Donald Trump Calls on Apple to ‘Step Up to the Plate’ and Unlock iPhones Used by Florida Mass Shooter

United States President Donald Trump this afternoon weighed in on a disagreement between Apple and the FBI, calling on Apple to "step up to the plate" and "help our great country" by unlocking the iPhones used by Florida shooter Mohammed Saeed Alshamrani.

Trump said that the U.S. is "helping Apple all of the time" but Apple refuses to "unlock" smartphones used by "killers, drug dealers and other violent criminal elements."


The Twitter rant comes following a request yesterday from U.S. Attorney General William Barr, who asked Apple to unlock the iPhone 5 and iPhone 7 used by Alshamrani. Barr complained that Apple had provided "no substantive assistance" and said that it is critical "that the public be able to get access to digital evidence."


Apple previously said that it had provided all of the information in its possession (such as iCloud backups) to the FBI earlier in the month after the FBI asked for assistance obtaining the shooter's data. Law enforcement officials are not satisfied with the iCloud data, however, and want Apple to provide a way to unlock the shooter's iPhones, which is not possible without a backdoor into the software.

After Barr's request, Apple issued another statement and provided further detail on the data that has been provided, as well as once again stating that there is "no such thing as a backdoor just for the good guys." Apple's full response to Barr that ultimately triggered Trump's tweet is below:
We were devastated to learn of the tragic terrorist attack on members of the US armed services at the Naval Air Station in Pensacola, Florida on December 6th. We have the greatest respect for law enforcement and routinely work with police across the country on their investigations. When law enforcement requests our assistance, our teams work around the clock to provide them with the information we have.

We reject the characterization that Apple has not provided substantive assistance in the Pensacola investigation. Our responses to their many requests since the attack have been timely, thorough and are ongoing.

Within hours of the FBI's first request on December 6th, we produced a wide variety of information associated with the investigation. From December 7th through the 14th, we received six additional legal requests and in response provided information including ‌iCloud‌ backups, account information and transactional data for multiple accounts.

We responded to each request promptly, often within hours, sharing information with FBI offices in Jacksonville, Pensacola and New York. The queries resulted in many gigabytes of information that we turned over to investigators. In every instance, we responded with all of the information that we had.

The FBI only notified us on January 6th that they needed additional assistance -- a month after the attack occurred. Only then did we learn about the existence of a second ‌iPhone‌ associated with the investigation and the FBI's inability to access either ‌iPhone‌. It was not until January 8th that we received a subpoena for information related to the second ‌iPhone‌, which we responded to within hours. Early outreach is critical to accessing information and finding additional options.

We are continuing to work with the FBI, and our engineering teams recently had a call to provide additional technical assistance. Apple has great respect for the Bureau's work, and we will work tirelessly to help them investigate this tragic attack on our nation.

We have always maintained there is no such thing as a backdoor just for the good guys. Backdoors can also be exploited by those who threaten our national security and the data security of our customers. Today, law enforcement has access to more data than ever before in history, so Americans do not have to choose between weakening encryption and solving investigations. We feel strongly encryption is vital to protecting our country and our users' data.
The current dispute between Apple and the U.S. government mirrors a similar incident in 2016. Apple was ordered by a federal judge to unlock the iPhone owned by San Bernardino shooter Syed Farook. Apple fought hard against the order, which was asking for backdoor access into iPhones, and explained that weakening security "makes no sense" and would create "new and dangerous weaknesses."

Apple ultimately won the dispute and the government was able to find another way to access Farook's iPhone, which may also be an option in the current situation. Bloomberg this afternoon spoke to several security researchers, including Will Strafach, who said the government could "absolutely" get into the iPhone 5 and iPhone 7 owned by Alshamrani using technology offered by Cellebrite and other iPhone cracking firms.

As in 2016, Apple is not likely to cave in to government demands because doing so would compromise the security of all iPhones. A new report from The New York Times suggests Apple is privately preparing for a legal fight while also attempting to publicly diffuse the situation.

