Skip to main content

Apple implies FBI screwup: iPhone Apple ID password changed in govt possession, backdoor unnecessary

tim-cook

Apple has now responded to a Department of Justice filing that we reported earlier today was attempting to force the company to comply with an FBI request for access to a locked iPhone belonging to a suspect in the San Bernardino attacks. In one statement to Reuters, an Apple spokesperson said the DOJ is “disregarding civil liberties in iPhone unlocking case,” while in another it attempts to explain more of the back story regarding past events with the iPhone in question. 

CNBC reports an Apple exec called the motion “a way to argue the case twice before Apple can respond,” a response to the fact that the DOJ’s motion filed today comes ahead of Apple’s deadline to respond to a judge regarding its original refusal to unlock the device in the case. CNBC adds that in response to claims in the DOJ filing, Apple said it “has not said that unlocking an iPhone is technically possible.”

Now that the DOJ has exposed a lot of the background story in the case in its earlier filing, Apple is offering its side of the story.

Here’s a longer version of Apple’s statement relayed by unnamed executives to various medial outlets, this time via BuzzFeed:

The Apple ID passcode linked to the iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device, senior Apple executives said Friday. If that hadn’t happened, Apple said, a backup of the information the government was seeking may have been accessible…

The executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a back door. One of those methods would have involved connecting the phone to a known wifi network.

So Apple is arguing that the Apple ID of the iPhone was changed after the government took possession, meaning the FBI could have had access to the data it’s seeking.  Apple adds that otherwise it previously proposed solutions that wouldn’t include building a the “backdoor” the FBI is after.

Apple also reportedly responded to the DOJ’s claims that Apple’s refusal on the requests were a marketing ploy, according to BuzzFeed, “saying they were instead based on their love for the country and desire not to see civil liberties tossed aside.”

And while Apple is calling up media outlets to give its response to the filing, TheHill reports Tim Cook and the head of the FBI were today invited to testify before a House committee.

[tweet https://twitter.com/cnbcnow/status/700807047655378944]

[tweet https://twitter.com/ReutersUS/status/700812021550489600]

[tweet https://twitter.com/JohnPaczkowski/status/700812091574255617]

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Thomas Marble Peak - 8 years ago

    If you’d like to support Apple’s stance on privacy, there is a White House petition at https://petitions.whitehouse.gov/petition/apple-privacy-petition

  2. viciosodiego - 8 years ago

    TL:dr, the guy had an easy passcode, FBI cracked it, changed apple ID password, Refused any of apple’s ideas that could unlock the data with out a back door, and are using this bs to get apple to put in a back door, even if its not required.
    Yeah, thats your typical US government right there.
    manipulation at its best.

    • srgmac - 8 years ago

      I don’t understand though…If they had his password then they got into the phone, didn’t they?

      • o0smoothies0o - 8 years ago

        They had an Apple ID password. That doesn’t grant access to a device, unless someone decided to make their device and Apple ID password the same, which would be unwise.

      • srgmac - 8 years ago

        OK so what does changing the Apple ID password have to do with getting into the phone then? I am still lost here. Can someone explain…?

      • Dylan Luttrell - 8 years ago

        You need to enter the owner’s Apple ID and password before it will let you restore the phone.

      • Real Apple Nerd - 8 years ago

        The FBI has access to the iCloud backup of the 5c, but the last backup was more than a month old before the massacre. If they hadn’t changed the iCloud password, then they could just bring the iPhone within range of a known Wifi network, plug into power, and the iCloud backup would start. They could then pull the data from that new backup file.

        The problem now is they changed the iCloud password, but don’t have access to update the iCloud password on the iPhone itself.

        One possibility might be to restore the iCloud password to the terrorist’s original password, then attempt the method of connecting to a known Wifi network.

      • 2is1toomany - 8 years ago

        That’d be smart to change it again to the old password but Apple doesn’t allow the same password to be used again for another year.

      • srgmac - 8 years ago

        @Real Apple Nerd
        Thanks for the reply!

