In a development that shouldn’t come as a big surprise, President Donald Trump has now weighed in alongside the U.S. Department of Justice in the battle to force Apple to unlock two iPhones used by the mass shooter in Florida last month.
Last week, the FBI sent a formal request to Apple requesting that it provide access to two iPhones that were used by Mohammed Saeed Alshamrani, a Saudi Air Force cadet who had been training with the American military and was responsible for a Dec. 6 shooting at the Naval Air Station in Pensacola, Florida that left three people dead and eight injured.
Not long after the request, U.S. Attorney General William P. Barr entered the fray in what the New York Times called an “unusually high-profile request,” not only calling on Apple to unlock the two iPhones, but also accusing them of offering “no substantive assistance” — a claim that Apple vehemently denied, pointing out that it had in fact provided the FBI with “many gigabytes of information” in response to its requests within hours of the original shooting, including iCloud backups of the first iPhone in question. Apple also indicated that it wasn’t even made aware that a second iPhone was part of the investigation until it received the FBI’s request last week to provide direct access to both iPhones.
As if a public request from the U.S. Attorney General wasn’t enough, now it seems that the issue has been escalated to the very top, with the President of the United States himself weighing in on Twitter accusing Apple of refusing to unlock iPhones “used by killers, drug dealers, and other violent criminal elements.”
In the tweet, Trump also points out that his administration has been “helping Apple all of the time on trade and so many other issues,” adding further hyperbole that makes it sound like a personal disagreement between Trump and Apple CEO Tim Cook, who the U.S. President has previously praised as a “great executive.”
The last time Apple faced this kind of pressure from the FBI was in the case of the San Bernardino shooter during the Obama administration back in late 2015 and early 2016. While the challenges that law enforcement faced as a result of strong encryption were far less pervasive at the time, it seemed that the issue never escalated very far beyond internal Justice Department officials, and the Obama administration itself refrained from offering any comment on the matter at all.
However, over the past few years a lot has changed, and many law enforcement officials and legislators now seem to be gearing up for a fight, which is something that the current administration seems to be rallying behind. Trump stated last month that it is one of the Justice Department’s “highest priorities” to find a way for law enforcement to gain access to encrypted technology,” and in a set of hearings last month, U.S. Senator Lindsey Graham (R-S.C.), who chairs the Senate Judiciary Committee, declared the iPhone a “save haven for criminals” and stated that U.S. lawmakers would “impose our will” upon Apple should it not come up with a backdoor to provide law enforcement with full access to iPhones by the end of 2020.
During the hearings, New York District Attorney Cyrus Vance, who has long been an opponent of strong encryption hampering investigations, and has called the iPhone “the terrorists’ communication device of choice” went even further in declaring the iPhone a “gift from Apple to sex traffickers.”
Ultimately, however, it would seem that the Justice Department and the Trump administration are actually looking to pick a fight with Apple here. When Apple refused to comply with the FBI’s request to unlock the iPhone used by the San Bernardino shooter in 2015 — an iPhone 5c — the FBI found another way and the case against Apple quietly faded into memory. This time around, however, they seem determined to force Apple to help them directly.
Does the FBI Really Need Apple’s Help?
The FBI has presumably scoured the iCloud backups of the first iPhone provided by Apple, however investigators indicate that they’re looking for messaging traffic from apps like Signal and WhatsApp, which by design don’t save users’ messaging histories in iCloud backups. Getting direct access to the encrypted data on the iPhones is likely the only way investigators would be able to see Alshamrani’s messaging history, which is crucial in order to determine whether he acted alone or others were involved.
The two iPhones in question in this case are an iPhone 5 and an iPhone 7 Plus, both of which are old enough that they should be easily accessible by other forensic companies using the same sort of third-party methods that were employed for the iPhone 5c in the San Bernardino case. In fact, the iPhone 5c and iPhone 5 share almost identical hardware, and both lack the Secure Enclave that traditionally makes Apple’s newer iPhones more secure; while the iPhone 5 involved in the Pensacola case is likely running a newer iOS version, it can’t run anything newer than iOS 10.