Apple executives are said to be surprised at the case's "quick escalation" and some of the team working on the issue are frustrated that the Justice Department "hasn’t spent enough time trying to get into the iPhones with third-party tools." Apple CEO Tim Cook has put together a team handling the dispute, and the group is said to be hoping to steer the situation towards an outside resolution that "doesn’t involve the company breaking its own security."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "Donald Trump Calls on Apple to 'Step Up to the Plate' and Unlock iPhones Used by Florida Mass Shooter" first appeared on MacRumors.com

Discuss this article in our forums

U.S. Attorney General Asks Apple to Unlock iPhones Used by Florida Mass Shooter

United States Attorney General William Barr today asked Apple to unlock the iPhones used in mass shooting last month at a naval air station in Pensacola, Florida, reports The New York Times.

The request comes as the shooting has been declared an act of terrorism, and it follows a report last week that the FBI sent a letter to Apple asking for help accessing two iPhones used by shooter Mohammed Saeed Alshamrani.

"This situation perfectly illustrates why it is critical that the public be able to get access to digital evidence," Mr. Barr said, calling on Apple and other technology companies to find a solution and complaining that Apple has provided no "substantive assistance."
Apple has already provided law enforcement officials with information from Alshamrani's iCloud account, but the two iPhones are passcode protected (one is also damaged from gunfire) and Apple has in he past taken a strong position against providing access to locked iPhones.

Apple last week said that it had already provided all of the information in its possession to the FBI.
We have the greatest respect for law enforcement and have always worked cooperatively to help in their investigations. When the FBI requested information from us relating to this case a month ago, we gave them all of the data in our possession and we will continue to support them with the data we have available.
Justice department officials claim to need access to the iPhones to see messages from encrypted apps like Signal or WhatsApp to find out if Alshamrani discussed his plans or had help.

In 2016, Apple had a major showdown with the U.S. government after being ordered by a federal judge to unlock the iPhone owned by San Bernardino shooter Syed Farook. Apple fought hard against the order asking for backdoor access into iPhones and said that it would create "new and dangerous weaknesses" and that weakening security "makes no sense."

Apple ultimately won the dispute and the government found an alternate way to access the ‌iPhone‌ in question.

Apple is now facing a similar battle as the company's statement last week suggests it has no plans to unlock the two iPhones and the attorney general has said that he is prepared for a fight.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "U.S. Attorney General Asks Apple to Unlock iPhones Used by Florida Mass Shooter" first appeared on MacRumors.com

Discuss this article in our forums

FBI Reportedly Asks Apple to Help Unlock Passcode-Protected iPhones Used by Mass Shooter in Florida

In a letter sent late Monday to Apple's general counsel Katherine Adams, the FBI has asked Apple to help unlock two iPhones that investigators believe were owned by Mohammed Saeed Alshamrani, who carried out a mass shooting at a Naval Air Station in Florida last month, according to NBC News.


The report claims the iPhones are passcode protected, and one of them appears to be damaged by gunfire. In a statement to NBC News, Apple said it has already provided all of the data in its possession to the FBI:
We have the greatest respect for law enforcement and have always worked cooperatively to help in their investigations. When the FBI requested information from us relating to this case a month ago, we gave them all of the data in our possession and we will continue to support them with the data we have available.
Apple faced a similar situation in 2016, when a U.S. federal judge ordered the company to help the FBI hack into the iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino, California. Apple opposed the order, noting that it would set a "dangerous precedent" with security risks.

Apple's dispute with the FBI ended in just weeks after the U.S. government found an alternate way to access the data on the iPhone through the help of Israeli firm Cellebrite and withdrew the lawsuit.