        I figured the FBI had the iCloud data — AFAIK that data *is* encrypted, but I believe Apple actually has the keys to decrypt it if necessary, right?
        BTW, do you have a source article that says the details of what you said? I wish 9to5Mac would have told us this. IMHO they’ve done a poor job of explains the nuances to this story — not quite as bad as the mainstream media, but to have a tech website be this non-explanatory…Meh!

        “One possibility might be to restore the iCloud password to the terrorist’s original password, then attempt the method of connecting to a known Wifi network.”

        If it were that easy I think Apple / FBI would have done that already. I am sure that Apple has the ability to change a user’s password to whatever they want through their internal admin tools.

        I was going to say though, maybe the FBI had Apple change it just so they could get in — but I don’t think that makes sense. Apple would have told them not to do that even if they did ask for it to be changed… In any case, I was thinking that maybe they don’t know what the previous password was; and this is probably something Apple would not have the ability to look up.

        It seems kind of strange to me that iCloud would still sync even when a phone is locked and it’s been over 48 hours since the last successful password input. But I guess that is convenience for you. Not that big of a concern at all really, just thinking out loud here…

        What about iMessages though? I don’t think those are stored in iCloud *ever* (does anyone know for sure though?) — so it would have to be either saved to the local storage on the device, or they would be totally inaccessible (this is a good thing).

      • 2is1toomany - 8 years ago

        @srgmac
        9to5mac has several articles covering the story. If you want the whole picture then you should go back and read from the beginning.

        Also, like I mentioned in my reply above, Apple does not allow a password to be used again for another year. At this point, who knows if Apple can set the password manually themselves or even if they could, if they would do so.

        Also, Apple was not involved in the case until the following days after the incident, as it was reported. And the password, as Apple claims, was changed 24 hours after having been taken into FBI custody. So there was no way for Apple to warn them since they had no knowledge of the situation.

        And lastly, all texts, whether standard SMS or iMessages, are backed up to iCloud.

    • fofer - 8 years ago

      The guy may not have “had an easy passcode.” They may have issued a password reset instruction, to an email account of his that the FBI had access to. So then they changed the password to something different.

  3. viciosodiego - 8 years ago

    busted

  4. Darryl Richards - 8 years ago

    lol love it, this is the best soap opera of the year.

  5. 4nntt - 8 years ago

    Not sure why they are so vague about if it is possible or not to remove the wipe limit, but happy Apple is standing firm on this. Technically removing an attempt limit off a weak 4 digit code is a backdoor. If it is currently possible to do this, I hope Apple removes that ability soon. I’m also not sure that this phone is worth sacrificing our freedom for. The terrorists destroyed their other devices before the attack. If there was anything on it they would have destroyed it too.

    • srgmac - 8 years ago

      It’s possible. DHS has successfully removed wipe limit and delay / limiter on iOS 8 due to an exploit and have cracked iOS 8 devices that don’t have a secure enclave.

      • degraevesofie - 8 years ago

        Do you have a pointer to a source mentioning this?

      • Robert - 8 years ago

        I believe it was possible to use some hardware to try a passcode then immediately kill the power so quick that the counter did not have time to increment. Apple fixed this flaw with a software update that changed the sequence so that the counter increments first then the passcode is tried.

      • srgmac - 8 years ago

        I tried to put a link but the comment won’t get “approved” — Google “Apple Unlocked iPhones for the Feds 70 Times Before” from The Daily Beast — the details are in that article. I don’t know why 9to5Mac couldn’t tell us this information since they are an Apple dedicated tech blog…

      • 2is1toomany - 8 years ago

        I did the Google search and the original article references a case involving a device using iOS 7. Apple has already acknowledged that they did not have the “keys” to devices running iOS8 and later. Which implies that if the device was on iOS 7 then Apple didn’t have to build in a “backdoor” into a new version of iOS like the FBI want them to today, it was already a part of iOS 7.

  6. 89p13 - 8 years ago

    My guess — The case is filed to “force” Apple to compromise the security of our iOS devices under the guise of the San Bernadino terror shooting, and maximize public opinion because of that event – but the ultimate aim to be able to force Apple to create software to unlock / prevent “brute-force” erasing.

    Our Government at its typical underhanded and illegal compromising of our personal security.

    Washington Spring!

