FBI, DEA Taking Two Different Approaches To Pending All Writs Orders Directed At Apple

from the shame-that-'one-size-fits-all-writs'-thing-didn't-work-out... dept

Some of the other iPhones the FBI tried to pretend weren't going to be the beneficiaries of a precedential All Writs order are apparently not even the beneficiaries of the agency's Break Into an iPhone Using This One Simple Trick! anticlimax in the San Bernardino case.

Director James Comey noted there were still more windmills to tilt at after discovering the still-secret exploit only works on a smallish subset of Apple's offerings. In two other cases, the agency has explored its available options. In one case in Massachusetts, it appears to be on the verge of abandoning its quest to force Apple to break into a phone for it, as Motherboard reports.

The Massachusetts case is unique because it's the first of its kind involving a newer model iPhone—an iPhone 6 Plus running iOS 9.1—that likely can not be unlocked using the mysterious method the government wound up using on the older iPhone 5c of Syed Farook, one of the San Bernardino shooters. In addition to security features that automatically wipe the device after 10 passcode attempts, newer models including the iPhone 6 and up have a hardware-backed security feature called Secure Enclave, which makes breaking into the devices significantly harder.

Thus, the case appears to have entered legal limbo, both because the government has failed to respond to Apple’s refusal and because Apple has no way of accessing the phone’s data anyway.
The order set forth by the magistrate judge is unique in the fact that it compels Apple to turn over whatever data it recovers from the phone but does not demand the data be encrypted. Nor has Apple been ordered to assist in the decryption process. All of that ultimately doesn't matter if Apple can't access the data in the first place, hence the stalemate and apparent abandonment.

Meanwhile, slightly to the West, another legal battle over compelled decryption/access continues to be waged. The antagonist in this one is the DEA, however, which is seeking access to an older iPhone. The DOJ has already been served one rejection by magistrate judge James Orenstein. It has appealed that rejection, bumping it up a level in the district court. Now, it's filed a letter stating its intent to leave its All Writs application unaltered as the method the FBI used in the San Bernardino case won't work with this phone either.
The drug dealer had an iPhone 5C running iOS 7 software, while the San Bernardino shooter was using an iPhone 5C running iOS 9, a later version of Apple's operating system.

"The government continues to require Apple's assistance in accessing the data that it is authorized to search by warrant," wrote Capers.
Whatever the exploit is that works with this narrow band of phones, Apple has yet to learn the details. The FBI has shared it with the Senate Intelligence Committee, which means privacy champions like Dianne Feinstein possibly have more info on this security flaw than Apple does. Apple, however, has stated it will not seek to legally compel the FBI to turn over details on the exploit -- which is incredibly gentlemanly considering the FBI has done little else lately but seek to compel Apple to perform all sorts of work for it.

Security researcher Jonathan Zdziarski -- in an open letter to FBI director James Comey -- argues that the FBI should turn over the details to Apple anyway for the safety of its customers.
What has been made painfully apparent to me for nearly the past decade in this field is that keeping an exploit secret is not possible, no matter how good an agency or corporation may be at keeping secrets – because an exploit is merely a dotted line on a blueprint. Mere knowledge of the general parameters of a vulnerability – even just the details of the device’s condition in this case – has been enough for security researchers to know exactly what security boundaries to start looking at, and they can do so now with the confidence that there is a known, exploitable vulnerability. One does not need to steal any exploit code in order to take advantage of a vulnerability; they only need to find the vulnerability; the way in already exists until it is closed.

[...]

Given that it’s only a matter of time before a criminal finds the blueprint to this vulnerability, I urge you to consider briefing Apple of the tool and techniques used to access Syed Farook’s device. While the part of the tool that brute forces a PIN does not seem to work on newer devices, the locks that it picks in order to get past the front door most certainly can be vulnerabilities that carry over into newer devices. Depending on the nature of these components of the solution, criminals or nation states could take advantage of them to install malware, spyware, ransomware, or to infect a target by other means. Individual components of this tool may be very dangerous to millions of Americans, even if the solution as a whole is not viable.
Not that the FBI will be swayed by the words of highly-respected iPhone forensics expert. It tuned out security researchers during its quest for alternate unlocking methods and it likely could care less who else gets in as long as law enforcement agencies get in first.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: doj, encryption, fbi, james comey
Companies: apple


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 11 Apr 2016 @ 7:01am

    Feng E.D.N.Y. iPhone is a 5s

    The drug dealer had an iPhone 5C
    This appears to be inaccurate.

    See Document 144-1: Exhibit A: Application (p.54 in PDF), attached the Goverment's March 7, 2016 Memorandum of Law In Suport Of Application:
    The iOS device is an iPhone 5s labeled DEA Exhibit N-67, with IMEI number 013888005800316, IMSI number 310260572923753, and telephone number (908) 463-3333.
    Not only does this application clearly state that the target iPhone in the Feng case is a 5s, but that model is consistent with the model indicated by the IMEI.

    IMEI lookup:
    IPHONE 5S (A1533)

    reply to this | link to this | view in chronology ]

  • identicon
    AJ, 11 Apr 2016 @ 7:11am

    "It tuned out security researchers during its quest for alternate unlocking methods and it likely could care less who else gets in as long as law enforcement agencies get in first. "

    This is why Apple must stand it's ground. The government only has it's own self interest in mind, not the will of the people. We've lost control of the Government, maybe we can maintain control of our own stuff.. at least for now....

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 11 Apr 2016 @ 8:57pm

      Re:

      Sad, isn't it? A private corporation, legally beholden to it's shareholders first and foremost, see's it's self-interest more in line with our rights and freedoms than the appointed professionals who took a sworn oath to defend and preserve said rights and freedoms.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Apr 2016 @ 9:20am

    Zdziarski's site still broken - yay buggy CloudFlare

    I appreciate Techdirt inlining at least part of his post, since it's otherwise inaccessible.

    HTTPS fails with ssl_error_internal_error_alert.
    HTTP fails with a bogus Javascript error page.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Apr 2016 @ 10:19am

    Note to FBI: 'Serving the People' Isn't a Cookbook.

    Just sayin'.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Apr 2016 @ 10:45am

    I notice that their getting something even better, NO judicial opposition towards their action of HACKING into their employers devices....i.e US

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.