Based on its statement, it appears that Apple will continue to take a hard line on refusing to unlock iPhones for the FBI.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


This article, "FBI Reportedly Asks Apple to Help Unlock Passcode-Protected iPhones Used by Mass Shooter in Florida" first appeared on MacRumors.com

Discuss this article in our forums

FBI ‘Grossly Inflated’ Statistics on Investigations Stymied by Encrypted Smartphones

The United States Federal Bureau of Investigation provided Congress with "grossly inflated" statistics on the number of electronic devices it has been been unable to access due to encryption, reports The Washington Post.

Last year, the FBI claimed to have been locked out of close to 7,800 devices that were connected to crimes, but the actual number of devices that were inaccessible is smaller, closer in scope to between 1,000 and 2,000. The FBI discovered an error in the method used for counting encrypted smartphones last month, and has not yet completed a full internal audit to determine the correct number.

"The FBI's initial assessment is that programming errors resulted in significant over-counting of mobile devices reported," the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of the same phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work.
The FBI's inflated numbers are a problem because FBI director Christopher Wray has, at several points in time, used those statistics to warn of the dangers criminals using encryption to "go dark" and evade law enforcement oversight.

Back in October, for example, Wray said the inability to access such a large number of encrypted smartphones was a major problem. "To put it mildly, this is a huge, huge problem," said Wray. "It impacts investigations across the board - narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation."

In another such speech in January, Wray used the inflated figure to describe encryption as an "urgent public safety issue."
"While the FBI and law enforcement happen to be on the front lines of this problem, this is an urgent public safety issue for all of us. Because as horrifying as 7,800 in one year sounds, it's going to be a lot worse in just a couple of years if we don't find a responsible solution."
These kinds of statistics have also been used by the FBI to advocate for backdoors into encrypted devices like the iPhone.

In 2016, for example, Apple and the FBI had now-famous dispute over the iPhone 5c used by San Bernardino shooter Syed Farook. The FBI demanded that Apple create a tool to allow law enforcement officials to disable passcode security features so they could hack into the device, effectively weakening its protection.

Apple staunchly refused and argued that such a request could set a "dangerous precedent," a position the company has maintained since then as law enforcement officials have continued to advocate for backdoor device access.

Apple, as part of the Reform Government Surveillance coalition, recently released a statement condemning proposals for backdoors into electronic devices, and in March, Apple engineering chief Craig Federighi said that backdoor access would "inject new and dangerous weaknesses into product security."

"Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," Federighi said.

Despite the FBI's error counting the number of encrypted devices it has been unable to access during criminal investigations, the agency maintained that encryption is a "serious problem" in a statement to The Washington Post.

"Going Dark remains a serious problem for the FBI, as well as other federal, state, local and international law enforcement partners. ... The FBI will continue pursuing a solution that ensures law enforcement can access evidence of criminal activity with appropriate legal authority."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

Anti-Surveillance Coalition That Includes Apple Condemns Proposals for Device Backdoors

The Reform Government Surveillance coalition, which includes several major tech companies who have teamed up to lobby for surveillance law reform, this week released a statement condemning recent proposals for backdoor access into electronic devices and reaffirming a commitment to strong encryption.

The coalition is made up of multiple tech companies who have taken a strong stance against weakening encryption, including Apple, Google, Microsoft, Dropbox, Snap, Evernote, LinkedIn, Oath (owned by Verizon) and Facebook.
Reform Government Surveillance recently announced a new core principle on encryption that will guide our advocacy efforts, and we continue to believe that strong encryption helps protect the security and privacy of individuals and companies around the world. We have consistently raised concerns about proposals that would undermine encryption of devices and services by requiring so-called "exceptional access" for law enforcement. Recent reports have described new proposals to engineer vulnerabilities into devices and services - but they appear to suffer from the same technical and design concerns that security researchers have identified for years. Weakening the security and privacy that encryption helps provide is not the answer.
As ZDNet points out, the statement comes following a WIRED article profiling Microsoft chief technical Ray Ozzie and his suggestion for a solution called "Clear" that would supposedly provide law enforcement with access to encrypted data with less security risk.