  7. viciosodiego - 8 years ago

    I guess they had “top people” working at this.

  8. viciosodiego - 8 years ago

    Dear FBI, go stand at the genius bar line please.
    idiots

  9. theoceandweller - 8 years ago

    Who does the FBI hire to do their hacking jobs? The geek squad?

  10. yojimbo007 - 8 years ago

    I hope and Pray this puts an end to this irrational, paranoid, over the top Frenzy .

  11. boccabella - 8 years ago

    You can’t change your Apple ID password without first entering the existing password, so the employer either kept a record of everyone’s password or issued everyone the same one. So, is it not logical to think they would do the same with the device password? This doesn’t smell good to me.

  12. Gregory Wright - 8 years ago

    Do you all have to be Apple suckers. I swear all you follow behind Apple with a brown bag waiting for Apple droppings.

    • viciosodiego - 8 years ago

      Dude, are you lost?
      This is an apple site, duh.

    • macnificentseven48 - 8 years ago

      I left my brown bag at your front door. Bon appetit.

    • Do you have to be a Socialist sympathizer, or are you just a fandroid lost in the wrong site? :)

    • Edison Wrzosek - 8 years ago

      Then how about in that case, you do us all here a favour get lost? Apple seems to be the ONLY ones standing up for our right to privacy and security, and you have the audacity to call us suckers? I think you should look in the mirror and call yourself a sucker here…

  13. Robert - 8 years ago

    They obviously didn’t change the Apple ID password from the phone. If they had access to his email they could perhaps reset the password via Apple’s website.

  14. Robert - 8 years ago

    If Apple yield to the demand there are some scary consequences.

    1) Every other country in the world thinks they can make the same request.
    2) Since Apple gives access to the US government, every other country in the world thinks the US is spying on them via the iPhones of their citizens.
    3) Some engineers at Apple develop the knowledge of how to break the security, that knowledge now exists in those people’s heads, these people become a potential danger and have power that no one should have if we are to be secure. The DOJ argues that Apple can keep that knowledge and does not need to share it with the FBI. Apple don’t want to create something that could be a dangerous weapon that they cannot control. What if one of those Apple engineers goes over to the dark side?
    4) Encryption is effectively illegal. All computer systems – the entire modern world relies on encryption!

  15. jiggerslovesthemapples - 8 years ago

    So, is Tim gonna get arrested for contempt of court?

    • John Smith - 8 years ago

      No, he’s head of a corporation with more money than many whole countries – so a whole different set of rules apply.

      If some ordinary guy – was running a small business which (unknowingly) provided goods and services to a terrorist who killed 14 people, then he refused to cooperate with the FBI investigation, then he refused to comply with a court order telling him to cooperate with the FBI – he would be in a jail cell same day.

      • jpatel330 - 8 years ago

        The phone had nothing to do with the killing of the 14 people. Therefore, he did not provide goods and services to the terrorist. By that logic, I am sure he used a computer as well to communicate and possibly googled how to do certain things. Let’s throw the computer makers and Alphabet CEO in a jail cell too.

