“Take a deep breath and stop saying the world is ending,” FBI Director James Comey wrote on Lawfare as he tried to explain the FBI’s reasoning for trying to force Apple to unlock San Bernadino shooter Syed Rizwan Farook’s locked iPhone 5c.
“The San Bernardino litigation isn't about trying to set a precedent or send any kind of message,” according to Comey. “We simply want the chance, with a search warrant, to try to guess the terrorist's passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That's it. We don't want to break anyone's encryption or set a master key loose on the land.”
That might be a bit easier to swallow if the feds hadn’t bungled the reasonable option of having Apple hand over the iCloud backup data after the phone connected to a previously joined network. According to Apple’s answers to customer’s questions about the case, “While the attacker’s iPhone was in FBI custody, the Apple ID password associated with the phone was changed. Changing this password meant the phone could no longer access iCloud services.”
Despite some media reports suggesting San Bernardino County acted alone in resetting Farook’s password four days after the attack, the FBI issued a statement saying, “This is not true. FBI investigators worked cooperatively with the county of San Bernardino in order to exploit crucial data contained in the iCloud account associated with a county-issued iPhone that was assigned to the terror suspect, Syed Rizwan Farook.”
The FBI statement continued:
Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance as required by the All Writs Act Order, since the iCloud backup does not contain everything on an iPhone.
Yet an anonymous Apple executive told Ars Technica, “If the iPhone had backed up to iCloud as Apple had suggested, then the data that the FBI may have been able to recover would be precisely the data that it is currently trying to get directly off of the phone that Farook used.”
iPhone forensic expert Jonathan Zdziarski suggested the FBI’s statement had only two outcomes: “Either the FBI is wrong and was reckless,” or the “FBI will compel more assistance and mislead the courts.” The latter possibility “is far more sinister” as the FBI ordered Apple “to build a backdoor brute force tool allowing the FBI to break the PIN on the device,” but it didn’t mention requiring Apple “to perform any kind of extraction of the raw disk.”
If the FBI’s plan is to require Apple to extract the data, then the backdoor tool “is completely unnecessary.” Zdziarski added, “It would also mean that they’re hiding all of this extra work from both the courts and from Apple, possibly because the combination of the two AWA orders would have constituted ‘unreasonable’ assistance in the court’s view.”
The motives, then, for forcing the creation of this backdoor tool, would of course be to give the FBI a tool that they can compel for use in the future, and has very little to do with the device they’re trying to get into now.
Meanwhile, in an emailed memo to employees, Apple CEO Tim Cook agreed that the “case is about much more than a single phone or a single investigation.” Since Apple is an American company, “it does not feel right to be on the opposite side of the government in a case centering on the freedoms and liberties that government is meant to protect.” Yet as Cook pointed out, “At stake is the data security of hundreds of millions of law-abiding people, and setting a dangerous precedent that threatens everyone's civil liberties.”
Comey said the issue – the “tension” between privacy and safety – “should not be resolved by corporations that sell stuff for a living. It also should not be resolved by the FBI, which investigates for a living. It should be resolved by the American people.” He also mentioned finding the “right balance,” which historically runs roughshod over privacy in the interest of national security.
Cook told Apple employees that the government should “withdraw its demands under the All Writs Act” and “form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort.”