Ozzie's proposal uses a public key and a private key (housed and protected by a company like Apple) that are used to encrypt and decrypt a PIN generated on the device. No one is meant to be able to decode and use the PIN to unlock the device aside from the vendor, using the aforementioned private key.
So, say the FBI needs the contents of an iPhone. First the Feds have to actually get the device and the proper court authorization to access the information it contains--Ozzie's system does not allow the authorities to remotely snatch information. With the phone in its possession, they could then access, through the lock screen, the encrypted PIN and send it to Apple.

Armed with that information, Apple would send highly trusted employees into the vault where they could use the private key to unlock the PIN. Apple could then send that no-longer-secret PIN back to the government, who can use it to unlock the device.
Ozzie demonstrated his "Clear" solution to representatives from tech companies that included Apple, Google and Facebook, according to WIRED, but unsurprisingly, none of them had "any interest whatsoever" in voluntarily implementing that kind of access into their devices and services.

The coalition Apple is a part of in April published a core principle pledging to ensure device security through strong encryption and calling on governments to avoid taking actions that would require companies to "create any security vulnerabilities in their produces and services."
Strong encryption of devices and services protects the sensitive data of our users - including individuals, corporations, and governments. Strong encryption also promotes free expression and the free flow of information around the world. Requiring technology companies to engineer vulnerabilities into their products and services would undermine the security and privacy of our users, as well as the world's information technology infrastructure. Governments should avoid any action that would require companies to create any security vulnerabilities in their products and services.
The renewed activity from the Reform Government Surveillance group follows reports that have suggested law enforcement officials are quietly revisiting proposals that would require tech companies to add backdoor access into electronic devices for use by law enforcement officials.

FBI and DOJ officials have been meeting with security researchers with the aim of developing approaches that would offer "extraordinary access" to encrypted devices like the iPhone, with DOJ officials reportedly "convinced" there is a way to create a backdoor without weakening a device's defense against hacking.

Apple software engineering chief Craig Federighi recently said that this kind of backdoor access would "inject new and dangerous weaknesses into product security."

"Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," Federighi said.

Apple vehemently opposes backdoor solutions like the one Ozzie proposed because they have the potential to weaken device encryption and provide new ways for bad actors to access device data.

Apple's strong stance against weakened device protections for the sake of law enforcement access was highlighted in the 2016 Apple vs. FBI conflict that saw Apple refuse to create a backdoor access solution to allow the FBI to crack the iPhone 5c owned by San Bernardino shooter Syed Farook.

GrayKey iPhone unlocking box via MalwareBytes

Without device backdoors, law enforcement officials have still found ways to crack devices like iPhones through other means. At the current time, for example, agencies like the FBI and DOJ have access to an iPhone unlocking box called GrayKey, which is capable of unlocking Apple's most recent iPhones running modern versions of iOS.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

‘GrayKey’ iPhone Unlocking Box Seeing Wide Adoption Among Law Enforcement

GrayShift's recently publicized "GrayKey" box designed to crack locked iPhones is seeing wide adoption among police forces and federal agencies across the United States according to a recent investigation by Motherboard.

Motherboard found that regional police forces like the Maryland State Police, the Indiana State Police, and the Miami-Dade County Police have purchased or are soon purchasing GrayKey technology, while other forces like the Indianapolis Metropolitan Police Department have looked into boxes and received quotes from GrayShift.

GrayKey box, via MalwareBytes

The Secret Service is also planning to purchase "at least half a dozen" GrayKey boxes for unlocking iPhones, while the State Department has already bought them and the Drug Enforcement Administration has expressed interest.

Current FBI Director Christopher Wray said in January at the International Conference on Cyber Security that law enforcement officials are facing a "Going Dark" challenge where an "enormous" number of cases rely on an electronic device. "We're increasingly unable to access that evidence, despite lawful authority to do so," said Wray.

