News

Actions

Apple resists order to hack shooter's phone

Posted
and last updated
WASHINGTON -- Apple Inc. CEO Tim Cook says his company will fight a federal magistrate's order to hack its users in connection with the investigation of the San Bernardino shootings, asserting that would undermine encryption by creating a backdoor that could potentially be used on other future devices.
 
Cook's ferocious response, posted early Wednesday on the company's website, came after an order from U.S. Magistrate Judge Sheri Pym that Apple Inc. help the Obama administration break into an encrypted iPhone belonging to one of the shooters in the December attack.
 
The first-of-its-kind ruling was a significant victory for the Justice Department in a technology policy debate that pits digital privacy against national security interests.
 
Noting the order from federal Magistrate Judge Sheri Pym in California, Cook said "this moment calls for public discussion, and we want our customers and people around the country to understand what is at stake." He argued that the order "has implications far beyond the legal case at hand."
 
Pym's order to Apple to help the FBI hack into an encrypted iPhone belonging Syed Farook, one of the San Bernardino, California shooters, set the stage for a legal fight between the federal government and Silicon Valley. The ruling by Pym, a former federal prosecutor, requires Apple to supply highly specialized software the FBI can load onto the county-owned work iPhone to bypass a self-destruct feature, which erases the phone's data after too many unsuccessful attempts to unlock it. The FBI wants to be able to try different combinations in rapid sequence until it finds the right one.
 
The order represents a significant victory for the Justice Department and the Obama administration, which has embraced stronger encryption as a way to keep consumers safe on the Internet but has struggled to find a compelling example to make its case.
 
Federal prosecutors told the judge in a court application that they can't access a work phone used by Farook because they don't know his passcode and Apple has not cooperated. Under U.S. law, a work phone is generally the property of a person's employer. The magistrate judge told Apple in Tuesday's proceeding to provide an estimate of its cost to comply with her order, suggesting that the government will be expected to pay for the work.
 
Apple has provided default encryption on its iPhones since 2014, allowing any device's contents to be accessed only by the user who knows the phone's passcode.
 
The order requires that the software Apple provides be programmed to work only on Farook's phone, but it was not clear how readily that safeguard could be circumvented. The order said Apple has five days to notify the court if it believes the ruling is unreasonably burdensome.
 
It also was not immediately clear what investigators believe they might find on Farook's work phone or why the information would not be available from third-party service providers, such as Google or Facebook, though investigators think the device may hold clues about whom the couple communicated with and where they may have traveled.
 
The phone was running the newest version of Apple's iPhone operating system. San Bernardino County provided Farook with an iPhone configured to erase data after 10 consecutive unsuccessful unlocking attempts. The FBI said that feature appeared to be active on Farook's iPhone as of the last time he performed a backup.
 
In his website posting, Cook said the U.S. government order would undermine encryption by using specialized software to create an essential back door that he compared to a "master key, capable of opening hundreds of millions of locks."
 
"In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone's physical possession," Cook wrote. "The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a back door. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control."
 
The ruling tied the problem to the San Bernardino attack, the deadliest by extremist elements on U.S. soil since the 2001 attacks on the World Trade Center and the Pentagon. Syed Farook and his wife, Tashfeen Malik, killed 14 people in a Dec. 2 shooting at a holiday luncheon for Farook's co-workers. The couple later died in a gun battle with police.
 
The ruling by Pym, a former federal prosecutor, requires Apple to supply highly specialized software the FBI can load onto the county-owned work iPhone to bypass a self-destruct feature, which erases the phone's data after too many unsuccessful attempts to unlock it. The FBI wants to be able to try different combinations in rapid sequence until it finds the right one.
 
It was not immediately clear what investigators believe they might find on Farook's work phone or why the information would not be available from third-party service providers, such as Google or Facebook, though investigators think the device may hold clues about whom the couple communicated with and where they may have traveled.
 
The couple took pains to physically destroy two personally owned cell phones, crushing them beyond the FBI's ability to recover information from them. They also removed a hard drive from their computer; it has not been found despite investigators diving for days for potential electronic evidence in a nearby lake.
 
Farook was not carrying his work iPhone during the attack. It was discovered after a subsequent search. It was not known whether Farook forgot about the iPhone or did not care whether investigators found it.
 
The judge didn't spell out her rationale in her three-page order, but the ruling comes amid a similar case in the U.S. District Court for the Eastern District of New York.
 
Investigators are still working to piece together a missing 18 minutes in Farook and Malik's timeline from Dec. 2. Investigators have concluded they were at least partly inspired by the Islamic State group; Malik's Facebook page included a note pledging allegiance to the group's leader around the time of the attack.
 
In 2014, Apple updated its iPhone operating system to require that the phone be locked by a passcode that only the user knows. Previously, the company could use an extraction tool that would physically plug into the phone and allow it to respond to search warrant requests from the government.