The iPhone 5 is so old, you are guaranteed that Grayshift and Cellebrite can break into those every bit as easily as Apple could.Nicholas Weaver, security lecturer at the University of California, Berkeley
The iPhone 7 Plus may be slightly more difficult to get access to, especially since it’s likely running iOS 11.4 or later which blocks access to the USB port when locked, thereby rendering forensic tools like the GrayKey relatively useless, however a significant bootrom exploit discovered last year provides a method of getting at least some level of access to any Apple device using an A-series chip from the A5 to the A11. The iPhone 7 Plus uses an A10 chip.
This is also a hardware-based exploit, meaning that the iOS version running on the iPhone in question is irrelevant, and forensic researchers have already found a few ways to take advantage of it to extract passwords from locked devices. It seems very likely that this bootrom exploit could also be used to restore access to an otherwise-restricted USB port, allowing tools like GrayKey to once again do their thing.
So it hardly seems likely that the FBI actually needs Apple’s help to get into these iPhones, and what’s more unusual is that the FBI took so long to actually make that specific request to Apple. While Apple notes that it received a request for data on Dec. 6, the same day of the shooting, and six more requests in the days following, it wasn’t until Jan. 6 that the FBI asked for additional assistance in unlocking the physical iPhone in question, while also disclosing that there was in fact a second iPhone involved in the investigation also.
FBI officials explained the delay by saying that they were looking to gain access to the iPhones through other channels, including other government agencies, foreign governments, and third-party technology vendors, likely on the assumption that Apple wouldn’t be able to help, and that it was only after they had exhausted these channels that they turned to Apple.
If true, it seems unusual that other forensic companies wouldn’t have been able to help them considering the age of the iPhone models in question; even if these companies didn’t have canned solutions available, it’s very likely they’d work to find a solution considering the resources of the U.S. government. The FBI spent $1 million to unlock the San Bernardino shooter’s iPhone, and yet found nothing for all its trouble, and it’s hard to imagine a forensic company turning down money like that.
However, the FBI also noted that both of the iPhones in question have been physically damaged, with the gunman having shot the iPhone 7 Plus and tried to specifically destroy the iPhone 5. The FBI said it was able to fix the iPhones in a lab so that they could power on, but still couldn’t bypass the encryption. As other security researchers have pointed out, though, if the damage is enough to prevent third-party tools from working, it’s extremely unlikely that there would be anything more that Apple could do.
Apple Preparing for a Fight
According to The New York Times, Apple is digging in for a legal fight with the Justice Department in order to defend its stance on encryption, a position that inside sources have already said the company will not back down from.
The Times says that Apple CEO Tim Cook is gathering his top advisors, but that executives are not only surprised by how quickly the case has escalated, as well as expressing both frustration and skepticism that the Justice Department “hasn’t spent enough time trying to get into the iPhones with third-party tools.”
However, unlike the current administration, it seems that Apple doesn’t really want to pick a fight here, offering much more conciliatory statements indicating that it is doing everything it can to help the FBI on the Pensacola case, but that it will not weaken encryption to do so. Sources inside Apple have also said that Cook’s team is hoping to steer the FBI to an “outside resolution” that would avoid the need for Apple to break its own security, which again should be trivial for companies like Cellebrite — the Israeli firm widely believed to have unlocked the San Bernardino shooter’s iPhone — and Grayshift to do considering the age of the iPhone models in question.
Ultimately, though, if the Trump administration and the Justice Department are looking to try and use this situation to build support for legislating backdoors for law enforcement, it’s likely that they won’t be appeased by anything less than Apple opening up its encryption entirely, at risk of compromising the privacy and security of hundreds of millions of iPhone users around the world.