This article is from the source 'washpo' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at https://www.washingtonpost.com/world/national-security/us-wants-apple-to-help-unlock-iphone-used-by-san-bernardino-shooter/2016/02/16/69b903ee-d4d9-11e5-9823-02b905009f99_story.html
The article has changed 9 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| U.S. wants Apple to help unlock iPhone used by San Bernardino shooter | U.S. wants Apple to help unlock iPhone used by San Bernardino shooter |
| (about 2 hours later) | |
| A federal judge has ordered Apple to help the government unlock the iPhone used by one of the shooters who carried out the Dec. 2. San Bernardino, Calif., terrorist attacks after the government said that the firm failed to provide assistance voluntarily. | |
| The Justice Department sought the order “in the hopes of gaining crucial evidence” about the shooting rampage, which killed 14 people and injured 22. | |
| The order, signed Tuesday by a magistrate judge in Riverside, Calif., does not ask Apple to break the phone’s encryption but rather to disable the feature that wipes the data on the phone after 10 incorrect tries at entering a password. That way, the government can try to crack the password using “brute force” — attempting tens of millions of combinations without risking the deletion of the data. | |
| The order comes a week after FBI Director James B. Comey told Congress that the bureau has not been able to open the phone belonging to one of the killers. “It has been two months now, and we are still working on it,” he said. | |
| The issue illustrates the frustration of law enforcement in gaining access to data in high-profile investigations. It also raises the pressure on Apple to find a way to comply, as the phone in question was used in the deadliest terrorist attack on U.S. soil since Sept. 11, 2001. | |
| The Silicon Valley giant has steadfastly maintained it is unable to unlock its newer iPhones for law enforcement, even when officers obtain a warrant, because they are engineered in such a way that Apple does not hold the decryption key. Only the phone’s user — or someone who knew the password — would be able to unlock the phone. | |
| [As encryption spreads, U.S. grapples with clash between privacy, security] | [As encryption spreads, U.S. grapples with clash between privacy, security] |
| The FBI’s efforts may show how impervious the new technology is to efforts to circumvent it. According to industry officials, Apple cannot unilaterally dismantle or override the 10-tries-and-wipe feature. Only the user or person who controls the phone’s settings can do so. | |
| However, U.S. Magistrate Judge Sheri Pym noted in her order, Apple can write software that can bypass the feature. Federal prosecutors noted in a memo accompanying the order that the software would affect only the seized phone. | |
| Nonetheless, Apple probably would see that as a request for a “backdoor” or a weakening of device security and would resist it, said industry officials, who spoke on the condition of anonymity to discuss a sensitive matter. | |
| The phone was used by Syed Rizwan Farook, who with his wife Tashfeen Malik opened fire at a holiday party at the Inland Regional Center, a county facility. The couple, who pledged loyalty to the Islamic State terrorist group, died a few hours later in a shootout with police. | |
| FBI investigators recovered a number of electronic devices, including thumb drives, computer hard drives and Farook’s cellphone. His phone belonged to the county public-health department, where he was an inspector. Prosecutors noted that the county consented to allow the phone to be searched and to have Apple’s assistance in the matter. | |
| Data that would be encrypted on the device includes contacts, photos and iMessages. Having access to that material could shed light on why the couple picked the target they did, whether they were planning other attacks and whether they received any direction or support from overseas. | |
| [FBI tries to figure out what San Bernardino shooters did in 18-miute window] | [FBI tries to figure out what San Bernardino shooters did in 18-miute window] |
| FBI Supervisory Special Agent Christopher Pluhar stated in a declaration that he was able to obtain from Apple all the data that was backed up to its iCloud servers from the phone. That data showed that Farook was in communication with individuals who were later killed. Significantly, Pluhar said, the most recent backup took place on Oct. 19, 2015, which indicates that Farook may have intentionally disabled the backup feature. | |
| Pluhar, who is director of the Orange County Regional Computer Forensics Laboratory, said he believes there may be “relevant, critical communications and data” on the phone around the time of the shooting. | |
| The phone ran on Apple’s iOS 9 operating system, which was built with default device encryption. When a user creates a password, that phrase generates a key that is used in combination with a hardware key on a chip inside the phone. Together, the keys encrypt the device’s data. | |
| If the autowipe function is suspended, the FBI can run a massive number of combinations of letters, symbols and numbers until the right combination is found. | If the autowipe function is suspended, the FBI can run a massive number of combinations of letters, symbols and numbers until the right combination is found. |
| But there’s a complication. | But there’s a complication. |
| If the combinations are run on the phone itself, the process can be painfully slow, taking, according to Apple, 5½ years for a six-digit lower-case password mixing numbers and letters. | If the combinations are run on the phone itself, the process can be painfully slow, taking, according to Apple, 5½ years for a six-digit lower-case password mixing numbers and letters. |
| If run on a supercomputer, it can be done many thousands of times faster. But to do it that way, the FBI would need the hardware key, which is built into the phone. Apple says it does not keep a copy of that key. To get that key, one could use a number of techniques, including melting the plastic off the chip and hitting it with bursts of lasers or radio frequencies to recover bits of the key. | If run on a supercomputer, it can be done many thousands of times faster. But to do it that way, the FBI would need the hardware key, which is built into the phone. Apple says it does not keep a copy of that key. To get that key, one could use a number of techniques, including melting the plastic off the chip and hitting it with bursts of lasers or radio frequencies to recover bits of the key. |
| Matthew D. Green, a cryptography expert at Johns Hopkins University, said the FBI could crack a six-digit numeric code in about 22 hours. | |
| “But once there’s numbers and letters, that’s when things get interesting,” he said. “It might take 10 years to crack a strong password on the phone, which means they might be stuck till 2026.” | “But once there’s numbers and letters, that’s when things get interesting,” he said. “It might take 10 years to crack a strong password on the phone, which means they might be stuck till 2026.” |