Motherboard's investigation into GrayShift, the GrayKey iPhone unlocking boxes, and other smartphone unlocking methods suggest that is not the case. The FBI uses the going dark debate to advocate for easier access to electronic devices through backdoors, but the seemingly readily available tools like GrayKey undermine these arguments.
"It demonstrates that even state and local police do have access to this data in many situations," Matthew Green, an assistant professor and cryptographer at the Johns Hopkins Information Security Institute, told Motherboard in a Twitter message. "This seems to contradict what the FBI is saying about their inability to access these phones."

"The availability and affordability of these tools undercuts law enforcement's continual assertions that they need smartphone vendors to be forced to build 'exceptional access' capabilities into their devices," Riana Pfefferkorn, cryptography fellow at the Stanford Center for Internet and Society, told Motherboard in a Twitter message.
In recent months, law enforcement officials have been quietly revisiting proposals that would require tech companies to build backdoor access into smartphones and other electronics, something Apple vehemently fought against back in 2016 following the San Bernardino shooting where the FBI attempted to order the company to provide it with a tool to crack the iPhone 5c involved in the case.

As has been previously reported, the GrayKey mentioned by Motherboard is a small, portable gray box that's equipped with dual Lightning cables. An iPhone can be plugged into one of the cables to install proprietary software that's able to guess the passcode for an iPhone in either a few hours or a few days, depending on the strength of the passcode.

Once the GrayKey software has unlocked an iPhone, it can be plugged back into the GrayKey box to download all of the data on the iPhone. GrayKey can crack the latest iPhones running modern versions of iOS, including iOS 11, providing law enforcement officials with easy access to locked iPhones for criminal investigations.

Grayshift charges $15,000 for a GrayKey box that requires internet connectivity, is geofenced to a specific location, and allows for 300 unlocks, or $30,000 for a box that requires no connection, can be used anywhere, and can unlock an unlimited number of devices.

As Motherboard points out, the technology used in the GrayKey boxes may eventually be outdated through updates to the iOS operating system, leading to periods where some versions of iOS may be difficult to access. Because of the ongoing cat and mouse game of Apple patching a vulnerability as third-party iPhone cracking services look for new methods to get into iPhones, the argument for backdoors into smartphones is likely to surface time and time again.

Motherboard's full report on the iPhone unlocking tools available to law enforcement officials can be viewed over on the website.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

FBI Didn’t Investigate All Unlocking Options Before Seeking Order for Apple’s Help in San Bernardino Case

Back in early 2016, the United States Federal Bureau of Investigation failed to pursue all possible solutions to unlock the iPhone 5c owned by San Bernardino shooter Syed Farook before demanding Apple's help accessing the device, reports Reuters.

The information was shared today in a report issued by the Department of Justice's Office of the Inspector General.


According to the report, the FBI's in-house unit that handles breaking into mobile devices did not begin looking for outside help to unlock Farook's iPhone until the night before the FBI demanded Apple's help through a court filing.

The FBI was aware that one of the vendors contacted at that point in time had "almost 90 percent completed" a technical solution that would allow the FBI access to the phone. The FBI, though, in its court filing with Apple at the time, said there were no other options for accessing the device.

A judge ended up ordering Apple to help federal investigators access the data on Farook's iPhone by creating a tool that would bypass the auto-erase function and allow investigators to submit an unlimited number of passwords to attempt to unlock the iPhone.

Apple, of course, opposed the order and refused to build such a tool, leading to a long and drawn out legal battle with the FBI that only ended when the FBI admitted it had indeed found another way to access the device.

Communication failures at the FBI were to blame, causing some officials to "misunderstand the status" of the FBI's efforts to open the device. That led to delays seeking help from the FBI and the vendor that was ultimately able to unlock the iPhone.

