The Federal Bureau of Investigation announced that it has managed to retrieve data from the iPhone of the San Bernardino, Calif. gunman without help of Apple.
The current row between iPhone and the FBI may be over, but are we seeing the beginning of a more heated battle against government investigation agencies and tech companies in general?
Now that authorities have managed to retrieve data from a locked iPhone, should you be worried about the security of your personal data in your mobile device?
Apple had been resisting for week a court order issued in February directing the company to write a new software program to would allow investigators to access the iPhone belonging to slain gunman Syed Rizwan Farook. Farook together with his wife shot dead 14 people in a San Bernardino office party in December. The couple were later killed in a gun battle with police.
The FBI contends that it needed to access the data in Farook’s phone in order to determine if there were other people working with the couple and if they were targeting others. Farook’s wife, Tashfeen Malik, had pledged allegiance to ISIS on social media at the day of the attack.
Top officials of several high-profile tech companies have supported Apple CIO Tim Cook’s position that developing a software to unlock Farook’s would put the security of other iPhones in danger.
Third party help
On Monday, Eileen Decker, federal prosecutor of California, said the FBI had received assistance from a “third party.”
“It remains a priority for the government that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails,” she said in a statement.
While Decker did not identify the third party, the Israeli news site Ynetnews.com, identified the firm as a Cellebrite. Ynetnews said the FBI has been using the services of the Israeli-based company Cellebrie to break the protection on Farook’s iPhone. The new site contacted Cellberite, but the company did not respond.
“Cellberite, considered one of the leading companies in the world in the field of digital forensics, has been working with the world’s biggest intelligence, defence and law enforcement authorities for many years,” Ynetnews said. “The company provides the FBI with decryption technology as part of a contract signed with the bureau in 2013.”
Apple to increase security
In response to this recent development, Apple issued a statement saying: “From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought.”
Apple said it will “continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated”.
Can authorities now easily unlock any iPhone?
Not necessarily, according to the BBC.
The FBI was originally seeking a new software version from Apple to prevent Farook’s iPhone from deleting its data if too many wrong passcodes were used to access the phone.
This week authorities said they had access some data stored in Farook’s phone, but they did not mention what method was used to accomplish this.
The BBC report mentions how data might be taken from an iPhone using acid and lasers.
Apple has recently updated its iOS software. This would mean new security fixes have been made. If a recent flaw has been detected, that bug may have been fixed.
Where does this leave the public?
While the particular row between the FBI and Apple appears to have dissipated, we now enter a sort of vague situation that raises more questions than answers.
Now that U.S. investigation authorities have the ability to weaken the security of an Apple device, will it be inclined to use it in other cases as well?
In order to protect its reputation, Apple will now have to rush to plug the security hole created by the FBI-sponsored exploit on its product.
When this happens and authorities need to gather evidence from a mobile device, there is nothing stopping them from approaching a third-party again.
If so, then we’re back to square one, or an escalating game of one-upmanship.
It’s highly unlikely that this will be the last time federal authorities will use a third-party to unlock a device. There is at least a dozen of cases where the Department of Justice is seeking court permission to unlock iPhones to aid in investigation.
Some Canadians will say this is happening in the U.S. and not Canada. However, this is an issue that is certainly being closely watched by Canadian law enforcement agencies.
Throughout all this, the losers may, in fact, be consumers.
Ironically, in pursuing the public interest, the FBI may have contributed to the weakening of the security mechanisms of a mobile device which stores people’s private, personal information.