Apple balks at court order to unlock San Bernardino shooter’s iPhone
- By Sean Lyngaas
- Feb 17, 2016
Photo credit: Alexey Boldin / Shutterstock.com
A federal judge on Feb. 16 ordered Apple Inc. to help the FBI break into an iPhone used by one of the San Bernardino, Calif., shooters, giving new publicity to a long-simmering debate about balancing the needs of law enforcement and the rights of users when it comes to encrypted communications.
Judge Sheri Pym of the U.S. District Court in Los Angeles ordered Apple to offer "reasonable technical assistance" to investigators trying to extract data from the iPhone 5C used by Syed Rizwan Farook. Farook and his wife on Dec. 2 murdered 14 people before being killed by police.
Investigators are seeking technical assistance from Apple in bypassing an iPhone function that automatically erases data after too many incorrect entries of a passcode. The Feb. 16 court order also asks Apple to ensure that its software does not trigger delays after multiple passcode attempts by the FBI, the judge ordered.
The order does not actually task Apple with breaking the iPhone's encryption, but to design a change to the Apple mobile operating system that facilitates attempts to unlock the phone by rapidly entering multiple possible passwords – a method known in cryptography as "brute force" attack.
Apple CEO Tim Cook, a vocal advocate of strong encryption, vowed to oppose the court order.
"The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers -- including tens of millions of American citizens -- from sophisticated hackers and cybercriminals," Cook said in a statement to Apple users.
The court order asks Apple to build a new version of iOS devoid of some security features, Cook lamented. "In the wrong hands, this software -- which does not exist today -- would have the potential to unlock any iPhone in someone's physical possession."
White House Press Secretary Joshua Earnest argued otherwise in a Feb. 17 press briefing. The Justice Department is "not asking Apple to redesign its product, or to create a new backdoor to one of their products," Earnest said. "They're simply asking for something that would have an impact on this one device."
Apple has five days from the court order to appeal for relief on the grounds that the order is "unreasonably burdensome."
Rep. Ted Lieu (D-Calif.), a computer scientist by training, expressed concern that the court order was essentially making Apple an arm of the FBI. Lieu earlier this month introduced a bill that would prevent states from requiring device manufacturers to allow backdoors for law enforcement in their products.
News of the court order sparked a maelstrom amongst technologists and privacy activists. Former National Security Agency contractor Edward Snowden, who leaked classified information on NSA surveillance programs, dubbed the San Bernardino case "the most important tech case in a decade."
Matthew Green, a Johns Hopkins University computer scientist and cryptography expert, told FCW that Apple had built the iOS to resist exactly the kind of brute-force cracking the FBI is attempting.
The San Bernardino case is drawing attention to Apple's strong encryption, and other companies not yet offering the same level of encryption may come to realize they are at a comparative disadvantage in the market, according to Green.
Green expressed concern over the precedent the court order could set: "Once you have this power, where does it end?"
It's not clear whether the tech industry as a whole will follow Cook's lead.
Mark MacCarthy, senior vice president of public policy at the Software Industry Association of America, called the court order "overbroad and unwise," and worried that the government's position has "massive implications for all software companies, threatening data security generally and opening up tremendous new opportunities for those who want to do harm to individuals and society."
Dean Garfield, president and CEO of the Information Technology Industry Council, was more tempered in his reaction, saying, "We worry about the broader implications both here and abroad of requiring technology companies to cooperate with governments to disable security features, or introduce security vulnerabilities into technologies."
Robert Cattanach, a former Justice Department attorney, called the confrontation between Apple and the FBI "the next salvo in the ever-escalating battle between law enforcement and tech companies."
The situation is "unchartered territory" in that the government is not relying on a "traditional search warrant," added Cattanach, now a partner at Dorsey & Whitney law firm.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.