The report from the Department of Justice comes as some law enforcement officials are again pushing for backdoor access into electronic devices to aid in criminal investigations.

Both DOJ and FBI officials have been quietly meeting with security researchers to explore technology that would allow "extraordinary access" to encrypted devices like the iPhone without weakening a device's defenses against hacking.

Earlier this week, Apple's Craig Federighi reiterated Apple's stance that such a backdoor would be dangerous. "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems," he said.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

Craig Federighi on Renewed Government Push for Backdoor Device Access: ‘Weakening Security Makes No Sense’

Law enforcement officials are revisiting proposals that would require tech companies to build backdoor access into electronic devices to allow for better access to data in criminal investigations, reports The New York Times.

This is an issue that was heavily debated following the 2016 legal dispute between Apple and the FBI over the iPhone 5c that belonged to San Bernardino shooter Syed Farook. The government wanted Apple to create software that would allow them to access data on the device, which Apple refused to do.


In response to rumors over renewed efforts to build such a tool, Apple software engineering chief Craig Federighi told The New York Times that weakening security protections in iOS devices would be a grave mistake, maintaining Apple's stance on the issue.
"Proposals that involve giving the keys to customers' device data to anyone but the customer inject new and dangerous weaknesses into product security," he said in a statement. "Weakening security makes no sense when you consider that customers rely on our products to keep their personal information safe, run their businesses or even manage vital infrastructure like power grids and transportation systems."
Apple has continually argued for the need for improvements to device security to stay ahead of hackers and other bad actors who exploit security vulnerabilities in iOS devices. During the dispute over the San Bernardino device, Apple refused to build a backdoor tool into its devices and argued that if such a tool existed, it could easily end up in non-government hands.

Federighi has previously spoken passionately on the issue, and in early 2016, he published an op-ed in The Washington Post using the same argument he reiterated in his statement to The New York Times. iOS devices, he said, are "part of the security perimeter that protects your family and co-workers." From Federighi in 2016:
To get around Apple's safeguards, the FBI wants us to create a backdoor in the form of special software that bypasses passcode protections, intentionally creating a vulnerability that would let the government force its way into an iPhone. Once created, this software -- which law enforcement has conceded it wants to apply to many iPhones -- would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all.
According to The New York Times, FBI and DOJ officials have been "quietly" meeting with security researchers to work on approaches that would provide "extraordinary access" to encrypted devices like the iPhone. Based on this research, DOJ officials "are convinced" there's a way to create a backdoor to access data without weakening a device's defense against hacking.

One method under discussion involves a special access key that would be generated when a device encrypts itself, allowing data to be unlocked without a user's passcode. The key would be stored on the device itself, in a part of the hard drive that would be encrypted separately. Only the device manufacturer, with a court order, would be able to access it.

Susan Landau, a computer security professor at Tufts University, told The New York Times that this would create "significant additional security risks" given that "so many more tech companies" would need to access these keys to comply with the inevitable flood of law enforcement access requests.

Talks inside the executive branch have reportedly been renewed over whether to ask Congress to enact legislation that would require tech companies to create a new access mechanisms for law enforcement officials. The talks are said to be in a preliminary stage with no imminent request for legislation ready at this time.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

FBI Forensic Examiner Stephen Flatley Calls Apple ‘Jerks’ and ‘Evil Geniuses’ for Encrypting iPhones

Senior FBI forensic examiner Stephen R. Flatley spoke at the International Conference on Cyber Security yesterday, and during the talk he discussed Apple and the FBI's differing opinions on the topic of smartphone encryption. According to Motherboard, Flatley described the company as "jerks" and "evil geniuses" for creating iOS device encryption that is so powerful as to prevent Apple itself from entering users' iPhones.

Flatley said that recent updates to Apple device encryption have made password guesses slower, by increasing hash iterations from 10 thousand to 10 million, "making his and his colleagues' investigative work harder." This extended brute force crack time from a few days to two months, leading to Flatley stating that Apple is "pretty good at evil genius stuff." No detailed context was given regarding his "jerks" comment.

