San Bernardino

Former FBI general counsel Jim Baker, who fought Apple on the San Bernardino iPhone case, says that he has now rethought some of his views on strong encryption.

Baker left the FBI last year to join a DC-based think tank, where his role is to write for the justice-focused blog, Lawfare…

Expand
Expanding
Close

A Department of Justice investigation has concluded that the FBI inadvertently misled Congress when it said that it had exhausted all attempts to access the iPhone used by one of the San Bernardino killers.

The FBI claimed in a court filing that it had no means to access data stored on the iPhone without Apple’s assistance, a claim later repeated to Congress. A report covering this statement concludes that while it was technically true, it gave a misleading impression …

Expand
Expanding
Close

FBI director James Comey yesterday told a Senate oversight committee that the FBI has been unable to access almost half of the mobile devices it tried to examine in the first half of the fiscal year, reports TechCrunch.

Comey said the FBI had been unable to access the contents of more than 3,000 mobile devices in the first half of the fiscal year, using what he described as “appropriate and available technical tools, even though there was the legal authority to do so.” He said that represented “nearly half” of all the mobile devices it had attempted to access in that time frame.

Comey made the statement in apparent support of the latest attempt at forcing phone manufacturers to provide backdoor access to the authorities …

Expand
Expanding
Close

The San Bernardino iPhone hack story rumbles on, with three news organizations insisting that there is no good reason for the FBI to withhold the cost of accessing the phone. Associated Press, Vice Media and USA Today have asked a US judge to force the FBI to reveal the information, reports the BBC …

Expand
Expanding
Close

The Indian government has struck a deal to buy the technology Israel-based Cellebrite used to gain access to the iPhone in the San Bernardino shooting case, reports the Economic Times. The FBI was reported to have paid Cellebrite close to $1M to access the phone in the high-profile case resulting in a court battle with Apple and a Congressional hearing.

Expand
Expanding
Close

A statement by the FBI has raised the possibility of a second legal battle with Apple in a very similar case to the San Bernardino shooting. Wired reports that an FBI agent speaking about the case of the man who stabbed 10 people in a Minnesota mall last month has said that the agency was considering legal as well as technical options.

At a press conference in St. Cloud, Minnesota today, FBI special agent Rich Thorton said that the FBI has obtained the iPhone of Dahir Adan, who stabbed 10 people in a Minnesota mall before a police officer shot and killed him. (The fundamentalist militant organization ISIS claimed credit for the attack via social media.) As in Farook’s case, the attacker’s phone is locked with a passcode. And Thorton said the FBI is still trying to figure out how to gain access to the phone’s contents.

“Dahir Adan’s iPhone is locked,” Thornton told reporters, “We are in the process of assessing our legal and technical options to gain access to this device and the data it may contain.”

The similarities in the two cases are notable …

Expand
Expanding
Close

Update: Steve Gibson has taken issue with the ‘golden key’ term used by Ars, arguing that it overplays the significance of the vulnerability.

I wrote an opinion piece predating the San Bernardino shootings on why Apple was right to stand firm on encryption even in the face of terrorist attacks, and another one afterwards explaining why it would be too dangerous to give the FBI the iPhone master key they demanded.

My main argument was that something as powerful as a master key to unlock an iPhone would eventually fall into the wrong hands.

So soon, the FBI would hold the key. Then other law enforcement agencies. In time, that key would be held in every police precinct house. We would then be trusting more than a million people with access to that key to abide by the rules. Government agencies don’t always have the best of track-records in doing that.

And Microsoft has just proven my point, even with code that was never intended to leave the company’s possession …

Expand
Expanding
Close

The fallout from the standoff between Apple and the FBI in the San Bernardino case continues. Following the introduction of one bipartisan bill in the House of Representives in February, seeking to protect encryption against any state-level legislation that might compromise it, a new bill has now been introduced in the Senate ,,,

Expand
Expanding
Close

LAPD detectives have successfully hacked into a locked iPhone 5s despite the phone having a Secure Enclave, according to an LA Times report.

Los Angeles police investigators obtained a method to open the locked iPhone belonging to the slain wife of “The Shield” actor Michael Jace, according to court papers reviewed by The Times.

LAPD detectives found an alternative way to bypass the security features on the white iPhone 5S belonging to April Jace, whom the actor is accused of killing at their South L.A. home in 2014, according to a search warrant filed in Los Angeles County Superior Court.

