This article was published on February 21, 2016

FBI says it reset the San Bernadino shooter’s iCloud password (and maybe royally messed up)


FBI says it reset the San Bernadino shooter’s iCloud password (and maybe royally messed up)

In the ongoing battle between Apple and the FBI of manually unlocking a single iPhone, both the company and the government had a skirmish over one particular detail: who reset the phone’s iCloud back-up.

Late this weekApple indicated that the iCloud password on the San Bernadino shooter’s iPhone 5c had been reset, which could have hindered the company’s ability to extract updated data from the phone

Initially, it appeared the FBI pointed fingers at the county, which technically owned shooter Syed Rizwan Farook’s phone. A county official, the FBI claimed, was responsible for bungling the iCloud password.

But the county pushed back on that idea, saying it was just following orders:

Early Sunday morning, the FBI finally responded with a new statement, according to the LA Times. In it, the organization dismissed reports about its lack of involvement and admitted that it was, in fact, present and working closely with San Bernadino County to reset the password to gain access to the account. Although it was possible that forcing the iCloud password recent ultimately prevented more recent data on the phone from backing up, the FBI said it didn’t know for sure.

More potently, the FBI argues that Apple splitting hairs about the password doesn’t mean it would have solved the problem:

Through previous testing, we know that direct data extraction from an iOS device often provides more data than an iCloud backup contains. Even if the password had not been changed and Apple could have turned on the auto-backup and loaded it to the cloud, there might be information on the phone that would not be accessible without Apple’s assistance as required by the All Writs Act order. since the iCloud backup does not contain everything on an iPhone. As the government’s pleadings state, the government’s objective was, and still is, to extract as much evidence as possible from the phone.

In short, whether the FBI did drop the ball regarding the iCloud account is largely irrelevant — it’s looking to scrape all data from the phone, even if it it comes from different apps that Apple doesn’t control.

This goes beyond texts or emails, and could involve data from other messaging platforms like WhatsApp or Telegram, even if it’s otherwise protected or encrypted.

So Apple remains battling the government and the voices of lightning rods like Donald Trump over what could be a big blow to hardware privacy.

FBI rebuts reports that county reset San Bernardino shooter’s iCloud password without consent [LA Times]

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top