This article is more than 1 year old
US govt says it has cracked killer's iPhone, legs it from Apple fight
It's all over! Egg and FBI faces in perfect alignment
The US Department of Justice (DoJ) says it no longer needs Apple to help unlock the iPhone 5C used by one of the San Bernardino killers.
In a filing [PDF] made Monday to the Central California District Court, prosecutors say they have extracted data from the smartphone belonging to slain San Bernardino killer Syed Farook, thus avoiding a risky legal showdown with Apple.
"The government has now successfully accessed the data stored on Farook's iPhone and therefore no longer requires the assistance from Apple Inc. mandated by the court's order compelling Apple Inc. to assist agents in search, dated February 16, 2016," the DoJ said in its request that the court order be withdrawn. The request is expected to be granted by Magistrate Judge Sheri Pym.
The DoJ told the courts last week that it wanted to put its order compelling Apple to assist the FBI on hold in order to try other methods of accessing the data. This is after prosecutors and investigators repeatedly stressed that only Apple could help them unlock Farook's encrypted iPhone.
The Feds are not saying how they got the data, nor revealing the name of the outside company that helped agents crack the iPhone, though speculation has been that mobile security biz Cellebrite is the mystery party.
Security researchers believe that the data could have been accessed with either hardware or software techniques, and that the DoJ might also be able to use the technique in the future to get at mobile phone data without asking Apple to help.
If the method used in this case turns out to be a software method, from what I see of the OS, the method could work on newer devices too.
— Jonathan Ździarski (@JZdziarski) March 28, 2016
Will the FBI share their new iOS exploit with the Manhattan DA's office and other state/local agencies who have iPhones they want to unlock?
— Christopher Soghoian (@csoghoian) March 28, 2016
By using another method to obtain the data on Farook's phone, the DoJ and the FBI avoid a potentially messy legal battle with Apple. The government had originally sought to force Apple to craft and cryptographically sign a special build of iOS that would have allowed g-men to guess Farook's passcode at high speed and without losing the data after too many wrong attempts.
Apple had been fighting the order on privacy grounds, arguing that by allowing Uncle Sam to force engineers to break their own products, the privacy of hundreds of millions of people was being put at direct risk.
It's been such a weird case because the FBI has, more or less, always been able to get into loosely secured devices it has physical access to – especially ones like Farook's, which used a short numeric PIN to protect it.
“DOJ says method used to break into San Bernardino shooter's iPhone only works on this particular phone.” pic.twitter.com/oQnUdMSwiv
— The Register (@TheRegister) March 28, 2016
"Security is a lot easier when you’ve been shot dead, your iPhone has been shut off, and you no longer care about security. It’s much harder for the living (and in particular, the innocent) who still care about their day to day security," noted iOS security expert Jonathan Zdziarski.
Apple has yet to respond to a request for comment. ®