More intriguingly still, this appears to have occurred during the time that the FBI was still demanding that Apple help it unlock the less secure iPhone 5c in the San Bernardino shooting case …

Expand
Expanding
Close

In a new report, Reuters this evening is claiming that the FBI paid less than $1 million for the tool it used to unlock the San Bernardino gunman’s iPhone 5c. Apple, of course, denied to create a tool to do so, so the FBI went through a third-party to gain access. The report, citing “several U.S. government sources,” further claims that the technique can be used on any iPhone 5c running iOS 9.

Expand
Expanding
Close

CNN today reports that while the FBI did not find anything new on the San Bernardino iPhone 5c that it unlocked without Apple’s help, it has “produced data the FBI didn’t have before.” Essentially, not finding anything new on the device is what the FBI needed to know in order to answer some of its remaining questions regarding the case.

Expand
Expanding
Close

A proposed law that would force Apple and other tech companies to decrypt devices for law enforcement agencies has reached the stage of a draft bill – but one Senator has vowed to filibuster it. A filibuster is when a parliamentarian makes a lengthy, uninterrupted speech which results in running out of time to debate the bill, causing it to fail.

The Senate Intelligence Committee first proposed to introduce the bill in February, and the FBI lent its support by briefing two sponsoring senators. However, many lawmakers oppose the bill, and it has been reported that the White House will not publicly support it.

The Verge now reports that one senator has pledged to filibuster the bill if it gets as far as a Senate debate …

Expand
Expanding
Close

The FBI has so far been ambivalent about whether or not it will reveal to Apple the method used to access the San Bernardino iPhone, but a Reuters report suggests that the agency may not even know – or have the legal right to disclose it if it does.

The Washington Post reported yesterday that it was freelance hackers, and not Cellebrite, who sold the FBI the tool used to access the phone. But the group may not have revealed the vulnerability on which it was based, and the government process that decides which vulnerabilities to share with companies does not apply in this case …

Expand
Expanding
Close

Earlier today, more details regarding how the FBI was able to gain access to the iPhone 5c used by one of the San Bernardino gunmen emerged. Now, a new report from CBS News is offering some information as to the contents of the device, or lack thereof rather. The report says that, as of right now, the FBI has not found anything of “real significance” on the device.

Expand
Expanding
Close

Unnamed sources cited by the Washington Post contradict the widely-held belief that it was Israel-based mobile forensics company Cellebrite which helped the FBI hack into the locked San Bernardino iPhone. The report say that the agency was instead approached by a group of freelance hackers who revealed an iPhone passcode vulnerability to the FBI in return for a one-time fee.

The FBI cracked a San Bernardino terrorist’s phone with the help of professional hackers who discovered and brought to the bureau at least one previously unknown software flaw, according to people familiar with the matter […]

The researchers, who typically keep a low profile, specialize in hunting for vulnerabilities in software and then in some cases selling them to the U.S. government. They were paid a one-time flat fee for the solution … 

Expand
Expanding
Close

The WSJ has illustrated the stark contrast in Apple’s attitude to assisting law enforcement to access iPhones before and after the Snowden revelations about mass surveillance of private data. It was already known that Apple had helped access more than 70 pre-iOS 8 iPhones, and the paper today reports that – in the earliest known case – the company went as far as drafting the language for the court order.

Lawyers and investigators involved in the 2008 prosecution of Amanda and Christopher Jansen, a young married couple from Watertown, N.Y., remember it as one of the most horrific cases of child sex abuse they had ever seen.

History may remember it for another reason. It is believed to be the first case of a federal judge ordering Apple to assist the government in unlocking an iPhone—and the technology giant not only complied; it helped prosecutors draft the court order requiring it to do so … 

Expand
Expanding
Close

The White House will not be supporting draft legislation that would allow courts to force tech companies like Apple to help law enforcement hack into encrypted devices, reports Reuters.

The Senate Intelligence Committee in February announced plans to impose criminal penalties on companies that fail to comply with court orders like the one challenged by Apple and finally withdrawn by the FBI. Remarks by President Obama last month appeared to suggest he would support the proposed legislation, but it now appears this isn’t the case …

Expand
Expanding
Close

Many were skeptical that the work iPhone at the centre of the San Bernardino controversy would prove in any way useful to the FBI given that the shooters left it untouched while destroying their personal phones, and so far that skepticism seems justified. Despite having had access to all the data on the phone for more than a week, the FBI has apparently not yet found anything of value.

Expand
Expanding
Close