  16. John Evos - 8 years ago

    The Apple ID password linked to the iPhone belonging to one of the San Bernardino terrorists was changed less than 24 hours after the government took possession of the device, senior Apple executives said Friday. If that hadn’t happened, Apple said, a backup of the information the government was seeking may have been accessible.
    Now, the government, through a court order, is demanding Apple build what the company considers a special backdoor way into the phone — an order that Apple is challenging. The government argues Apple would not be creating a backdoor.
    The executives said the company had been in regular discussions with the government since early January, and that it proposed four different ways to recover the information the government is interested in without building a backdoor. One of those methods would have involved connecting the iPhone to a known Wi-Fi network and triggering an iCloud backup that might provide the FBI with information stored to the device between the October 19th and the date of the incident.
    Apple sent trusted engineers to try that method, the executives said, but they were unable to do it. It was then that they discovered that the Apple ID password associated with the iPhone had been changed. (The FBI claimed earlier Friday that this was done by someone at the San Bernardino Health Department.)
    Had that password not been changed, the executives said, the government would not need to demand the company create a “backdoor” to access the iPhone used by Syed Rizwan Farook, who died in a shootout with law enforcement after a terror attack in California that killed 14 people. The Department of Justice filed a motion to compel the company to do that earlier Friday.
    The Apple senior executives spoke with reporters on Friday afternoon to respond to the government’s filing, noting that the government had opened the door to discussion of Apple’s prior efforts in the case by discussing those actions in their Friday filing.
    Creating the backdoor access, the executives said, would put at risk the privacy of millions of users. It would not only serve to unlock one specific phone, they said, but create a sort of master key that could be used to access any number of devices. The government says the access being sought could only be used on this one phone, but Apple’s executives noted that there is widespread interest in an iPhone backdoor, noting that Manhattan District Attorney Cyrus Vance said Thursday that his office has 175 Apple devices he’d like cracked. They also claimed that no other government in the world has ever asked Apple for the sort of FBiOS the government is demanding that it build now.
    Asked why the company is pushing back so hard against this particular FBI request when it has assisted the agency in the past, Apple executives noted that the San Bernadino case is fundamentally different from others in which it was involved. Apple has never before been asked to build an entirely new version of its iOS operating system designed to disable iPhone security measures.
    The Apple senior executives also pushed back on the government’s arguments that Apple’s actions were a marketing ploy, saying they were instead based on their love for the country and desire not to see civil liberties tossed aside.
    The U.S. Department of Justice has not yet responded to a request for comment.

  17. Mark Granger - 8 years ago

    So this entire controversy about getting a backdoor into iPhone security is just a CYA maneuver by FBI agents that accidentally erased the iPhone used by the San Bernardino terrorists when they tried to unlock it. The FBI has not admitted this yet but if you read between the lines it is clear that they had no idea what they were doing when they took possession of the iPhone and attempted to unlock it. It is likely that they already entered too many wrong passcodes, causing the phone to erase its storage and the FBI agents to panic and look for someone else to blame.

  18. John Smith - 8 years ago

    Is the information on iCloud already in possession of the FBI ? Then they changed the password ?

    Is that information up to date ? Or is there newer data on the phone Apple is protecting against the FBI ?

    Apple is now part of the problem not part of the solution, so I’ll wait to hear the full story.

    Still sounds like Apple looking after the privacy of a (dead) terrorist on a phone owned by the San Bernadino taxpayer. Why?

    I guess all this publicity is not exactly hurting Apple’s sales, which were starting to falter.

    I say add a few more phones to the warrant – perhaps some involved in child molestation cases. See if Apple is as happy with a heap of publicity about obstructing child molester investigations.

    • freerange5 - 8 years ago

      Thank god a moron like you is not in charge. You obviously have no clue what the ramifications are by Apple complying with this request.

    • Edison Wrzosek - 8 years ago

      I’ve been keeping track of your mindless ramblings here for a while now, and you’ve just gone and proven with this post that you are totally inept, and like frerange5 points out, thank GOD some dumb schmuck like you is not in charge, or we’d all be screwed!

    • flaviosuave - 8 years ago

      I hope you one day decide to donate your body to science, as it will be fascinating to try and discover how a giant lump of shit wrapped in a human skin sack still managed to type out internet comments.

  19. freerange5 - 8 years ago

    And these morons want back doors to our devices???? A big FK U!!!!

  20. Why Tim Cook Is Wrong.

    Tim Cook has published a formal statement objecting to the Federal Bureau of Investigation’s legitimate request requiring Apple to engineer an operating system upgrade that would allow authorities to view the activities of known terrorists. Mr. Cook’s justification not to comply with the FBI request is based on his misinterpretation of the Founding Fathers’ embrace of liberty and personal privacy.

    Matters of liberty and personal privacy are frequently at odds with the need to protect the American public. There is a delicate balance between allowing the government to have all information and data on an individual’s movements, conversations, habits and patterns that can be obtained by a corporation, and the desire of a corporation to protect privacy rights of its customers, vendors and employees. When it comes to the need for law enforcement to prevent crime or identify criminals, this balance should always be titled in the favor of the government.

