The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple

[Karlston]

The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple

Attorney General Barr says voters and Congress should make encryption decisions — not Apple

Photo by Bill Pugliano/Getty Images

After months of trying, the FBI successfully broke into iPhones belonging to the gunman responsible for a deadly shooting at Pensacola Naval Air Station in December 2019, and it now claims he had associations with terrorist organization al-Qaeda. Investigators managed to do so without Apple’s help, but Attorney General William Barr and FBI director Christopher Wray both voiced strong frustration with the iPhone maker at a press conference on Monday morning.

 

Both officials say that encryption on the gunman’s devices severely hampered the investigation. “Thanks to the great work of the FBI — and no thanks to Apple — we were able to unlock Alshamrani’s phones,” said Barr, who lamented the months and “large sums of tax-payer dollars” it took to get into devices of Mohammed Saeed Alshamrani, who killed three US sailors and injured eight other people on December 6th.

 

Apple has said it provided investigators with iCloud data it had available for Alshamrani’s account but did not provide any assistance bypassing iOS’s device encryption. Without that help, authorities spent many weeks trying to break in on their own.

 

Wray chastised Apple for wasting the agency’s time and resources to unlock the devices. “Public servants, already swamped with important things to do to protect the American people — and toiling through a pandemic, with all the risk and hardship that entails — had to spend all that time just to access evidence we got court-authorized search warrants for months ago,” he said. Wray also claimed the delay would’ve given any potential co-conspirators months to delete evidence and prevent the FBI from piecing together the whole trail.

 

“Apple’s decision has dangerous consequences for the public safety and the national security and is, in my judgement, unacceptable,” Barr said. “Apple’s desire to provide privacy for its customers is understandable, but not at all costs. There is no reason why companies like Apple cannot design their consumer products and apps to allow for court-authorized access by law enforcement, while maintaining very high standards of data security. Striking this balance should not be left to corporate board rooms.”

 

Throughout the recent debates on encryption policy, Apple has insisted that it’s impossible to create a “backdoor” in the way that Barr describes since any such tool could fall into the wrong hands and dismantle the security of iPhones globally. The company has regularly handed over iCloud backup data where available, and according to a Reuters report from earlier this year, Apple abandoned plans to fully encrypt those backups due to FBI complaints. But it has steadfastly refused to compromise the local storage of iPhones. “Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data,” CEO Tim Cook said in 2016.

 

Attorney General Barr hasn’t been swayed by Apple’s arguments. “We are confident that technology companies are capable of building secure products that protect user information,” he said today, “and at the same time, allow for law enforcement access when permitted by a judge — as Apple had done willingly for many years and others are still doing today.”

 

Apple and the FBI have been at odds over encryption policy since 2016 when the FBI sought data from an iPhone connected to the San Bernardino terrorist shootings. The bureau asked Apple to create an alternate version of iOS that would make breaking into the device easier, but the company refused over the security implications this would have for all iPhone owners. “We believed it was wrong and would set a dangerous precedent,” a spokesperson told The Verge at the time.

 

After a number of filings, the FBI withdrew its legal case after it found a way into the iPhone without Apple’s assistance. Still, officials have continued raising concerns with encryption in the years since.

 

According to Wray, the FBI’s method for getting into Alshamrani’s devices won’t be of much help for other investigations. “The technique that we developed is not a fix for our broader Apple problem; it’s of pretty limited application,” he said.

 

Apple responded to Barr and Wray with the following statement on Monday afternoon:

The terrorist attack on members of the US armed services at the Naval Air Station in Pensacola, Florida was a devastating and heinous act. Apple responded to the FBI’s first requests for information just hours after the attack on December 6, 2019 and continued to support law enforcement during their investigation. We provided every piece of information available to us, including iCloud backups, account information and transactional data for multiple accounts, and we lent continuous and ongoing technical and investigative support to FBI offices in Jacksonville, Pensacola, and New York over the months since.

 

On this and many thousands of other cases, we continue to work around-the-clock with the FBI and other investigators who keep Americans safe and bring criminals to justice. As a proud American company, we consider supporting law enforcement’s important work our responsibility. The false claims made about our company are an excuse to weaken encryption and other security measures that protect millions of users and our national security.

 

It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor — one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.

 

Customers count on Apple to keep their information secure and one of the ways in which we do so is by using strong encryption across our devices and servers. We sell the same iPhone everywhere, we don’t store customers’ passcodes and we don’t have the capacity to unlock passcode-protected devices. In data centers, we deploy strong hardware and software security protections to keep information safe and to ensure there are no backdoors into our systems. All of these practices apply equally to our operations in every country in the world.

Update May 18th 3:30PM ET: The article has been updated to include Apple’s statement.

 

 

Source: The FBI successfully broke into a gunman’s iPhone, but it’s still very angry at Apple (The Verge)

[Karlston]

The FBI Backs Down Against Apple—Again

The agency cracked the Pensacola iPhones, but it still views Cupertino as a problem—even though it's easier to break into iPhones than it has been in years.

US Attorney General William Barr has insisted that Apple could design a backdoor that didn’t threaten to compromise iOS devices broadly—something both the company and other security researchers dispute.Photograph: Jabin Botsford/The Washington Post/Getty Images

 

 

The latest high-stakes standoff between Apple and the FBI has come to an end. After claiming for months that Apple alone could unlock the two iPhones of Pensacola, Florida shooter Mohammed Saeed Alshamrani, the agency announced today that it had managed to do so without Cupertino’s help—and without undermining the encryption that protects over 1 billion iOS devices worldwide.

