turned over Farook’s iCloud data as required by a warrant served last year.
A more secure iCloud would probably slow down access by the government, but only to a certain point. If the FBI or some other agency can gain physical access to the iCloud data, then eventually it will be decrypted. The time and effort may discourage such decryption in all but the most significant cases, but decryption is always possible if the stakes are high enough.
Beyond this, the next step in the security arms race is unclear. Apple can still do a lot to make it harder to break into its servers and its devices, but more complex security also means that devices may be harder to use and may operate more slowly.
The FBI can attempt to require that Apple turn over data, but to date this hasn’t worked out very well for the bureau, and the blowback from the public has been pretty bad. The FBI may not want to push its luck, especially in an election year.
The next steps are also unclear. I suspect that the FBI will move forward with decrypting Farook’s iPhone and it’s uncertain whether the data it contained will reveal the participation of other individuals or useful information about how he planned the mass shooting that resulted in the deaths of 14 San Bernardino County employees.
But the fundamental legal issues raised by the case won’t go away and will emerge again the next time the government wants to break into a highly secure computing device or database.