    Mr. Cook simply fails to appreciate the need of authorities to access private information when pursuing wrong-doing. It is imperative that the FBI prevail in this case due to the precedent it would set in requiring American corporations to not only provide law enforcement all of the information they collect on United States citizens, but, in addition, to require all corporations to actively create methods to acquire additional information to assist law enforcement in reducing crime. This would allow law enforcement across America to save lives and enforce the law in the most comprehensive manner in history. Consider the following examples.

    If the FBI wins the case against Apple, the U.S. government could protect the people of our country by requiring automotive companies to develop tracking software which could increase traffic safety. The required technological development could notify police when people are driving intoxicated or recklessly, speeding, or running stop signs. Imagine how this would impact the behavior of every driver. It would force every driver to obey every traffic law.

    Requiring automotive companies to create advanced tracking software would also increase traffic fines and jail sentences, while eliminating overly legalistic defense arguments. Importantly, it would increase the revenue of cash-strapped municipalities, likely reducing taxes for careful, law-abiding drivers. Violations and the resulting fines could even be summarized and billed monthly. Additionally, since the government should be allowed to require corporations to fully cooperate with law enforcement, employers could be required to withhold fines directly from payroll. This would save money on collection efforts.

    Similarly, the precedent set by the FBI’s mandate could virtually eliminate domestic violence. Television, computer, and smart phone manufacturers could be required to create listening devices which would monitor for verbal abuse and automatically report such abuse to authorities. The evidence to prosecute would already be recorded and stored. This might actually protect those wrongfully accused, while making prosecution and imprisonment of spouses much easier for the government.

    Furthermore, consider the enormous benefit and reduction of crime if the FBI could expand their requirement for corporate cooperation in an omnibus fashion to simply require all employers to develop software to monitor phone conversations, email correspondence, and verbal conversations occurring on corporate property. The benefits to crime reduction are unthinkable. The government could create an almost perfect policing methodology, virtually eliminating all personal behavior which is non-compliant with government-determined norms.

    When faced with much lesser attacks on personal liberty, Patrick Henry’s famously cried, “Give me liberty, or give me death!” However, Henry probably would have understood that liberty is not as important as law enforcement. As Americans, we have been learning to adapt to ever increasing sacrifices of our personal privacy and liberty. For the future of law enforcement to become a reality, we must continue to accept law enforcement’s creeping use of corporate information and mandated corporate assistance in the name of protecting life and property.

    Do not let Tim Cook’s arguments about personal freedom and liberty confuse you. As long as we do not let anyone successfully stand up against governmental demands which diminish personal privacy and liberty, the future is coming and people like Tim Cook will need to fall in line like the rest of us.

    I give permission for this material to be copied, shared, and/or reprinted in whole or part without compensation.

    • Real Apple Nerd - 8 years ago

      I’m still trying to figure out if this is satire or not.

      • Eddie Clark - 8 years ago

        It is absolutely satire. The grammar and sentence structure indicate above average intelligence; therefore I believe it to be a masterpiece. However, lesser minds will no doubt be confused and read it as fact.

    • Cristiano Contin - 8 years ago

      This is so wrong in so many levels I can’t count…
      Applying this reasoning to extreme, why not to implant a chip in everyone’s brain to control everyone behaving?
      Using as argument the illusion of protection from despicable crimes is the exact strategy fbi is using to gain power, because is this what they are really after.
      I personally hope nobody will use your “permission” to share this insanity…

      • fiveby5730 - 8 years ago

        The posters analysis is absolutely satirical. He is demonstrating absurdity by being absurd. However, I believe he is also demonstrating the fundamental shift that has been taking place in our country since 9/11: “When it comes to the need for law enforcement to prevent crime or identify criminals, this balance should always be titled in the favor of the government.”

