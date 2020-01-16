This all sounds familiar: after a massive shooting, the Federal Bureau of Investigation wants Apple to build a tool that can unlock the attacker’s iPhones. But don’t expect Apple’s second round versus the FBI to necessarily play out as the first. The main lines are the same, but the details have shifted precariously.

For all FBI attitudes, the attempt to force Apple to unlock the phone of one of the San Bernardino terrorists ended in a draw in 2016. The FBI dropped its lawsuit after the agency found an outside company to do it for them to crack. Now the FBI claims that only Apple can bypass encryption protection on Mohammed Saeed Alshamrani’s two restored iPhones, who killed three people in December and injured eight at a naval air station in Pensacola, Florida. Like four years ago, Apple has fallen.

Apple’s central argument against helping the FBI in this way remains the same: creating a back door for the government also creates one for hackers and bad actors. It makes all iPhones less secure, full stop. However, since the last Apple FBI showdown, the technological capabilities on both sides, the American political landscape and global pressure have evolved considerably.

“It looks like the FBI has no Apple problem, it has a bullet problem.”

Matthew Green, Johns Hopkins University

First there are the telephones themselves. In the San Bernardino case, the FBI has signed a contract with the digital forensic company Cellebrite to unlock an iPhone 5C from the shooters, which runs iOS 9. For example, multiple rounds of updates in iOS 11 – Apple’s mobile operating system from September 2017 to September 2018 – were specifically designed to close gaps that third-party hackers and cracking services had used to bypass data protection.

But every time Apple closes a door, enterprising security companies open a window. Last summer, Cellebrite publicly claimed that its tools could unlock any iOS device to those with iOS 12.3, the current version at that time. A few months later, researchers discovered additional hardware errors that offer even more options for cracking every iOS device released between 2011 and 2017.

This applies to both phones from the Pensacola shooter, an iPhone 5 and an iPhone 7 Plus. Alshamrani tried to physically destroy both by shooting them and destroying them, but Attorney General William Barr said that the FBI’s Crime Lab was able to “repair both damaged phones so that they are operational”. Given this restoration and the old phone models in question, it is unclear why the FBI could not use third-party cracking programs developed by companies such as Cellebrite or Grayshift to access data on the phones.

“If they can start the phone, existing tools will work,” said Dan Guido, CEO of Trail of Bits, a company that discusses iOS security. “I’m not sure how the state of the hardware can complicate things, because there is no detailed information about it. Even then, I know for sure that forensic companies will receive broken phones all the time.”

Despite Barr’s claims Monday that the phones are “virtually impossible to unlock without the password,” and that Apple “has not provided any substantive help,” existing methods seem immediately available to the FBI. And while Apple understandably refuses to undermine the encryption of these devices, the company says it has transferred “many gigabytes” of iCloud and other data to researchers.

“As far as we know, law enforcement has a number of workable options for unlocking phones, especially older phones like this one,” says John Green Hopkins cryptographer Matthew Green. “It is not clear to me why those tools would not work against these phones, but it is possible that it is related to the deliberate physical damage. If that is the case, it seems that the FBI has no Apple problem, it has a bullet problem. “