Image of Stephen Flatley taken by Lorenzo Franceschi-Bicchierai via Motherboard
That means, he explained, that “password attempts speed went from 45 passwords a second to one every 18 seconds,” referring to the difficulty of cracking a password using a “brute force” method in which every possible permutation is tried. There are tools that can input thousands of passwords in a very short period of time—if the attempts per minute are limited, it becomes much harder and slower to crack.

"Your crack time just went from two days to two months," Flatley said. “At what point is it just trying to one up things and at what point is it to thwart law enforcement?" he added. "Apple is pretty good at evil genius stuff."
Flatley's comments come nearly two years after the Apple-FBI dispute began, when a federal judge ordered Apple to help the FBI enter the iPhone owned by Syed Farook, one of the shooters in the December 2015 attacks in San Bernardino. The FBI said it wanted Apple's help to enter just Farook's iPhone 5c, but Apple explained that the software it was asked to create could become a "master key" and be able to get information from any iPhone or iPad.

For this reason, Apple denied the request and CEO Tim Cook penned an open letter describing the potential for setting a "dangerous precedent" if the company did go along with the order. The battle eventually ended a few months later after the government discovered an alternative way of entering Farook's iPhone 5c, reportedly with the help of Israeli firm Cellebrite.

Flately mentioned Cellebrite as well during the security conference, describing the firm as "another evil genius" that counters Apple's encryption and can help the FBI when it needs to enter a smartphone. The forensic examiner was described as not clearly stating Cellebrite's name, but "facetiously coughing" at the same time to somewhat obscure the comment.

Although the Apple-FBI dispute has ended, debates over smartphone encryption have remained ongoing the past few years. In October 2017, a report came out stating that the FBI was unable to retrieve data from 6,900 mobile devices it had attempted to gain access to over the previous 11 months. That number accounted for half of the total devices the FBI tried to get into, and FBI Director Christopher Wray described the FBI's inability to retrieve information from these devices as a "huge, huge problem."

At the end of the case in 2016, Apple issued a statement explaining that the company will continue to assist the FBI when it can, but not at the expense of the data protection, security, and privacy of its customers: "Apple believes deeply that people in the United States and around the world deserve data protection, security, and privacy. Sacrificing one for the other only puts people and countries at greater risk."

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.


Discuss this article in our forums

FBI Didn’t Ask Apple for Help Unlocking Texas Shooter’s iPhone in First 48 Hours

In the aftermath of a deadly shooting at a Texas Church on November 5th, the FBI and other law enforcement agencies failed to immediately ask Apple for help unlocking shooter Devin Patrick Kelley's iPhone, reports Reuters.

According to a source that spoke to Reuters, the FBI did not contact Apple for about 48 hours after the shooting, missing a critical window where the iPhone in question might have been easier to unlock.

If the iPhone had Touch ID enabled, the shooter's finger might have been able to be used to unlock the device. But that unlocking method would have needed to be used within a 48 hour window, as Touch ID is disabled after 48 hours have passed since it was last activated or when the iPhone is powered off.

Christopher Combs, head of the FBI's San Antonio field office, said on Tuesday that the shooter's smartphone is being transferred to the FBI's crime lab in Quantico, Virginia as authorities have not been able to unlock it.

Little is known about the shooter's smartphone at this time. Sources told the Washington Post that it's an iPhone, but it's not known which iPhone it is nor which version of iOS it's running. It's also not known if Touch ID was indeed enabled on the phone at this point.

As we learned with the San Bernardino case, Apple will not provide authorities with the tools to unlock the iPhone, but the company can and will provide iCloud data if compelled by court order. It is not known if Apple has already received a court order asking for iCloud information.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Tags: FBI, Apple-FBI

Discuss this article in our forums