        Since 9/11, many people have come to believe that our safety and security should override our rights to liberty, personal privacy and personal freedom. That law enforcement should have the ability by ANY means necessary, Constitution be damned, to prevent and reduce crime. And bit by bit, we have WILLINGLY allowed our government to violate our constitutional rights since 9/11. Want to fly on a plane? Well then you must subject yourself to a warrantless, invasive search each and every time you want to get on an airplane. Never mind the fact that you have not committed any crime, nor even have a criminal record. Oh, and in the name of fairness, they can also choose to pull you from the line, ‘randomly’ mind you, and do an EVEN more invasive search of your person and possessions. Want to go to an NFL game or big concert? Carrying a purse or bag? Guess what? Gotta step off to the side and let the security personnel perform a WARRANTLESS search of your personal property, all because of the very REMOTE possibility that you MIGHT be carrying a bomb or some sort of potential weapon that might inflict harm on others. Never mind the fact that authorities don’t have any PROBABLE CAUSE that demonstrates that you would be in possession of such things in order to demand a warrantless search. Yet, in the name of safety and being safe, we have WILLINGLY accepted these violations of our rights and freedoms.

        The author also logically demonstrates the progression and, unfortunately, logical conclusions which such a precedent could take, all in the name of preventing crime. I get it. Bad things happen. Innocent people are affected. But because human behavior is volatile and unpredictable, it is unfortunately not possible to prevent EVERY bad thing that MIGHT happen. The film ‘Minority Report’ aptly demonstrated the dangers and ethical issues surrounding the idea of attempting to stop crimes BEFORE they even occur. It showed a world where each and every person was monitored and their movements tracked 24/7 in real-time. Law-enforcement was PERMITTED, without a warrant, to deploy robotic devices in a building that went from room to room to verify the inhabitants within the building. And initially, the ‘Pre-Crime’ division was successful in reducing crime. Sounds appealing and wonderful. Until you realize the flaw of choice. We have been moving in this direction for decades, but it has accelerated since 9/11. In the name of safety and security, we have allowed the erosion of our right to be secure in our ‘person and property’, and allowed the government to violate our rights all in the name of trying to prevent bad things from happening before they happen.

        Don’t think this shift has occurred? Just look at all of the comments by those who believe that Apple SHOULD bow to the demands of the government and create this ‘backdoor’ for the FBI. Unfortunately, they are ignorant of the far-reaching potential ramifications, brilliantly demonstrated by John Desmond’s post, that will eventually result should our government prevail in this matter. Don’t believe it’s possible? Just look at where we’re at already. Instead of upholding and defending our Constitution, our government has fallen into the habit of either subverting or outright ignoring our laws and regulations whenever they become inconvenient. Our Constitution was created to magnify and protect the rights of the individual, while limiting the intrusion and reach of the state. But again, in the name of safety and wanting to FEEL safe, we have accepted the chipping away of those rights, and have allowed the state increasing control over our personal lives.

        Here is what I think about the situation with the iPhone of this terrorist POS: His deed is done. He is dead. His phone is a brick. If it is so imperative to find out more information about this lowlife, his connections, and other movements, find it using other means. I mean seriously? What the hell did law enforcement do BEFORE smartphones were even in existence? Sorry FBI. You’re just going to have to do it the old-fashioned way.

        So yes, share the author’s ‘insanity’ with others. It may serve to open their eyes. Maybe. I must admit to having my doubts.

    • jiggerslovesthemapples - 8 years ago

      You should move to Russia, you’ll like it there.

    • For this to be taken seriously, I have to read it as a satire. As such, it is pretty entertaining. Otherwise, it si troubling.

  21. Carlos Shabo - 8 years ago

    how did they change the password if they were locked out for not knowing the password???

  22. Not paid dearly for Apple products to the FBI break my privacy . If it does let you buy ….

  23. crimeshop - 8 years ago

    It’s all about the order in which you do things, like changing iCloud password vs your iPhone password… and as a result the FBI and the DOJ have no right what so ever to demand that Apple help them. They screwed it up, are not happy about it and are now throwing a tantrum like a petulant child who is not getting it’s way.

    The other side of the issue is that no, this is not a matter of national security, the FBI already announced that these two shooters were ignored by actual, real terror organizations and that they really did more than likely have very little help from others. Lastly, does anyone else believe the FBI when they say if Apple creates this backdoor for them, they’ll only use it once?
    @thecrimeshop

Author

Avatar for Jordan Kahn Jordan Kahn

Jordan writes about all things Apple as Senior Editor of 9to5Mac, & contributes to 9to5Google, 9to5Toys, & Electrek.co. He also co-authors 9to5Mac’s Logic Pros series.