By Srinivas Seshadri on April 04, 2016
On December 2, 2015, a married couple – Syed Rizwan Farook and Tashfeen Malik, armed with guns and pipe bombs stormed the Inland Regional Center in San Bernardino, California and opened fire, killing 14 people and gravely injuring 21 others. The shooting sent shockwaves through the nation, and was the deadliest mass shooting in America since the Sandy Hook massacre in 2012, when 20 children and 6 staff members were killed.
The couple fired 65 to 75 rounds, and then fled the scene in an SUV. The vehicle was later identified in a residential neighborhood in the vicinity, and both the attackers were killed after a dramatic police chase and an ensuing shootout, which also injured one police officer.
On February 16th, 2016, the FBI issued a case against Apple, asking a United States Courthouse in Los Angeles, California to force the tech giant to comply with the FBI order of breaking into Farook’s phone.
Apple shall assist in enabling the search of a cellular telephone, pursuant to a warrant of this court by providing reasonable technical assistance to assist law enforcement agents in obtaining access to the data on the Subject Device.
Apple, however, didn’t want to provide “reasonable technical assistance,” and immediately announced their decision to fight the order, citing the security risks that the creation of a backdoor would pose towards their customers. Writing an open letter to Apple users the world over on its website, Apple’s CEO Tim Cook stated,
“We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. Opposing this order is not something we take lightly. We feel we must speak up in the face of what we see as an overreach by the U.S. government. We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country. We believe it would be in the best interest of everyone to step back and consider the implications.”
The Department of Justice responded immediately, with a new application filed on February 19, 2016, asking the court to force Apple to acquiesce to the FBI’s demands.
“The court should issue an order compelling Apple to comply with the order requiring assistance with the FBI’s search of the Subject Device pursuant to the All Writs Act.
– The FBI
The application also stated that Apple could install the malware at its premises in Cupertino, and once the FBI had used it to hack into the terrorist’s phone, the company could then remove and destroy said malware.
Bill Gates, software engineer extraordinaire and founder of Microsoft, said that there needs to be a discussion about when the government should be able to gather information. He argued that if we hadn’t had wiretapping, a lot of criminal cases would still be mysteries. While this is true in theory, there are a number of points that make this a contentious issue.
– Barrack Obama, President of the United States
The FBI promised that it had examined every possible solution to break into the phone, before moving court: FBI Director James B. Comey said at a Congressional hearing that “We wouldn’t be litigating it if we could (get in ourselves). We’ve engaged all parts of the US government to see ‘Does anyone have a way, short of asking Apple to do it, with a 5c running iOS 9 to do this?’ and we do not.”
By itself, this statement seems alright. However, Representative Darrell Issa, Republican Representative for California, quizzed Comey on the specifics, such as whether the FBI used brute force – by removing the data from the phone, making copies of the storage, putting it in with the encryption chip and then attempting different passcodes, flashing the memory before the 10 attempts are up. And once this began, it was easy for everyone present to see that Comey’s confusion meant that he had no idea whether the FBI had indeed tried these things.
Comey replied to the effect that the people at the FBI must have thought of this, and if they haven’t, since they must (he assumes) be watching the event, they will work on it.
“…an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone,” the FBI said in a motion to the court to drop the hearing, on March 22, 2015.
Rumors are rife that an Israeli technology firm, Cellebrite, is the third party behind FBI’s surprising decision. Cellebrite has stated that it works with the FBI, but refused to divulge any more information. Its website, however, states that it has certain tools can extract and decode data from the iPhone 5C – the model in question – among other locked handsets. Apple has refused to help the FBI do this.
From Cellebrite’s website: “File system extractions, decoding and analysis can be performed on locked iOS devices with a simple or complex passcode. Simple passcodes will be recovered during the physical extraction process and enable access to emails and keychain passwords. If a complex password is set on the device, physical extraction can be performed without access to emails and keychain.”
It was reasonably clear, then, that Cellebrite was the chosen one, the company tasked with the job of breaking into Farook’s iPhone.
– John McAfee, Cyber Security Expert and Founder of McAfee Antivirus
FBI’s 180-degree turn begs the question: What did they really want that backdoor for? Comey stated, when the case began, that “Essentially we are asking Apple, ‘Take the vicious dog away. Let us pick the lock.’” But was it as simple as that? Comey’s complete ignorance in the face of Issa’s technical questions, and an indefatigable desire to get at Apple’s data seems uncomfortably reminiscent of the infamous ‘Clipper Chip’ proposition that the NSA devised in 1994, where it was proposed that a chip would record all voice conversations of the citizens of the USA and the data would be placed in escrow, to be accessed by the NSA in special circumstances. The Clipper Chip failed; this doesn’t seem any better.
On March 21st, one day before Apple was supposed to attend a hearing for the ongoing case, the Cupertino-based tech giant held a keynote event at its Infinite Loop conference hall, where new editions of iOS, the iPad and the iPhone were announced.
However, as it turned out, Apple never did attend the hearing. The FBI dropped the case, deciding that it could find help elsewhere in breaking into the now world-famous iPhone.
Can Apple find out exactly how the FBI broke in? Probably not. There is a US Government policy – The US Vulnerabilities Equities Process – that mandates the disclosure of security flaws in technology, if discovered by federal agencies. However, there are no specific rules as to the situations in which the law is applied, and the verdict (if any) is likely to come from a White House group for computer security flaws unearthed by federal agencies formed during the Obama administration.
While tech leaders push the boundaries of security, continuously striving to protect user data, the FBI and other watchdogs have their own agenda – national security, and sometimes intentions that aren’t quite as straightforward as that. And all the while, hackers, terrorists, nebulous organizations that deal in sensitive data, and a plethora of other cyber criminals lurk nearby, just out of reach, waiting for some way to get in.
“First of all, Apple ought to give the security for that phone. What I think you ought to do is boycott Apple until such time as they give that security number.”
– Donald Trump, Billionaire and Republican Presidential Candidate
Juniper Networks, a Sunnyvale, California-based tech firm that provides networking infrastructure to corporate and government institutions the world over, knows firsthand just how badly backdoors can backfire. On December 17th, 2015, the tech giant announced that it had unauthorized code in an operating system that was operating a few of its firewalls.
“At this time, we have not received any reports of these vulnerabilities being exploited; however, we strongly recommend that customers update their systems and apply the patched releases with the highest priority,” Juniper said. NSA instructed the company to add a backdoor to its equipment, and put several private and public entities at risk, in the process. If such a calamity were to befall the likes of Apple, the results would be disastrous, given the fact that Apple’s products are used by hundreds of thousands more than Juniper’s are.
This isn’t a simple, open-and-shut case, though. This is a multi-pronged battle whose ramifications extend far beyond technology and into global politics, terror, finance and healthcare, among several others. Who will win this war, or if it will ever be won, remains to be seen.
Update: The National Journal states that the FBI is briefing a few officials in the upper echelon of the government. According to the article, Senator Diane Feinstein, senior United States Senator and a leading Democrat in the Intelligence Committee, has met with the FBI, and the latter has explained to Feinstein just how it broke into Farook’s iPhone. The article goes on to say that the Chairman of the Senate Intelligence Committee, Richard Burr, has” been offered a briefing”, but hasn’t taken it yet.