 

The détente comes five months after the attack last December at Naval Air Station Pensacola, in which Alshamrani killed three people and wounded eight more before being shot and killed by local law enforcement. The FBI recovered Alshamrani's iPhone 5 and an iPhone 7 Plus in the wake of shooting; the devices were badly damaged, which the Justice Department implied in January made it more difficult to break in through traditional methods. The stance was always curious. The FBI confirmed it had managed to get the iPhones up and running, and has access to forensics tools from companies like Cellebrite that claim the ability to break into any iOS device. Older models like Alshamrani’s should have been relatively trivial to crack. But as with the 2015 San Bernardino, California shooting, the high-stakes case proved all too tempting for the agency to try to set a bad precedent.

 

In both instances, the FBI wanted Apple's help to establish a “back door” that would allow law enforcement to circumvent any iOS device’s encryption and access its data as needed. “We have always maintained there is no such thing as a back door just for the good guys,” Apple said in January in response to the Justice Department’s public admonition. “Back doors can also be exploited by those who threaten our national security and the data security of our customers.” The company declined to comment on the latest development in the Pensacola case.

 

“Every time there’s a traumatic event requiring investigation into digital devices, the Justice Department loudly claims that it needs back doors to encryption, and then quietly announces it actually found a way to access information without threatening the security and privacy of the entire world,” says Brett Max Kaufman, senior staff attorney at the American Civil Liberties Union. “The boy who cried wolf has nothing on the agency that cried encryption.”

 

In a press conference today, FBI director Christopher Wray said that the agency had to develop its own tool to access the iPhones. “We canvassed every partner out there and every company that might have had a solution to access these phones. None did,” said Wray. “So we did it ourselves. Unfortunately the technique that we developed is not a fix for our broader Apple problem. It’s a pretty limited application.”

 

It’s unclear what that difficulty stems from. While still plenty secure for the average user, recent vulnerabilities in iOS have given hackers and forensic investigators ample avenues to break into iPhones. “If the FBI was able to repair the hardware sufficiently to boot them up, then existing forensics tools are more than capable of recovering data from those devices,” says Dan Guido, founder of cybersecurity firm Trail of Bits. He points specifically to the so-called checkm8 exploit, publicized last September—an unfixable flaw that makes it possible to “jailbreak” any iPhone from 2011 to 2017—which includes both of Alshamrani’s devices.

 

“The FBI could try as many PIN codes as they wanted until one worked,” says Guido, whose iVerify security app can tell if your phone is exposed to checkm8. “It was only a matter of time before they succeeded.”

 

In fact, iOS has seen several security lapses lately that, while largely harmless to the average user, make it possible for well-resourced technicians to break into devices. In addition to checkm8, vulnerability broker Zerodium recently announced that due to a glut of iOS and Safari bugs it wouldn’t accept certain classes of Apple bug submissions for the next several months.

 

“There's been a proliferation of iOS vulnerabilities recently,” says Johns Hopkins University cryptographer Matthew Green. “There was a brief period around 2015 when Apple's security outpaced the commercially available exploit market, and that period seems to be over.”

 

It’s unclear exactly how the FBI got the passcodes it needed. But the agency’s success in cracking the iPhones in its possession seems to undermine its central argument that Apple and other companies allow criminals to “go dark” by providing strong encryption on consumer devices. As in 2016 with the San Bernardino case, agents got in eventually.

 

“Using a device with known security flaws, like the iPhone 7 Plus, or a device without the latest security features, like an iPhone 5 which lacks the Secure Enclave, is a straightforward way to ensure law enforcement can access your phone when needed,” adds Guido.

 

That may explain why the tenor of both Wray and Attorney General William Barr’s argument against encryption appeared to have shifted slightly. Rather than decrying the impossibility of gaining access, both Barr and Wray focused today on the investigatory costs of how long it took to do so. “The delay from getting into these devices didn’t just divert our personnel from other important work. It also seriously hampered this investigation,” said Wray. “Finally getting our hands on the evidence Alshamrani tried to keep from us is great, but we really needed it months ago, back in December, when the court issued its warrants.”

 

That timeline’s not quite right. Apple did respond to those early warrants, handing over what it describes as gigabytes of iCloud, account, and transactional data related to the case. The FBI didn’t tell Apple that there was a second iPhone, or that it was unable to access either device, until January 6. It’s unclear how much of the data the FBI found on Alshamrani’s devices had already been available through iCloud backups.

 

Despite the FBI’s repeated success in breaking into supposedly uncrackable iPhones, Barr insisted that Apple could design a back door that didn’t threaten to compromise iOS devices more broadly. “There is no reason why companies like Apple cannot design their consumer products and apps to allow for court-authorized access by law enforcement while maintaining very high standards of data security,” Barr said at today’s press conference. In fact, the landmark cryptography paper “Keys Under Doormats” by Bruce Schneier, among others, gives ample reasons why they can’t do that very thing.

 

Barr also signaled, though, that the Justice Department may no longer consider the courts as the best avenue to achieve that end. “The developments in this case demonstrate the need for a legislative solution,” he said, at another point suggesting that undermining encryption is a choice that Americans must make “through their representatives.”

 

Even so, all the FBI has proven today is that the choice remains moot. Weakening iOS encryption would threaten over 1 billion devices unilaterally. Why force that, when so many of them have vulnerabilities that sophisticated forensics labs can already exploit?

 

“I think the idea that iPhones are ‘unhackable’ is obsolete,” says Green. “I think we all need to adjust our expectations accordingly, particularly when governments demand that firms break or weaken their encryption.”

 

The Justice Department has more targets than just Apple; it has increasingly focused on Facebook's encryption as an investigatory impediment as well. But as long as it's this manageable to break into most iPhones, its complaints seem less urgent than ever.

 

 

Source: The FBI Backs Down Against Apple—Again (Wired)