Apple's iPhone encryption is loved by privacy-conscious users, but to law enforcement, it's proving ... [+]
The U.S. government has launched fresh attempts to try to stop Apple and other tech companies locking up user data with encryption.
On Monday, NBC reported that the FBI had written a letter to Apple, asking it to help unlock two iPhones belonging to the Saudi aviation student Mohammed Saeed Alshamrani, who is alleged to have killed three people at a Naval Air Station in Pensacola, Florida, before being shot and killed by police in December. It risks reviving a battle with Apple that started with the case of a terrorist shooting in San Bernardino in 2015. Apple declined to help the government unlock the iPhone of the shooter in that case, leading to a protracted legal battle that ended when an unknown third party managed to retrieve information from the device.
Yesterday also saw Texas-based U.S. attorney Joseph Brown issue a statement saying the government should “enact legislation to ensure lawful access for law enforcement, consistent with the traditional protections of privacy, to digital evidence of crime.” He cited a case in which it took more than a year from the arrest of a suspect in a child exploitation case to obtaining data from his device. It was only when “new forensic techniques” were used that investigators were able to get into the iPhone, where they found child abuse imagery, according to Brown.
“Evidence stored in a phone or on a laptop should not be protected more than evidence in a person’s home, which has always been considered the most private of places,” Brown wrote. “By allowing dangerous criminals to cloak their communication behind an impenetrable digital shield, the deployment of warrant-proof technologies is already imposing a great cost on society.”
On the other side of the debate, digital rights bodies have long argued that convincing or forcing tech companies to alter their tech to allow government access would leave loopholes open to criminals, who could exploit the same weaknesses to invade users’ privacy. For instance, if Apple were told to create a backdoor in its iOS operating system, a criminal could find the same backdoor and use it to pilfer information for as long as it remained open.
The U.S. government also has access to many tools that can help acquire data from iPhones, Androids and myriad other mobile devices. For instance, Cellebrite tools and Grayshift's GrayKey have long been able to grab data from iPhones, and the FBI is one of many agencies that own hacking tech from both.
Forbes recently obtained a search warrant from Ohio, signed off on in October 2019, showing an FBI-owned GrayKey was able to extract data from an iPhone 12.5, though no device exists (neither does iOS 12.5). In the search warrant application, the government doesn’t specify what model of iPhone it was, but an image shows it has three camera lenses on the back of the device. Only Apple’s top of the range iPhone 11 Pro and iPhone 11 Pro Max models have three cameras. Though it’s not clear the iPhone was locked prior to being search by the FBI, a photo of the front of the device shows it on a locked screen with a handful of missed calls.
An executed search warrant using iPhone hacking tool GrayKey. From an Ohio investigation.
In the Pensacola case, it appears the government has tried such third-party tools, which can take many months to crack a passcode. Investigators are continuing to try to “guess” passcodes, according to the letter reported by NBC. And there are some problems with the integrity of the device: a round was fired into the device, according to the FBI.
Neither the FBI nor Apple had responded to requests for comment on the NBC report. Apple told the news outlet that it had already handed over relevant data on the case last month.
