FBI Postpones Apple Case, Claims Ability to Break into iPhone

Written by

The FBI has dropped its case against Apple, after it apparently found a way to get access to data on the phone without Apple’s help.

According to the motion, the hearing currently set for March 22 2016 is to be vacated and the government is to file a status report by April 5 2016.

“Specifically, since recovering [San Bernandino attacker Syed Rizwan] Farook’s iPhone on December 3, 2015, the FBI has continued to research methods to gain access to the data stored on it. The FBI did not cease its efforts after this litigation began. As the FBI continued to conduct its own research, and as a result of the worldwide publicity and attention on this case, others outside the U.S. government have continued to contact the U.S. government offering avenues of possible research.”

This led  on to say that on Sunday, March 20, an outside party demonstrated to the FBI a possible method for unlocking the iPhone, but testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone.

“If the method is viable, it should eliminate the need for the assistance from Apple Inc. (“Apple”) set forth in the All Writs Act Order in this case.”

A statement from the EFF said that this is good news for now, as the government is backing off its demand that Apple build a tool that will compromise the security of millions, contradicts Apple's own beliefs, and is unsafe and unconstitutional.

“This may be more than just a routine extension of time,” said EFF executive director Cindy Cohn. “The FBI’s motion acknowledges that it may have other avenues to pursue in accessing the data on the phone, something that it must do under the law. It could also provide a way for the FBI to get out of a very public battle it provoked over an extremely contentious issue: how and when tech companies can be forced to rewrite their software to facilitate surveillance.

“This case was always about more than access to a single phone. It was an attempt to set a legal precedent that requires any company to undermine their users’ security at the FBI’s request. Security is vital to protect the information on your phone, and the FBI should work to enhance user security, not undermine it.”

According to the New York Times, a senior Apple executive, who spoke to reporters on the condition of anonymity late Monday, said should the government fail to unlock the phone and continue its fight with the company, Apple would want to know more about the outside party that has claimed it can break into the iPhone, in order to learn what methods could circumvent the company’s security features.

Apple said it learned about the change of plans only hours before the government filed its motion. According to Politico,  Apple CEO Tim Cook affirmed his company’s intent to fight this and other cases where the government seeks greater access to digital data.

Michael Hack, senior vice president EMEA operations at Ipswitch, said: “Any ‘back door’ created by Apple at the request of the FBI would very quickly become a target for hackers and cybercriminals; we know from experience that there are plenty of cyber-geeks out there who would be keen to find a key of their own just for the hell of it.

“But there is also a whole wealth of very unsavoury people with very dark motives waiting to kick in any back door that Apple creates. Unfortunately, despite Apple’s and the FBI’s best intentions and efforts, both sets of people would undoubtedly manage to crack the code in the end - and personal data stored on iPhones - such as bank accounts, health records and even details of frequently visited locations - could be up for grabs.”

Over the weekend, a group of Johns Hopkins University researchers said that they found a bug in Apple’s code that would enable a skilled attacker to decrypt photos and videos sent as secure instant messages. Matthew D. Green, a computer science professor at Johns Hopkins University who led the research team, told the Washington Post that “this specific flaw in Apple’s iMessage platform probably would not have helped the FBI pull data from an iPhone recovered in December’s San Bernardino, Calif., terrorist attack, but it shatters the notion that strong commercial encryption has left no opening for law enforcement and hackers.”

What’s hot on Infosecurity Magazine?