Article by Michael Husnik of AFIMAC
Earlier this past week a U.S. judge ordered Apple to create a device that could bypass the security protection of a deceased terrorists cell phone. Long story short, a married couple in the U.S. decided to go to the husband’s workplace in San Bernardino and shoot his colleagues. They ended up killing 14 and wounded 22 before they were both killed by law enforcement. The U.S. government is very interested, and rightfully so, in figuring out who (if anyone) supported the couple in their attack and who the couple contacted prior to the shootings. The couple destroyed their personal cell phones prior to the attack to ensure there was no obtainable information. However they failed to destroy the husband’s work iPhone that he was given from his employer. The U.S. government has the phone and apparently needs Apple’s help to obtain any information stored on the phone.
The husband had backed up this iPhone to iCloud about six weeks before the attack. Apple has provided this information to the FBI, which is a standard procedure albeit through the FBI getting a warrant. The FBI wants to obtain the information from the phone between the last iCloud back up and the date of the attacks. To do so, the normal process for law enforcement would be to simply take the iPhone to a known Wi-Fi Internet spot that the phone recognizes (i.e. the attacker’s work, home, local coffee shop, etc.) and then the phone would automatically update to iCloud and Apple could provide the data upon a formal request and warrant from the FBI. The issue is someone (unnamed) from the San Bernardino Police Department reset the iPhone passcode on the attacker’s phone. When this happens it creates a new iCloud account that will not sync the old data to the device online until the user manually configures the newly generated Apple passcode within the settings of the phone. The information that will upload to iCloud when taken to a known Wi-Fi area will only be recent data since the latest account was created. So now the authorities are locked out of the phone and no longer have the ability to sync the old data.
Here is what a senior Apple executive had to say:
“The Apple ID passcode linked to the iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device, senior Apple executives said Friday. If that hadn’t happened, Apple said, a backup of the information the government was seeking may have been accessible…
The executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a back door. One of those methods would have involved connecting the phone to a known Wi-Fi network.”
What I find interesting in all of this is that the U.S. government/FBI is asking for a backdoor software to bypass the attacker’s passcode to unlock the phone so they can receive information. I think very few people have any hesitation with the FBI getting lawful access to the data. The problem is, how. If Apple creates this ‘backdoor’, that currently does not exist, it will create the potential for the government and anyone else who gets their hands on it to be able to retrieve anyone’s data that uses an iPhone/iCloud.
Both Apple and the U.S. government already receive bad publicity over consumer and public privacy. Apple had the #Fappening hacks that exposed private and nude photos of celebrities taken with iPhones and were hacked from the iCloud. The U.S. government through the NSA had the WikiLeaks debacle where they were exposed for intercepting and collecting mass data on the general public.
With this new highly publicized case both sides are winning a public relations battle. Apple is putting their heels in and refusing to bypass their security encryption, which is so good the FBI can’t get in. The U.S. government is showing how they are playing by the rules now and going through proper court channels to gain access to private information, unlike what they were doing prior to WikiLeaks.
When my wife and I were talking about this the other night she was glad that Apple was digging their heels in. I explained why it is good PR that the government is doing their part as well. I then asked her to look up at the moon. I explained that back in the 60’s, the U.S. government put a man on the moon using less technology than what is in our high efficiency washing machines today. To think that there is no way for the government to be able to gain six weeks’ worth of data from a deceased terrorist’s phone doesn’t add up. I think this is a lot about puffing out one’s chest and good PR for both sides. At the end of the day, a solution will be found that hopefully doesn’t affect us all in a negative way.
FYI, if you’re ever worried about your passcode being hacked for your iPhone it would take someone (based on 80ms/guess):
Michael Husnik, AFIMAC Director of Operations