Apple is once again at the centre of a privacy debate over requests for the tech giant to unlock the iPhones of the shooter in a recent tragedy at a naval air base in Pensacola, Florida.
The situation Apple finds itself in is similar to the one in the aftermath of the 2015 San Berbardino shooting, in which Apple was asked by the FBI to assist its agents in gaining access to the locked iPhone of the terrorist responsible for the December shooting in San Bernardino, California.
Apple refused to comply even after a federal magistrate ordered the company to do so, with CEO Tim Cook writing in an open letter that the FBI’s demand to build a ‘back door’ into its devices was an attack on the personal data security of Apple’s millions of users, and that it wouldn’t comply out of “the deepest respect for American democracy and a love of our country.”
In this case, Apple has once again signalled that it will challenge any demands to unlock the iPhones in question. However, Apple has continued to cooperate with law enforcement — when presented with a court order — by providing data that it has stored on its servers, including data that has been backed up from a user’s iPhone.
The stalemate comes from Apple’s refusal to rewrite it’s software to create a back door that would allow an unlimited amount of guesses at a user’s password, a method that is commonly referred to as a ‘brute force’ attack.
The U.S. Justice Department is putting pressure on Apple to comply with law enforcement’s requests, saying publicly that the company has provided no “substantial assistance” in the matter.
“We don’t want to get into a world where we have to spend months and even years exhausting efforts when lives are in the balance,”said U.S. Attorney General William Barr in a statement to the New York Times. “We should be able to get in when we have a warrant that establishes that criminal activity is underway,” he added.
Apple responded in a statement, saying: “We reject the characterization that Apple has not provided substantive assistance in the Pensacola investigation. Our responses to their many requests since the attack have been timely, thorough and are ongoing. Within hours of the FBI’s first request on December 6, we produced a wide variety of information associated with the investigation. From December 7 through the 14th, we received six additional legal requests and in response provided information including iCloud backups, account information and transactional data for multiple accounts.”
There appears to be frustration on Apple’s part at once again being placed at the centre of the privacy debate, due largely to the fact that law enforcement agencies have found success in accessing suspects’ secured iPhones in the past.
Former Apple executives who spoke to the New York Times on the condition of anonymity said that there are at least two private companies — Cellebrite and Grayshift — that have technology allowing them to bypass the encryption on older iPhone models.
The iPhones used by the Pensacola gunman were an iPhone 5 and an iPhone 7, older models that lack the more sophisticated encryption found on today’s iPhones, and in fact even older than the phone used in the 2015 San Bernardino case.
“The iPhone 5 is so old, you are guaranteed that Grayshift and Cellebrite can break into those every bit as easily as Apple could,” said Nicholas Weaver, a lecturer who has taught iPhone security at the University of California, Berkeley.
January 17, 2020 – by Tony Bitzionis